SHOW:
|
|
- or go back to the newest paste.
| 1 | <?php | |
| 2 | include('../functions.php');
| |
| 3 | include('../config.php');
| |
| 4 | ||
| 5 | if(!isset($_COOKIE['user'])) redirect('index.php');
| |
| 6 | ||
| 7 | //lets make our id variable | |
| 8 | if(isset($_POST['forum']) || !isset($_GET['forum'])) | |
| 9 | {
| |
| 10 | $id = $_POST['forum']; | |
| 11 | } | |
| 12 | elseif(isset($_GET['forum']) && !isset($_POST['forum'])) | |
| 13 | {
| |
| 14 | $id = $_GET['forum']; | |
| 15 | } | |
| 16 | ||
| 17 | //start working | |
| 18 | if(!ctype_digit($id)) | |
| 19 | {
| |
| 20 | redirect('index.php');
| |
| 21 | } | |
| 22 | else | |
| 23 | {
| |
| 24 | //make sure the parent exists | |
| 25 | - | $query_parent = mysql_query("SELECT type FROM forums WHERE id = '{$id}'");
|
| 25 | + | $query_parent = mysql_query("SELECT `type` FROM `forums` WHERE id = '$id'");
|
| 26 | $ex_parent = mysql_fetch_assoc($query_parent); | |
| 27 | ||
| 28 | if(mysql_num_rows($query_parent) < 1) | |
| 29 | {
| |
| 30 | redirect('index.php');
| |
| 31 | } | |
| 32 | elseif($ex_parent['type'] == 2 && acc_status($_COOKIE['user']) < 2) | |
| 33 | {
| |
| 34 | $content = '<div class="frame e">Only staff members can create new threads in this section. <a href="viewforum.php?forum='. $id .'">Back</a></div>'; | |
| 35 | } | |
| 36 | else | |
| 37 | {
| |
| 38 | if(!isset($_POST['forum']) && !isset($_POST['title']) && !isset($_POST['content'])) | |
| 39 | {
| |
| 40 | (acc_status($_COOKIE['user']) < 3) ? $chars = 2000 : $chars = 20000; | |
| 41 | ||
| 42 | $content = ' | |
| 43 | <div id="nocontrols" class="phold"></div> | |
| 44 | <div id="command"> | |
| 45 | <form method="post" action="create.php"> | |
| 46 | <input type="hidden" name="forum" value="'. $id .'"> | |
| 47 | <table> | |
| 48 | <tr> | |
| 49 | <td class="commandtitle">Thread Title:</td> | |
| 50 | <td class="commandinput"><input size="40" maxlength="30" id="charlimit_text_b" type="text" class="textinput" name="title"/> | |
| 51 | </td> | |
| 52 | </tr> | |
| 53 | <tr> | |
| 54 | <td class="commandtwo" colspan="2">You have <span id="charlimit_count_b">30</span> characters <span id="charlimit_info_b" style="display: none">remaining</span> for your title.</td> | |
| 55 | </tr> | |
| 56 | <tr> | |
| 57 | <td class="commandtwo" colspan="2"> | |
| 58 | <textarea id="charlimit_text_a" name="content" rows="20" cols="60"></textarea><br /> | |
| 59 | You have <span id="charlimit_count_a">'. $chars .'</span> characters <span id="charlimit_info_a" style="display: none">remaining</span> for your message.</td> | |
| 60 | </tr> | |
| 61 | <tr> | |
| 62 | <td class="commandtwo" colspan="2"><br /> | |
| 63 | <input type="submit" name="add" value="Add thread" /> | |
| 64 | <!--<input type="submit" name="preview" value="Preview" /> --> | |
| 65 | <input type="submit" name="cancel" value="Cancel" /> | |
| 66 | </td> | |
| 67 | </tr> | |
| 68 | </table> | |
| 69 | </form> | |
| 70 | </div>'; | |
| 71 | } | |
| 72 | else | |
| 73 | {
| |
| 74 | $title = mysql_real_escape_string(nl2br(trim($_POST['title']))); | |
| 75 | ||
| 76 | if(acc_status($_COOKIE['user']) > 2) | |
| 77 | {
| |
| 78 | $content = mysql_real_escape_string(nl2br(trim($_POST['content']))); | |
| 79 | } | |
| 80 | else | |
| 81 | {
| |
| 82 | $content = mysql_real_escape_string(nl2br(strip_tags(trim($_POST['content'])))); | |
| 83 | } | |
| 84 | ||
| 85 | //lets get the current option | |
| 86 | - | $flood = mysql_query("SELECT floodlimit FROM floodlimit");
|
| 86 | + | $flood = mysql_query("SELECT `floodlimit` FROM `floodlimit`");
|
| 87 | $get_flood = mysql_fetch_assoc($flood); | |
| 88 | ||
| 89 | //lets get the users last post | |
| 90 | - | $lastpost = mysql_query("SELECT lastpost FROM users WHERE username = '{$_COOKIE['user']}'");
|
| 90 | + | $lastpost = mysql_query("SELECT `lastpost` FROM `users` WHERE `username` = '{$_COOKIE['user']}'");
|
| 91 | $get_lastpost = mysql_fetch_assoc($lastpost); | |
| 92 | ||
| 93 | if(strlen($title) < 3) | |
| 94 | {
| |
| 95 | $content = '<div class="frame e">Your title needs to be at least three characters long.</div>'; | |
| 96 | } | |
| 97 | elseif(word_count($content) < 10) | |
| 98 | {
| |
| 99 | $content = '<div class="frame e">Your thread needs to be at least ten words.</div>'; | |
| 100 | } | |
| 101 | elseif(strlen($content) > 2000 && acc_status($_COOKIE['user']) < 3) | |
| 102 | {
| |
| 103 | $content = '<div class="frame e">Your post cannot be greater than 2000 characters.</div>'; | |
| 104 | } | |
| 105 | elseif((time()-$get_lastpost['lastpost']) < $get_flood['floodlimit']) | |
| 106 | {
| |
| 107 | $content = '<div class="frame e">You must wait '. $get_flood['floodlimit'] .' seconds in-between posts.</div>'; | |
| 108 | } | |
| 109 | else | |
| 110 | {
| |
| 111 | //if the category type is 2, make the thread automatically hidden | |
| 112 | if($ex_parent['type'] == 3) { $s = 1; } else { $s = 0; }
| |
| 113 | ||
| 114 | //update their lastpost field | |
| 115 | - | mysql_query("UPDATE users SET lastpost = '". time() ."' WHERE username = '{$_COOKIE['user']}'");
|
| 115 | + | mysql_query("UPDATE `users` SET `lastpost` = '". time() ."' WHERE `username` = '{$_COOKIE['user']}'");
|
| 116 | ||
| 117 | //insert new thread | |
| 118 | - | mysql_query("INSERT INTO threads VALUES (null, '{$id}','{$title}', '{$content}', '{$_COOKIE['user']}', NOW(), '". qfc() ."', NOW(), '{$_COOKIE['user']}', '','{$_SERVER['REMOTE_ADDR']}', '0', '0', '{$s}', '')");
|
| 118 | + | mysql_query("INSERT INTO `threads` VALUES (null, '$id','$title', '$content', '{$_COOKIE['user']}', NOW(), '". qfc() ."', NOW(), '{$_COOKIE['user']}', '','{$_SERVER['REMOTE_ADDR']}', '0', '0', '$s', '')");
|
| 119 | ||
| 120 | //send them to their new thread | |
| 121 | redirect('viewthread.php?forum='. $id .'&id='. mysql_insert_id());
| |
| 122 | } | |
| 123 | } | |
| 124 | } | |
| 125 | } | |
| 126 | - | ?> |
| 126 | + | ?> |
