API tools faq
paste
Guest User

forum.php

a guest
Jul 20th, 2016
98
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 55.37 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. if(!defined('INITIALIZED'))
  3.     exit;
  4.  
  5. // CONFIG
  6. $level_limit = 30; // minimum 1 character with 30 lvl on account to post
  7. $post_interval = 20; // 20 seconds between posts
  8. $group_not_blocked = $config['site']['access_admin_panel']; // group id of player that can always post, remove post, remove threads
  9. $posts_per_page = 20;
  10. $threads_per_page = 20;
  11. // SECTION WITH ID 1 IS FOR "NEWS", ONLY ADMINS CAN CREATE NEW THREAD IN IT
  12. $sections = array(1 => 'News', 2 => 'Wars', 3 => 'Quests', 4 => 'Pictures', 5 => 'Bug Report');
  13. $sections_desc = array(1 => 'Here you can comment news.', 2 => 'Feel free to tell what you think about your enemy.', 3 => 'Talk with others about quests you made and how to make them.', 4 => 'Show others your best photos from server!', 5 => 'Report bugs on website and in-game here.');
  14. // END
  15. function canPost($account)
  16. {
  17.     if($account->isLoaded())
  18.         if(!$account->isBanned())
  19.         {
  20.             $SQL = $GLOBALS['SQL'];
  21.             $level_limit = $GLOBALS['level_limit'];
  22.             $player = $SQL->query("SELECT " . $SQL->fieldName('level') . " FROM " . $SQL->tableName('players') . " WHERE " . $SQL->fieldName('account_id') . " = ".$SQL->quote($account->getId())." ORDER BY " . $SQL->fieldName('level') . " DESC")->fetch();
  23.             if($player['level'] >= $level_limit)
  24.                 return true;
  25.         }
  26.     return false;
  27. }
  28.  
  29. function replaceSmile($text, $smile)
  30. {
  31.     $smileys = array(';D' => 1, ':D' => 1, ':cool:' => 2, ';cool;' => 2, ':ekk:' => 3, ';ekk;' => 3, ';o' => 4, ';O' => 4, ':o' => 4, ':O' => 4, ':(' => 5, ';(' => 5, ':mad:' => 6, ';mad;' => 6, ';rolleyes;' => 7, ':rolleyes:' => 7, ':)' => 8, ';d' => 9, ':d' => 9, ';)' => 10);
  32.     if($smile == 1)
  33.         return $text;
  34.     else
  35.     {
  36.         foreach($smileys as $search => $replace)
  37.             $text = str_replace($search, '<img src="images/forum/smile/'.$replace.'.gif" />', $text);
  38.         return $text;
  39.     }
  40. }
  41.  
  42. function replaceAll($text, $smile)
  43. {
  44.     $rows = 0;
  45.     while(stripos($text, '[code]') !== false && stripos($text, '[/code]') !== false && stripos($text, '[code]') < stripos($text, '[/code]'))
  46.     {
  47.         $code = substr($text, stripos($text, '[code]')+6, stripos($text, '[/code]') - stripos($text, '[code]') - 6);
  48.         if(!is_int($rows / 2)) { $bgcolor = 'ABED25'; } else { $bgcolor = '23ED25'; } $rows++;
  49.         $text = str_ireplace('[code]'.$code.'[/code]', '<i>Code:</i><br /><table cellpadding="0" style="background-color: #'.$bgcolor.'; width: 480px; border-style: dotted; border-color: #CCCCCC; border-width: 2px"><tr><td>'.$code.'</td></tr></table>', $text);
  50.     }
  51.     $rows = 0;
  52.     while(stripos($text, '[quote]') !== false && stripos($text, '[/quote]') !== false && stripos($text, '[quote]') < stripos($text, '[/quote]'))
  53.     {
  54.         $quote = substr($text, stripos($text, '[quote]')+7, stripos($text, '[/quote]') - stripos($text, '[quote]') - 7);
  55.         if(!is_int($rows / 2)) { $bgcolor = 'AAAAAA'; } else { $bgcolor = 'CCCCCC'; } $rows++;
  56.         $text = str_ireplace('[quote]'.$quote.'[/quote]', '<table cellpadding="0" style="background-color: #'.$bgcolor.'; width: 480px; border-style: dotted; border-color: #007900; border-width: 2px"><tr><td>'.$quote.'</td></tr></table>', $text);
  57.     }
  58.     $rows = 0;
  59.     while(stripos($text, '[url]') !== false && stripos($text, '[/url]') !== false && stripos($text, '[url]') < stripos($text, '[/url]'))
  60.     {
  61.         $url = substr($text, stripos($text, '[url]')+5, stripos($text, '[/url]') - stripos($text, '[url]') - 5);
  62.         $text = str_ireplace('[url]'.$url.'[/url]', '<a href="'.$url.'" target="_blank">'.$url.'</a>', $text);
  63.     }
  64.     while(stripos($text, '[player]') !== false && stripos($text, '[/player]') !== false && stripos($text, '[player]') < stripos($text, '[/player]'))
  65.     {
  66.         $player = substr($text, stripos($text, '[player]')+8, stripos($text, '[/player]') - stripos($text, '[player]') - 8);
  67.         $text = str_ireplace('[player]'.$player.'[/player]', '<a href="?subtopic=characters&name='.urlencode($player).'">'.$player.'</a>', $text);
  68.     }
  69.     while(stripos($text, '[img]') !== false && stripos($text, '[/img]') !== false && stripos($text, '[img]') < stripos($text, '[/img]'))
  70.     {
  71.         $img = substr($text, stripos($text, '[img]')+5, stripos($text, '[/img]') - stripos($text, '[img]') - 5);
  72.         $text = str_ireplace('[img]'.$img.'[/img]', '<img src="'.$img.'">', $text);
  73.     }
  74.     while(stripos($text, '[b]') !== false && stripos($text, '[/b]') !== false && stripos($text, '[b]') < stripos($text, '[/b]'))
  75.     {
  76.         $b = substr($text, stripos($text, '[b]')+3, stripos($text, '[/b]') - stripos($text, '[b]') - 3);
  77.         $text = str_ireplace('[b]'.$b.'[/b]', '<b>'.$b.'</b>', $text);
  78.     }
  79.     while(stripos($text, '[i]') !== false && stripos($text, '[/i]') !== false && stripos($text, '[i]') < stripos($text, '[/i]'))
  80.     {
  81.         $i = substr($text, stripos($text, '[i]')+3, stripos($text, '[/i]') - stripos($text, '[i]') - 3);
  82.         $text = str_ireplace('[i]'.$i.'[/i]', '<i>'.$i.'</i>', $text);
  83.     }
  84.     while(stripos($text, '[u]') !== false && stripos($text, '[/u]') !== false && stripos($text, '[u]') < stripos($text, '[/u]'))
  85.     {
  86.         $u = substr($text, stripos($text, '[u]')+3, stripos($text, '[/u]') - stripos($text, '[u]') - 3);
  87.         $text = str_ireplace('[u]'.$u.'[/u]', '<u>'.$u.'</u>', $text);
  88.     }
  89.     return replaceSmile($text, $smile);
  90. }
  91.  
  92. function removeBBCode($text)
  93. {
  94.     while(stripos($text, '[code]') !== false && stripos($text, '[/code]') !== false )
  95.     {
  96.         $code = substr($text, stripos($text, '[code]')+6, stripos($text, '[/code]') - stripos($text, '[code]') - 6);
  97.         $text = str_ireplace('[code]'.$code.'[/code]', $code, $text);
  98.     }
  99.     while(stripos($text, '[quote]') !== false && stripos($text, '[/quote]') !== false )
  100.     {
  101.         $quote = substr($text, stripos($text, '[quote]')+7, stripos($text, '[/quote]') - stripos($text, '[quote]') - 7);
  102.         $text = str_ireplace('[quote]'.$quote.'[/quote]', $quote, $text);
  103.     }
  104.     while(stripos($text, '[url]') !== false && stripos($text, '[/url]') !== false )
  105.     {
  106.         $url = substr($text, stripos($text, '[url]')+5, stripos($text, '[/url]') - stripos($text, '[url]') - 5);
  107.         $text = str_ireplace('[url]'.$url.'[/url]', $url, $text);
  108.     }
  109.     while(stripos($text, '[player]') !== false && stripos($text, '[/player]') !== false )
  110.     {
  111.         $player = substr($text, stripos($text, '[player]')+8, stripos($text, '[/player]') - stripos($text, '[player]') - 8);
  112.         $text = str_ireplace('[player]'.$player.'[/player]', $player, $text);
  113.     }
  114.     while(stripos($text, '[img]') !== false && stripos($text, '[/img]') !== false )
  115.     {
  116.         $img = substr($text, stripos($text, '[img]')+5, stripos($text, '[/img]') - stripos($text, '[img]') - 5);
  117.         $text = str_ireplace('[img]'.$img.'[/img]', $img, $text);
  118.     }
  119.     while(stripos($text, '[b]') !== false && stripos($text, '[/b]') !== false )
  120.     {
  121.         $b = substr($text, stripos($text, '[b]')+3, stripos($text, '[/b]') - stripos($text, '[b]') - 3);
  122.         $text = str_ireplace('[b]'.$b.'[/b]', $b, $text);
  123.     }
  124.     while(stripos($text, '[i]') !== false && stripos($text, '[/i]') !== false )
  125.     {
  126.         $i = substr($text, stripos($text, '[i]')+3, stripos($text, '[/i]') - stripos($text, '[i]') - 3);
  127.         $text = str_ireplace('[i]'.$i.'[/i]', $i, $text);
  128.     }
  129.     while(stripos($text, '[u]') !== false && stripos($text, '[/u]') !== false )
  130.     {
  131.         $u = substr($text, stripos($text, '[u]')+3, stripos($text, '[/u]') - stripos($text, '[u]') - 3);
  132.         $text = str_ireplace('[u]'.$u.'[/u]', $u, $text);
  133.     }
  134.     return $text;
  135. }
  136.  
  137. function codeLower($text)
  138. {
  139.     return str_ireplace(array('[b]', '[i]', '[u]', '[/u][/i][/b][i][u]', '[/u][/i][u]', '[/u]', '[url]', '[player]', '[img]', '[code]', '[quote]', '[/quote][/code][/url][code][quote]', '[/player]', '[/img]', '[/quote][/code][quote]', '[/quote]'), array('[b]', '[i]', '[u]', '[/u][/i][/b][i][u]', '[/u][/i][u]', '[/u]', '[url]', '[player]', '[img]', '[code]', '[quote]', '[/quote][/code][/url][code][quote]', '[/player]', '[/img]', '[/quote][/code][quote]', '[/quote]'), $text);
  140. }
  141.  
  142. function showPost($topic, $text, $smile)
  143. {
  144.     $text = nl2br($text);
  145.     $post = '';
  146.     if(!empty($topic))
  147.         $post .= '<b>'.replaceSmile($topic, $smile).'</b><hr />';
  148.     $post .= replaceAll($text, $smile);
  149.     return $post;
  150. }
  151.  
  152. if(!$logged)
  153.     $main_content .=  'You are not logged in. <a href="?subtopic=accountmanagement">Log in</a> to post on the forum.<br /><br />';
  154.  
  155. if($action == '')
  156. {
  157.     $main_content .= '<b>Boards</b>';
  158.     $main_content .= '<table width="100%"><tr bgcolor="'.$config['site']['vdarkborder'].'"><td><font color="white" size="1"><b>Board</b></font></td><td><font color="white" size="1"><b>Posts</b></font></td><td><font color="white" size="1"><b>Threads</b></font></td><td align="center"><font color="white" size="1"><b>Last Post</b></font></td></tr>';
  159.     $info = $SQL->query("SELECT " . $SQL->fieldName('section') . ", COUNT(" . $SQL->fieldName('id') . ") AS 'threads', SUM(" . $SQL->fieldName('replies') . ") AS 'replies' FROM " . $SQL->tableName('z_forum') . " WHERE " . $SQL->fieldName('first_post') . " = " . $SQL->fieldName('id') . " GROUP BY " . $SQL->fieldName('section') . "")->fetchAll();
  160.     foreach($info as $data)
  161.         $counters[$data['section']] = array('threads' => $data['threads'], 'posts' => $data['replies'] + $data['threads']);
  162.     foreach($sections as $id => $section)
  163.     {
  164.         $last_post = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . " FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('section') . " = ".(int) $id." AND " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " ORDER BY " . $SQL->fieldName('post_date') . " DESC LIMIT 1")->fetch();
  165.         if(!is_int($number_of_rows / 2)) { $bgcolor = $config['site']['darkborder']; } else { $bgcolor = $config['site']['lightborder']; } $number_of_rows++;
  166.         $main_content .= '<tr bgcolor="'.$bgcolor.'"><td><a href="?subtopic=forum&action=show_board&id='.$id.'">'.$section.'</a><br /><small>'.$sections_desc[$id].'</small></td><td>'.(int) $counters[$id]['posts'].'</td><td>'.(int) $counters[$id]['threads'].'</td><td>';
  167.         if(isset($last_post['name']))
  168.             $main_content .= date('d.m.y H:i:s', $last_post['post_date']).'<br />by <a href="?subtopic=characters&name='.urlencode($last_post['name']).'">'.$last_post['name'].'</a>';
  169.         else
  170.             $main_content .= 'No posts';
  171.         $main_content .= '</td></tr>';
  172.  
  173.     }
  174.     $main_content .= '</table>';
  175. }
  176.  
  177. if($action == 'show_board')
  178. {
  179.     $section_id = (int) $_REQUEST['id'];
  180.     $page = (int) $_REQUEST['page'];
  181.     $threads_count = $SQL->query("SELECT COUNT(" . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . ") AS threads_count FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('section') . " = ".(int) $section_id." AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . "")->fetch();
  182.     for($i = 0; $i < $threads_count['threads_count'] / $threads_per_page; $i++)
  183.     {
  184.         if($i != $page)
  185.             $links_to_pages .= '<a href="?subtopic=forum&action=show_board&id='.$section_id.'&page='.$i.'">'.($i + 1).'</a> ';
  186.         else
  187.             $links_to_pages .= '<b>'.($i + 1).' </b>';
  188.     }
  189.     $main_content .= '<a href="?subtopic=forum">Boards</a> >> <b>'.$sections[$section_id].'</b><br /><br /><a href="?subtopic=forum&action=new_topic&section_id='.$section_id.'"><img src="images/forum/topic.gif" border="0" /></a><br /><br />Page: '.$links_to_pages.'<br />';
  190.     $last_threads = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_text') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_topic') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('last_post') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('replies') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('views') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . " FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('section') . " = ".(int) $section_id." AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . " ORDER BY " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('last_post') . " DESC LIMIT ".$threads_per_page." OFFSET ".($page * $threads_per_page))->fetchAll();
  191.     if(isset($last_threads[0]))
  192.     {
  193.         $main_content .= '<table width="100%"><tr bgcolor="'.$config['site']['vdarkborder'].'" align="center"><td><font color="white" size="1"><b>Thread</b></font></td><td><font color="white" size="1"><b>Thread Starter</b></font></td><td><font color="white" size="1"><b>Replies</b></font></td><td><font color="white" size="1"><b>Views</b></font></td><td><font color="white" size="1"><b>Last Post</b></font></td></tr>';
  194.         foreach($last_threads as $thread)
  195.         {
  196.             if(!is_int($number_of_rows / 2)) { $bgcolor = $config['site']['darkborder']; } else { $bgcolor = $config['site']['lightborder']; } $number_of_rows++;
  197.             $main_content .= '<tr bgcolor="'.$bgcolor.'"><td>';
  198.             if($logged && $group_id_of_acc_logged >= $group_not_blocked)
  199.                 $main_content .= '<a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.htmlspecialchars($thread['post_topic']).' <?\')"><font color="red">[REMOVE]</font></a>  ';
  200.             $main_content .= '<a href="?subtopic=forum&action=show_thread&id='.$thread['id'].'">'.htmlspecialchars($thread['post_topic']).'</a><br /><small>'.htmlspecialchars(substr(removeBBCode($thread['post_text']), 0, 50)).'...</small></td><td><a href="?subtopic=characters&name='.urlencode($thread['name']).'">'.$thread['name'].'</a></td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
  201.             if($thread['last_post'] > 0)
  202.             {
  203.                 $last_post = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . " FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = ".(int) $thread['id']." AND " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " ORDER BY " . $SQL->fieldName('post_date') . " DESC LIMIT 1")->fetch();
  204.                 if(isset($last_post['name']))
  205.                     $main_content .= date('d.m.y H:i:s', $last_post['post_date']).'<br />by <a href="?subtopic=characters&name='.urlencode($last_post['name']).'">'.$last_post['name'].'</a>';
  206.                 else
  207.                     $main_content .= 'No posts.';
  208.             }
  209.             else
  210.                 $main_content .= date('d.m.y H:i:s', $thread['post_date']).'<br />by <a href="?subtopic=characters&name='.urlencode($thread['name']).'">'.$thread['name'].'</a>';
  211.             $main_content .= '</td></tr>';
  212.         }
  213.         $main_content .= '</table><br /><a href="?subtopic=forum&action=new_topic&section_id='.$section_id.'"><img src="images/forum/topic.gif" border="0" /></a>';
  214.     }
  215.     else
  216.         $main_content .= '<h3>No threads in this board.</h3>';
  217. }
  218. if($action == 'show_thread')
  219. {
  220.     $thread_id = (int) $_REQUEST['id'];
  221.     $page = (int) $_REQUEST['page'];
  222.     $thread_name = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_topic') . " FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = ".(int) $thread_id." AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " AND " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " LIMIT 1")->fetch();
  223.     if(!empty($thread_name['name']))
  224.     {
  225.         $posts_count = $SQL->query("SELECT COUNT(" . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . ") AS posts_count FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = ".(int) $thread_id)->fetch();
  226.         for($i = 0; $i < $posts_count['posts_count'] / $threads_per_page; $i++)
  227.         {
  228.             if($i != $page)
  229.                 $links_to_pages .= '<a href="?subtopic=forum&action=show_thread&id='.$thread_id.'&page='.$i.'">'.($i + 1).'</a> ';
  230.             else
  231.                 $links_to_pages .= '<b>'.($i + 1).' </b>';
  232.         }
  233.         $threads = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . ", " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('players') . "." . $SQL->fieldName('account_id') . ", " . $SQL->tableName('players') . "." . $SQL->fieldName('vocation') . ", " . $SQL->tableName('players') . "." . $SQL->fieldName('level') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . "," . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('section') . "," . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_text') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_topic') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_smile') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_aid') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('last_edit_aid') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('edit_date') . ", IFNULL(" . $SQL->tableName('guild_membership') . "." . $SQL->fieldName('rank_id') . ", 0) AS rank_id FROM " . $SQL->tableName('z_forum') . ", " . $SQL->tableName('players') . " LEFT JOIN " . $SQL->tableName('guild_membership') . " ON (" . $SQL->tableName('guild_membership') . "." . $SQL->fieldName('player_id') . " = " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . ") WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = ".(int) $thread_id." ORDER BY " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . " LIMIT ".$posts_per_page." OFFSET ".($page * $posts_per_page))->fetchAll();
  234.         if(isset($threads[0]['name']))
  235.             $SQL->query("UPDATE " . $SQL->tableName('z_forum') . " SET " . $SQL->fieldName('views') . "=" . $SQL->fieldName('views') . "+1 WHERE " . $SQL->fieldName('id') . " = ".(int) $thread_id);
  236.         $main_content .= '<a href="?subtopic=forum">Boards</a> >> <a href="?subtopic=forum&action=show_board&id='.$threads[0]['section'].'">'.$sections[$threads[0]['section']].'</a> >> <b>'.htmlspecialchars($thread_name['post_topic']).'</b>';
  237.         $main_content .= '<br /><br /><a href="?subtopic=forum&action=new_post&thread_id='.$thread_id.'"><img src="images/forum/post.gif" border="0" /></a><br /><br />Page: '.$links_to_pages.'<br /><table width="100%"><tr bgcolor="'.$config['site']['lightborder'].'" width="100%"><td colspan="2"><font size="4"><b>'.htmlspecialchars($thread_name['post_topic']).'</b></font><font size="1"><br />by <a href="?subtopic=characters&name='.urlencode($thread_name['name']).'">'.htmlspecialchars($thread_name['name']).'</a></font></td></tr><tr bgcolor="'.$config['site']['vdarkborder'].'"><td width="200"><font color="white" size="1"><b>Author</b></font></td><td>&nbsp;</td></tr>';
  238.         foreach($threads as $thread)
  239.         {
  240.             if(!is_int($number_of_rows / 2)) { $bgcolor = $config['site']['darkborder']; } else { $bgcolor = $config['site']['lightborder']; } $number_of_rows++;
  241.             $main_content .= '<tr bgcolor="'.$bgcolor.'"><td valign="top"><a href="?subtopic=characters&name='.urlencode($thread['name']).'">'.htmlspecialchars($thread['name']).'</a><br /><br /><font size="1">Profession: '.htmlspecialchars(Website::getVocationName($thread['vocation'])).'<br />Level: '.$thread['level'].'<br />';
  242.             if($thread['rank_id'] > 0)
  243.             {
  244.                 $rank = new GuildRank($thread['rank_id']);
  245.                 if($rank->isLoaded())
  246.                 {
  247.                     $guild = $rank->getGuild();
  248.                     if($guild->isLoaded())
  249.                         $main_content .= htmlspecialchars($rank->getName()).' of <a href="?subtopic=guilds&action=show&guild='.$guild->getId().'">'.htmlspecialchars($guild->getName()).'</a><br />';
  250.                 }
  251.             }
  252.             $posts = $SQL->query("SELECT COUNT(" . $SQL->fieldName('id') . ") AS 'posts' FROM " . $SQL->tableName('z_forum') . " WHERE " . $SQL->fieldName('author_aid') . "=".(int) $thread['account_id'])->fetch();
  253.             $main_content .= '<br />Posts: '.(int) $posts['posts'].'<br /></font></td><td valign="top">'.showPost(htmlspecialchars($thread['post_topic']), htmlspecialchars($thread['post_text']), $thread['post_smile']).'</td></tr>
  254.            <tr bgcolor="'.$bgcolor.'"><td><font size="1">'.date('d.m.y H:i:s', $thread['post_date']);
  255.             if($thread['edit_date'] > 0)
  256.             {
  257.                 if($thread['last_edit_aid'] != $thread['author_aid'])
  258.                     $main_content .= '<br />Edited by moderator';
  259.                 else
  260.                     $main_content .= '<br />Edited by '.htmlspecialchars($thread['name']);
  261.                 $main_content .= '<br />on '.date('d.m.y H:i:s', $thread['edit_date']);
  262.             }
  263.             $main_content .= '</font></td><td>';
  264.             if($logged && $group_id_of_acc_logged >= $group_not_blocked)
  265.                 if($thread['first_post'] != $thread['id'])
  266.                     $main_content .= '<a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove post of '.htmlspecialchars($thread['name']).'?\')"><font color="red">REMOVE POST</font></a>';
  267.                 else
  268.                     $main_content .= '<a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.htmlspecialchars($thread['post_topic']).' <?\')"><font color="red">REMOVE THREAD</font></a>';
  269.             if($logged && ($thread['account_id'] == $account_logged->getId() || $group_id_of_acc_logged >= $group_not_blocked))
  270.                 $main_content .= '<br/><a href="?subtopic=forum&action=edit_post&id='.$thread['id'].'">EDIT POST</a>';
  271.             if($logged)
  272.                 $main_content .= '<br/><a href="?subtopic=forum&action=new_post&thread_id='.$thread_id.'&quote='.$thread['id'].'">Quote</a>';
  273.             $main_content .= '</td></tr>';
  274.         }
  275.         $main_content .= '</table><br /><a href="?subtopic=forum&action=new_post&thread_id='.$thread_id.'"><img src="images/forum/post.gif" border="0" /></a><br /><center>Pages:<br />'.$links_to_pages.'<br /></center>';
  276.     }
  277.     else
  278.         $main_content .= 'Thread with this ID does not exits.';
  279.  
  280. }
  281. if($action == 'remove_post')
  282. {
  283.     if($logged && $group_id_of_acc_logged >= $group_not_blocked)
  284.     {
  285.         $id = (int) $_REQUEST['id'];
  286.         $post = $SQL->query("SELECT " . $SQL->fieldName('id') . ", " . $SQL->fieldName('first_post') . ", " . $SQL->fieldName('section') . " FROM " . $SQL->tableName('z_forum') . " WHERE " . $SQL->fieldName('id') . " = ".$id." LIMIT 1")->fetch();
  287.         if($post['id'] == $id)
  288.         {
  289.             if($post['id'] == $post['first_post'])
  290.             {
  291.                 $SQL->query("DELETE FROM " . $SQL->tableName('z_forum') . " WHERE " . $SQL->fieldName('first_post') . " = ".$post['id']);
  292.                 header('Location: ?subtopic=forum&action=show_board&id='.$post['section']);
  293.             }
  294.             else
  295.             {
  296.                 $post_page = $SQL->query("SELECT COUNT(" . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . ") AS posts_count FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . " < ".$id." AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = ".(int) $post['first_post'])->fetch();
  297.                 $page = (int) ceil($post_page['posts_count'] / $threads_per_page) - 1;
  298.                 $SQL->query("UPDATE " . $SQL->tableName('z_forum') . " SET " . $SQL->fieldName('replies') . " = " . $SQL->fieldName('replies') . " - 1 WHERE " . $SQL->fieldName('id') . " = ".$post['first_post']);
  299.                 $SQL->query("DELETE FROM " . $SQL->tableName('z_forum') . " WHERE " . $SQL->fieldName('id') . " = ".$post['id']);
  300.                 header('Location: ?subtopic=forum&action=show_thread&id='.$post['first_post'].'&page='.(int) $page);
  301.             }
  302.         }
  303.         else
  304.             $main_content .= 'Post with ID '.$id.' does not exist.';
  305.     }
  306.     else
  307.         $main_content .= 'You are not logged in or you are not moderator.';
  308. }
  309. if($action == 'new_post')
  310. {
  311.     if($logged)
  312.     {
  313.         if(canPost($account_logged) || $group_id_of_acc_logged >= $group_not_blocked)
  314.         {
  315.             $players_from_account = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " FROM " . $SQL->tableName('players') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('account_id') . " = ".(int) $account_logged->getId())->fetchAll();
  316.             $thread_id = (int) $_REQUEST['thread_id'];
  317.             $thread = $SQL->query("SELECT " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_topic') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('section') . " FROM " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . " = ".(int) $thread_id." AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = ".(int) $thread_id." LIMIT 1")->fetch();
  318.             $main_content .= '<a href="?subtopic=forum">Boards</a> >> <a href="?subtopic=forum&action=show_board&id='.$thread['section'].'">'.$sections[$thread['section']].'</a> >> <a href="?subtopic=forum&action=show_thread&id='.$thread_id.'">'.htmlspecialchars($thread['post_topic']).'</a> >> <b>Post new reply</b><br /><h3>'.htmlspecialchars($thread['post_topic']).'</h3>';
  319.             if(isset($thread['id']))
  320.             {
  321.                 $quote = (int) $_REQUEST['quote'];
  322.                 $text = trim(codeLower($_REQUEST['text']));
  323.                 $char_id = (int) $_REQUEST['char_id'];
  324.                 $post_topic = trim($_REQUEST['topic']);
  325.                 $smile = (int) $_REQUEST['smile'];
  326.                 $saved = false;
  327.                 if(isset($_REQUEST['quote']))
  328.                 {
  329.                     $quoted_post = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_text') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . " FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . " = ".(int) $quote)->fetchAll();
  330.                     if(isset($quoted_post[0]['name']))
  331.                         $text = '[i]Originally posted by '.$quoted_post[0]['name'].' on '.date('d.m.y H:i:s', $quoted_post[0]['post_date']).':[/i][quote]'.$quoted_post[0]['post_text'].'[/quote]';
  332.                 }
  333.                 elseif(isset($_REQUEST['save']))
  334.                 {
  335.                     $lenght = 0;
  336.                     for($i = 0; $i <= strlen($text); $i++)
  337.                     {
  338.                         if(ord($text[$i]) >= 33 && ord($text[$i]) <= 126)
  339.                             $lenght++;
  340.                     }
  341.                     if($lenght < 1 || strlen($text) > 15000)
  342.                         $errors[] = 'Too short or too long post (short: '.$lenght.' long: '.strlen($text).' letters). Minimum 1 letter, maximum 15000 letters.';
  343.                     if($char_id == 0)
  344.                         $errors[] = 'Please select a character.';
  345.                     $player_on_account == false;
  346.                     if(count($errors) == 0)
  347.                     {
  348.                         foreach($players_from_account as $player)
  349.                             if($char_id == $player['id'])
  350.                                 $player_on_account = true;
  351.                         if(!$player_on_account)
  352.                             $errors[] = 'Player with selected ID '.$char_id.' doesn\'t exist or isn\'t on your account';
  353.                     }
  354.                     if(count($errors) == 0)
  355.                     {
  356.                         $last_post = $account_logged->getCustomField('last_post');
  357.                         if($last_post+$post_interval-time() > 0 && $group_id_of_acc_logged < $group_not_blocked)
  358.                             $errors[] = 'You can post one time per '.$post_interval.' seconds. Next post after '.($last_post+$post_interval-time()).' second(s).';
  359.                     }
  360.                     if(count($errors) == 0)
  361.                     {
  362.                         $saved = true;
  363.                         $account_logged->set('last_post', time());
  364.                         $account_logged->save();
  365.                         $SQL->query("INSERT INTO " . $SQL->tableName('z_forum') . " (" . $SQL->fieldName('first_post') . " ," . $SQL->fieldName('last_post') . " ," . $SQL->fieldName('section') . " ," . $SQL->fieldName('replies') . " ," . $SQL->fieldName('views') . " ," . $SQL->fieldName('author_aid') . " ," . $SQL->fieldName('author_guid') . " ," . $SQL->fieldName('post_text') . " ," . $SQL->fieldName('post_topic') . " ," . $SQL->fieldName('post_smile') . " ," . $SQL->fieldName('post_date') . " ," . $SQL->fieldName('last_edit_aid') . " ," . $SQL->fieldName('edit_date') . ", " . $SQL->fieldName('post_ip') . ") VALUES ('".$thread['id']."', '0', '".$thread['section']."', '0', '0', '".$account_logged->getId()."', '".(int) $char_id."', ".$SQL->quote($text).", ".$SQL->quote($post_topic).", '".(int) $smile."', '".time()."', '0', '0', '".$_SERVER['REMOTE_ADDR']."')");
  366.                         $SQL->query("UPDATE " . $SQL->tableName('z_forum') . " SET " . $SQL->fieldName('replies') . "=" . $SQL->fieldName('replies') . "+1, " . $SQL->fieldName('last_post') . "=".time()." WHERE " . $SQL->fieldName('id') . " = ".(int) $thread_id);
  367.                         $post_page = $SQL->query("SELECT COUNT(" . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . ") AS posts_count FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . " <= ".time()." AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = ".(int) $thread['id'])->fetch();
  368.                         $page = (int) ceil($post_page['posts_count'] / $threads_per_page) - 1;
  369.                         header('Location: ?subtopic=forum&action=show_thread&id='.$thread_id.'&page='.$page);
  370.                         $main_content .= '<br />Thank you for posting.<br /><a href="?subtopic=forum&action=show_thread&id='.$thread_id.'">GO BACK TO LAST THREAD</a>';
  371.                     }
  372.                 }
  373.                 if(!$saved)
  374.                 {
  375.                     if(count($errors) > 0)
  376.                     {
  377.                         $main_content .= '<font color="red" size="2"><b>Errors occured:</b>';
  378.                         foreach($errors as $error)
  379.                             $main_content .= '<br />* '.$error;
  380.                         $main_content .= '</font><br />';
  381.                     }
  382.                     $main_content .= '<form action="?" method="POST"><input type="hidden" name="action" value="new_post" /><input type="hidden" name="thread_id" value="'.$thread_id.'" /><input type="hidden" name="subtopic" value="forum" /><input type="hidden" name="save" value="save" /><table width="100%"><tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="2"><font color="white"><b>Post New Reply</b></font></td></tr><tr bgcolor="'.$config['site']['darkborder'].'"><td width="180"><b>Character:</b></td><td><select name="char_id"><option value="0">(Choose character)</option>';
  383.                     foreach($players_from_account as $player)
  384.                     {
  385.                         $main_content .= '<option value="'.$player['id'].'"';
  386.                         if($player['id'] == $char_id)
  387.                             $main_content .= ' selected="selected"';
  388.                         $main_content .= '>'.$player['name'].'</option>';
  389.                     }
  390.                     $main_content .= '</select></td></tr><tr bgcolor="'.$config['site']['lightborder'].'"><td><b>Topic:</b></td><td><input type="text" name="topic" value="'.htmlspecialchars($post_topic).'" size="40" maxlength="60" /> (Optional)</td></tr>
  391.                    <tr bgcolor="'.$config['site']['darkborder'].'"><td valign="top"><b>Message:</b><font size="1"><br />You can use:<br />[player]Nick[/player]<br />[url=http://address.com/]Address Search - Find Email and Addresses @ Address.com[/url]<br />[img]http://images.com/images3.gif[/img]<br />[code]Code[/code]<br />[b]<b>Text</b>[/b]<br />[i]<i>Text</i>[/i]<br />[u]<u>Text</u>[/u]<br />and smileys:<br />;) , :) , :D , :( , :rolleyes:<br />:cool: , :eek: , :o , :p</font></td><td><textarea rows="10" cols="60" name="text">'.htmlspecialchars($text).'</textarea><br />(Max. 15,000 letters)</td></tr>
  392.                    <tr bgcolor="'.$config['site']['lightborder'].'"><td valign="top">Options:</td><td><label><input type="checkbox" name="smile" value="1"';
  393.                     if($smile == 1)
  394.                         $main_content .= ' checked="checked"';
  395.                     $main_content .= '/>Disable Smileys in This Post </label></td></tr></table><center><input type="submit" value="Post Reply" /></center></form>';
  396.                     $threads = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_text') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_topic') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_smile') . " FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = ".(int) $thread_id." ORDER BY " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . " DESC LIMIT 10")->fetchAll();
  397.                     $main_content .= '<table width="100%"><tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="2"><font color="white"><b>Last 5 posts from thread: '.htmlspecialchars($thread['post_topic']).'</b></font></td></tr>';
  398.                     foreach($threads as $thread)
  399.                     {
  400.                         if(is_int($number_of_rows / 2)) { $bgcolor = $config['site']['darkborder']; } else { $bgcolor = $config['site']['lightborder']; } $number_of_rows++;
  401.                         $main_content .= '<tr bgcolor="'.$bgcolor.'"><td>'.$thread['name'].'</td><td>'.showPost(htmlspecialchars($thread['post_topic']), htmlspecialchars($thread['post_text']), $thread['post_smile']).'</td></tr>';
  402.                     }
  403.                     $main_content .= '</table>';
  404.                 }
  405.             }
  406.             else
  407.                 $main_content .= 'Thread with ID '.$thread_id.' doesn\'t exist.';
  408.         }
  409.         else
  410.             $main_content .= 'Your account is banned, deleted or you don\'t have any player with level '.$level_limit.' on your account. You can\'t post.';
  411.     }
  412.     else
  413.         $main_content .= 'Login first.';
  414. }
  415.  
  416. if($action == 'edit_post')
  417. {
  418.     if($logged)
  419.     {
  420.         if(canPost($account_logged) || $group_id_of_acc_logged >= $group_not_blocked)
  421.         {
  422.             $post_id = (int) $_REQUEST['id'];
  423.             $thread = $SQL->query("SELECT " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_aid') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_topic') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_text') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_smile') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('section') . " FROM " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . " = ".(int) $post_id." LIMIT 1")->fetch();
  424.             if(isset($thread['id']))
  425.             {
  426.                 $first_post = $SQL->query("SELECT " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_aid') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_topic') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_text') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_smile') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('section') . " FROM " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . " = ".(int) $thread['first_post']." LIMIT 1")->fetch();
  427.                 $main_content .= '<a href="?subtopic=forum">Boards</a> >> <a href="?subtopic=forum&action=show_board&id='.$thread['section'].'">'.$sections[$thread['section']].'</a> >> <a href="?subtopic=forum&action=show_thread&id='.$thread['first_post'].'">'.htmlspecialchars($first_post['post_topic']).'</a> >> <b>Edit post</b>';
  428.                 if($account_logged->getId() == $thread['author_aid'] || $group_id_of_acc_logged >= $group_not_blocked)
  429.                 {
  430.                     $players_from_account = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " FROM " . $SQL->tableName('players') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('account_id') . " = ".(int) $account_logged->getId())->fetchAll();
  431.                     $saved = false;
  432.                     if(isset($_REQUEST['save']))
  433.                     {
  434.                         $text = trim(codeLower($_REQUEST['text']));
  435.                         $char_id = (int) $_REQUEST['char_id'];
  436.                         $post_topic = trim($_REQUEST['topic']);
  437.                         $smile = (int) $_REQUEST['smile'];
  438.                         $lenght = 0;
  439.                         for($i = 0; $i <= strlen($post_topic); $i++)
  440.                         {
  441.                             if(ord($post_topic[$i]) >= 33 && ord($post_topic[$i]) <= 126)
  442.                                 $lenght++;
  443.                         }
  444.                         if(($lenght < 1 || strlen($post_topic) > 60) && $thread['id'] == $thread['first_post'])
  445.                             $errors[] = 'Too short or too long topic (short: '.$lenght.' long: '.strlen($post_topic).' letters). Minimum 1 letter, maximum 60 letters.';
  446.                         $lenght = 0;
  447.                         for($i = 0; $i <= strlen($text); $i++)
  448.                         {
  449.                             if(ord($text[$i]) >= 33 && ord($text[$i]) <= 126)
  450.                                 $lenght++;
  451.                         }
  452.                         if($lenght < 1 || strlen($text) > 15000)
  453.                             $errors[] = 'Too short or too long post (short: '.$lenght.' long: '.strlen($text).' letters). Minimum 1 letter, maximum 15000 letters.';
  454.                         if($char_id == 0)
  455.                             $errors[] = 'Please select a character.';
  456.                         if(empty($post_topic) && $thread['id'] == $thread['first_post'])
  457.                             $errors[] = 'Thread topic can\'t be empty.';
  458.                         $player_on_account == false;
  459.                         if(count($errors) == 0)
  460.                         {
  461.                             foreach($players_from_account as $player)
  462.                                 if($char_id == $player['id'])
  463.                                     $player_on_account = true;
  464.                             if(!$player_on_account)
  465.                                 $errors[] = 'Player with selected ID '.$char_id.' doesn\'t exist or isn\'t on your account';
  466.                         }
  467.                         if(count($errors) == 0)
  468.                         {
  469.                             $saved = true;
  470.                             if($account_logged->getId() != $thread['author_aid'])
  471.                                 $char_id = $thread['author_guid'];
  472.                             $SQL->query("UPDATE " . $SQL->tableName('z_forum') . " SET " . $SQL->fieldName('author_guid') . " = ".(int) $char_id.", " . $SQL->fieldName('post_text') . " = ".$SQL->quote($text).", " . $SQL->fieldName('post_topic') . " = ".$SQL->quote($post_topic).", " . $SQL->fieldName('post_smile') . " = ".(int) $smile.", " . $SQL->fieldName('last_edit_aid') . " = ".(int) $account_logged->getId()."," . $SQL->fieldName('edit_date') . " = ".time()." WHERE " . $SQL->fieldName('id') . " = ".(int) $thread['id']);
  473.                             $post_page = $SQL->query("SELECT COUNT(" . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . ") AS posts_count FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . " <= ".$thread['post_date']." AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = ".(int) $thread['first_post'])->fetch();
  474.                             $page = (int) ceil($post_page['posts_count'] / $threads_per_page) - 1;
  475.                             header('Location: ?subtopic=forum&action=show_thread&id='.$thread['first_post'].'&page='.$page);
  476.                             $main_content .= '<br />Thank you for editing post.<br /><a href="?subtopic=forum&action=show_thread&id='.$thread['first_post'].'">GO BACK TO LAST THREAD</a>';
  477.                         }
  478.                     }
  479.                     else
  480.                     {
  481.                         $text = $thread['post_text'];
  482.                         $char_id = (int) $thread['author_guid'];
  483.                         $post_topic = $thread['post_topic'];
  484.                         $smile = (int) $thread['post_smile'];
  485.                     }
  486.                     if(!$saved)
  487.                     {
  488.                         if(count($errors) > 0)
  489.                         {
  490.                             $main_content .= '<br /><font color="red" size="2"><b>Errors occured:</b>';
  491.                             foreach($errors as $error)
  492.                                 $main_content .= '<br />* '.$error;
  493.                             $main_content .= '</font>';
  494.                         }
  495.                         $main_content .= '<br /><form action="?" method="POST"><input type="hidden" name="action" value="edit_post" /><input type="hidden" name="id" value="'.$post_id.'" /><input type="hidden" name="subtopic" value="forum" /><input type="hidden" name="save" value="save" /><table width="100%"><tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="2"><font color="white"><b>Edit Post</b></font></td></tr><tr bgcolor="'.$config['site']['darkborder'].'"><td width="180"><b>Character:</b></td><td><select name="char_id"><option value="0">(Choose character)</option>';
  496.                         foreach($players_from_account as $player)
  497.                         {
  498.                             $main_content .= '<option value="'.$player['id'].'"';
  499.                             if($player['id'] == $char_id)
  500.                                 $main_content .= ' selected="selected"';
  501.                             $main_content .= '>'.$player['name'].'</option>';
  502.                         }
  503.                         $main_content .= '</select></td></tr><tr bgcolor="'.$config['site']['lightborder'].'"><td><b>Topic:</b></td><td><input type="text" value="'.htmlspecialchars($post_topic).'" name="topic" size="40" maxlength="60" /> (Optional)</td></tr>
  504.                        <tr bgcolor="'.$config['site']['darkborder'].'"><td valign="top"><b>Message:</b><font size="1"><br />You can use:<br />[player]Nick[/player]<br />[url=http://address.com/]Address Search - Find Email and Addresses @ Address.com[/url]<br />[img]http://images.com/images3.gif[/img]<br />[code]Code[/code]<br />[b]<b>Text</b>[/b]<br />[i]<i>Text</i>[/i]<br />[u]<u>Text</u>[/u]<br />and smileys:<br />;) , :) , :D , :( , :rolleyes:<br />:cool: , :eek: , :o , :p</font></td><td><textarea rows="10" cols="60" name="text">'.htmlspecialchars($text).'</textarea><br />(Max. 15,000 letters)</td></tr>
  505.                        <tr bgcolor="'.$config['site']['lightborder'].'"><td valign="top">Options:</td><td><label><input type="checkbox" name="smile" value="1"';
  506.                         if($smile == 1)
  507.                             $main_content .= ' checked="checked"';
  508.                         $main_content .= '/>Disable Smileys in This Post </label></td></tr></table><center><input type="submit" value="Save Post" /></center></form>';
  509.                     }
  510.                 }
  511.                 else
  512.                     $main_content .= '<br />You are not an author of this post.';
  513.             }
  514.             else
  515.                 $main_content .= '<br />Post with ID '.$post_id.' doesn\'t exist.';
  516.         }
  517.         else
  518.             $main_content .= '<br />Your account is banned, deleted or you don\'t have any player with level '.$level_limit.' on your account. You can\'t post.';
  519.     }
  520.     else
  521.         $main_content .= '<br />Login first.';
  522. }
  523.  
  524. if($action == 'new_topic')
  525. {
  526.     if($logged)
  527.     {
  528.         if(canPost($account_logged) || $group_id_of_acc_logged >= $group_not_blocked)
  529.         {
  530.             $players_from_account = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " FROM " . $SQL->tableName('players') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('account_id') . " = ".(int) $account_logged->getId())->fetchAll();
  531.             $section_id = (int) $_REQUEST['section_id'];
  532.             $main_content .= '<a href="?subtopic=forum">Boards</a> >> <a href="?subtopic=forum&action=show_board&id='.$section_id.'">'.$sections[$section_id].'</a> >> <b>Post new thread</b><br />';
  533.             if(isset($sections[$section_id]))
  534.             {
  535.                 if($section_id == 1 && $group_id_of_acc_logged < $group_not_blocked)
  536.                     $errors[] = 'Only moderators and admins can post on news board.';
  537.                 $quote = (int) $_REQUEST['quote'];
  538.                 $text = trim(codeLower($_REQUEST['text']));
  539.                 $char_id = (int) $_REQUEST['char_id'];
  540.                 $post_topic = trim($_REQUEST['topic']);
  541.                 $smile = (int) $_REQUEST['smile'];
  542.                 $saved = false;
  543.                 if(isset($_REQUEST['save']))
  544.                 {
  545.                     $lenght = 0;
  546.                     for($i = 0; $i <= strlen($post_topic); $i++)
  547.                     {
  548.                         if(ord($post_topic[$i]) >= 33 && ord($post_topic[$i]) <= 126)
  549.                             $lenght++;
  550.                     }
  551.                     if($lenght < 1 || strlen($post_topic) > 60)
  552.                         $errors[] = 'Too short or too long topic (short: '.$lenght.' long: '.strlen($post_topic).' letters). Minimum 1 letter, maximum 60 letters.';
  553.                     $lenght = 0;
  554.                     for($i = 0; $i <= strlen($text); $i++)
  555.                     {
  556.                         if(ord($text[$i]) >= 33 && ord($text[$i]) <= 126)
  557.                             $lenght++;
  558.                     }
  559.                     if($lenght < 1 || strlen($text) > 15000)
  560.                         $errors[] = 'Too short or too long post (short: '.$lenght.' long: '.strlen($text).' letters). Minimum 1 letter, maximum 15000 letters.';
  561.                     if($char_id == 0)
  562.                         $errors[] = 'Please select a character.';
  563.                     $player_on_account == false;
  564.                     if(count($errors) == 0)
  565.                     {
  566.                         foreach($players_from_account as $player)
  567.                             if($char_id == $player['id'])
  568.                                 $player_on_account = true;
  569.                         if(!$player_on_account)
  570.                             $errors[] = 'Player with selected ID '.$char_id.' doesn\'t exist or isn\'t on your account';
  571.                     }
  572.                     if(count($errors) == 0)
  573.                     {
  574.                         $last_post = $account_logged->getCustomField('last_post');
  575.                         if($last_post+$post_interval-time() > 0 && $group_id_of_acc_logged < $group_not_blocked)
  576.                             $errors[] = 'You can post one time per '.$post_interval.' seconds. Next post after '.($last_post+$post_interval-time()).' second(s).';
  577.                     }
  578.                     if(count($errors) == 0)
  579.                     {
  580.                         $saved = true;
  581.                         $account_logged->set('last_post', time());
  582.                         $account_logged->save();
  583.                         $SQL->query("INSERT INTO " . $SQL->tableName('z_forum') . " (" . $SQL->fieldName('first_post') . " ," . $SQL->fieldName('last_post') . " ," . $SQL->fieldName('section') . " ," . $SQL->fieldName('replies') . " ," . $SQL->fieldName('views') . " ," . $SQL->fieldName('author_aid') . " ," . $SQL->fieldName('author_guid') . " ," . $SQL->fieldName('post_text') . " ," . $SQL->fieldName('post_topic') . " ," . $SQL->fieldName('post_smile') . " ," . $SQL->fieldName('post_date') . " ," . $SQL->fieldName('last_edit_aid') . " ," . $SQL->fieldName('edit_date') . ", " . $SQL->fieldName('post_ip') . ") VALUES ('0', '".time()."', '".(int) $section_id."', '0', '0', '".$account_logged->getId()."', '".(int) $char_id."', ".$SQL->quote($text).", ".$SQL->quote($post_topic).", '".(int) $smile."', '".time()."', '0', '0', '".$_SERVER['REMOTE_ADDR']."')");
  584.                         $thread_id = $SQL->lastInsertId();
  585.                         $SQL->query("UPDATE " . $SQL->tableName('z_forum') . " SET " . $SQL->fieldName('first_post') . "=".(int) $thread_id." WHERE " . $SQL->fieldName('id') . " = ".(int) $thread_id);
  586.                         header('Location: ?subtopic=forum&action=show_thread&id='.$thread_id);
  587.                         $main_content .= '<br />Thank you for posting.<br /><a href="?subtopic=forum&action=show_thread&id='.$thread_id.'">GO BACK TO LAST THREAD</a>';
  588.                     }
  589.                 }
  590.                 if(!$saved)
  591.                 {
  592.                     if(count($errors) > 0)
  593.                     {
  594.                         $main_content .= '<font color="red" size="2"><b>Errors occured:</b>';
  595.                         foreach($errors as $error)
  596.                             $main_content .= '<br />* '.$error;
  597.                         $main_content .= '</font><br />';
  598.                     }
  599.                     $main_content .= '<form action="?" method="POST"><input type="hidden" name="action" value="new_topic" /><input type="hidden" name="section_id" value="'.$section_id.'" /><input type="hidden" name="subtopic" value="forum" /><input type="hidden" name="save" value="save" /><table width="100%"><tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="2"><font color="white"><b>Post New Reply</b></font></td></tr><tr bgcolor="'.$config['site']['darkborder'].'"><td width="180"><b>Character:</b></td><td><select name="char_id"><option value="0">(Choose character)</option>';
  600.                     foreach($players_from_account as $player)
  601.                     {
  602.                         $main_content .= '<option value="'.$player['id'].'"';
  603.                         if($player['id'] == $char_id)
  604.                             $main_content .= ' selected="selected"';
  605.                         $main_content .= '>'.$player['name'].'</option>';
  606.                     }
  607.                     $main_content .= '</select></td></tr><tr bgcolor="'.$config['site']['lightborder'].'"><td><b>Topic:</b></td><td><input type="text" name="topic" value="'.htmlspecialchars($post_topic).'" size="40" maxlength="60" /> (Optional)</td></tr>
  608.                    <tr bgcolor="'.$config['site']['darkborder'].'"><td valign="top"><b>Message:</b><font size="1"><br />You can use:<br />[player]Nick[/player]<br />[url=http://address.com/]Address Search - Find Email and Addresses @ Address.com[/url]<br />[img]http://images.com/images3.gif[/img]<br />[code]Code[/code]<br />[b]<b>Text</b>[/b]<br />[i]<i>Text</i>[/i]<br />[u]<u>Text</u>[/u]<br />and smileys:<br />;) , :) , :D , :( , :rolleyes:<br />:cool: , :eek: , :o , :p</font></td><td><textarea rows="10" cols="60" name="text">'.htmlspecialchars($text).'</textarea><br />(Max. 15,000 letters)</td></tr>
  609.                    <tr bgcolor="'.$config['site']['lightborder'].'"><td valign="top">Options:</td><td><label><input type="checkbox" name="smile" value="1"';
  610.                     if($smile == 1)
  611.                         $main_content .= ' checked="checked"';
  612.                     $main_content .= '/>Disable Smileys in This Post </label></td></tr></table><center><input type="submit" value="Post Thread" /></center></form>';
  613.                 }
  614.             }
  615.             else
  616.                 $main_content .= 'Board with ID '.$board_id.' doesn\'t exist.';
  617.         }
  618.         else
  619.             $main_content .= 'Your account is banned, deleted or you don\'t have any player with level '.$level_limit.' on your account. You can\'t post.';
  620.     }
  621.     else
  622.         $main_content .= 'Login first.';
  623. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!