}
if (!$user->check_log() && !$anon_report) {
header('Location: index.php?page=account&s=home');
exit;
}
if (isset($_GET['type']) && $_GET['type'] != "" && isset($_GET['rid']) && is_numeric($_GET['rid'])) {
$type = $db->real_escape_string($_GET['type']);
$rid = $db->real_escape_string($_GET['rid']);
if ($type == "comment") {
$query = "UPDATE {$comment_table} SET spam=TRUE WHERE id='{$rid}'";
if ($db->query($query)) {
$cache = new cache();
$query = "SELECT post_id FROM {$comment_table} where id='{$rid}'";
$result = $db->query($query);
$row = $result->fetch_assoc();
$cache->destroy_page_cache("cache/" . $row['post_id']);
$cache->create_page_cache("cache/" . $row['post_id']);
print "pass";
} else {
print "fail";
}
} else {
if ($type == "post") {
$user = new user();
if (!$user->check_log()) {
header("Location: ../index.php?page=post&s=view&id={$rid}");
exit;
}
$reason = $db->real_escape_string(htmlentities($_POST['reason'], ENT_QUOTES, 'UTF-8'));
if (strlen($reason) > 0) {
$query = "UPDATE {$post_table} SET spam=TRUE, reason='{$reason}' WHERE id='{$rid}'";
function removeimage($id)
{
global $db, $post_table, $note_table, $note_history_table, $user_table, $group_table, $favorites_table, $favorites_count_table, $comment_table, $comment_vote_table, $deleted_image_table;
$can_delete = false;
$id = $db->real_escape_string($id);
$query = "SELECT directory, image, owner, tags, hash FROM {$post_table} WHERE id='{$id}'";
$result = $db->query($query);
$row = $result->fetch_assoc();
$image = $row['image'];
$dir = $row['directory'];
$owner = $row['owner'];
$tags = $row['tags'];
$hash = $row['hash'];
if (isset($_COOKIE['user_id']) && is_numeric($_COOKIE['user_id']) && isset($_COOKIE['pass_hash'])) {
$user_id = $db->real_escape_string($_COOKIE['user_id']);
$pass_hash = $db->real_escape_string($_COOKIE['pass_hash']);
$query = "SELECT user FROM {$user_table} WHERE id='{$user_id}' AND pass='******'";
$result = $db->query($query);
$row = $result->fetch_assoc();
$user = $row['user'];
$query = "SELECT t2.delete_posts FROM {$user_table} AS t1 JOIN {$group_table} AS t2 ON t2.id=t1.ugroup WHERE t1.id='{$user_id}' AND t1.pass='******'";
$result = $db->query($query);
$row = $result->fetch_assoc();
if (strtolower($user) == strtolower($owner) && $user != "Anonymous" || $row['delete_posts'] == true) {
$can_delete = true;
}
}
if ($can_delete == true) {
$cache = new cache();
$query = "SELECT parent FROM {$post_table} WHERE id='{$id}'";
$result = $db->query($query);
$row = $result->fetch_assoc();
if ($row['parent'] != "" && $row['parent'] != 0) {
$cache->destroy("../cache/" . $row['parent'] . "/post.cache");
}
$query = "DELETE FROM {$post_table} WHERE id='{$id}'";
$db->query($query);
$query = "DELETE FROM {$note_table} WHERE post_id='{$id}'";
$db->query($query);
$query = "DELETE FROM {$note_history_table} WHERE post_id='{$id}'";
$db->query($query);
$query = "DELETE FROM {$comment_table} WHERE post_id='{$id}'";
$db->query($query);
$query = "DELETE FROM {$comment_vote_table} WHERE post_id='{$id}'";
$db->query($query);
$query = "SELECT user_id FROM {$favorites_table} WHERE favorite='{$id}' ORDER BY user_id";
$result = $db->query($query);
while ($row = $result->fetch_assoc()) {
$ret = "UPDATE {$favorites_count_table} SET fcount=fcount-1 WHERE user_id='" . $row['user_id'] . "'";
$db->query($ret);
}
$query = "DELETE FROM {$favorites_table} WHERE favorite='{$id}'";
$db->query($query);
$query = "DELETE FROM {$parent_child_table} WHERE parent='{$id}'";
$db->query($query);
$query = "SELECT id FROM {$post_table} WHERE parent='{$id}'";
$result = $db->query($query);
while ($row = $result->fetch_assoc()) {
$cache->destroy("../cache/" . $id . "/post.cache");
}
$query = "UPDATE {$post_table} SET parent='' WHERE parent='{$id}'";
$db->query($query);
unlink("../images/" . $dir . "/" . $image);
$thumb = explode($image);
array_pop($thumb);
$thumb = implode($thumb) . ".jpg";
unlink("../thumbnails/" . $dir . "/thumbnail_" . $thumb);
$this->folder_index_decrement($dir);
$itag = new tag();
$tags = explode(" ", $tags);
$misc = new misc();
foreach ($tags as $tag) {
if ($tag != "") {
$itag->deleteindextag($tag);
if (is_dir("../search_cache/" . $misc->windows_filename_fix($tag) . "/")) {
$cache->destroy_page_cache("../search_cache/" . $misc->windows_filename_fix($tag) . "/");
}
}
}
$query = "UPDATE {$post_count_table} SET last_update='20060101' WHERE access_key='posts'";
$db->query($query);
$query = "INSERT INTO {$deleted_image_table}(hash) VALUES('{$hash}')";
$db->query($query);
return true;
}
return false;
}
if (is_dir("{$main_cache_dir}" . "" . "cache/" . $next_id) && "{$main_cache_dir}" . "" . "cache/" . $next_id != "{$main_cache_dir}" . "" . "cache/") {
$cache->destroy_page_cache("cache/" . $next_id);
}
header("Location:../index.php?page=post&s=list");
} else {
header("Location:../index.php?page=post&s=view&id={$id}");
}
} else {
if (isset($_GET['removecomment']) && $_GET['removecomment'] == 1) {
$permission = $user->gotpermission('delete_comments');
if ($permission == true) {
$post_id = $db->real_escape_string($_GET['post_id']);
$query = "SELECT * FROM {$comment_table} WHERE id='{$id}' LIMIT 1";
$result = $db->query($query);
if ($result->num_rows == "1") {
$query = "DELETE FROM {$comment_table} WHERE id='{$id}'";
$db->query($query);
$query = "DELETE FROM {$comment_vote_table} WHERE comment_id='{$id}'";
$db->query($query);
$query = "UPDATE {$post_count_table} SET pcount=pcount-1 WHERE access_key = 'comment_count'";
$db->query($query);
}
$cache = new cache();
$cache->destroy_page_cache("cache/" . $post_id);
$cache->create_page_cache("cache/" . $post_id);
}
header("Location:../index.php?page=post&s=view&id={$post_id}");
}
}
}
}
$mtags = explode(" ", $tags);
foreach ($mtags as $current) {
if ($current != "") {
if (is_dir("{$main_cache_dir}" . "" . "search_cache/" . $misc->windows_filename_fix($current) . "/")) {
$cache->destroy_page_cache("search_cache/" . $misc->windows_filename_fix($current) . "/");
}
}
}
}
$cache = new cache();
$misc = new misc();
$query = "SELECT rating, tags FROM {$post_table} WHERE id='{$id}' LIMIT 1";
$result = $db->query($query) or die($db->error);
$row = $result->fetch_assoc();
if ($row['rating'] != $rating) {
$tmp_tags = explode(" ", $row['tags']);
foreach ($tmp_tags as $current) {
$cache->destroy_page_cache("search_cache/" . $misc->windows_filename_fix($current) . "/");
}
}
if ($parent == '') {
$parent = 0;
}
if ($parent != $tmp_parent) {
$query = "UPDATE {$post_count_table} SET last_update='20060101' WHERE access_key='posts'";
$db->query($query);
}
$query = "UPDATE {$post_table} SET title='{$title}', tags='{$tags}', recent_tags='{$new_tags}', rating='{$rating}', source='{$source}', parent='{$parent}' WHERE id='{$id}'";
$db->query($query);
$cache->destroy("cache/" . $id . "/post.cache");
@header("Location:../index.php?page=post&s=view&id={$id}");
$db->query($query) or die($db->error);
$cache = new cache();
if ($parent != '' && is_numeric($parent)) {
$parent_check = "SELECT COUNT(*) FROM {$post_table} WHERE id='{$parent}'";
$pres = $db->query($parent_check);
$prow = $pres->fetch_assoc();
if ($prow['COUNT(*)'] > 0) {
$temp = "INSERT INTO {$parent_child_table}(parent,child) VALUES('{$parent}','" . $row['id'] . "')";
$db->query($temp);
$temp = "UPDATE {$post_table} SET parent='{$parent}' WHERE id='" . $row['id'] . "'";
$db->query($temp);
$cache->destroy("cache/" . $parent . "/post.cache");
}
}
if (is_dir("{$main_cache_dir}" . "" . "cache/" . $row['id'])) {
$cache->destroy_page_cache("cache/" . $row['id']);
}
$query = "SELECT id FROM {$post_table} WHERE id < " . $row['id'] . " ORDER BY id DESC LIMIT 1";
$result = $db->query($query);
$row = $result->fetch_assoc();
$cache->destroy_page_cache("cache/" . $row['id']);
$query = "UPDATE {$post_count_table} SET last_update='20060101' WHERE access_key='posts'";
$db->query($query);
$query = "UPDATE {$user_table} SET post_count = post_count+1 WHERE id='{$checked_user_id}'";
$db->query($query);
print '<script>alert("Image added!")</script>';
}
}
}
header("Cache-Control: store, cache");
header("Pragma: cache");
$comment->add($_POST['comment'], $user, $id, $ip, $user_id);
$cache = new cache();
$cache->destroy_page_cache("cache/" . $id);
$cache->create_page_cache("cache/" . $id);
header("Location:index.php?page=post&s=view&id={$id}");
} else {
if (isset($_GET['s']) && isset($_GET['cid']) && is_numeric($_GET['cid']) && isset($_GET['vote'])) {
$vote = $_GET['vote'];
$id = $_GET['post_id'];
$cid = $_GET['cid'];
if ($user == "Anonymous" && !$anon_vote) {
header('Location: index.php?page=account&s=home');
exit;
}
$cache = new cache();
@$cache->destroy_page_cache("cache/" . $id);
@$cache->create_page_cache("cache/" . $id);
$comment->vote($cid, $vote, $user, $id, $user_id);
} else {
if (isset($_GET['s']) && $_GET['s'] === "view" && isset($_GET['cid']) && is_numeric($_GET['cid'])) {
header("Cache-Control: store, cache");
header("Pragma: cache");
require "includes/header.php";
$cid = $db->real_escape_string($_GET['cid']);
$query = "SELECT post_id, comment, user, posted_at, score FROM {$comment_table} WHERE id='{$cid}'";
$result = $db->query($query);
$row = $result->fetch_assoc();
echo '<a href="index.php?page=post&s=view&id=' . $row['post_id'] . '">' . $row['post_id'] . '</a> ' . $misc->swap_bbs_tags($misc->linebreaks($misc->short_url(htmlentities($row['comment'], ENT_QUOTES, "UTF-8")))) . ' ' . $row['user'] . ' ' . $row['posted_at'] . ' ' . $row['score'];
$result->free_result();
}
}
Starting #:<br>
<input type="text" name="start">
<br><br>
Ending #:<br>
<input type="text" name="end">
<br><br>
<input type="submit">
</form>
';
} else {
$cache = new cache();
$start = $db->real_escape_string($_POST['start']);
$end = $db->real_escape_string($_POST['end']);
$parent_id = $db->real_escape_string($_POST['parent']);
while ($start <= $end) {
$cache->destroy_page_cache("cache/" . $start);
$parent_check1 = "SELECT COUNT(*) FROM {$post_table} WHERE id='{$parent_id}'";
$pres1 = $db->query($parent_check1);
$prow1 = $pres1->fetch_assoc();
if ($prow1['COUNT(*)'] > 0) {
$temp = "INSERT INTO {$parent_child_table}(parent,child) VALUES('{$parent_id}','{$start}')";
$db->query($temp);
$temp = "UPDATE {$post_table} SET parent='{$parent_id}' WHERE id='{$start}'";
$db->query($temp);
}
$start++;
}
}
if ($results = $db->query($sql_query)) {
$tag_obj = new tag();
$user = new user();
$cache = new cache();
$image = new image();
echo "Query returned " . $results->num_rows . " rows<br/>";
$post = $results->fetch_assoc();
while (!is_null($post)) {
if ($debug || isset($_GET['display_ids'])) {
echo "ID: '" . $post['id'] . "' Title: '" . $post['title'] . "'<br/> Tags: " . $post['tags'] . "<br/><br/>";
} else {
if ($image->removeimage($post['id']) == true) {
$delete_count++;
echo "<span style=\"color: rgb(0, 255, 0);\">Image " . $post['id'] . " successfully deleted!</span><br/>";
//copied the rest from remove.php
$cache->destroy_page_cache("cache/" . $post['id']);
$query = "SELECT id FROM {$post_table} WHERE id < " . $post['id'] . " ORDER BY id DESC LIMIT 1";
if ($result = $db->query($query)) {
$row = $result->fetch_assoc();
$prev_id = $row['id'];
$result->free_result();
} else {
echo "<strong>No previous ID, Cannot remove image from cache!</strong><br/>\r\n\t\t\t\t\t\tHere's the query: {$query}<br/>\r\n\t\t\t\t\t\tand here's the error(" . $db->errno . "): " . $db->error . "<br/><br/>";
$post = $results->fetch_assoc();
continue;
}
$query = "SELECT id FROM {$post_table} WHERE id > " . $post['id'] . " ORDER BY id ASC LIMIT 1";
if ($result = $db->query($query)) {
$row = $result->fetch_assoc();
$next_id = $row['id'];
$result->free_result();
