$temp = serialize(array('search_ids' => serialize($search_ids), 'num_hits' => $num_hits, 'sort_by' => $sort_by, 'sort_dir' => $sort_dir, 'show_as' => $show_as, 'search_type' => $search_type));
$search_id = mt_rand(1, 2147483647);
$ident = $pun_user['is_guest'] ? get_remote_address() : $pun_user['username'];
$db->query('INSERT INTO ' . $db->prefix . 'search_cache (id, ident, search_data) VALUES(' . $search_id . ', \'' . $db->escape($ident) . '\', \'' . $db->escape($temp) . '\')') or error('Unable to insert search results', __FILE__, __LINE__, $db->error());
if ($search_type[0] != 'action') {
$db->end_transaction();
$db->close();
// Redirect the user to the cached result page
header('Location: search.php?search_id=' . $search_id);
exit;
}
}
$forum_actions = array();
// If we're on the new posts search, display a "mark all as read" link
if (!$pun_user['is_guest'] && $search_type[0] == 'action' && $search_type[1] == 'show_new') {
$forum_actions[] = '<a href="misc.php?action=markread&csrf_token=' . pun_csrf_token() . '">' . $lang_common['Mark all as read'] . '</a>';
}
// Fetch results to display
if (!empty($search_ids)) {
switch ($sort_by) {
case 1:
$sort_by_sql = $show_as == 'topics' ? 't.poster' : 'p.poster';
break;
case 2:
$sort_by_sql = 't.subject';
break;
case 3:
$sort_by_sql = 't.forum_id';
break;
default:
$sort_by_sql = $show_as == 'topics' ? 't.last_post' : 'p.posted';
echo $lang_profile['Instructions'];
?>
</p>
</form>
</div>
</div>
<?php
} else {
if ($section == 'personality') {
if ($pun_config['o_avatars'] == '0' && $pun_config['o_signatures'] == '0') {
message($lang_common['Bad request'], false, '404 Not Found');
}
$avatar_field = '<span><a href="profile.php?action=upload_avatar&id=' . $id . '">' . $lang_profile['Change avatar'] . '</a></span>';
$user_avatar = generate_avatar_markup($id);
if ($user_avatar) {
$avatar_field .= ' <span><a href="profile.php?action=delete_avatar&id=' . $id . '&csrf_token=' . pun_csrf_token() . '">' . $lang_profile['Delete avatar'] . '</a></span>';
} else {
$avatar_field = '<span><a href="profile.php?action=upload_avatar&id=' . $id . '">' . $lang_profile['Upload avatar'] . '</a></span>';
}
if ($user['signature'] != '') {
$signature_preview = '<p>' . $lang_profile['Sig preview'] . '</p>' . "\n\t\t\t\t\t\t\t" . '<div class="postsignature postmsg">' . "\n\t\t\t\t\t\t\t\t" . '<hr />' . "\n\t\t\t\t\t\t\t\t" . $parsed_signature . "\n\t\t\t\t\t\t\t" . '</div>' . "\n";
} else {
$signature_preview = '<p>' . $lang_profile['No sig'] . '</p>' . "\n";
}
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Profile'], $lang_profile['Section personality']);
define('PUN_ACTIVE_PAGE', 'profile');
require PUN_ROOT . 'header.php';
generate_profile_menu('personality');
?>
<div class="blockform">
<h2><span><?php
}
$quickpost = false;
if ($pun_config['o_quickpost'] == '1' && ($cur_topic['post_replies'] == '1' || $cur_topic['post_replies'] == '' && $pun_user['g_post_replies'] == '1') && ($cur_topic['closed'] == '0' || $is_admmod)) {
// Load the post.php language file
require PUN_ROOT . 'lang/' . $pun_user['language'] . '/post.php';
$required_fields = array('req_message' => $lang_common['Message']);
if ($pun_user['is_guest']) {
$required_fields['req_username'] = $lang_post['Guest name'];
if ($pun_config['p_force_guest_email'] == '1') {
$required_fields['req_email'] = $lang_common['Email'];
}
}
$quickpost = true;
}
if (!$pun_user['is_guest'] && $pun_config['o_topic_subscriptions'] == '1') {
$token_url = '&csrf_token=' . pun_csrf_token();
if ($cur_topic['is_subscribed']) {
// I apologize for the variable naming here. It's a mix of subscription and action I guess :-)
$subscraction = "\t\t" . '<p class="subscribelink clearb"><span>' . $lang_topic['Is subscribed'] . ' - </span><a href="misc.php?action=unsubscribe&tid=' . $id . $token_url . '">' . $lang_topic['Unsubscribe'] . '</a></p>' . "\n";
} else {
$subscraction = "\t\t" . '<p class="subscribelink clearb"><a href="misc.php?action=subscribe&tid=' . $id . $token_url . '">' . $lang_topic['Subscribe'] . '</a></p>' . "\n";
}
} else {
$subscraction = '';
}
// Add relationship meta tags
$page_head = array();
$page_head['canonical'] = '<link rel="canonical" href="viewtopic.php?id=' . $id . ($p == 1 ? '' : '&p=' . $p) . '" title="' . sprintf($lang_common['Page'], $p) . '" />';
if ($num_pages > 1) {
if ($p > 1) {
$page_head['prev'] = '<link rel="prev" href="viewtopic.php?id=' . $id . ($p == 2 ? '' : '&p=' . ($p - 1)) . '" title="' . sprintf($lang_common['Page'], $p - 1) . '" />';
function check_csrf($token)
{
global $lang_common;
$is_hash_authorized = pun_hash_equals($token, pun_csrf_token());
if (!isset($token) || !$is_hash_authorized) {
message($lang_common['Bad csrf hash'], false, '404 Not Found');
}
}
}
if ($pun_config['o_rules'] == '1' && (!$pun_user['is_guest'] || $pun_user['g_read_board'] == '1' || $pun_config['o_regs_allow'] == '1')) {
$links[] = '<li id="navrules"' . (PUN_ACTIVE_PAGE == 'rules' ? ' class="isactive"' : '') . '><a href="misc.php?action=rules">' . $lang_common['Rules'] . '</a></li>';
}
if ($pun_user['g_read_board'] == '1' && $pun_user['g_search'] == '1') {
$links[] = '<li id="navsearch"' . (PUN_ACTIVE_PAGE == 'search' ? ' class="isactive"' : '') . '><a href="search.php">' . $lang_common['Search'] . '</a></li>';
}
if ($pun_user['is_guest']) {
$links[] = '<li id="navregister"' . (PUN_ACTIVE_PAGE == 'register' ? ' class="isactive"' : '') . '><a href="register.php">' . $lang_common['Register'] . '</a></li>';
$links[] = '<li id="navlogin"' . (PUN_ACTIVE_PAGE == 'login' ? ' class="isactive"' : '') . '><a href="login.php">' . $lang_common['Login'] . '</a></li>';
} else {
$links[] = '<li id="navprofile"' . (PUN_ACTIVE_PAGE == 'profile' ? ' class="isactive"' : '') . '><a href="profile.php?id=' . $pun_user['id'] . '">' . $lang_common['Profile'] . '</a></li>';
if ($pun_user['is_admmod']) {
$links[] = '<li id="navadmin"' . (PUN_ACTIVE_PAGE == 'admin' ? ' class="isactive"' : '') . '><a href="admin_index.php">' . $lang_common['Admin'] . '</a></li>';
}
$links[] = '<li id="navlogout"><a href="login.php?action=out&id=' . $pun_user['id'] . '&csrf_token=' . pun_csrf_token() . '">' . $lang_common['Logout'] . '</a></li>';
}
// Are there any additional navlinks we should insert into the array before imploding it?
if ($pun_user['g_read_board'] == '1' && $pun_config['o_additional_navlinks'] != '') {
if (preg_match_all('%([0-9]+)\\s*=\\s*(.*?)\\n%s', $pun_config['o_additional_navlinks'] . "\n", $extra_links)) {
// Insert any additional links into the $links array (at the correct index)
$num_links = count($extra_links[1]);
for ($i = 0; $i < $num_links; ++$i) {
array_splice($links, $extra_links[1][$i], 0, array('<li id="navextra' . ($i + 1) . '">' . $extra_links[2][$i] . '</li>'));
}
}
}
$tpl_temp = '<div id="brdmenu" class="inbox">' . "\n\t\t\t" . '<ul>' . "\n\t\t\t\t" . implode("\n\t\t\t\t", $links) . "\n\t\t\t" . '</ul>' . "\n\t\t" . '</div>';
$tpl_main = str_replace('<pun_navlinks>', $tpl_temp, $tpl_main);
// END SUBST - <pun_navlinks>
// START SUBST - <pun_status>