public static function sub_cat($sub) { global $db; MCached::connect(); $key = 'sub::categories::' . $sub; $name = MCached::get($key); if ($name === MCached::NO_RESULT) { $c_q = @$db->query("SELECT name FROM categories WHERE id = '" . $sub . "'"); $c_q = @$c_q->fetch_array(MYSQLI_BOTH); $name = security::html_safe(unesc($c_q["name"])); MCached::add($key, $name, self::ONE_DAY); } return $name; }
function format_shout($text) { global $Smileys, $BASEURL; $s = $text; $s = strip_tags($s); $s = security::html_safe(unesc($s)); $f = @fopen("badwords.txt", "r"); if ($f && filesize("badwords.txt") != 0) { $bw = fread($f, filesize("badwords.txt")); $badwords = explode("\n", $bw); for ($i = 0; $i < count($badwords); ++$i) { $badwords[$i] = trim($badwords[$i]); } $s = str_replace($badwords, "*censored*", $s); } @fclose($f); // [b]Bold[/b] $s = preg_replace("/\\[b\\]((\\s|.)+?)\\[\\/b\\]/", "<b>\\1</b>", $s); // [i]Italic[/i] $s = preg_replace("/\\[i\\]((\\s|.)+?)\\[\\/i\\]/", "<i>\\1</i>", $s); // [u]Underline[/u] $s = preg_replace("/\\[u\\]((\\s|.)+?)\\[\\/u\\]/", "<u>\\1</u>", $s); // [u]Underline[/u] $s = preg_replace("/\\[u\\]((\\s|.)+?)\\[\\/u\\]/i", "<u>\\1</u>", $s); // [color=blue]Text[/color] $s = preg_replace("/\\[color=([a-zA-Z]+)\\]((\\s|.)+?)\\[\\/color\\]/i", "<font color=\\1>\\2</font>", $s); // [color=#ffcc99]Text[/color] $s = preg_replace("/\\[color=(#[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9])\\]((\\s|.)+?)\\[\\/color\\]/i", "<font color=\\1>\\2</font>", $s); // [url=http://www.example.com]Text[/url] $s = preg_replace("/\\[url=((http|ftp|https|ftps|irc):\\/\\/[^<>\\s]+?)\\]((\\s|.)+?)\\[\\/url\\]/i", "<a href=\\1 target=_blank>\\3</a>", $s); // [url]http://www.example.com[/url] $s = preg_replace("/\\[url\\]((http|ftp|https|ftps|irc):\\/\\/[^<>\\s]+?)\\[\\/url\\]/i", "<a href=\\1 target=_blank>\\1</a>", $s); // [size=4]Text[/size] $s = preg_replace("/\\[size=([1-7])\\]((\\s|.)+?)\\[\\/size\\]/i", "<font size=\\1>\\2</font>", $s); // [font=Arial]Text[/font] $s = preg_replace("/\\[font=([a-zA-Z ,]+)\\]((\\s|.)+?)\\[\\/font\\]/i", "<font face=\"\\1\">\\2</font>", $s); // Linebreaks $s = nl2br($s); // Maintain spacing $s = str_replace(" ", " ", $s); reset($Smileys); while (list($code, $url) = each($Smileys)) { $s = str_replace($code, "<img border='0' src='" . $BASEURL . "/images/smilies/" . $url . "'>", $s); } return $s; }
public static function prepare_user(&$user, $curuser = false) { if ($curuser && empty($user)) { die; } if (isset($user['torrentsperpage'])) { $user['torrentsperpage'] = (int) $user['torrentsperpage']; } if (isset($user['uid'])) { $user['uid'] = (int) $user['uid']; } if (isset($user['username'])) { $user['username'] = security::html_safe($user['username']); } if (isset($user['language'])) { $user['language'] = (int) $user['language']; } if (isset($user['style'])) { $user['style'] = (int) $user['style']; } if (isset($user['flag'])) { $user['flag'] = (int) $user['flag']; } if (isset($user['topicsperpage'])) { $user['topicsperpage'] = (int) $user['topicsperpage']; } if (isset($user['postsperpage'])) { $user['postsperpage'] = (int) $user['postsperpage']; } if (isset($user['id_level'])) { $user['id_level'] = (int) $user['id_level']; } if (isset($user['WT'])) { $user['WT'] = (int) $user['WT']; } if (isset($user['random'])) { $user['random'] = (int) $user['random']; } if (isset($user['flags'])) { $user['flags'] = (int) $user['flags']; } }
function comment_form() { global $comment, $id, $cid; block_begin(NEW_COMMENT); $comment = str_replace('\\r\\n', "\n", $comment); ?> <center> <form enctype='multipart/form-data' name='comment' method='post'> <input type='hidden' name='info_hash' value='<?php echo $id; ?> ' /> <table class='lista' border='0' cellpadding='10'> <tr> <tr><td align='left' class='header'><?php echo USER_NAME; ?> :</td><td class='lista' align='left'><input name='user' type='text' value='<?php echo security::html_safe($_GET["usern"]); ?> ' size='20' maxlength='100' disabled; readonly></td></tr> <tr><td align='left' class='header'><?php echo COMMENT_1; ?> :</td><td class='lista' align='left'><?php textbbcode("comment", "comment", security::html_safe(unesc($comment))); ?> </td></tr> <tr><td class='header' colspan='2' align='center'><input type='submit' name='confirm' value='<?php echo FRM_CONFIRM; ?> ' /> <input type='submit' name='confirm' value='<?php echo FRM_PREVIEW; ?> ' /></td></tr> </table> </form> </center> <?php block_end(); }
function _torrenttable($res, $frame_caption, $speed = "false") { global $db; block_begin($frame_caption, 'center'); begin_table(); $num = 0; while ($a = $res->fetch_assoc()) { ++$num; if ($a["leechers"] > 0) { $r = (int) $a["seeds"] / (int) $a["leechers"]; $ratio = number_format($r, 2); } else { $ratio = INFINITE; } if (!isset($menu)) { $menu = ""; } if ($menu != "1") { echo "<tr>" . "<table width='100%' class='lista'>" . "<td class='header' align='center'>" . USER_LEVEL . "</td>" . "<td class='header'>" . FILE . "</td>"; if ($speed != "true") { echo "<td class='header' align='center'>" . FINISHED . "</td>" . "<td class='header' align='center'>" . SEEDERS . "</td>" . "<td class='header' align='center'>" . LEECHERS . "</td>" . "<td class='header' align='center'>" . PEERS . "</td>" . "<td class='header' align='center'>" . RATIO . "</td>"; } else { echo "<td class='header' align='right'>" . SPEED . "</td>"; } echo "</tr>"; $menu = 1; } print "<tr><td class='lista' align='center'>" . $num . "</td><td class='lista' align='left'>"; print "<a href='" . "details.php?id=" . $a['hash'] . "'>" . "<b>"; print security::html_safe($a["name"]) . "</b></a></td>"; if ($speed != "true") { print "<td class='lista' align='center' width='10%' ><a href='torrent_history.php?id=" . $a["hash"] . "'>" . number_format((int) $a["finished"]) . "</a></td><td class='lista' align='center' width='10%' ><a href='peers.php?id=" . $a["hash"] . "'>" . number_format((int) $a["seeds"]) . "</a></td><td class='lista' align='center' width='10%' > <a href='peers.php?id=" . $a["hash"] . "'>" . number_format((int) $a["leechers"]) . "</a></td><td class='lista' align='center' width='10%' > <a href='peers.php?id=" . $a["hash"] . "'>" . number_format((int) $a["leechers"] + (int) $a["seeds"]) . "</a></td><td class='lista' align='center' width='10%'>" . $ratio . "</td>\n"; } else { print "<td class='lista' align='center'>" . misc::makesize((int) $a["speed"]) . "/s" . "\n"; } } end_table(); block_end(); }
unset($_POST['pseudo']); unset($_POST['mess']); } } $msg2 = array_reverse($msg); echo "<div align='left' class='chat'><table width='95%' align='center'><tr><td>"; include INCL_PATH . 'offset.php'; for ($i = 0; $i < 10 && $i < count($msg2); ++$i) { $sql = "SELECT users.id AS uid, prefixcolor, suffixcolor FROM users INNER JOIN users_level ON users_level.id = users.id_level WHERE users.username = '******'pseudo']) . "'"; $res = $db->query($sql); $result = $res->fetch_assoc(); // user or level don't exit in db if (!$result) { echo '<b>' . '</b> [' . date("d/m/y H:i", $msg2[$i]['date'] - $offset) . ']' . ' <b>' . security::html_safe($msg2[$i]['pseudo']) . '</b>: ' . format_comment(security::html_safe($msg2[$i]['texte'])) . '<hr>'; } else { echo '<b>' . '</b> [' . date("d/m/y H:i", $msg2[$i]['date'] - $offset) . ']' . " <a style='text-decoration:none' href='userdetails.php?id=" . (int) $result["uid"] . "'>" . unesc($result['prefixcolor']) . security::html_safe($msg2[$i]['pseudo']) . unesc($result['suffixcolor']) . '</a>: ' . format_comment(security::html_safe($msg2[$i]['texte'])) . '<hr>'; unset($result); } $res->free(); } echo "</td></tr></table></div>"; file_save("chat.php", "<?php\n\$msg = " . var_export($msg, true) . "\n?>"); unset($_POST['pseudo']); unset($_POST['mess']); if (user::$current["uid"] > 1) { ?> <div class="miniform" align="center"> <form method="post" name="shout"> <input type="hidden" name="pseudo" value="<?php echo user::$current["username"]; ?>
print "\n<form name='jump1'><td class='lista'><select name='style' size='1' onChange='location=document.jump1.style.options[document.jump1.style.selectedIndex].value' style='font-size:10px'>"; foreach ($style as $a) { print "<option "; if ($a["id"] == user::$current["style"]) { print "selected='selected'"; } print " value='account_change.php?style=" . (int) $a["id"] . "&returnto=" . urlencode($_SERVER['REQUEST_URI']) . "'>" . security::html_safe($a["style"]) . "</option>"; } print "</select></td>"; print "\n<td class='lista'><select name='langue' size='1' onChange='location=document.jump1.langue.options[document.jump1.langue.selectedIndex].value' style='font-size:10px'>"; foreach ($langue as $a) { print "<option "; if ($a["id"] == user::$current["language"]) { print "selected='selected'"; } print " value='account_change.php?langue=" . (int) $a["id"] . "&returnto=" . urlencode($_SERVER['REQUEST_URI']) . "'>" . security::html_safe($a["language"]) . "</option>"; } print "</select></td></form>"; ?> </tr> </table> <?php } else { if (!isset($user)) { $user = ''; } ?> <form action='login.php' name='login' method='post'> <table class='lista' border='0' width='100%' cellpadding='2' cellspacing='0'> <tr> <td class='lista' align='left'>
?> <script language='javascript'> function SendIT(){ window.opener.document.forms['edit'].elements['receiver'].value = document.forms['result'].elements['name'].options[document.forms['result'].elements['name'].options.selectedIndex].value; window.close(); } </script> <div align='center'> <form name='result'><table class='lista'> <tr> <td class='lista'><?php print USER_NAME; ?> :</td> <?php print "\n<td class='lista'><select name='name' size='1'>"; while ($result = $res->fetch_array(MYSQLI_BOTH)) { print "\n<option name='uname' value='" . security::html_safe($result["username"]) . "'>" . security::html_safe($result["username"]) . "</option>"; } print "\n</select></td>"; print "\n<td class='lista'><input type='button' name='confirm' onclick='javascript:SendIT();' value='" . FRM_CONFIRM . "' /></td>"; ?> </tr> </table></form> </div> <?php } } print "\n<br />\n<div align='center'><a href='javascript: window.close()'>" . CLOSE . "</a></div>"; print "</body>\n</html>\n";
print "<td align='center' class='header'>" . PEER_COUNTRY . "</td>"; print "<td align='center' class='header'>Active</td>"; print "<td align='center' class='header'>" . PEER_CLIENT . "</td>\n"; print "<td align='center' class='header'>" . DOWNLOADED . "</td>\n"; print "<td align='center' class='header'>" . UPLOADED . "</td>\n"; print "<td align='center' class='header'>" . RATIO . "</td>\n"; print "<td align='center' class='header'>" . FINISHED . "</td></tr>\n"; while ($row = $res->fetch_array(MYSQLI_BOTH)) { print "<tr><td align='center' class='lista'>" . "<a href='userdetails.php?id=" . (int) $row["uid"] . "'>" . security::html_safe(unesc($row["username"])) . "</a></td>" . "<td align='center' class='lista'><a href='usercp.php?do=pm&action=edit&uid=" . user::$current['uid'] . "&what=new&to=" . urlencode(unesc($row["username"])) . "'>" . image_or_link($STYLEPATH . "/pm.png", "", "PM") . "</a></td>"; if ($row["flagpic"] != "") { print "<td align='center' class='lista'><img src='images/flag/" . $row["flagpic"] . "' alt='" . security::html_safe($row["country"]) . "' /></td>"; } else { print "<td align='center' class='lista'><img src='images/flag/unknown.gif' alt='" . UNKNOWN . "' /></td>"; } print "<td align='center' class='lista'>" . $row["active"] . "</td>"; print "<td align='center' class='lista'>" . security::html_safe($row["agent"]) . "</td>"; $dled = misc::makesize((int) $row["downloaded"]); $upld = misc::makesize((int) $row["uploaded"]); print "<td align='center' class='lista'>" . $dled . "</td>"; print "<td align='center' class='lista'>" . $upld . "</td>"; if (intval($row["downloaded"]) > 0) { $ratio = number_format((int) $row["uploaded"] / (int) $row["downloaded"], 2); } else { $ratio = "∞"; } print "<td align='center' class='lista'>" . $ratio . "</td>"; print "<td align='center' class='lista'>" . get_elapsed_time($row["date"]) . " ago</td></tr>"; } if ($res->num_rows == 0) { print "<tr><td align='center' colspan='9' class='lista'>No history to display</td></tr>"; }
print "\n<tr>\n<td class='lista' align='left'>" . security::html_safe($rtorrent["filename"]) . "</td>"; print "\n<td class='lista' align='left'>" . date("d/m/Y H:i", $rtorrent["lastupdate"] - $offset) . "</td>"; print "\n<td class='lista' align='right'>" . (int) $rtorrent["seeds"] . "</td>"; print "\n<td class='lista' align='right'>" . (int) $rtorrent["leechers"] . "</td>"; print "\n<td class='lista' align='center'><input type='checkbox' name='hash[]' value='" . security::html_safe($rtorrent["info_hash"]) . "' /></td></tr>"; $count++; } // external $res = $db->query("SELECT namemap.info_hash, filename, UNIX_TIMESTAMP(namemap.lastupdate) AS lastupdate, summary.seeds, " . " summary.leechers FROM namemap LEFT JOIN summary ON summary.info_hash = namemap.info_hash WHERE external = 'yes' AND UNIX_TIMESTAMP(namemap.lastupdate) < (UNIX_TIMESTAMP() - " . $timeout . ") ORDER BY lastupdate"); if ($res->num_rows > 0) { while ($rtorrent = $res->fetch_array(MYSQLI_BOTH)) { print "\n<tr>\n<td class='lista' align='left'>" . security::html_safe($rtorrent["filename"]) . "</td>"; print "\n<td class='lista' align='left'>" . date("d/m/Y H:i", $rtorrent["lastupdate"] - $offset) . "</td>"; print "\n<td class='lista' align='right'>" . (int) $rtorrent["seeds"] . "</td>"; print "\n<td class='lista' align='right'>" . (int) $rtorrent["leechers"] . "</td>"; print "\n<td class='lista' align='center'><input type='checkbox' name='hash[]' value='" . security::html_safe($rtorrent["info_hash"]) . "' /></td></tr>"; $count++; } } print "\n<tr>\n<td class='lista' align='right' colspan='5'><input type='submit' name='action' value='GO' /></td></tr>"; print "\n</table>\n</form>"; } else { print "<p align=center>No torrents to prune...<p>"; } block_end(); print "<br />\n"; } else { block_begin("Prune torrents"); print "\n<form action='admincp.php?user="******"uid"] . "&code=" . user::$current["random"] . "&do=prunet&action=view' name='prune' method='post'>"; print "<p align='center'>Imput the number of days which the torrents are to be considered as 'dead' <input type='text' name='days' value='" . $days . "' size='10' maxlength='3' />"; print "\n<input type='submit' name='action' value='View' /></td></tr>";
$ad_display .= "<td align='center' class='header'>{$fname->name}</td>"; $field[$i] = $fname->name; $i++; } $ad_display .= "</tr>"; while ($fname = $dbres->fetch_array(MYSQLI_BOTH)) { $ad_display .= "\n <tr>"; for ($i = 0; $i < count($field); $i++) { $ad_display .= "<td class='lista'>" . $fname[$field[$i]] . "</td>"; } $ad_display .= "\n </tr>"; } $ad_display .= "\n </table>\n </td>\n </tr>\n </table>\n </form>"; } else { // display num rows affected... $ad_display .= "\n <table class='lista' cellspacing='1' cellpadding='0' align='center' border='0' width='98%'>\n <tr>\n <td class='lista'>" . security::html_safe(unesc($_POST["runquery"])) . "<tr>\n <td class='header'>" . $db->info . "\n </td>\n </tr>\n </table>\n "; } } } else { header("Location: admincp.php?user="******"uid"] . "&code=" . user::$current["random"] . "&do=dbutil&action=qry"); } break; case 'qry': // display tables $ad_display .= "\n <form name='dbutil' action='admincp.php?user="******"uid"] . "&code=" . user::$current["random"] . "&do=dbutil&action=runqry' method='post'>\n <table class='lista' cellspacing='1' cellpadding='0' align='center' border='0' width='100%'>\n <tr>\n <td class='lista' align='center'>\n Input a query and press confirm to run it on current datase.\n <textarea name='runquery' rows='8' cols='75'></textarea>\n </td>\n </tr>\n <tr>\n <td align='center' class='header'>\n <input type='submit' name='confirm' value='" . FRM_CONFIRM . "' /> \n <input type='submit' name='confirm' value='" . FRM_CANCEL . "' /></td>\n </tr>\n </table>\n </form>"; break; case 'tables': if (isset($_POST["doit"]) && isset($_POST["tname"])) { $table_action = $_POST["doit"]; $tables = implode(",", $_POST["tname"]); switch ($table_action) {
print "<tr><td>" . TOPICS . "/" . POSTS . ":</td><td align='right'>" . $posts_avg . " %</td></tr>\n"; print "</table>\n</td></tr>\n"; if ($topics > 0) { if (isset($GLOBALS["block_forumlimit"])) { $limit = "LIMIT " . (int) $GLOBALS["block_forumlimit"]; } else { $limit = "LIMIT 5"; } $tres = $db->query("SELECT topics.id, topics.subject, topics.lastpost FROM topics INNER JOIN forums ON forums.id = topics.forumid WHERE forums.minclassread <= " . user::$current["id_level"] . " ORDER BY lastpost DESC " . $limit); while ($trow = $tres->fetch_array(MYSQLI_BOTH)) { $lpres = $db->query("SELECT p.added, p.userid, u.username, u.id_level, prefixcolor, suffixcolor FROM posts p, users u INNER JOIN users_level ON u.id_level = users_level.id WHERE p.userid = u.id AND p.topicid = " . (int) $trow['id'] . " ORDER BY p.added"); while ($lprow = $lpres->fetch_array(MYSQLI_BOTH)) { $last_post_userid = (int) $lprow['userid']; $last_poster = security::html_safe($lprow['username']); $last_post_time = get_date_time($lprow['added']); $pcolor = unesc($lprow["prefixcolor"]); $scolor = unesc($lprow["suffixcolor"]); } if ($trow['lastpost']) { print "<tr><td class='lista'><b><a href='forum.php?action=viewtopic&topicid=" . (int) $trow['id'] . "&page=last#" . (int) $trow['lastpost'] . "'>" . security::html_safe(unesc($trow['subject'])) . "</a></b><br />" . LAST_POST_BY . " <a href='userdetails.php?id=" . $last_post_userid . "'>" . $pcolor . $last_poster . $scolor . "</a><br />On " . $last_post_time . "</td></tr>\n"; } else { print "<tr><td class='lista'><b><a href='forum.php?action=viewtopic&topicid=" . (int) $trow['id'] . "&page=last'>" . security::html_safe(unesc($trow['subject'])) . "</a></b><br />" . LAST_POST_BY . " <a href='userdetails.php?id=" . $last_post_userid . "'>" . $pcolor . $last_poster . $scolor . "</a><br />On " . $last_post_time . "</td></tr>\n"; } } } else { print "<tr><td class='lista'>" . NO_TOPIC . "</td></tr>\n"; } print "</table>\n"; block_end(); } // end if user can view
print "<script language='javascript'>window.location.href='" . $link . "'</script>"; exit; } else { print "<script language='javascript'>window.location.href='" . $link . "'</script>"; exit; } } block_begin(DELETE_TORRENT); print "<table width='100%' class='lista' border='0' cellspacing='5' cellpadding='5'>\n"; print "<tr><td align='right' class='header'>" . FILE_NAME . ":</td><td class='lista'>" . security::html_safe($row["filename"]) . "</td></tr>"; print "<tr><td align='right' class='header'>" . INFO_HASH . ":</td><td class='lista'>" . security::html_safe($row["info_hash"]) . "</td></tr>"; if (!empty($row["comment"])) { print "<tr><td align='right' class='header'>" . DESCRIPTION . ":</td><td align='left' class='lista'>" . format_comment(unesc($row["comment"])) . "</td></tr>"; } if (isset($row["cat_name"])) { print "<tr><td align='right' class='header'>" . CATEGORY_FULL . ":</td><td class='lista'>" . security::html_safe($row["cat_name"]) . "</td></tr>"; } else { print "<tr><td align='right' class='header'>" . CATEGORY_FULL . ":</td><td class='lista'>(None)</td></tr>"; } print "<tr><td align='right' class='header'>" . SIZE . ":</td><td class='lista'>" . misc::makesize((int) $row["size"]) . "</td></tr>"; print "<tr><td align='right' class='header'>" . ADDED . ":</td><td class='lista'>" . date("d/m/Y H:m:s", $row["data"]) . "</td></tr>"; if ($row["speed"] < 0) { $speed = "N/A"; } else { if ($row["speed"] > 2097152) { $speed = round((int) $row["speed"] / 1048576, 2) . " MiB per sec"; } else { $speed = round((int) $row["speed"] / 1024, 2) . " KiB per sec"; } } print "<tr><td align='right' class='header'>" . SPEED . ":</td><td class='lista'>" . $speed . "</td></tr>";
<?php } } // forums if (user::$current["view_forum"] == "yes") { $getItems = "SELECT topics.id AS topicid, posts.id AS postid, forums.name, users.username, topics.subject, posts.added, posts.body FROM topics INNER JOIN posts ON posts.topicid = topics.id INNER JOIN forums ON topics.forumid = forums.id INNER JOIN users ON users.id = posts.userid ORDER BY added DESC LIMIT 100"; $doGet = $db->query($getItems); while ($item = $doGet->fetch_array(MYSQLI_BOTH)) { $topicid = (int) $item['topicid']; $postid = (int) $item['postid']; $forum = strip_tags($item['name']); $subject = strip_tags($item['subject']); $added = strip_tags(date("d/m/Y H:i:s", $item['added'])); $body = format_comment("[b]Author: " . security::html_safe($item['username']) . "[/b]\n\n" . security::html_safe($item['body']) . "\n"); // output to browser $link = security::html_safe($BASEURL . "/forum.php?action=viewtopic&topicid=" . $topicid . "&page=p" . $postid . "#" . $postid); ?> <item> <title><?php print safehtml("[" . FORUM . "] " . $forum . " - " . $subject); ?> </title> <description><?php print safehtml($body); ?> </description> <link><?php print $link; ?> </link>
} } elseif ($do == "banip" && $action == "read") { block_begin(ACP_BAN_IP); $getbanned = $db->query("SELECT * FROM bannedip ORDER BY added DESC"); $rowsbanned = @$getbanned->num_rows; print "<form action='admincp.php?user="******"uid"] . "&code=" . user::$current["random"] . "&do=banip&action=write' name='ban' method='post'>"; print "<center>" . BAN_NOTE . "</center>"; print "<br /><br />\n<table class='lista' width='100%' align='center'>\n"; print "<tr><td class='header'>" . ADDED . "</td><td class='header' align='left'>" . FIRST_IP . "</td>" . "<td class='header' align='left'>" . LAST_IP . "</td><td class='header' align='left'>" . BY . "</td>" . "<td class='header' align='left'>" . COMMENTS . "</td><td class='header'>" . REMOVE . "</td></tr>\n"; if ($rowsbanned > 0) { while ($arr = $getbanned->fetch_assoc()) { $r2 = $db->query("SELECT username FROM users WHERE id = " . (int) $arr['addedby']); $a2 = $r2->fetch_assoc(); $arr["first"] = long2ip($arr["first"]); $arr["last"] = long2ip($arr["last"]); print "<tr><td class='lista'>" . get_date_time($arr['added']) . "</td><td class='lista' align='left'>" . security::html_safe($arr['first']) . "</td>" . "<td align='left' class='lista'>" . security::html_safe($arr['last']) . "</td><td align='left' class='lista'><a href='userdetails.php?id=" . (int) $arr['addedby'] . "'>" . security::html_safe($a2['username']) . "" . "</a></td><td align='left' class='lista'>" . security::html_safe($arr['comment']) . "</td><td class='lista'><a href='admincp.php?user="******"uid"] . "&code=" . user::$current["random"] . "&do=banip&action=delete&ip=" . $arr['id'] . "'>" . image_or_link($STYLEPATH . "/delete.png", "", DELETE) . "</a></td></tr>\n"; } print "</table>\n"; } else { print "<tr><td colspan='6' align='center'>" . NO_BANNED_IPS . "</td></tr></table>"; } print "<br /><br />\n<table class='lista' width='100%' align='center'>\n"; print "<tr>\n"; print "<td class='header'>" . FIRST_IP . " :</td><td class='lista'><input type='text' name='firstip' size='15' /></td>"; print "<td class='header'>" . LAST_IP . " :</td><td class='lista'><input type='text' name='lastip' size='15' /></td>"; print "</tr>\n<tr>\n"; print "<td class='header'>" . COMMENTS . " :</td><td class='lista' colspan=3><input type='text' name='comment' size='60' /></td>"; print "</tr>\n"; print "<tr><td align='center' class='header' colspan=4>"; print "<input type='submit' name='write' value='" . FRM_CONFIRM . "' />"; print " <input type='submit' name='write' value='" . FRM_CANCEL . "' />";
<td align='center' class='header'>S</td> <td align='center' class='header'>L</td> <td align='center' class='header'>C</TD> </tr> <?php $anq->free(); $anq = $db->query("SELECT history.uid FROM history INNER JOIN namemap ON history.infohash = namemap.info_hash WHERE history.uid = " . $id . " AND history.date IS NOT NULL ORDER BY date DESC"); if ($anq->num_rows > 0) { list($pagertop, $limit) = misc::pager($utorrents == 0 ? 15 : $utorrents, $anq->num_rows, security::esc_url($_SERVER["PHP_SELF"]) . "?id=" . $id . "&", array("pagename" => "historypage")); $anq = $db->query("SELECT namemap.filename, namemap.size, namemap.info_hash, history.active, history.agent, history.downloaded, history.uploaded, summary.seeds, summary.leechers, summary.finished\n FROM history INNER JOIN namemap ON history.infohash = namemap.info_hash INNER JOIN summary ON summary.info_hash = namemap.info_hash WHERE history.uid = " . $id . " AND history.date IS NOT NULL ORDER BY date DESC " . $limit); print "<div align='center'>" . $pagertop . "</div>"; while ($torlist = $anq->fetch_object()) { print "\n<tr>\n<td class='lista'><a href='details.php?id=" . $torlist->info_hash . "'>" . security::html_safe(unesc($torlist->filename)) . "</td>"; print "\n<td class='lista' align='center'>" . misc::makesize((int) $torlist->size) . "</td>"; print "\n<td class='lista' align='center'>" . security::html_safe($torlist->agent) . "</td>"; print "\n<td align='center' class='lista'>" . ($torlist->active == 'yes' ? ACTIVATED : 'Stopped') . "</td>"; print "\n<td align='center' class='lista'>" . misc::makesize((double) $torlist->downloaded) . "</td>"; print "\n<td align='center' class='lista'>" . misc::makesize((double) $torlist->uploaded) . "</td>"; if ($torlist->downloaded > 0) { $peerratio = number_format((double) $torlist->uploaded / (double) $torlist->downloaded, 2); } else { $peerratio = "∞"; } print "\n<td align='center' class='lista'>" . unesc($peerratio) . "</td>"; print "\n<td align='center' class='" . linkcolor($torlist->seeds) . "'><a href='peers.php?id=" . $torlist->info_hash . "'>" . (int) $torlist->seeds . "</td>"; print "\n<td align='center' class='" . linkcolor($torlist->leechers) . "'><a href='peers.php?id=" . $torlist->info_hash . "'>" . (int) $torlist->leechers . "</td>"; print "\n<td align='center' class='lista'><a href='torrent_history.php?id=" . $torlist->info_hash . "'>" . (int) $torlist->finished . "</td>\n</tr>"; } print "\n</table>"; } else {
* Updated and Maintained by Yupy. * Copyright (C) 2004-2014 Btiteam.org */ global $db; if (!user::$current || user::$current["view_users"] == "no") { // do nothing } else { //lastest member block_begin("Latest Member"); $cache_last_member = CACHE_PATH . 'last_member.txt'; $cache_last_member_expire = 15 * 60; if (file_exists($cache_last_member) && is_array(unserialize(file_get_contents($cache_last_member))) && vars::$timestamp - filemtime($cache_last_member) < $cache_last_member_expire) { $a = unserialize(@file_get_contents($cache_last_member)); } else { $a = @$db->query("SELECT id, username FROM users WHERE id_level <> 1 AND id_level <> 2 ORDER BY id DESC LIMIT 1"); $a = @$a->fetch_assoc(); $handle = fopen($cache_last_member, "w+"); fwrite($handle, serialize($a)); fclose($handle); } if ($a) { if (user::$current["view_users"] == "yes") { $latestuser = "******" . (int) $a["id"] . "'>" . security::html_safe($a["username"]) . "</a>"; } else { $latestuser = security::html_safe($a['username']); } echo "<div align='center'>Welcome to our Tracker <br /><b>" . $latestuser . "</b>!</div>\n"; } block_end(); } // end if user can view
if (!$subres || $subres->num_rows == 0) { if (user::$current["uid"] > 1) { $s = "<br /><br />\n<table width='95%' class='lista'>\n<tr>\n<td align='center'>\n<a href='comment.php?id=" . $id . "&usern=" . urlencode(user::$current["username"]) . "'>" . NEW_COMMENT . "</a>\n</td>\n</tr>\n"; } else { $s = "<br /><br />\n<table width='95%' class='lista'>\n"; } $s .= "<tr>\n<td class='lista' align='center'>" . NO_COMMENTS . "</td>\n</tr>\n"; $s .= "</table>\n"; } else { print "<br /><br />"; if (user::$current["uid"] > 1) { $s = "<br /><br />\n<table width='95%' class='lista'><tr><td colspan='3' align='center'><a href='comment.php?id=" . $id . "&usern=" . urlencode(user::$current["username"]) . "'>" . NEW_COMMENT . "</a></td></tr>\n"; } else { $s = "<br /><br />\n<table width='95%' class='lista'>\n"; } while ($subrow = $subres->fetch_array(MYSQLI_BOTH)) { $s .= "<tr><td class='header'><a href='userdetails.php?id=" . (int) $subrow["uid"] . "'>" . security::html_safe($subrow["user"]) . "</a></td><td class='header'>" . date("d/m/Y H.i.s", $subrow["data"] - $offset) . "</td>\n"; // only users able to delete torrents can delete comments... if (user::$current["delete_torrents"] == "yes") { $s .= "<td class='header' align='right'><a onclick='return confirm('" . str_replace("'", "\\'", DELETE_CONFIRM) . "')' href='comment.php?id={$id}&cid=" . $subrow["id"] . "&action=delete'>" . image_or_link($STYLEPATH . "/delete.png", "", DELETE) . "</a></td>\n"; } $s .= "</tr>\n"; $s .= "<tr><td colspan='3' class='lista' align='center'>" . format_comment(unesc($subrow["text"])) . "</td></tr>\n"; } $s .= "</table>\n"; } print $s; print "</div><br /><br /><center><a href='javascript: history.go(-1);'>" . BACK . "</a>"; print "</center>\n"; block_end(); stdfoot();
} elseif ($res->num_rows > 0) { print "<script type='text/javascript'>\n <!--\n function SetAllCheckBoxes(FormName, FieldName, CheckValue)\n {\n if(!document.forms[FormName])\n return;\n var objCheckBoxes = document.forms[FormName].elements[FieldName];\n if(!objCheckBoxes)\n return;\n var countCheckBoxes = objCheckBoxes.length;\n if(!countCheckBoxes)\n objCheckBoxes.checked = CheckValue;\n else\n // set the check value for all check boxes\n for(var i = 0; i < countCheckBoxes; i++)\n objCheckBoxes[i].checked = CheckValue;\n }\n // -->\n </script>\n "; print "\n<form action='admincp.php?user="******"uid"] . "&code=" . user::$current["random"] . "&do=pruneu&action=prune' name='prune' method='post'>"; print "\n<table class='lista' width='100%'>"; print "\n<tr><td class='header' align='center'>" . NAME . "</td>"; print "\n<td class='header' align='center'>" . USER_JOINED . "</td>"; print "\n<td class='header' align='center'>" . USER_LASTACCESS . "</td>"; print "\n<td class='header' align='center'>" . USER_LEVEL . "</td>"; print "\n<td class='header' align='center'><input type='checkbox' name='all' onclick=\"SetAllCheckBoxes('prune','id[]',this.checked)\" /></td></tr>"; $count = 0; while ($rusers = $res->fetch_array(MYSQLI_BOTH)) { include INCL_PATH . 'offset.php'; print "\n<tr>\n<td class='lista' align='left'>" . security::html_safe($rusers["username"]) . "</td>"; print "\n<td class='lista' align='center'>" . date("d/m/Y H:i", $rusers["joined"] - $offset) . "</td>"; print "\n<td class='lista' align='center'>" . date("d/m/Y H:i", $rusers["lastconnect"] - $offset) . "</td>"; print "\n<td class='lista' align='center'>" . security::html_safe($rusers["level"]) . "</td>"; print "\n<td class='lista' align='center'><input type='checkbox' name='id[]' value='" . (int) $rusers["id"] . "' /></td></tr>"; $count++; } print "\n<tr>\n<td class='lista' align='right' colspan='5'><input type='submit' name='action' value='GO' /></td></tr>"; print "\n</table>\n</form>"; } else { print "<p align='center'>No users to prune...<p>"; } block_end(); print "<br />\n"; } else { block_begin("Prune users"); print "\n<form action='admincp.php?user="******"uid"] . "&code=" . user::$current["random"] . "&do=pruneu&action=view' name='prune' method='post'>"; print "<p align='center'>Imput the number of days which the users are to be considered as 'dead' (not connected from x days OR has signed from x days and still validating) <input type='text' name='days' value='" . $days . "' size='10' maxlength='3' />"; print "\n<input type='submit' name='action' value='View' /></td></tr>";
<?php //Torrent RSS by DiemThuy ( jul 2012 ) TBDEV conversion with some improvements; Adapated by Yupy for BtiTracker... require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'include' . DIRECTORY_SEPARATOR . 'functions.php'; dbconn(); if (user::$current['view_torrents'] == 'yes') { standardheader('RSS'); $res = $db->query("SELECT id, name, image FROM categories ORDER BY name"); while ($cat = $res->fetch_assoc()) { if ($cat['image'] == '') { $catoptions .= ''; } else { $catoptions .= "<a href='torrents.php?category=" . $cat['id'] . "'>" . image_or_link($cat['image'] == '' ? '' : "{$STYLEPATH}/images/categories/" . $cat['image'], '', security::html_safe($cat['name'])) . "</a><input type='checkbox' name='cat[]' value='" . (int) $cat['id'] . "' " . (strpos($CURUSER['notifs'], "[cat{$cat['id']}]") !== false ? " checked" : '') . "/>"; } } if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (empty($_POST['cat'])) { stderr('Error', 'You need to chose at least one Category !'); } if (empty($_POST['feed'])) { stderr('Error', 'You need to chose a feed type !'); } $link = $BASEURL . '/rss_torrents.php'; if ($_POST['feed'] == 'dl') { $query[] = 'feed=dl'; } foreach ($_POST['cat'] as $cat) { $query[] = 'cat[]=' . $cat; } $query[] = 'pid=' . user::$current['pid']; $queries = implode('&', $query);
$num = (int) $lognum[0]; $perpage = max(0, user::$current["postsperpage"]) > 0 ? user::$current["postsperpage"] : 20; list($pagertop, $limit) = misc::pager($perpage, $num, "admincp.php?user="******"uid"] . "&code=" . user::$current["random"] . "&do=logview&"); print $pagertop; print "\n<table class='lista' width='100%' align='center'><tr>"; print "\n<td class='header'>" . DATE . "</td>"; print "\n<td class='header'>" . USER_NAME . "</td>"; print "\n<td class='header'>" . ACTION . "</td>\n</tr>"; $logres = $db->query("SELECT * FROM logs ORDER BY added DESC " . $limit); if ($logres) { while ($logview = $logres->fetch_array(MYSQLI_BOTH)) { if ($logview["type"] == "delete") { $bgcolor = "style='background-color:#FF95AC; color:#000000;'"; } elseif ($logview["type"] == "add") { $bgcolor = "style='background-color:#C1FF83; color:#000000;'"; } elseif ($logview["type"] == "modify") { $bgcolor = "style='background-color:#DEDEDE; color:#000000;'"; } else { $bgcolor = ""; } include INCL_PATH . 'offset.php'; print "\n<tr><td class='lista' " . $bgcolor . ">" . date("d/m/Y H:i:s", $logview["added"] - $offset) . "</td>\n <td class='lista' " . $bgcolor . ">" . security::html_safe($logview["user"]) . "</td>\n <td class='lista' " . $bgcolor . ">" . unesc($logview["txt"]) . "</td></tr>"; } } else { print "<tr><td colspan='3' align='center'>No log to view...</tr>"; } print "</table>"; print $pagertop; block_end(); print "<br />"; }
MESSAGE</b> <br /><input name="baslik" type="text" id="baslik" value="Write subject here" size="40" maxlength="40" /> <br /> <textarea name="mesajmetni" cols="32" rows="5" id="mesajmetni">Write Your PM Here!</textarea> <tr> <td colspan="12"> <input name="grupdegis" type="checkbox" value="evet" /> <b>Change User Group : </b> <?php // <!Dropdown added by miskotes> print "<select name='kullan1'>"; $res = $db->query("SELECT id, level FROM users_level WHERE id_level > 1 ORDER BY id_level"); while ($row = $res->fetch_array(MYSQLI_BOTH)) { $select = "<option value='" . (int) $row["id"] . "'"; if ($kullan1 == $row["id"]) { $select .= "selected='selected'"; } $select .= ">" . security::html_safe($row["level"]) . "</option>\n"; print $select; } print "</select>"; //<!End dropdown> ?> </td></tr></center> <tr> <td colspan="12"> <input type="submit" name="changeug" value="Work"> </td> </tr> <TD align="center" class="header">ID</TD> <TD align="center" class="header">User</TD> <TD align="center" class="header">Downloaded</TD>
<td align='left' class='lista'> <input type='text' name='title' size='40' maxlength='40' value='<?php echo $title; ?> '/> </td> </tr> <tr> <td align='left' class='lista' valign='top' style='font-size:10pt'> <?php echo NEWS_DESCRIPTION; ?> </td> <td align='left' class='lista'> <?php echo textbbcode('news', 'news', security::html_safe($news)); ?> </td> </tr> <tr> </tr> <tr> <td align='left' class='header'> <input type='submit' name='conferma' value='<?php echo FRM_CONFIRM; ?> ' /> </td> <td align='left' class='header'> <input type='submit' name='conferma' value='<?php echo FRM_CANCEL;
?> </td> <td align='center' class='header'><?php echo EDIT; ?> </td> <td align='center' class='header'><?php echo DELETE; ?> </td> </tr> <?php if ($resuploaded && $resuploaded->num_rows > 0) { while ($rest = $resuploaded->fetch_array(MYSQLI_BOTH)) { print "\n<tr>\n<td class='lista'>" . security::html_safe(unesc($rest["filename"])) . "</td>"; include INCL_PATH . 'offset.php'; print "\n<td class='lista' align='center'>" . date("d/m/Y H:m:s", $rest["added"] - $offset) . "</td>"; print "\n<td class='lista' align='right'>" . misc::makesize((int) $rest["size"]) . "</td>"; print "\n<td align='right' class='" . linkcolor($rest["seeds"]) . "'>" . (int) $rest['seeds'] . "</td>"; print "\n<td align='right' class='" . linkcolor($rest["leechers"]) . "'>" . (int) $rest['leechers'] . "</td>"; print "\n<td class='lista' align='right'>" . ($rest["finished"] > 0 ? (int) $rest["finished"] : "---") . "</td>"; print "<td class='lista' align='center'><a href='edit.php?info_hash=" . $rest["hash"] . "&returnto=" . urlencode("torrents.php") . "'>" . image_or_link($STYLEPATH . "/edit.png", "", EDIT) . "</a></td>"; print "<td class='lista' align='center'><a href='delete.php?info_hash=" . $rest["hash"] . "&returnto=" . urlencode("torrents.php") . "'>" . image_or_link($STYLEPATH . "/delete.png", "", DELETE) . "</a></td>\n</tr>"; } print "\n</table>"; } else { print "<tr>\n<td class='lista' align='center' colspan='8'>" . NO_TORR_UP_USER . "</td>\n</tr>\n</table>"; } block_end(); // ------------------------
echo "\t<td align='center' class='lista'><a href='download.php?id=" . $data["hash"] . "&f=" . urlencode($data["filename"]) . ".torrent'>" . image_or_link("images/download.gif", "", "torrent") . "</a></td>\n"; include INCL_PATH . "offset.php"; echo "\t<td align='center' class='lista'>" . date("d/m/Y H:m:s", $data["added"] - $offset) . "</td>\n"; echo "\t<td align='center' class='lista'>" . misc::makesize((int) $data["size"]) . "</td>\n"; //Uploaders nick details if ($SHOW_UPLOADER && $data["anonymous"] == "true") { echo "\t<td align='center' class='lista'>" . ANONYMOUS . "</td>\n"; } elseif ($SHOW_UPLOADER && $data["anonymous"] == "false") { echo "\t<td align='center' class='lista'><a href='userdetails.php?id=" . (int) $data["upname"] . "'>" . StripSlashes($data['prefixcolor'] . security::html_safe($data["uploader"]) . $data['suffixcolor']) . "</a></td>\n"; } //Uploaders nick details if ($data["external"] == "no") { echo "\t<td align='center' class='" . linkcolor($data["seeds"]) . "'><a href='peers.php?id=" . $data["hash"] . "' title='" . PEERS_DETAILS . "'>" . (int) $data["seeds"] . "</a></td>\n"; echo "\t<td align='center' class='" . linkcolor($data["leechers"]) . "'><a href='peers.php?id=" . $data["hash"] . "' title='" . PEERS_DETAILS . "'>" . (int) $data["leechers"] . "</a></td>\n"; if ($data["finished"] > 0) { echo "\t<td align='center' class='lista'><a href='torrent_history.php?id=" . $data["hash"] . "' title='History - " . security::html_safe($data["filename"]) . "'>" . number_format((int) $data["finished"], 0) . "</a></td>"; } else { echo "\t<td align='center' class='lista'>---</td>"; } } else { // linkcolor echo "\t<td align='center' class='" . linkcolor($data["seeds"]) . "'>" . (int) $data["seeds"] . "</td>"; echo "\t<td align='center' class='" . linkcolor($data["leechers"]) . "'>" . (int) $data["leechers"] . "</td>"; if ($data["finished"] > 0) { echo "\t<td align='center' class='lista'>" . number_format((int) $data["finished"], 0) . "</td>"; } else { echo "\t<td align='center' class='lista'>---</td>"; } } if ($data["dwned"] > 0) { echo "\t<td align='center' class='lista'>" . misc::makesize((int) $data["dwned"]) . "</td>";
$seeders = strip_tags($item['seeders']); $leechers = strip_tags($item['leechers']); $desc = format_comment($item['description']); $f = rawurlencode($item['filename']); // output to browser if ($feed == "dl") { $link = "<link>" . $BASEURL . "/download.php?id=" . $id . "&f=" . $f . ".torrent&rsspid=" . $pid . "</link>"; $guid = "<guid>" . $BASEURL . "/download.php?id=" . $id . "&f=" . $f . ".torrent&rsspid=" . $pid . "</guid>"; } else { $link = "<link>" . $BASEURL . "/index.php?page=torrent-details&id=" . $id . "</link>"; $guid = "<guid>" . $BASEURL . "/index.php?page=torrent-details&id=" . $id . "</guid>"; } ?> <item> <title><![CDATA[<?php print security::html_safe("[" . $cat . "] " . $filename . " [" . SEEDERS . " (" . $seeders . ") / " . LEECHERS . " (" . $leechers . ")]"); ?> ]]></title> <description><![CDATA[<?php print $desc; ?> ]]></description> <link><?php print $BASEURL . "/details.php?id=" . $id; ?> </link> <guid><?php print $BASEURL . "/details.php?id=" . $id; ?> </guid> <enclosure url="<?php
standardheader("Login"); print "<br /><br /><div align='center'><font size='2' color='#FF0000'>" . ERR_USERNAME_INCORRECT . "</font></div>"; login(); } elseif (md5($row["random"] . $row["password"] . $row["random"]) != md5($row["random"] . md5($pwd) . $row["random"])) { standardheader("Login"); print "<br /><br /><div align='center'><font size='2' color='#FF0000'>" . ERR_PASSWORD_INCORRECT . "</font></div>"; login(); } else { $db->query("UPDATE users SET loginhash = '" . md5(vars::$ip . $row['password']) . "' WHERE id = " . (int) $row['id']); $salted = md5($GLOBALS["salting"] . $row["random"] . $row["password"] . $row["random"]); logincookie((int) $row["id"], $salted); if (isset($_GET["returnto"])) { $url = security::html_safe(urldecode($_GET["returnto"])); } else { $url = "index.php"; } redirect($url); } } else { standardheader("Login"); login(); exit; } } else { if (isset($_GET["returnto"])) { $url = security::html_safe(urldecode($_GET["returnto"])); } else { $url = "index.php"; } redirect($url); }
} elseif ($rowuser[2] != "" && !empty($rowuser[2])) { print "<td align='center' class='lista'><img src='images/flag/" . $rowuser[2] . "' alt='" . security::html_safe(unesc($rowuser[3])) . "' /></td>"; } else { print "<td align='center' class='lista'><img src='images/flag/unknown.gif' alt='" . UNKNOWN . "' /></td>"; } print "<td align='center' class='lista'>" . (int) $row["port"] . "</td>"; if ($tsize != 0) { $stat = floor(($tsize - (int) $row['bytes']) / $tsize * 100); } else { $stat = floor(($tsize - (int) $row['bytes']) / 0 * 100); } $progress = "<table width='100' cellspacing='0' cellpadding='0'><tr><td class='progress' align='left'>"; $progress .= "<img height='10' height='10' width='" . number_format($stat, 0) . "' src='" . $STYLEPATH . "/progress.jpg'></td></tr></table>"; print "<td valign='top' align='center' class='lista'>" . $stat . "%<br />" . $progress . "</td>\n"; print "<td align='center' class='lista'>" . $row["status"] . "</td>"; print "<td align='center' class='lista'>" . security::html_safe(getagent(unesc($row["client"]), unesc($row["peer_id"]))) . "</td>"; $dled = misc::makesize((int) $row["downloaded"]); $upld = misc::makesize((int) $row["uploaded"]); print "<td align='center' class='lista'>" . $dled . "</td>"; print "<td align='center' class='lista'>" . $upld . "</td>"; //Peer Ratio if (intval($row["downloaded"]) > 0) { $ratio = number_format((int) $row["uploaded"] / (int) $row["downloaded"], 2); } else { $ratio = "∞"; } print "<td align='center' class='lista'>" . $ratio . "</td>"; //End Peer Ratio print "<td align='center' class='lista'>" . get_elapsed_time($row["lastupdate"]) . " ago</td></tr>"; } if ($res->num_rows == 0) {
function textbbcode($form, $text, $content = "") { global $tpl, $STYLEPATH; $var_text = $text; $tpl->assign("text", $var_text); $var_content = security::html_safe($content); $tpl->assign("content", $var_content); $text_bbcode = $tpl->draw($STYLEPATH . '/tpl/text_bbcode', $return_string = true); echo $text_bbcode; }
function insert_compose_frame($id, $newtopic = true, $quote = false) { global $maxsubjectlength, $db; MCached::connect(); if ($newtopic) { $arr = MCached::get('forums::name::' . $id); if ($arr === MCached::NO_RESULT) { $res = $db->query("SELECT name FROM forums WHERE id = " . $id) or sqlerr(__FILE__, __LINE__); $arr = $res->fetch_assoc() or die(BAD_FORUM_ID); MCached::add('forums::name::' . $id, $arr, 9600); } $forumname = security::html_safe(unesc($arr["name"])); block_begin(WORD_NEW . " " . TOPIC . " " . IN . " <a href='?action=viewforum&forumid=" . $id . "'>" . $forumname . "</a> " . FORUM); } else { $arr = MCached::get('quick::jump::topics::' . $id); if ($arr === MCached::NO_RESULT) { $res = $db->query("SELECT * FROM topics WHERE id = " . $id) or sqlerr(__FILE__, __LINE__); $arr = $res->fetch_assoc() or stderr(ERROR, FORUM_ERROR . TOPIC_NOT_FOUND); MCached::add('quick::jump::topics::' . $id, $arr, 9600); } $subject = security::html_safe(unesc($arr["subject"])); block_begin(REPLY . " " . TOPIC . ": <a href='?action=viewtopic&topicid=" . $id . "'>" . $subject . "</a>"); } begin_frame(); print "<form method='post' name='compose' action='?action=post'>\n"; if ($newtopic) { print "<input type='hidden' name='forumid' value='" . $id . "'>\n"; } else { print "<input type='hidden' name='topicid' value='" . $id . "'>\n"; } begin_table(); if ($newtopic) { print "<tr><td class='header'>" . SUBJECT . "</td>" . "<td class='lista' align='left' style='padding: 0px'><input type='text' size='50' maxlength='" . $maxsubjectlength . "' name='subject' " . "style='border: 0px; height: 19px'></td></tr>\n"; } if ($quote) { $postid = 0 + (int) $_GET["postid"]; if (!is_valid_id($postid)) { die; } $res = $db->query("SELECT posts.*, users.username FROM posts INNER JOIN users ON posts.userid = users.id WHERE posts.id = " . $postid) or sqlerr(__FILE__, __LINE__); if ($res->num_rows != 1) { stderr(ERROR, ERR_NO_POST_WITH_ID . "" . $postid); } $arr = $res->fetch_assoc(); } print "<tr><td class='header'>" . BODY . "</td><td class='lista' align='left' style='padding: 0px'>"; textbbcode("compose", "body", $quote ? "[quote=" . security::html_safe($arr["username"]) . "]" . security::html_safe(unesc($arr["body"])) . "[/quote]" : ""); print "<tr><td colspan='2' align='center'><input type='submit' class='btn' value='" . FRM_CONFIRM . "'></td></tr>\n"; print "</td></tr>"; end_table(); print "</form>\n"; end_frame(); //------ Get 10 last posts if this is a reply if (!$newtopic) { $postres = $db->query("SELECT * FROM posts WHERE topicid = " . $id . " ORDER BY id DESC LIMIT 10") or sqlerr(__FILE__, __LINE__); begin_frame(LAST_10_POSTS, true); while ($post = $postres->fetch_assoc()) { //-- Get poster details $userres = $db->query("SELECT * FROM users WHERE id = " . (int) $post["userid"] . " LIMIT 1") or sqlerr(__FILE__, __LINE__); $user = $userres->fetch_assoc(); $avatar = $user["avatar"] && $user["avatar"] != "" ? security::html_safe($user["avatar"]) : ""; begin_table(true); print "<tr valign='top'><td width='150' align='center' style='padding: 0px'>#" . (int) $post["id"] . " by " . security::html_safe($user["username"]) . "<br />" . get_date_time($post["added"]) . ($avatar != "" ? "<br /><img width='80' src='" . $avatar . "'>" : "") . "</td><td class='lista'>" . format_comment(unesc($post["body"])) . "</td></tr><br>\n"; end_table(); } end_frame(); } if (!isset($forumid)) { $forumid = 0; } insert_quick_jump_menu($forumid); block_end(); }