while ($movetopic = DB_fetchArray($moveResult)) {
DB_query("UPDATE {$_TABLES['gf_topic']} SET forum='{$newforumid}' WHERE id='{$movetopic['id']}'");
}
// Update any topic subscription records - need to change the forum ID record
DB_query("UPDATE {$_TABLES['gf_watch']} SET forum_id = '{$newforumid}' WHERE topic_id='{$moveid}'");
DB_query("UPDATE {$_TABLES['gf_topic']} SET forum = '{$newforumid}', moved = '1' WHERE id={$moveid}");
// Update the Last Post Information
gf_updateLastPost($newforumid, $moveid);
gf_updateLastPost($forum);
// Update Topic and Post Count for the effected forums
DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count=topic_count+1, post_count=post_count+{$postCount} WHERE forum_id={$newforumid}");
DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count=topic_count-1, post_count=post_count-{$postCount} WHERE forum_id={$forum}");
// Remove any lastviewed records in the log so that the new updated topic indicator will appear
DB_query("DELETE FROM {$_TABLES['gf_log']} WHERE topic='{$moveid}'");
$link = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$moveid}";
forum_statusMessage($LANG_GF02['msg163'], $link, $LANG_GF02['msg163']);
}
gf_siteFooter();
exit;
}
}
if ($modfunction == 'deletepost' and forum_modPermission($forum, $_USER['uid'], 'mod_delete') and $fortopicid != 0) {
if ($top == 'yes') {
$alertmessage = $LANG_GF02['msg65'] . "<p>";
} else {
$alertmessage = '';
}
$subject = DB_getITEM($_TABLES['gf_topic'], "subject", "id='{$msgpid}'");
$alertmessage .= sprintf($LANG_GF02['msg64'], $fortopicid, $subject);
$promptform = '<p><FORM ACTION="' . $_CONF['site_url'] . '/forum/moderation.php" METHOD="POST">';
$promptform .= '<INPUT TYPE="hidden" NAME="modconfirmdelete" VALUE="1">';
}
} elseif ($op == 'banip' && $ip == '') {
$messagetemplate = new Template($_CONF['path_layout'] . 'forum/layout/admin');
$messagetemplate->set_file(array('messagetemplate' => 'message.thtml'));
$messagetemplate->set_var('message', $LANG_GF01['ERROR']);
$messagetemplate->set_var('transfer', $LANG_GF96['specip']);
$messagetemplate->parse('output', 'messagetemplate');
echo $messagetemplate->finish($messagetemplate->get_var('output'));
echo COM_endBlock();
echo adminfooter();
echo COM_siteFooter(true);
exit;
}
if ($op == 'unban' && $ip != '') {
DB_query("DELETE FROM {$_TABLES['gf_banned_ip']} WHERE (host_ip='{$ip}')");
forum_statusMessage($LANG_GF96['ipunbanned'], $_CONF['site_admin_url'] . '/plugins/forum/ips.php', $LANG_GF96['ipunbanned']);
echo COM_endBlock();
echo adminfooter();
echo COM_siteFooter();
}
if (!empty($forum)) {
$theforum = "WHERE forum='{$forum}'";
} else {
$theforum = '';
}
if ($op == '') {
$bannedsql = DB_query("SELECT * FROM {$_TABLES['gf_banned_ip']} ORDER BY host_ip DESC");
$bannum = DB_numRows($bannedsql);
$p = new Template($_CONF['path_layout'] . 'forum/layout/admin');
$p->set_file(array('page' => 'banip_mgmt.thtml', 'records' => 'ip_records.thtml'));
if ($bannum == 0) {
forum_chkUsercanAccess(true);
// SAVE SETTINGS
if (isset($_POST['submit'])) {
$xtopicsperpage = COM_applyFilter($_POST['xtopicsperpage'], true);
$xpostsperpage = COM_applyFilter($_POST['xpostsperpage'], true);
$xpopularlimit = COM_applyFilter($_POST['xpopularlimit'], true);
$xmessagesperpage = COM_applyFilter($_POST['xmessagesperpage'], true);
$xsearchlines = COM_applyFilter($_POST['xsearchlines'], true);
$xmembersperpage = COM_applyFilter($_POST['xmembersperpage'], true);
$xemailnotify = COM_applyFilter($_POST['xemailnotify'], true);
$xviewanonposts = COM_applyFilter($_POST['xviewanonposts'], true);
$xalwaysnotify = COM_applyFilter($_POST['xalwaysnotify'], true);
$xnotifyonce = COM_applyFilter($_POST['xnotifyonce'], true);
$xshowiframe = COM_applyFilter($_POST['xshowiframe'], true);
DB_query("UPDATE {$_TABLES['gf_userprefs']} SET\r\n topicsperpage='{$xtopicsperpage}',\r\n postsperpage='{$xpostsperpage}',\r\n popularlimit='{$xpopularlimit}',\r\n searchlines='{$xsearchlines}',\r\n membersperpage='{$xmembersperpage}',\r\n enablenotify='{$xemailnotify}',\r\n viewanonposts='{$xviewanonposts}',\r\n alwaysnotify='{$xalwaysnotify}',\r\n notify_once='{$xnotifyonce}',\r\n showiframe='{$xshowiframe}'\r\n WHERE uid='{$_USER['uid']}'");
forum_statusMessage($LANG_GF92['setsavemsg'], $_CONF['site_url'] . '/forum/userprefs.php', $LANG_GF92['setsavemsg']);
gf_siteFooter();
exit;
}
// SETTINGS MAIN
if (!isset($_POST['$submit'])) {
// Get user specific settings from database
$result = DB_query("SELECT * FROM {$_TABLES['gf_userprefs']} WHERE uid='{$_USER['uid']}'");
$nrows = DB_numRows($result);
if ($nrows == 0) {
// Insert a new blank record. Defaults are set in SQL Defintion for table.
DB_query("INSERT INTO {$_TABLES['gf_userprefs']} (uid) VALUES ('{$_USER['uid']}')");
$result = DB_query("SELECT * FROM {$_TABLES['gf_userprefs']} WHERE uid='{$_USER['uid']}'");
}
$A = DB_fetchArray($result);
if ($A['viewanonposts'] == 1) {
DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE (id='{$id}')");
$notifytype = COM_applyFilter($_GET['filter']);
forum_statusMessage($LANG_GF02['msg42'], "{$_CONF['site_url']}/forum/notify.php?filter={$notifytype}", $LANG_GF02['msg42']);
exit;
} elseif ($_REQUEST['submit'] == 'delete2' and $id != '') {
// Check and see if subscribed to complete forum and if so - unsubscribe to just this topic
if (DB_getItem($_TABLES['gf_watch'], 'topic_id', "id='{$id}'") == 0) {
$ntopic = -$topic;
// Negative Value
DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$_USER['uid']}' AND forum_id='{$forum}' and topic_id = '{$topic}'");
DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$_USER['uid']}' AND forum_id='{$forum}' and topic_id = '{$ntopic}'");
DB_query("INSERT INTO {$_TABLES['gf_watch']} (forum_id,topic_id,uid,date_added) VALUES ('{$forum}','{$ntopic}','{$_USER['uid']}',now() )");
} else {
DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE (id='{$id}')");
}
forum_statusMessage($LANG_GF02['msg146'], $_CONF['site_url'] . "/forum/viewtopic.php?showtopic={$topic}", $LANG_GF02['msg146']);
exit;
}
// NOTIFY MAIN
$notifytype = COM_applyFilter($_REQUEST['filter']);
$op = COM_applyFilter($_REQUEST['op']);
$show = COM_applyFilter($_GET['show'], true);
$page = COM_applyFilter($_GET['page'], true);
// Page Navigation Logic
if ($show == 0) {
$show = $CONF_FORUM['show_messages_perpage'];
}
// Check if this is the first page.
if ($page == 0) {
$page = 1;
}
$level2name = @htmlspecialchars($_POST['level2name'], ENT_QUOTES, $CONF_FORUM['charset']);
$level3name = @htmlspecialchars($_POST['level3name'], ENT_QUOTES, $CONF_FORUM['charset']);
$level4name = @htmlspecialchars($_POST['level4name'], ENT_QUOTES, $CONF_FORUM['charset']);
$level5name = @htmlspecialchars($_POST['level5name'], ENT_QUOTES, $CONF_FORUM['charset']);
$cb_enable = COM_applyFilter($_POST['cb_enable'], true);
$cb_homepage = COM_applyFilter($_POST['cb_homepage'], true);
$cb_where = COM_applyFilter($_POST['cb_where'], true);
$cb_subjectsize = COM_applyFilter($_POST['cb_subjectsize'], true);
$cb_numposts = COM_applyFilter($_POST['cb_numposts'], true);
$sb_subjectsize = COM_applyFilter($_POST['sb_subjectsize'], true);
$sb_numposts = COM_applyFilter($_POST['sb_numposts'], true);
$sb_latestposts = COM_applyFilter($_POST['sb_latestposts'], true);
$CONF_FORUM['autorefresh_delay'] = $refreshdelay;
// Set this so that it can take immediate effect
DB_query("UPDATE {$_TABLES['gf_settings']} SET \r\n registrationrequired='{$registrationrequired}',\r\n registerpost='{$registerpost}',\r\n allowhtml='{$allowhtml}',\r\n glfilter='{$glfilter}',\r\n censor='{$censor}',\r\n showmood='{$showmood}',\r\n allowsmilies='{$allowsmilies}',\r\n allow_notify='{$allow_notify}',\r\n post_htmlmode='{$post_htmlmode}',\r\n allow_userdatefmt='{$allow_userdatefmt}',\r\n showiframe='{$showiframe}',\r\n autorefresh='{$autorefresh}',\r\n refresh_delay='{$refresh_delay}',\r\n viewtopicnumchars='{$viewtopicnumchars}',\r\n topicsperpage='{$topicsperpage}',\r\n postsperpage='{$postsperpage}',\r\n messagesperpage='{$messagesperpage}',\r\n searchesperpage='{$searchesperpage}',\r\n popular='{$popular}',\r\n speedlimit='{$speedlimit}',\r\n edit_timewindow='{$edit_timewindow}',\r\n use_spamxfilter='{$use_spamxfilter}',\r\n use_geshi_formatting='{$use_geshi_formatting}',\r\n use_pmplugin='{$use_pmplugin}',\r\n use_smiliesplugin='{$use_smiliesplugin}',\r\n min_comment_len='{$min_comment_len}',\r\n min_name_len='{$min_name_len}',\r\n min_subject_len='{$min_subject_len}',\r\n html_newline='{$html_newline}',\r\n level1='{$level1}',\r\n level2='{$level2}',\r\n level3='{$level3}',\r\n level4='{$level4}',\r\n level5='{$level5}', \r\n level1name='{$level1name}',\r\n level2name='{$level2name}',\r\n level3name='{$level3name}',\r\n level4name='{$level4name}',\r\n level5name='{$level5name}',\r\n cb_enable='{$cb_enable}',\r\n cb_homepage='{$cb_homepage}',\r\n cb_where='{$cb_where}',\r\n cb_subjectsize='{$cb_subjectsize}',\r\n cb_numposts='{$cb_numposts}',\r\n sb_subjectsize='{$sb_subjectsize}',\r\n sb_numposts='{$sb_numposts}',\r\n sb_latestposts='{$sb_latestposts}'\r\n ");
forum_statusMessage($LANG_GF92['setsave'], "{$_CONF['site_admin_url']}/plugins/forum/settings.php", $LANG_GF92['setsavemsg']);
echo COM_endBlock();
echo COM_siteFooter();
exit;
}
$result = DB_query("SELECT * FROM {$_TABLES['gf_settings']}");
/* Retrieve Settings that can be over-ridden by user preference to show global settings */
$A = DB_fetchArray($result);
$CONF_FORUM['show_topicreview'] = $A['showiframe'];
$CONF_FORUM['use_autorefresh'] = $A['autorefresh'];
$CONF_FORUM['views_tobe_popular'] = $A['popular'];
// * Added as of Version 2.4
$CONF_FORUM['show_subject_length'] = $A['viewtopicnumchars'];
$CONF_FORUM['show_topics_perpage'] = $A['topicsperpage'];
$CONF_FORUM['show_posts_perpage'] = $A['postsperpage'];
$CONF_FORUM['statusmsg_pause'] = $A['statusmsg_pause'];
DB_query($sql);
} elseif ($notify == 'on' and $currentTopicUnNotifyRecID > 1) {
// Had un-subcribed to topic and now wants to subscribe
DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE id={$currentTopicUnNotifyRecID}");
} elseif ($notify == '' and $currentTopicNotifyRecID > 1) {
// Subscribed to topic - but does not want to be notified anymore
DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$uid}' AND forum_id='{$forum}' and topic_id = '{$id}'");
} elseif ($notify == '' and $currentForumNotifyRecID > 1) {
// Subscribed to forum - but does not want to be notified about this topic
DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$uid}' AND forum_id='{$forum}' and topic_id = '{$id}'");
DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$uid}' AND forum_id='{$forum}' and topic_id = '{$nid}'");
DB_query("INSERT INTO {$_TABLES['gf_watch']} (forum_id,topic_id,uid,date_added) VALUES ('{$forum}','{$nid}','{$uid}',now() )");
}
COM_updateSpeedlimit('forum');
$link = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$id}&lastpost=true#{$lastid}";
forum_statusMessage($LANG_GF02['msg19'], $link, $LANG_GF02['msg19'], true, $forum);
}
} else {
alertMessage($LANG_GF02['msg18']);
}
}
}
if ($msg == '') {
gf_siteFooter();
exit;
}
}
// EDIT MESSAGE
$comment = COM_stripslashes($_POST['comment']);
if ($id > 0) {
$sql = "SELECT a.forum,a.pid,a.comment,a.date,a.locked,a.subject,a.mood,a.sticky,a.uid,a.name,a.postmode,";
} else {
$link = "<p><a href=\"{$_CONF['site_url']}/forum/index.php?forum={$forum}\">{$LANG_GF02['msg175']}</a><p />";
$report->set_var('bottomlink', $link);
}
$report->parse('output', 'report');
echo $report->finish($report->get_var('output'));
// Display Common headers
gf_siteFooter();
exit;
}
if ($op == 'subscribe') {
if ($forum != 0) {
DB_query("INSERT INTO {$_TABLES['gf_watch']} (forum_id,topic_id,uid,date_added) VALUES ('{$forum}','0','{$_USER['uid']}', now() )");
// Delete all individual topic notification records
DB_query("DELETE FROM {$_TABLES['gf_watch']} WHERE uid='{$_USER['uid']}' AND forum_id='{$forum}' and topic_id > '0' ");
forum_statusMessage($LANG_GF02['msg134'], $_CONF['site_url'] . '/forum/index.php?forum=' . $forum, $LANG_GF02['msg135']);
} else {
BlockMessage($LANG_GF01['ERROR'], $LANG_GF02['msg136'], false);
}
// Display Common headers
gf_siteFooter();
exit;
}
// MAIN CODE BEGINS to view forums or topics within a forum
ForumHeader($forum, $showtopic);
// Check if the number of records was specified to show - part of page navigation.
// Will be 0 if not set - as I'm now passing this tru gf_applyFilte() at top of script
if ($show == 0 and $CONF_FORUM['show_topics_perpage'] > 0) {
$show = $CONF_FORUM['show_topics_perpage'];
} elseif ($show == 0) {
$show = 20;
}
// Pass thru filter any get or post variables to only allow numeric values and remove any hostile data
$id = COM_applyFilter($_REQUEST['id'], true);
//Check is anonymous users can access
if ($CONF_FORUM['registration_required'] && $_USER['uid'] < 2) {
echo COM_siteHeader();
echo COM_startBlock();
alertMessage($LANG_GF02['msg01'], $LANG_GF02['msg171']);
echo COM_endBlock();
echo COM_siteFooter();
exit;
}
//Check is anonymous users can access
if ($id == 0 or DB_count($_TABLES['gf_topic'], "id", "{$id}") == 0) {
echo COM_siteHeader();
forum_statusMessage($LANG_GF02['msg166'], $_CONF['site_url'] . "/forum/index.php?forum={$forum}", $LANG_GF02['msg166']);
echo COM_siteFooter();
exit;
}
$forum = DB_getItem($_TABLES['gf_topic'], "forum", "id='{$id}'");
$query = DB_query("SELECT grp_name from {$_TABLES['groups']} groups, {$_TABLES['gf_forums']} forum WHERE forum.forum_id='{$forum}' AND forum.grp_id=groups.grp_id");
list($groupname) = DB_fetchArray($query);
if (!SEC_inGroup($groupname) and $grp_id != 2) {
echo COM_siteHeader();
alertMessage($LANG_GF02['msg02'], $LANG_GF02['msg171']);
echo COM_siteFooter();
exit;
}
$result = DB_query("SELECT * FROM {$_TABLES['gf_topic']} WHERE (id='{$id}')");
$A = DB_fetchArray($result);
if ($CONF_FORUM['allow_smilies']) {
$privgroup = COM_applyFilter($_POST['privgroup'], true);
$is_readonly = COM_applyFilter($_POST['is_readonly'], true);
$is_hidden = COM_applyFilter($_POST['is_hidden'], true);
$no_newposts = COM_applyFilter($_POST['no_newposts'], true);
if ($privgroup == 0) {
$privgroup = 2;
}
$attachmentgroup = COM_applyFilter($_POST['attachmentgroup'], true);
if ($attachmentgroup == 0) {
$privgroup = 1;
}
$sql = "UPDATE {$_TABLES['gf_forums']} SET forum_name='{$name}',forum_dscp='{$dscp}', grp_id={$privgroup}, ";
$sql .= "is_hidden='{$is_hidden}', is_readonly='{$is_readonly}', no_newposts='{$no_newposts}',use_attachment_grpid={$attachmentgroup} ";
$sql .= "WHERE forum_id='{$id}'";
DB_query($sql);
forum_statusMessage($LANG_GF93['forumedited'], $_CONF['site_admin_url'] . '/plugins/forum/boards.php', $LANG_GF93['forumedited']);
echo COM_endBlock();
echo COM_siteFooter();
exit;
} elseif ($mode == $LANG_GF01['RESYNC']) {
gf_resyncforum($id);
} elseif ($mode == $LANG_GF01['EDIT']) {
$sql = "SELECT forum_name,forum_cat,forum_dscp,grp_id,use_attachment_grpid,forum_order,is_hidden,is_readonly,no_newposts ";
$sql .= "FROM {$_TABLES['gf_forums']} WHERE (forum_id='{$id}')";
$resForum = DB_query($sql);
list($forum_name, $forum_category, $forum_dscp, $privgroup, $attachgroup, $forum_order, $is_hidden, $is_readonly, $no_newposts) = DB_fetchArray($resForum);
$resGroups = DB_query("SELECT DISTINCT grp_id,grp_name FROM {$_TABLES['groups']}");
$nrows = DB_numRows($resGroups);
$grouplist = '';
$attachgrouplist = '';
while (list($grp, $name) = DB_fetchARRAY($resGroups)) {
