<?php
include "lib/common.php";
AssertForbidden("optimize");
$rStats = Query("show table status");
while ($stat = Fetch($rStats)) {
$tables[$stat['Name']] = $stat;
}
$tablelist = "";
$total = 0;
foreach ($tables as $table) {
$cellClass = ($cellClass + 1) % 2;
$overhead = $table['Data_free'];
$total += $overhead;
$status = __("OK");
if ($overhead > 0) {
Query("OPTIMIZE TABLE `" . $table['Name'] . "`");
$status = "<strong>" . __("Optimized") . "</strong>";
}
$tablelist .= format("\n\t<tr class=\"cell{0}\">\n\t\t<td class=\"cell2\">{1}</td>\n\t\t<td>\n\t\t\t{2}\n\t\t</td>\n\t\t<td>\n\t\t\t{3}\n\t\t</td>\n\t\t<td>\n\t\t\t{4}\n\t\t</td>\n\t</tr>\n", $cellClass, $table['Name'], $table['Rows'], $overhead, $status);
}
write("\n<table class=\"outline margin\">\n\t<tr class=\"header0\">\n\t\t<th colspan=\"7\">\n\t\t\t" . __("Table Status") . "\n\t\t</th>\n\t</tr>\n\t<tr class=\"header1\">\n\t\t<th>\n\t\t\t" . __("Name") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Rows") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Overhead") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Final Status") . "\n\t\t</th>\n\t</tr>\n\t{0}\n\t<tr class=\"header0\">\n\t\t<th colspan=\"7\" style=\"font-size: 130%;\">\n\t\t\t" . __("Excess trimmed: {1} bytes") . "\n\t\t</th>\n\t</tr>\n</table>\n\n", $tablelist, $total);
<?php
$title = __("Mood avatars");
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Mood avatars"), "editavatars"));
makeBreadcrumbs($crumbs);
AssertForbidden("editMoods");
if (!$loguserid) {
Kill(__("You must be logged in to edit your avatars."));
}
if (isset($_POST['action'])) {
$mid = (int) $_POST['mid'];
if ($_POST['action'] == __("Rename")) {
Query("update {moodavatars} set name={0} where mid={1} and uid={2}", $_POST['name'], $mid, $loguserid);
Alert(__("Avatar renamed."), __("Okay"));
} else {
if ($_POST['action'] == __("Delete")) {
Query("delete from {moodavatars} where uid={0} and mid={1}", $loguserid, $mid);
Query("update {posts} set mood=0 where user={0} and mood={1}", $loguserid, $mid);
if (file_exists("{$dataDir}avatars/" . $loguserid . "_" . $mid)) {
unlink("{$dataDir}avatars/" . $loguserid . "_" . $mid);
}
Alert(__("Avatar deleted."), __("Okay"));
} else {
if ($_POST['action'] == __("Add")) {
$highest = FetchResult("select mid from {moodavatars} where uid={0} order by mid desc limit 1", $loguserid);
if ($highest < 1) {
$highest = 1;
}
$mid = $highest + 1;
//Begin copypasta from edituser/editprofile_avatar...
$cat = getCategory($_GET["cat"]);
if (!is_numeric($_GET["cat"])) {
Kill('Invalid category');
}
$cat = getCategory($_GET["cat"]);
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Uploader"), "uploader"));
$crumbs->add(new PipeMenuLinkEntry($cat["name"], "uploaderlist", "", "cat=" . $cat["id"]));
$crumbs->add(new PipeMenuTextEntry(__("Upload file")));
makeBreadcrumbs($crumbs);
if ($loguserid && IsAllowed("useUploader")) {
print format("\n\t\t<script type=\"text/javascript\">\n\t\t\twindow.addEventListener(\"load\", function() { hookUploadCheck(\"newfile\", 1, {1}) }, false);\n\t\t</script>\n\t\t<form action=\"" . actionLink("uploader") . "\" method=\"post\" enctype=\"multipart/form-data\">\n\t\t\t<input type='hidden' name='cat' value='{$_GET["cat"]}'>\n\t\t\t<table class=\"outline margin\">\n\t\t\t\t<tr class=\"header0\">\n\t\t\t\t\t<th colspan=\"4\">" . __("Upload") . "</th>\n\t\t\t\t</tr>\n\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t<td>File</td><td>\n\t\t\t\t\t\t<input type=\"file\" id=\"newfile\" name=\"newfile\" style=\"width: 80%;\" />\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr class=\"cell1\">\n\t\t\t\t\t<td>Description</td><td>\n\t\t\t\t\t\t<input type=\"text\" name=\"description\" style=\"width: 80%;\" />\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t<td></td><td>\n\t\t\t\t\t\t<input type=\"submit\" id=\"submit\" name=\"action\" value=\"" . __("Upload") . "\" disabled=\"disabled\" />\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr class=\"cell1 smallFonts\">\n\t\t\t\t\t<td colspan=\"3\">\n\t\t\t\t\t\t" . __("The maximum upload size is {0} per file. You can upload the following types: {2}.") . "\n\t\t\t\t\t\t<div id=\"sizeWarning\" style=\"display: none; font-weight: bold\">" . __("File is too large.") . "</div>\n\t\t\t\t\t\t<div id=\"typeWarning\" style=\"display: none; font-weight: bold\">" . __("File is not an allowed type.") . "</div>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t</form>\n\t\t", BytesToSize($maxSizeMult), $maxSizeMult, Settings::pluginGet('uploaderWhitelist'));
}
} else {
if ($_GET['action'] == __("Upload")) {
AssertForbidden("useUploader");
if ($loguserid) {
$cat = getCategory($_POST["cat"]);
$targetdir = $rootdir;
$quot = $quota;
$privateFlag = 0;
if ($_POST['cat'] == -1) {
$quot = $pQuota;
$targetdir = $rootdir . "/" . $loguserid;
$privateFlag = 1;
}
$totalsize = foldersize($targetdir);
mkdir($targetdir);
$files = scandir($targetdir);
if (in_array($_FILES['newfile']['name'], $files)) {
Alert(format(__("The file \"{0}\" already exists. Please delete the old copy before uploading a new one."), $_FILES['newfile']['name']));
<?php
// AcmlmBoard XD - Member list page
// Access: all
include "lib/common.php";
$title = __("Member list");
AssertForbidden("viewMembers");
$tpp = $loguser['threadsperpage'];
if ($tpp < 1) {
$tpp = 50;
}
if (isset($_GET['from'])) {
$from = (int) $_GET['from'];
} else {
$from = 0;
}
if (isset($dir)) {
unset($dir);
}
if (isset($_GET['dir'])) {
$dir = $_GET['dir'];
if ($dir != "asc" && $dir != "desc") {
unset($dir);
}
}
$sort = $_GET['sort'];
$sex = $_GET['sex'];
if (isset($_GET['pow']) && $_GET['pow'] != "") {
$pow = (int) $_GET['pow'];
}
if (isset($_GET['letter']) && is_string($_GET['letter'])) {
}
} else {
Kill(__("Unknown forum ID."));
}
setUrlName("newreply", $tid, $thread["title"]);
setUrlName("editthread", $tid, $thread["title"]);
$threadtags = ParseThreadTags($thread['title']);
$title = $threadtags[0];
Query("update {threads} set views=views+1 where id={0} limit 1", $tid);
if (isset($_GET['from'])) {
$fromstring = "from=" . (int) $_GET["from"];
} else {
$fromstring = "";
}
if (isset($_GET['vote'])) {
AssertForbidden("vote");
if (!$loguserid) {
Kill(__("You can't vote without logging in."));
}
if ($thread['closed']) {
Kill(__("Poll's closed!"));
}
if (!$thread['poll']) {
Kill(__("This is not a poll."));
}
if ($loguser["token"] != $_GET['token']) {
Kill(__("Invalid token."));
}
$vote = (int) $_GET['vote'];
$doublevote = FetchResult("select doublevote from {poll} where id={0}", $thread['poll']);
$existing = FetchResult("select count(*) from {pollvotes} where poll={0} and choiceid={1} and user={2}", $thread['poll'], $vote, $loguserid);
<?php
// AcmlmBoard XD - Board Settings editing page
// Access: administrators
include "lib/common.php";
$title = __("Edit settings");
AssertForbidden("editSettings");
if ($loguser['powerlevel'] < 3) {
Kill(__("You must be an administrator to edit the board settings."));
}
$key = hash('sha256', "{$loguserid},{$loguser['pss']},{$salt}");
if (isset($_POST['action']) && $key != $_POST['key']) {
Kill(__("No."));
}
if ($_POST['action'] == __("Edit")) {
if ((double) $_POST['uploaderCap'] <= 0) {
$_POST['uploaderCap'] = "0.25";
}
if ((double) $_POST['personalCap'] <= 0) {
$_POST['personalCap'] = "0.25";
}
if ((double) ($_POST['uploaderMaxFileSize'] * 1024 * 1024) > IniValToBytes(ini_get("upload_max_filesize")) || (double) $_POST['uploaderMaxFileSize'] <= 0) {
$_POST['uploaderMaxFileSize'] = floor(IniValToBytes(ini_get("upload_max_filesize")) / 1024 / 1024);
}
$hax = fopen("lib/settings.php", "w");
fputs($hax, "<?php\n");
fputs($hax, "//Generated and parsed by the Board Settings admin panel.\n");
fputs($hax, "\n");
fputs($hax, "//Settings\n");
fputs($hax, "\$boardname = " . var_export($_POST['boardname'], true) . ";\n");
fputs($hax, "\$logoalt = " . var_export($_POST['logoalt'], true) . ";\n");
<?php
// AcmlmBoard XD - The Records
// Access: all
include "lib/common.php";
$title = __("Records");
AssertForbidden("viewRecords");
$df = "l, F jS Y, G:i:s";
write("\n<table class=\"outline margin width75\">\n\t<tr class=\"header0\">\n\t\t<th colspan=\"2\">\n\t\t\t" . __("Highest Numbers") . "\n\t\t</th>\n\t</tr>\n\t<tr class=\"cell0\">\n\t\t<td>\n\t\t\t" . __("Highest number of posts in 24 hours") . "\n\t\t</td>\n\t\t<td>\n\t\t\t" . __("<strong>{0}</strong>, on {1} GMT") . "\n\t\t</td>\n\t</tr>\n\t<tr class=\"cell1\">\n\t\t<td>\n\t\t\t" . __("Highest number of posts in one hour") . "\n\t\t</td>\n\t\t<td>\n\t\t\t" . __("<strong>{2}</strong>, on {3} GMT") . "\n\t\t</td>\n\t</tr>\n\t<tr class=\"cell0\">\n\t\t<td>\n\t\t\t" . __("Highest number of users in five minutes") . "\n\t\t</td>\n\t\t<td>\n\t\t\t" . __("<strong>{4}</strong>, on {5} GMT") . "\n\t\t</td>\n\t</tr>\n\t<tr class=\"cell1\">\n\t\t<td></td>\n\t\t<td>\n\t\t\t{6}\n\t\t</td>\n\t</tr>\n</table>\n", $misc['maxpostsday'], gmdate($df, $misc['maxpostsdaydate']), $misc['maxpostshour'], gmdate($df, $misc['maxpostshourdate']), $misc['maxusers'], gmdate($df, $misc['maxusersdate']), $misc['maxuserstext']);
$rStats = Query("show table status");
while ($stat = Fetch($rStats)) {
$tables[$stat['Name']] = $stat;
}
$tablelist = "";
$rows = $avg = $datlen = $idx = $datfree = 0;
foreach ($tables as $table) {
$cellClass = ($cellClass + 1) % 2;
$tablelist .= format("\n\t<tr class=\"cell{0}\">\n\t\t<td class=\"cell2\">{1}</td>\n\t\t<td>\n\t\t\t{2}\n\t\t</td>\n\t\t<td>\n\t\t\t{3}\n\t\t</td>\n\t\t<td>\n\t\t\t{4}\n\t\t</td>\n\t\t<td>\n\t\t\t{5}\n\t\t</td>\n\t\t<td>\n\t\t\t{6}\n\t\t</td>\n\t\t<td>\n\t\t\t{7}\n\t\t</td>\n\t</tr>\n", $cellClass, $table['Name'], $table['Rows'], sp($table['Avg_row_length']), sp($table['Data_length']), sp($table['Index_length']), sp($table['Data_free']), sp($table['Data_length'] + $table['Index_length']));
$rows += $table['Rows'];
$avg += $table['Avg_row_length'];
$datlen += $table['Data_length'];
$idx += $table['Index_length'];
$datfree += $table['Data_free'];
}
write("\n<table class=\"outline margin\">\n\t<tr class=\"header0\">\n\t\t<th colspan=\"7\">\n\t\t\t" . __("Table Status") . "\n\t\t</th>\n\t</tr>\n\t<tr class=\"header1\">\n\t\t<th>\n\t\t\t" . __("Name") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Rows") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Avg. data/row") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Data size") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Index size") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Unused data") . "\n\t\t</th>\n\t\t<th>\n\t\t\t" . __("Total size") . "\n\t\t</th>\n\t</tr>\n\t{0}\n\t<tr class=\"header1\">\n\t\t<th colspan=\"7\" style=\"height: 8px;\"></th>\n\t</tr>\n\t<tr class=\"cell2\">\n\t\t<td style=\"font-weight: bold;\">\n\t\t\t" . __("Total") . "\n\t\t</td>\n\t\t<td>\n\t\t\t{1}\n\t\t</td>\n\t\t<td>\n\t\t\t{2}\n\t\t</td>\n\t\t<td>\n\t\t\t{3}\n\t\t</td>\n\t\t<td>\n\t\t\t{4}\n\t\t</td>\n\t\t<td>\n\t\t\t{5}\n\t\t</td>\n\t\t<td>\n\t\t\t{6}\n\t\t</td>\n\t</tr>\n</table>\n", $tablelist, $rows, sp($avg), sp($datlen), sp($idx), sp($datfree), sp($datlen + $idx));
function sp($sz)
{
return number_format($sz, 0, '.', ',');
}
<?php
// AcmlmBoard XD - Forum list editing tool
// Access: administrators
include "lib/common.php";
AssertForbidden("editForum");
if ($loguser['powerlevel'] < 3) {
Kill(__("You must be an administrator to edit the forum list."));
}
if ($_POST['action'] == __("Move")) {
$qForum = "update forums set forder=" . (int) $_POST['order'] . ", catid=" . (int) $_POST['category'] . " where id=" . (int) $_POST['fid'] . " limit 1";
$rForum = Query($qForum);
Alert(__("Forum moved."), __("Notice"));
} elseif ($_POST['action'] == "Add") {
$qForum = "insert into forums (title, description, catid, forder) values ('" . justEscape($_POST['title']) . "', '" . justEscape($_POST['description']) . "', " . (int) $_POST['category'] . ", " . (int) $_POST['order'] . ")";
$rForum = Query($qForum);
Alert(__("Forum added."), __("Notice"));
} elseif ($_POST['action'] == __("Remove")) {
$qForum = "select * from forums where id=" . (int) $_POST['fid'];
$rForum = Query($qForum);
$forum = Fetch($rForum);
write("\n\t<div class=\"outline margin center width50\" style=\"margin: 0px auto 16px;\">\n\t\t<div class=\"errort\"><strong>" . __("Confirm deletion of \"{0}\"") . "</strong></div>\n\t\t<div class=\"errorc cell2\">\n\t\t\t<form action=\"editfora.php\" method=\"post\">\n\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Yes, do as I say.") . "\" />\n\t\t\t\t<input type=\"hidden\" name=\"fid\" value=\"{1}\" />\n\t\t\t</form>\n\t\t</div>\n\t</div>\n", $forum['title'], (int) $forum['id']);
} elseif ($_POST['action'] == __("Yes, do as I say.")) {
$qForum = "delete from forums where id=" . (int) $_POST['fid'];
$rForum = Query($qForum);
Alert(__("Forum removed."), __("Notice"));
} elseif ($_POST['action'] == __("Edit")) {
$qForum = "update forums set title='" . justEscape($_POST['title']) . "', description='" . justEscape($_POST['description']) . "' where id=" . (int) $_POST['fid'] . " limit 1";
$rForum = Query($qForum);
Alert(__("Forum edited."), __("Notice"));
}
<?php
$title = __("Ranks");
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Ranks"), "ranks"));
makeBreadcrumbs($crumbs);
AssertForbidden("viewRanks");
loadRanksets();
if (count($ranksetData) == 0) {
Kill(__("No ranksets have been defined."));
}
if (!isset($_GET["id"])) {
$rankset = $loguser['rankset'];
if (!$rankset || !isset($ranksetData[$rankset])) {
$rankset = array_keys($ranksetData);
$rankset = $rankset[0];
}
die(header("Location: " . actionLink("ranks", $rankset)));
}
$rankset = $_GET['id'];
if (!isset($ranksetData[$rankset])) {
Kill(__("Rankset not found."));
}
if (count($ranksetNames) > 1) {
$ranksets = new PipeMenu();
foreach ($ranksetNames as $name => $title) {
if ($name == $rankset) {
$ranksets->add(new PipeMenuTextEntry($title));
} else {
$ranksets->add(new PipeMenuLinkEntry($title, "ranks", $name));
}
<?php
// AcmlmBoard XD - Rankset import tool
// Access: administrators
include "lib/common.php";
AssertForbidden("addRanks");
if ($loguser['powerlevel'] < 3) {
Kill(__("You must be an administrator to import ranksets."));
}
Query("truncate table ranks");
Query("truncate table ranksets");
include "ranksets.php";
$bads = array(" ", "-", ".", ",", "'", '"');
write("\n\t<table class=\"outline margin width25\">\n\t\t<tr class=\"header1\">\n\t\t\t<th>\n\t\t\t\t" . __("Postcount") . "\n\t\t\t</th>\n\t\t\t<th>\n\t\t\t\t" . __("Rank") . "\n\t\t\t</th>\n\t\t</tr>\n");
foreach ($ranks as $rankset) {
write("\n\t\t<tr class=\"header0\">\n\t\t\t<th colspan=\"2\">\n\t\t\t\t{0}\n\t\t\t</th>\n\t\t</tr>\n", $rankset['name']);
if (!$rankset['directory']) {
$rankset['directory'] = strtolower($rankset['name']);
}
$index++;
$description = format(__("Set index is {0}. Base directory is {1}."), $index, "<a href=\"img/ranks/" . $rankset['directory'] . "/\"><code>" . $rankset['directory'] . "</code></a>");
if ($rankset['notolower']) {
$description .= " " . __("Set does not use lowercase filenames.");
}
if ($rankset['noimages']) {
$description .= " " . __("Set is text-only.");
}
write("\n\t\t<tr class=\"cell1\">\n\t\t\t<td colspan=\"2\">\n\t\t\t\t{0}\n\t\t\t</td>\n\t\t</tr>\n", $description);
Query("insert into ranksets (name) values ('" . $rankset['name'] . "')");
foreach ($rankset['ranks'] as $val => $text) {
$img = "<img src=\"img/ranks/" . $rankset['directory'] . "/" . str_replace($bads, "", !$rankset['notolower'] ? strtolower($text) : $text) . ".png\" alt=\"" . $text . "\" /> " . ($rankset['splitlines'] ? "<br />" : "") . $text;
<?php
$title = "Plugin Manager";
AssertForbidden("managePlugins");
if ($loguser['powerlevel'] < 3) {
Kill(__("You must be an administrator to manage plugins."));
}
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Admin"), "admin"));
$crumbs->add(new PipeMenuLinkEntry(__("Plugin manager"), "pluginmanager"));
makeBreadcrumbs($crumbs);
if ($_GET["action"] == "enable") {
if ($_GET["key"] != $loguser['token']) {
Kill("No.");
}
Query("insert into {enabledplugins} values ({0})", $_GET["id"]);
logAction("enableplugin", array('text' => $_GET["id"]));
Upgrade();
redirectAction("pluginmanager");
}
if ($_GET["action"] == "disable") {
if ($_GET["key"] != $loguser['token']) {
Kill("No.");
}
Query("delete from {enabledplugins} where plugin={0}", $_GET["id"]);
logAction("disableplugin", array('text' => $_GET["id"]));
redirectAction("pluginmanager");
}
$pluginsDb = array();
$pluginList = query("SELECT * FROM {enabledplugins}");
while ($plugin = fetch($pluginList)) {
<?php
// AcmlmBoard XD - Report/content mismatch fixing utility
// Access: staff
include "lib/common.php";
AssertForbidden("recalculate");
if ($loguser['powerlevel'] < 1) {
Kill(__("Staff only, please."));
}
print "<table class=\"outline margin width50\">";
print "<tr class=\"header1\"><th>" . __("Name") . "</th><th>" . __("Actual") . "</th><th>" . __("Reported") . "</th><th> </th></tr>";
print "<tr class=\"header0\"><th colspan=\"4\">" . __("Counting user's posts…") . "</th></tr>";
$qUsers = "select * from users";
$rUsers = Query($qUsers);
while ($user = Fetch($rUsers)) {
$cellClass = ($cellClass + 1) % 2;
print "<tr class=\"cell" . $cellClass . "\">";
print "<td>" . htmlspecialchars($user['name']) . "</td>";
$qPosts = "select count(*) from posts where user="******"<td>" . $posts . "</td><td>" . $user['posts'] . "</td>";
print "<td style=\"background: " . ($posts == $user['posts'] ? "green" : "red") . ";\"></td>";
print "</tr>";
$qUser = "******" . $posts . " where id=" . $user['id'] . " limit 1";
$rUser = Query($qUser);
RecalculateKarma($user['id']);
}
print "<tr class=\"header0\"><th colspan=\"4\">" . __("Counting thread replies…") . "</th></tr>";
$qThreads = "select * from threads";
$rThreads = Query($qThreads);
while ($thread = Fetch($rThreads)) {
<?php
$noAutoHeader = TRUE;
include "lib/common.php";
if (isset($_POST['google'])) {
$full = GetFullURL();
$here = substr($full, 0, strrpos($full, "/"));
header("Location: http://www.google.com/search?q=" . urlencode($_POST['google'] . " site:" . $here));
}
include "lib/header.php";
AssertForbidden("search");
write("\n<div style=\"float: left; width: 70%;\">\n\n\t<form action=\"search.php\" method=\"post\">\n\t\t<div class=\"outline PoRT margin width25\" style=\"margin: 16px; width: 100%; float: none;\">\n\t\t\t<div class=\"errort\">\n\t\t\t\t<strong>" . __("Google search") . "</strong>\n\t\t\t</div>\n\t\t\t<div class=\"errorc left cell0\" style=\"padding: 8px; font-size: 150%\">\n\t\t\t\t<input type=\"text\" maxlength=\"1024\" name=\"google\" style=\"width: 80%;\">\n\t\t\t\t \n\t\t\t\t<input type=\"submit\" value=\"" . __("Search") . "\">\n\t\t\t</div>\n\t\t</div>\n\t</form>\n");
if ($loguser['powerlevel'] < 1) {
die("</div>");
}
write("\n\t<form action=\"search.php\" method=\"get\">\n\t\t<div class=\"outline PoRT margin\" style=\"margin: 16px; width: 100%; float: none;\">\n\t\t\t<div class=\"errort\">\n\t\t\t\t<strong>" . __("Internal search") . "</strong>\n\t\t\t</div>\n\t\t\t<div class=\"errorc left cell0\" style=\"padding: 8px; font-size: 150%\">\n\t\t\t\t<input type=\"text\" maxlength=\"1024\" name=\"q\" style=\"width: 80%;\" value=\"" . htmlspecialchars($_GET['q']) . "\">\n\t\t\t\t \n\t\t\t\t<input type=\"submit\" value=\"" . __("Search") . "\">\n\t\t\t</div>\n\t\t</div>\n\t</form>\n</div>\n\n<div class=\"PoRT margin width25\">\n\t<div class=\"errort\"><strong>" . __("Search help") . "</strong></div>\n\t<div class=\"errorc left cell0\" style=\"padding: 8px 8px;\">\n\t\t" . __("Internal search checks both thread titles and post text, returning results from both.") . "\n\t\t<dl>\n\t\t\t<dt><samp>foo bar</samp></dt>\n\t\t\t<dd>" . __("Find entries with either term") . "</dd>\n\t\t\t<dt><samp>\"foo bar\"</samp></dt>\n\t\t\t<dd>" . __("Find entries with full phrase") . "</dd>\n\t\t\t<dt><samp>+foo -bar</samp></dt>\n\t\t\t<dd>" . __("Find entries with <var>foo</var> but not <var>bar</var>") . "</dd>\n\t\t</dl>\n\t</div>\n</div>\n\n<hr style=\"clear: both; visibility: hidden;\" />\n\n");
if (isset($_GET['q'])) {
$totalResults = 0;
$bool = htmlspecialchars($_GET['q']);
$t = explode(" ", $bool);
$terms = array();
foreach ($t as $term) {
if ($term[0] == "-") {
continue;
}
if ($term[0] == "+" || $term[0] == "\"") {
$terms[] = substr($term, 1);
} else {
if ($term[strlen($term) - 1] == "*" || $term[strlen($term) - 1] == "\"") {
$terms[] = substr($term, 0, strlen($term) - 1);
} else {
<?php
// AcmlmBoard XD - Thread submission/preview page
// Access: users
include "lib/common.php";
$title = __("New thread");
AssertForbidden("makeThread");
if (!$loguserid) {
//Not logged in?
Kill(__("You must be logged in to post."));
}
if (isset($_POST['id'])) {
$_GET['id'] = $_POST['id'];
}
if (!isset($_GET['id'])) {
Kill(__("Forum ID unspecified."));
}
$fid = (int) $_GET['id'];
if ($loguser['powerlevel'] < 0) {
Kill(__("You're banned."));
}
$qFora = "select * from forums where id=" . $fid;
$rFora = Query($qFora);
if (NumRows($rFora)) {
$forum = Fetch($rFora);
} else {
Kill(__("Unknown forum ID."));
}
if ($forum['locked']) {
Kill(__("This forum is locked."));
}
<?php
$title = __("Uploader");
AssertForbidden("viewUploader");
$rootdir = $dataDir . "uploader";
if ($uploaderWhitelist) {
$goodfiles = explode(" ", $uploaderWhitelist);
}
$badfiles = array("html", "htm", "php", "php2", "php3", "php4", "php5", "php6", "htaccess", "htpasswd", "mht", "js", "asp", "aspx", "cgi", "py", "exe", "com", "bat", "pif", "cmd", "lnk", "wsh", "vbs", "vbe", "jse", "wsf", "msc", "pl", "rb", "shtm", "shtml", "stm", "htc");
function listCategory($cat)
{
global $loguser, $loguserid, $rootdir, $userSelectUsers, $boardroot;
if (isset($_GET['sort']) && $_GET['sort'] == "filename" || $_GET['sort'] == "date") {
$skey = $_GET['sort'];
} else {
$skey = "date";
}
$sortOptions = "<div class=\"margin smallFonts\">" . __("Sort order") . ": <ul class=\"pipemenu\">";
$sortOptions .= $skey == "filename" ? "<li>" . __("Name") . "</li>" : actionLinkTagItem(__("Name"), "uploaderlist", "", "cat={$_GET["cat"]}&sort=filename");
$sortOptions .= $skey == "date" ? "<li>" . __("Date") . "</li>" : actionLinkTagItem(__("Date"), "uploaderlist", "", "cat={$_GET["cat"]}&sort=date");
$sortOptions .= "</ul></div>";
$sdir = $skey == "date" ? " desc" : " asc";
print $sortOptions;
if ($cat == -1) {
$condition = "up.user = "******" and up.private = 1";
} else {
if ($cat == -2 && $loguser['powerlevel'] > 2) {
$condition = "up.private = 1";
} else {
$condition = "up.private = 0 and up.category = {0}";
}
<?php
include "lib/common.php";
$title = __("Calendar");
AssertForbidden("viewCalendar");
//$calinfo = cal_info(0);
//$months = $calinfo['months'];
$now = getdate(time());
$year = $now['year'];
$month = $now['mon'];
$day = $now['mday'];
if ((int) $_GET['month']) {
$month = (int) $_GET['month'];
$day = 0;
}
$d = getdate(mktime(0, 0, 0, $month, 1, $year));
$i = 1 - $d['wday'];
$d = getdate(mktime(0, 0, 0, $month + 1, 0, $year));
$max = $d['mday'];
$users = Query("select birthday, id, name, displayname, sex, powerlevel from users where birthday != 0 order by name");
$cells = array();
while ($user = Fetch($users)) {
$bucket = "userMangler";
include "./lib/pluginloader.php";
$d = getdate($user['birthday']);
if ($d['mon'] == $month) {
$dd = $d['mday'];
$age = $year - $d['year'];
$cells[$dd] .= "<br />• " . format(__("{0}'s birthday ({1})"), Userlink($user), $age) . "\n";
}
}
<?php
// AcmlmBoard XD - Smiley editing tool
// Access: administrators only
include "lib/common.php";
AssertForbidden("editSmilies");
if ($loguser['powerlevel'] < 3) {
Kill("You must be an administrator to edit the smiley table.");
}
$key = hash('sha256', "{$loguserid},{$loguser['pss']},{$salt}");
if (isset($_POST['action']) && $key != $_POST['key']) {
Kill(__("No."));
}
if ($_POST['action'] == "Apply") {
$qSmilies = "select * from smilies";
$rSmilies = Query($qSmilies);
$numSmilies = NumRows($rSmilies);
for ($i = 0; $i <= $numSmilies; $i++) {
if ($_POST['code_' . $i] != $_POST['oldcode_' . $i] || $_POST['image_' . $i] != $_POST['oldimage_' . $i]) {
if ($_POST['code_' . $i] == "") {
$act = "deleted";
$qSmiley = "delete from smilies where code='" . $_POST['oldcode_' . $i] . "'";
} else {
$act = "edited to \"" . $_POST['image_' . $i] . "\"";
$qSmiley = "update smilies set code='" . $_POST['code_' . $i] . "', image='" . $_POST['image_' . $i] . "' where code='" . $_POST['oldcode_' . $i] . "'";
}
$rSmiley = Query($qSmiley);
$log .= "Smiley \"" . $_POST['oldcode_' . $i] . "\" " . $act . ".<br />";
}
}
if ($_POST['code_add'] && $_POST['image_add']) {
}
$id = (int) $_GET['id'];
$rUser = Query("select * from {users} where id={0}", $id);
if (NumRows($rUser)) {
$user = Fetch($rUser);
} else {
Kill(__("Unknown user ID."));
}
if ($id == $loguserid) {
Query("update {users} set newcomments = 0 where id={0}", $loguserid);
$loguser['newcomments'] = false;
}
$canVote = $loguserid && ($loguser['powerlevel'] > 0 || (time() - $loguser['regdate']) / 86400 > 9) && IsAllowed("vote") && $loguserid != $id;
if ($loguserid && ($_GET['token'] == $loguser['token'] || $_POST['token'] == $loguser['token'])) {
if (isset($_GET['block'])) {
AssertForbidden("blockLayouts");
$block = (int) $_GET['block'];
$rBlock = Query("select * from {blockedlayouts} where user={0} and blockee={1}", $id, $loguserid);
$isBlocked = NumRows($rBlock);
if ($block && !$isBlocked && $loguserid != $id) {
$rBlock = Query("insert into {blockedlayouts} (user, blockee) values ({0}, {1})", $id, $loguserid);
} elseif (!$block && $isBlocked) {
$rBlock = Query("delete from {blockedlayouts} where user={0} and blockee={1} limit 1", $id, $loguserid);
}
die(header("Location: " . actionLink("profile", $id)));
}
if (isset($_GET['vote']) && $canVote) {
$vote = (int) $_GET['vote'];
if ($vote > 1) {
$vote = 1;
}
<?php
// AcmlmBoard XD - Posts by user viewer
// Access: all
AssertForbidden("listPosts");
if (!isset($_GET['id'])) {
Kill(__("User ID unspecified."));
}
$id = (int) $_GET['id'];
$rUser = Query("select * from {users} where id={0}", $id);
if (NumRows($rUser)) {
$user = Fetch($rUser);
} else {
Kill(__("Unknown user ID."));
}
$title = __("Post list");
$total = FetchResult("\n\t\t\tSELECT\n\t\t\t\tcount(p.id)\n\t\t\tFROM\n\t\t\t\t{posts} p\n\t\t\t\tLEFT JOIN {threads} t ON t.id=p.thread\n\t\t\t\tLEFT JOIN {forums} f ON f.id=t.forum\n\t\t\tWHERE p.user={0} AND " . forumAccessControlSql(), $id);
$ppp = $loguser['postsperpage'];
if (isset($_GET['from'])) {
$from = (int) $_GET['from'];
} else {
$from = 0;
}
if (!$ppp) {
$ppp = 25;
}
$rPosts = Query("\n\tSELECT\n\t\tp.*,\n\t\tpt.text, pt.revision, pt.user AS revuser, pt.date AS revdate,\n\t\tu.(_userfields), u.(rankset,title,picture,posts,postheader,signature,signsep,lastposttime,lastactivity,regdate,globalblock),\n\t\tru.(_userfields),\n\t\tdu.(_userfields),\n\t\tt.id thread, t.title threadname,\n\t\tf.id fid\n\tFROM\n\t\t{posts} p\n\t\tLEFT JOIN {posts_text} pt ON pt.pid = p.id AND pt.revision = p.currentrevision\n\t\tLEFT JOIN {users} u ON u.id = p.user\n\t\tLEFT JOIN {users} ru ON ru.id=pt.user\n\t\tLEFT JOIN {users} du ON du.id=p.deletedby\n\t\tLEFT JOIN {threads} t ON t.id=p.thread\n\t\tLEFT JOIN {forums} f ON f.id=t.forum\n\tWHERE u.id={1} AND " . forumAccessControlSql() . "\n\tORDER BY date ASC LIMIT {2u}, {3u}", $loguserid, $id, $from, $ppp);
$numonpage = NumRows($rPosts);
$uname = $user["name"];
if ($user["displayname"]) {
$uname = $user["displayname"];
<?php
// AcmlmBoard XD - IP ban management tool
// Access: administrators only
include "lib/common.php";
$title = __("IP bans");
AssertForbidden("editIPBans");
if ($loguser['powerlevel'] < 3) {
Kill(__("Only administrators get to manage IP bans."));
}
MakeCrumbs(array(__("Main") => "./", __("IP ban manager") => ""), "");
if ($_POST['action'] == __("Add")) {
$qIPBan = "insert into ipbans (ip, reason, date) values ('" . justEscape($_POST['ip']) . "', '" . justEscape($_POST['reason']) . "', " . ((int) $_POST['days'] > 0 ? time() + (int) $_POST['days'] * 86400 : 0) . ")";
$rIPBan = Query($qIPBan);
Alert(__("Added."), __("Notice"));
} elseif ($_GET['action'] == "delete") {
$qIPBan = "delete from ipbans where ip='" . justEscape($_GET['ip']) . "' limit 1";
$rIPBan = Query($qIPBan);
Alert(__("Removed."), __("Notice"));
}
$qIPBan = "select * from ipbans order by date desc";
$rIPBan = Query($qIPBan);
$banList = "";
while ($ipban = Fetch($rIPBan)) {
$cellClass = ($cellClass + 1) % 2;
if ($ipban['date']) {
$date = gmdate($dateformat, $ipban['date']) . " (" . TimeUnits($ipban['date'] - time()) . " left)";
} else {
$date = __("Permanent");
}
$banList .= format("\n\t<tr class=\"cell{0}\">\n\t\t<td>\n\t\t\t{1}\n\t\t</td>\n\t\t<td>\n\t\t\t{2}\n\t\t</td>\n\t\t<td>\n\t\t\t{3}\n\t\t</td>\n\t\t<td>\n\t\t\t<a href=\"ipbans.php?ip={1}&action=delete\">✘</a>\n\t\t</td>\n\t</tr>\n", $cellClass, $ipban['ip'], $ipban['reason'], $date);
$crumbs->add(new PipeMenuTextEntry(__("Comments")));
makeBreadcrumbs($crumbs);
$canDeleteComments = ($id == $loguserid || $loguser['powerlevel'] > 2) && IsAllowed("deleteComments") && $loguser['powerlevel'] >= 0;
$canComment = $loguser['powerlevel'] >= 0;
if ($loguserid && ($_GET['token'] == $loguser['token'] || $_POST['token'] == $loguser['token'])) {
if ($canDeleteComments && $_GET['action'] == "delete") {
AssertForbidden("deleteComments");
Query("delete from {usercomments} where uid={0} and id={1}", $id, (int) $_GET['cid']);
if ($mobileLayout) {
die(header("Location: " . actionLink("usercomments", $id)));
} else {
die(header("Location: " . actionLink("profile", $id)));
}
}
if (isset($_POST['actionpost']) && IsReallyEmpty($_POST['text']) && $canComment) {
AssertForbidden("makeComments");
$rComment = Query("insert into {usercomments} (uid, cid, date, text) values ({0}, {1}, {2}, {3})", $id, $loguserid, time(), $_POST['text']);
if ($loguserid != $id) {
Query("update {users} set newcomments = 1 where id={0}", $id);
}
logAction('usercomment', array('user2' => $id));
if ($mobileLayout) {
die(header("Location: " . actionLink("usercomments", $id)));
} else {
die(header("Location: " . actionLink("profile", $id)));
}
}
}
$cpp = 15;
$total = FetchResult("SELECT\n\t\t\t\t\t\tcount(*)\n\t\t\t\t\tFROM {usercomments}\n\t\t\t\t\tWHERE uid={0}", $id);
$from = (int) $_GET["from"];
<?php
// AcmlmBoard XD - Thread editing page
// Access: moderators
include "lib/common.php";
$title = __("Edit thread");
AssertForbidden("editThread");
$key = hash('sha256', "{$loguserid},{$loguser['pss']},{$salt}");
if (isset($_REQUEST['action']) && $key != $_REQUEST['key']) {
Kill(__("No."));
}
if (!$loguserid) {
//Not logged in?
Kill(__("You must be logged in to edit threads."));
}
if (isset($_POST['id'])) {
$_GET['id'] = $_POST['id'];
}
if (!isset($_GET['id'])) {
Kill(__("Thread ID unspecified."));
}
$tid = (int) $_GET['id'];
$qThread = "select * from threads where id=" . $tid;
$rThread = Query($qThread);
if (NumRows($rThread)) {
$thread = Fetch($rThread);
} else {
Kill(__("Unknown thread ID."));
}
$canMod = CanMod($loguserid, $thread['forum']);
if (!$canMod && $thread['user'] != $loguserid) {
}
$rThread = Query("select * from {threads} where id={0}", $tid);
if (NumRows($rThread)) {
$thread = Fetch($rThread);
$fid = $thread['forum'];
} else {
Kill(__("Unknown thread ID."));
}
$rFora = Query("select * from {forums} where id={0}", $fid);
if (NumRows($rFora)) {
$forum = Fetch($rFora);
} else {
Kill("Unknown forum ID.");
}
$fid = $forum['id'];
AssertForbidden("viewForum", $fid);
$isHidden = (int) ($forum['minpower'] > 0);
if ($forum['minpowerreply'] > $loguser['powerlevel']) {
Kill(__("Your power is not enough."));
}
if ($thread['closed'] && $loguser['powerlevel'] < 3) {
Kill(__("This thread is locked."));
}
$OnlineUsersFid = $fid;
write("\n\t<script type=\"text/javascript\">\n\t\t\twindow.addEventListener(\"load\", hookUpControls, false);\n\t</script>\n");
$tags = ParseThreadTags($thread['title']);
setUrlName("thread", $thread["id"], $thread["title"]);
$crumbs = new PipeMenu();
makeForumCrumbs($crumbs, $forum);
$crumbs->add(new PipeMenuHtmlEntry(makeThreadLink($thread)));
$crumbs->add(new PipeMenuTextEntry(__("New reply")));
Kill(__("No."));
}
if (isset($_POST['editusermode']) && $_POST['editusermode'] != 0) {
$_GET['id'] = $_POST['userid'];
}
if ($loguser['powerlevel'] > 2) {
$userid = isset($_GET['id']) ? (int) $_GET['id'] : $loguserid;
} else {
$userid = $loguserid;
}
$user = Fetch(Query("select * from {users} where id={0}", $userid));
$editUserMode = isset($_GET['id']) && $loguser['powerlevel'] > 2;
if ($editUserMode && $user['powerlevel'] == 4 && $loguser['powerlevel'] != 4 && $loguserid != $userid) {
Kill(__("Cannot edit a root user."));
}
AssertForbidden($editUserMode ? "editUser" : "editProfile");
//Breadcrumbs
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Member list"), "memberlist"));
$crumbs->add(new PipeMenuHtmlEntry(userLink($user)));
$crumbs->add(new PipeMenuTextEntry(__("Edit profile")));
makeBreadcrumbs($crumbs);
echo "<script src=\"" . resourceLink('js/zxcvbn.js') . "\"></script>";
echo "<script src=\"" . resourceLink('js/register.js') . "\"></script>";
loadRanksets();
$ranksets = $ranksetNames;
$ranksets = array_reverse($ranksets);
$ranksets[""] = __("None");
$ranksets = array_reverse($ranksets);
foreach ($dateformats as $format) {
$datelist[$format] = $format ? $format . ' (' . cdate($format) . ')' : '';
<?php
// AcmlmBoard XD - Realtime visitor statistics page
// Access: all
$title = __("Online users");
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Online users"), "online"));
makeBreadcrumbs($crumbs);
AssertForbidden("viewOnline");
// This can (and will) be turned into a permission.
$showIPs = $loguser['powerlevel'] > 0;
$time = (int) $_GET['time'];
if (!$time) {
$time = 300;
}
$rUsers = Query("select * from {users} where lastactivity > {0} order by lastactivity desc", time() - $time);
$rGuests = Query("select * from {guests} where date > {0} and bot = 0 order by date desc", time() - $time);
$rBots = Query("select * from {guests} where date > {0} and bot = 1 order by date desc", time() - $time);
$spans = array(60, 300, 900, 3600, 86400);
$spanList = "";
foreach ($spans as $span) {
$spanList .= actionLinkTagItem(timeunits($span), "online", "", "time={$span}");
}
write("\n\t<div class=\"smallFonts margin\">\n\t\t" . __("Show visitors from this far back:") . "\n\t\t<ul class=\"pipemenu\">\n\t\t\t{0}\n\t\t</ul>\n\t</div>\n", $spanList);
$userList = "";
$i = 1;
if (NumRows($rUsers)) {
while ($user = Fetch($rUsers)) {
$cellClass = ($cellClass + 1) % 2;
if ($user['lasturl']) {
$lastUrl = "<a href=\"" . FilterURL($user['lasturl']) . "\">" . FilterURL($user['lasturl']) . "</a>";
<?php
// AcmlmBoard XD - Administration hub page
// Access: administrators
AssertForbidden("viewAdminRoom");
if ($loguser['powerlevel'] < 3) {
Kill(__("You're not an administrator. There is nothing for you here."));
}
$title = __("Administration");
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Admin"), "admin"));
makeBreadcrumbs($crumbs);
$cell2 = 1;
function cell2($content)
{
global $cell2;
$cell2 = $cell2 == 1 ? 0 : 1;
Write("\n\t\t<tr class=\"cell{0}\">\n\t\t\t<td>\n\t\t\t\t{1}\n\t\t\t</td>\n\t\t</tr>\n\t", $cell2, $content);
}
Write("\n\t<table class=\"outline margin width50 floatright\">\n\t\t<tr class=\"header1\">\n\t\t\t<th colspan=\"2\">\n\t\t\t\t" . __("Information") . "\n\t\t\t</th>\n\t\t</tr>\n");
cell2(Format("\n\n\t\t\t\t" . __("Last viewcount milestone") . "\n\t\t\t</td>\n\t\t\t<td style=\"width: 60%;\">\n\t\t\t\t{0}\n\t\t\t", $misc['milestone']));
$bucket = "adminright";
include "./lib/pluginloader.php";
write("\n\t</table>\n");
$cell2 = 1;
Write("\n\t<table class=\"outline margin width25\">\n\t\t<tr class=\"header1\">\n\t\t\t<th>\n\t\t\t\t" . __("Admin tools") . "\n\t\t\t</th>\n\t\t</tr>\n");
cell2(actionLinkTag(__("Recalculate statistics"), "recalc"));
cell2(actionLinkTag(__("Last Known Browsers"), "lastknownbrowsers"));
cell2(actionLinkTag(__("Manage IP bans"), "ipbans"));
cell2(actionLinkTag(__("Manage forum list"), "editfora"));
cell2(actionLinkTag(__("Manage plugins"), "pluginmanager"));
<?php
// AcmlmBoard XD - Private message sending/previewing page
// Access: user
$title = __("Private messages");
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Member list"), "memberlist"));
$crumbs->add(new PipeMenuHtmlEntry(userLink($loguser)));
$crumbs->add(new PipeMenuLinkEntry(__("Private messages"), "private"));
$crumbs->add(new PipeMenuLinkEntry(__("New PM"), "sendprivate"));
makeBreadcrumbs($crumbs);
AssertForbidden("sendPM");
if (!$loguserid) {
//Not logged in?
Kill(__("You must be logged in to send private messages."));
}
$pid = (int) $_GET['pid'];
if ($pid) {
$rPM = Query("select * from {pmsgs} p left join {pmsgs_text} t on t.pid = p.id where p.userto = {0} and p.id = {1}", $loguserid, $pid);
if (NumRows($rPM)) {
$sauce = Fetch($rPM);
$rUser = Query("select * from {users} where id = {0}", (int) $sauce['userfrom']);
if (NumRows($rUser)) {
$user = Fetch($rUser);
} else {
Kill(__("Unknown user."));
}
$prefill = "[reply=\"" . $user['name'] . "\"]" . htmlspecialchars($sauce['text']) . "[/reply]";
if (strpos($sauce['title'], "Re: Re: Re: ") !== false) {
$trefill = str_replace("Re: Re: Re: ", "Re*4: ", $sauce['title']);
} else {
<?php
include "lib/common.php";
$title = "Last known browsers";
$isMod = $loguser['powerlevel'] > 0;
$sort = "id asc";
$ual = "?";
if (isset($_GET['byua'])) {
$sort = "lastknownbrowser asc";
$ual .= "byua&";
}
AssertForbidden("viewLKB");
$numUsers = FetchResult("select count(*) from users", 0, 0);
$ppp = $loguser['postsperpage'];
if ($ppp < 1) {
$ppp = 50;
}
if (isset($_GET['from'])) {
$from = (int) $_GET['from'];
} else {
$from = 0;
}
$peeps = Query("select id, name, displayname, lastip, lastknownbrowser, sex, powerlevel from users where powerlevel < 5 order by " . $sort . " limit " . $from . ", " . $ppp);
$numonpage = NumRows($peeps);
for ($i = $ppp; $i < $numUsers; $i += $ppp) {
if ($i == $from) {
$pagelinks .= " " . ($i / $ppp + 1);
} else {
$pagelinks .= " <a href=\"lastknownbrowsers.php" . $ual . "from=" . $i . "\">" . ($i / $ppp + 1) . "</a>";
}
}
<?php
// AcmlmBoard XD - Private message display page
// Access: user, specifically the sender or reciever.
include "lib/common.php";
$title = __("Private messages");
AssertForbidden("viewPM");
if (!loguserid) {
Kill(__("You must be logged in to view your private messages."));
}
if (!isset($_GET['id']) && !isset($_POST['id'])) {
Kill(__("No PM specified."));
}
$id = (int) (isset($_GET['id']) ? $_GET['id'] : $_POST['id']);
$pmid = $id;
if (isset($_GET['snooping'])) {
if ($loguser['powerlevel'] > 2) {
$qPM = "select * from pmsgs left join pmsgs_text on pid = pmsgs.id where pmsgs.id = " . $id;
} else {
Kill(__("No snooping for you."));
}
} else {
$qPM = "select * from pmsgs left join pmsgs_text on pid = pmsgs.id where (userto = " . $loguserid . " or userfrom = " . $loguserid . ") and pmsgs.id = " . $id;
}
$rPM = Query($qPM);
if (NumRows($rPM)) {
$pm = Fetch($rPM);
} else {
Kill(__("Unknown PM"));
}
if ($pm['drafting'] && $pm['userfrom'] != $loguserid) {
<?php
// AcmlmBoard XD - Avatar library
// Access: all
include "lib/common.php";
$title = __("Avatar library");
AssertForbidden("viewAvatars");
if (isset($_GET['rebuild'])) {
$avalib = array();
//Prepare file tree...
$library = @opendir("img/avatars/library");
//in some PHP setups, you get an ugly "invalid argument" message here on fail.
if ($library === FALSE) {
Kill(__("Could not open avatar library."));
}
//Loop through library folders...
while (FALSE !== ($folder = readdir($library))) {
if ($folder[0] == ".") {
continue;
}
if (substr($folder, -4) == ".txt") {
continue;
}
$fol = opendir("img/avatars/library/" . $folder);
$thisFolder = array();
//Loop through folder images...
while (FALSE !== ($image = readdir($fol))) {
if ($image[0] == ".") {
continue;
}
if (substr($image, -4) != ".png") {
