$category){
if(!isset($category["level_read"])) $forum_skeleton[$cid]["level_read"] = 0;
if(!isset($category["level_post"])) $forum_skeleton[$cid]["level_post"] = 0;
if(!isset($category["level_post_topic"])) $forum_skeleton[$cid]["level_post_topic"] = 0;
if(!isset($category["side_access"])) $forum_skeleton[$cid]["side_access"] = "ALL";
foreach($category["forums"] as $id => $forum){
if(!isset($forum["level_read"])) $forum_skeleton[$cid]["forums"][$id]["level_read"] = 0;
if(!isset($forum["level_post"])) $forum_skeleton[$cid]["forums"][$id]["level_post"] = 0;
if(!isset($forum["level_post_topic"])) $forum_skeleton[$cid]["forums"][$id]["level_post_topic"] = 0;
if(!isset($forum["side_access"])) $forum_skeleton[$cid]["forums"][$id]["side_access"] = "ALL";
}
}
// #######################################################################################################
// Forum_Index : Display the forums in categories
// #######################################################################################################
function forum_index(){
global $enablesidecheck, $forum_skeleton, $forum_lang, $user_lvl, $output, $realm_db, $mmfpm_db;
if($enablesidecheck)
$side = get_side();
$mysql = new SQL;
$mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
$result = $mysql->query("SELECT `authorname`,`id`,`name`,`time`,`forum` FROM `forum_posts` WHERE `id` IN (SELECT MAX(`id`) FROM `forum_posts` GROUP BY `forum`) ORDER BY `forum`;");
$lasts = array();
if($mysql->num_rows($result) > 0){
while($row = $mysql->fetch_row($result))
$lasts[$row[4]] = $row;
}
$output .= "";
foreach($forum_skeleton as $category){ if(($category["level_read"] > $user_lvl))
continue;
if($user_lvl == 0 && $enablesidecheck){
if($category["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($category["side_access"] != $side) // Forumside different of the user side
continue;
}
}
$output .= "| ".$category["name"]." |
{$forum_lang["topics"]} |
{$forum_lang["replies"]} |
".$forum_lang["last_post"]." |
";
foreach($category["forums"] as $id => $forum){
if($forum["level_read"] > $user_lvl)
continue; if($user_lvl == 0 && $enablesidecheck){
if($forum["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($forum["side_access"] != $side) // Forumside different of the user side
continue;
}
}
$totaltopics = $mysql->query("SELECT id FROM forum_posts WHERE forum = '$id' AND id = `topic`;");
$numtopics = $mysql->num_rows($totaltopics);
$totalreplies = $mysql->query("SELECT id FROM forum_posts WHERE forum = '$id';");
$numreplies = $mysql->num_rows($totalreplies);
$output .= "{$forum["name"]}
{$forum["desc"]} |
{$numtopics} |
{$numreplies} | ";
if(isset($lasts[$id])){
$lasts[$id][2] = htmlspecialchars($lasts[$id][2]);
$output .= "{$lasts[$id][2]}
by {$lasts[$id][0]}
{$lasts[$id][3]} |
";
}
else{
$output .= "{$forum_lang["no_topics"]} | ";
}
}
}
$output .= " |
";
$mysql->close();
// Queries : 1
}
// #######################################################################################################
//
// #######################################################################################################
function forum_view_forum(){
global $enablesidecheck, $forum_skeleton, $forum_lang, $maxqueries, $user_lvl, $output, $mmfpm_db;
if($enablesidecheck) $side = get_side();
$mysql = new SQL;
$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if(!isset($_GET["id"])) error($forum_lang["no_such_forum"]);
else $id = $mysql->quote_smart($_GET["id"]);
if(!isset($_GET["page"])) $page = 0;
else $page = $mysql->quote_smart($_GET["page"]);
$cat = 0;
foreach($forum_skeleton as $cid => $category){
foreach($category["forums"] as $fid => $forum){
if($fid == $id) $cat = $cid;
}
}
if(empty($forum_skeleton[$cat]["forums"][$id])) error($forum_lang["no_such_forum"]);
$forum = $forum_skeleton[$cat]["forums"][$id];
if(($forum_skeleton[$cat]["level_read"] > $user_lvl) || ($forum["level_read"] > $user_lvl))
error($forum_lang["no_access"]);
if($user_lvl == 0 && $enablesidecheck){
if($forum_skeleton[$cat]["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($forum_skeleton[$cat]["side_access"] != $side) // Forumside different of the user side
continue;
}
if($forum["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($forum["side_access"] != $side) // Forumside different of the user side
continue;
}
}
$start = ($maxqueries * $page);
$output .= "
";
$topics = $mysql->query("SELECT id, authorid, authorname, name, annouced, sticked, closed FROM forum_posts WHERE (forum = '$id' AND id = `topic`) OR annouced = 1 AND id = `topic` ORDER BY annouced DESC, sticked DESC, lastpost DESC LIMIT $start, $maxqueries;");
$result = $mysql->query("SELECT `topic` as curtopic,(SELECT count(`id`)-1 FROM forum_posts WHERE `topic` = `curtopic`) AS replies,lastpost as curlastpost,(SELECT authorname FROM forum_posts WHERE id = curlastpost) as authorname,(SELECT time FROM forum_posts WHERE id = curlastpost) as time FROM `forum_posts` WHERE (`forum` = $id AND `topic` = `id` ) OR annouced = 1;");
$lasts = array();
if($mysql->num_rows($result) > 0){
while($row = $mysql->fetch_row($result))
$lasts[$row[0]] = $row;
}
if($forum_skeleton[$cat]["level_post_topic"] <= $user_lvl && $forum["level_post_topic"] <= $user_lvl)
$output .= "| {$forum_lang["new_topic"]} |
";
if($mysql->num_rows($topics)!=0){
$output .= "
| {$forum_lang["title"]} |
{$forum_lang["author"]} |
{$forum_lang["replies"]} |
{$forum_lang["last_post"]} |
";
while($topic = $mysql->fetch_row($topics)){
$output .= "
| ";
if($topic[4]=="1")
$output .= "{$forum_lang["annoucement"]} : ";
else{
if($topic[5]=="1")
$output .= "{$forum_lang["sticky"]} : ";
else{
if($topic[6]=="1")
$output .= "[{$forum_lang["closed"]}] ";
}
}
$topic[3] = htmlspecialchars($topic[3]);
$output .= "{$topic[3]} | {$topic[2]} |
{$lasts[$topic[0]][1]} |
{$forum_lang["last_post_by"]} {$lasts[$topic[0]][3]}, {$lasts[$topic[0]][4]} |
";
}
$totaltopics = $mysql->query("SELECT id FROM forum_posts WHERE forum = '$id' AND id = `topic`;"); //My page system is so roxing, i can' t break this query xD
$pages = ceil($mysql->num_rows($totaltopics)/$maxqueries);
$output .= "| {$forum_lang["pages"]} : ";
for($x = 1; $x <= $pages; $x++){
$y = $x-1;
$output .= "$x ";
}
$output .= " |
";
}
else
$output .= "| {$forum_lang["no_topics"]} |
";
$mysql->close();
$output .= " |
";
// Queries : 3
}
// #######################################################################################################
//
// #######################################################################################################
function forum_view_topic(){
global $enablesidecheck, $forum_skeleton, $forum_lang, $maxqueries, $user_lvl, $user_id, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db;
if($enablesidecheck) $side = get_side(); // Better to use it here instead of call it many time in the loop :)
$mysql = new SQL;
$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if(isset($_GET["id"])){
$id = $mysql->quote_smart($_GET["id"]);
$post = false;
}
else{
if(isset($_GET["postid"])){
$id = $mysql->quote_smart($_GET["postid"]);
$post = true;
}
else
error($forum_lang["no_such_topic"]);
}
if(!isset($_GET["page"])) $page = 0;
else $page = $mysql->quote_smart($_GET["page"]); // Fok you mathafoker haxorz
$start = ($maxqueries * $page);
if(!$post){
$posts = $mysql->query("SELECT id,authorid,authorname,forum,name,text,time,annouced,sticked,closed FROM forum_posts WHERE topic = '$id' ORDER BY id ASC LIMIT $start, $maxqueries;");
// Thx qsa for the query structure
$link = $mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$query = "SELECT account,name,gender,race,class,
level,(SELECT gmlevel FROM `{$realm_db['name']}`.account WHERE `{$realm_db['name']}`.account.id = `{$characters_db[$realm_id]['name']}`.characters.account) as gmlevel
FROM `{$characters_db[$realm_id]['name']}`.characters WHERE totaltime IN ( SELECT MAX(totaltime) FROM `{$characters_db[$realm_id]['name']}`.characters WHERE account IN (";
while($post = $mysql->fetch_row($posts)){
$query .= "$post[1],";
}
mysql_data_seek($posts,0);
$query .= "0) GROUP BY account);";
$link = $mysql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$results = $mysql->query($query);
while($avatar = $mysql->fetch_row($results)){
$char_gender = str_pad(dechex($avatar[2]),8, 0, STR_PAD_LEFT);
$avatars[$avatar[0]]["name"] = $avatar[1];
$avatars[$avatar[0]]["sex"] = $char_gender[3];
$avatars[$avatar[0]]["race"] = $avatar[3];
$avatars[$avatar[0]]["class"] = $avatar[4];
$avatars[$avatar[0]]["level"] = $avatar[5];
$avatars[$avatar[0]]["gm"] = $avatar[6];
}
// $link = $mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$replies = $mysql->num_rows($posts);
if($replies==0)
error($forum_lang["no_such_topic"]);
$post = $mysql->fetch_row($posts);
$fid = $post[3];
$cat = 0;
foreach($forum_skeleton as $cid => $category){
foreach($category["forums"] as $fid_ => $forum){
if($fid_ == $fid) $cat = $cid;
}
}
if(empty($forum_skeleton[$cat]["forums"][$fid]))
error($forum_lang["no_such_forum"]);
$forum = $forum_skeleton[$cat]["forums"][$fid];
if($forum_skeleton[$cat]["level_read"] > $user_lvl || $forum["level_read"] > $user_lvl) error($forum_lang["no_access"]);
if($user_lvl == 0 && $enablesidecheck){
if($forum_skeleton[$cat]["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($forum_skeleton[$cat]["side_access"] != $side) // Forumside different of the user side
continue;
}
if($forum["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($forum["side_access"] != $side) // Forumside different of the user side
continue;
}
}
$post[4] = htmlspecialchars($post[4]);
$post[5] = htmlspecialchars($post[5]);
$post[5] = bbcode_parse($post[5]);
$output .= "
| {$forum_lang["info"]} |
{$forum_lang["text"]} |
";
if($user_lvl > 0)
{
if($post[8]=="1"){
if($post[7]=="1"){
// Annoucement
$output .= "{$forum_lang["annoucement"]}
![\"{$forum_lang["down"]}\"](\"img/forums/down.gif\") ";
}
else{
// Sticky
$output .= "{$forum_lang["sticky"]}
![\"{$forum_lang["up"]}\"](\"img/forums/up.gif\") ";
}
}
else{
if($post[7]=="1"){
// Annoucement
$output .= "{$forum_lang["annoucement"]}
";
}
else{
// Normal Topic
$output .= "{$forum_lang["normal"]}
";
}
}
if($post[9]=="1")
$output .= " ![\"{$forum_lang["open"]}\"](\"img/forums/lock.gif\") ";
else
$output .= " ![\"{$forum_lang["close"]}\"](\"img/forums/unlock.gif\") ";
$output .= " ![\"{$forum_lang["move"]}\"](\"img/forums/move.gif\") ";
}
if(isset($avatars[$post[1]]))
$avatar = gen_avatar_panel(
$avatars[$post[1]]["level"],
$avatars[$post[1]]["sex"],
$avatars[$post[1]]["race"],
$avatars[$post[1]]["class"],1,
$avatars[$post[1]]["gm"]);
else
$avatar = "";
$output .= " |
$avatar{$forum_lang["author"]} : ";
if($user_lvl > 0)
$output .= "";
if(isset($avatars[$post[1]]))
$output .= $avatars[$post[1]]["name"];
else
$output .= $post[2];
if($user_lvl > 0)
$output .= "";
$output .= "
{$forum_lang["at"]} : {$post[6]} |
{$post[5]}
";
if($user_lvl > 0 || $user_id == $post[1])
$output .= " ![\"{$forum_lang["edit"]}\"](\"img/forums/edit.gif\")
![\"{$forum_lang["delete"]}\"](\"img/forums/delete.gif\") ";
$output .= " |
";
$closed = $post[9];
while($post = $mysql->fetch_row($posts)){
$post[5] = htmlspecialchars($post[5]);
$post[5] = bbcode_parse($post[5]);
if(isset($avatars[$post[1]]))
$avatar = gen_avatar_panel(
$avatars[$post[1]]["level"],
$avatars[$post[1]]["sex"],
$avatars[$post[1]]["race"],
$avatars[$post[1]]["class"],1,
$avatars[$post[1]]["gm"]);
else
$avatar = "";
$output .= "$avatar{$forum_lang["author"]} : ";
if($user_lvl > 0)
$output .= "";
if(isset($avatars[$post[1]]))
$output .= $avatars[$post[1]]["name"];
else
$output .= $post[2];
if($user_lvl > 0)
$output .= "";
$output .= "
{$forum_lang["at"]} : {$post[6]} |
{$post[5]}
";
if($user_lvl > 0 || $user_id == $post[1])
$output .= "";
$output .= " |
";
}
$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
$totalposts = $mysql->query("SELECT id FROM forum_posts WHERE topic = '$id';");
$totalposts = $mysql->num_rows($totalposts);
$pages = ceil($totalposts/$maxqueries);
$output .= "| {$forum_lang["pages"]} : ";
for($x = 1; $x <= $pages; $x++){
$y = $x-1;
$output .= "$x ";
}
$output .= " |
|
";
// Quick reply form
if((($user_lvl > 0)||!$closed)&&($forum_skeleton[$cat]["level_post"] <= $user_lvl && $forum["level_post"] <= $user_lvl)
){
$output .= "";
}
$output .= "";
$mysql->close();
}
else{
$output .= "Stand by...
";
$post = $mysql->query("SELECT topic, id FROM forum_posts WHERE id = '$id'"); // Get our post id
if($mysql->num_rows($post)==0)
error($forum_lang["no_such_topic"]);
$post = $mysql->fetch_row($post);
if($post[0]==$post[1])
redirect("forum.php?action=view_topic&id=$id");
$topic = $post[0];
$posts = $mysql->query("SELECT id FROM forum_posts WHERE topic = '$topic';"); // Get posts in our topic
$replies = $mysql->num_rows($posts);
if($replies==0)
error($forum_lang["no_such_topic"]);
$row = 0;
while($post = $mysql->fetch_row($posts)){ // Find the row of our post, so we could have his ratio (topic x/total topics) and knew the page to show
$row++;
if($topic==$id) break;
}
$page = 0;
while(($page * $maxqueries) < $row){
$page++;
};
$page--;
$mysql->close();
redirect("forum.php?action=view_topic&id=$topic&page=$page");
}
// Queries : 2 with id || 2 (+2) with postid
}
function forum_do_edit_close(){
global $forum_lang, $user_lvl, $mmfpm_db;
$mysql = new SQL;
$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if($user_lvl == 0)
error($forum_lang["no_access"]);
if(!isset($_GET["id"])) error($forum_lang["no_such_topic"]);
else $id = $mysql->quote_smart($_GET["id"]);
if(!isset($_GET["state"])) error("Bad request, please mail admin and describe what you did to get this error.");
else $state = $mysql->quote_smart($_GET["state"]);
$mysql->query("UPDATE forum_posts SET closed = '$state' WHERE id = '$id'");
$mysql->close();
redirect("forum.php?action=view_topic&id=$id");
// Queries : 1
}
function forum_do_edit_announce(){
global $forum_lang, $user_lvl, $mmfpm_db;
$mysql = new SQL;
$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if($user_lvl == 0)
error($forum_lang["no_access"]);
if(!isset($_GET["id"])) error($forum_lang["no_such_topic"]);
else $id = $mysql->quote_smart($_GET["id"]);
if(!isset($_GET["state"])) error("Bad request, please mail admin and describe what you did to get this error.");
else $state = $mysql->quote_smart($_GET["state"]);
$mysql->query("UPDATE forum_posts SET annouced = '$state' WHERE id = '$id'");
$mysql->close();
redirect("forum.php?action=view_topic&id=$id");
// Queries : 1
}
function forum_do_edit_stick(){
global $forum_lang, $user_lvl, $mmfpm_db;
$mysql = new SQL;
$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if($user_lvl == 0)
error($forum_lang["no_access"]);
if(!isset($_GET["id"])) error($forum_lang["no_such_topic"]);
else $id = $mysql->quote_smart($_GET["id"]);
if(!isset($_GET["state"])) error("Bad request, please mail admin and describe what you did to get this error.");
else $state = $mysql->quote_smart($_GET["state"]);
$mysql->query("UPDATE forum_posts SET sticked = '$state' WHERE id = '$id'");
$mysql->close();
redirect("forum.php?action=view_topic&id=$id");
// Queries : 1
}
function forum_delete_post(){
global $enablesidecheck, $forum_skeleton, $forum_lang, $maxqueries, $user_lvl, $user_id, $output, $mmfpm_db;
$mysql = new SQL;
$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if(!isset($_GET["id"])) error($forum_lang["no_such_post"]);
else $id = $mysql->quote_smart($_GET["id"]);
$topic = $mysql->query("SELECT id,topic,authorid,forum FROM forum_posts WHERE id = '$id';");
if($mysql->num_rows($topic)==0) error($forum_lang["no_such_post"]);
$topic = $mysql->fetch_row($topic);
if($user_lvl == 0 && $topic[2] != $user_id) error($forum_lang["no_access"]);
$fid = $topic[3];
$topic2 = $mysql->query("SELECT name FROM forum_posts WHERE id = '{$topic[1]}';");
$name = $mysql->fetch_row($topic2);
$cat = 0;
foreach($forum_skeleton as $cid => $category){
foreach($category["forums"] as $fid_ => $forum){
if($fid_ == $fid) $cat = $cid;
}
}
if(empty($forum_skeleton[$cat]["forums"][$fid])) // No such forum..
error($forum_lang["no_such_forum"]);
$forum = $forum_skeleton[$cat]["forums"][$fid];
$output .= "";
if($topic[0]==$topic[1])
$output .= "| {$forum_lang["delete_topic"]} |
| ";
else
$output .= " |
| {$forum_lang["delete_post"]} |
| ";
makebutton($forum_lang["back"], "javascript:window.history.back()", 120);
makebutton($forum_lang["confirm"], "forum.php?action=do_delete_post&id={$topic[0]}", 120);
$output .= " |
";
$mysql->close();
// Queries : 1
}
function forum_do_delete_post(){
global $forum_lang, $forum_skeleton, $maxqueries, $user_lvl, $user_id, $output, $mmfpm_db;
$mysql = new SQL;
$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if(!isset($_GET["id"])) error($forum_lang["no_such_post"]);
else $id = $mysql->quote_smart($_GET["id"]);
$topic = $mysql->query("SELECT id,topic,name,authorid,forum FROM forum_posts WHERE id = '$id';");
if($mysql->num_rows($topic)==0) error($forum_lang["no_such_post"]);
$topic = $mysql->fetch_row($topic);
if($user_lvl == 0 && $topic[3] != $user_id) error($forum_lang["no_access"]);
$fid = $topic[4];
if($id==$topic[1]){
$mysql->query("DELETE FROM forum_posts WHERE topic = '$id'");
redirect("forum.php?action=view_forum&id=$fid");
}
else
{
$mysql->query("DELETE FROM forum_posts WHERE id = '$id'");
$result = $mysql->query("SELECT id FROM forum_posts WHERE topic = '{$topic[1]}' ORDER BY id DESC LIMIT 1;"); // get last post id
$lastpostid = $mysql->fetch_row($result);
$lastpostid = $lastpostid[0];
$mysql->query("UPDATE forum_posts SET lastpost = '$lastpostid' WHERE id = '{$topic[1]}'"); // update topic' s last post id
redirect("forum.php?action=view_topic&id={$topic[1]}");
}
// Queries : 1 (if delete topic) || 4 if delete post
}
function forum_add_topic(){
global $enablesidecheck, $forum_lang, $forum_skeleton, $maxqueries, $minfloodtime, $user_lvl, $user_id, $output, $mmfpm_db;
if($enablesidecheck) $side = get_side(); // Better to use it here instead of call it many time in the loop :)
$mysql = new SQL;
$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if($minfloodtime > 0)
{
$userposts = $mysql->query("SELECT time FROM forum_posts WHERE authorid = '$user_id' ORDER BY id DESC LIMIT 1;");
if($mysql->num_rows($userposts) != 0)
{
$mintimeb4post = $mysql->fetch_row($userposts);
$mintimeb4post = time() - strtotime($mintimeb4post[0]);
if($mintimeb4post < $minfloodtime)
error($forum_lang["please_wait"]);
}
}
if(!isset($_GET["id"])) error($forum_lang["no_such_forum"]);
else $id = $mysql->quote_smart($_GET["id"]);
$cat = 0;
foreach($forum_skeleton as $cid => $category){
foreach($category["forums"] as $fid => $forum){
if($fid == $id) $cat = $cid;
}
}
if(empty($forum_skeleton[$cat]["forums"][$id])) error($forum_lang["no_such_forum"]);
$forum = $forum_skeleton[$cat]["forums"][$id];
if($forum_skeleton[$cat]["level_post_topic"] > $user_lvl || $forum["level_post_topic"] > $user_lvl) error($forum_lang["no_access"]);
if($user_lvl == 0 && $enablesidecheck){
if($forum_skeleton[$cat]["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($forum_skeleton[$cat]["side_access"] != $side) // Forumside different of the user side
continue;
}
if($forum["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($forum["side_access"] != $side) // Forumside different of the user side
continue;
}
}
$output .= "";
$output .= "";
$output .= "
";
$mysql->close();
// Queries : 1
}
function forum_do_add_topic(){
global $enablesidecheck, $forum_skeleton, $forum_lang, $user_lvl, $user_name, $user_id, $mmfpm_db, $minfloodtime;
if($enablesidecheck) $side = get_side(); // Better to use it here instead of call it many time in the loop :)
$mysql = new SQL;
$mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
{
$userposts = $mysql->query("SELECT time FROM forum_posts WHERE authorid = '$user_id' ORDER BY id DESC LIMIT 1;");
if($mysql->num_rows($userposts) != 0)
{
$mintimeb4post = $mysql->fetch_row($userposts);
$mintimeb4post = time() - strtotime($mintimeb4post[0]);
if($mintimeb4post < $minfloodtime)
error($forum_lang["please_wait"]);
}
}
if(!isset($_POST['forum'])) error($forum_lang["no_such_forum"]);
else $forum = $mysql->quote_smart($_POST['forum']);
$cat = 0;
foreach($forum_skeleton as $cid => $category){
foreach($category["forums"] as $fid => $forum_){
if($fid == $forum) $cat = $cid;
}
}
if(empty($forum_skeleton[$cat]["forums"][$forum])) error($forum_lang["no_such_forum"]);
$forum_ = $forum_skeleton[$cat]["forums"][$forum];
if($forum_skeleton[$cat]["level_post_topic"] > $user_lvl || $forum_["level_post_topic"] > $user_lvl) error($forum_lang["no_access"]);
if($user_lvl == 0 && $enablesidecheck){
if($forum_skeleton[$cat]["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($forum_skeleton[$cat]["side_access"] != $side) // Forumside different of the user side
continue;
}
if($forum_["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($forum_["side_access"] != $side) // Forumside different of the user side
continue;
}
}
// $_POST['msg'] = htmlspecialchars($_POST['msg']);
$msg = trim($mysql->quote_smart($_POST['msg']), " ");
// $_POST['name'] = htmlspecialchars($_POST['name']);
$name = trim($mysql->quote_smart($_POST['name']), " ");
if (strlen($name) > 49){
$mysql->close();
error($forum_lang["name_too_long"]);
}
if (strlen($name) < 5){
$mysql->close();
error($forum_lang["name_too_short"]);
}
if (strlen($msg) < 5){
$mysql->close();
error($forum_lang["msg_too_short"]);
}
$msg = str_replace('\n', '
', $msg);
// $msg = str_replace('\r', '
', $msg);
$time = date("m/d/y H:i:s");
$mysql->query("INSERT INTO forum_posts (authorid, authorname, forum, name, text, time) VALUES ('$user_id', '$user_name', '$forum', '$name', '$msg', '$time');");
$id = $mysql->insert_id();
$mysql->query("UPDATE forum_posts SET topic = '$id', lastpost = '$id' WHERE id = '$id';");
$mysql->close();
redirect("forum.php?action=view_topic&id=$id");
// Queries : 3
}
function forum_do_add_post(){
global $enablesidecheck, $forum_skeleton, $forum_lang, $minfloodtime, $user_lvl, $user_name, $user_id, $mmfpm_db;
if($enablesidecheck) $side = get_side(); // Better to use it here instead of call it many time in the loop :)
$mysql = new SQL;
$link = $link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if($minfloodtime > 0)
{
$userposts = $mysql->query("SELECT time FROM forum_posts WHERE authorid = '$user_id' ORDER BY id DESC LIMIT 1;");
if($mysql->num_rows($userposts) != 0)
{
$mintimeb4post = $mysql->fetch_row($userposts);
$mintimeb4post = time() - strtotime($mintimeb4post[0]);
if($mintimeb4post < $minfloodtime)
error($forum_lang["please_wait"]);
}
}
if(!isset($_POST['forum'])) error($forum_lang["no_such_forum"]);
else $forum = $mysql->quote_smart($_POST['forum']);
$cat = 0;
foreach($forum_skeleton as $cid => $category){
foreach($category["forums"] as $fid => $forum_){
if($fid == $forum) $cat = $cid;
}
}
if(empty($forum_skeleton[$cat]["forums"][$forum])) error($forum_lang["no_such_forum"]);
$forum_ = $forum_skeleton[$cat]["forums"][$forum];
if((($user_lvl > 0)||!$closed)&&($forum_skeleton[$cat]["level_post"] > $user_lvl || $forum_["level_post"] > $user_lvl)) error($forum_lang["no_access"]);
if($user_lvl == 0 && $enablesidecheck){
if($forum_skeleton[$cat]["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($forum_skeleton[$cat]["side_access"] != $side) // Forumside different of the user side
continue;
}
if($forum_["side_access"] != "ALL"){ // Not an all side forum
if($side == "NO") // No char
continue;
else if($forum_["side_access"] != $side) // Forumside different of the user side
continue;
}
}
if(!isset($_POST['topic'])) error($forum_lang["no_such_topic"]);
else $topic = $mysql->quote_smart($_POST['topic']);
// $_POST['msg'] = htmlspecialchars($_POST['msg']);
$msg = trim($mysql->quote_smart($_POST['msg']), " ");
$msg = str_replace('\n', '
', $msg);
// $msg = str_replace('\r', '
', $msg);
if (strlen($msg) < 5){
$mysql->close();
error($forum_lang["msg_too_short"]);
}
$name = $mysql->query("SELECT name FROM forum_posts WHERE id = '$topic';");
$name = $mysql->fetch_row($name);
$name = $mysql->quote_smart($name[0]);
$time = date("m/d/y H:i:s");
$mysql->query("INSERT INTO forum_posts (authorid, authorname, forum, topic, name, text, time) VALUES ('$user_id', '$user_name', '$forum', $topic, '$name', '$msg', '$time');");
$id = @mysql_insert_id($link);
$mysql->query("UPDATE forum_posts SET lastpost = $id WHERE id = $topic;");
$mysql->close();
redirect("forum.php?action=view_topic&id=$topic");
// Queries : 4
}
function forum_edit_post(){
global $forum_skeleton, $forum_lang, $maxqueries, $minfloodtime, $user_lvl, $user_id, $output, $mmfpm_db;
$mysql = new SQL;
$link = $mysql->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if(!isset($_GET["id"])) error($forum_lang["no_such_post"]);
else $id = $mysql->quote_smart($_GET["id"]);
$post = $mysql->query("SELECT id,topic,authorid,forum,name,text FROM forum_posts WHERE id = '$id';");
if($mysql->num_rows($post)==0) error($forum_lang["no_such_post"]);
$post = $mysql->fetch_row($post);
if($user_lvl == 0 && $user_id != $post[2])
error($forum_lang["no_access"]);
$cat = 0;
foreach($forum_skeleton as $cid => $category){
foreach($category["forums"] as $fid_ => $forum){
if($fid_ == $post[3]) $cat = $cid;
}
}
if(empty($forum_skeleton[$cat]["forums"][$post[3]])) // No such forum..
error($forum_lang["no_such_forum"]);
$forum = $forum_skeleton[$cat]["forums"][$post[3]];
$output .= "