function search()
{
global $logged;
if (!isset($_POST['submit'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "search_find.tpl";
$Temp->tp(__LINE__, __FILE__);
return $Temp->html;
} else {
$t = $_POST['s'] == 2 ? 1 : 2;
$type = $_POST['s'] == 2 ? '`topics`' : '`replies`';
$type_ = $_POST['s'] == 2 ? '`title`' : '`post`';
$query = htmlspecialchars($_POST['query']);
$sql = mysql_query("SELECT * FROM " . $type . " WHERE " . $type_ . " LIKE '%" . $query . "%'");
if (empty($query) || $query == "") {
pageerror("Search Error", "Something was blank.", "Looks like you left the search field blank, please go back and try again.");
}
if (mysql_num_rows($sql) <= 0) {
pageerror("Search Error", "Not found", "Looks like there wasn't post or topic in the database that matched your query.");
}
$content = "";
while ($row = mysql_fetch_array($sql)) {
switch ($t) {
case 1:
if (getFP($row['fid'], 1)) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "search_msg.tpl";
$Temp->tp(__LINE__, __FILE__);
$Temp->tr(array('TID' => $row['id'], 'TNAME' => $row['title'], 'UID' => getid($row['username']), 'DATE' => !empty($row['date']) ? date("m-d-y", $row['date']) : 'unknown', 'MESSAGE' => nl2br(bbcode_format(getFirstPost($row['id']))), 'POSTER' => $row['username']));
$content .= $Temp->html;
}
break;
case 2:
if (getFP(topic_parent_($row['id']), 1)) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "search_msg.tpl";
$Temp->tp(__LINE__, __FILE__);
$Temp->tr(array('TID' => $row['tid'], 'TNAME' => topicName($row['title']), 'UID' => getid($row['username']), 'DATE' => !empty($row['date']) ? date("m-d-y", $row['date']) : 'unknown', 'MESSAGE' => nl2br(bbcode_format($row['post'])), 'POSTER' => $row['username']));
$content .= $Temp->html;
}
break;
}
}
if (empty($content) || $content == "") {
pageerror("Search Error", "Not found", "Looks like there wasn't post or topic in the database that matched your query.");
}
return $content;
}
}
function RUN_Newreply()
{
global $logged, $permissions;
if (is_numeric($_GET['id']) and !empty($_GET['id'])) {
$id = intval(htmlspecialchars($_GET['id']));
} else {
pageerror("Topic Error", "", "Sorry, but there wasn't a topic id present.");
}
//New reply to topic
$date = time();
$user = $logged['username'];
$post = htmlspecialchars($_POST['post']);
if (!getFP(topic_parent_($id), 2)) {
pageerror("Permission Error", "", "Sorry, but you don't have permissions to reply to this topic.");
}
if (check_forum_lock(topic_parent_($id)) and $permissions['admin'] != 't') {
pageerror("Forum Locked", "", "Sorry, you can't post a topic in here because this forum is locked");
} else {
if (!isset($_POST['newreply'])) {
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "newreply.tpl";
$Temp->tp();
$Temp->tr(array('POST' => '', 'NAME' => 'New Reply'));
echo $Temp->html;
} else {
if (!$logged['username']) {
die(pageerror("Reply Error", "There was an error replying to topic!", "You don't have permissions to reply to these topics!"));
}
if (empty($post)) {
die(pageerror("Reply Error", "There was an error replying to topic!", "You left the post empty please go back and insert information!"));
}
update_post_count();
finished("Reply Added!", "New Reply was Created!", "Thank you now your reply was sucessfully created!", "index.php?act=topicshow&id=" . $id);
mysql_query("INSERT INTO `replies` (`tid`,`post`,`username`,`date`) VALUES('" . $id . "','" . $post . "','" . $user . "','" . $date . "') ") or die(pageerror("Reply Error", "There was a problem adding reply", "Something went wrong adding new reply"));
mysql_query("UPDATE `topics` SET `timestamp` = '" . time() . "' WHERE `id` = '" . $id . "'") or die(pageerror("Reply Error", "There was a problem adding reply", "Something went wrong trying to update the topics timestamp."));
}
}
}
function RUN_Topic()
{
global $logged, $permissions;
if (is_numeric($_GET['id']) and !empty($_GET['id'])) {
$id = intval(htmlspecialchars($_GET['id']));
} else {
pageerror("Topic Error", "", "Sorry, but there wasn't a topic id present.");
}
if (!getFP(topic_parent_($id), 1)) {
pageerror("Permission Error", "", "Sorry, but you don't have permissions viewing this topic.");
}
//do some post stuff
//total replies pagination limit
$ppt = mysql_query("SELECT `postpertopic` FROM `boardstatus` LIMIT 1");
$p_p_t = mysql_fetch_array($ppt);
$total_limit = $p_p_t['postpertopic'];
topic_pagination($id, $total_limit);
$main = mysql_query("SELECT * FROM `topics` WHERE `id` = '" . $id . "' ");
$tmain = mysql_fetch_array($main);
$umain = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $tmain['username'] . "'");
$fuser = mysql_fetch_array($umain);
$isSticked = $tmain['sticky'] == 1 ? "<a href='mode.php?type=sticktopic&tid=" . $id . "'>Sticky</a>" : "<a href='mode.php?type=unsticktopic&tid=" . $id . "'>Un-Sticky</a>";
$isLocked = $tmain['closed'] == 1 ? "<a href='mode.php?type=closetopic&tid=" . $id . "'>Lock</a>" : "<a href='mode.php?type=opentopic&tid=" . $id . "'>Un-Lock</a>";
//check if user has permissions
if ($permissions['admin'] == 't' || $permissions['e_topic'] == 't') {
$modet = "<a href='mode.php?type=edit&post=topic&id=" . $id . "'>Edit</a> | <a href='mode.php?type=move&post=topic&id=" . $id . "'>Move Topic</a> | " . $isSticked . " | " . $isLocked;
} elseif ($logged['username'] == $tmain['username'] && $permissions['e_topic'] == 't') {
$modet = "<a href='mode.php?type=edit&post=topic&id=" . $id . "'>Edit</a>";
} else {
$modet = "";
}
echo "<br />" . run_buttons($id);
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "topic_title.tpl";
$Temp->tp();
$Temp->tr(array('TITLE' => $tmain['title']));
echo $Temp->html;
//if($_GET['p'] == 1 || !isset($_GET['p']) )
// {
echo '
<tr>
<td colspan="2" class="small_title"><span style="float:left;"><b>Posted On:</b> ' . timezone_stamp($tmain['timestamp'], $logged['timezone']) . '</span><span style="float:right" class="small_title_link">' . $modet . '</span></td>
</tr>
';
//}
if (!isset($_GET['p']) || empty($_GET['p']) || $_GET['p'] == 0) {
$page = 1;
} else {
if (!is_numeric($_GET['p'])) {
pageerror("Page Error", "", "Didn't specify a correct page id.");
} else {
$page = intval(mysql_real_escape_string($_GET['p']));
}
}
$limit_start = $page * $total_limit - $total_limit;
//get replies
$replies = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $id . "' ORDER BY `id` LIMIT {$limit_start},{$total_limit}") or die(mysql_error(__FILE__, __LINE__));
$has_replys = mysql_num_rows($replies);
if ($has_replys != 0) {
//check to see if there are any replies :D
while ($replys = mysql_fetch_array($replies)) {
//check if user has permissions
if ($permissions['admin'] == 't' || $permissions['d_post'] == 't') {
$modep = "<a href='mode.php?type=edit&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Edit</a> | <a href='mode.php?type=delete&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Delete</a>";
} elseif ($logged['username'] == $replys['username']) {
$modep = "<a href='mode.php?type=edit&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Edit</a>";
} else {
$modep = "";
}
$usez = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $replys['username'] . "'");
$useri = mysql_fetch_array($usez);
//show replies
$Temp = new Template();
$Temp->dir = $logged['dskin'];
$Temp->file = "topic_post.tpl";
$Temp->tp();
$Temp->tr(array('OPTIONS' => $modep, 'POSTER' => $replys['username'], 'AVY' => !empty($useri['avatar']) ? '<img width="100" height="100" src="' . $useri['avatar'] . '" alt="" /><br />' : '', 'DATE' => timezone_stamp($replys['date'], $logged['timezone']), 'GROUP' => group($useri['level']), 'UID' => $useri['id'], 'UPOST' => $useri['post'], 'POST' => nl2br(bbcode_format($replys['post'])) . "<br />__________________<br />" . ($useri['signature'] == '' ? ' ' : nl2br(bbcode_format($useri['signature'])))));
echo $Temp->html;
}
} else {
echo "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td width='100%' class='rows' align='center'><em>There isn't any posts in this topic</em></td>\n\t\t\t\t\t</tr>\n\t\t\t\t";
}
echo ' </table> ' . run_buttons($id) . '<br />';
topic_pagination($id, $total_limit);
add_views($id);
}