function getWikiPage($id, $rev = 0)
{
global $canedit, $canmod;
$ptitle = $id;
if (!$ptitle) {
$ptitle = 'Main_page';
} else {
$ptitle = title2url($ptitle);
}
// so that we don't have for example 'Main page' and 'Main_page' being considered different pages
if ($rev < 0) {
$rev = 0;
}
$page = Query("SELECT p.*, pt.date, pt.user, pt.text FROM {wiki_pages} p LEFT JOIN {wiki_pages_text} pt ON pt.id=p.id AND pt.revision=" . ($rev > 0 ? 'LEAST(p.revision,{1})' : 'p.revision') . " WHERE p.id={0}", $ptitle, $rev);
if (!NumRows($page)) {
$page = array('id' => $ptitle, 'revision' => 0, 'flags' => 0, 'text' => '', 'new' => 1);
header('HTTP/1.1 404 Not Found');
header('Status: 404 Not Fount');
} else {
$page = Fetch($page);
}
$page['istalk'] = strtolower(substr($ptitle, 0, 5)) == 'talk:';
$page['ismain'] = strtolower($ptitle) == 'main_page';
$page['canedit'] = $canedit && (!($page['flags'] & WIKI_PFLAG_SPECIAL) || HasPermission('wiki.makepagesspecial'));
return $page;
}
function GetNotifications()
{
global $loguserid, $NotifFormat;
$notifs = array();
if (!$loguserid) {
return $notifs;
}
// TODO do it better!
$staffnotif = '';
if (HasPermission('admin.viewstaffpms')) {
$staffnotif = ' OR user=-1';
}
$ndata = Query("SELECT type,id,date,args FROM {notifications} WHERE user={0}{$staffnotif} ORDER BY date DESC", $loguserid);
while ($n = Fetch($ndata)) {
$ncb = $NotifFormat[$n['type']];
if (function_exists($ncb)) {
$ndesc = $ncb($n['id'], $n['args'] ? unserialize($n['args']) : null);
} else {
$ndesc = htmlspecialchars($n['type'] . ':' . $n['id']);
}
$ts = '<span class="nobr">';
$te = '</span>';
$ndesc = $ts . str_replace("\n", $te . '<br>' . $ts, $ndesc) . $te;
$notifs[] = array('date' => $n['date'], 'formattedDate' => relativedate($n['date']), 'text' => $ndesc);
}
return $notifs;
}
function makeThreadLink($thread)
{
$tags = ParseThreadTags($thread['title']);
$link = actionLinkTag($tags[0], 'thread', $thread['id'], '', HasPermission('forum.viewforum', $thread['forum'], true) ? $tags[0] : '');
$tags = $tags[1];
if (Settings::get("tagsDirection") === 'Left') {
return $tags . " " . $link;
} else {
return $link . " " . $tags;
}
}
<?php
if (!defined('BLARG')) {
die;
}
$userMenu = array();
if ($loguserid) {
if (HasPermission('user.editprofile')) {
$userMenu[actionLink('editprofile')] = __('Edit profile');
if (HasPermission('user.editavatars')) {
$userMenu[actionLink('editavatars')] = __('Mood avatars');
}
}
$userMenu[actionLink('private')] = __('Private messages');
$userMenu[actionLink('favorites')] = __('Favorites');
$bucket = 'userMenu';
include __DIR__ . "/../lib/pluginloader.php";
}
$layout_userpanel = $userMenu;
function makePost($post, $type, $params = array())
{
global $loguser, $loguserid, $usergroups, $isBot, $blocklayouts;
$poster = getDataPrefix($post, 'u_');
$post['userlink'] = UserLink($poster);
LoadBlockLayouts();
$pltype = Settings::get('postLayoutType');
$isBlocked = $poster['globalblock'] || $loguser['blocklayouts'] || $post['options'] & 1 || isset($blocklayouts[$poster['id']]);
$post['type'] = $type;
$post['formattedDate'] = formatdate($post['date']);
if (!HasPermission('admin.viewips')) {
$post['ip'] = '';
} else {
$post['ip'] = htmlspecialchars($post['ip']);
}
// TODO IP formatting?
if ($post['deleted'] && $type == POST_NORMAL) {
$post['deluserlink'] = UserLink(getDataPrefix($post, 'du_'));
$post['delreason'] = htmlspecialchars($post['reason']);
$links = array();
if (HasPermission('mod.deleteposts', $params['fid'])) {
$links['undelete'] = actionLinkTag(__("Undelete"), "editpost", $post['id'], "delete=2&key=" . $loguser['token']);
$links['view'] = "<a href=\"#\" onclick=\"replacePost(" . $post['id'] . ",true); return false;\">" . __("View") . "</a>";
}
$post['links'] = $links;
RenderTemplate('postbox_deleted', array('post' => $post));
return;
}
$links = array();
if ($type != POST_SAMPLE) {
$forum = $params['fid'];
$thread = $params['tid'];
$notclosed = !$post['closed'] || HasPermission('mod.closethreads', $forum);
$extraLinks = array();
if (!$isBot) {
if ($type == POST_DELETED_SNOOP) {
if ($notclosed && HasPermission('mod.deleteposts', $forum)) {
$links['undelete'] = actionLinkTag(__("Undelete"), "editpost", $post['id'], "delete=2&key=" . $loguser['token']);
}
$links['close'] = "<a href=\"#\" onclick=\"replacePost(" . $post['id'] . ",false); return false;\">" . __("Close") . "</a>";
} else {
if ($type == POST_NORMAL) {
if ($notclosed) {
if ($loguserid && HasPermission('forum.postreplies', $forum) && !$params['noreplylinks']) {
$links['quote'] = actionLinkTag(__("Quote"), "newreply", $thread, "quote=" . $post['id']);
}
$editrights = 0;
if ($poster['id'] == $loguserid && HasPermission('user.editownposts') || HasPermission('mod.editposts', $forum)) {
$links['edit'] = actionLinkTag(__("Edit"), "editpost", $post['id']);
$editrights++;
}
if ($poster['id'] == $loguserid && HasPermission('user.deleteownposts') || HasPermission('mod.deleteposts', $forum)) {
if ($post['id'] != $post['firstpostid']) {
$link = htmlspecialchars(actionLink('editpost', $post['id'], 'delete=1&key=' . $loguser['token']));
$onclick = HasPermission('mod.deleteposts', $forum) ? " onclick=\"deletePost(this);return false;\"" : ' onclick="if(!confirm(\'Really delete this post?\'))return false;"';
$links['delete'] = "<a href=\"{$link}\"{$onclick}>" . __('Delete') . "</a>";
}
$editrights++;
}
if ($editrights < 2 && HasPermission('user.reportposts')) {
$links['report'] = actionLinkTag(__('Report'), 'reportpost', $post['id']);
}
}
// plugins should add to $extraLinks
$bucket = "topbar";
include __DIR__ . "/pluginloader.php";
}
}
$links['extra'] = $extraLinks;
}
//Threadlinks for listpost.php
if ($params['threadlink']) {
$thread = array();
$thread['id'] = $post['thread'];
$thread['title'] = $post['threadname'];
$thread['forum'] = $post['fid'];
$post['threadlink'] = makeThreadLink($thread);
} else {
$post['threadlink'] = '';
}
//Revisions
if ($post['revision']) {
$ru_link = UserLink(getDataPrefix($post, "ru_"));
$revdetail = ' ' . format(__('by {0} on {1}'), $ru_link, formatdate($post['revdate']));
if (HasPermission('mod.editposts', $forum)) {
$post['revdetail'] = "<a href=\"javascript:void(0);\" onclick=\"showRevisions(" . $post['id'] . ")\">" . Format(__('rev. {0}'), $post['revision']) . "</a>" . $revdetail;
} else {
$post['revdetail'] = Format(__('rev. {0}'), $post['revision']) . $revdetail;
}
}
//</revisions>
}
$post['links'] = $links;
// POST SIDEBAR
$sidebar = array();
// quit abusing custom syndromes you unoriginal fuckers
$poster['title'] = preg_replace('@Affected by \'?.*?Syndrome\'?@si', '', $poster['title']);
$sidebar['rank'] = GetRank($poster['rankset'], $poster['posts']);
if ($poster['title']) {
$sidebar['title'] = strip_tags(CleanUpPost($poster['title'], '', true), '<b><strong><i><em><span><s><del><img><a><br/><br><small>');
} else {
$sidebar['title'] = htmlspecialchars($usergroups[$poster['primarygroup']]['title']);
}
$sidebar['syndrome'] = GetSyndrome(getActivity($poster['id']));
if ($post['mood'] > 0) {
if (file_exists(DATA_DIR . "avatars/" . $poster['id'] . "_" . $post['mood'])) {
$sidebar['avatar'] = "<img src=\"" . DATA_URL . "avatars/" . $poster['id'] . "_" . $post['mood'] . "\" alt=\"\">";
}
} else {
if ($poster['picture']) {
$pic = str_replace('$root/', DATA_URL, $poster['picture']);
$sidebar['avatar'] = "<img src=\"" . htmlspecialchars($pic) . "\" alt=\"\">";
}
}
$lastpost = $poster['lastposttime'] ? timeunits(time() - $poster['lastposttime']) : "none";
$lastview = timeunits(time() - $poster['lastactivity']);
if (!$post['num']) {
$sidebar['posts'] = $poster['posts'];
} else {
$sidebar['posts'] = $post['num'] . '/' . $poster['posts'];
}
$sidebar['since'] = cdate($loguser['dateformat'], $poster['regdate']);
$sidebar['lastpost'] = $lastpost;
$sidebar['lastview'] = $lastview;
if ($poster['lastactivity'] > time() - 300) {
$sidebar['isonline'] = __("User is <strong>online</strong>");
}
$sidebarExtra = array();
$bucket = "sidebar";
include __DIR__ . "/pluginloader.php";
$sidebar['extra'] = $sidebarExtra;
$post['sidebar'] = $sidebar;
// OTHER STUFF
$post['haslayout'] = false;
$post['fulllayout'] = false;
if (!$isBlocked) {
$poster['postheader'] = $pltype ? trim($poster['postheader']) : '';
$poster['signature'] = trim($poster['signature']);
$post['haslayout'] = $poster['postheader'] ? 1 : 0;
$post['fulllayout'] = $poster['fulllayout'] && $post['haslayout'] && $pltype == 2;
if (!$post['haslayout'] && $poster['signature']) {
$poster['signature'] = '<div class="signature">' . $poster['signature'] . '</div>';
}
} else {
$poster['postheader'] = '';
$poster['signature'] = '';
}
$post['contents'] = makePostText($post, $poster);
//PRINT THE POST!
RenderTemplate('postbox', array('post' => $post));
}
function bbcodeForum($contents, $arg, $parenttag)
{
global $forumLinkCache, $loguser;
$id = (int) $arg;
if (!isset($forumLinkCache[$id])) {
$rForum = Query("select id, title from {forums} where id={0} AND id IN ({1c})", $id, ForumsWithPermission('forum.viewforum'));
if (NumRows($rForum)) {
$forum = Fetch($rForum);
$forumLinkCache[$id] = actionLinkTag($forum['title'], "forum", $forum['id'], '', HasPermission('forum.viewforum', $forum['id'], true) ? $forum['title'] : '');
} else {
$forumLinkCache[$id] = "<invalid forum ID>";
}
}
return $forumLinkCache[$id];
}
function CanEditPerm($perm, $arg = 0)
{
global $loguser;
if ($loguser['root']) {
return true;
}
return HasPermission($perm, $arg);
}
} else {
if (isset($_GET['tid']) && isset($_GET['time'])) {
$rPost = Query("select id,date,thread from {posts} where thread={0} AND date>{1} ORDER BY date LIMIT 1", $_GET['tid'], $_GET['time']);
} else {
Kill('blarg');
}
}
if (NumRows($rPost)) {
$post = Fetch($rPost);
} else {
Kill(__("Unknown post ID."));
}
$pid = $post['id'];
$tid = $post['thread'];
$rThread = Query("select id,title,forum from {threads} where id={0}", $tid);
if (NumRows($rThread)) {
$thread = Fetch($rThread);
} else {
Kill(__("Unknown thread ID."));
}
$tags = ParseThreadTags($thread['title']);
$ppp = $loguser['postsperpage'];
if (!$ppp) {
$ppp = 20;
}
$from = floor(FetchResult("SELECT COUNT(*) FROM {posts} WHERE thread={1} AND date<={2} AND id!={0}", $pid, $tid, $post['date']) / $ppp) * $ppp;
$url = actionLink("thread", $thread['id'], $from ? "from={$from}" : "", HasPermission('forum.viewforum', $thread['forum'], true) ? $tags[0] : '') . "#post" . $pid;
header("HTTP/1.1 301 Moved Permanently");
header("Status: 301 Moved Permanently");
header("Location: " . $url);
die;
function makeThreadListing($threads, $pagelinks, $dostickies = true, $showforum = false)
{
global $loguserid, $loguser, $misc;
$threadlist = array();
while ($thread = Fetch($threads)) {
$tdata = array('id' => $thread['id']);
$starter = getDataPrefix($thread, 'su_');
$last = getDataPrefix($thread, 'lu_');
$ispublic = HasPermission('forum.viewforum', $thread['forum'], true);
$tags = ParseThreadTags($thread['title']);
$urlname = $ispublic ? $tags[0] : '';
$threadlink = actionLinkTag($tags[0], 'thread', $thread['id'], '', $urlname);
$tdata['link'] = Settings::get("tagsDirection") === 'Left' ? $tags[1] . ' ' . $threadlink : $threadlink . ' ' . $tags[1];
$NewIcon = '';
$tdata['gotonew'] = '';
if ($thread['closed']) {
$NewIcon = 'off';
}
if ($thread['replies'] >= $misc['hotcount']) {
$NewIcon .= 'hot';
}
if (!$loguserid && $thread['lastpostdate'] > time() - 900 || $loguserid && $thread['lastpostdate'] > $thread['readdate']) {
$NewIcon .= 'new';
if ($loguserid) {
$tdata['gotonew'] = actionLinkTag('<img src="' . resourceLink('img/gotounread.png') . '" alt="[go to first unread post]">', 'post', '', 'tid=' . $thread['id'] . '&time=' . (int) $thread['readdate']);
}
} else {
if (!$thread['closed'] && !$thread['sticky'] && Settings::get("oldThreadThreshold") > 0 && $thread['lastpostdate'] < time() - 2592000 * Settings::get("oldThreadThreshold")) {
$NewIcon = 'old';
}
}
if ($NewIcon) {
$tdata['new'] = '<div class="statusIcon ' . $NewIcon . '"></div>';
} else {
$tdata['new'] = '';
}
$tdata['sticky'] = $thread['sticky'];
if ($thread['icon']) {
//This is a hack, but given how icons are stored in the DB, I can do nothing about it without breaking DB compatibility.
if (startsWith($thread['icon'], "img/")) {
$thread['icon'] = resourceLink($thread['icon']);
}
$tdata['icon'] = "<img src=\"" . htmlspecialchars($thread['icon']) . "\" alt=\"\" class=\"smiley\" style=\"max-width:32px; max-height:32px;\">";
} else {
$tdata['icon'] = '';
}
$tdata['poll'] = $thread['poll'] ? "<img src=\"" . resourceLink("img/poll.png") . "\" alt=\"[poll]\">" : "";
$n = 4;
$total = $thread['replies'];
$ppp = $loguser['postsperpage'];
if (!$ppp) {
$ppp = 20;
}
$numpages = floor($total / $ppp);
$pl = '';
if ($numpages <= $n * 2) {
for ($i = 1; $i <= $numpages; $i++) {
$pl .= " " . actionLinkTag($i + 1, "thread", $thread['id'], "from=" . $i * $ppp, $urlname);
}
} else {
for ($i = 1; $i < $n; $i++) {
$pl .= " " . actionLinkTag($i + 1, "thread", $thread['id'], "from=" . $i * $ppp, $urlname);
}
$pl .= " … ";
for ($i = $numpages - $n + 1; $i <= $numpages; $i++) {
$pl .= " " . actionLinkTag($i + 1, "thread", $thread['id'], "from=" . $i * $ppp, $urlname);
}
}
if ($pl) {
$tdata['pagelinks'] = actionLinkTag(1, "thread", $thread['id'], '', $urlname) . $pl;
} else {
$tdata['pagelinks'] = '';
}
if ($showforum) {
$tdata['forumlink'] = actionLinkTag(htmlspecialchars($thread["f_title"]), "forum", $thread["f_id"], "", $ispublic ? $thread["f_title"] : '');
}
$tdata['startuser'] = UserLink($starter);
$tdata['replies'] = $thread['replies'];
$tdata['views'] = $thread['views'];
$tdata['lastpostdate'] = formatdate($thread['lastpostdate']);
$tdata['lastpostuser'] = UserLink($last);
$tdata['lastpostlink'] = actionLink("post", $thread['lastpostid']);
$threadlist[$tdata['id']] = $tdata;
}
RenderTemplate('threadlist', array('threads' => $threadlist, 'pagelinks' => $pagelinks, 'dostickies' => $dostickies, 'showforum' => $showforum));
}
$staffpms = '';
$showWhat = 0;
if (isset($_GET['show'])) {
$showWhat = (int) $_GET['show'];
$show = "&show=" . $showWhat;
if ($showWhat == 1) {
$deleted = 1;
} else {
if ($showWhat == 2) {
$drafting = 1;
}
}
$onclause = 'p.userto';
} else {
$whereFrom = "p.userto = {0}";
if (HasPermission('admin.viewstaffpms') && $user == $loguserid) {
$staffpms = ' OR userto={4}';
}
$onclause = 'p.userfrom';
}
$whereFrom .= " and p.drafting = " . $drafting;
$total = FetchResult("select count(*) from {pmsgs} p where ({$whereFrom}{$staffpms}) and !(p.deleted & {1})", $user, $deleted, null, null, -1);
$ppp = $loguser['threadsperpage'];
if (isset($_GET['from'])) {
$from = (int) $_GET['from'];
} else {
$from = 0;
}
$links = array();
$links[] = $showWhat == 0 ? __("Show received") : actionLinkTag(__("Show received"), "private", "", substr($userGet, 1));
$links[] = $showWhat == 1 ? __("Show sent") : actionLinkTag(__("Show sent"), "private", "", "show=1" . $userGet);
$links[] = actionLinkTag('Unban user', 'banhammer', $id, 'unban=1');
}
}
if (HasPermission('user.editprofile') && $loguserid == $id) {
$links[] = actionLinkTag(__("Edit my profile"), "editprofile");
} else {
if (HasPermission('admin.editusers')) {
$links[] = actionLinkTag(__("Edit user"), "editprofile", $id);
}
}
if (HasPermission('admin.editusers')) {
$links[] = actionLinkTag(__('Edit permissions'), 'editperms', '', 'uid=' . $id);
}
if (HasPermission('admin.viewpms')) {
$links[] = actionLinkTag(__("Show PMs"), "private", "", "user="******"Send PM"), "sendprivate", "", "uid=" . $id);
}
$links[] = actionLinkTag(__("Show posts"), "listposts", $id, "", $user['name']);
$links[] = actionLinkTag(__("Show threads"), "listthreads", $id, "", $user['name']);
if ($loguserid) {
$links[] = $blockLayoutLink;
}
MakeCrumbs(array(actionLink("profile", $id, '', $user['name']) => htmlspecialchars($uname)), $links);
$title = format(__("Profile for {0}"), htmlspecialchars($uname));
function IsReallyEmpty($subject)
{
$trimmed = trim(preg_replace("/&.*;/", "", $subject));
return strlen($trimmed) == 0;
}
<?php
$canhavenamecolor = HasPermission('user.editnamecolor') || $editUserMode;
if (!function_exists("HandleUsernameColor")) {
function HandleUsernameColor($field, $item)
{
global $user, $canhavenamecolor;
if ($canhavenamecolor) {
$unc = $_POST['color'];
if ($unc != '') {
$unc = filterPollColors(str_pad($unc, 6, '0'));
}
Query("UPDATE {users} SET color={0s} WHERE id={1}", $unc, $user['id']);
}
return true;
}
}
if ($canhavenamecolor) {
AddField('general', 'appearance', 'color', __('Name color'), 'color', array('hint' => __('Leave empty to use the default color.'), 'callback' => 'HandleUsernameColor'));
}
<?php
// AcmlmBoard XD - Realtime visitor statistics page
// Access: all
$title = __("Online users");
MakeCrumbs(array(actionLink("online") => __("Online users")));
$showIPs = HasPermission('admin.viewips');
$time = (int) $_GET['time'];
if (!$time) {
$time = 300;
}
$rUsers = Query("select * from {users} where lastactivity > {0} order by lastactivity desc", time() - $time);
$rGuests = Query("select * from {guests} where date > {0} and bot = 0 order by date desc", time() - $time);
$rBots = Query("select * from {guests} where date > {0} and bot = 1 order by date desc", time() - $time);
$spans = array(60, 300, 900, 3600, 86400);
$spanList = array();
foreach ($spans as $span) {
$spanList[] = $span == $time ? timeunits($span) : actionLinkTag(timeunits($span), "online", "", "time={$span}");
}
$userList = array();
$i = 1;
while ($user = Fetch($rUsers)) {
$udata = array();
$udata['num'] = $i++;
$udata['link'] = UserLink($user);
$udata['lastPost'] = $user['lastposttime'] ? cdate("d-m-y G:i:s", $user['lastposttime']) : __("Never");
$udata['lastView'] = cdate("d-m-y G:i:s", $user['lastactivity']);
if ($user['lasturl']) {
$udata['lastURL'] = "<a href=\"" . FilterURL($user['lasturl']) . "\">" . FilterURL($user['lasturl']) . "</a>";
} else {
$udata['lastURL'] = __("None");
$forumname = '';
if (HasPermission('forum.viewforum', $thread['forum'], true)) {
$forumname = FetchResult("SELECT title FROM {forums} WHERE id={0}", $thread['forum']);
}
die(header("Location: " . actionLink("forum", $thread['forum'], '', $forumname)));
} else {
Kill(__("No trash forum set. Check board settings."));
}
} elseif ($_POST['actionedit']) {
if ($thread['forum'] != $_POST['moveTo'] && $canMove) {
$moveto = (int) $_POST['moveTo'];
$dest = Fetch(Query("select * from {forums} where id={0}", $moveto));
if (!$dest) {
Kill(__("Unknown forum ID."));
}
$isHidden = HasPermission('forum.viewforum', $moveto, true);
//Tweak forum counters
$rForum = Query("update {forums} set numthreads=numthreads-1, numposts=numposts-{0} where id={1}", $thread['replies'] + 1, $thread['forum']);
$rForum = Query("update {forums} set numthreads=numthreads+1, numposts=numposts+{0} where id={1}", $thread['replies'] + 1, $moveto);
$rThread = Query("update {threads} set forum={0} where id={1}", (int) $_POST['moveTo'], $tid);
// Tweak forum counters #2
Query("\tUPDATE {forums} LEFT JOIN {threads}\n\t\t\t\tON {forums}.id={threads}.forum AND {threads}.lastpostdate=(SELECT MAX(nt.lastpostdate) FROM {threads} nt WHERE nt.forum={forums}.id)\n\t\t\t\tSET {forums}.lastpostdate=IFNULL({threads}.lastpostdate,0), {forums}.lastpostuser=IFNULL({threads}.lastposter,0), {forums}.lastpostid=IFNULL({threads}.lastpostid,0)\n\t\t\t\tWHERE {forums}.id={0} OR {forums}.id={1}", $thread['forum'], $moveto);
Report("[b]" . $loguser['name'] . "[/] moved thread [b]" . $thread['title'] . "[/] -> [g]#HERE#?tid=" . $tid, $isHidden);
}
$isClosed = $canClose ? isset($_POST['isClosed']) ? 1 : 0 : $thread['closed'];
$isSticky = $canStick ? isset($_POST['isSticky']) ? 1 : 0 : $thread['sticky'];
$trimmedTitle = $canRename ? trim(str_replace(' ', ' ', $_POST['title'])) : 'lolnotempty';
if ($trimmedTitle != "") {
if ($canRename) {
$thread['title'] = $_POST['title'];
if ($_POST['iconid']) {
function ForumJump()
{
global $fid, $loguserid, $loguser, $forum;
$viewableforums = ForumsWithPermission('forum.viewforum');
$viewhidden = HasPermission('user.viewhiddenforums');
$rCats = Query("SELECT id, name FROM {categories} WHERE board={0} ORDER BY corder, id", $forum['board']);
$cats = array();
while ($cat = Fetch($rCats)) {
$cats[$cat['id']] = $cat['name'];
}
$rFora = Query("\tSELECT\n\t\t\t\t\t\t\tf.id, f.title, f.catid, f.redirect\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t{forums} f\n\t\t\t\t\t\tWHERE f.id IN ({0c})" . (!$viewhidden ? " AND f.hidden=0" : '') . "\n\t\t\t\t\t\tORDER BY f.forder, f.id", $viewableforums);
$fora = array();
while ($forum = Fetch($rFora)) {
$fora[$forum['catid']][] = $forum;
}
$theList = '';
foreach ($cats as $cid => $cname) {
if (empty($fora[$cid])) {
continue;
}
$theList .= ' <optgroup label="' . htmlspecialchars($cname) . '">
' . fj_forumBlock($fora, $cid, $fid, 0) . ' </optgroup>
';
}
$theList = '<select onchange="document.location=this.options[this.selectedIndex].value;">' . ($forum['board'] ? '<option value="' . actionLink('board') . '">Back to main forums</option>' : '') . $theList . '</select>';
RenderTemplate('forumjump', array('forumlist' => $theList));
}
<?php
// AcmlmBoard XD - Frequently Asked Questions page
// Access: all
if (!defined('BLARG')) {
die;
}
$title = __("FAQ");
$links = array();
if (HasPermission('admin.editsettings')) {
$links[] = actionLinkTag(__("Edit the FAQ"), "editsettings", '', 'field=faqText');
}
MakeCrumbs(array(actionLink("faq") => __("FAQ")), $links);
makeThemeArrays();
$admin = Fetch(Query("select u.(_userfields) from {users} u where u.primarygroup={0}", Settings::get('rootGroup')));
$admin = userLink(getDataPrefix($admin, 'u_'));
$sexes = array(0 => __("Male"), 1 => __("Female"), 2 => __("N/A"));
$scolors = array(0 => 'color_male', 1 => 'color_female', 2 => 'color_unspec');
$gcolors = array();
$g = Query("SELECT title, color_male, color_female, color_unspec FROM {usergroups} WHERE type=0 ORDER BY rank");
while ($group = Fetch($g)) {
$gcolors[] = $group;
}
$headers = "";
$colors = "";
foreach ($sexes as $ss) {
$headers .= format("\n\t<th>\n\t\t{0}\n\t</th>\n", $ss);
}
foreach ($gcolors as $g) {
$cellClass = ($cellClass + 1) % 2;
$items = "";
$hideTricks = " <a href=\"javascript:void(0)\" onclick=\"showRevision(" . $id . "," . $post["currentrevision"] . "); hideTricks(" . $id . ")\">" . __("Back") . "</a>";
$reply .= $hideTricks;
die($reply);
} elseif ($action == "sr") {
$rPost = Query("\n\t\t\tSELECT\n\t\t\t\tp.*,\n\t\t\t\tpt.text, pt.revision, pt.user AS revuser, pt.date AS revdate,\n\t\t\t\tu.(_userfields), u.(rankset,title,picture,posts,postheader,signature,signsep,lastposttime,lastactivity,regdate,globalblock),\n\t\t\t\tru.(_userfields),\n\t\t\t\tdu.(_userfields),\n\t\t\t\tt.forum fid\n\t\t\tFROM\n\t\t\t\t{posts} p\n\t\t\t\tLEFT JOIN {posts_text} pt ON pt.pid = p.id AND pt.revision = {1}\n\t\t\t\tLEFT JOIN {threads} t ON t.id=p.thread\n\t\t\t\tLEFT JOIN {users} u ON u.id = p.user\n\t\t\t\tLEFT JOIN {users} ru ON ru.id=pt.user\n\t\t\t\tLEFT JOIN {users} du ON du.id=p.deletedby\n\t\t\tWHERE p.id={0} AND t.forum IN ({2c})", $id, (int) $_GET['rev'], ForumsWithPermission('forum.viewforum'));
if (NumRows($rPost)) {
$post = Fetch($rPost);
} else {
die(format(__("Unknown post ID #{0} or revision missing."), $id));
}
if (!HasPermission('mod.editposts', $post['fid'])) {
die('No.');
}
die(makePostText($post, getDataPrefix($post, 'u_')));
} elseif ($action == "em") {
$privacy = HasPermission('admin.editusers') ? '' : ' and showemail=1';
$blah = FetchResult("select email from {users} where id={0}{$privacy}", $id);
die(htmlspecialchars($blah));
} elseif ($action == "vc") {
$blah = FetchResult("select views from {misc}");
die(number_format($blah));
} else {
if ($action == 'no') {
$notif = getNotifications();
die(json_encode($notif));
}
}
}
}
}
die(__("Unknown action."));
} else {
if ((int) $_GET['delete'] == 2) {
if ($_GET['key'] != $loguser['token']) {
Kill(__("No."));
}
if (!HasPermission('mod.deleteposts', $fid)) {
Kill(__("You're not allowed to undelete posts."));
}
$rPosts = Query("update {posts} set deleted=0 where id={0} limit 1", $pid);
die(header("Location: " . actionLink("post", $pid)));
}
}
if ($post['deleted']) {
Kill(__("This post has been deleted."));
}
if (($post['user'] != $loguserid || !HasPermission('user.editownposts')) && !HasPermission('mod.editposts', $fid)) {
Kill(__("You are not allowed to edit this post."));
}
$tags = ParseThreadTags($thread['title']);
MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $isHidden ? '' : $tags[0]) => $tags[0], '' => __("Edit post")));
LoadPostToolbar();
$attachs = array();
if ($post['has_attachments']) {
$res = Query("SELECT id,filename \n\t\tFROM {uploadedfiles}\n\t\tWHERE parenttype={0} AND parentid={1} AND deldate=0\n\t\tORDER BY filename", 'post_attachment', $pid);
while ($a = Fetch($res)) {
$attachs[$a['id']] = $a['filename'];
}
}
if (isset($_POST['saveuploads'])) {
$attachs = HandlePostAttachments(0, false);
} else {
die;
}
$title = __("Private messages");
if (!$loguserid) {
Kill(__("You must be logged in to view your private messages."));
}
$id = (int) $_REQUEST['id'];
if (!$id) {
Kill(__("No PM specified."));
}
$pmid = $id;
$staffpms = '';
if (HasPermission('admin.viewstaffpms')) {
$staffpms = ' OR userto={2}';
}
$snoop = isset($_GET['snooping']) && HasPermission('admin.viewpms');
if ($snoop) {
$rPM = Query("select * from {pmsgs} left join {pmsgs_text} on pid = {pmsgs}.id where {pmsgs}.id = {0}", $id);
Query("INSERT INTO {spieslog} (userid,date,pmid) VALUES ({0},UNIX_TIMESTAMP(),{1})", $loguserid, $id);
Alert(__("You are snooping."));
} else {
$rPM = Query("select * from {pmsgs} left join {pmsgs_text} on pid = {pmsgs}.id where (userto = {1} or userfrom = {1}{$staffpms}) and {pmsgs}.id = {0}", $id, $loguserid, -1);
}
if (NumRows($rPM)) {
$pm = Fetch($rPM);
} else {
Kill(__("Unknown PM"));
}
if ($pm['drafting'] && !$snoop) {
Kill(__("Unknown PM"));
}
$pdata['text'] = CleanUpPost($thread['text'], $starter['name'], false, false);
if (!$thread['replies']) {
$comments = 'No comments yet';
} else {
if ($thread['replies'] < 2) {
$comments = actionLinkTag('1 comment', 'post', $thread['lastpostid']) . ' (by ' . UserLink($last) . ')';
} else {
$comments = actionLinkTag($thread['replies'] . ' comments', 'post', $thread['lastpostid']) . ' (last by ' . UserLink($last) . ')';
}
}
$pdata['comments'] = $comments;
if ($thread['closed']) {
$newreply = __('Comment posting closed.');
} else {
if (!$loguserid) {
$newreply = actionLinkTag(__('Log in'), 'login') . __(' to post a comment.');
} else {
$newreply = actionLinkTag(__("Post a comment"), "newreply", $thread['id']);
}
}
$pdata['replylink'] = $newreply;
$modlinks = array();
if ($loguserid == $starter['id'] && HasPermission('user.editownposts') || HasPermission('mod.editposts', $forum['id'])) {
$modlinks['edit'] = actionLinkTag(__('Edit'), 'editpost', $thread['pid']);
}
if ($loguserid == $starter['id'] && HasPermission('user.deleteownposts') || HasPermission('mod.deleteposts', $forum['id'])) {
$modlinks['delete'] = actionLinkTag(__('Delete'), 'editpost', $thread['pid'], 'delete=1&key=' . $loguser['token']);
}
RenderTemplate('newspost', array('post' => $pdata));
}
RenderTemplate('pagelinks', array('pagelinks' => $pagelinks, 'position' => 'bottom'));
if ($post['user'] == $loguserid) {
Kill(__('You may not report your own posts.'));
}
if ($post['deleted']) {
Kill(__('This post is deleted.'));
}
$thread = Fetch(Query("SELECT * FROM {threads} WHERE id={0}", $post['thread']));
if (!$thread) {
Kill(__('Unknown thread.'));
}
$fid = $thread['forum'];
if (!HasPermission('forum.viewforum', $fid)) {
Kill(__('You may not access this forum.'));
}
$tags = ParseThreadTags($thread['title']);
$isHidden = !HasPermission('forum.viewforum', $fid, true);
if ($_POST['report']) {
if ($_POST['key'] !== $loguser['token']) {
Kill(__('No.'));
}
// TODO make this use actual notifications or anything better
Query("INSERT INTO {pmsgs_text} (title,text) VALUES ({0},{1})", "Post report (post #{$pid})", '');
$pmid = InsertId();
Query("INSERT INTO {pmsgs} (id,userto,userfrom,date,ip,msgread,deleted,drafting)\n\t\tVALUES ({0},{1},{2},{3},{4},0,0,0)", $pmid, -1, $loguserid, time(), $_SERVER['REMOTE_ADDR']);
$report = "<strong>Post report</strong>\n\n<strong>Post:</strong> " . actionLinkTag($tags[0], 'post', $pid) . " (post #{$pid})\n\n<strong>Message:</strong>\n{$_POST['message']}\n\n" . actionLinkTag('Mark issue as resolved', 'showprivate', $pmid, 'markread=1');
Query("UPDATE {pmsgs_text} SET text={0} WHERE pid={1}", $report, $pmid);
SendNotification('pm', $pmid, -1);
die(header('Location: ' . actionLink('post', $pid)));
}
MakeCrumbs(forumCrumbs($forum) + array(actionLink("thread", $tid, '', $isHidden ? '' : $tags[0]) => $tags[0], '' => __("Report post")));
$user = Fetch(Query("SELECT * FROM {users} WHERE id={0}", $post['user']));
$inactive = 0;
$total = 0;
foreach ($users as $user) {
if ($user['posts'] >= $rank['num'] && $user['posts'] < $nextRank['num']) {
$total++;
if ($user['lastposttime'] > time() - 2592000) {
$members[] = UserLink($user);
} else {
$inactive++;
}
}
}
if ($inactive) {
$members[] = $inactive . ' inactive';
}
$showRank = HasPermission('admin.viewallranks') || $loguser['posts'] >= $rank['num'] || count($members) > 0;
if ($showRank) {
$rdata['rank'] = getRankHtml($rankset, $rank);
} else {
$rdata['rank'] = '???';
}
if (count($members) == 0) {
$members = ' ';
} else {
$members = join(', ', $members);
}
$rdata['posts'] = $showRank ? $rank['num'] : '???';
$rdata['numUsers'] = $total;
$rdata['users'] = $members;
$ranklist[] = $rdata;
}
function formatIP($ip)
{
global $loguser;
$res = $ip;
$res .= " " . IP2C($ip);
$res = "<nobr>{$res}</nobr>";
if (HasPermission('admin.ipsearch')) {
return actionLinkTag($res, "ipquery", $ip);
} else {
return $res;
}
}
AddCategory('account', 'admin', __('Administrative stuff'));
if ($isroot) {
AddField('account', 'admin', 'primarygroup', __('Primary group'), 'label', array('value' => htmlspecialchars($usergroup['title'])));
} else {
AddField('account', 'admin', 'primarygroup', __('Primary group'), 'select', array('options' => $groups));
}
// TODO secondary groups!!
if ($isbanned && $user['tempbantime']) {
AddField('account', 'admin', 'dopermaban', __('Make ban permanent'), 'checkbox', array('callback' => 'dummycallback'));
}
AddField('account', 'admin', 'globalblock', __('Globally block layout'), 'checkbox');
$aflags = array(0x1 => __('IP banned'), 0x2 => __('Errorbanned'));
AddField('account', 'admin', 'flags', __('Misc. settings'), 'bitmask', array('options' => $aflags));
}
// EDITPROFILE TAB -- LAYOUT --------------------------------------------------
if ($editUserMode || HasPermission('user.editpostlayout')) {
$pltext = $pltype ? __('Post layout') : __('Signature');
AddPage('layout', $pltext);
AddCategory('layout', 'postlayout', $pltext);
if ($pltype) {
AddField('layout', 'postlayout', 'postheader', __('Post header'), 'textarea', array('rows' => 16));
}
AddField('layout', 'postlayout', 'signature', __('Signature'), 'textarea', array('rows' => 16));
AddField('layout', 'postlayout', 'signsep', __('Show signature separator'), 'checkbox', array('negative' => true));
// TODO make a per-user permission for this one?
if ($pltype == 2) {
AddField('layout', 'postlayout', 'fulllayout', __('Apply layout to whole post box'), 'checkbox');
}
}
// EDITPROFILE TAB -- THEME ---------------------------------------------------
AddPage('theme', __('Theme'));
<input type="text" name="pollOption[' . $i . ']" value="' . $opttext . '" size=48 maxlength=40>
Color: <input type="text" name="pollColor[' . $i . ']" value="' . $color . '" size=10 maxlength=7 class="color {hash:true,required:false,pickerFaceColor:\'black\',pickerFace:3,pickerBorder:0,pickerInsetColor:\'black\',pickerPosition:\'left\',pickerMode:\'HVS\'}">
<input type="submit" name="pollRemove[' . $i . ']" value="×" onclick="removeOption(this.parentNode);return false;">
</div>';
}
}
$pollSettings .= '</div>';
$pollSettings .= '<input type="submit" name="pollAdd" value="' . __('Add option') . '" onclick="addOption();return false;">';
$moodSelects = array();
if ($_POST['mood']) {
$moodSelects[(int) $_POST['mood']] = "selected=\"selected\" ";
}
$moodOptions = "<option " . $moodSelects[0] . "value=\"0\">" . __("[Default avatar]") . "</option>\n";
$rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $loguserid);
while ($mood = Fetch($rMoods)) {
$moodOptions .= format("\n\t<option {0} value=\"{1}\">{2}</option>\n", $moodSelects[$mood['mid']], $mood['mid'], htmlspecialchars($mood['name']));
}
$mod_lock = '';
$mod_stick = '';
if (HasPermission('mod.closethreads', $forum['id'])) {
$mod_lock = "<label><input type=\"checkbox\" " . getCheck("lock") . " name=\"lock\"> " . __("Close thread", 1) . "</label>\n";
}
if (HasPermission('mod.stickthreads', $forum['id'])) {
$mod_stick = "<label><input type=\"checkbox\" " . getCheck("stick") . " name=\"stick\"> " . __("Sticky", 1) . "</label>\n";
}
$fields = array('title' => "<input type=\"text\" name=\"title\" size=80 maxlength=\"60\" value=\"{$trefill}\">", 'icon' => $iconSettings, 'pollQuestion' => "<input type=\"text\" name=\"pollQuestion\" value=\"" . htmlspecialchars($_POST['pollQuestion']) . "\" size=80 maxlength=\"100\">", 'pollOptions' => $pollSettings, 'pollMultivote' => "<label><input type=\"checkbox\" " . ($_POST['multivote'] ? "checked=\"checked\"" : "") . " name=\"multivote\"> " . __("Multivote", 1) . "</label>", 'text' => "<textarea id=\"text\" name=\"text\" rows=\"16\">\n{$prefill}</textarea>", 'mood' => "<select size=1 name=\"mood\">" . $moodOptions . "</select>", 'nopl' => "<label><input type=\"checkbox\" " . getCheck('nopl') . " name=\"nopl\"> " . __("Disable post layout", 1) . "</label>", 'nosm' => "<label><input type=\"checkbox\" " . getCheck('nosm') . " name=\"nosm\"> " . __("Disable smilies", 1) . "</label>", 'lock' => $mod_lock, 'stick' => $mod_stick, 'btnPost' => "<input type=\"submit\" name=\"actionpost\" value=\"" . __("Post") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">", 'btnAddPoll' => "<input type=\"submit\" name=\"addpoll\" value=\"" . __("Add poll") . "\" onclick=\"addPoll();return false;\">", 'btnRemovePoll' => "<input type=\"submit\" name=\"deletepoll\" value=\"" . __("Remove poll") . "\" onclick=\"removePoll();return false;\">");
echo "\n\t<script src=\"" . resourceLink("js/threadtagging.js") . "\"></script>\n\t<script src=\"" . resourceLink('js/polleditor.js') . "\"></script>\n\t<form name=\"postform\" action=\"" . htmlentities(actionLink("newthread", $fid)) . "\" method=\"post\" enctype=\"multipart/form-data\">";
RenderTemplate('form_newthread', array('fields' => $fields, 'pollMode' => (int) $_POST['poll']));
PostAttachForm($attachs);
echo "\n\t\t<input type=\"hidden\" name=\"poll\" id=\"pollModeVal\" value=\"" . (int) $_POST['poll'] . "\">\n\t</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.postform.text.focus();\n\t</script>\n";
LoadPostToolbar();
if (HasPermission('uploader.deletefiles')) {
$ndel = FetchResult("select count(*) from {uploader} u where u.user = {0} and u.private = 1 AND u.deldate!=0", $loguserid);
if ($ndel > 0) {
print " (and {$ndel} deleted)";
}
}
print ".<br />";
print "</td></tr>";
$cellClass = ($cellClass + 1) % 2;
if (HasPermission('uploader.viewprivate')) {
$filecount = FetchResult("select count(*) from {uploader} u where u.private = 1 AND u.deldate=0");
print "<tr class=\"cell{$cellClass}\"><td>";
print actionLinkTag("All private files", "uploaderlist", "", "cat=-2");
print "<br />";
print Plural($filecount, 'file');
if (HasPermission('uploader.deletefiles')) {
$ndel = FetchResult("select count(*) from {uploader} u where u.private = 1 AND u.deldate!=0");
if ($ndel > 0) {
print " (and {$ndel} deleted)";
}
}
print ".<br />";
print "</td></tr>";
}
}
print "</table>";
}
}
}
}
}
if ($_POST['mood']) {
$moodSelects[(int) $_POST['mood']] = "selected=\"selected\" ";
}
$moodOptions = "<option " . $moodSelects[0] . "value=\"0\">" . __("[Default avatar]") . "</option>\n";
$rMoods = Query("select mid, name from {moodavatars} where uid={0} order by mid asc", $loguserid);
while ($mood = Fetch($rMoods)) {
$moodOptions .= format("\n\t<option {0} value=\"{1}\">{2}</option>\n", $moodSelects[$mood['mid']], $mood['mid'], htmlspecialchars($mood['name']));
}
$ninja = FetchResult("select id from {posts} where thread={0} order by date desc limit 0, 1", $tid);
$mod_lock = '';
if (HasPermission('mod.closethreads', $fid)) {
if (!$thread['closed']) {
$mod_lock = "<label><input type=\"checkbox\" " . getCheck("lock") . " name=\"lock\"> " . __("Close thread", 1) . "</label>\n";
} else {
$mod_lock = "<label><input type=\"checkbox\" " . getCheck("unlock") . " name=\"unlock\"> " . __("Open thread", 1) . "</label>\n";
}
}
$mod_stick = '';
if (HasPermission('mod.stickthreads', $fid)) {
if (!$thread['sticky']) {
$mod_stick = "<label><input type=\"checkbox\" " . getCheck("stick") . " name=\"stick\"> " . __("Sticky", 1) . "</label>\n";
} else {
$mod_stick = "<label><input type=\"checkbox\" " . getCheck("unstick") . " name=\"unstick\"> " . __("Unstick", 1) . "</label>\n";
}
}
$fields = array('text' => "<textarea id=\"text\" name=\"text\" rows=\"16\">\n{$prefill}</textarea>", 'mood' => "<select size=1 name=\"mood\">" . $moodOptions . "</select>", 'nopl' => "<label><input type=\"checkbox\" " . getCheck('nopl') . " name=\"nopl\"> " . __("Disable post layout", 1) . "</label>", 'nosm' => "<label><input type=\"checkbox\" " . getCheck('nosm') . " name=\"nosm\"> " . __("Disable smilies", 1) . "</label>", 'lock' => $mod_lock, 'stick' => $mod_stick, 'btnPost' => "<input type=\"submit\" name=\"actionpost\" value=\"" . __("Post") . "\">", 'btnPreview' => "<input type=\"submit\" name=\"actionpreview\" value=\"" . __("Preview") . "\">");
echo "\n\t<form name=\"postform\" action=\"" . htmlentities(actionLink("newreply", $tid)) . "\" method=\"post\" enctype=\"multipart/form-data\">\n\t\t<input type=\"hidden\" name=\"ninja\" value=\"{$ninja}\">";
RenderTemplate('form_newreply', array('fields' => $fields));
PostAttachForm($attachs);
echo "\n\t\t</form>\n\t<script type=\"text/javascript\">\n\t\tdocument.postform.text.focus();\n\t</script>\n";
doThreadPreview($tid);
<?php
function fixyoutube($m)
{
$url = $m[1];
if (substr($url, 0, 4) != 'http') {
$url = 'http://www.youtube.com/watch?v=' . $url;
}
return '<a href=\\"' . htmlspecialchars($url) . '\\">(video)</a>';
}
require 'lib/common.php';
$fid = Settings::get('newsForum');
if (!HasPermission('forum.viewforum', $fid)) {
die("You aren't allowed to access this forum.");
}
$rFora = Query("select * from {forums} where id = {0}", $fid);
if (NumRows($rFora)) {
$forum = Fetch($rFora);
} else {
die("Unknown forum ID.");
}
header('Content-type: application/rss+xml');
$title = Settings::get('rssTitle');
$desc = Settings::get('rssDesc');
$url = "http" . ($ishttps ? 's' : '') . "://{$_SERVER['SERVER_NAME']}{$serverport}";
$fullurl = getServerURLNoSlash($ishttps);
print '<?xml version="1.0" encoding="UTF-8"?>';
?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
if ($_GET["key"] != $loguser["token"]) {
die("Nope!");
}
CheckPermission('user.voteposts');
$pid = (int) $_GET["id"];
$post = Fetch(Query("SELECT * FROM {posts} WHERE id = {0}", $pid));
if (!$post) {
die("Unknown post");
}
if ($post["user"] == $loguserid) {
die("Nope!");
}
$thread = Fetch(Query("SELECT * FROM {threads} WHERE id = {0}", $post["thread"]));
if (!$thread) {
die("Unknown thread");
}
if (!HasPermission('forum.viewforum', $thread['forum'])) {
die('Nice try hacker kid, but no.');
}
if ($thread["closed"]) {
die(__("Thread is closed"));
}
$vote = Fetch(Query("SELECT * FROM {postplusones} WHERE post = {0} AND user = {1}", $pid, $loguserid));
if (!$vote) {
Query("UPDATE {posts} SET postplusones = postplusones+1 WHERE id = {0} LIMIT 1", $pid);
Query("UPDATE {users} SET postplusones = postplusones+1 WHERE id = {0} LIMIT 1", $post["user"]);
Query("UPDATE {users} SET postplusonesgiven = postplusonesgiven+1 WHERE id = {0} LIMIT 1", $loguserid);
Query("INSERT INTO {postplusones} (user, post) VALUES ({0}, {1})", $loguserid, $pid);
$post["postplusones"]++;
}
echo formatPlusOnes($post["postplusones"]);
function CheckPermission($perm, $arg = 0, $guest = false)
{
global $loguserid, $loguser;
if (!HasPermission($perm, $arg, $guest)) {
if (!$loguserid) {
Kill(__('You must be logged in to perform this action.'));
} else {
if ($loguser['banned']) {
Kill(__('You may not perform this action because you are banned.'));
} else {
Kill(__('You may not perform this action.'));
}
}
}
}
