Untitled

<?php
include("menu.php");
mysql_conn));
mysql_ser());
if(isset($_COOKIE['login'])) {
$logincookie = explode("	", $_COOKIE[login]);
echo "<div class=\"log\">Logged in as <a href=\"edit.php\">";
echo $logincookie[0];
echo "</a><a style=\"float: right\" href=\"log.php?act=out\">(log out)</a></div>";


$message = $_POST['message'];
$message = stripslashes($message);
$message = str_replace("\n", "<br />", $message);
$message = strip_tags($message, '<b><i><u><blockquote>');
$message_no_spaces = preg_replace("/[^a-zA-Z0-9s]/", "", $message);


$topic_info = mysql_query("SELECT * FROM topic WHERE id='$_GET[id]'")
or die(mysql_error());

$info = mysql_fetch_array($topic_info);

$forum_info = mysql_query("SELECT * FROM forum WHERE forum_id='$_GET[f]'")
or die(mysql_error());

$forum = mysql_fetch_array($forum_info);


$hidden = "

<form method=\"post\" action=\"?act=confirm&f=$_GET[f]&id=$_GET[id]\">

<div class=\"desc-curve\">

<span class=\"left\">message</span> Type in a message to go with your topic. (maximum 10,000 characters) <div class=\"desc\"><textarea cols=\"50\" rows=\"10\" wrap=\"hard\" name=\"message\">$message</textarea></div>

<span class=\"left\">submit</span> Confirm all submissions by submitting all information.
 <div class=\"desc\"><input type=\"submit\" value=\"Send\"> </div>
</div>
</form>
";


if( $_GET[act] == "confirm" && $message ) {

$namecheck = mysql_query("SELECT * FROM user WHERE name='$username'")
or die(mysql_error());


$row = mysql_fetch_array($namecheck);


if ( strlen($message_no_spaces) > 10000 ) {
echo "<div class=\"warning\">Your message is too long. You are only allowed a maximum of $admin[1] characters in your message. You have ". strlen($message_no_spaces). " characters.</div>";
$reginfo = $hidden;

} elseif ( strlen($message_no_spaces) < 3 ) {

if ( strlen($message_no_spaces) == 1 ) {
$plural = "character";
} else {
$plural = "characters";
}if ( strlen($message_no_spaces) == 1 ) {
$plural = "character";
} else {
$plural = "characters";
}

echo "<div class=\"warning\">Your message is too short. You are only allowed a minimum of $admin[1] characters in your message. You have ". strlen($message_no_spaces). " $plural.</div>";
$reginfo = $hidden;

} elseif ( $info[id] == 0 ) {

echo "<div class=\"warning\">You cannot post in a topic that doesn't exist.</div>";
$reginfo = $hidden;

} elseif ( $forum[forum_id] == 0 ) {

echo "<div class=\"warning\">You cannot post in a forum that doesn't exist.</div>";
$reginfo = $hidden;

} elseif ( $info[forum] !== $forum[forum_id] ) {

echo "<div class=\"warning\">There is a syntax error with your submission. The topic you posted in is not hosted on the right forum that you have selected. Please refrain from tampering with the URL, it's hopeless. :P</div>";
$reginfo = $hidden;


} else {
$password = md5($password);
echo "Your registration has been accepted. An admin has chose to require your account to be validated. In order to use your account, you need to confirm your email address by going to your email account.";


$namecheck = mysql_query("SELECT * FROM user WHERE name='$logincookie[0]'")
or die(mysql_error());


$user = mysql_fetch_array($namecheck);

mysql_query("INSERT INTO message
(user, message, forum, topic_id) VALUES('$user[id]', '$message', '$_GET[f]', '$_GET[id]') ")
or die(mysql_error());

$message_info = mysql_query("SELECT * FROM message")
or die(mysql_error());
$message2 = mysql_fetch_array($message_info);
$result = mysql_query("UPDATE topic SET bump='$message2[id]' WHERE id='info[id]'")

}

} // end $_GET[act] == "confirm"

if( $_GET[act] !== "confirm" ) {
$reginfo = $hidden;
}

echo $reginfo;

} else { // Everything below is what shows up if a user isn't logged in.

echo "<div class=\"warning\">You need to be logged in to view this page.</div>";
}
?>