Exemplo n.º 1
0
function search()
{
    global $logged;
    if (!isset($_POST['submit'])) {
        $Temp = new Template();
        $Temp->dir = $logged['dskin'];
        $Temp->file = "search_find.tpl";
        $Temp->tp(__LINE__, __FILE__);
        return $Temp->html;
    } else {
        $t = $_POST['s'] == 2 ? 1 : 2;
        $type = $_POST['s'] == 2 ? '`topics`' : '`replies`';
        $type_ = $_POST['s'] == 2 ? '`title`' : '`post`';
        $query = htmlspecialchars($_POST['query']);
        $sql = mysql_query("SELECT * FROM " . $type . " WHERE " . $type_ . " LIKE '%" . $query . "%'");
        if (empty($query) || $query == "") {
            pageerror("Search Error", "Something was blank.", "Looks like you left the search field blank, please go back and try again.");
        }
        if (mysql_num_rows($sql) <= 0) {
            pageerror("Search Error", "Not found", "Looks like there wasn't post or topic in the database that matched your query.");
        }
        $content = "";
        while ($row = mysql_fetch_array($sql)) {
            switch ($t) {
                case 1:
                    if (getFP($row['fid'], 1)) {
                        $Temp = new Template();
                        $Temp->dir = $logged['dskin'];
                        $Temp->file = "search_msg.tpl";
                        $Temp->tp(__LINE__, __FILE__);
                        $Temp->tr(array('TID' => $row['id'], 'TNAME' => $row['title'], 'UID' => getid($row['username']), 'DATE' => !empty($row['date']) ? date("m-d-y", $row['date']) : 'unknown', 'MESSAGE' => nl2br(bbcode_format(getFirstPost($row['id']))), 'POSTER' => $row['username']));
                        $content .= $Temp->html;
                    }
                    break;
                case 2:
                    if (getFP(topic_parent_($row['id']), 1)) {
                        $Temp = new Template();
                        $Temp->dir = $logged['dskin'];
                        $Temp->file = "search_msg.tpl";
                        $Temp->tp(__LINE__, __FILE__);
                        $Temp->tr(array('TID' => $row['tid'], 'TNAME' => topicName($row['title']), 'UID' => getid($row['username']), 'DATE' => !empty($row['date']) ? date("m-d-y", $row['date']) : 'unknown', 'MESSAGE' => nl2br(bbcode_format($row['post'])), 'POSTER' => $row['username']));
                        $content .= $Temp->html;
                    }
                    break;
            }
        }
        if (empty($content) || $content == "") {
            pageerror("Search Error", "Not found", "Looks like there wasn't post or topic in the database that matched your query.");
        }
        return $content;
    }
}
Exemplo n.º 2
0
Arquivo: post.php Projeto: exts/nab145
function RUN_Newreply()
{
    global $logged, $permissions;
    if (is_numeric($_GET['id']) and !empty($_GET['id'])) {
        $id = intval(htmlspecialchars($_GET['id']));
    } else {
        pageerror("Topic Error", "", "Sorry, but there wasn't a topic id present.");
    }
    //New reply to topic
    $date = time();
    $user = $logged['username'];
    $post = htmlspecialchars($_POST['post']);
    if (!getFP(topic_parent_($id), 2)) {
        pageerror("Permission Error", "", "Sorry, but you don't have permissions to reply to this topic.");
    }
    if (check_forum_lock(topic_parent_($id)) and $permissions['admin'] != 't') {
        pageerror("Forum Locked", "", "Sorry, you can't post a topic in here because this forum is locked");
    } else {
        if (!isset($_POST['newreply'])) {
            $Temp = new Template();
            $Temp->dir = $logged['dskin'];
            $Temp->file = "newreply.tpl";
            $Temp->tp();
            $Temp->tr(array('POST' => '', 'NAME' => 'New Reply'));
            echo $Temp->html;
        } else {
            if (!$logged['username']) {
                die(pageerror("Reply Error", "There was an error replying to topic!", "You don't have permissions to reply to these topics!"));
            }
            if (empty($post)) {
                die(pageerror("Reply Error", "There was an error replying to topic!", "You left the post empty please go back and insert information!"));
            }
            update_post_count();
            finished("Reply Added!", "New Reply was Created!", "Thank you now your reply was sucessfully created!", "index.php?act=topicshow&id=" . $id);
            mysql_query("INSERT INTO `replies` (`tid`,`post`,`username`,`date`) VALUES('" . $id . "','" . $post . "','" . $user . "','" . $date . "') ") or die(pageerror("Reply Error", "There was a problem adding reply", "Something went wrong adding new reply"));
            mysql_query("UPDATE `topics` SET `timestamp` = '" . time() . "' WHERE `id` = '" . $id . "'") or die(pageerror("Reply Error", "There was a problem adding reply", "Something went wrong trying to update the topics timestamp."));
        }
    }
}
Exemplo n.º 3
0
function RUN_Topic()
{
    global $logged, $permissions;
    if (is_numeric($_GET['id']) and !empty($_GET['id'])) {
        $id = intval(htmlspecialchars($_GET['id']));
    } else {
        pageerror("Topic Error", "", "Sorry, but there wasn't a topic id present.");
    }
    if (!getFP(topic_parent_($id), 1)) {
        pageerror("Permission Error", "", "Sorry, but you don't have permissions viewing this topic.");
    }
    //do some post stuff
    //total replies pagination limit
    $ppt = mysql_query("SELECT `postpertopic` FROM `boardstatus` LIMIT 1");
    $p_p_t = mysql_fetch_array($ppt);
    $total_limit = $p_p_t['postpertopic'];
    topic_pagination($id, $total_limit);
    $main = mysql_query("SELECT * FROM `topics` WHERE `id` = '" . $id . "' ");
    $tmain = mysql_fetch_array($main);
    $umain = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $tmain['username'] . "'");
    $fuser = mysql_fetch_array($umain);
    $isSticked = $tmain['sticky'] == 1 ? "<a href='mode.php?type=sticktopic&tid=" . $id . "'>Sticky</a>" : "<a href='mode.php?type=unsticktopic&tid=" . $id . "'>Un-Sticky</a>";
    $isLocked = $tmain['closed'] == 1 ? "<a href='mode.php?type=closetopic&tid=" . $id . "'>Lock</a>" : "<a href='mode.php?type=opentopic&tid=" . $id . "'>Un-Lock</a>";
    //check if user has permissions
    if ($permissions['admin'] == 't' || $permissions['e_topic'] == 't') {
        $modet = "<a href='mode.php?type=edit&post=topic&id=" . $id . "'>Edit</a> | <a href='mode.php?type=move&post=topic&id=" . $id . "'>Move Topic</a> | " . $isSticked . " | " . $isLocked;
    } elseif ($logged['username'] == $tmain['username'] && $permissions['e_topic'] == 't') {
        $modet = "<a href='mode.php?type=edit&post=topic&id=" . $id . "'>Edit</a>";
    } else {
        $modet = "";
    }
    echo "<br />" . run_buttons($id);
    $Temp = new Template();
    $Temp->dir = $logged['dskin'];
    $Temp->file = "topic_title.tpl";
    $Temp->tp();
    $Temp->tr(array('TITLE' => $tmain['title']));
    echo $Temp->html;
    //if($_GET['p'] == 1 || !isset($_GET['p']) )
    //	{
    echo '
						<tr>
							<td colspan="2" class="small_title"><span style="float:left;"><b>Posted On:</b> ' . timezone_stamp($tmain['timestamp'], $logged['timezone']) . '</span><span style="float:right" class="small_title_link">' . $modet . '</span></td>
						</tr>
				';
    //}
    if (!isset($_GET['p']) || empty($_GET['p']) || $_GET['p'] == 0) {
        $page = 1;
    } else {
        if (!is_numeric($_GET['p'])) {
            pageerror("Page Error", "", "Didn't specify a correct page id.");
        } else {
            $page = intval(mysql_real_escape_string($_GET['p']));
        }
    }
    $limit_start = $page * $total_limit - $total_limit;
    //get replies
    $replies = mysql_query("SELECT * FROM `replies` WHERE `tid` = '" . $id . "' ORDER BY `id` LIMIT {$limit_start},{$total_limit}") or die(mysql_error(__FILE__, __LINE__));
    $has_replys = mysql_num_rows($replies);
    if ($has_replys != 0) {
        //check to see if there are any replies :D
        while ($replys = mysql_fetch_array($replies)) {
            //check if user has permissions
            if ($permissions['admin'] == 't' || $permissions['d_post'] == 't') {
                $modep = "<a href='mode.php?type=edit&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Edit</a> | <a href='mode.php?type=delete&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Delete</a>";
            } elseif ($logged['username'] == $replys['username']) {
                $modep = "<a href='mode.php?type=edit&post=reply&id=" . $replys['id'] . "&tid=" . $id . "'>Edit</a>";
            } else {
                $modep = "";
            }
            $usez = mysql_query("SELECT * FROM `users` WHERE `username` = '" . $replys['username'] . "'");
            $useri = mysql_fetch_array($usez);
            //show replies
            $Temp = new Template();
            $Temp->dir = $logged['dskin'];
            $Temp->file = "topic_post.tpl";
            $Temp->tp();
            $Temp->tr(array('OPTIONS' => $modep, 'POSTER' => $replys['username'], 'AVY' => !empty($useri['avatar']) ? '<img width="100" height="100" src="' . $useri['avatar'] . '" alt="" /><br />' : '', 'DATE' => timezone_stamp($replys['date'], $logged['timezone']), 'GROUP' => group($useri['level']), 'UID' => $useri['id'], 'UPOST' => $useri['post'], 'POST' => nl2br(bbcode_format($replys['post'])) . "<br />__________________<br />" . ($useri['signature'] == '' ? '&nbsp;' : nl2br(bbcode_format($useri['signature'])))));
            echo $Temp->html;
        }
    } else {
        echo "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td width='100%' class='rows' align='center'><em>There isn't any posts in this topic</em></td>\n\t\t\t\t\t</tr>\n\t\t\t\t";
    }
    echo ' </table> ' . run_buttons($id) . '<br />';
    topic_pagination($id, $total_limit);
    add_views($id);
}