Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

source: trunk/minimanager/forum.php@ 599

Last change on this file since 599 was 599, checked in by barny, 16 years ago
*Přidán nový mimimanager pro podporu 3.0.9 a upraven index.php pro zobrazování online mapy (všechny lokace).
File size: 55.4 KB

Line
1	<?php
2	/*
3	* Project Name: Forums for "MiniManager for Mangos Server"
4	* Date: 21.01.2007 inital version
5	* Author: Jiboo
6	* Copyright: Jiboo
7	* Email: *****
8	* License: GNU General Public License (GPL)
9	*/
10
11	/*
12	* CHANGELOG :
13	*
14	* 0.0
15	* Offtopic: Seems to be fully compatible with 0.1.3a (thx Quintine)
16	*
17	* Fix: Changed to from mangos db to realmd db (thx Quintine)
18	* Fix: Removed some stupid comments (i was tired..)
19	* Fix: Bug when edit topic name.
20	*
21	* 1.0
22	* Offtopic: End beta stage, first public release
23	*
24	* Fix: Removed user.php?action=view_user links as this is not implanted in the default poject (thx qsa)
25	* Fix: Changed & from links to & to be valid html (thx qsa)
26	* Fix: Modified header
27	* Fix: Big mistakes on do_delete_post optimized the code and corrected the redirection
28	*
29	* Add: Two bbcode tags (i don' t know wtf they are meaning, i hate regexp..) (thx qsa)
30	* Add: Multilanguage support
31	* Add: Improved post edition (BBCode helpers and smiley list)
32	* Add: Move topic
33	*
34	* 1.1
35	* Fix: Security problems, add_topic, do_add_topic, do_add_post wasn' t checking if poster got access to the forum => 1.0.1b
36	* Fix: Stupid bug with postid redirection (thx boomingranny again! :) => 1.0.1c
37	*
38	* Add: Option to enable forum access to one type of player (Alliance or Horde) (thx boomingranny)
39	* Detail : Add this line in your forum/category array "side_access" => "A" or "side_access" => "H"
40	* You can also disable the check if you are not interested in this feature see forum.conf.php
41	*
42	* 1.2
43	* Fix: Security problems with level_post in some functions, and also the quick reply form is not shown anymore if user dont have the required level to post (thx warrior)
44	* Fix: Change version format : Major.Minor.Revision
45	*
46	* Add: You could not specify levels, default is 0 => 1.2.4
47	*
48	* 1.3
49	* Fix: Trying to reduce mysql queries
50	* forum_index() to 1 query => 1.3.6
51	* forum_view_forum() to 3 query => 1.3.7
52	* Fix: Bug with 1.3.6 => 1.3.7
53	* Fix: Bug with mmfpm rev6 => 1.3.10
54	* Fix: Removed striptags and added htmlspecialchars to avoid <script> or anything tags => 1.3.11
55	*
56	* 1.4
57	* Add: Close topic => 1.4.13
58	* You need to apply the patch_r13.sql
59	* Some things might change cause i' m not sure if someone would be able to delete/modify a post if a topic is closed
60	*
61	* 1.5
62	* Add: Added [wow] bbcode tag, that will print image and tooltip info for an item
63	* Add: level_post_topic to grant only gm to post new topics, but players can post in it => rev 15.
64	*
65	* Fix: GM can see all side forums
66	* Fix: An annoucement is now in all forums
67	*
68	* 1.6
69	*
70	* Add: Avatar System => rev 23
71	* Add: or fix? Tons of graphic modification. => Rev 24
72	* Icons(in img/forums) from a PhpBB Theme fiBlack by Daz
73	* As it' s a template, maybe you can use other icons from other template :)
74	* Emoticons from PunBB
75	* The greens, was for my mmfpm template :p
76	* Improved BBcode editor
77	* Color list dropdown
78	* Better names than quote 1 and quote 2 :p
79	* Replaced some by images
80	* Add: Direct access to users pages for admins
81	* Add: Custom GM avatars => 39
82	* Add: Show gm level rank if user gmlevel > 3 => 39
83	*
84	* Fix: globals declaration problem, thx qsa => Rev 24
85	* Fix: Little improvement at avatars data query, thx qsa => Rev 25
86	* Fix: Removed the \r replacing, it fix the double <br /> but does it work under unix? ..
87	* Fix: Fixed the query on view forum that bug sometimes
88	* Fix: Removed doubles emoticons => Rev 31
89	*
90	*/
91
92	require_once("header.php");
93	require_once("scripts/forum.conf.php");
94	require_once("scripts/extra_lib.php");
95	require_once("scripts/defines.php");
96	valid_login($action_permission['read']);
97
98	if (isset($_COOKIE["lang"])){
99	$forumlang = $_COOKIE["lang"];
100	if (!file_exists("lang/forum_$forumlang.php")) $forumlang = $language;
101	} else $forumlang = $language;
102	require_once("lang/forum_$forumlang.php");
103
104	foreach($forum_skeleton as $cid => $category){
105	if(!isset($category["level_read"])) $forum_skeleton[$cid]["level_read"] = 0;
106	if(!isset($category["level_post"])) $forum_skeleton[$cid]["level_post"] = 0;
107	if(!isset($category["level_post_topic"])) $forum_skeleton[$cid]["level_post_topic"] = 0;
108	if(!isset($category["side_access"])) $forum_skeleton[$cid]["side_access"] = "ALL";
109	foreach($category["forums"] as $id => $forum){
110	if(!isset($forum["level_read"])) $forum_skeleton[$cid]["forums"][$id]["level_read"] = 0;
111	if(!isset($forum["level_post"])) $forum_skeleton[$cid]["forums"][$id]["level_post"] = 0;
112	if(!isset($forum["level_post_topic"])) $forum_skeleton[$cid]["forums"][$id]["level_post_topic"] = 0;
113	if(!isset($forum["side_access"])) $forum_skeleton[$cid]["forums"][$id]["side_access"] = "ALL";
114	}
115	}
116
117	// #######################################################################################################
118	// Forum_Index : Display the forums in categories
119	// #######################################################################################################
120	function forum_index(){
121	global $enablesidecheck, $forum_skeleton, $forum_lang, $user_lvl, $output, $realm_db, $mmfpm_db;
122	if($enablesidecheck)
123	$side = get_side();
124	$mysql = new SQL;
125	$mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
126	$result = $mysql->query("SELECT `authorname`,`id`,`name`,`time`,`forum` FROM `forum_posts` WHERE `id` IN (SELECT MAX(`id`) FROM `forum_posts` GROUP BY `forum`) ORDER BY `forum`;");
127	$lasts = array();
128	if($mysql->num_rows($result) > 0){
129	while($row = $mysql->fetch_row($result))
130	$lasts[$row[4]] = $row;
131	}
132	$output .= "<div class=\"top\"><h1>{$forum_lang["forums"]}</h1>{$forum_lang["you_are_here"]} : <a href=\"forum.php\">{$forum_lang["forum_index"]}</a></div><center><table class=\"lined\">";
133	foreach($forum_skeleton as $category){ if(($category["level_read"] > $user_lvl))
134	continue;
135	if($user_lvl == 0 && $enablesidecheck){
136	if($category["side_access"] != "ALL"){ // Not an all side forum
137	if($side == "NO") // No char
138	continue;
139	else if($category["side_access"] != $side) // Forumside different of the user side
140	continue;
141	}
142	}
143	$output .= "<tr><td class=\"head\" align=\"left\">".$category["name"]."</td>
144	<td class=\"head\">{$forum_lang["topics"]}</td>
145	<td class=\"head\">{$forum_lang["replies"]}</td>
146	<td class=\"head\" align=\"right\">".$forum_lang["last_post"]."</td></tr>";
147	foreach($category["forums"] as $id => $forum){
148	if($forum["level_read"] > $user_lvl)
149	continue; if($user_lvl == 0 && $enablesidecheck){
150	if($forum["side_access"] != "ALL"){ // Not an all side forum
151	if($side == "NO") // No char
152	continue;
153	else if($forum["side_access"] != $side) // Forumside different of the user side
154	continue;
155	}
156	}
157	$totaltopics = $mysql->query("SELECT id FROM forum_posts WHERE forum = '$id' AND id = `topic`;");
158	$numtopics = $mysql->num_rows($totaltopics);
159	$totalreplies = $mysql->query("SELECT id FROM forum_posts WHERE forum = '$id';");
160	$numreplies = $mysql->num_rows($totalreplies);
161	$output .= "<tr><td align=\"left\"><a href=\"forum.php?action=view_forum&id=$id\">{$forum["name"]}</a><br />{$forum["desc"]}</td>
162	<td>{$numtopics}</td>
163	<td>{$numreplies}</td>";
164	if(isset($lasts[$id])){
165	$lasts[$id][2] = htmlspecialchars($lasts[$id][2]);
166	$output .= "<td align=\"right\"><a href=\"forum.php?action=view_topic&postid={$lasts[$id][1]}\">{$lasts[$id][2]}</a><br />by {$lasts[$id][0]} <br /> {$lasts[$id][3]} </td></tr>";
167	}
168	else{
169	$output .= "<td align=\"right\">{$forum_lang["no_topics"]}</td></tr>";
170	}
171	}
172	}
173	$output .= "<tr><td align=\"right\" class=\"hidden\"></td></tr></table></center><br/>";
174	$mysql->close();
175	// Queries : 1
176	}
177
178	// #######################################################################################################
179	//
180	// #######################################################################################################
181	function forum_view_forum(){
182	global $enablesidecheck, $forum_skeleton, $forum_lang, $maxqueries, $user_lvl, $output, $mmfpm_db;
183	if($enablesidecheck) $side = get_side();
184	$mysql = new SQL;
185	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
186	if(!isset($_GET["id"])) error($forum_lang["no_such_forum"]);
187	else $id = $mysql->quote_smart($_GET["id"]);
188	if(!isset($_GET["page"])) $page = 0;
189	else $page = $mysql->quote_smart($_GET["page"]);
190	$cat = 0;
191	foreach($forum_skeleton as $cid => $category){
192	foreach($category["forums"] as $fid => $forum){
193	if($fid == $id) $cat = $cid;
194	}
195	}
196	if(empty($forum_skeleton[$cat]["forums"][$id])) error($forum_lang["no_such_forum"]);
197	$forum = $forum_skeleton[$cat]["forums"][$id];
198	if(($forum_skeleton[$cat]["level_read"] > $user_lvl) \|\| ($forum["level_read"] > $user_lvl))
199	error($forum_lang["no_access"]);
200
201	if($user_lvl == 0 && $enablesidecheck){
202	if($forum_skeleton[$cat]["side_access"] != "ALL"){ // Not an all side forum
203	if($side == "NO") // No char
204	continue;
205	else if($forum_skeleton[$cat]["side_access"] != $side) // Forumside different of the user side
206	continue;
207	}
208	if($forum["side_access"] != "ALL"){ // Not an all side forum
209	if($side == "NO") // No char
210	continue;
211	else if($forum["side_access"] != $side) // Forumside different of the user side
212	continue;
213	}
214	}
215
216	$start = ($maxqueries * $page);
217	$output .= "<div class=\"top\"><h1>{$forum_lang["forums"]}</h1>{$forum_lang["you_are_here"]} : <a href=\"forum.php\">{$forum_lang["forum_index"]}</a> -> <a href=\"forum.php?action=view_forum&id={$id}\">{$forum["name"]}</a></div>
218	<center><table class=\"lined\">";
219	$topics = $mysql->query("SELECT id, authorid, authorname, name, annouced, sticked, closed FROM forum_posts WHERE (forum = '$id' AND id = `topic`) OR annouced = 1 AND id = `topic` ORDER BY annouced DESC, sticked DESC, lastpost DESC LIMIT $start, $maxqueries;");
220	$result = $mysql->query("SELECT `topic` as curtopic,(SELECT count(`id`)-1 FROM forum_posts WHERE `topic` = `curtopic`) AS replies,lastpost as curlastpost,(SELECT authorname FROM forum_posts WHERE id = curlastpost) as authorname,(SELECT time FROM forum_posts WHERE id = curlastpost) as time FROM `forum_posts` WHERE (`forum` = $id AND `topic` = `id` ) OR annouced = 1;");
221	$lasts = array();
222	if($mysql->num_rows($result) > 0){
223	while($row = $mysql->fetch_row($result))
224	$lasts[$row[0]] = $row;
225	}
226	if($forum_skeleton[$cat]["level_post_topic"] <= $user_lvl && $forum["level_post_topic"] <= $user_lvl)
227	$output .= "<tr><td colspan=\"4\" style=\"text-align:right;\"><a href=\"forum.php?action=add_topic&id={$id}\">{$forum_lang["new_topic"]}</a></td></tr>";
228	if($mysql->num_rows($topics)!=0){
229	$output .= "<tr>
230	<td style=\"width:35%;text-align:left;\">{$forum_lang["title"]}</td>
231	<td style=\"width:15%;\">{$forum_lang["author"]}</td>
232	<td>{$forum_lang["replies"]}</td>
233	<td>{$forum_lang["last_post"]}</td>
234	</tr>";
235	while($topic = $mysql->fetch_row($topics)){
236	$output .= "<tr>
237	<td style=\"text-align:left;\">";
238	if($topic[4]=="1")
239	$output .= "{$forum_lang["annoucement"]} : ";
240	else{
241	if($topic[5]=="1")
242	$output .= "{$forum_lang["sticky"]} : ";
243	else{
244	if($topic[6]=="1")
245	$output .= "[{$forum_lang["closed"]}] ";
246	}
247	}
248	$topic[3] = htmlspecialchars($topic[3]);
249	$output .= "<a href=\"forum.php?action=view_topic&id={$topic[0]}\">{$topic[3]}</a></td><td>{$topic[2]}</td>
250	<td>{$lasts[$topic[0]][1]}</td>
251	<td>{$forum_lang["last_post_by"]} {$lasts[$topic[0]][3]}, {$lasts[$topic[0]][4]}</td>
252	</tr>";
253	}
254	$totaltopics = $mysql->query("SELECT id FROM forum_posts WHERE forum = '$id' AND id = `topic`;"); //My page system is so roxing, i can' t break this query xD
255	$pages = ceil($mysql->num_rows($totaltopics)/$maxqueries);
256	$output .= "<tr><td align=\"right\" colspan=\"4\">{$forum_lang["pages"]} : ";
257	for($x = 1; $x <= $pages; $x++){
258	$y = $x-1;
259	$output .= "<a href=\"forum.php?action=view_forum&id=$id&page=$y\">$x</a> ";
260	}
261	$output .= "</td></tr>";
262	}
263	else
264	$output .= "<tr><td>{$forum_lang["no_topics"]}</td></tr>";
265	$mysql->close();
266	$output .= "<tr><td align=\"right\" class=\"hidden\"></td></tr></table></center><br/>";
267	// Queries : 3
268	}
269	// #######################################################################################################
270	//
271	// #######################################################################################################
272	function forum_view_topic(){
273
274	global $enablesidecheck, $forum_skeleton, $forum_lang, $maxqueries, $user_lvl, $user_id, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db;
275
276	if($enablesidecheck) $side = get_side(); // Better to use it here instead of call it many time in the loop :)
277
278	$mysql = new SQL;
279	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
280
281	if(isset($_GET["id"])){
282	$id = $mysql->quote_smart($_GET["id"]);
283	$post = false;
284	}
285	else{
286	if(isset($_GET["postid"])){
287	$id = $mysql->quote_smart($_GET["postid"]);
288	$post = true;
289	}
290	else
291	error($forum_lang["no_such_topic"]);
292	}
293
294
295	if(!isset($_GET["page"])) $page = 0;
296	else $page = $mysql->quote_smart($_GET["page"]); // Fok you mathafoker haxorz
297	$start = ($maxqueries * $page);
298
299	if(!$post){
300	$posts = $mysql->query("SELECT id,authorid,authorname,forum,name,text,time,annouced,sticked,closed FROM forum_posts WHERE topic = '$id' ORDER BY id ASC LIMIT $start, $maxqueries;");
301
302	// Thx qsa for the query structure
303
304	$link = $mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
305
306	$query = "SELECT account,name,SUBSTRING_INDEX(SUBSTRING_INDEX(data,' ', ".(CHAR_DATA_OFFSET_GENDER+1)."),' ',-1) AS gen,race,class,
307	SUBSTRING_INDEX(SUBSTRING_INDEX(data,' ',".(CHAR_DATA_OFFSET_LEVEL+1)."),' ',-1) AS level,(SELECT gmlevel FROM `{$realm_db['name']}`.account WHERE `{$realm_db['name']}`.account.id = `{$characters_db[$realm_id]['name']}`.characters.account) as gmlevel
308	FROM `{$characters_db[$realm_id]['name']}`.characters WHERE totaltime IN ( SELECT MAX(totaltime) FROM `{$characters_db[$realm_id]['name']}`.characters WHERE account IN (";
309	while($post = $mysql->fetch_row($posts)){
310	$query .= "$post[1],";
311	}
312	mysql_data_seek($posts,0);
313	$query .= "0) GROUP BY account);";
314	$link = $mysql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
315	$results = $mysql->query($query);
316
317	while($avatar = $mysql->fetch_row($results)){
318	$char_gender = str_pad(dechex($avatar[2]),8, 0, STR_PAD_LEFT);
319	$avatars[$avatar[0]]["name"] = $avatar[1];
320	$avatars[$avatar[0]]["sex"] = $char_gender[3];
321	$avatars[$avatar[0]]["race"] = $avatar[3];
322	$avatars[$avatar[0]]["class"] = $avatar[4];
323	$avatars[$avatar[0]]["level"] = $avatar[5];
324	$avatars[$avatar[0]]["gm"] = $avatar[6];
325	}
326
327	// $link = $mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
328	$replies = $mysql->num_rows($posts);
329	if($replies==0)
330	error($forum_lang["no_such_topic"]);
331	$post = $mysql->fetch_row($posts);
332	$fid = $post[3];
333	$cat = 0;
334	foreach($forum_skeleton as $cid => $category){
335	foreach($category["forums"] as $fid_ => $forum){
336	if($fid_ == $fid) $cat = $cid;
337	}
338	}
339	if(empty($forum_skeleton[$cat]["forums"][$fid]))
340	error($forum_lang["no_such_forum"]);
341	$forum = $forum_skeleton[$cat]["forums"][$fid];
342	if($forum_skeleton[$cat]["level_read"] > $user_lvl \|\| $forum["level_read"] > $user_lvl) error($forum_lang["no_access"]);
343
344	if($user_lvl == 0 && $enablesidecheck){
345	if($forum_skeleton[$cat]["side_access"] != "ALL"){ // Not an all side forum
346	if($side == "NO") // No char
347	continue;
348	else if($forum_skeleton[$cat]["side_access"] != $side) // Forumside different of the user side
349	continue;
350	}
351	if($forum["side_access"] != "ALL"){ // Not an all side forum
352	if($side == "NO") // No char
353	continue;
354	else if($forum["side_access"] != $side) // Forumside different of the user side
355	continue;
356	}
357	}
358
359	$post[4] = htmlspecialchars($post[4]);
360	$post[5] = htmlspecialchars($post[5]);
361	$post[5] = bbcode_parse($post[5]);
362
363	$output .= "<div class=\"top\"><h1>{$forum_lang["forums"]}</h1>{$forum_lang["you_are_here"]} : <a href=\"forum.php\">{$forum_lang["forum_index"]}</a> -> <a href=\"forum.php?action=view_forum&id={$fid}\">{$forum["name"]}</a> -> <a href=\"forum.php?action=view_topic&id={$id}\">{$post[4]}</a></div>
364	<center><table class=\"lined\">
365	<tr>
366	<td style=\"width:15%;\">{$forum_lang["info"]}</td>
367	<td style=\"text-align:left;\">{$forum_lang["text"]}</td>
368	<td style=\"width:50%;text-align:right;\">";
369	if($user_lvl > 0)
370	{
371	if($post[8]=="1"){
372	if($post[7]=="1"){
373	// Annoucement
374	$output .= "{$forum_lang["annoucement"]}
375	<a href=\"forum.php?action=edit_announce&id={$post[0]}&state=0\"><img src=\"img/forums/down.gif\" border=\"0\" alt=\"{$forum_lang["down"]}\" /></a>";
376	}
377	else{
378	// Sticky
379	$output .= "{$forum_lang["sticky"]}
380	<a href=\"forum.php?action=edit_stick&id={$post[0]}&state=0\"><img src=\"img/forums/down.gif\" border=\"0\" alt=\"{$forum_lang["down"]}\" /></a>
381	<a href=\"forum.php?action=edit_announce&id={$post[0]}&state=1\"><img src=\"img/forums/up.gif\" border=\"0\" alt=\"{$forum_lang["up"]}\" /></a>";
382	}
383	}
384	else{
385	if($post[7]=="1"){
386	// Annoucement
387	$output .= "{$forum_lang["annoucement"]}
388	<a href=\"forum.php?action=edit_announce&id={$post[0]}&state=0\"><img src=\"img/forums/down.gif\" border=\"0\" alt=\"{$forum_lang["down"]}\" /></a>";
389	}
390	else{
391	// Normal Topic
392	$output .= "{$forum_lang["normal"]}
393	<a href=\"forum.php?action=edit_stick&id={$post[0]}&state=1\"><img src=\"img/forums/up.gif\" border=\"0\" alt=\"{$forum_lang["up"]}\" /></a>";
394
395	}
396	}
397
398	if($post[9]=="1")
399	$output .= " <a href=\"forum.php?action=edit_close&id={$post[0]}&state=0\"><img src=\"img/forums/lock.gif\" border=\"0\" alt=\"{$forum_lang["open"]}\" /></a>";
400	else
401	$output .= " <a href=\"forum.php?action=edit_close&id={$post[0]}&state=1\"><img src=\"img/forums/unlock.gif\" border=\"0\" alt=\"{$forum_lang["close"]}\" /></a>";
402	$output .= " <a href=\"forum.php?action=move_topic&id={$post[0]}\"><img src=\"img/forums/move.gif\" border=\"0\" alt=\"{$forum_lang["move"]}\" /></a>";
403	}
404	if(isset($avatars[$post[1]]))
405	$avatar = gen_avatar_panel(
406	$avatars[$post[1]]["level"],
407	$avatars[$post[1]]["sex"],
408	$avatars[$post[1]]["race"],
409	$avatars[$post[1]]["class"],1,
410	$avatars[$post[1]]["gm"]);
411	else
412	$avatar = "";
413	$output .= "<tr><td style=\"width:15%;text-align:center;\"><center>$avatar</center>{$forum_lang["author"]} : ";
414	if($user_lvl > 0)
415	$output .= "<a href=\"user.php?action=edit_user&error=11&id={$post[1]}\">";
416	if(isset($avatars[$post[1]]))
417	$output .= $avatars[$post[1]]["name"];
418	else
419	$output .= $post[2];
420	if($user_lvl > 0)
421	$output .= "</a>";
422	$output .= "<br /> {$forum_lang["at"]} : {$post[6]}</td>
423	<td colspan=\"2\" style=\"text-align:left\">{$post[5]}<br /><div style=\"text-align:right;\">";
424	if($user_lvl > 0 \|\| $user_id == $post[1])
425	$output .= "<a href=\"forum.php?action=edit_post&id={$post[0]}\"><img src=\"img/forums/edit.gif\" border=\"0\" alt=\"{$forum_lang["edit"]}\" /></a>
426	<a href=\"forum.php?action=delete_post&id={$post[0]}\"><img src=\"img/forums/delete.gif\" border=\"0\" alt=\"{$forum_lang["delete"]}\" /></a>";
427	$output .= "</div></td></tr>";
428	$closed = $post[9];
429
430	while($post = $mysql->fetch_row($posts)){
431	$post[5] = htmlspecialchars($post[5]);
432	$post[5] = bbcode_parse($post[5]);
433
434	if(isset($avatars[$post[1]]))
435	$avatar = gen_avatar_panel(
436	$avatars[$post[1]]["level"],
437	$avatars[$post[1]]["sex"],
438	$avatars[$post[1]]["race"],
439	$avatars[$post[1]]["class"],1,
440	$avatars[$post[1]]["gm"]);
441	else
442	$avatar = "";
443	$output .= "<tr><td style=\"width:15%;text-align:center;\"><center>$avatar</center>{$forum_lang["author"]} : ";
444	if($user_lvl > 0)
445	$output .= "<a href=\"user.php?action=edit_user&error=11&id={$post[1]}\">";
446	if(isset($avatars[$post[1]]))
447	$output .= $avatars[$post[1]]["name"];
448	else
449	$output .= $post[2];
450	if($user_lvl > 0)
451	$output .= "</a>";
452	$output .= "<br /> {$forum_lang["at"]} : {$post[6]}</td>
453	<td colspan=\"2\" style=\"text-align:left;\">{$post[5]}<br />";
454	if($user_lvl > 0 \|\| $user_id == $post[1])
455	$output .= "<div style=\"text-align:right;\"><a href=\"forum.php?action=edit_post&id={$post[0]}\"><img src=\"img/forums/edit.gif\" border=\"0\" alt=\"{$forum_lang["edit"]}\" /></a>
456	<a href=\"forum.php?action=delete_post&id={$post[0]}\"><img src=\"img/forums/delete.gif\" border=\"0\" alt=\"{$forum_lang["delete"]}\" /></a></div>";
457	$output .= "</td></tr>";
458	}
459
460	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
461
462	$totalposts = $mysql->query("SELECT id FROM forum_posts WHERE topic = '$id';");
463	$totalposts = $mysql->num_rows($totalposts);
464
465	$pages = ceil($totalposts/$maxqueries);
466	$output .= "<tr><td align=\"right\" colspan=\"3\">{$forum_lang["pages"]} : ";
467	for($x = 1; $x <= $pages; $x++){
468	$y = $x-1;
469	$output .= "<a href=\"forum.php?action=view_topic&id=$id&page=$y\">$x</a> ";
470	}
471	$output .= "</td></tr><tr><td align=\"right\" class=\"hidden\"></td></tr></table>";
472
473	// Quick reply form
474	if((($user_lvl > 0)\|\|!$closed)&&($forum_skeleton[$cat]["level_post"] <= $user_lvl && $forum["level_post"] <= $user_lvl)
475	){
476	$output .= "<form action=\"forum.php?action=do_add_post\" method=\"POST\" name=\"form\">
477	<table class=\"top_hidden\">
478	<tr>
479	<td align=\"left\">";
480	makebutton($forum_lang["post"], "javascript:do_submit()",100);
481	$output .= "</td><td align=\"right\">{$forum_lang["quick_reply"]}</td></tr>
482	<tr><td colspan=\"2\">".bbcode_editor_js()."
483	<a href=\"javascript:ajtBBCode('[b]','[/b]')\">{$forum_lang["bold"]}</a>,
484	<a href=\"javascript:ajtBBCode('[i]','[/i]')\">{$forum_lang["italic"]}</a>,
485	<a href=\"javascript:ajtBBCode('[u]','[/u]')\">{$forum_lang["underline"]}</a>,
486	<a href=\"javascript:ajtBBCode('[img]','[/img]')\">{$forum_lang["image"]}</a>,
487	<a href=\"javascript:ajtBBCode('[url]','[/url]')\">{$forum_lang["url"]}</a>,
488	<a href=\"javascript:ajtBBCode('[url=Click here]','[/url]')\">{$forum_lang["url2"]}</a>,
489	<a href=\"javascript:ajtBBCode('[code]','[/code]')\">{$forum_lang["code"]}</a>,
490	<a href=\"javascript:ajtBBCode('[quote]','[/quote]')\">{$forum_lang["quote"]}</a>,
491	<a href=\"javascript:ajtBBCode('[quote=Someone]','[/quote]')\">{$forum_lang["quote2"]}</a>,
492	<a href=\"javascript:ajtBBCode('[media]','[/media]')\">{$forum_lang["media"]}</a>
493	<a href=\"javascript:ajtBBCode('[youtube]','[/youtube]')\">{$forum_lang["YouTube"]}</a>
494	{$forum_lang["color"]} : <select name=\"fontcolor\" onChange=\"ajtBBCode('[color=' + this.form.fontcolor.options[this.form.fontcolor.selectedIndex].value + ']', '[/color]'); this.selectedIndex=0;\" onMouseOver=\"helpline('fontcolor')\" style=\"background-color:#D7D7D7\">
495	<option value=\"black\" style=\"color:black\">Black</option>
496	<option value=\"silver\" style=\"color:silver\">Silver</option>
497	<option value=\"gray\" style=\"color:gray\">Gray</option>
498	<option value=\"maroon\" style=\"color:maroon\">Maroon</option>
499	<option value=\"red\" style=\"color:red\">Red</option>
500	<option value=\"purple\" style=\"color:purple\">Purple</option>
501	<option value=\"fuchsia\" style=\"color:fuchsia\">Fuchsia</option>
502	<option value=\"navy\" style=\"color:navy\">Navy</option>
503	<option value=\"blue\" style=\"color:blue\">Blue</option>
504	<option value=\"aqua\" style=\"color:aqua\">Aqua</option>
505	<option value=\"teal\" style=\"color:teal\">Teal</option>
506	<option value=\"lime\" style=\"color:lime\">Lime</option>
507	<option value=\"green\" style=\"color:green\">Green</option>
508	<option value=\"olive\" style=\"color:olive\">Olive</option>
509	<option value=\"yellow\" style=\"color:yellow\">Yellow</option>
510	<option value=\"white\" style=\"color:white\">White</option>
511	</select>
512	</td></tr><tr><td colspan=\"2\">
513	<a href=\"javascript:ajtTexte(':)')\"><img style=\"border:0px;\" src=\"img/emoticons/smile.gif\"></a><a href=\"javascript:ajtTexte(':\|')\"><img style=\"border:0px;\" src=\"img/emoticons/neutral.gif\"></a><a href=\"javascript:ajtTexte(':(')\"><img style=\"border:0px;\" src=\"img/emoticons/sad.gif\"></a><a href=\"javascript:ajtTexte(':D')\"><img style=\"border:0px;\" src=\"img/emoticons/big_smile.gif\"></a><a href=\"javascript:ajtTexte(':o')\"><img style=\"border:0px;\" src=\"img/emoticons/yikes.gif\"></a><a href=\"javascript:ajtTexte(';)')\"><img style=\"border:0px;\" src=\"img/emoticons/wink.gif\"></a><a href=\"javascript:ajtTexte(':/')\"><img style=\"border:0px;\" src=\"img/emoticons/hmm.gif\" /></a><a href=\"javascript:ajtTexte(':p')\"><img style=\"border:0px;\" src=\"img/emoticons/tongue.gif\"></a><a href=\"javascript:ajtTexte(':lol:')\"><img style=\"border:0px;\" src=\"img/emoticons/lol.gif\"></a><a href=\"javascript:ajtTexte(':mad:')\"><img style=\"border:0px;\" src=\"img/emoticons/mad.gif\"></a><a href=\"javascript:ajtTexte(':rolleyes:')\"><img style=\"border:0px;\" src=\"img/emoticons/roll.gif\"></a><a href=\"javascript:ajtTexte(':cool:')\"><img style=\"border:0px;\" src=\"img/emoticons/cool.gif\"></a>
514	</td></tr></table><TEXTAREA NAME=\"msg\" ROWS=8 COLS=93></TEXTAREA><br/>
515	<input type=\"hidden\" name=\"forum\" value=\"$fid\" />
516	<input type=\"hidden\" name=\"topic\" value=\"$id\" />
517	</form>";
518	}
519
520	$output .= "</center>";
521	$mysql->close();
522	}
523	else{
524	$output .= "<div class=\"top\"><h1>Stand by...</h1></div>";
525
526	$post = $mysql->query("SELECT topic, id FROM forum_posts WHERE id = '$id'"); // Get our post id
527	if($mysql->num_rows($post)==0)
528	error($forum_lang["no_such_topic"]);
529	$post = $mysql->fetch_row($post);
530	if($post[0]==$post[1])
531	redirect("forum.php?action=view_topic&id=$id");
532	$topic = $post[0];
533	$posts = $mysql->query("SELECT id FROM forum_posts WHERE topic = '$topic';"); // Get posts in our topic
534	$replies = $mysql->num_rows($posts);
535	if($replies==0)
536	error($forum_lang["no_such_topic"]);
537	$row = 0;
538	while($post = $mysql->fetch_row($posts)){ // Find the row of our post, so we could have his ratio (topic x/total topics) and knew the page to show
539	$row++;
540	if($topic==$id) break;
541	}
542	$page = 0;
543	while(($page * $maxqueries) < $row){
544	$page++;
545	};
546	$page--;
547	$mysql->close();
548	redirect("forum.php?action=view_topic&id=$topic&page=$page");
549	}
550	// Queries : 2 with id \|\| 2 (+2) with postid
551	}
552	function forum_do_edit_close(){
553	global $forum_lang, $user_lvl, $mmfpm_db;
554	$mysql = new SQL;
555	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
556
557	if($user_lvl == 0)
558	error($forum_lang["no_access"]);
559
560	if(!isset($_GET["id"])) error($forum_lang["no_such_topic"]);
561	else $id = $mysql->quote_smart($_GET["id"]);
562
563	if(!isset($_GET["state"])) error("Bad request, please mail admin and describe what you did to get this error.");
564	else $state = $mysql->quote_smart($_GET["state"]);
565
566	$mysql->query("UPDATE forum_posts SET closed = '$state' WHERE id = '$id'");
567	$mysql->close();
568	redirect("forum.php?action=view_topic&id=$id");
569	// Queries : 1
570	}
571	function forum_do_edit_announce(){
572	global $forum_lang, $user_lvl, $mmfpm_db;
573	$mysql = new SQL;
574	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
575
576	if($user_lvl == 0)
577	error($forum_lang["no_access"]);
578
579	if(!isset($_GET["id"])) error($forum_lang["no_such_topic"]);
580	else $id = $mysql->quote_smart($_GET["id"]);
581
582	if(!isset($_GET["state"])) error("Bad request, please mail admin and describe what you did to get this error.");
583	else $state = $mysql->quote_smart($_GET["state"]);
584
585	$mysql->query("UPDATE forum_posts SET annouced = '$state' WHERE id = '$id'");
586	$mysql->close();
587	redirect("forum.php?action=view_topic&id=$id");
588	// Queries : 1
589	}
590	function forum_do_edit_stick(){
591	global $forum_lang, $user_lvl, $mmfpm_db;
592	$mysql = new SQL;
593	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
594
595	if($user_lvl == 0)
596	error($forum_lang["no_access"]);
597
598	if(!isset($_GET["id"])) error($forum_lang["no_such_topic"]);
599	else $id = $mysql->quote_smart($_GET["id"]);
600
601	if(!isset($_GET["state"])) error("Bad request, please mail admin and describe what you did to get this error.");
602	else $state = $mysql->quote_smart($_GET["state"]);
603
604	$mysql->query("UPDATE forum_posts SET sticked = '$state' WHERE id = '$id'");
605	$mysql->close();
606	redirect("forum.php?action=view_topic&id=$id");
607	// Queries : 1
608	}
609	function forum_delete_post(){
610	global $enablesidecheck, $forum_skeleton, $forum_lang, $maxqueries, $user_lvl, $user_id, $output, $mmfpm_db;
611	$mysql = new SQL;
612
613	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
614	if(!isset($_GET["id"])) error($forum_lang["no_such_post"]);
615	else $id = $mysql->quote_smart($_GET["id"]);
616
617	$topic = $mysql->query("SELECT id,topic,authorid,forum FROM forum_posts WHERE id = '$id';");
618	if($mysql->num_rows($topic)==0) error($forum_lang["no_such_post"]);
619	$topic = $mysql->fetch_row($topic);
620	if($user_lvl == 0 && $topic[2] != $user_id) error($forum_lang["no_access"]);
621	$fid = $topic[3];
622
623	$topic2 = $mysql->query("SELECT name FROM forum_posts WHERE id = '{$topic[1]}';");
624	$name = $mysql->fetch_row($topic2);
625
626	$cat = 0;
627	foreach($forum_skeleton as $cid => $category){
628	foreach($category["forums"] as $fid_ => $forum){
629	if($fid_ == $fid) $cat = $cid;
630	}
631	}
632
633	if(empty($forum_skeleton[$cat]["forums"][$fid])) // No such forum..
634	error($forum_lang["no_such_forum"]);
635	$forum = $forum_skeleton[$cat]["forums"][$fid];
636	$output .= "<div class=\"top\"><h1>{$forum_lang["forums"]}</h1>{$forum_lang["you_are_here"]} : <a href=\"forum.php\">{$forum_lang["forum_index"]}</a> -> <a href=\"forum.php?action=view_forum&id={$fid}\">{$forum["name"]}</a> -> <a href=\"forum.php?action=view_topic&id={$topic[1]}\">{$name[0]}</a> -> {$forum_lang["delete"]}!</div><center><table class=\"lined\">";
637	if($topic[0]==$topic[1])
638	$output .= "<tr><td>{$forum_lang["delete_topic"]}</td></tr></table><table class=\"hidden\"><tr><td>";
639	else
640	$output .= "<tr><td>{$forum_lang["delete_post"]}</td></tr></table><table class=\"hidden\"><tr><td>";
641	makebutton($forum_lang["back"], "javascript:window.history.back()", 120);
642	makebutton($forum_lang["confirm"], "forum.php?action=do_delete_post&id={$topic[0]}", 120);
643	$output .= "</td></tr></table></center>";
644	$mysql->close();
645	// Queries : 1
646	}
647	function forum_do_delete_post(){
648	global $forum_lang, $forum_skeleton, $maxqueries, $user_lvl, $user_id, $output, $mmfpm_db;
649
650	$mysql = new SQL;
651	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
652
653	if(!isset($_GET["id"])) error($forum_lang["no_such_post"]);
654	else $id = $mysql->quote_smart($_GET["id"]);
655
656	$topic = $mysql->query("SELECT id,topic,name,authorid,forum FROM forum_posts WHERE id = '$id';");
657	if($mysql->num_rows($topic)==0) error($forum_lang["no_such_post"]);
658	$topic = $mysql->fetch_row($topic);
659	if($user_lvl == 0 && $topic[3] != $user_id) error($forum_lang["no_access"]);
660	$fid = $topic[4];
661
662	if($id==$topic[1]){
663	$mysql->query("DELETE FROM forum_posts WHERE topic = '$id'");
664	redirect("forum.php?action=view_forum&id=$fid");
665	}
666	else
667	{
668	$mysql->query("DELETE FROM forum_posts WHERE id = '$id'");
669	$result = $mysql->query("SELECT id FROM forum_posts WHERE topic = '{$topic[1]}' ORDER BY id DESC LIMIT 1;"); // get last post id
670	$lastpostid = $mysql->fetch_row($result);
671	$lastpostid = $lastpostid[0];
672	$mysql->query("UPDATE forum_posts SET lastpost = '$lastpostid' WHERE id = '{$topic[1]}'"); // update topic' s last post id
673	redirect("forum.php?action=view_topic&id={$topic[1]}");
674	}
675	// Queries : 1 (if delete topic) \|\| 4 if delete post
676	}
677
678	function forum_add_topic(){
679	global $enablesidecheck, $forum_lang, $forum_skeleton, $maxqueries, $minfloodtime, $user_lvl, $user_id, $output, $mmfpm_db;
680
681	if($enablesidecheck) $side = get_side(); // Better to use it here instead of call it many time in the loop :)
682	$mysql = new SQL;
683	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
684
685	if($minfloodtime > 0)
686	{
687	$userposts = $mysql->query("SELECT time FROM forum_posts WHERE authorid = '$user_id' ORDER BY id DESC LIMIT 1;");
688	if($mysql->num_rows($userposts) != 0)
689	{
690	$mintimeb4post = $mysql->fetch_row($userposts);
691	$mintimeb4post = time() - strtotime($mintimeb4post[0]);
692
693	if($mintimeb4post < $minfloodtime)
694	error($forum_lang["please_wait"]);
695	}
696	}
697
698	if(!isset($_GET["id"])) error($forum_lang["no_such_forum"]);
699	else $id = $mysql->quote_smart($_GET["id"]);
700
701	$cat = 0;
702	foreach($forum_skeleton as $cid => $category){
703	foreach($category["forums"] as $fid => $forum){
704	if($fid == $id) $cat = $cid;
705	}
706	}
707
708	if(empty($forum_skeleton[$cat]["forums"][$id])) error($forum_lang["no_such_forum"]);
709	$forum = $forum_skeleton[$cat]["forums"][$id];
710	if($forum_skeleton[$cat]["level_post_topic"] > $user_lvl \|\| $forum["level_post_topic"] > $user_lvl) error($forum_lang["no_access"]);
711
712	if($user_lvl == 0 && $enablesidecheck){
713	if($forum_skeleton[$cat]["side_access"] != "ALL"){ // Not an all side forum
714	if($side == "NO") // No char
715	continue;
716	else if($forum_skeleton[$cat]["side_access"] != $side) // Forumside different of the user side
717	continue;
718	}
719	if($forum["side_access"] != "ALL"){ // Not an all side forum
720	if($side == "NO") // No char
721	continue;
722	else if($forum["side_access"] != $side) // Forumside different of the user side
723	continue;
724	}
725	}
726
727
728	$output .= "<div class=\"top\"><h1>{$forum_lang["forums"]}</h1>{$forum_lang["you_are_here"]} : <a href=\"forum.php\">{$forum_lang["forum_index"]}</a> -> <a href=\"forum.php?action=view_forum&id={$id}\">{$forum["name"]}</a> -> {$forum_lang["new_topic"]}</div><center><table class=\"lined\">";
729
730	$output .= "<form action=\"forum.php?action=do_add_topic\" method=\"POST\" name=\"form\"><table class=\"top_hidden\"><tr><td align=\"left\">";
731	makebutton("Post", "javascript:do_submit()",100);
732	$output .= "</td><td align=\"right\">{$forum_lang["topic_name"]}: <input name=\"name\" SIZE=\"40\"></td></tr>
733	<tr><td colspan=\"2\">".bbcode_editor_js()."
734	<a href=\"javascript:ajtBBCode('[b]','[/b]')\">{$forum_lang["bold"]}</a>,
735	<a href=\"javascript:ajtBBCode('[i]','[/i]')\">{$forum_lang["italic"]}</a>,
736	<a href=\"javascript:ajtBBCode('[u]','[/u]')\">{$forum_lang["underline"]}</a>,
737	<a href=\"javascript:ajtBBCode('[img]','[/img]')\">{$forum_lang["image"]}</a>,
738	<a href=\"javascript:ajtBBCode('[url]','[/url]')\">{$forum_lang["url"]}</a>,
739	<a href=\"javascript:ajtBBCode('[url=Click here]','[/url]')\">{$forum_lang["url2"]}</a>,
740	<a href=\"javascript:ajtBBCode('[code]','[/code]')\">{$forum_lang["code"]}</a>,
741	<a href=\"javascript:ajtBBCode('[quote]','[/quote]')\">{$forum_lang["quote"]}</a>,
742	<a href=\"javascript:ajtBBCode('[quote=Someone]','[/quote]')\">{$forum_lang["quote2"]}</a>,
743	<a href=\"javascript:ajtBBCode('[media]','[/media]')\">{$forum_lang["media"]}</a>
744	<a href=\"javascript:ajtBBCode('[youtube]','[/youtube]')\">{$forum_lang["YouTube"]}</a>
745	{$forum_lang["color"]} : <select name=\"fontcolor\" onChange=\"ajtBBCode('[color=' + this.form.fontcolor.options[this.form.fontcolor.selectedIndex].value + ']', '[/color]'); this.selectedIndex=0;\" onMouseOver=\"helpline('fontcolor')\" style=\"background-color:#D7D7D7\">
746	<option value=\"black\" style=\"color:black\">Black</option>
747	<option value=\"silver\" style=\"color:silver\">Silver</option>
748	<option value=\"gray\" style=\"color:gray\">Gray</option>
749	<option value=\"maroon\" style=\"color:maroon\">Maroon</option>
750	<option value=\"red\" style=\"color:red\">Red</option>
751	<option value=\"purple\" style=\"color:purple\">Purple</option>
752	<option value=\"fuchsia\" style=\"color:fuchsia\">Fuchsia</option>
753	<option value=\"navy\" style=\"color:navy\">Navy</option>
754	<option value=\"blue\" style=\"color:blue\">Blue</option>
755	<option value=\"aqua\" style=\"color:aqua\">Aqua</option>
756	<option value=\"teal\" style=\"color:teal\">Teal</option>
757	<option value=\"lime\" style=\"color:lime\">Lime</option>
758	<option value=\"green\" style=\"color:green\">Green</option>
759	<option value=\"olive\" style=\"color:olive\">Olive</option>
760	<option value=\"yellow\" style=\"color:yellow\">Yellow</option>
761	<option value=\"white\" style=\"color:white\">White</option>
762	</select>
763	</td></tr><tr><td colspan=\"2\">
764	<a href=\"javascript:ajtTexte(':)')\"><img style=\"border:0px;\" src=\"img/emoticons/smile.gif\"></a><a href=\"javascript:ajtTexte(':\|')\"><img style=\"border:0px;\" src=\"img/emoticons/neutral.gif\"></a><a href=\"javascript:ajtTexte(':(')\"><img style=\"border:0px;\" src=\"img/emoticons/sad.gif\"></a><a href=\"javascript:ajtTexte(':D')\"><img style=\"border:0px;\" src=\"img/emoticons/big_smile.gif\"></a><a href=\"javascript:ajtTexte(':o')\"><img style=\"border:0px;\" src=\"img/emoticons/yikes.gif\"></a><a href=\"javascript:ajtTexte(';)')\"><img style=\"border:0px;\" src=\"img/emoticons/wink.gif\"></a><a href=\"javascript:ajtTexte(':/')\"><img style=\"border:0px;\" src=\"img/emoticons/hmm.gif\" /></a><a href=\"javascript:ajtTexte(':p')\"><img style=\"border:0px;\" src=\"img/emoticons/tongue.gif\"></a><a href=\"javascript:ajtTexte(':lol:')\"><img style=\"border:0px;\" src=\"img/emoticons/lol.gif\"></a><a href=\"javascript:ajtTexte(':mad:')\"><img style=\"border:0px;\" src=\"img/emoticons/mad.gif\"></a><a href=\"javascript:ajtTexte(':rolleyes:')\"><img style=\"border:0px;\" src=\"img/emoticons/roll.gif\"></a><a href=\"javascript:ajtTexte(':cool:')\"><img style=\"border:0px;\" src=\"img/emoticons/cool.gif\"></a>
765	</td></tr></table><TEXTAREA NAME=\"msg\" ROWS=8 COLS=93></TEXTAREA>
766	<input type=\"hidden\" name=\"forum\" value=\"$id\" /></form>";
767	$output .= "</center><br/>";
768	$mysql->close();
769	// Queries : 1
770	}
771	function forum_do_add_topic(){
772	global $enablesidecheck, $forum_skeleton, $forum_lang, $user_lvl, $user_name, $user_id, $mmfpm_db, $minfloodtime;
773
774	if($enablesidecheck) $side = get_side(); // Better to use it here instead of call it many time in the loop :)
775
776	$mysql = new SQL;
777	$mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
778
779
780	{
781	$userposts = $mysql->query("SELECT time FROM forum_posts WHERE authorid = '$user_id' ORDER BY id DESC LIMIT 1;");
782	if($mysql->num_rows($userposts) != 0)
783	{
784	$mintimeb4post = $mysql->fetch_row($userposts);
785	$mintimeb4post = time() - strtotime($mintimeb4post[0]);
786
787	if($mintimeb4post < $minfloodtime)
788	error($forum_lang["please_wait"]);
789	}
790	}
791
792	if(!isset($_POST['forum'])) error($forum_lang["no_such_forum"]);
793	else $forum = $mysql->quote_smart($_POST['forum']);
794
795	$cat = 0;
796	foreach($forum_skeleton as $cid => $category){
797	foreach($category["forums"] as $fid => $forum_){
798	if($fid == $forum) $cat = $cid;
799	}
800	}
801	if(empty($forum_skeleton[$cat]["forums"][$forum])) error($forum_lang["no_such_forum"]);
802	$forum_ = $forum_skeleton[$cat]["forums"][$forum];
803	if($forum_skeleton[$cat]["level_post_topic"] > $user_lvl \|\| $forum_["level_post_topic"] > $user_lvl) error($forum_lang["no_access"]);
804
805	if($user_lvl == 0 && $enablesidecheck){
806	if($forum_skeleton[$cat]["side_access"] != "ALL"){ // Not an all side forum
807	if($side == "NO") // No char
808	continue;
809	else if($forum_skeleton[$cat]["side_access"] != $side) // Forumside different of the user side
810	continue;
811	}
812	if($forum_["side_access"] != "ALL"){ // Not an all side forum
813	if($side == "NO") // No char
814	continue;
815	else if($forum_["side_access"] != $side) // Forumside different of the user side
816	continue;
817	}
818	}
819
820	// $_POST['msg'] = htmlspecialchars($_POST['msg']);
821	$msg = trim($mysql->quote_smart($_POST['msg']), " ");
822	// $_POST['name'] = htmlspecialchars($_POST['name']);
823	$name = trim($mysql->quote_smart($_POST['name']), " ");
824
825	if (strlen($name) > 49){
826	$mysql->close();
827	error($forum_lang["name_too_long"]);
828	}
829
830	if (strlen($name) < 5){
831	$mysql->close();
832	error($forum_lang["name_too_short"]);
833	}
834
835	if (strlen($msg) < 5){
836	$mysql->close();
837	error($forum_lang["msg_too_short"]);
838	}
839
840	$msg = str_replace('\n', '<br />', $msg);
841	// $msg = str_replace('\r', '<br />', $msg);
842
843	$time = date("m/d/y H:i:s");
844
845	$mysql->query("INSERT INTO forum_posts (authorid, authorname, forum, name, text, time) VALUES ('$user_id', '$user_name', '$forum', '$name', '$msg', '$time');");
846	$id = $mysql->insert_id();
847	$mysql->query("UPDATE forum_posts SET topic = '$id', lastpost = '$id' WHERE id = '$id';");
848
849	$mysql->close();
850
851	redirect("forum.php?action=view_topic&id=$id");
852	// Queries : 3
853	}
854	function forum_do_add_post(){
855	global $enablesidecheck, $forum_skeleton, $forum_lang, $minfloodtime, $user_lvl, $user_name, $user_id, $mmfpm_db;
856
857	if($enablesidecheck) $side = get_side(); // Better to use it here instead of call it many time in the loop :)
858
859	$mysql = new SQL;
860	$link = $link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
861
862	if($minfloodtime > 0)
863	{
864	$userposts = $mysql->query("SELECT time FROM forum_posts WHERE authorid = '$user_id' ORDER BY id DESC LIMIT 1;");
865	if($mysql->num_rows($userposts) != 0)
866	{
867	$mintimeb4post = $mysql->fetch_row($userposts);
868	$mintimeb4post = time() - strtotime($mintimeb4post[0]);
869
870	if($mintimeb4post < $minfloodtime)
871	error($forum_lang["please_wait"]);
872	}
873	}
874
875	if(!isset($_POST['forum'])) error($forum_lang["no_such_forum"]);
876	else $forum = $mysql->quote_smart($_POST['forum']);
877
878	$cat = 0;
879	foreach($forum_skeleton as $cid => $category){
880	foreach($category["forums"] as $fid => $forum_){
881	if($fid == $forum) $cat = $cid;
882	}
883	}
884
885	if(empty($forum_skeleton[$cat]["forums"][$forum])) error($forum_lang["no_such_forum"]);
886	$forum_ = $forum_skeleton[$cat]["forums"][$forum];
887	if((($user_lvl > 0)\|\|!$closed)&&($forum_skeleton[$cat]["level_post"] > $user_lvl \|\| $forum_["level_post"] > $user_lvl)) error($forum_lang["no_access"]);
888
889	if($user_lvl == 0 && $enablesidecheck){
890	if($forum_skeleton[$cat]["side_access"] != "ALL"){ // Not an all side forum
891	if($side == "NO") // No char
892	continue;
893	else if($forum_skeleton[$cat]["side_access"] != $side) // Forumside different of the user side
894	continue;
895	}
896	if($forum_["side_access"] != "ALL"){ // Not an all side forum
897	if($side == "NO") // No char
898	continue;
899	else if($forum_["side_access"] != $side) // Forumside different of the user side
900	continue;
901	}
902	}
903
904	if(!isset($_POST['topic'])) error($forum_lang["no_such_topic"]);
905	else $topic = $mysql->quote_smart($_POST['topic']);
906
907	// $_POST['msg'] = htmlspecialchars($_POST['msg']);
908	$msg = trim($mysql->quote_smart($_POST['msg']), " ");
909
910	$msg = str_replace('\n', '<br />', $msg);
911	// $msg = str_replace('\r', '<br />', $msg);
912
913	if (strlen($msg) < 5){
914	$mysql->close();
915	error($forum_lang["msg_too_short"]);
916	}
917
918	$name = $mysql->query("SELECT name FROM forum_posts WHERE id = '$topic';");
919	$name = $mysql->fetch_row($name);
920	$name = $mysql->quote_smart($name[0]);
921
922	$time = date("m/d/y H:i:s");
923
924	$mysql->query("INSERT INTO forum_posts (authorid, authorname, forum, topic, name, text, time) VALUES ('$user_id', '$user_name', '$forum', $topic, '$name', '$msg', '$time');");
925	$id = @mysql_insert_id($link);
926	$mysql->query("UPDATE forum_posts SET lastpost = $id WHERE id = $topic;");
927
928	$mysql->close();
929
930	redirect("forum.php?action=view_topic&id=$topic");
931	// Queries : 4
932	}
933
934	function forum_edit_post(){
935	global $forum_skeleton, $forum_lang, $maxqueries, $minfloodtime, $user_lvl, $user_id, $output, $mmfpm_db;
936
937	$mysql = new SQL;
938	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
939
940	if(!isset($_GET["id"])) error($forum_lang["no_such_post"]);
941	else $id = $mysql->quote_smart($_GET["id"]);
942
943	$post = $mysql->query("SELECT id,topic,authorid,forum,name,text FROM forum_posts WHERE id = '$id';");
944	if($mysql->num_rows($post)==0) error($forum_lang["no_such_post"]);
945	$post = $mysql->fetch_row($post);
946
947	if($user_lvl == 0 && $user_id != $post[2])
948	error($forum_lang["no_access"]);
949
950	$cat = 0;
951	foreach($forum_skeleton as $cid => $category){
952	foreach($category["forums"] as $fid_ => $forum){
953	if($fid_ == $post[3]) $cat = $cid;
954	}
955	}
956	if(empty($forum_skeleton[$cat]["forums"][$post[3]])) // No such forum..
957	error($forum_lang["no_such_forum"]);
958	$forum = $forum_skeleton[$cat]["forums"][$post[3]];
959
960	$output .= "<div class=\"top\"><h1>{$forum_lang["forums"]}</h1>{$forum_lang["you_are_here"]} : <a href=\"forum.php\">{$forum_lang["forum_index"]}</a> -> <a href=\"forum.php?action=view_forum&id={$post[3]}\">{$forum["name"]}</a> -> <a href=\"forum.php?action=view_topic&id={$post[1]}\">{$post[4]}</a> -> {$forum_lang["edit"]}</div><form action=\"forum.php?action=do_edit_post\" method=\"POST\" name=\"form\"><center><table class=\"lined\">";
961
962	$output .= "<table class=\"top_hidden\"><tr><td align=\"left\">";
963	makebutton("Post", "javascript:do_submit()",220);
964	if($post[0] = $post[0])
965	$output .= "</td><td align=\"right\"><input type=\"hidden\" name=\"topic\" value=\"1\" /><input name=\"name\" SIZE=\"50\" value=\"$post[4]\"></td></tr>";
966	else
967	$output .= "</td><td align=\"right\">$post[4]</td></tr>";
968
969	$post[5] = str_replace('<br />', chr(10), $post[5]);
970
971	$output .= "<tr><td colspan=\"2\">".bbcode_editor_js()."
972	<a href=\"javascript:ajtBBCode('[b]','[/b]')\">{$forum_lang["bold"]}</a>,
973	<a href=\"javascript:ajtBBCode('[i]','[/i]')\">{$forum_lang["italic"]}</a>,
974	<a href=\"javascript:ajtBBCode('[u]','[/u]')\">{$forum_lang["underline"]}</a>,
975	<a href=\"javascript:ajtBBCode('[img]','[/img]')\">{$forum_lang["image"]}</a>,
976	<a href=\"javascript:ajtBBCode('[url]','[/url]')\">{$forum_lang["url"]}</a>,
977	<a href=\"javascript:ajtBBCode('[url=Click here]','[/url]')\">{$forum_lang["url2"]}</a>,
978	<a href=\"javascript:ajtBBCode('[code]','[/code]')\">{$forum_lang["code"]}</a>,
979	<a href=\"javascript:ajtBBCode('[quote]','[/quote]')\">{$forum_lang["quote"]}</a>,
980	<a href=\"javascript:ajtBBCode('[quote=Someone]','[/quote]')\">{$forum_lang["quote2"]}</a>,
981	<a href=\"javascript:ajtBBCode('[media]','[/media]')\">{$forum_lang["media"]}</a>
982	<a href=\"javascript:ajtBBCode('[youtube]','[/youtube]')\">{$forum_lang["YouTube"]}</a>
983	{$forum_lang["color"]} : <select name=\"fontcolor\" onChange=\"ajtBBCode('[color=' + this.form.fontcolor.options[this.form.fontcolor.selectedIndex].value + ']', '[/color]'); this.selectedIndex=0;\" onMouseOver=\"helpline('fontcolor')\" style=\"background-color:#D7D7D7\">
984	<option value=\"black\" style=\"color:black\">Black</option>
985	<option value=\"silver\" style=\"color:silver\">Silver</option>
986	<option value=\"gray\" style=\"color:gray\">Gray</option>
987	<option value=\"maroon\" style=\"color:maroon\">Maroon</option>
988	<option value=\"red\" style=\"color:red\">Red</option>
989	<option value=\"purple\" style=\"color:purple\">Purple</option>
990	<option value=\"fuchsia\" style=\"color:fuchsia\">Fuchsia</option>
991	<option value=\"navy\" style=\"color:navy\">Navy</option>
992	<option value=\"blue\" style=\"color:blue\">Blue</option>
993	<option value=\"aqua\" style=\"color:aqua\">Aqua</option>
994	<option value=\"teal\" style=\"color:teal\">Teal</option>
995	<option value=\"lime\" style=\"color:lime\">Lime</option>
996	<option value=\"green\" style=\"color:green\">Green</option>
997	<option value=\"olive\" style=\"color:olive\">Olive</option>
998	<option value=\"yellow\" style=\"color:yellow\">Yellow</option>
999	<option value=\"white\" style=\"color:white\">White</option>
1000	</select>
1001	</td></tr><tr><td colspan=\"2\">
1002	<a href=\"javascript:ajtTexte(':)')\"><img style=\"border:0px;\" src=\"img/emoticons/smile.gif\"></a><a href=\"javascript:ajtTexte(':\|')\"><img style=\"border:0px;\" src=\"img/emoticons/neutral.gif\"></a><a href=\"javascript:ajtTexte(':(')\"><img style=\"border:0px;\" src=\"img/emoticons/sad.gif\"></a><a href=\"javascript:ajtTexte(':D')\"><img style=\"border:0px;\" src=\"img/emoticons/big_smile.gif\"></a><a href=\"javascript:ajtTexte(':o')\"><img style=\"border:0px;\" src=\"img/emoticons/yikes.gif\"></a><a href=\"javascript:ajtTexte(';)')\"><img style=\"border:0px;\" src=\"img/emoticons/wink.gif\"></a><a href=\"javascript:ajtTexte(':/')\"><img style=\"border:0px;\" src=\"img/emoticons/hmm.gif\" /></a><a href=\"javascript:ajtTexte(':p')\"><img style=\"border:0px;\" src=\"img/emoticons/tongue.gif\"></a><a href=\"javascript:ajtTexte(':lol:')\"><img style=\"border:0px;\" src=\"img/emoticons/lol.gif\"></a><a href=\"javascript:ajtTexte(':mad:')\"><img style=\"border:0px;\" src=\"img/emoticons/mad.gif\"></a><a href=\"javascript:ajtTexte(':rolleyes:')\"><img style=\"border:0px;\" src=\"img/emoticons/roll.gif\"></a><a href=\"javascript:ajtTexte(':cool:')\"><img style=\"border:0px;\" src=\"img/emoticons/cool.gif\"></a>
1003	</td></tr></table>";
1004
1005	$output .= "<TEXTAREA NAME=\"msg\" ROWS=8 COLS=93>$post[5]</TEXTAREA>
1006	<input type=\"hidden\" name=\"forum\" value=\"{$post[3]}\" />
1007	<input type=\"hidden\" name=\"post\" value=\"{$post[0]}\" />";
1008
1009	$output .= "</center></form><br/>";
1010	$mysql->close();
1011	// Queries : 1
1012	}
1013	function forum_do_edit_post(){
1014	global $forum_lang, $user_lvl, $user_name, $user_id, $mmfpm_db;
1015
1016	$mysql = new SQL;
1017	$link = $link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
1018
1019	if(!isset($_POST['forum'])) error($forum_lang["no_such_forum"]);
1020	else $forum = $mysql->quote_smart($_POST['forum']);
1021	if(!isset($_POST['post'])) error($forum_lang["no_such_post"]);
1022	else $post = $mysql->quote_smart($_POST['post']);
1023
1024	if(!isset($_POST['name']))
1025	$topic = 0;
1026	else{
1027	$topic = 1;
1028	// htmlspecialchars($_POST['name']);
1029	$name = $mysql->quote_smart($_POST['name']);
1030	if (strlen($name) > 49){
1031	$mysql->close();
1032	error($forum_lang["name_too_long"]);
1033	}
1034	if (strlen($name) < 5){
1035	$mysql->close();
1036	error($forum_lang["name_too_short"]);
1037	}
1038	}
1039
1040	// $_POST['msg'] = htmlspecialchars($_POST['msg']);
1041	$msg = trim($mysql->quote_smart($_POST['msg']), " ");
1042
1043	if (strlen($msg) < 5){
1044	$mysql->close();
1045	error($forum_lang["msg_too_short"]);
1046	}
1047
1048	$msg = str_replace('\n', '<br />', $msg);
1049	// $msg = str_replace('\r', '<br />', $msg);
1050
1051	$result = $mysql->query("SELECT topic FROM forum_posts WHERE id = $post;");
1052	$topicid = $mysql->fetch_row($result);
1053
1054	$mysql->query("UPDATE forum_posts SET text = '$msg' WHERE id = $post;");
1055
1056	if($topic == 1){
1057	$mysql->query("UPDATE forum_posts SET name = '$name' WHERE topic = {$topicid[0]};");
1058	}
1059
1060	$result = $mysql->query("SELECT topic FROM forum_posts WHERE id = $post;");
1061	$topicid = $mysql->fetch_row($result);
1062
1063	$mysql->close();
1064	redirect("forum.php?action=view_topic&id={$topicid[0]}");
1065	// Queries : 3 (+1 if topic)
1066	}
1067
1068	function forum_move_topic(){
1069	global $forum_skeleton, $forum_lang, $maxqueries, $user_lvl, $user_id, $output, $mmfpm_db;
1070	$mysql = new SQL;
1071
1072	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
1073	if(!isset($_GET["id"])) error($forum_lang["no_such_topic"]);
1074	else $id = $mysql->quote_smart($_GET["id"]);
1075
1076	$topic = $mysql->query("SELECT id,topic,authorid,forum, name FROM forum_posts WHERE id = '$id';");
1077	// 0 1 2 3 4
1078	if($mysql->num_rows($topic)==0) error($forum_lang["no_such_topic"]);
1079	$topic = $mysql->fetch_row($topic);
1080	if($user_lvl == 0) error($forum_lang["no_access"]);
1081	$fid = $topic[3];
1082
1083	$cat = 0;
1084	foreach($forum_skeleton as $cid => $category){
1085	foreach($category["forums"] as $fid_ => $forum){
1086	if($fid_ == $fid) $cat = $cid;
1087	}
1088	}
1089
1090	if(empty($forum_skeleton[$cat]["forums"][$fid])) // No such forum..
1091	error($forum_lang["no_such_forum"]);
1092	$forum = $forum_skeleton[$cat]["forums"][$fid];
1093
1094	$output .= "<div class=\"top\"><h1>{$forum_lang["forums"]}</h1>{$forum_lang["you_are_here"]} : <a href=\"forum.php\">{$forum_lang["forum_index"]}</a> -> <a href=\"forum.php?action=view_forum&id={$fid}\">{$forum["name"]}</a> -> <a href=\"forum.php?action=view_topic&id={$topic[1]}\">{$topic[4]}</a> -> {$forum_lang["move"]}!</div><center><table class=\"lined\">
1095	<tr><td>{$forum_lang["where"]} : <form action=\"forum.php?action=do_move_topic\" method=\"POST\" name=\"form\"><select name=\"forum\">";
1096
1097	foreach($forum_skeleton as $category){
1098	foreach($category["forums"] as $fid_ => $forum){
1099	if($fid_ != $fid)
1100	$output .= "<option value='$fid_'>{$forum["name"]}</option>";
1101	else
1102	$output .= "<option value='$fid_' selected>{$forum["name"]}</option>";
1103	}
1104	}
1105
1106	$output .= "</select><input type=\"hidden\" name=\"id\" value=\"$id\" /></form></td></tr></table><table class=\"hidden\"><tr><td>";
1107	makebutton($forum_lang["back"], "javascript:window.history.back()", 120);
1108	makebutton($forum_lang["confirm"], "javascript:do_submit()", 120);
1109	$output .= "</td></tr></table></center>";
1110	$mysql->close();
1111	// Queries : 1
1112	}
1113	function forum_do_move_topic(){
1114	global $forum_lang, $forum_skeleton, $maxqueries, $user_lvl, $user_id, $output, $mmfpm_db;
1115
1116	$mysql = new SQL;
1117	$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
1118
1119	if(!isset($_POST['forum'])) error($forum_lang["no_such_forum"]);
1120	else $forum = $mysql->quote_smart($_POST['forum']);
1121	if(!isset($_POST['id'])) error($forum_lang["no_such_topic"]);
1122	else $id = $mysql->quote_smart($_POST['id']);
1123
1124	$mysql->query("UPDATE forum_posts SET forum = '$forum' WHERE topic = '$id'"); // update topic' s last post id
1125	redirect("forum.php?action=view_topic&id=$id");
1126	// Queries : 1
1127	}
1128
1129	if(isset($_GET['action']))
1130	$action = addslashes($_GET['action']);
1131	else $action = NULL;
1132
1133	switch ($action){
1134	case "index": forum_index(); break;
1135	case "view_forum": forum_view_forum(); break;
1136	case "view_topic": forum_view_topic(); break;
1137	case "add_topic": forum_add_topic(); break;
1138	case "do_add_topic": forum_do_add_topic(); break;
1139	case "edit_post": forum_edit_post(); break;
1140	case "do_edit_post": forum_do_edit_post(); break;
1141	case "delete_post": forum_delete_post(); break;
1142	case "do_delete_post": forum_do_delete_post(); break;
1143	case "do_add_post": forum_do_add_post(); break;
1144	case "edit_stick": forum_do_edit_stick(); break;
1145	case "edit_announce": forum_do_edit_announce(); break;
1146	case "edit_close": forum_do_edit_close(); break;
1147	case "move_topic": forum_move_topic(); break;
1148	case "do_move_topic": forum_do_move_topic(); break;
1149	default: forum_index();
1150	}
1151	require_once("footer.php");
1152	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: