* * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/> * =========================================================================* * Software: 0xBB * Software version: 2.0 * Author: KinG-InFeT * Copyleft: GNU General Public License * =========================================================================* * viewforum.php ***************************************************************************/ include "kernel.php"; show_header(); show_menu(); list($username, $password) = get_data(); if (!check_forum_id($_GET['id']) || !$_GET['id']) { _err("ID non Specificato!"); } $id = (int) $_GET['id']; // controllo se il forum è protetto if (check_access_forum($id) != NULL && check_access_forum($id) != 'user') { if (login($username, $password) == TRUE) { if (level($username) != 'admin' && level($username) != 'mod') { if (level($username) != check_access_forum($id)) { _err('Non hai i permessi per visualizzare questo topic!'); } } } else { if (check_access_forum($id) != NULL && check_access_forum($id) != 'user') { header('Location: index.php'); }
break; case 2: $id = (int) $_GET['id']; if (!check_forum_id($id)) { _err("Errore! L'ID specificato non è Valido!"); } $query = "DELETE FROM " . __PREFIX__ . "forum WHERE id = '" . $id . "'"; mysql_query($query); $query = "DELETE FROM " . __PREFIX__ . "topic WHERE f_id = '" . $id . "'"; mysql_query($query) or _err(mysql_error()); header("Location: admin.php?mode=1"); print "Forum deleted successfully."; break; case 3: $id = (int) $_GET['id']; if (!check_forum_id($id)) { _err("Errore! L'ID Specificato non è valido!"); } @($title = clear($_POST['title'])); @($descr = clear($_POST['descr'])); @($access = clear($_POST['access'])); if ($title && $descr) { $query = "UPDATE " . __PREFIX__ . "forum SET title = '{$title}', description = '{$descr}', user_access = '{$access}' WHERE id = '" . $id . "'"; mysql_query($query) or _err(mysql_error()); header("Location: admin.php?mode=1"); } else { $query = "SELECT * FROM " . __PREFIX__ . "forum WHERE id = '" . $id . "'"; $row = mysql_fetch_row(mysql_query($query)); ?> <br /><b>Modifica Forum:</b><p> <form method = 'POST' action = 'admin.php?mode=1&action=3&id=<?php
function is_post($id) { if (!$id) { return FALSE; } $query = "SELECT f_id FROM " . __PREFIX__ . "topic WHERE id = '" . $id . "'"; $row = mysql_fetch_row(mysql_query($query)); if (!$row[0]) { return FALSE; } return check_forum_id($row[0]); }