<?php require "include/bittorrent.php"; dbconn(false); maxsysop ();

1. <?php
2. require "include/bittorrent.php";
3.  
4. dbconn(false);
5. maxsysop ();
6. loggedinorreturn();
7. $wherethisuser = where ($_SERVER["SCRIPT_FILENAME"],$CURUSER["id"]);
8. parked();
9. $action = $HTTP_GET_VARS["action"];
10.  
11. function catch_up($topics="all")
12. {
13. //die("This feature is currently unavailable.");
14. global $CURUSER;
15.  
16. $userid = $CURUSER["id"];
17.  
18. $res = mysql_query("SELECT id, lastpost FROM topics") or sqlerr(__FILE__, __LINE__);
19.  
20. while ($arr = mysql_fetch_assoc($res))
21. {
22. $topicid = $arr["id"];
23.  
24. $postid = $arr["lastpost"];
25.  
26. if ($topicid == $topics || $topics == "all") {
27.  
28. $r = mysql_query("SELECT id,lastpostread FROM readposts WHERE userid=$userid and topicid=$topicid") or sqlerr(__FILE__, __LINE__);
29.  
30. if (mysql_num_rows($r) == 0)
31. mysql_query("INSERT INTO readposts (userid, topicid, lastpostread) VALUES($userid, $topicid, $postid)") or sqlerr(__FILE__, __LINE__);
32.  
33. else
34. {
35. $a = mysql_fetch_assoc($r);
36.  
37. if ($a["lastpostread"] < $postid)
38. mysql_query("UPDATE readposts SET lastpostread=$postid WHERE id=" . $a["id"]) or sqlerr(__FILE__, __LINE__);
39. }
40. }
41. }
42. }
43.  
44. //-------- Returns the minimum read/write class levels of a forum
45.  
46. function get_forum_access_levels($forumid)
47. {
48. $res = mysql_query("SELECT minclassread, minclasswrite, minclasscreate FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
49.  
50. if (mysql_num_rows($res) != 1)
51. return false;
52.  
53. $arr = mysql_fetch_assoc($res);
54.  
55. return array("read" => $arr["minclassread"], "write" => $arr["minclasswrite"], "create" => $arr["minclasscreate"]);
56. }
57.  
58. //-------- Returns the forum ID of a topic, or false on error
59.  
60. function get_topic_forum($topicid)
61. {
62. $res = mysql_query("SELECT forumid FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
63.  
64. if (mysql_num_rows($res) != 1)
65. return false;
66.  
67. $arr = mysql_fetch_row($res);
68.  
69. return $arr[0];
70. }
71.  
72. //-------- Returns the ID of the last post of a forum
73.  
74. function update_topic_last_post($topicid)
75.  
76. {
77.  
78. $res = mysql_query("SELECT id FROM posts WHERE topicid=$topicid ORDER BY id DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
79.  
80. $arr = mysql_fetch_row($res) or die("No post found");
81.  
82. $postid = $arr[0];
83.  
84. mysql_query("UPDATE topics SET lastpost=$postid WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
85.  
86. }
87.  
88. function get_forum_last_post($forumid)
89. {
90. $res = mysql_query("SELECT lastpost FROM topics WHERE forumid=$forumid ORDER BY lastpost DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
91.  
92. $arr = mysql_fetch_row($res);
93.  
94. $postid = $arr[0];
95.  
96. if ($postid)
97. return $postid;
98.  
99. else
100. return 0;
101. }
102.  
103. //-------- Inserts a quick jump menu
104.  
105. function insert_quick_jump_menu($currentforum = 0)
106. {
107. print("<p align=center><form method=get action=? name=jump>\n");
108.  
109. print("<input type=hidden name=action value=viewforum>\n");
110.  
111. print("Quick jump: ");
112.  
113. print("<select name=forumid onchange=\"if(this.options[this.selectedIndex].value != -1){ forms['jump'].submit() }\">\n");
114.  
115. $res = mysql_query("SELECT * FROM forums ORDER BY name") or sqlerr(__FILE__, __LINE__);
116.  
117. while ($arr = mysql_fetch_assoc($res))
118. {
119. if (get_user_class() >= $arr["minclassread"])
120. print("<option value=" . $arr["id"] . ($currentforum == $arr["id"] ? " selected>" : ">") . $arr["name"] . "\n");
121. }
122.  
123. print("</select>\n");
124.  
125. print("<input type=submit value='Go!'>\n");
126.  
127. print("</form>\n</p>");
128. }
129.  
130. //-------- Insert A Fast Reply Frame
131.  
132. function insert_fastreply_frame($id)
133. {
134. print("<center> \n");
135. print("<br>");
136.  
137. print("<span onClick=\"expandcontent('sc1')\" style=\"cursor:hand; cursor:pointer\"><h2><b><font color=white>Fast Reply Box</font></b></h2></span>");
138.  
139. print("<div id=\"sc1\" class=\"switchcontent\"><form method=post name=compose action=?action=post>\n");
140.  
141. print("<input type=hidden name=topicid value=$id>\n");
142.  
143. begin_table();
144.  
145. print("<tr><td class=rowhead>Body</td><td align=left style='padding: 0px'>" .
146. "<textarea name=body cols=100 rows=10 style='border: 0px'>".
147. "</textarea></td></tr>\n");
148. print("<form method=post name=compose>\n");
149. print("<tr><td colspan=2 align=center><input type=button value=Submit name=button1 onclick='return Post();'> <input type=button value=Preview name=button2 onclick='return Preview();'></td></tr>\n");
150.  
151.  
152. end_table();
153.  
154. print("</form></div>\n");
155.  
156. print("<br>");
157. }
158.  
159. //-------- Inserts a compose frame
160.  
161. function insert_compose_frame($id, $newtopic = true, $quote = false, $forid, $body ='' , $subject='')
162. {
163. global $maxsubjectlength, $CURUSER;
164.  
165. if ($newtopic)
166. {
167.  
168. $res = mysql_query("SELECT name FROM forums WHERE id=$id") or sqlerr(__FILE__, __LINE__);
169.  
170. $arr = mysql_fetch_assoc($res) or die("Bad forum id");
171.  
172. $forumname = $arr["name"];
173.  
174. print("<p align=center>New topic in <a href=?action=viewforum&forumid=$id>$forumname</a> forum</p>\n");
175. }
176. else
177. {
178. $res = mysql_query("SELECT * FROM topics WHERE id=$id") or sqlerr(__FILE__, __LINE__);
179.  
180. $arr = mysql_fetch_assoc($res) or stderr("Forum error", "Topic not found.");
181.  
182. if (get_user_class() < $arr['minclassread'])
183. stderr('Permission Denied','You are not allowed to post in this thread.');
184.  
185. $subject = htmlspecialchars($arr["subject"]);
186.  
187. print("<p align=center>Reply to topic: <a href=?action=viewtopic&topicid=$id>$subject</a></p>");
188. }
189.  
190. begin_frame("Compose", true);
191.  
192. // New Code
193. print("<form method=post name=\"compose\" action=?action=post>\n");
194.  
195. //print("<form class=embedded method=post action='?action=post'>\n");
196.  
197. if ($newtopic){
198. print("<input type=hidden name=forumid value=$id>\n");
199. print("<input type=hidden name=subject value=$subject>\n");
200. print("<input type=hidden name=posttopic value='yes'>\n");
201. }
202.  
203. else
204. print("<input type=hidden name=topicid value=$id>\n");
205.  
206. begin_table();
207. //print("<table class=message cellspacing=0 cellpadding=$padding>\n");
208.  
209. if ($newtopic)
210. print("<tr><td class=rowhead>Subject</td>" .
211. "<td align=left style='padding: 0px'><input type=text size=100 maxlength=$maxsubjectlength name=subject " .
212. "value='$subject' style='border: 0px; height: 19px'></td></tr>\n");
213.  
214. if ($quote)
215. {
216. $postid = $_GET["postid"];
217. if (!is_valid_id($postid))
218. die;
219.  
220. $res = mysql_query("SELECT posts.*, users.username FROM posts JOIN users ON posts.userid = users.id WHERE posts.id=$postid") or sqlerr(__FILE__, __LINE__);
221.  
222. if (mysql_num_rows($res) != 1)
223. stderr("Error", "No post with ID $postid.");
224.  
225. $arr = mysql_fetch_assoc($res);
226. }
227.  
228. print("<tr><td class=rowhead>Body</td><td align=left style='padding: 0px'>"); textbbcode("compose","body",($quote?(("[quote=".htmlspecialchars($arr["username"])."]".htmlspecialchars(unesc($arr["body"]))."[/quote]")):""));
229. print("<tr><td colspan=2 align=center><input type=button value=Submit name=button1 onclick='return Post();'> <input type=button value=Preview name=button2 onclick='return Preview();'></td></tr>\n");
230. print("</td></tr>");
231.  
232. end_table();
233.  
234. print("</form>\n");
235.  
236. end_frame();
237.  
238. //------ Get 10 last posts if this is a reply
239.  
240. if (!$newtopic)
241. {
242. $postres = mysql_query("SELECT * , UNIX_TIMESTAMP(added) as utadded FROM posts WHERE topicid=$id ORDER BY id DESC LIMIT 10") or sqlerr(__FILE__, __LINE__);
243.  
244. begin_frame("10 last posts, in reverse order");
245.  
246. while ($post = mysql_fetch_assoc($postres))
247. {
248. //-- Get poster details
249.  
250. $userres = mysql_query("SELECT * FROM users WHERE id=" . $post["userid"] . " LIMIT 1") or sqlerr(__FILE__, __LINE__);
251.  
252. $user = mysql_fetch_assoc($userres);
253.  
254. $avatar = $user["avatar"];
255.  
256. if (!$avatar || $off_avatar)
257. $avatar = "/pic/default_avatar.gif";
258.  
259. print("<p class=sub>#" . $post["id"] . " by " . $user["username"] . " at " . get_date_time($post["utadded"] , $CURUSER[tzoffset] ) . " GMT</p>");
260.  
261. begin_table(true);
262.  
263. print("<tr valign=top><td width=150 align=center style='padding: 0px'>" . ($avatar ? "<img width=150 src=$avatar>" : "").
264. "</td><td class=comment>" . format_comment($post["body"]) . "</td></tr>\n");
265.  
266. end_table();
267.  
268. }
269.  
270. end_frame();
271.  
272. }
273.  
274. insert_quick_jump_menu();
275.  
276. }
277.  
278. //-------- Global variables
279.  
280. $maxsubjectlength = 60;
281. $postsperpage = $CURUSER["postsperpage"];
282. if (!$postsperpage) $postsperpage = 25;
283.  
284. //-------- Action: Edit Forum
285.  
286. if ($action == "editforum")
287. {
288. if (get_user_class() <= UC_MODERATOR) {
289. stderr("Forum Error", "Not yet implemented.");
290. die();
291. }
292.  
293. stdhead("Edit forum");
294. ?>
295. <center>
296. <?php
297. begin_frame("Edit Forum", "center");
298.  
299. $forumid = 0 + $_GET["forumid"];
300. $res = mysql_query("SELECT * FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
301. $forum = mysql_fetch_assoc($res);
302.  
303. print("<form method=post action=?action=updateforum&forumid=$forumid>\n");
304. begin_table();
305. print("<tr><td class=rowhead>Forum name</td>" .
306. "<td align=left style='padding: 0px'><input type=text size=60 maxlength=$maxsubjectlength name=name " .
307. "style='border: 0px; height: 19px' value=\"$forum[name]\"></td></tr>\n".
308. "<tr><td class=rowhead>Description</td>" .
309. "<td align=left style='padding: 0px'><textarea name=description cols=68 rows=3 style='border: 0px'>$forum[description]</textarea></td></tr>\n".
310. "<tr><td class=rowhead></td><td align=left style='padding: 0px'>&nbspMinimum <select name=readclass>");
311. for ($i = 0; $i <= UC_SYSOP; ++$i)
312. print("<option value=$i" . ($i == $forum['minclassread'] ? " selected" : "") . ">" . get_user_class_name($i) . "</option>\n");
313. print("</select> Class required to View<br>\n&nbspMinimum <select name=writeclass>");
314. for ($i = 0; $i <= UC_SYSOP; ++$i)
315. print("<option value=$i" . ($i == $forum['minclasswrite'] ? " selected" : "") . ">" . get_user_class_name($i) . "</option>\n");
316. print("</select> Class required to Post<br>\n&nbspMinimum <select name=createclass>");
317. for ($i = 0; $i <= UC_SYSOP; ++$i)
318. print("<option value=$i" . ($i == $forum['minclasscreate'] ? " selected" : "") . ">" . get_user_class_name($i) . "</option>\n");
319. print("</select> Class required to Create Topics</td></tr>\n".
320. "<tr><td colspan=2 align=center><input type=submit value='Submit'></td></tr>\n");
321. end_table();
322. print("</form>\n");
323.  
324. end_frame();
325.  
326. stdfoot();
327. die;
328. }
329.  
330. //-------- Action: Update Forum
331.  
332. if ($action == "updateforum")
333. {
334. $forumid = $_GET["forumid"];
335. $name = $_POST["name"];
336. $description = $_POST["description"];
337. $minclassread = 0 + $_POST["readclass"];
338. $minclasswrite = 0 + $_POST["writeclass"];
339. $minclasscreate = 0 + $_POST["createclass"];
340.  
341. if(!$forumid)
342. stderr("Error", "Forum ID not found.");
343. if(!$name)
344. stderr("Error", "You must specify a name for the forum.");
345. if(!$description)
346. stderr("Error", "You must provide a description for the forum.");
347.  
348. $name = sqlesc($name);
349. $description = sqlesc($description);
350.  
351. mysql_query("UPDATE forums SET ".
352. "name=$name, ".
353. "description=$description, ".
354. "minclassread=$minclassread, ".
355. "minclasswrite=$minclasswrite, ".
356. "minclasscreate=$minclasscreate ".
357. "WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
358.  
359. header("Location: $BASEURL/forums.php");
360. }
361.  
362. //-------- Action: Delete Forum
363.  
364. if ($action == "deleteforum")
365. {
366. $forumid = 0 + $_GET["forumid"];
367. $confirmed = 0 + $_GET["confirmed"];
368.  
369. if(!$forumid)
370. stderr("Error", "Forum ID not found.");
371. if(!$confirmed)
372. {
373. $rf = mysql_query("SELECT name FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
374. $forum = mysql_fetch_assoc($rf);
375. $rt = mysql_query("SELECT id FROM topics WHERE forumid=$forumid") or sqlerr(__FILE__, __LINE__);
376. $topics = mysql_num_rows($rt);
377. $posts = 0;
378. while($topic = mysql_fetch_assoc($rt))
379. {
380. $rp = mysql_query("SELECT * FROM posts WHERE topicid=$topic[id]") or sqlerr(__FILE__, __LINE__);
381. $posts += mysql_num_rows($rp);
382. }
383. stdhead("Delete forum");
384. ?>
385. <center>
386. <?php
387. begin_frame("** WARNING! **");
388. print("Deleting forum ID $forumid ($forum[name]) will also delete $posts posts in $topics topics. ".
389. "[<a class=altlink href=?action=deleteforum&forumid=$forumid&confirmed=1>ACCEPT</a>] ".
390. "[<a class=altlink href=forums.php>CANCEL</a>]");
391. end_frame();
392.  
393. stdfoot();
394. die;
395. }
396.  
397. if ($CURUSER['class']>=UC_MODERATOR)
398. {
399. $rt = mysql_query("SELECT id FROM topics WHERE forumid=$forumid") or sqlerr(__FILE__, __LINE__);
400. while($topic = mysql_fetch_assoc($rt))
401. mysql_query("DELETE FROM posts WHERE topicid=$topic[id]") or sqlerr(__FILE__, __LINE__);
402. mysql_query("DELETE FROM topics WHERE forumid=$forumid") or sqlerr(__FILE__, __LINE__);
403. mysql_query("DELETE FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
404. header("Location: $BASEURL/forums.php");
405. }
406. else
407. stderr("Error", "You are not authorised to perform this action!");
408. die;
409. }
410. //-------- Action: New auto topic
411. if($_POST['topicgen']=="yes" && $action=="new") {
412. if (get_user_class() >= UC_ADMINISTRATOR) {stderr("Error", "You are not authorised to perform this action!"); }
413. $userid="1"; // AutoPoster account
414.  
415. }
416. //-------- Action: New topic
417.  
418. if ($action == "newtopic")
419. {
420. $forumid = 0 + $_GET["forumid"];
421.  
422. if (!is_valid_id($forumid))
423. die;
424.  
425. stdhead("New topic");
426.  
427. ?>
428. <center>
429. <?php
430.  
431. insert_compose_frame($forumid, true, false, $forid);
432.  
433.  
434.  
435. stdfoot();
436.  
437. die;
438. }
439.  
440.  
441.  
442. //-------- Action: Post
443.  
444. if ($action == "post")
445. {
446.  
447. //session_start();
448.  
449. //$buttonval = $_POST["buttonval"];
450. $forumid = 0 + $_POST["forumid"];
451. $topicid = 0 + $_POST["topicid"];
452. $subject = $_POST["subject"];
453. $forid = $_GET["forid"];
454. $body = trim($_POST["body"]);
455.  
456.  
457. if ($buttonval == "Preview") {
458.  
459. stdhead("Preview");
460.  
461. ?>
462. <center>
463. <?php
464.  
465.  
466. //if (!is_valid_id($topicid))
467. // die;
468. //if (!is_valid_id($forumid))
469. // die;
470.  
471. if ($forumid)
472. insert_compose_frame($forumid, true, false, $forid, $body, $subject);
473. else
474. insert_compose_frame($topicid, false, false, $forid, $body, $subject);
475.  
476.  
477.  
478. stdfoot();
479.  
480. die;
481. }
482.  
483. if (!is_valid_id($forumid) && !is_valid_id($topicid))
484. stderr("Error", "Bad forum or topic ID.");
485.  
486. $newtopic = $forumid > 0;
487.  
488.  
489. if ($newtopic)
490. {
491. $subject = trim($subject);
492.  
493. if (!$subject)
494. stderr("Error", "You must enter a subject.");
495.  
496. if (strlen($subject) > $maxsubjectlength)
497. stderr("Error", "Subject is limited to $maxsubjectlength characters.");
498. }
499. else
500. $forumid = get_topic_forum($topicid) or die("Bad topic ID");
501.  
502. if ($CURUSER["forumpost"] == 'no')
503. {
504. stdhead();
505. ?>
506. <center>
507. <?php
508. stdmsg("Sorry...", "You are not authorized to Post. (See <a href=\"inbox.php#up\">Read Inbox</a>)");
509. stdfoot();
510. exit;
511. }
512.  
513. //------ Make sure sure user has write access in forum
514.  
515. $arr = get_forum_access_levels($forumid) or die("Bad forum ID");
516. if ($CURUSER["forumpost"] == 'no')
517. {
518. stdhead();
519. ?>
520. <center>
521. <?php
522. stdmsg("Sorry...", "You are not authorized to Post. (See <a href=\"inbox.php#up\">Read Inbox</a>)");
523. stdfoot();
524. exit;
525. }
526.  
527. if ((get_user_class() < $arr["write"]) || ($CURUSER["forumpost"] == 'no'))
528. stderr("Error", "Permission denied.");
529.  
530.  
531. if ($body == "")
532. stderr("Error", "No body text.");
533.  
534. $userid = $CURUSER["id"];
535.  
536. if ($newtopic)
537. {
538. //---- Create topic
539.  
540. $subject = sqlesc($subject);
541.  
542. mysql_query("INSERT INTO topics (userid, forumid, subject) VALUES($userid, $forumid, $subject)") or sqlerr(__FILE__, __LINE__);
543.  
544. $topicid = mysql_insert_id() or stderr("Error", "No topic ID returned");
545. }
546. else
547. {
548. //---- Make sure topic exists and is unlocked
549.  
550. $res = mysql_query("SELECT * FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
551.  
552. $arr = mysql_fetch_assoc($res) or die("Topic id n/a");
553.  
554. if ($arr["locked"] == 'yes' && get_user_class() < UC_MODERATOR)
555. stderr("Error", "This topic is locked.");
556.  
557. //=== PM subscribed peeps
558. $res_sub = mysql_query("SELECT userid FROM subscriptions WHERE topicid = $topicid") or sqlerr(__FILE__, __LINE__);
559. while($row = mysql_fetch_assoc($res_sub)) {
560. $res_yes = mysql_query("SELECT subscription_pm, username FROM users WHERE id = $row[userid]") or sqlerr(__FILE__, __LINE__);
561. $arr_yes = mysql_fetch_array($res_yes);
562. $msg = "Hey there!!! \n a thread you subscribed to: [b]".$arr["subject"]."[/b] has had a new post!\n click [url=".$BASEURL."/forums.php?action=viewtopic&topicid=".$topicid."&page=last][b]HERE[/b][/url] to read it!\n\nTo view your subscriptions, or un-subscribe, click [url=".$BASEURL."/subscriptions.php][b]HERE[/b][/url].\n\ncheers.";
563. if ($arr_yes["subscription_pm"] == 'yes' && $row["userid"] != $CURUSER["id"])
564. mysql_query("INSERT INTO messages (sender, subject, receiver, added, msg) VALUES(0, 'New post in subscribed thread!', $row[userid], '" . get_date_time() . "', " . sqlesc($msg) . ")") or sqlerr(__FILE__, __LINE__);
565. }
566. //===end
567. //---- Get forum ID
568.  
569. $forumid = $arr["forumid"];
570. }
571.  
572. //------ Insert post
573.  
574. $added = "'" . get_date_time() . "'";
575.  
576. $body = sqlesc($body);
577.  
578. $minutes = 1;
579. $limit = 2;
580. $res = mysql_query("SELECT COUNT(*) FROM posts WHERE userid = $CURUSER[id] AND added > '".get_date_time(gmtime() - ($minutes * 60))."'") or sqlerr(__FILE__,__LINE__);
581. $row = mysql_fetch_row($res);
582.  
583. if ($row[0] > $limit)
584. stderr("<b>Flood</b>", "<b><font color=red>More than $limit posts in the last $minutes minutes</font></b>.");
585.  
586. mysql_query("INSERT INTO posts (topicid, userid, added, body) " .
587. "VALUES($topicid, $userid, $added, $body)") or sqlerr(__FILE__, __LINE__);
588.  
589. $postid = mysql_insert_id() or die("Post id n/a");
590.  
591. //------ Check if someone is subscribing to this thread and send a pm V2
592. $res1 = mysql_query("SELECT userid FROM subscriptions WHERE userid != " . $CURUSER["id"] . " AND topicid = ".sqlesc($topicid)."") or sqlerr(__FILE__, __LINE__);
593. $subject = sqlesc("Subscribed topic - new post");
594. $pm_msg = sqlesc("A new post has been made in the topic [b]".$arr[subject]."[/b] wich you are subscribed to.\nClick [url=$DEFAULTBASEURL/forums.php?action=viewtopic&topicid=$topicid][b]Here[/b][/url] to get to the post.\n");
595. while($row = mysql_fetch_assoc($res1)) {
596. mysql_query("INSERT INTO messages (sender, receiver, added, subject, msg) VALUES(0, $row[userid], '" . get_date_time() . "', $subject, $pm_msg)") or sqlerr(__FILE__, __LINE__);
597. }
598. //------ End to check if someone is subscribing to this thread and send a pm V2
599.  
600. //------ Update topic last post
601.  
602. update_topic_last_post($topicid);
603. //------ All done, redirect user to the post
604.  
605. $headerstr = "Location: $BASEURL/forums.php?action=viewtopic&topicid=$topicid&page=last";
606.  
607. if ($newtopic)
608. header($headerstr);
609.  
610. else
611. header("$headerstr#$postid");
612.  
613. die;
614. }
615.  
616. //-------- Action: View topic
617.  
618. if ($action == "viewtopic")
619. {
620. $highlight = $_GET["highlight"];
621. $topicid = $_GET["topicid"];
622.  
623. $page = $_GET["page"];
624. $forid = $_GET["forid"];
625.  
626. if (!is_valid_id($topicid))
627. die;
628.  
629. $userid = $CURUSER["id"];
630.  
631. // Get last post UserID
632.  
633. $res = mysql_query("SELECT userid FROM posts WHERE topicid = $topicid ORDER BY id DESC") or sqlerr(__FILE__, __LINE__);
634. $arr = mysql_fetch_array($res);
635. $lastpostid = $arr["userid"];
636.  
637. //------ Get topic info
638.  
639. $res = mysql_query("SELECT * FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
640.  
641. $arr = mysql_fetch_assoc($res) or stderr("Forum error", "Topic not found");
642. if ($arr["numratings"] != 0)
643. $rating = ROUND($arr["ratingsum"] / $arr["numratings"], 1);
644. $rpic = ratingpic($rating);
645.  
646. $locked = $arr["locked"];
647. $subject = $arr["subject"];
648. $sticky = $arr["sticky"] == "yes";
649. $forumid = $arr["forumid"];
650.  
651. //------ Update hits column
652.  
653. mysql_query("UPDATE topics SET views = views + 1 WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
654.  
655. //------ Get forum
656.  
657. $res = mysql_query("SELECT * FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
658.  
659. $arr = mysql_fetch_assoc($res) or die("Forum = NULL");
660.  
661. $forum = $arr["name"];
662. $forid = $arr["forid"];
663.  
664. if ($CURUSER["class"] < $arr["minclassread"])
665. stderr("Error", "You are not permitted to view this topic.");
666.  
667. //------ Get post count
668.  
669. $res = mysql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
670.  
671. $arr = mysql_fetch_row($res);
672.  
673. $postcount = $arr[0];
674.  
675. //------ Make page menu
676.  
677. $pagemenu = "<p>\n";
678.  
679. $perpage = $postsperpage;
680.  
681. $pages = ceil($postcount / $perpage);
682.  
683. if ($page[0] == "p")
684. {
685. $findpost = substr($page, 1);
686. $res = mysql_query("SELECT id FROM posts WHERE topicid=$topicid ORDER BY added") or sqlerr(__FILE__, __LINE__);
687. $i = 1;
688. while ($arr = mysql_fetch_row($res))
689. {
690. if ($arr[0] == $findpost)
691. break;
692. ++$i;
693. }
694. $page = ceil($i / $perpage);
695. }
696.  
697. if ($page == "last")
698. $page = $pages;
699. else
700. {
701. if($page < 1)
702. $page = 1;
703. elseif ($page > $pages)
704. $page = $pages;
705. }
706.  
707. $offset = $page * $perpage - $perpage;
708.  
709. for ($i = 1; $i <= $pages; ++$i)
710. {
711. if ($i == $page)
712. $pagemenu .= "<font class=gray><b>$i</b></font>\n";
713.  
714. else
715. $pagemenu .= "<a href=?action=viewtopic&topicid=$topicid&page=$i><b>$i</b></a>\n";
716. }
717.  
718. if ($page == 1)
719. $pagemenu .= "<br><font class=gray><b>&lt;&lt; Prev</b></font>";
720.  
721. else
722. $pagemenu .= "<br><a href=?action=viewtopic&topicid=$topicid&page=" . ($page - 1) .
723. "><b>&lt;&lt; Prev</b></a>";
724.  
725. $pagemenu .= "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
726.  
727. if ($page == $pages)
728. $pagemenu .= "<font class=gray><b>Next &gt;&gt;</b></font></p>\n";
729.  
730. else
731. $pagemenu .= "<a href=?action=viewtopic&topicid=$topicid&page=" . ($page + 1) .
732. "><b>Next &gt;&gt;</b></a></p>\n";
733.  
734. //------ Get posts
735.  
736. $res = mysql_query("SELECT * FROM posts WHERE topicid=$topicid ORDER BY id LIMIT $offset,$perpage") or sqlerr(__FILE__, __LINE__);
737.  
738. stdhead("View topic");
739.  
740. ?>
741. <center>
742. <?php
743. print("<h1><a href=?action=viewforum&forumid=$forumid>$forum</a> &gt; $subject</h1>\n");
744. print("<br><a href=subscriptions.php?topicid=$topicid&subscribe=1><b><font color=lime>Subscribe to Forum</font></b></a>");
745. print($pagemenu);
746.  
747. $lastpostidje = get_forum_last_post($forumid);
748.  
749. $postidje = $arrtje[0];
750. print('<p>Go to last post:<a href=forums.php?action=viewtopic&topicid='.$topicid.'&page=p'.$lastpostidje.'#'.$lastpostidje.'><img border=0 src=/pic/last_post.gif></a></p>');
751.  
752.  
753. //------ Print table
754.  
755.  
756. ?>
757. <form name="jump_to_rate">
758. <select name="rate_me" OnChange="location.href=jump_to_rate.rate_me.options[selectedIndex].value">
759. <option selected> Rate this Topic!
760. <option value="takerate.php?topic_id=<?=$topicid?>&rate_me=5">5- the best!
761. <option value="takerate.php?topic_id=<?=$topicid?>&rate_me=4">4- great
762. <option value="takerate.php?topic_id=<?=$topicid?>&rate_me=3">3- fair
763. <option value="takerate.php?topic_id=<?=$topicid?>&rate_me=2">2- bad
764. <option value="takerate.php?topic_id=<?=$topicid?>&rate_me=1">1- stinks
765. </select><b>Topic Rating:</b> <?=$rpic?></form>
766. <?php
767. begin_frame();
768.  
769. $pc = mysql_num_rows($res);
770.  
771. $pn = 0;
772.  
773. $r = mysql_query("SELECT lastpostread FROM readposts WHERE userid=" . $CURUSER["id"] . " AND topicid=$topicid") or sqlerr(__FILE__, __LINE__);
774.  
775. $a = mysql_fetch_row($r);
776.  
777. $lpr = $a[0];
778.  
779. if (!$lpr)
780. mysql_query("INSERT INTO readposts (userid, topicid) VALUES($userid, $topicid)") or sqlerr(__FILE__, __LINE__);
781.  
782. while ($arr = mysql_fetch_assoc($res))
783. {
784. ++$pn;
785.  
786. $postid = $arr["id"];
787.  
788. $posterid = $arr["userid"];
789.  
790. $added = display_date_time($arr["added"]) . " (" . (get_elapsed_time(sql_timestamp_to_unix_timestamp($arr["added"]))) . " ago)";
791.  
792. //---- Get poster details
793. $dt = gmtime() - 180;
794. $dt = sqlesc(get_date_time($dt));
795. $res2 = sql_query("SELECT username,class,avatar,donor,title,simpaty,enabled,warned,uploaded,downloaded,signature,last_access FROM users WHERE id=$posterid") or sqlerr(__FILE__, __LINE__);
796.  
797. $arr2 = mysql_fetch_assoc($res2);
798. $uploaded = mksize($arr2["uploaded"]);
799. $downloaded = mksize($arr2["downloaded"]);
800. if ($arr2["downloaded"] > 0)
801.  
802. {
803.  
804. $ratio = $arr2['uploaded'] / $arr2['downloaded'];
805.  
806. $ratio = number_format($ratio, 3);
807.  
808. $color = get_ratio_color($ratio);
809.  
810. if ($color)
811.  
812. $ratio = "<font color=$color>$ratio</font>";
813.  
814. }
815.  
816. else
817.  
818. if ($arr2["uploaded"] > 0)
819.  
820. $ratio = "Inf.";
821.  
822. else
823.  
824. $ratio = "---";
825.  
826. $reputation=$arr2[simpaty];
827.  
828. $rem = sql_query("SELECT COUNT(*) FROM posts WHERE userid=" . $posterid) or sqlerr();
829. $arr25 = mysql_fetch_row($rem);
830. $forumposts = $arr25[0];
831.  
832. $signature = $arr2[signature];
833. $signature = ($CURUSER["signatures"] == "yes" ? htmlspecialchars($arr2["signature"]) : "");
834.  
835. $postername = $arr2["username"];
836.  
837. if ($postername == "")
838. {
839. $by = "unknown[$posterid]";
840.  
841. $avatar = "";
842. }
843. else
844. {
845. // if ($arr2["enabled"] == "yes")
846. $avatar = ($CURUSER["avatars"] == "yes" ? htmlspecialchars($arr2["avatar"]) : "");
847. // else
848. // $avatar = "pic/disabled_avatar.gif";
849.  
850. $title = $arr2["title"];
851.  
852. if (!$title)
853. $title = get_user_class_name($arr2["class"]);
854.  
855. $UC = array("Staff Leader" => "pic/sitestaff.png",
856. "Owner" => "pic/sitestaff.png",
857. "Coder" => "pic/sitestaff.png",
858. "1337" => "pic/sitestaff.png",
859. "SysOp" => "pic/sitestaff.png",
860. "Administrator" => "pic/sitestaff.png",
861. "Moderator" => "pic/sitestaff.png",
862. "Fast Uploader" => "pic/uploaderq.png",
863. "Uploader" => "pic/uploaderq.png",
864. "VIP" => "pic/vipdon.png",
865. "Community VIP" => "pic/comvip.png",
866. "Heavyweight" => "pic/hvw.png",
867. "Light Heavyweight" => "pic/lhw.png",
868. "Middleweight" => "pic/mdw.png",
869. "Welterweight" => "pic/wtw.png",
870. "Lightweight" => "pic/lgw.png");
871.  
872. $uclass = $UC[get_user_class_name($arr2["class"])];
873. $by = "<a href=userdetails.php?id=$posterid><b>$postername</b></a>" . ($arr2["donor"] == "yes" ? "<img src=".
874. "pic/star.gif alt='Donor'>" : "") . ($arr2["enabled"] == "no" ? "<img src=".
875. "pic/disabled.gif alt=\"This account is disabled\" style='margin-left: 2px'>" : ($arr2["warned"] == "yes" ? "<a href=rules.php#warning class=altlink><img src=pic/warned.gif alt=\"Warned\" border=0></a>" : "")) . " ";
876. }
877.  
878. if (!$avatar)
879. $avatar = "pic/default_avatar.gif";
880.  
881. print("<a name=$postid></a>\n");
882.  
883. if ($pn == $pc)
884. {
885. print("<a name=last></a>\n");
886. if ($postid > $lpr)
887. sql_query("UPDATE readposts SET lastpostread=$postid WHERE userid=$userid AND topicid=$topicid") or sqlerr(__FILE__, __LINE__);
888. }
889.  
890. print("<p class=sub><table border=0 cellspacing=0 cellpadding=0><tr><td class=embedded width=99%>#$postid by $by ($title) at $added");
891.  
892. print("</td><td class=embedded width=1%><a href=#><img src=pic/p_up.gif border=0 alt='Top'></a></td></tr>");
893.  
894. print("</table></p>\n");
895.  
896. begin_table(true);
897.  
898. $body = format_comment($arr["body"]);
899.  
900. //---------------------------------
901. //---- Search Highlight v0.1 by xam
902. //---------------------------------
903. if ($highlight){
904. $body = highlight($highlight,$body);
905. }
906. //---------------------------------
907. //---- Search Highlight v0.1 by xam
908. //---------------------------------
909.  
910. if (is_valid_id($arr['editedby']))
911. {
912. $res2 = sql_query("SELECT username FROM users WHERE id=$arr[editedby]");
913. if (mysql_num_rows($res2) == 1)
914. {
915. $arr2 = mysql_fetch_assoc($res2);
916. $body .= "<p><font size=1 class=small>Last edited by <a href=userdetails.php?id=$arr[editedby]><b>$arr2[username]</b></a> at $arr[editedat] GMT</font></p>\n";
917. }
918. }
919.  
920. if ($signature)
921. $body .= "<p style='vertical-align:bottom'><br>____________________<br>" . format_comment($signature) . "</p>";
922.  
923. "</td>";
924.  
925.  
926. $stats = "<br>"."&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Reputation: $reputation<br>"."&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Posts: $forumposts<br>"."&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;UL: $uploaded <br>"."&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;DL: $downloaded<br>"."&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Ratio.: $ratio";
927. print("<tr valign=top><td width=150 align=left style='padding: 0px'><br>"."&nbsp; " .
928. ($avatar ? "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<img width=100 src=\"$avatar\">": ""). "<br>"."&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <img src=$uclass>$stats<br><br></td><td class=comment>$body</td></tr>\n");
929. print("<tr><td> ".
930. ("'".$arr2['last_access']."'">$dt?"<img src=pic/user_online.gif border=0 alt=\"Online\">":"<img src=pic/user_offline.gif border=0 alt=\"Offline\">" )." <a href=\"sendmessage.php?receiver=".htmlspecialchars($posterid)."\"><img src=\"pic/pm.gif\" border=\"0\" alt=\"Send message to ".htmlspecialchars($postername)."\"></a> <a href=report.php?type=Post&id=$postid&id_2=$topicid><img src=\"pic/report.gif\" border=\"0\" alt=\"Report this post\"></a></td>");
931. print("<td align=right>");
932. if (!$locked || get_user_class() >= UC_LIGHT_WEIGHT)
933. print("<a href=?action=quotepost&topicid=$topicid&postid=$postid><img src=\"pic/p_quote.gif\" border=\"0\" alt=\"Reply with Quote\"></a>");
934.  
935. $arr = get_forum_access_levels($forumid) or die;
936. if (get_user_class() >= $arr["write"])
937. $maypost = true;
938.  
939. if ($maypost)
940. {
941. print("<a href=?action=reply&topicid=$topicid><img src=\"pic/p_reply.gif\" border=\"0\" alt=\"Reply directly to this post\"></a>");
942. }
943.  
944. if (get_user_class() >= UC_MODERATOR)
945. print("<a href=?action=deletepost&postid=$postid><img src=\"pic/p_delete.gif\" border=\"0\" alt=\"Delete Post\"></a>");
946.  
947. if (($CURUSER["id"] == $posterid && !$locked) || get_user_class() >= UC_LIGHT_WEIGHT)
948. print("<a href=?action=editpost&postid=$postid><img src=\"pic/p_edit.gif\" border=\"0\" alt=\"Edit Post\"></a>");
949. print("</td></tr>");
950. end_table();
951. }
952.  
953. //------ Fast Reply Begin
954.  
955. if ((get_user_class() >= $arr["write"]) && ($CURUSER["forumpost"] == 'yes') && ($lastpostid != $CURUSER["id"]) && ($locked=='no'))
956. insert_fastreply_frame($topicid);
957.  
958.  
959. //------ Fast Reply End
960.  
961. //------ Mod options
962.  
963. if (get_user_class() >= UC_MODERATOR)
964. {
965.  
966. // Ensure that Mods cannot tamper with a post set higher than they are.
967. if (get_user_class() >= $arr1["write"]) {
968.  
969. attach_frame();
970.  
971. $res = mysql_query("SELECT id,name,minclasswrite FROM forums ORDER BY name") or sqlerr(__FILE__, __LINE__);
972. print("<center><h2>Forum Moderator Options</h2></center>");
973. print("<table border=0 align=center cellspacing=0 cellpadding=0>\n");
974. //print("<table border=0 cellspacing=0 cellpadding=0>\n");
975. print("<form method=post action=?action=setsticky>\n");
976. print("<input type=hidden name=topicid value=$topicid>\n");
977. print("<input type=hidden name=returnto value=$BASEURL$HTTP_SERVER_VARS[REQUEST_URI]>\n");
978. print("<tr><td class=embedded align=right>Sticky:</td>\n");
979. print("<td class=embedded><input type=radio name=sticky value='yes' " . ($sticky ? " checked" : "") . "> Yes <input type=radio name=sticky value='no' " . (!$sticky ? " checked" : "") . "> No\n");
980. print("<input type=submit value='Set'></td></tr>");
981. print("</form>\n");
982.  
983. print("<form method=post action=?action=setlocked>\n");
984. print("<input type=hidden name=topicid value=$topicid>\n");
985. print("<input type=hidden name=returnto value=$BASEURL$_SERVER[REQUEST_URI]>\n");
986. print("<tr><td class=embedded align=right>Locked:</td>\n");
987. print("<td class=embedded><input type=text name=lockreason size=30>\n\n\n<input type=radio name=locked value='yes' " . ($locked ? " checked" : "") . "> Yes <input type=radio name=locked value='no' " . (!$locked ? " checked" : "") . "> No\n");
988. print("<input type=submit value='Set'></td></tr>");
989. print("</form>\n");
990.  
991. print("<form method=post action=?action=renametopic>\n");
992. print("<input type=hidden name=topicid value=$topicid>\n");
993. print("<input type=hidden name=returnto value=$BASEURL$HTTP_SERVER_VARS[REQUEST_URI]>\n");
994. print("<tr><td class=embedded align=right>Rename topic:</td><td class=embedded><input type=text name=subject size=60 maxlength=$maxsubjectlength value=\"" . htmlspecialchars($subject) . "\">\n");
995. print("<input type=submit value='Okay'></td></tr>");
996. print("</form>\n");
997.  
998. print("<form method=post action=?action=movetopic&topicid=$topicid>\n");
999. print("<tr><td class=embedded>Move this thread to:&nbsp;</td><td class=embedded><select name=forumid>");
1000.  
1001. while ($arr = mysql_fetch_assoc($res))
1002. if ($arr["id"] != $forumid && get_user_class() >= $arr["minclasswrite"])
1003. print("<option value=" . $arr["id"] . ">" . $arr["name"] . "\n");
1004.  
1005. print("</select> <input type=submit value='Okay'></form></td></tr>\n");
1006. print("<tr><td class=embedded>Delete topic</td><td class=embedded>\n");
1007. print("<form method=get action=$BASEURL/forums.php>\n");
1008. print("<input type=hidden name=action value=deletetopic>\n");
1009. print("<input type=hidden name=topicid value=$topicid>\n");
1010. print("<input type=submit value='Okay'>\n");
1011. print("</form>\n");
1012. print("</td></tr>\n");
1013. print("</table>\n"); }
1014. }
1015.  
1016. end_frame();
1017.  
1018.  
1019.  
1020. print($pagemenu);
1021.  
1022. if ($locked=='yes')
1023.  
1024. print("<p><b><font color=red>This Topic Is Locked And No New Posts Are Allowed.</b></font></p>\n");
1025.  
1026. else
1027. {
1028. $arr = get_forum_access_levels($forumid) or die;
1029.  
1030. if (get_user_class() < $arr["write"])
1031. print("<p><i>You are not permitted to post in this forum.</i></p>\n");
1032.  
1033. elseif ($CURUSER["forumpost"] == 'no')
1034. print("<p><i>Your posting privilege has been revoked.</i></p>\n");
1035. elseif ((get_user_class() < UC_MODERATOR) && ($lastpostid == $CURUSER["id"]))
1036. print("<p><i>You cannot double post. Please edit your last post.</i></p>\n");
1037. else
1038. $maypost = true;
1039. }
1040.  
1041. //------ "View unread" / "Add reply" buttons
1042.  
1043. print("<p><table class=main border=0 cellspacing=0 cellpadding=0><tr>\n");
1044.  
1045. if ($maypost)
1046. {
1047. print("<td class=embedded ><form method=get action=?>\n");
1048. print("<input type=hidden name=action value=reply>\n");
1049. print("<input type=hidden name=topicid value=$topicid>\n");
1050. print("<input type=submit value='Add Reply' >\n");
1051. print("</form></td>\n");
1052. }
1053. print("</tr></table></p>\n");
1054.  
1055. //------ Forum quick jump drop-down
1056.  
1057. insert_quick_jump_menu($forumid);
1058.  
1059. stdfoot();
1060.  
1061. die;
1062. }
1063.  
1064. //-------- Action: Quote
1065.  
1066. if ($action == "quotepost")
1067. {
1068. $topicid = $_GET["topicid"];
1069.  
1070. if (!is_valid_id($topicid))
1071. stderr("Error", "Invalid topic ID $topicid.");
1072.  
1073. stdhead("Post reply");
1074.  
1075. ?>
1076. <center>
1077. <?
1078.  
1079.  
1080. insert_compose_frame($topicid, false, true, $forid);
1081.  
1082.  
1083.  
1084. stdfoot();
1085.  
1086. die;
1087. }
1088.  
1089. //-------- Action: Reply
1090.  
1091. if ($action == "reply")
1092. {
1093. $topicid = $_GET["topicid"];
1094. $forid = $_GET["forid"];
1095.  
1096. if (!is_valid_id($topicid))
1097. die;
1098.  
1099. stdhead("Post reply");
1100.  
1101. ?>
1102. <center>
1103. <?
1104.  
1105.  
1106. insert_compose_frame($topicid, false, false, $forid);
1107.  
1108.  
1109.  
1110. stdfoot();
1111.  
1112. die;
1113. }
1114.  
1115. //-------- Action: Move topic
1116.  
1117. if ($action == "movetopic")
1118. {
1119. $forumid = $_POST["forumid"];
1120.  
1121. $topicid = $_GET["topicid"];
1122.  
1123. if (!is_valid_id($forumid) || !is_valid_id($topicid) || get_user_class() < UC_MODERATOR)
1124. die;
1125.  
1126. // Make sure topic and forum is valid
1127.  
1128. $res = @mysql_query("SELECT minclasswrite FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
1129.  
1130. if (mysql_num_rows($res) != 1)
1131. stderr("Error", "Forum not found.");
1132.  
1133. $arr = mysql_fetch_row($res);
1134.  
1135. if (get_user_class() < $arr[0])
1136. die;
1137.  
1138. $res = @mysql_query("SELECT subject,forumid FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
1139.  
1140. if (mysql_num_rows($res) != 1)
1141. stderr("Error", "Topic not found.");
1142.  
1143. $arr = mysql_fetch_assoc($res);
1144.  
1145. if ($arr["forumid"] != $forumid)
1146. @mysql_query("UPDATE topics SET forumid=$forumid WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
1147.  
1148. // Redirect to forum page
1149.  
1150. header("Location: $BASEURL/forums.php?action=viewforum&forumid=$forumid");
1151.  
1152. die;
1153. }
1154.  
1155. //-------- Action: Delete topic
1156.  
1157. if ($action == "deletetopic")
1158. {
1159. $topicid = $_GET["topicid"];
1160.  
1161. if (!is_valid_id($topicid) || get_user_class() < UC_MODERATOR)
1162. die;
1163.  
1164. $sure = $_GET["sure"];
1165.  
1166. if (!$sure)
1167. {
1168. stderr("Delete topic", "Sanity check: You are about to delete a topic. Click\n" .
1169. "<a href=?action=deletetopic&topicid=$topicid&sure=1><u>here</u></a> if you are sure.");
1170. }
1171.  
1172. mysql_query("DELETE FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
1173.  
1174. mysql_query("DELETE FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
1175. //--- to be added to delete thread ---//
1176. mysql_query("DELETE FROM subscriptions WHERE topicid='$topicid'") or sqlerr(__FILE__, __LINE__);
1177. //--- end ---//
1178. header("Location: $BASEURL/forums.php");
1179.  
1180. die;
1181. }
1182.  
1183. //-------- Action: Edit post
1184.  
1185. if ($action == "editpost")
1186. {
1187. $postid = $HTTP_GET_VARS["postid"];
1188.  
1189. if (!is_valid_id($postid))
1190. die;
1191.  
1192. $res = mysql_query("SELECT * FROM posts WHERE id=$postid") or sqlerr(__FILE__, __LINE__);
1193.  
1194. if (mysql_num_rows($res) != 1)
1195. stderr("Error", "No post with ID $postid.");
1196.  
1197. $arr = mysql_fetch_assoc($res);
1198.  
1199. $res2 = mysql_query("SELECT locked FROM topics WHERE id = " . $arr["topicid"]) or sqlerr(__FILE__, __LINE__);
1200. $arr2 = mysql_fetch_assoc($res2);
1201.  
1202. if (mysql_num_rows($res) != 1)
1203. stderr("Error", "No topic associated with post ID $postid.");
1204.  
1205. $locked = ($arr2["locked"] == 'yes');
1206.  
1207. if (($CURUSER["id"] != $arr["userid"] || $locked) && get_user_class() < UC_MODERATOR)
1208. stderr("Error", "Denied!");
1209.  
1210. if ($HTTP_SERVER_VARS['REQUEST_METHOD'] == 'POST')
1211. {
1212. $body = $HTTP_POST_VARS['body'];
1213.  
1214. if ($body == "")
1215. stderr("Error", "Body cannot be empty!");
1216.  
1217. $body = unesc($body);
1218. $body = sqlesc($body);
1219.  
1220. $editedat = sqlesc(get_date_time());
1221.  
1222. mysql_query("UPDATE posts SET body=$body, editedat=$editedat, editedby=$CURUSER[id] WHERE id=$postid") or sqlerr(__FILE__, __LINE__);
1223.  
1224. $returnto = $HTTP_POST_VARS["returnto"];
1225. // print $returnto;
1226. if ($returnto != "")
1227. {
1228. $returnto .= "#$postid";
1229. header("Location: $returnto");
1230. }
1231. else
1232. stderr("Success", "Post was edited successfully.");
1233. }
1234.  
1235. stdhead();
1236.  
1237. ?>
1238. <center>
1239. <?
1240. print("<h1>Edit Post</h1>\n");
1241.  
1242. print("<form name=edit method=post action=?action=editpost&postid=$postid>\n");
1243. $pos = strrpos($HTTP_SERVER_VARS["HTTP_REFERER"], "#");
1244. if ($pos) { $returnto = substr($HTTP_SERVER_VARS["HTTP_REFERER"],0,$pos); } else { $returnto = $HTTP_SERVER_VARS["HTTP_REFERER"]; }
1245.  
1246. print("<input type=hidden name=returnto value=\"" . htmlspecialchars($returnto) . "\">\n");
1247.  
1248. print("<p align=center><table border=1 cellspacing=1>\n");
1249.  
1250. print("<tr><td>".BODY."</td><td align=center>\n");
1251.  
1252. textbbcode("edit","body",htmlspecialchars(unesc($arr["body"])));
1253.  
1254. print("</td></tr>\n");
1255.  
1256. print("<tr><td align=center colspan=2><input type=submit value='".Okay."' ></td></tr>\n");
1257.  
1258. print("</table>\n</p>");
1259.  
1260. print("</form>\n");
1261.  
1262. stdfoot();
1263.  
1264. die;
1265. }
1266.  
1267. //-------- Action: Delete post
1268.  
1269. if ($action == "deletepost")
1270. {
1271. $postid = $_GET["postid"];
1272.  
1273. $sure = $_GET["sure"];
1274.  
1275. if (get_user_class() < UC_MODERATOR || !is_valid_id($postid))
1276. die;
1277.  
1278. //------- Get topic id
1279.  
1280. $res = mysql_query("SELECT topicid FROM posts WHERE id=$postid") or sqlerr(__FILE__, __LINE__);
1281.  
1282. $arr = mysql_fetch_row($res) or stderr("Error", "Post not found");
1283.  
1284. $topicid = $arr[0];
1285.  
1286. //------- We can not delete the post if it is the only one of the topic
1287.  
1288. $res = mysql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
1289.  
1290. $arr = mysql_fetch_row($res);
1291.  
1292. if ($arr[0] < 2)
1293. stderr("Error", "Can't delete post; it is the only post of the topic. You should\n" .
1294. "<a href=?action=deletetopic&topicid=$topicid&sure=1>delete the topic</a> instead.\n");
1295.  
1296.  
1297. //------- Get the id of the last post before the one we're deleting
1298.  
1299. $res = mysql_query("SELECT id FROM posts WHERE topicid=$topicid AND id < $postid ORDER BY id DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
1300. if (mysql_num_rows($res) == 0)
1301. $redirtopost = "";
1302. else
1303. {
1304. $arr = mysql_fetch_row($res);
1305. $redirtopost = "&page=p$arr[0]#$arr[0]";
1306. }
1307.  
1308. //------- Make sure we know what we do :-)
1309.  
1310. if (!$sure)
1311. {
1312. stderr("Delete post", "Sanity check: You are about to delete a post. Click\n" .
1313. "<a href=?action=deletepost&postid=$postid&sure=1><u>here</u></a> if you are sure.");
1314. }
1315.  
1316. //------- Delete post
1317.  
1318. if ($sure) { mysql_query("DELETE FROM posts WHERE id=$postid") or sqlerr(__FILE__, __LINE__); }
1319.  
1320. //------- Update topic
1321.  
1322. update_topic_last_post($topicid);
1323.  
1324. header("Location: $BASEURL/forums.php?action=viewtopic&topicid=$topicid");
1325.  
1326. die;
1327. }
1328.  
1329. //-------- Action: Lock topic
1330.  
1331. if ($action == "locktopic")
1332. {
1333. $forumid = $_GET["forumid"];
1334. $topicid = $_GET["topicid"];
1335. $page = $_GET["page"];
1336.  
1337. if (!is_valid_id($topicid) || get_user_class() < UC_MODERATOR)
1338. die;
1339.  
1340. mysql_query("UPDATE topics SET locked='yes' WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
1341.  
1342. header("Location: $BASEURL/forums.php?action=viewforum&forumid=$forumid&page=$page");
1343.  
1344. die;
1345. }
1346.  
1347. //-------- Action: Unlock topic
1348.  
1349. if ($action == "unlocktopic")
1350. {
1351. $forumid = $_GET["forumid"];
1352.  
1353. $topicid = $_GET["topicid"];
1354.  
1355. $page = $_GET["page"];
1356.  
1357. if (!is_valid_id($topicid) || get_user_class() < UC_MODERATOR)
1358. die;
1359.  
1360. mysql_query("UPDATE topics SET locked='no' WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
1361.  
1362. header("Location: $BASEURL/forums.php?action=viewforum&forumid=$forumid&page=$page");
1363.  
1364. die;
1365. }
1366.  
1367. //-------- Action: Set locked on/off
1368.  
1369. ///// Add reason to locked code - TBDev - Dokty /////
1370. if ($action == "setlocked")
1371. {
1372. $topicid = 0 + $_POST["topicid"];
1373.  
1374. if (!$topicid || get_user_class() < UC_MODERATOR)
1375. die;
1376.  
1377. $res2345 = mysql_query("SELECT locked FROM topics WHERE id = " . $topicid) or sqlerr(__FILE__, __LINE__);
1378. if (mysql_num_rows($res2345) != 1)
1379. die("Error - No topic with this ID.");
1380. $arr2345 = mysql_fetch_assoc($res2345);
1381.  
1382. $locked = sqlesc($_POST["locked"]);
1383. mysql_query("UPDATE topics SET locked=$locked WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
1384.  
1385. if ($locked != $arr2345["locked"]) {
1386. $whichoption = ($_POST["locked"] == "yes" ? "L" : "Unl");
1387. $body = sqlesc("Topic ".$whichoption."ocked by ".$CURUSER['username']."\nReason: ".$_POST["lockreason"].".");
1388. mysql_query("INSERT INTO posts (topicid, userid, added, body) VALUES($topicid, ".$CURUSER['id'].", '" . get_date_time() . "', $body)") or sqlerr(__FILE__, __LINE__);
1389. $postid = mysql_insert_id() or die("Post id n/a");
1390. update_topic_last_post($topicid);
1391. }
1392. $returnto = str_replace ('&amp;', '&', htmlentities($_POST["returnto"]));
1393. header("Location: ".$returnto);
1394. die;
1395. }
1396.  
1397. //-------- Action: Set sticky on/off
1398.  
1399. if ($action == "setsticky")
1400. {
1401. $topicid = 0 + $HTTP_POST_VARS["topicid"];
1402.  
1403. if (!topicid || get_user_class() < UC_MODERATOR)
1404. die;
1405.  
1406. $sticky = sqlesc($HTTP_POST_VARS["sticky"]);
1407. mysql_query("UPDATE topics SET sticky=$sticky WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
1408.  
1409. header("Location: $HTTP_POST_VARS[returnto]");
1410.  
1411. die;
1412. }
1413.  
1414. //-------- Action: Rename topic
1415.  
1416. if ($action == 'renametopic')
1417. {
1418. if (get_user_class() < UC_MODERATOR)
1419. die;
1420.  
1421. $topicid = $HTTP_POST_VARS['topicid'];
1422.  
1423. if (!is_valid_id($topicid))
1424. die;
1425.  
1426. $subject = $HTTP_POST_VARS['subject'];
1427.  
1428. if ($subject == '')
1429. stderr('Error', 'You must enter a new title!');
1430.  
1431. $subject = sqlesc($subject);
1432.  
1433. mysql_query("UPDATE topics SET subject=$subject WHERE id=$topicid") or sqlerr();
1434.  
1435. $returnto = $HTTP_POST_VARS['returnto'];
1436.  
1437. if ($returnto)
1438. header("Location: $returnto");
1439.  
1440. die;
1441. }
1442.  
1443. //-------- Action: View forum
1444.  
1445. if ($action == "viewforum")
1446. {
1447. $forumid = $_GET["forumid"];
1448.  
1449. if (!is_valid_id($forumid))
1450. die;
1451.  
1452. $page = $_GET["page"];
1453.  
1454. $userid = $CURUSER["id"];
1455.  
1456.  
1457.  
1458. //------ Get forum name
1459.  
1460. $res = mysql_query("SELECT * FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
1461.  
1462. $arr = mysql_fetch_assoc($res) or die;
1463.  
1464. $forumname = $arr["name"];
1465. $forid = $arr["forid"];
1466.  
1467. if (get_user_class() < $arr["minclassread"])
1468. die("Not permitted");
1469.  
1470. //------ Get overforum name
1471.  
1472. $res = mysql_query("SELECT name FROM overforums WHERE id=$forid") or sqlerr(__FILE__, __LINE__);
1473.  
1474. $arr = mysql_fetch_assoc($res) or die;
1475.  
1476. $mforumname = $arr["name"];
1477.  
1478.  
1479. //------ Page links
1480.  
1481. //------ Get topic count
1482.  
1483. $perpage = $CURUSER["topicsperpage"];
1484. if (!$perpage) $perpage = 17;
1485.  
1486. $res = mysql_query("SELECT COUNT(*) FROM topics WHERE forumid=$forumid") or sqlerr(__FILE__, __LINE__);
1487.  
1488. $arr = mysql_fetch_row($res);
1489.  
1490. $num = $arr[0];
1491.  
1492. if ($page == 0)
1493. $page = 1;
1494.  
1495. $first = ($page * $perpage) - $perpage + 1;
1496.  
1497. $last = $first + $perpage - 1;
1498.  
1499. if ($last > $num)
1500. $last = $num;
1501.  
1502. $pages = floor($num / $perpage);
1503.  
1504. if ($perpage * $pages < $num)
1505. ++$pages;
1506.  
1507. //------ Build menu
1508.  
1509. $menu = "<p align=center><b>\n";
1510.  
1511. $lastspace = false;
1512.  
1513. for ($i = 1; $i <= $pages; ++$i)
1514. {
1515. if ($i == $page)
1516. $menu .= "<font class=gray>$i</font>\n";
1517.  
1518. elseif ($i > 3 && ($i < $pages - 2) && ($page - $i > 3 || $i - $page > 3))
1519. {
1520. if ($lastspace)
1521. continue;
1522.  
1523. $menu .= "... \n";
1524.  
1525. $lastspace = true;
1526. }
1527.  
1528. else
1529. {
1530. $menu .= "<a href=?action=viewforum&forumid=$forumid&page=$i>$i</a>\n";
1531.  
1532. $lastspace = false;
1533. }
1534. if ($i < $pages)
1535. $menu .= "</b>|<b>\n";
1536. }
1537.  
1538. $menu .= "<br>\n";
1539.  
1540. if ($page == 1)
1541. $menu .= "<font class=gray>&lt;&lt; Prev</font>";
1542.  
1543. else
1544. $menu .= "<a href=?action=viewforum&forumid=$forumid&page=" . ($page - 1) . ">&lt;&lt; Prev</a>";
1545.  
1546. $menu .= "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
1547.  
1548. if ($last == $num)
1549. $menu .= "<font class=gray>Next &gt;&gt;</font>";
1550.  
1551. else
1552. $menu .= "<a href=?action=viewforum&forumid=$forumid&page=" . ($page + 1) . ">Next &gt;&gt;</a>";
1553.  
1554. $menu .= "</b></p>\n";
1555.  
1556. $offset = $first - 1;
1557.  
1558. //------ Get topics data
1559.  
1560. $topicsres = mysql_query("SELECT * FROM topics WHERE forumid=$forumid ORDER BY sticky, lastpost DESC LIMIT $offset,$perpage") or
1561. stderr("SQL Error", mysql_error());
1562.  
1563. stdhead("Forum");
1564. ?>
1565. <center>
1566. <?
1567.  
1568. $numtopics = mysql_num_rows($topicsres);
1569.  
1570. print("<h1><a href=forums.php?action=forumview&forid=$forid>$mforumname</a> -> $forumname</h1>\n");
1571. if ($numtopics > 0)
1572. {
1573. print($menu);
1574.  
1575. print("<table border=1 cellspacing=0 cellpadding=5>");
1576.  
1577. print("<tr><td class=colhead align=left>Topic</td><td class=colhead>Replies</td><td class=colhead>Views</td>\n" .
1578. "<td class=colhead align=left>Author</td><td class=colhead align=left>Last&nbsp;post</td>\n");
1579.  
1580. print("</tr>\n");
1581.  
1582. while ($topicarr = mysql_fetch_assoc($topicsres))
1583. {
1584. $topicid = $topicarr["id"];
1585.  
1586. if ($topicarr["numratings"] != 0)
1587.  
1588. $rating = round($topicarr["ratingsum"] / $topicarr["numratings"], 1);
1589.  
1590. $rpic = ratingpic($rating);
1591.  
1592. $topic_userid = $topicarr["userid"];
1593.  
1594. $topic_views = $topicarr["views"];
1595.  
1596. $views = number_format($topic_views);
1597.  
1598. $locked = $topicarr["locked"];
1599.  
1600. $sticky = $topicarr["sticky"] == "yes";
1601.  
1602. //---- Get reply count
1603.  
1604. $res = mysql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
1605.  
1606. $arr = mysql_fetch_row($res);
1607.  
1608. $posts = $arr[0];
1609.  
1610. $replies = max(0, $posts - 1);
1611.  
1612. $tpages = floor($posts / $postsperpage);
1613.  
1614. if ($tpages * $postsperpage != $posts)
1615. ++$tpages;
1616.  
1617. if ($tpages > 1)
1618. {
1619. $topicpages = " (<img src=".$pic_base_url."multipage.gif>";
1620.  
1621. for ($i = 1; $i <= $tpages; ++$i)
1622. $topicpages .= " <a href=?action=viewtopic&topicid=$topicid&page=$i>$i</a>";
1623.  
1624. $topicpages .= ")";
1625. }
1626. else
1627. $topicpages = "";
1628.  
1629. //---- Get userID and date of last post
1630.  
1631. $res = mysql_query("SELECT * , UNIX_TIMESTAMP(added) as utadded FROM posts WHERE topicid=$topicid ORDER BY id DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
1632.  
1633. $arr = mysql_fetch_assoc($res);
1634.  
1635. $lppostid = 0 + $arr["id"];
1636.  
1637. $lpuserid = 0 + $arr["userid"];
1638.  
1639. $lpadded = "<nobr>" . get_date_time($arr["utadded"] , $CURUSER[tzoffset] ) . "</nobr>";
1640.  
1641. //------ Get name of last poster
1642.  
1643. $res = mysql_query("SELECT * FROM users WHERE id=$lpuserid") or sqlerr(__FILE__, __LINE__);
1644.  
1645. if (mysql_num_rows($res) == 1)
1646. {
1647. $arr = mysql_fetch_assoc($res);
1648.  
1649. $lpusername = "<a href=userdetails.php?id=$lpuserid><b>$arr[username]</b></a>";
1650. }
1651. else
1652. $lpusername = "unknown[$topic_userid]";
1653.  
1654. //------ Get author
1655.  
1656. $res = mysql_query("SELECT username FROM users WHERE id=$topic_userid") or sqlerr(__FILE__, __LINE__);
1657.  
1658. if (mysql_num_rows($res) == 1)
1659. {
1660. $arr = mysql_fetch_assoc($res);
1661.  
1662. $lpauthor = "<a href=userdetails.php?id=$topic_userid><b>$arr[username]</b></a>";
1663. }
1664. else
1665. $lpauthor = "unknown[$topic_userid]";
1666.  
1667. //---- Print row
1668.  
1669. $r = mysql_query("SELECT lastpostread FROM readposts WHERE userid=$userid AND topicid=$topicid") or sqlerr(__FILE__, __LINE__);
1670.  
1671. $a = mysql_fetch_row($r);
1672.  
1673. $new = !$a || $lppostid > $a[0];
1674.  
1675. $topicpic = ($locked=='yes' ? ($new ? "lockednew" : "locked") : ($new ? "unlockednew" : "unlocked"));
1676.  
1677. $subject = ($sticky ? "<img src=$pic_base_url/sticky.gif />" : "").($topicpoll ? "<img src=pic/poll.gif alt=\"Poll:\"> " : "").($subscriptions ? "<img src=pic/subscribed.gif alt=\"Subscribed\"> " : ""). "<a href=?action=viewtopic&topicid=$topicid><b>" . encodehtml($topicarr["subject"]) . "</b></a> " .($topicarr["numratings"] ? " $rpic " : ""). " $topicpages<br><small>" . ($topicarr["sub"]) . "</small>";
1678.  
1679. print("<tr><td align=left><table border=0 cellspacing=0 cellpadding=0><tr>" .
1680. "<td class=embedded style='padding-right: 5px'><img src=$pic_base_url$topicpic.gif>" .
1681. "</td><td class=embedded align=left>\n" .
1682. "$subject</td></tr></table></td><td align=right>$replies</td>\n" .
1683. "<td align=right>$views</td><td align=left>$lpauthor</td>\n" .
1684. "<td align=left>$lpadded<br>by&nbsp;$lpusername</td>\n");
1685.  
1686. print("</tr>\n");
1687. } // while
1688.  
1689. print("</table>\n");
1690.  
1691. print($menu);
1692.  
1693. } // if
1694. else
1695. print("<p align=center>No topics found</p>\n");
1696.  
1697. print("<p><table class=main border=0 cellspacing=0 cellpadding=0><tr valing=center>\n");
1698.  
1699. print("<td class=embedded><img src=".$pic_base_url."unlockednew.gif style='margin-right: 5px'></td><td class=embedded>New posts</td>\n");
1700.  
1701. print("<td class=embedded><img src=".$pic_base_url."locked.gif style='margin-left: 10px; margin-right: 5px'>" .
1702. "</td><td class=embedded>Locked topic</td>\n");
1703.  
1704. print("</tr></table></p>\n");
1705.  
1706. $arr = get_forum_access_levels($forumid) or die;
1707.  
1708. if (get_user_class() < $arr["create"])
1709. print("<p><i>You are not permitted to create a new topic in this forum.</i></p>\n");
1710.  
1711. elseif ($CURUSER["forumpost"] == 'no')
1712. print("<p><i>Your posting privilege has been revoked.</i></p>\n");
1713. else
1714. $maypost = true;
1715.  
1716. print("<p><table border=0 class=main cellspacing=0 cellpadding=0><tr>\n");
1717. /*
1718. print("<td class=embedded><form method=get action=?><input type=hidden " .
1719. "name=action value=viewunread><input type=submit value='View unread' ></form></td>\n");
1720. */
1721. if ($maypost)
1722. print("<td class=embedded><form method=get action=?><input type=hidden " .
1723. "name=action value=newtopic><input type=hidden name=forumid " .
1724. "value=$forumid><input type=submit value='New topic' style='margin-left: 10px'></form></td>\n");
1725.  
1726. print("</tr></table></p>\n");
1727.  
1728. insert_quick_jump_menu($forumid);
1729.  
1730. stdfoot();
1731.  
1732. die;
1733. }
1734.  
1735. //-------- Action: View unread posts
1736.  
1737. if ($action == "viewunread")
1738. {
1739. //die("This feature is currently unavailable.");
1740. $userid = $CURUSER['id'];
1741.  
1742. $maxresults = 25;
1743.  
1744. $res = mysql_query("SELECT id, forumid, subject, lastpost FROM topics ORDER BY lastpost") or sqlerr(__FILE__, __LINE__);
1745.  
1746. stdhead();
1747. ?>
1748. <center>
1749. <?
1750.  
1751. print("<h1>Topics with unread posts</h1>\n");
1752.  
1753.  
1754. $n = 0;
1755.  
1756. $uc = get_user_class();
1757.  
1758. while ($arr = mysql_fetch_assoc($res))
1759. {
1760. $topicid = $arr['id'];
1761.  
1762. $forumid = $arr['forumid'];
1763.  
1764. //---- Check if post is read
1765. $r = mysql_query("SELECT lastpostread FROM readposts WHERE userid=$userid AND topicid=$topicid") or sqlerr(__FILE__, __LINE__);
1766.  
1767. $a = mysql_fetch_row($r);
1768.  
1769. if ($a && $a[0] >= $arr['lastpost'])
1770. continue;
1771.  
1772. //---- Check access & get forum name
1773. $r = mysql_query("SELECT name, minclassread FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
1774.  
1775. $a = mysql_fetch_assoc($r);
1776.  
1777. if ($uc < $a['minclassread'])
1778. continue;
1779.  
1780. ++$n;
1781.  
1782. if ($n > $maxresults)
1783. break;
1784.  
1785. $forumname = $a['name'];
1786.  
1787. if ($n == 1)
1788. {
1789. print("<table><td>Click the <u>Clear</u> next to each message to remove it from your unread list<br>or <u>Catch up</u> to remove all messages</td></table><br>");
1790.  
1791.  
1792. print("<table border=1 cellspacing=0 cellpadding=5>\n");
1793.  
1794. print("<tr><td class=colhead align=left>Topic</td><td class=colhead align=left>Forum</td></tr>\n");
1795. }
1796.  
1797. print("<tr><td align=left><table border=0 cellspacing=0 cellpadding=0><tr><td class=embedded>" .
1798. "<img src=".$pic_base_url."unlockednew.gif style='margin-right: 5px'></td><td class=embedded>" .
1799. "<a href=?action=viewtopic&topicid=$topicid&page=last#last><b>" . htmlspecialchars($arr["subject"]) .
1800. "</b></a> / <a href=?action=catchup&topicid=$topicid>Clear</td></tr></table></td><td align=left><a href=?action=viewforum&amp;forumid=$forumid><b>$forumname</b></a></td></tr>\n");
1801. }
1802. if ($n > 0)
1803. {
1804. print("</table>\n");
1805.  
1806. if ($n > $maxresults)
1807. print("<p>More than $maxresults items found, displaying first $maxresults.</p>\n");
1808.  
1809. print("<p><a href=?action=catchup><b>Catch up</b></a></p>\n");
1810. }
1811. else
1812. print("<b>Nothing found</b>");
1813.  
1814. stdfoot();
1815.  
1816. die;
1817. }
1818.  
1819. if ($action == "search")
1820. {
1821. $maxresults = 50;
1822. $cats =genreforumlist();
1823.  
1824. stdhead("Forum Search");
1825. ?>
1826. <center>
1827. <?
1828. print("<h1>Forum Search</h1>\n");
1829.  
1830.  
1831. $keywords = trim($_GET["keywords"]);
1832.  
1833. $author= trim($_GET['author']);
1834.  
1835. if ($author!=""){
1836. $queryusers= "select id from users where username=".sqlesc($author)." limit 1";
1837. $userquery = mysql_query($queryusers);
1838. $num_res = mysql_num_rows($userquery);
1839. if ($num_res<1){
1840. print("<b>Author Does not exist, please recheck you typed his username correctly... Results following exclude username filtering</b><br><br>");
1841. $userfilter="";
1842. }
1843. else {
1844. $userfilterid= mysql_fetch_assoc($userquery);
1845. $userfilterid= $userfilterid['id'];
1846. $userfilter= " AND posts.userid=".$userfilterid;
1847. }
1848. }
1849.  
1850.  
1851. $sort = (int) $_GET['sort'];
1852. switch ($sort){
1853. case 0:
1854. $sortSel0 = "selected=\"selected\"";
1855. $order_by="matchweight";
1856. break;
1857. case 1:
1858. $sortSel1 = "selected=\"selected\"";
1859. $order_by="forumid";
1860. break;
1861. case 2:
1862. $sortSel2 = "selected=\"selected\"";
1863. $order_by="subject";
1864. break;
1865. case 3:
1866. $sortSel3 = "selected=\"selected\"";
1867. $order_by="added";
1868. break;
1869. case 4:
1870. $sortSel4 = "selected=\"selected\"";
1871. $order_by="lastpost_time";
1872. break;
1873. case 5:
1874. $sortSel5 = "selected=\"selected\"";
1875. $order_by="views";
1876. break;
1877. case 6:
1878. $sortSel6 = "selected=\"selected\"";
1879. $order_by="replies";
1880. break;
1881. default:
1882. $sortSel0 = "selected=\"selected\"";
1883. $order_by="matchweight";
1884. }
1885.  
1886.  
1887. $sort_dir = (int) $_GET['sort_dir'];
1888. if ($sort_dir==1){
1889. $sortDirSel1 = "checked=\"checked\"";
1890. $sort_order= 'ASC';
1891. }
1892. else{
1893. $sortDirSel2 = "checked=\"checked\"";
1894. $sort_order= 'DESC';
1895. }
1896.  
1897. $numres = (int) $_GET["numres"];
1898. switch ($numres){
1899. case 0:
1900. $numSel1 = "selected=\"selected\"";
1901. $maxresults=25;
1902. break;
1903. case 1:
1904. $numSel2 = "selected=\"selected\"";
1905. $maxresults=50;
1906. break;
1907. case 2:
1908. $numSel3 = "selected=\"selected\"";
1909. $maxresults=100;
1910. break;
1911. case 3:
1912. $numSel4 = "selected=\"selected\"";
1913. $maxresults=200;
1914. break;
1915. case 4:
1916. $numSel5 = "selected=\"selected\"";
1917. $maxresults=300;
1918. break;
1919. default:
1920. $numSel1 = "selected=\"selected\"";
1921. $maxresults=25;
1922. }
1923.  
1924.  
1925. $search_time = (int) $_GET["search_time"];
1926. switch ($search_time){
1927. case 0:
1928. $whenSel= "selected=\"selected\"";
1929. $searchWhen="";
1930. break;
1931. case 1:
1932. $whenSel1= "selected=\"selected\"";
1933. $dt24 = gmtime() - 24 * 60 * 60;
1934. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1935. break;
1936. case 2:
1937. $whenSel2= "selected=\"selected\"";
1938. $dt24 = gmtime() - 2*24 * 60 * 60;
1939. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1940. break;
1941. case 3:
1942. $whenSel3= "selected=\"selected\"";
1943. $dt24 = gmtime() - 3*24 * 60 * 60;
1944. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1945. break;
1946. case 4:
1947. $whenSel4= "selected=\"selected\"";
1948. $dt24 = gmtime() - 4* 24 * 60 * 60;
1949. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1950. break;
1951. case 5:
1952. $whenSel5= "selected=\"selected\"";
1953. $dt24 = gmtime() - 5*24 * 60 * 60;
1954. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1955. break;
1956. case 6:
1957. $whenSel6= "selected=\"selected\"";
1958. $dt24 = gmtime() - 6 *24 * 60 * 60;
1959. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1960. break;
1961.  
1962. case 7:
1963. $whenSel7= "selected=\"selected\"";
1964. $dt24 = gmtime() - 7*24 * 60 * 60;
1965. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1966. break;
1967. case 14:
1968. $whenSel8= "selected=\"selected\"";
1969. $dt24 = gmtime() - 14* 24 * 60 * 60;
1970. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1971. break;
1972. case 30:
1973. $whenSel9= "selected=\"selected\"";
1974. $dt24 = gmtime() - 30*24 * 60 * 60;
1975. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1976. break;
1977. case 90:
1978. $whenSel10= "selected=\"selected\"";
1979. $dt24 = gmtime() - 90*24 * 60 * 60;
1980. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1981. break;
1982.  
1983. case 180:
1984. $whenSel11= "selected=\"selected\"";
1985. $dt24 = gmtime() - 180* 24 * 60 * 60;
1986. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1987. break;
1988.  
1989. case 364:
1990. $whenSel12= "selected=\"selected\"";
1991. $dt24 = gmtime() - 364*24 * 60 * 60;
1992. $searchWhen=" AND added>='".get_date_time($dt24)."'";
1993. break;
1994. default:
1995. $whenSel= "selected=\"selected\"";
1996. $searchWhen="";
1997.  
1998. }
1999.  
2000.  
2001. $category = (int) $_GET["cat"];
2002.  
2003. if ($category) {
2004. if (!is_valid_id($category)) stderr( ("Error"), ("Invalid category ID") );
2005. $wherecatina[] = $category;
2006. $addparam .= "cat=".$category."&amp;";
2007. }
2008. else {
2009. $all = True;
2010. foreach ($cats as $cat) {
2011. $all &= $_GET["c".$cat['id']];
2012. if ($_GET["c".$cat['id']]) {
2013. $wherecatina[] = $cat['id'];
2014. $addparam .= "c".$cat['id']."=1&amp;";
2015. }
2016. }
2017. }
2018.  
2019. if ($all) {
2020. $wherecatina = array();
2021. $addparam = "";
2022. }
2023. if ($sort_dir==1) $sort_dir=0;
2024. else $sort_dir=1;
2025.  
2026. $addparam.= "author=".htmlspecialchars($author)."&amp;";
2027. $addparam.= "sort_dir=".$sort_dir."&amp;";
2028. $addparam.= "search_time=$search_time&amp;";
2029. $addparam.= "numres=$numres&amp;";
2030. $addparam.= "keywords=".htmlspecialchars($keywords);
2031.  
2032. if (count($wherecatina) > 1) $wherecatin = implode(",",$wherecatina);
2033. elseif (count($wherecatina) == 1) $wherea[] = "forumid = ".$wherecatina[0];
2034.  
2035. if (sizeof($wherea)!=0)
2036. $where = implode(" AND ", $wherea);
2037.  
2038. print ("this is me ".$where." and this is my count".sizeof($wherea));
2039. if ($wherecatin) $where .= ($where ? " AND " : "") . "forumid IN(" . $wherecatin . ")";
2040. if ($where !="") $where = " AND ".$where;
2041.  
2042. if (($keywords != "")||((($author!="")&&($userfilter!=""))||(($search_time<8)&&($search_time!=0))))
2043. {
2044. print("<p>Query: <b>" . htmlspecialchars($keywords) . "</b></p>\n");
2045. // $maxresults = 50;
2046. $kw = sqlesc($keywords);
2047.  
2048. if ($keywords =="")
2049. $fields=" 'x'='x'";
2050. else{
2051. if (($_GET['body']==1)&&($_GET['topic']==1))
2052. $fields= "(subject like ".sqlesc('%'.$keywords.'%')." OR MATCH (body) AGAINST ($kw) )";
2053. else if ($_GET['topic']==1)
2054. $fields="subject like ".sqlesc('%'.$keywords.'%');
2055. else
2056. $fields="MATCH (body) AGAINST ($kw)";
2057. }
2058.  
2059. $query = "SELECT posts.id,topicid,posts.userid,added ,forumid, subject, views,match(body) against ($kw) as matchweight FROM posts,topics WHERE $fields and posts.topicid=topics.id $where $searchWhen $userfilter order by $order_by $sort_order LIMIT " . ($maxresults + 1);
2060. // print($query);
2061. $res = mysql_query($query) or sqlerr(__FILE__, __LINE__);
2062. // search and display results...
2063. $num = mysql_num_rows($res);
2064. if ($num > $maxresults)
2065. {
2066. $num = $maxresults;
2067. print("<p>Found more than $maxresults posts; displaying first $num.</p>\n");
2068. }
2069. else
2070. print("<p>Found $num results</p>\n");
2071.  
2072. if ($num == 0)
2073. print("<p><b>Sorry, nothing found!</b></p>");
2074. else
2075. {
2076. print("<p><table border=1 cellspacing=0 cellpadding=5>\n");
2077. print("<tr><td class=colhead><a href=forums.php?action=search&$addparam&sort=3>Post</a></td>".
2078. "<td class=colhead align=left><a href=forums.php?action=search&$addparam&sort=2>Topic</a></td>".
2079. "<td class=colhead align=left><a href=forums.php?action=search&$addparam&sort=1>Forum</a></td>".
2080. "<td class=colhead><a href=forums.php?action=search&$addparam&sort=5>Views</a></td>".
2081. "<td class=colhead><a href=forums.php?action=search&$addparam&sort=6>Replies</a></td>".
2082. "<td class=colhead align=left>Posted by</td></tr>\n");
2083. for ($i = 0; $i < $num; ++$i)
2084. {
2085. $post = mysql_fetch_assoc($res);
2086. // $res2 = do_mysql_query("SELECT forumid, subject FROM topics WHERE id=$post[topicid]") or
2087. // sqlerr(__FILE__, __LINE__);
2088. // $topic = mysql_fetch_assoc($res2);
2089. $res2 = mysql_query("SELECT name,minclassread FROM forums WHERE id=$post[forumid]") or
2090. sqlerr(__FILE__, __LINE__);
2091. $forum = mysql_fetch_assoc($res2);
2092. if ($forum["name"] == "" || $forum["minclassread"] > $CURUSER["class"])
2093. continue;
2094. $res2 = mysql_query("SELECT username,id FROM users WHERE id=$post[userid]") or
2095. sqlerr(__FILE__, __LINE__);
2096. $user = mysql_fetch_assoc($res2);
2097. if ($user["username"] == "")
2098. $user["username"] = "[$post[userid]]";
2099. // print("<tr><td>$post[id]</td><td align=left><a href=?action=viewtopic&topicid=$post[topicid]&page=p$post[id]#$post[id]><b>" . htmlspecialchars($topic["subject"]) . "</b></a></td><td align=left><a href=?action=viewforum&forumid=$topic[forumid]><b>" . htmlspecialchars($forum["name"]) . "</b></a><td align=left><a href=userdetails.php?id=$post[userid]><b>$user[username]</b></a><br>at $post[added]</tr>\n");
2100. print("<tr><td>$post[id]</td><td align=left><a href=?action=viewtopic&highlight=" .urlencode(htmlspecialchars($keywords)) . "&topicid=$post[topicid]&page=p$post[id]#$post[id]><b>" . htmlspecialchars($post["subject"]) . "</b></a></td><td align=left><a href=?action=viewforum&forumid=$post[forumid]><b>" . htmlspecialchars($forum["name"]) . "</b></a><td align=left>$post[views]</td><td align=left>$post[replies]</td><td align=left><b><a href=userdetails.php?id=$user[id]>$user[username]</a></b><br>at $post[added]</tr>\n");
2101.  
2102. }
2103. print("</table></p>\n");
2104. print("<p><b>Search again</b></p>\n");
2105. }
2106. }
2107.  
2108. $chtopic = ($_GET['topic']==1 ? "checked " : "");
2109. $chbody = ($_GET['body']==1? "checked " :"");
2110.  
2111. print("<form method=get action=?>\n");
2112. print("<input type=hidden name=action value=search>\n");
2113. print("<table border=0 cellspacing=0 cellpadding=5>\n");
2114.  
2115. $i = 0;
2116. foreach ($cats as $cat)
2117. {
2118. $catsperrow = 4;
2119. print(($i && $i % $catsperrow == 0) ? "</tr><tr>" : "");
2120. if (sizeof($wherecatina)!=0)
2121. $catCheck= (in_array($cat[id],$wherecatina) ? "checked " : "");
2122. print("<td nowrap class=bottom style=\"vertical-align:baseline;border:none; padding-bottom: 0px;padding-left: 7px;text-align:left\"><input style=\"vertical-align:middle;padding:0px;margin:0px;margin-right:3px;\" name=c$cat[id] type=\"checkbox\" " .$catCheck . "value=1><a style=\"vertical-align:middle;padding:0px;margin:0px;\" class=catlink href=".$GLOBALS['DEFAULTBASEURL']."/forums.php?action=viewforum&forumid=$cat[id]>" . htmlspecialchars($cat[name]) . "</a></td>\n");
2123. $i++;
2124. }
2125.  
2126. print("</table><br><br><table border=1 cellspacing=0 cellpadding=5><tr><td class=rowhead>Search Term</td><td align=left><input type=text size=40 name=keywords value=\"".htmlspecialchars($keywords)."\"><br>\n" .
2127. "<font class=small size=-1>Enter one or more words to search for.</font></td></tr>\n");
2128.  
2129. // Search in author
2130. print("<tr><td class=rowhead>Author:</td><td align=left><input type=text size=15 name=author value=\"".htmlspecialchars($author)."\"> Only display posts from this author");
2131.  
2132. print("<tr><td colspan=2><table border=0 cellspacing=0 cellpadding=5>");
2133.  
2134. // When to search in
2135. print("<tr><td class=rowhead style=\"border:none\">Search In Last:</td><td style=\"border:none\"> <select name=\"search_time\"><option value=\"0\" $whenSel>All Posts</option><option value=\"1\" $whenSel1>1 Day</option><option value=\"2\" $whenSel2>2 Days</option><option value=\"3\" $whenSel3>3 Days</option><option value=\"4\" $whenSel4>4 Days</option><option value=\"5\" $whenSel5>5 Days</option><option value=\"6\" $whenSel6>6 Days</option><option value=\"7\" $whenSel7>1 Week</option><option value=\"14\" $whenSel8>2 Weeks</option><option value=\"30\" $whenSel9>1 Month</option><option value=\"90\" $whenSel10>3 Months</option><option value=\"180\" $whenSel11>6 Months</option><option value=\"364\" $whenSel12>1 Year</option></select></td></tr>");
2136.  
2137. // Where to search in
2138. print("<tr><td class=rowhead style=\"border:none\">Search In:</td>".
2139. "<td style=\"border:none\"><table border=0 cellspacing=0 cellpadding-5><tr>".
2140. "<td style=\"border:none\"><input style=\"padding:0px;margin:0px;margin-right:3px;\" name=topic type=\"checkbox\" value=1 $chtopic> Topic Title</td></tr>".
2141. "<tr><td style=\"border:none\"><input style=\"padding:0px;margin:0px;margin-right:3px;\" name=body type=\"checkbox\" value=1 $chbody> Post Body (default if both unchecked)</td></tr>".
2142. "</table></td></tr>");
2143.  
2144. //Sorting options
2145. print("<tr><td class=rowhead style=\"border:none\">Sort By:</td><td style=\"border:none\">");
2146. print("<select name=\"sort\"><option value=\"0\" $sortSel0>Relevancy</option><option value=\"1\" $sortSel1>Forum Name</option><option value=\"2\" $sortSel2>Topic Name</option><option value=\"3\" $sortSel3>Post Time</option><option value=\"4\" $sortSel4>Last Post Time</option><option value=\"5\" $sortSel5>Topic Views</option><option value=\"6\" $sortSel6>Topic Replies</option></select>&nbsp;<input type=\"radio\" name=\"sort_dir\" value=\"1\" $sortDirSel1/>Ascending&nbsp;<input type=\"radio\" name=\"sort_dir\" value=\"0\" $sortDirSel2/> Descending</select></td></tr>");
2147.  
2148. // Number of results
2149. print("<tr><td class=rowhead style=\"border:none\">Return First:</td><td style=\"border:none\">");
2150. print("<select name=\"numres\"><option value=\"0\" $numSel1>25</option><option value=\"1\" $numSel2>50</option><option value=\"2\" $numSel3>100</option><option value=\"3\" $numSel4>200</option><option value=\"4\" $numSel5>300</option></select> found results</td></tr>");
2151.  
2152. //Display posts summary options/topics
2153.  
2154. print ("</table></td></tr>");
2155.  
2156. print("<tr><td colspan=2 align=right><input type=submit value='Search' >&nbsp;</td></tr>\n");
2157. print("</table>\n</form>\n");
2158. stdfoot();
2159. die;
2160. }
2161.  
2162.  
2163.  
2164. if ($action == "catchup")
2165. {
2166. $topicid=0+$_GET["topicid"];
2167. if ($topicid) {
2168. catch_up("$topicid");
2169. header("Location: $BASEURL/forums.php?action=viewunread");
2170. die();
2171. }
2172. else catch_up();
2173. header("Location: $BASEURL/forums.php");
2174. die();
2175. }
2176.  
2177.  
2178.  
2179. //-------- Default action: View forums
2180.  
2181. //-------- Get forums
2182.  
2183. if ($action == 'forumview')
2184. {
2185.  
2186. $forid = 0+$_GET["forid"];
2187. // - Bleaches Edits
2188. mysql_query("UPDATE users SET forum_access='" . get_date_time() . "' WHERE id={$CURUSER["id"]}");// or die(mysql_error());
2189. $forums_res = mysql_query("SELECT * FROM forums WHERE forid=$forid ORDER BY name") or sqlerr(__FILE__, __LINE__);
2190.  
2191.  
2192. //------ Get forum name
2193.  
2194. $res = mysql_query("SELECT name FROM overforums WHERE id=$forid") or sqlerr(__FILE__, __LINE__);
2195.  
2196. $arr = mysql_fetch_assoc($res) or die;
2197.  
2198. $forumname = $arr["name"];
2199.  
2200. stdhead("Forums");
2201.  
2202.  
2203. print("<h1><b><a href=forums.php>Forums</a></b> ->".$forumname."</h1>\n");
2204.  
2205. print("<table border=1 cellspacing=0 cellpadding=5>\n");
2206.  
2207. print("<tr><td class=colhead align=left>Forums</td><td class=colhead align=right>Topics</td>" .
2208. "<td class=colhead align=right>Posts</td>" .
2209. "<td class=colhead align=left>Last post</td></tr>\n");
2210.  
2211. while ($forums_arr = mysql_fetch_assoc($forums_res))
2212. {
2213. if (get_user_class() < $forums_arr["minclassread"])
2214. continue;
2215.  
2216. // Set forumid
2217. //mysql_query("UPDATE forums SET forumid=1") or sqlerr(__FILE__, __LINE__);
2218.  
2219. //$forums_arr["Forumid"] = 1;
2220.  
2221. //echo ($forum_arr["$forumid"]);
2222. //die('test');
2223. //$fid = $forums_arr["forid"];
2224.  
2225. //if ($forums_arr["forid"] != $forid)
2226. // continue;
2227.  
2228.  
2229. $forumid = $forums_arr["id"];
2230.  
2231. $forumname = htmlspecialchars($forums_arr["name"]);
2232.  
2233. $forumdescription = htmlspecialchars($forums_arr["description"]);
2234.  
2235. $topiccount = number_format($forums_arr["topiccount"]);
2236.  
2237. $postcount = number_format($forums_arr["postcount"]);
2238. /*
2239. while ($topicids_arr = mysql_fetch_assoc($topicids_res))
2240. {
2241. $topicid = $topicids_arr['id'];
2242.  
2243. $postcount_res = mysql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
2244.  
2245. $postcount_arr = mysql_fetch_row($postcount_res);
2246.  
2247. $postcount += $postcount_arr[0];
2248. }
2249.  
2250. $postcount = number_format($postcount);
2251. */
2252. // Find last post ID
2253.  
2254. $lastpostid = get_forum_last_post($forumid);
2255.  
2256. // Get last post info
2257.  
2258. $post_res = mysql_query("SELECT UNIX_TIMESTAMP(added) as utadded,topicid,userid FROM posts WHERE id=$lastpostid") or sqlerr(__FILE__, __LINE__);
2259.  
2260. if (mysql_num_rows($post_res) == 1)
2261. {
2262. $post_arr = mysql_fetch_assoc($post_res) or die("Bad forum last_post");
2263.  
2264. $lastposterid = $post_arr["userid"];
2265.  
2266. $lastpostdate = get_date_time($post_arr["utadded"] , $CURUSER[tzoffset] );
2267.  
2268. $lasttopicid = $post_arr["topicid"];
2269.  
2270. $user_res = mysql_query("SELECT username FROM users WHERE id=$lastposterid") or sqlerr(__FILE__, __LINE__);
2271.  
2272. $user_arr = mysql_fetch_assoc($user_res);
2273.  
2274. $lastposter = htmlspecialchars($user_arr['username']);
2275.  
2276. $topic_res = mysql_query("SELECT subject FROM topics WHERE id=$lasttopicid") or sqlerr(__FILE__, __LINE__);
2277.  
2278. $topic_arr = mysql_fetch_assoc($topic_res);
2279.  
2280. $lasttopic = htmlspecialchars($topic_arr['subject']);
2281.  
2282. $lastpost = "<nobr>$lastpostdate<br>" .
2283. "by <a href=userdetails.php?id=$lastposterid><b>$lastposter</b></a><br>" .
2284. "in <a href=?action=viewtopic&topicid=$lasttopicid&amp;page=p$lastpostid#$lastpostid><b>$lasttopic</b></a></nobr>";
2285.  
2286. $r = mysql_query("SELECT lastpostread FROM readposts WHERE userid=$CURUSER[id] AND topicid=$lasttopicid") or sqlerr(__FILE__, __LINE__);
2287.  
2288. $a = mysql_fetch_row($r);
2289.  
2290. if ($a && $a[0] >= $lastpostid)
2291. $img = "unlocked";
2292. else
2293. $img = "unlockednew";
2294. }
2295. else
2296. {
2297. $lastpost = "N/A";
2298. $img = "unlocked";
2299. }
2300. print("<tr><td align=left><table border=0 cellspacing=0 cellpadding=0><tr><td class=embedded style='padding-right: 5px'><img src=".
2301. "/pic/$img.gif></td><td class=embedded><a href=?action=viewforum&forumid=$forumid><b>$forumname</b></a>\n" .
2302. ($CURUSER['class']>=UC_MODERATOR ? "<font class=small> ".
2303. "[<a class=altlink href=forums.php?action=editforum&forumid=$forumid>Edit</a>] ".
2304. "[<a class=altlink href=forums.php?action=deleteforum&forumid=$forumid>Delete</a>]</font>" : "").
2305. "<br>\n$forumdescription</td></tr></table></td><td align=right>$topiccount</td></td><td align=right>$postcount</td>" .
2306. "<td align=left>$lastpost</td></tr>\n");
2307. }
2308. // End Table Mod
2309. print("</table>");
2310.  
2311. $forum_t = gmtime() - 60; //you can change this value to whatever span you want
2312. $forum_t = sqlesc(get_date_time($forum_t));
2313. $res = mysql_query("SELECT id, username, class, donor, warned FROM users WHERE forum_access >= $forum_t ORDER BY forum_access DESC") or print(mysql_error());
2314. while ($arr = mysql_fetch_assoc($res))
2315. {
2316. if ($forumusers) $forumusers .= ",\n";
2317. switch ($arr["class"])
2318. {
2319. case UC_STAFF_LEADER:
2320. $arr['username'] = '<font color=darkred>' . $arr['username'] . '</font>';
2321. break;
2322. case UC_SYSOP:
2323. $arr['username'] = '<font color=#2587A7>' . $arr['username'] . '</font>';
2324. break;
2325. case UC_ADMINISTRATOR:
2326. $arr['username'] = '<font color=#B000B0>' . $arr['username'] . '</font>';
2327. break;
2328. case UC_MODERATOR:
2329. $arr['username'] = '<font color=#7A8B8B>' . $arr['username'] . '</font>';
2330. break;
2331. case UC_MODERATOR:
2332. $arr['username'] = '<font color=#ff5151>' . $arr['username'] . '</font>';
2333. break;
2334. case UC_FAST_UPLOADER:
2335. $arr['username'] = '<font color=#6464FF>' . $arr['username'] . '</font>';
2336. break;
2337. case UC_UPLOADER:
2338. $arr['username'] = '<font color=#6464FF>' . $arr['username'] . '</font>';
2339. break;
2340. case UC_ELITE_VIP:
2341. $arr['username'] = '<font color=#FFFF00>' . $arr['username'] . '</font>';
2342. break;
2343. case UC_VIP:
2344. $arr['username'] = '<font color=#009F00>' . $arr['username'] . '</font>';
2345. break;
2346. case UC_POWER_USER:
2347. $arr['username'] = '<font color=#f9a200>' . $arr['username'] . '</font>';
2348. break;
2349. }
2350. $donator = $arr["donor"] === "yes";
2351. if ($donator)
2352. $forumusers .= "<nobr>";
2353. $warned = $arr["warned"] === "yes";
2354. if ($donator)
2355. $forumusers .= "<nobr>";
2356. if ($CURUSER)
2357. $forumusers .= "<a href=userdetails.php?id={$arr["id"]}><b>{$arr["username"]}</b></a>";
2358. else
2359. $forumusers .= "<b>{$arr["username"]}</b>";
2360. if ($donator)
2361. $forumusers .= " <img src={$pic_base_url}star.gif alt='Donated' title=\"User Donated\" style=\"vertical-align:middle\"></nobr>";
2362. if ($warned)
2363. $forumusers .= "<img src={$pic_base_url}warned.gif alt='Warned {$$arr["warned"]}'></nobr>";
2364. }
2365. if (!$forumusers)
2366. $forumusers = "There have been no active users in the last 15 minutes.";
2367. ?>
2368. <br>
2369. <table width=80% border=1 cellspacing=0 cellpadding=5><tr>
2370. <td class="colhead" align="left">Active Forum Users</td></tr>
2371. </tr><td class=text>
2372. <?=$forumusers?>
2373. </td></tr></table>
2374. <!--<center>
2375. <b><font class="medium" color="darkred">Staff Leader</font><b> |</b>
2376. <b><font class="medium" color="#2587A7">Sysop</font> |
2377. <b><font class="medium" color="#B000B0">Administator</font> |
2378. <b><font class="medium" color="#ff5151">Moderator</font> |
2379. <b><font class="medium" color="#ff5151">Forum Moderator</font> |
2380. <b><font class="medium" color="#6464FF">Fast Uploader</font> |
2381. <b><font class="medium" color="#6464FF">Uploader</font> |
2382. <b><font class="medium" color="#009F00">VIP</font> |
2383. <b><font class="medium" color="#f9a200">PowerUser</font></b> |
2384. <b><font class="medium" color="#000000">User</font></b>
2385. -->
2386. <br>
2387. <?
2388. print("<table width=50% border=1 cellspacing=0 cellpadding=5>\n");
2389.  
2390. print("<tr><td class=colhead>Stats</td></tr>\n");
2391.  
2392. // $registered = number_format(get_row_count("users", "WHERE enabled = 'yes'")); // &raquo;&nbsp;We have " . $registered . " users,<BR>
2393. $donated = number_format(get_row_count("users", "WHERE donor = 'yes'"));
2394. // $a = @mysql_fetch_assoc(@mysql_query("SELECT id,username FROM users WHERE status='confirmed' ORDER BY id DESC LIMIT 1")) or die(mysql_error());
2395. // if ($CURUSER) // &raquo;&nbsp;Our newest member is " . $latestuser . ", <BR>
2396. // $latestuser = "<a href=userdetails.php?id=" . $a["id"] . ">" . $a["username"] . "</a>";
2397. // else
2398. // $latestuser = $a['username'];
2399.  
2400. $totalonline = number_format(get_row_count("users", "WHERE UNIX_TIMESTAMP(" . get_dt_num() . ") - UNIX_TIMESTAMP(last_access) < 60"));
2401.  
2402. $topiccount = mysql_query("select sum(topiccount) as topiccount from forums");
2403. $row1 = mysql_fetch_array($topiccount);
2404. $topiccount = $row1[topiccount];
2405.  
2406. $postcount = mysql_query("select sum(postcount) as postcount from forums");
2407. $row2 = mysql_fetch_array($postcount);
2408. $postcount = $row2[postcount];
2409.  
2410. print("<tr><td>
2411. &raquo;&nbsp;Our members have made " . $postcount . " posts in " . $topiccount . " topics,<BR>
2412. &raquo;&nbsp;We have " . $donated . " donors,<BR>
2413. &raquo;&nbsp;" . $totalonline . " Users online now.</td></tr>\n");
2414.  
2415. print("</table>");
2416. stdfoot();
2417. ///////////////////////////////
2418. die();
2419. }
2420.  
2421. //-------- Handle unknown action
2422. if ($action != "")
2423. stderr("Forum Error", "Unknown action.");
2424.  
2425. //-------- Get overforums --- being tested
2426. mysql_query("UPDATE users SET forum_access='" . get_date_time() . "' WHERE id={$CURUSER["id"]}");// or die(mysql_error());
2427. $forums2_res = mysql_query("SELECT * FROM overforums ORDER BY sort ASC") or sqlerr(__FILE__, __LINE__);
2428.  
2429. stdhead("G-T-I Forums");
2430. ?>
2431. <center>
2432. <?
2433. //print("<p align=center><a href=?action=search><b><img border=0 src=pic/forumsearch.gif></b></a> <a href=?action=viewunread><b><img border=0 src=pic/viewunread.gif></b></a> <a href=?action=catchup><b><img border=0 src=pic/catchup.gif></b></a></p>");
2434. print("<h1>Welcome to $SITENAME Forum</h1>\n");
2435. // print("<h1><img src=pic/fun.gif width=644 height=44></h1>\n");
2436.  
2437. if ($CURUSER)
2438. {
2439. // Get current poll
2440. $res = mysql_query("SELECT * FROM polls ORDER BY added DESC LIMIT 1") or sqlerr();
2441. if($pollok=(mysql_num_rows($res)))
2442. {
2443. $arr = mysql_fetch_assoc($res);
2444. $pollid = $arr["id"];
2445. $userid = $CURUSER["id"];
2446. $question = format_comment($arr["question"]);
2447. $o = array($arr["option0"], $arr["option1"], $arr["option2"], $arr["option3"], $arr["option4"],
2448. $arr["option5"], $arr["option6"], $arr["option7"], $arr["option8"], $arr["option9"],
2449. $arr["option10"], $arr["option11"], $arr["option12"], $arr["option13"], $arr["option14"],
2450. $arr["option15"], $arr["option16"], $arr["option17"], $arr["option18"], $arr["option19"]);
2451.  
2452. // Check if user has already voted
2453. $res = mysql_query("SELECT * FROM pollanswers WHERE pollid=$pollid AND userid=$userid") or sqlerr();
2454. $arr2 = mysql_fetch_assoc($res);
2455. }
2456. /*
2457. print("<h2><br>");
2458.  
2459. if (get_user_class() >= UC_MODERATOR)
2460. {
2461. print("<font class=small>");
2462. print(" - [<a class=altlink href=makepoll.php?returnto=main><b>New</b></a>]\n");
2463. if($pollok) {
2464. print(" - [<a class=altlink href=makepoll.php?action=edit&pollid=$arr[id]&returnto=main><b>Edit</b></a>]\n");
2465. print(" - [<a class=altlink href=polls.php?action=delete&pollid=$arr[id]&returnto=main><b>Delete</b></a>]");
2466. }
2467. print("</font>");
2468. }
2469. print("</h2>\n");*/
2470. if($pollok) {
2471. print("<table width=80% border=1 cellspacing=0 cellpadding=10><tr><td align=center>\n");
2472. /* if (get_user_class() >= UC_MODERATOR)
2473. {
2474. print("<font class=small>");
2475. print(" <a class=altlink href=makepoll.php?returnto=main><img border=0 src=pic/newpoll.gif></a>\n");
2476. if($pollok) {
2477. print(" <a class=altlink href=makepoll.php?action=edit&pollid=$arr[id]&returnto=main><img border=0 src=pic/editpoll.gif></a>\n");
2478. print(" <a class=altlink href=polls.php?action=delete&pollid=$arr[id]&returnto=main><img border=0 src=pic/deletepoll.gif></a>");
2479. }
2480. print("</font><p>");
2481. } */
2482. print("<table class=main border=1 cellspacing=0 cellpadding=0><tr><td class=text>");
2483. print("<p align=center><b>$question</b></p>\n");
2484. $voted = $arr2;
2485. if ($voted)
2486. {
2487. // display results
2488. if ($arr["selection"])
2489. $uservote = $arr["selection"];
2490. else
2491. $uservote = -1;
2492. // we reserve 255 for blank vote.
2493. $res = mysql_query("SELECT selection FROM pollanswers WHERE pollid=$pollid AND selection < 20") or sqlerr();
2494.  
2495. $tvotes = mysql_num_rows($res);
2496.  
2497. $vs = array(); // array of
2498. $os = array();
2499.  
2500. // Count votes
2501. while ($arr2 = mysql_fetch_row($res))
2502. $vs[$arr2[0]] += 1;
2503.  
2504. reset($o);
2505. for ($i = 0; $i < count($o); ++$i)
2506. if ($o[$i])
2507. $os[$i] = array($vs[$i], $o[$i]);
2508.  
2509. function srt($a,$b)
2510. {
2511. if ($a[0] > $b[0]) return -1;
2512. if ($a[0] < $b[0]) return 1;
2513. return 0;
2514. }
2515.  
2516. // now os is an array like this: array(array(123, "Option 1"), array(45, "Option 2"))
2517. if ($arr["sort"] == "yes")
2518. usort($os, srt);
2519.  
2520. print("<table class=main width=100% border=0 cellspacing=0 cellpadding=0>\n");
2521.  
2522. $i = 0;
2523. while ($a = $os[$i])
2524. {
2525. if ($i == $uservote)
2526. $a[1] .= "&nbsp;*";
2527. if ($tvotes == 0)
2528. $p = 0;
2529. else
2530. $p = round($a[0] / $tvotes * 100);
2531. if ($i % 2)
2532. $c = "";
2533. else
2534. $c = " bgcolor=#2d2d2d";
2535. print("<tr><td width=1% class=embedded$c><nobr>" . $a[1] . "&nbsp;&nbsp;</nobr></td><td width=99% class=embedded$c>" .
2536. "<img src=/pic/bar_left.gif><img src=/pic/bar.gif height=9 width=" . ($p * 3) .
2537. "><img src=/pic/bar_right.gif> $p%</td></tr>\n");
2538. ++$i;
2539. }
2540. print("</table>\n");
2541. $tvotes = number_format($tvotes);
2542. print("<p align=center>Votes: $tvotes</p>\n");
2543. }
2544. else
2545. {
2546. print("<form method=post action=index.php>\n");
2547. $i = 0;
2548. while ($a = $o[$i])
2549. {
2550. print("<input type=radio name=choice value=$i>$a<br>\n");
2551. ++$i;
2552. }
2553. print("<br>");
2554. print("<input type=radio name=choice value=255>Blank vote (a.k.a. \"I just want to see the results!\")<br>\n");
2555. print("<p align=center><input type=submit value='Vote!' ></p>");
2556. }
2557. ?>
2558. </td></tr></table>
2559. <p>
2560. <?
2561. $res = mysql_query("SELECT id FROM topics WHERE forumid = 39 ORDER BY id DESC LIMIT 1") or sqlerr();
2562. while ($arr = mysql_fetch_assoc($res))
2563. {
2564. $topicid = $arr["id"];
2565. }
2566.  
2567. if ($voted)
2568. if (get_user_class() >= UC_MODERATOR)
2569. {
2570. $res = mysql_query("SELECT * FROM polls ORDER BY added DESC LIMIT 1") or sqlerr();
2571. if($pollok=(mysql_num_rows($res)))
2572. {
2573. $arr = mysql_fetch_assoc($res);
2574. $pollid = $arr["id"];
2575. $userid = $CURUSER["id"];
2576. $question = format_comment($arr["question"]);
2577. $o = array($arr["option0"], $arr["option1"], $arr["option2"], $arr["option3"], $arr["option4"],
2578. $arr["option5"], $arr["option6"], $arr["option7"], $arr["option8"], $arr["option9"],
2579. $arr["option10"], $arr["option11"], $arr["option12"], $arr["option13"], $arr["option14"],
2580. $arr["option15"], $arr["option16"], $arr["option17"], $arr["option18"], $arr["option19"]);
2581. print("<font class=small>");
2582. print(" <a class=altlink href=makepoll.php?returnto=main><img border=0 src=pic/newpoll.gif></a>\n");
2583. if($pollok) {
2584. print(" <a class=altlink href=makepoll.php?action=edit&pollid=$arr[id]&returnto=main><img border=0 src=pic/editpoll.gif></a>\n");
2585. print(" <a class=altlink href=polls.php?action=delete&pollid=$arr[id]&returnto=main><img border=0 src=pic/deletepoll.gif></a>");
2586. }
2587. print("</font><p>");
2588. }
2589. print("<p align=center><font class=small><a href=?action=search><b><img border=0 src=pic/forumsearch.gif></b></a> <a href=?action=viewunread><b><img border=0 src=pic/viewunread.gif></b></a> <a href=?action=catchup><b><img border=0 src=pic/catchup.gif></b></a><a class=altlink href=polls.php><img border=0 src=pic/forumpoll.gif></a>&nbsp;<a class=altlink href=/forums.php?action=viewtopic&topicid=$topicid><img border=0 src=pic/discussit.gif></a></font><br>\n");
2590.  
2591. ?>
2592. </td></tr></table>
2593.  
2594. <?
2595. } else {
2596. echo "<table width=80% border=1 cellspacing=0 cellpadding=10><tr><td align=center>\n";
2597. echo "<table class=main border=1 cellspacing=0 cellpadding=0><tr><td class=text>";
2598. echo"<p align=center><H3>No Active Polls</h3></p>\n";
2599. echo "</td></tr></table></td></tr></table>";
2600. }
2601. }
2602.  
2603.  
2604. //print("<h1><b>gti Forums</b></h1>\n");
2605. // if (get_user_class() >= UC_ELITE_VIP)
2606. // {
2607. // ?>
2608. <!-- <center><a href="http://www.grabthe.info/forum"><img border=0 src=pic/vip-forum.gif></a> -->
2609. <?
2610. //print("<a href=http://www.grabthe.info/forum></a><img src=pic/vip-forum.jpg>");
2611. // }
2612. ?>
2613. <P>
2614. <?
2615. print("<table width=80% border=1 cellspacing=0 cellpadding=10>\n");
2616.  
2617. while ($a = mysql_fetch_assoc($forums2_res))
2618. {
2619. $npost = 0;
2620.  
2621. if (get_user_class() < $a["minclassview"])
2622. continue;
2623.  
2624. $forid = $a["id"];
2625.  
2626. $overforumname = $a["name"];
2627.  
2628. print("<tr><td align=left class=colhead><a href=?action=forumview&forid=$forid><b><font color=white>".$overforumname."</font></b></a></td><td align=right class=colhead><font color=white><b>Topics</b></td>" .
2629. "<td align=right class=colhead><font color=white><b>Posts</b></font></td>" .
2630. "<td align=left class=colhead><font color=white><b>Last post</b></font></td></tr>\n");
2631.  
2632. $forums_res = mysql_query("SELECT * FROM forums WHERE forid=$forid ORDER BY forid ASC") or sqlerr(__FILE__, __LINE__);
2633.  
2634. while ($forums_arr = mysql_fetch_assoc($forums_res))
2635. {
2636. if (get_user_class() < $forums_arr["minclassread"])
2637. continue;
2638.  
2639. // Set forumid
2640. //mysql_query("UPDATE forums SET forumid=1") or sqlerr(__FILE__, __LINE__);
2641.  
2642. //$forums_arr["Forumid"] = 1;
2643.  
2644. //echo ($forum_arr["$forumid"]);
2645. //die('test');
2646. //$fid = $forums_arr["forid"];
2647.  
2648. //if ($forums_arr["forid"] != $forid)
2649. // continue;
2650.  
2651.  
2652. $forumid = $forums_arr["id"];
2653.  
2654. $forumname = htmlspecialchars($forums_arr["name"]);
2655.  
2656. $forumdescription = htmlspecialchars($forums_arr["description"]);
2657.  
2658. $topiccount = number_format($forums_arr["topiccount"]);
2659.  
2660. $postcount = number_format($forums_arr["postcount"]);
2661. /*
2662. while ($topicids_arr = mysql_fetch_assoc($topicids_res))
2663. {
2664. $topicid = $topicids_arr['id'];
2665.  
2666. $postcount_res = mysql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
2667.  
2668. $postcount_arr = mysql_fetch_row($postcount_res);
2669.  
2670. $postcount += $postcount_arr[0];
2671. }
2672.  
2673. $postcount = number_format($postcount);
2674. */
2675. // Find last post ID
2676.  
2677. $lastpostid = get_forum_last_post($forumid);
2678.  
2679. // Get last post info
2680.  
2681. $post_res = mysql_query("SELECT UNIX_TIMESTAMP(added) as utadded,topicid,userid FROM posts WHERE id=$lastpostid") or sqlerr(__FILE__, __LINE__);
2682.  
2683. if (mysql_num_rows($post_res) == 1)
2684. {
2685. $post_arr = mysql_fetch_assoc($post_res) or die("Bad forum last_post");
2686.  
2687. $lastposterid = $post_arr["userid"];
2688.  
2689. $lastpostdate = get_date_time($post_arr["utadded"] , $CURUSER[tzoffset] );
2690.  
2691. $lasttopicid = $post_arr["topicid"];
2692.  
2693. $user_res = mysql_query("SELECT username FROM users WHERE id=$lastposterid") or sqlerr(__FILE__, __LINE__);
2694.  
2695. $user_arr = mysql_fetch_assoc($user_res);
2696.  
2697. $lastposter = htmlspecialchars($user_arr['username']);
2698.  
2699. $topic_res = mysql_query("SELECT subject FROM topics WHERE id=$lasttopicid") or sqlerr(__FILE__, __LINE__);
2700.  
2701. $topic_arr = mysql_fetch_assoc($topic_res);
2702.  
2703. $lasttopic = htmlspecialchars($topic_arr['subject']);
2704.  
2705. $lastpost = "<nobr>$lastpostdate<br>" .
2706. "by <a href=userdetails.php?id=$lastposterid><b>$lastposter</b></a><br>" .
2707. "in <a href=?action=viewtopic&topicid=$lasttopicid&amp;page=p$lastpostid#$lastpostid><b>$lasttopic</b></a></nobr>";
2708.  
2709. $r = mysql_query("SELECT lastpostread FROM readposts WHERE userid=$CURUSER[id] AND topicid=$lasttopicid") or sqlerr(__FILE__, __LINE__);
2710.  
2711. $a = mysql_fetch_row($r);
2712.  
2713. if ($a && $a[0] >= $lastpostid)
2714. $img = "unlocked";
2715. else
2716. $img = "unlockednew";
2717. }
2718. else
2719. {
2720. $lastpost = "N/A";
2721. $img = "unlocked";
2722. }
2723. print("<tr><td align=left><table border=0 cellspacing=0 cellpadding=0><tr><td class=embedded style='padding-right: 5px'><img src=".
2724. "/pic/$img.gif></td><td class=embedded><a href=?action=viewforum&forumid=$forumid><b>$forumname</b></a>\n" .
2725. ($CURUSER['class']>=UC_MODERATOR ? "<font class=small> ".
2726. "[<a class=altlink href=forums.php?action=editforum&forumid=$forumid>Edit</a>] ".
2727. "[<a class=altlink href=forums.php?action=deleteforum&forumid=$forumid>Delete</a>]</font>" : "").
2728. "<br>\n$forumdescription</td></tr></table></td><td align=right>$topiccount</td></td><td align=right>$postcount</td>" .
2729. "<td align=left>$lastpost</td></tr>\n");
2730.  
2731.  
2732. }
2733.  
2734. }
2735. // End Table Mod
2736. print("</table>");
2737.  
2738. $forum_t = gmtime() - 60; //you can change this value to whatever span you want
2739. $forum_t = sqlesc(get_date_time($forum_t));
2740. $res = mysql_query("SELECT id, username, class, donor, warned FROM users WHERE forum_access >= $forum_t ORDER BY forum_access DESC") or print(mysql_error());
2741. while ($arr = mysql_fetch_assoc($res))
2742. {
2743. if ($forumusers) $forumusers .= ",\n";
2744. switch ($arr["class"])
2745. {
2746. case UC_OWNER:
2747. $arr['username'] = '<font color=red>' . $arr['username'] . '</font>';
2748. break;
2749. case UC_CO_OWNER:
2750. $arr['username'] = '<font color=red>' . $arr['username'] . '</font>';
2751. break;
2752. case UC_SYSOP:
2753. $arr['username'] = '<font color=#2587A7>' . $arr['username'] . '</font>';
2754. break;
2755. case UC_ADMINISTRATOR:
2756. $arr['username'] = '<font color=#B000B0>' . $arr['username'] . '</font>';
2757. break;
2758. case UC_MODERATOR:
2759. $arr['username'] = '<font color=#7A8B8B>' . $arr['username'] . '</font>';
2760. break;
2761. case UC_FAST_UPLOADER:
2762. $arr['username'] = '<font color=#0000CC>' . $arr['username'] . '</font>';
2763. break;
2764. case UC_UPLOADER:
2765. $arr['username'] = '<font color=#6464FF>' . $arr['username'] . '</font>';
2766. break;
2767. case UC_VIP:
2768. $arr['username'] = '<font color=#FFFF00>' . $arr['username'] . '</font>';
2769. break;
2770. case UC_COMM_VIP:
2771. $arr['username'] = '<font color=#806517>' . $arr['username'] . '</font>';
2772. break;
2773. case UC_HEAVYWEIGHT:
2774. $arr['username'] = '<font color=#F87431>' . $arr['username'] . '</font>';
2775. break;
2776. case UC_LIGHT_HEAVYWEIGHT:
2777. $arr['username'] = '<font color=#C48189>' . $arr['username'] . '</font>';
2778. break;
2779. case UC_MIDDLE_WEIGHT:
2780. $arr['username'] = '<font color=#A74AC7>' . $arr['username'] . '</font>';
2781. break;
2782. case UC_WELTER_WEIGHT:
2783. $arr['username'] = '<font color=#E78A61>' . $arr['username'] . '</font>';
2784. break;
2785. case UC_LIGHT_WEIGHT:
2786. $arr['username'] = '<font color=#4C787E>' . $arr['username'] . '</font>';
2787. break;}
2788. $donator = $arr["donor"] === "yes";
2789. if ($donator)
2790. $forumusers .= "<nobr>";
2791. $warned = $arr["warned"] === "yes";
2792. if ($donator)
2793. $forumusers .= "<nobr>";
2794. if ($CURUSER)
2795. $forumusers .= "<a href=userdetails.php?id={$arr["id"]}><b>{$arr["username"]}</b></a>";
2796. else
2797. $forumusers .= "<b>{$arr["username"]}</b>";
2798. if ($donator)
2799. $forumusers .= "<img src={$pic_base_url}star.gif alt='Donated' title=\"User Donated\" style=\"vertical-align:middle\"></nobr>";
2800. if ($warned)
2801. $forumusers .= "<img src={$pic_base_url}warned.gif alt='Warned {$$arr["warned"]}'></nobr>";
2802. }
2803. if (!$forumusers)
2804. $forumusers = "There have been no active users in the last 15 minutes.";
2805. ?>
2806. <br>
2807. <table width=80% border=1 cellspacing=0 cellpadding=5><tr>
2808. <td class="colhead" align="left">Active Forum Users</td></tr>
2809. </tr><td class=text>
2810. <?=$forumusers?>
2811. </td></tr></table>
2812. <center>
2813. <b><font class="medium" color="darkred">Owner</font><b> |</b>
2814. <b><font class="medium" color="red">Co Owner</font><b> |
2815. <b><font class="medium" color="#2587A7">Sysop</font> |
2816. <b><font class="medium" color="#B000B0">Administator</font> |
2817. <b><font class="medium" color="#347235">Moderator</font> |
2818. <b><font class="medium" color="#0000CC">Fast Uploader</font> |
2819. <b><font class="medium" color="#6464FF">Uploader</font> <br>
2820. <b><font class="medium" color="#FFFF00">VIP<img src=pic/star.gif></font> |
2821. <b><font class="medium" color="#806517">Community-vip</font> |
2822. <b><font class="medium" color="#F87431">Heavyweight</font></b> |
2823. <b><font class="medium" color="#3EA99F">Light Heavyweight</font></b> |
2824. <b><font class="medium" color="#A74AC7">Middleweight</font></b> |
2825. <b><font class="medium" color="#E78A61">Welterweight</font></b> |
2826. <b><font class="medium" color="#FAAFBE">Lightweight(noobs)</font></b> |
2827.  
2828. <b><font class="medium" color="#FFFF00">Donor<img src=pic/star.gif></font></b>
2829. <br>
2830. <p>
2831. <?
2832. print("<table width=50% border=1 cellspacing=0 cellpadding=5>\n");
2833.  
2834. print("<tr><td class=colhead>Stats</td></tr>\n");
2835.  
2836. // $registered = number_format(get_row_count("users", "WHERE enabled = 'yes'")); // &raquo;&nbsp;We have " . $registered . " users,<BR>
2837. $donated = number_format(get_row_count("users", "WHERE donor = 'yes'"));
2838. // $a = @mysql_fetch_assoc(@mysql_query("SELECT id,username FROM users WHERE status='confirmed' ORDER BY id DESC LIMIT 1")) or die(mysql_error());
2839. // if ($CURUSER) // &raquo;&nbsp;Our newest member is " . $latestuser . ", <BR>
2840. // $latestuser = "<a href=userdetails.php?id=" . $a["id"] . ">" . $a["username"] . "</a>";
2841. // else
2842. // $latestuser = $a['username'];
2843.  
2844. $totalonline = number_format(get_row_count("users", "WHERE UNIX_TIMESTAMP(" . get_dt_num() . ") - UNIX_TIMESTAMP(last_access) < 60"));
2845.  
2846. $topiccount = mysql_query("select sum(topiccount) as topiccount from forums");
2847. $row1 = mysql_fetch_array($topiccount);
2848. $topiccount = $row1[topiccount];
2849.  
2850. $postcount = mysql_query("select sum(postcount) as postcount from forums");
2851. $row2 = mysql_fetch_array($postcount);
2852. $postcount = $row2[postcount];
2853.  
2854. print("<tr><td>
2855. &raquo;&nbsp;Our members have made " . $postcount . " posts in " . $topiccount . " topics,<BR>
2856. &raquo;&nbsp;We have " . $donated . " donors,<BR>
2857. &raquo;&nbsp;" . $totalonline . " Users online now.</td></tr>\n");
2858.  
2859. print("</table>");
2860.  
2861. //print("<p align=center><a href=?action=search><b><img border=0 src=pic/forumsearch.gif></b></a> <a href=?action=viewunread><b><img border=0 src=pic/viewunread.gif></b></a> <a href=?action=catchup><b><img border=0 src=pic/catchup.gif></b></a></p>");
2862.  
2863. if ($CURUSER['class']>=UC_MODERATOR)
2864. print("<form method=\"get\" action=\"forummanage.php#add\"><input type=\"submit\" value=\"New forum\" style='height: 18px' /></form>\n");
2865. }
2866. //stdfoot();
2867. ?>