Hi... I have installed my forums and everything works but the submit and the preview button don't :(
I don't know why...
PHP Code:
<?php
require "include/bittorrent.php";
dbconn(false);
loggedinorreturn();
$action = htmlspecialchars(trim($_GET["action"]));
function forum_stats () {
global $showforumstats,$pic_base_url;
if ($showforumstats == "") {
$forum_t = gmtime() - 300; //you can change this value to whatever span you want
$forum_t = sqlesc(get_date_time($forum_t));
$res = mysql_query("SELECT id, username, class, warned, donor FROM users WHERE forum_access >= $forum_t ORDER BY forum_access DESC") or print(mysql_error());
while ($arr = mysql_fetch_assoc($res))
{
if ($forumusers) $forumusers .= ",\n";
switch ($arr["class"])
{
}
$donator = $arr["donor"] === "yes";
if ($donator)
$forumusers .= "<nobr>";
$warned = $arr["warned"] === "yes";
if ($donator)
$forumusers .= "<nobr>";
if ($CURUSER)
$forumusers .= "<a href=userdetails.php?id={$arr["id"]}><b>{$arr["username"]}</b></a>";
else
$forumusers .= "<b>{$arr["username"]}</b>";
if ($donator)
$forumusers .= "<img src={$pic_base_url}star.gif alt='Donated {$$arr["donor"]}'></nobr>";
if ($warned)
$forumusers .= "<img src={$pic_base_url}warned.gif alt='Warned {$$arr["warned"]}'></nobr>";
}
if (!$forumusers)
$forumusers = "There have been no active users in the last 15 minutes.";
?>
<br>
<?
print("<table width=750 border=1 cellspacing=0 cellpadding=5>\n");
print("<tr><td class=colhead>Stats</td></tr>\n");
$registered = number_format(get_row_count("users", "WHERE enabled = 'yes'"));
//$donated = number_format(get_row_count("users", "WHERE donor = 'yes'"));
$a = @mysql_fetch_assoc(@mysql_query("SELECT id,username FROM users WHERE enabled='yes' ORDER BY id DESC LIMIT 1")) or die(mysql_error());
if ($CURUSER)
$latestuser = "<a href=userdetails.php?id=" . $a["id"] . ">" . $a["username"] . "</a>";
else
$latestuser = $a['username'];
$forumusers = number_format(get_row_count("users", "WHERE UNIX_TIMESTAMP(" . get_dt_num() . ") - UNIX_TIMESTAMP(forum_access) < 1200"));
$topiccount = mysql_query("select sum(topiccount) as topiccount from forums");
$row1 = mysql_fetch_array($topiccount);
$topiccount = $row1[topiccount];
$postcount = mysql_query("select sum(postcount) as postcount from forums");
$row2 = mysql_fetch_array($postcount);
$postcount = $row2[postcount];
print("<tr><td align=left>
» Our members have made <b><font color=#008000>" . $postcount . "</font></b> posts in <b><font color=#008000>" . $topiccount . "</font></b> topics,<BR>
» <b><font color=#008000>" . $forumusers . "</font></b> online users in forum now.</td></tr>\n");
print("</table>");
}
}
function catch_up()
{
// die("This feature is currently unavailable.");
global $CURUSER;
$userid = $CURUSER["id"];
$res = mysql_query("SELECT id, lastpost FROM topics") or sqlerr(__FILE__, __LINE__);
while ($arr = mysql_fetch_assoc($res))
{
$topicid = $arr["id"];
$postid = $arr["lastpost"];
$r = mysql_query("SELECT id,lastpostread FROM readposts WHERE userid=$userid and topicid=$topicid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($r) == 0)
mysql_query("INSERT INTO readposts (userid, topicid, lastpostread) VALUES($userid, $topicid, $postid)") or sqlerr(__FILE__, __LINE__);
else
{
$a = mysql_fetch_assoc($r);
if ($a["lastpostread"] < $postid)
mysql_query("UPDATE readposts SET lastpostread=$postid WHERE id=" . $a["id"]) or sqlerr(__FILE__, __LINE__);
}
}
mysql_query("UPDATE users SET last_catchup='".get_date_time()."' WHERE id='$CURUSER[id]'") or sqlerr(__FILE__, __LINE__);
}
//-------- Returns the minimum read/write class levels of a forum
function get_forum_access_levels($forumid)
{
$res = mysql_query("SELECT minclassread, minclasswrite, minclasscreate FROM forums WHERE id=".mysql_real_escape_string($forumid)) or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
return false;
$arr = mysql_fetch_assoc($res);
return array("read" => $arr["minclassread"], "write" => $arr["minclasswrite"], "create" => $arr["minclasscreate"]);
}
//-------- Returns the forum ID of a topic, or false on error
function get_topic_forum($topicid)
{
$res = mysql_query("SELECT forumid FROM topics WHERE id=".mysql_real_escape_string($topicid)) or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
return false;
$arr = mysql_fetch_row($res);
return $arr[0];
}
//-------- Returns the ID of the last post of a forum
function update_topic_last_post($topicid)
{
$res = mysql_query("SELECT id FROM posts WHERE topicid=".mysql_real_escape_string($topicid)." ORDER BY id DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res) or die("No post found");
$postid = $arr[0];
mysql_query("UPDATE topics SET lastpost=$postid WHERE id=".mysql_real_escape_string($topicid)) or sqlerr(__FILE__, __LINE__);
}
function get_forum_last_post($forumid)
{
$res = mysql_query("SELECT lastpost FROM topics WHERE forumid=".mysql_real_escape_string($forumid)." ORDER BY lastpost DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
$postid = $arr[0];
if ($postid)
return $postid;
else
return 0;
}
//-------- Inserts a quick jump menu
function insert_quick_jump_menu($currentforum = 0)
{
print("<center><p align=center><form method=get action=? name=jump>\n");
print("<input type=hidden name=action value=viewforum>\n");
print("Quick jump: ");
print("<select name=forumid onchange=\"if(this.options[this.selectedIndex].value != -1){ forms['jump'].submit() }\">\n");
$res = mysql_query("SELECT * FROM forums ORDER BY name") or sqlerr(__FILE__, __LINE__);
while ($arr = mysql_fetch_assoc($res))
{
if (get_user_class() >= $arr["minclassread"])
print("<option value=" . $arr["id"] . ($currentforum == $arr["id"] ? " selected>" : ">") . $arr["name"] . "\n");
}
print("</select>\n");
print("<input type=submit value='Go!' class='btn'>\n");
print("</form></p></center>\n");
}
//-------- Inserts a compose frame
function insert_compose_frame($id, $newtopic = true, $quote = false)
{
global $maxsubjectlength, $CURUSER;
?>
<!-- by www.xtremezone.ro !-->
<!-- DO NOT EDIT BELOW! !-->
<script type="text/javascript" language="javascript">
var http_request = false;
function makePOSTRequest(url, parameters) {
http_request = false;
if (window.XMLHttpRequest) { // Mozilla, Safari,...
http_request = new XMLHttpRequest();
if (http_request.overrideMimeType) {
// set type accordingly to anticipated content type
//http_request.overrideMimeType('text/xml');
http_request.overrideMimeType('text/html');
}
} else if (window.ActiveXObject) { // IE
try {
http_request = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try {
http_request = new ActiveXObject("Microsoft.XMLHTTP");
} catch (e) {}
}
}
if (!http_request) {
alert('Cannot create XMLHTTP instance');
return false;
}
http_request.onreadystatechange = alertContents;
http_request.open('POST', url, true);
http_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
http_request.setRequestHeader("Content-length", parameters.length);
http_request.setRequestHeader("Connection", "close");
http_request.send(parameters);
}
function alertContents() {
if (http_request.readyState == 4) {
if (http_request.status == 200) {
//alert(http_request.responseText);
result = http_request.responseText;
document.getElementById('preview').innerHTML = result;
} else {
alert('There was a problem with the request. Please report this to administrator.');
}
}
}
function get(obj) {
var poststr = "body=" + encodeURI( document.getElementById("body").value );
makePOSTRequest('preview.php', poststr);
}
</script>
<!-- Preview forum post (ajaX) by www.xtremezone.ro v2.6 !-->
<?
if ($newtopic)
{
$res = mysql_query("SELECT name FROM forums WHERE id=".mysql_real_escape_string($id)) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or die("Bad forum id");
$forumname = $arr["name"];
print("<p align=center>New topic in <a href=?action=viewforum&forumid=$id>$forumname</a> forum</p>\n");
}
else
{
$res = mysql_query("SELECT * FROM topics WHERE id=".mysql_real_escape_string($id)) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or stderr("Forum error", "Topic not found.");
$subject = htmlspecialchars($arr["subject"]);
print("<p align=center>Reply to topic: <a href=?action=viewtopic&topicid=$id>$subject</a></p>");
}
print ("<span name=\"preview\" id=\"preview\"></span>");
begin_frame("Compose", true);
print("<form method=post name=\"compose\" action=?action=post>\n");
if ($newtopic)
print("<input type=hidden name=forumid value=$id>\n");
else
print("<input type=hidden name=topicid value=$id>\n");
begin_table();
if ($newtopic)
print("<tr><td class=rowhead>Subject</td>" .
"<td align=left style='padding: 0px'><input type=text size=50 maxlength=$maxsubjectlength name=subject " .
"style='border: 0px; height: 19px'></td></tr>\n");
if ($quote)
{
$postid = 0+$_GET["postid"];
$res = mysql_query("SELECT posts.*, users.username FROM posts JOIN users ON posts.userid = users.id WHERE posts.id=$postid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
stderr("Error", "No post with this ID");
$arr = mysql_fetch_assoc($res);
}
print("<tr><td class=rowhead>Body</td><td align=left style='padding: 0px'>");
textbbcode("compose","body",($quote?(("[quote=".htmlspecialchars($arr["username"])."]".htmlspecialchars(unesc($arr["body"]))."[/quote]")):""));
print("<tr><td colspan=2 align=center><input type=button value=Submit onclick='return Post();'><input type=button value=Preview onclick='return Preview();'></td></tr>\n");
print("</td></tr>");
print("</td></tr>");
end_table();
print("</form>\n");
print("<p align=center><a href=tags.php target=_blank>Tags</a> | <a href=smilies.php target=_blank>Smilies</a></p>\n");
end_frame();
//------ Get 10 last posts if this is a reply
if (!$newtopic)
{
$postres = mysql_query("SELECT * FROM posts WHERE topicid=$id ORDER BY id DESC LIMIT 20") or sqlerr(__FILE__, __LINE__);
begin_frame("20 last posts, in reverse order");
while ($post = mysql_fetch_assoc($postres))
{
//-- Get poster details
$userres = mysql_query("SELECT * FROM users WHERE id=" . $post["userid"] . " LIMIT 1") or sqlerr(__FILE__, __LINE__);
$user = mysql_fetch_assoc($userres);
$avatar = ($CURUSER["avatars"] == "yes" ? htmlspecialchars($user["avatar"]) : "");
// $avatar = $user["avatar"];
if (!$avatar)
$avatar = "pic/default_avatar.gif";
print("<b><p class=sub>#" . $post["id"] . " by " . $user["username"] . " at " . $post["added"] . " GMT</p></b>");
begin_table(true);
print("<tr valign=top><td width=150 align=center style='padding: 0px'>" . ($avatar ? "<img width=150 src=$avatar>" : "").
"</td><td class=comment>" . format_comment($post["body"]) . "</td></tr>\n");
end_table();
}
end_frame();
}
insert_quick_jump_menu();
}
//-------- Global variables
$maxsubjectlength = 40;
$postsperpage = $CURUSER["postsperpage"];
if (!$postsperpage) $postsperpage = 25;
//-------- Action: Edit Forum
if ($action == "editforum")
{
if (get_user_class() < UC_SYSOP)
stderr("Forum Error", "You're a bad guy!.");
stdhead("Edit forum");
begin_main_frame();
begin_frame("Edit Forum", "center");
$forumid = 0 + $_GET["forumid"];
$res = mysql_query("SELECT * FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
$forum = mysql_fetch_assoc($res);
print("<form method=post action=?action=updateforum&forumid=$forumid>\n");
begin_table();
print("<tr><td class=rowhead>Forum name</td>" .
"<td align=left style='padding: 0px'><input type=text size=60 maxlength=$maxsubjectlength name=name " .
"style='border: 0px; height: 19px' value=\"$forum[name]\"></td></tr>\n".
"<tr><td class=rowhead>Description</td>" .
"<td align=left style='padding: 0px'><textarea name=description cols=68 rows=3 style='border: 0px'>$forum[description]</textarea></td></tr>\n".
"<tr><td class=rowhead>Moderators</td>" .
"<td align=left style='padding: 0px'><input type=text name=moderators value='Moderators: ' size=30> $forum[moderators]</td></tr>\n".
"<tr><td class=rowhead></td><td align=left style='padding: 0px'> Minimum <select name=readclass>");
for ($i = 0; $i <= UC_SYSOP; ++$i)
print("<option value=$i" . ($i == $forum['minclassread'] ? " selected" : "") . ">" . get_user_class_name($i) . "</option>\n");
print("</select> Class required to View<br>\n Minimum <select name=writeclass>");
for ($i = 0; $i <= UC_SYSOP; ++$i)
print("<option value=$i" . ($i == $forum['minclasswrite'] ? " selected" : "") . ">" . get_user_class_name($i) . "</option>\n");
print("</select> Class required to Post<br>\n Minimum <select name=createclass>");
for ($i = 0; $i <= UC_SYSOP; ++$i)
print("<option value=$i" . ($i == $forum['minclasscreate'] ? " selected" : "") . ">" . get_user_class_name($i) . "</option>\n");
print("</select> Class required to Create Topics</td></tr>\n".
"<tr><td colspan=2 align=center><input type=submit class=btn value='Submit'></td></tr>\n");
end_table();
print("</form>\n");
end_frame();
end_main_frame();
stdfoot();
die;
}
//-------- Action: Update Forum
if ($action == "updateforum")
{
$forumid = $_GET["forumid"];
$name = $_POST["name"];
$description = $_POST["description"];
$moderators = $_POST["moderators"];
$minclassread = 0 + $_POST["readclass"];
$minclasswrite = 0 + $_POST["writeclass"];
$minclasscreate = 0 + $_POST["createclass"];
if(!$forumid)
stderr("Error", "Forum ID not found.");
if(!$name)
stderr("Error", "You must specify a name for the forum.");
if(!$description)
stderr("Error", "You must provide a description for the forum.");
$name = sqlesc($name);
$description = sqlesc($description);
$moderators = sqlesc($moderators);
mysql_query("UPDATE forums SET ".
"name=$name, ".
"description=$description, ".
"moderators=$moderators, ".
"minclassread=$minclassread, ".
"minclasswrite=$minclasswrite, ".
"minclasscreate=$minclasscreate ".
"WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
write_log("Forum '$name' Modified by $CURUSER[username]");
header("Location: $BASEURL/forums.php");
}
//-------- Action: Delete Forum
if ($action == "deleteforum")
{
$forumid = 0 + $_GET["forumid"];
$confirmed = 0 + $_GET["confirmed"];
if(!$forumid)
stderr("Error", "Forum ID not found.");
if(!$confirmed)
{
$rf = mysql_query("SELECT name FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
$forum = mysql_fetch_assoc($rf);
$rt = mysql_query("SELECT id FROM topics WHERE forumid=$forumid") or sqlerr(__FILE__, __LINE__);
$topics = mysql_num_rows($rt);
$posts = 0;
while($topic = mysql_fetch_assoc($rt))
{
$rp = mysql_query("SELECT * FROM posts WHERE topicid=$topic[id]") or sqlerr(__FILE__, __LINE__);
$posts += mysql_num_rows($rp);
}
if (get_user_class() <=UC_SYSOP){
stderr("Error", "Permission denied.");
}
stdhead("Delete forum");
begin_main_frame();
begin_frame("** WARNING! **");
print("Deleting forum ID $forumid ($forum[name]) will also delete $posts posts in $topics topics. ".
"[<a class=altlink href=?action=deleteforum&forumid=$forumid&confirmed=1>ACCEPT</a>] ".
"[<a class=altlink href=forums.php>CANCEL</a>]");
end_frame();
end_main_frame();
stdfoot();
die;
}
if ($CURUSER['class']>=UC_ELITE_ADMINISTRATOR)
{
$rt = mysql_query("SELECT id FROM topics WHERE forumid=$forumid") or sqlerr(__FILE__, __LINE__);
while($topic = mysql_fetch_assoc($rt))
mysql_query("DELETE FROM posts WHERE topicid=$topic[id]") or sqlerr(__FILE__, __LINE__);
mysql_query("DELETE FROM topics WHERE forumid=$forumid") or sqlerr(__FILE__, __LINE__);
mysql_query("DELETE FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
header("Location: $BASEURL/forums.php");
}
else
stderr("Error", "You are not authorised to perform this action!");
die;
}
//-------- Action: New topic
if ($action == "newtopic")
{
$forumid = 0+$_GET["forumid"];
stdhead("New topic");
begin_main_frame();
insert_compose_frame($forumid);
end_main_frame();
stdfoot();
die;
}
//-------- Action: Post
if ($action == "post")
{
$forumid = 0 + $_POST["forumid"];
$topicid = 0 + $_POST["topicid"];
if (!is_valid_id($forumid) && !is_valid_id($topicid))
stderr("Error", "Bad forum or topic ID.");
$newtopic = $forumid > 0;
$subject = $_POST["subject"];
if ($newtopic)
{
$subject = trim($subject);
if (!$subject)
stderr("Error", "You must enter a subject.");
if (strlen($subject) > $maxsubjectlength)
stderr("Error", "Subject is limited.");
}
else
$forumid = get_topic_forum($topicid) or die("Bad topic ID");
if ($CURUSER["forumpost"] == 'no')
{
stdhead();
stdmsg("Sorry...", "You are not authorized to Post. (See <a href=\"inbox.php#up\">Read Inbox</a>)");
stdfoot();
exit;
}
if ($CURUSER["forumpost"] == 'no')
{
stdhead();
stdmsg("Sorry...", "You are not authorized to Post. (<a href=\"inbox.php#up\">Read Inbox</a>)",false);
stdfoot();
exit;
}
//------ Make sure sure user has write access in forum
$arr = get_forum_access_levels($forumid) or die("Bad forum ID");
if (get_user_class() < $arr["write"] || ($newtopic && get_user_class() < $arr["create"]))
stderr("Error", "Permission denied.");
$leghth_limit="500";
$body = trim($_POST["body"]);
if (strlen($_POST['body']) > $leghth_limit)
stderr("Error", "Your comment is too long.");
{
if ($body == "")
stderr("Error", "No body text.");
else
{
$userid = 0+$CURUSER["id"];
if ($newtopic)
{
//---- Create topic
$subject = sqlesc($subject);
mysql_query("INSERT INTO topics (userid, forumid, subject) VALUES($userid, $forumid, $subject)") or sqlerr(__FILE__, __LINE__);
$topicid = mysql_insert_id() or stderr("Error", "No topic ID returned");
}
else
{
//---- Make sure topic exists and is unlocked
$res = mysql_query("SELECT * FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or die("Topic id n/a");
if ($arr["locked"] == 'yes' && get_user_class() < UC_MODERATOR)
stderr("Error", "This topic is locked.");
//---- Get forum ID
$forumid = $arr["forumid"];
}
//------ Insert post
$added = "'" . get_date_time() . "'";
$body = sqlesc($body);
// Antispam
$minutes = 10;
$limit = 10;
$res = mysql_query("SELECT COUNT(*) FROM posts WHERE userid = $CURUSER[id] AND added > '".get_date_time(gmtime() - ($minutes * 60))."'") or sqlerr(__FILE__,__LINE__);
$row = mysql_fetch_row($res);
if ($row[0] > $limit)
stderr("Flood !!!", "Are prohibited more than $limit posts in the last $minutes minutes.");
// End Antispam
mysql_query("INSERT INTO posts (topicid, userid, added, body) " .
"VALUES($topicid, $userid, $added, $body)") or sqlerr(__FILE__, __LINE__);
$postid = mysql_insert_id() or die("Post id n/a");
//------ Update topic last post
update_topic_last_post($topicid);
// Update last post sent
mysql_query("UPDATE users SET last_post = NOW() WHERE id = ".sqlesc($CURUSER['id'])) or sqlerr(__FILE__, __LINE__);
mysql_query("UPDATE users SET seedbonus = seedbonus+1.0 WHERE id = $CURUSER[id]") or sqlerr(__FILE__, __LINE__);
//------ All done, redirect user to the post
$headerstr = "Location: $BASEURL/forums.php?action=viewtopic&topicid=$topicid&page=last";
if ($newtopic)
header($headerstr);
else
header("$headerstr#$postid");
die;
}
}
}
//-------- Action: View topic
if ($action == "viewtopic")
{
$highlight = htmlspecialchars(trim($_GET["highlight"]));
$topicid = 0+$_GET["topicid"];
$page = 0+$_GET["page"];
$userid = $CURUSER["id"];
//------ Get topic info
$res = mysql_query("SELECT * FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or stderr("Forum error", "Topic not found");
$locked = ($arr["locked"] == 'yes');
$subject = htmlspecialchars($arr["subject"]);
$sticky = $arr["sticky"] == "yes";
$forumid = $arr["forumid"];
//------ Update hits column
mysql_query("UPDATE topics SET views = views + 1 WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
//------ Get forum
$res = mysql_query("SELECT * FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or die("Forum = NULL");
$forum = $arr["name"];
if ($CURUSER["class"] < $arr["minclassread"])
stderr("Error", "You are not permitted to view this topic.");
//------ Get post count
$res = mysql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
$postcount = $arr[0];
//------ Make page menu
$pagemenu = "<p align=center>\n";
$perpage = $postsperpage;
$pages = ceil($postcount / $perpage);
if ($page[0] == "p")
{
$findpost = substr($page, 1);
$res = mysql_query("SELECT id FROM posts WHERE topicid=$topicid ORDER BY added") or sqlerr(__FILE__, __LINE__);
$i = 1;
while ($arr = mysql_fetch_row($res))
{
if ($arr[0] == $findpost)
break;
++$i;
}
$page = ceil($i / $perpage);
}
if ($page == "last")
$page = $pages;
else
{
if($page < 1)
$page = 1;
elseif ($page > $pages)
$page = $pages;
}
$offset = $page * $perpage - $perpage;
for ($i = 1; $i <= $pages; ++$i)
{
if ($i == $page)
$pagemenu .= "<font class=gray><b>$i</b></font>\n";
else
$pagemenu .= "<a href=?action=viewtopic&topicid=$topicid&page=$i><b>$i</b></a>\n";
}
if ($page == 1)
$pagemenu .= "<br><font class=gray><b><< Prev</b></font>";
else
$pagemenu .= "<br><a href=?action=viewtopic&topicid=$topicid&page=" . ($page - 1) .
"><b><< Prev</b></a>";
$pagemenu .= " ";
if ($page == $pages)
$pagemenu .= "<font class=gray><b>Next >></b></font></p>\n";
else
$pagemenu .= "<a href=?action=viewtopic&topicid=$topicid&page=" . ($page + 1) .
"><b>Next >></b></a></p>\n";
//------ Get posts
$res = mysql_query("SELECT * FROM posts WHERE topicid=$topicid ORDER BY id LIMIT $offset,$perpage") or sqlerr(__FILE__, __LINE__);
stdhead("Forums :: $subject");
print("<a name=top><h1><a href=?action=viewforum&forumid=$forumid>$forum</a> > $subject</h1>\n");
print($pagemenu);
//------ Print table
begin_main_frame();
begin_frame();
$pc = mysql_num_rows($res);
$pn = 0;
$r = mysql_query("SELECT lastpostread FROM readposts WHERE userid=" . $CURUSER["id"] . " AND topicid=$topicid") or sqlerr(__FILE__, __LINE__);
$a = mysql_fetch_row($r);
$lpr = $a[0];
if (!$lpr)
mysql_query("INSERT INTO readposts (userid, topicid) VALUES($userid, $topicid)") or sqlerr(__FILE__, __LINE__);
while ($arr = mysql_fetch_assoc($res))
{
++$pn;
$postid = $arr["id"];
$posterid = $arr["userid"];
$added = display_date_time($arr["added"]) . " GMT <font class=small>(" . (get_elapsed_time(sql_timestamp_to_unix_timestamp($arr["added"]))) . ")</font>";
//---- Get poster details
$dt = gmtime() - 60;
$dt = sqlesc(get_date_time($dt));
$res2 = mysql_query("SELECT username,class,avatar,donor,title,enabled,warned,uploaded,downloaded,last_access,added, signature FROM users WHERE id=$posterid") or sqlerr(__FILE__, __LINE__);
$arr2 = mysql_fetch_assoc($res2);
$signature = $arr2[signature];
$signature = ($CURUSER["signatures"] == "yes" ? htmlspecialchars($arr2["signature"]) : "");
$uploaded = mksize($arr2["uploaded"]);
$downloaded = mksize($arr2["downloaded"]);
if ($arr2["downloaded"] > 0)
{
$ratio = $arr2['uploaded'] / $arr2['downloaded'];
$ratio = number_format($ratio, 3);
$color = get_ratio_color($ratio);
if ($color)
$ratio = "<font color=$color>$ratio</font>";
}
else
if ($arr2["uploaded"] > 0)
$ratio = "Inf.";
else
$ratio = "---";
$rem = mysql_query("SELECT COUNT(*) FROM posts WHERE userid=" . $posterid) or sqlerr();
$arr25 = mysql_fetch_row($rem);
$forumposts = $arr25[0];
$signature = $arr2[signature];
$signature = ($CURUSER["signatures"] == "yes" ? htmlspecialchars($arr2["signature"]) : "");
$postername = $arr2["username"];
if ($postername == "")
{
$by = "unknown[$posterid]";
$avatar = "";
}
else
{
// if ($arr2["enabled"] == "yes")
$avatar = ($CURUSER["avatars"] == "yes" ? htmlspecialchars($arr2["avatar"]) : "");
// else
// $avatar = "pic/disabled_avatar.gif";
$title = $arr2["title"];
if (!$title)
$title = get_user_class_name($arr2["class"]);
$T = array("Owner" => "#8D38C9",
"Super Visor" => "#9172EC",
"System Operator" => "#FF0000",
"Elite Admin" => "#C34A2C",
"Administrator" => "#C85A17",
"Master Moderator" => "#736AFF",
"Moderator" => "#6698FF",
"Premium Uploader" => "#C031C7",
"Uploader" => "#F433FF",
"VIP" => "#87F717",
"Legend User" => "#EAC117",
"Etreme User" => "#FDD017",
"Elite User" => "#D4A017",
"Power User" => "#F87217",
"User" => "#F88017");
$title_color = $T[get_user_class_name($arr2["class"])];
$UC = array("Owner" => "Owner",
"Super Visor" => "Super Visor",
"System Operator" => "System Operator",
"Elite Admin" => "Elite Admin",
"Administrator" => "Admin",
"Master Moderator" => "Master Moderator",
"Moderator" => "Moderator",
"Premium Uploader" => "Premium Uploader",
"Uploader" => "Uploader",
"Legend VIP" => "Legend VIP",
"VIP" => "VIP",
"Legend User" => "Legend User",
"Super User" => "Super User",
"Etreme User" => "Etreme User",
"Elite User" => "Elite User",
"Power User" => "Power User",
"User" => "User");
$uclass = $UC[get_user_class_name($arr2["class"])];
$by = "<a href=userdetails.php?id=$posterid><b>$postername</b></a>" . ($arr2["donor"] == "yes" ? "<img src=".
"pic/star.gif alt='Donor'>" : "") . ($arr2["enabled"] == "no" ? "<img src=".
"pic/disabled.gif alt=\"This account is disabled\" style='margin-left: 2px'>" : ($arr2["warned"] == "yes" ? "<a href=rules.php#warning class=altlink><img src=pic/warned.gif alt=\"Warned\" border=0></a>" : "")) . " ";
}
if ($arr2[added] == "00-00-0000 00:00:00")
$joindate = 'N/A';
else
$joindate = "" . get_elapsed_time(sql_timestamp_to_unix_timestamp($arr2["added"])) . "";
if (!$avatar)
$avatar = "pic/default_avatar.png";
print("<a name=$postid>\n");
if ($pn == $pc)
{
print("<a name=last>\n");
if ($postid > $lpr)
mysql_query("UPDATE readposts SET lastpostread=$postid WHERE userid=$userid AND topicid=$topicid") or sqlerr(__FILE__, __LINE__);
}
print("<p class=sub><table border=0 cellspacing=0 cellpadding=0><tr><td class=embedded width=99%><b>#$postid by $by - <font color=$title_color>" . format_comment("$title") . "</font> - at $added</b>");
if (!$locked || get_user_class() >= UC_MODERATOR)
print(" - [<a href=?action=quotepost&topicid=$topicid&postid=$postid><b>Quote</b></a>]");
if (($CURUSER["id"] == $posterid && !$locked) || get_user_class() >= UC_MODERATOR)
print(" - [<a href=?action=editpost&postid=$postid><b>E</b></a>]");
if (get_user_class() >= UC_MODERATOR)
print(" - [<a href=?action=deletepost&postid=$postid><b>D</b></a>]");
print(" - [<a href=\"report.php?type=Post&id=".htmlspecialchars($postid)."&id_2=".htmlspecialchars($topicid)."\"><b>Report</b></a>]");
print("</td><td class=embedded width=1%><a href=#top><img src=pic/p_up.gif border=0 alt='Top'></a></td></tr>");
print("</table></p>\n");
begin_table(true);
$body = format_comment($arr["body"]);
if (is_valid_id($arr['editedby']))
{
$res2 = mysql_query("SELECT username FROM users WHERE id=$arr[editedby]");
if (mysql_num_rows($res2) == 1)
{
$arr2 = mysql_fetch_assoc($res2);
$body .= "<p><font size=1 class=small>Last edited by <a href=userdetails.php?id=$arr[editedby]><b>$arr2[username]</b></a> at ".display_date_time($arr["editedat"])."</font></p>\n";
}
}
if ($signature)
$body .= "<p style='vertical-align:bottom'><br><center><img src='pic/sig.PNG' style='padding-bottom:2px;'></center>" . format_comment($signature) . "</p>";
"</td>";
$stats = "<br><br>"." <b>Joined:</b><font color=#902e24> $joindate</font><br>"." <b>Posts: $forumposts</b><br>";
if (get_user_class() >= UC_MODERATOR || $CURUSER["id"] == $user["id"])
$rankf = " <br><b>Class: <font color=$title_color>$uclass</font></br></b>";
print("<tr valign=top><td width=150 align=left style='padding: 2px'>"." " .($avatar ? "<img width=150 src=\"$avatar\">": ""). "" . "$rankf $stats<br><br></td><td class=comment>$body</td></tr>\n");
$arr = get_forum_access_levels($forumid) or die;
if (get_user_class() >= $arr["write"])
$maypost = true;
end_table();
}
//------ Mod options
if (get_user_class() >= UC_MODERATOR)
{
attach_frame();
$res = mysql_query("SELECT id,name,minclasswrite FROM forums ORDER BY name") or sqlerr(__FILE__, __LINE__);
print("<table border=0 cellspacing=0 cellpadding=0>\n");
print("<form method=post action=?action=setsticky>\n");
print("<input type=hidden name=topicid value=$topicid>\n");
print("<input type=hidden name=returnto value=$_SERVER[REQUEST_URI]>\n");
print("<tr><td class=embedded align=right><font color=red>Sticky:</font></td>\n");
print("<td class=embedded><input type=radio name=sticky value='yes' " . ($sticky ? " checked" : "") . "> Yes <input type=radio name=sticky value='no' " . (!$sticky ? " checked" : "") . "> No\n");
print("<input type=submit value='Set' class=btn2></td></tr>");
print("</form>\n");
}
if (get_user_class() >= UC_MODERATOR)
{
print("<form method=post action=?action=setlocked>\n");
print("<input type=hidden name=topicid value=$topicid>\n");
print("<input type=hidden name=returnto value=$BASEURL$_SERVER[REQUEST_URI]>\n");
print("<tr><td class=embedded align=right>Locked:</td>\n");
print("<td class=embedded><input type=text name=lockreason size=30>\n\n\n<input type=radio name=locked value='yes' " . ($locked ? " checked" : "") . "> Yes <input type=radio name=locked value='no' " . (!$locked ? " checked" : "") . "> No\n");
print("<input type=submit value='Set'></td></tr>");
print("</form>\n");
}
if (get_user_class() >= UC_MODERATOR)
{
print("<form method=post action=?action=renametopic>\n");
print("<input type=hidden name=topicid value=$topicid>\n");
print("<input type=hidden name=returnto value=$_SERVER[REQUEST_URI]>\n");
print("<tr><td class=embedded align=right>Rename topic:</td><td class=embedded><input type=text name=subject size=60 maxlength=$maxsubjectlength value=\"" . htmlspecialchars($subject) . "\">\n");
print("<input type=submit value='Okay' class=btn2></td></tr>");
print("</form>\n");
}
if (get_user_class() >= UC_MODERATOR)
{
print("<form method=post action=?action=movetopic&topicid=$topicid>\n");
print("<tr><td class=embedded>Move this thread to: </td><td class=embedded><select name=forumid>");
while ($arr = mysql_fetch_assoc($res))
if ($arr["id"] != $forumid && get_user_class() >= $arr["minclasswrite"])
print("<option value=" . $arr["id"] . ">" . $arr["name"] . "\n");
print("</select> <input type=submit value='Okay' class=btn2></form></td></tr>\n");
}
if (get_user_class() >= UC_ADMINISTRATOR)
{
print("<tr><td class=embedded>Delete topic</td><td class=embedded>\n");
print("<form method=get action=forums.php>\n");
print("<input type=hidden name=action value=deletetopic>\n");
print("<input type=hidden name=topicid value=$topicid>\n");
print("<input type=hidden name=forumid value=$forumid>\n");
print("<input type=checkbox name=sure value=1>I'm sure\n");
print("<input type=submit value='Okay' class=btn2>\n");
print("</form>\n");
print("</td></tr>\n");
print("</table>\n");
}
end_frame();
end_main_frame();
print($pagemenu);
if ($locked && get_user_class() < UC_MODERATOR)
print("<p><b><font color=red>This topic is locked; no new posts are allowed.</b></p></font>\n");
else
{
$arr = get_forum_access_levels($forumid) or die;
if (get_user_class() < $arr["forumban"])
print("<p><i><b><font color=red>You are not permitted to post in this forum.</i></b></p></font>\n");
else
$maypost = true;
}
//------ "View unread" / "Add reply" buttons
print("<p align=center><table class=main border=0 cellspacing=0 cellpadding=0><tr>\n");
print("<td class=embedded><form method=get action=?>\n");
print("<input type=hidden name=action value=viewunread>\n");
print("<input type=submit value='View Unread' class=btn2>\n");
print("</form></td>\n");
if ($maypost)
{
print("<td class=embedded style='padding-left: 10px'><form method=get action=?>\n");
print("<input type=hidden name=action value=reply>\n");
print("<input type=hidden name=topicid value=$topicid>\n");
print("<input type=submit value='Full Reply' class=btn2>\n");
print("</form></td>\n");
}
print("</tr></table></p>\n");
if ($maypost)
{
print("<center><table style='padding:0px;border:0px;'><tr>");
print("<form name=compose method=post action=?action=post>");
print("<input type=hidden name=topicid value=$topicid>");
print("<textarea name=\"body\" rows=\"9\" cols=\"100\"></textarea><br /><br />");
print("<center><input type=submit class=btn value=\"Submit\"></center>");
print("</form></td></tr></table></center>\n");
}
//------ Forum quick jump drop-down
insert_quick_jump_menu($forumid);
stdfoot();
die;
}
//-------- Action: Quote
if ($action == "quotepost")
{
$topicid = 0+$_GET["topicid"];
stdhead("Post reply");
begin_main_frame();
insert_compose_frame($topicid, false, true);
end_main_frame();
stdfoot();
die;
}
//-------- Action: Reply
if ($action == "reply")
{
$topicid = 0+$_GET["topicid"];
stdhead("Post reply");
begin_main_frame();
insert_compose_frame($topicid, false);
end_main_frame();
stdfoot();
die;
}
//-------- Action: Move topic
if ($action == "movetopic")
{
$forumid = 0+$_POST["forumid"];
$topicid = 0+$_GET["topicid"];
if (!is_valid_id($forumid) || !is_valid_id($topicid) || get_user_class() < UC_MODERATOR)
die;
// Make sure topic and forum is valid
$res = @mysql_query("SELECT minclasswrite FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
stderr("Error", "Forum not found.");
$arr = mysql_fetch_row($res);
if (get_user_class() < $arr[0])
die;
$res = @mysql_query("SELECT forumid FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
stderr("Error", "Topic not found.");
$arr = mysql_fetch_row($res);
$old_forumid=$arr[0];
// get posts count
$res = mysql_query("SELECT COUNT(id) AS nb_posts FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
stderr("Error", "Couldn't get posts count.");
$arr = mysql_fetch_row($res);
$nb_posts = $arr[0];
// move topic
if ($old_forumid != $forumid)
{
@mysql_query("UPDATE topics SET forumid=$forumid WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
// update counts
@mysql_query("UPDATE forums SET topiccount=topiccount-1, postcount=postcount-$nb_posts WHERE id=$old_forumid") or sqlerr(__FILE__, __LINE__);
@mysql_query("UPDATE forums SET topiccount=topiccount+1, postcount=postcount+$nb_posts WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
}
// Redirect to forum page
header("Location: $BASEURL/forums.php?action=viewforum&forumid=$forumid");
die;
}
//-------- Action: Delete topic
if ($action == "deletetopic")
{
$topicid = 0+$_GET["topicid"];
$forumid = 0+$_GET["forumid"];
if (!is_valid_id($topicid) || get_user_class() < UC_ADMINISTRATOR)
die;
$sure = 0+$_GET["sure"];
if (!$sure)
{
stderr("Delete topic", "Sanity check: You are about to delete a topic. Click\n" .
"<a href=?action=deletetopic&topicid=$topicid&sure=1>here</a> if you are sure.",false);
}
$res = mysql_query("SELECT t.subject, f.name FROM topics as t INNER JOIN forums as f ON t.forumid=f.id WHERE t.id=$topicid ");
$arr= mysql_fetch_assoc($res);
mysql_query("DELETE FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
mysql_query("DELETE FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
write_log("Forum '".$arr["name"]."' - Topic: '".$arr["subject"]."' has been deleted by $CURUSER[username]");
header("Location: $BASEURL/forums.php?action=viewforum&forumid=$forumid");
die;
}
//-------- Action: Edit post
if ($action == "editpost")
{
$postid = 0+$_GET["postid"];
$res = mysql_query("SELECT * FROM posts WHERE id=$postid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
stderr("Error", "No post with this ID");
$arr = mysql_fetch_assoc($res);
$res2 = mysql_query("SELECT locked,subject FROM topics WHERE id = " . $arr["topicid"]) or sqlerr(__FILE__, __LINE__);
$arr2 = mysql_fetch_assoc($res2);
if (mysql_num_rows($res) != 1)
stderr("Error", "No topic associated with this post ID");
$locked = ($arr2["locked"] == 'yes');
if (($CURUSER["id"] != $arr["userid"] || $locked) && get_user_class() < UC_MODERATOR)
stderr("Error", "Denied!");
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$body = $_POST['body'];
$tname = $arr2["subject"];
$tid = $arr["topicid"];
if ($body == "")
stderr("Error", "Body cannot be empty!");
$body = sqlesc($body);
$editedat = sqlesc(get_date_time());
mysql_query("UPDATE posts SET body=$body, editedat=$editedat, editedby=$CURUSER[id] WHERE id=$postid") or sqlerr(__FILE__, __LINE__);
$returnto = $_POST["returnto"];
if ($returnto != "")
{
$returnto .= "&page=p$postid#$postid";
header("Location: $returnto");
}
else
stderr("Success", "Post was edited successfully.");
write_log("Forum '$tname' - Topic id: $tid | has been edited post id ($postid) by $CURUSER[username]");
}
stdhead();
print("<h1>Edit Post</h1>\n");
print("<form name=edit method=post action=?action=editpost&postid=$postid>\n");
print("<input type=hidden name=returnto value=\"" . htmlspecialchars($HTTP_SERVER_VARS["HTTP_REFERER"]) . "\">\n");
print("<p align=center><table class=main border=1 cellspacing=0 cellpadding=5>\n");
print("<tr><td class=rowhead>Body</td><td align=left style='padding: 0px'>");
textbbcode("edit","body",htmlspecialchars(unesc($arr["body"])));
print("</td></tr>\n");
print("<tr><td align=center colspan=2><input type=submit value='".Okay."' class=btn2></td></tr>\n");
print("</table>\n</p>");
print("</form>\n");
stdfoot();
die;
}
//-------- Action: Delete post
if ($action == "deletepost")
{
$postid = 0+$_GET["postid"];
$sure = 0+$_GET["sure"];
if (get_user_class() < UC_MODERATOR || !is_valid_id($postid))
die;
//------- Get topic id
$res = mysql_query("SELECT topicid FROM posts WHERE id=$postid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res) or stderr("Error", "Post not found");
$topicid = $arr[0];
//------- We can not delete the post if it is the only one of the topic
$res = mysql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
if ($arr[0] < 2)
stderr("Error", "Can't delete post; it is the only post of the topic. You should\n" .
"<a href=?action=deletetopic&topicid=$topicid&sure=1>delete the topic</a> instead.\n",false);
//------- Get the id of the last post before the one we're deleting
$res = mysql_query("SELECT id FROM posts WHERE topicid=$topicid AND id < $postid ORDER BY id DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0)
$redirtopost = "";
else
{
$arr = mysql_fetch_row($res);
$redirtopost = "&page=p$arr[0]#$arr[0]";
}
//------- Make sure we know what we do :-)
if (!$sure)
{
stderr("Delete post", "Sanity check: You are about to delete a post. Click\n" .
"<a href=?action=deletepost&postid=$postid&sure=1>here</a> if you are sure.",false);
}
//------- Delete post
$res = mysql_query("SELECT t.subject, f.name FROM topics as t INNER JOIN forums as f ON t.forumid=f.id WHERE t.id=$topicid ");
$arr= mysql_fetch_assoc($res);
mysql_query("DELETE FROM posts WHERE id=$postid") or sqlerr(__FILE__, __LINE__);
write_log("Forum: ".$arr["name"]." | topic: ".$arr["subject"]." | Topic id: $topicid | has been deleted post: $postid | by $CURUSER[username]");
//------- Update topic
update_topic_last_post($topicid);
header("Location: $BASEURL/forums.php?action=viewtopic&topicid=$topicid$redirtopost");
die;
}
//-------- Action: Lock topic
if ($action == "locktopic")
{
$forumid = 0+$_GET["forumid"];
$topicid = 0+$_GET["topicid"];
$page = 0+$_GET["page"];
if (!is_valid_id($topicid) || get_user_class() < UC_MODERATOR)
die;
mysql_query("UPDATE topics SET locked='yes' WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
header("Location: $BASEURL/forums.php?action=viewforum&forumid=$forumid&page=$page");
die;
}
//-------- Action: Unlock topic
if ($action == "unlocktopic")
{
$forumid = 0+$_GET["forumid"];
$topicid = 0+$_GET["topicid"];
$page = 0+$_GET["page"];
if (!is_valid_id($topicid) || get_user_class() < UC_MODERATOR)
die;
mysql_query("UPDATE topics SET locked='no' WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
header("Location: $BASEURL/forums.php?action=viewforum&forumid=$forumid&page=$page");
die;
}
//-------- Action: Set locked on/off
///// Add reason to locked code - TBDev - Dokty /////
if ($action == "setlocked")
{
$topicid = 0 + $_POST["topicid"];
if (!$topicid || get_user_class() < UC_MODERATOR)
die;
$res2345 = mysql_query("SELECT locked FROM topics WHERE id = " . $topicid) or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res2345) != 1)
die("Error - No topic with this ID.");
$arr2345 = mysql_fetch_assoc($res2345);
$locked = sqlesc($_POST["locked"]);
mysql_query("UPDATE topics SET locked=$locked WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
if ($locked != $arr2345["locked"]) {
$whichoption = ($_POST["locked"] == "yes" ? "L" : "Unl");
$body = sqlesc("Topic [b][color=red] ".$whichoption."ocked [/color][/b]by [url=/userdetails.php?id=".$CURUSER['id'].']'.$CURUSER['username']."[/url]\nReason: ".$_POST["lockreason"].".");
mysql_query("INSERT INTO posts (topicid, userid, added, body) VALUES($topicid, ".$CURUSER['id'].", '" . get_date_time() . "', $body)") or sqlerr(__FILE__, __LINE__);
$postid = mysql_insert_id() or die("Post id n/a");
update_topic_last_post($topicid);
}
$returnto = str_replace ('&', '&', htmlentities($_POST["returnto"]));
header("Location: ".$returnto);
die;
}
//-------- Action: Set sticky on/off
if ($action == "setsticky")
{
$topicid = 0 + $_POST["topicid"];
if (!$topicid || get_user_class() < UC_MODERATOR)
die;
$res23 = mysql_query("SELECT sticky FROM topics WHERE id = " . $topicid) or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res23) != 1)
die("Error - No topic with this ID.");
$arr23 = mysql_fetch_assoc($res23);
$sticky = sqlesc($_POST["sticky"]);
mysql_query("UPDATE topics SET sticky=$sticky WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
if (($sticky != $arr23["sticky"]) && ($_POST["sticky"] == "yes")) {
$body = sqlesc("Topic [b][color=red] Sticky [/color][/b] by ".$CURUSER['username'].".");
mysql_query("INSERT INTO posts (topicid, userid, added, body) VALUES($topicid, ".$CURUSER['id'].", '" . get_date_time() . "', $body)") or sqlerr(__FILE__, __LINE__);
$postid = mysql_insert_id() or die("Post id n/a");
update_topic_last_post($topicid);
}
$returnto = str_replace ('&', '&', htmlentities($_POST["returnto"]));
header("Location: $_POST[returnto]");
die;
}
//-------- Action: Rename topic
if ($action == 'renametopic')
{
if (get_user_class() < UC_MODERATOR)
die;
$topicid = 0+$_POST['topicid'];
$subject = $_POST['subject'];
if ($subject == '')
stderr('Error', 'You must enter a new title!');
$subject = sqlesc($subject);
mysql_query("UPDATE topics SET subject=$subject WHERE id=$topicid") or sqlerr();
$returnto = $_POST['returnto'];
if ($returnto)
header("Location: $returnto");
die;
}
//-------- Action: View forum
if ($action == "viewforum")
{
$forumid = 0+$_GET["forumid"];
$page = 0+$_GET["page"];
$userid = 0+$CURUSER["id"];
//------ Get forum name
$res = mysql_query("SELECT name, minclassread FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or die;
$forumname = $arr["name"];
if (get_user_class() < $arr["minclassread"])
die("Not permitted");
//------ Page links
//------ Get topic count
$perpage = $CURUSER["topicsperpage"];
if (!$perpage) $perpage = 20;
$res = mysql_query("SELECT COUNT(*) FROM topics WHERE forumid=$forumid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
$num = $arr[0];
if ($page == 0)
$page = 1;
$first = ($page * $perpage) - $perpage + 1;
$last = $first + $perpage - 1;
if ($last > $num)
$last = $num;
$pages = floor($num / $perpage);
if ($perpage * $pages < $num)
++$pages;
//------ Build menu
$menu = "<p align=center><b>\n";
$lastspace = false;
for ($i = 1; $i <= $pages; ++$i)
{
if ($i == $page)
$menu .= "<font class=gray>$i</font>\n";
elseif ($i > 3 && ($i < $pages - 2) && ($page - $i > 3 || $i - $page > 3))
{
if ($lastspace)
continue;
$menu .= "... \n";
$lastspace = true;
}
else
{
$menu .= "<a href=?action=viewforum&forumid=$forumid&page=$i>$i</a>\n";
$lastspace = false;
}
if ($i < $pages)
$menu .= "</b>|<b>\n";
}
$menu .= "<br>\n";
if ($page == 1)
$menu .= "<font class=gray><< Prev</font>";
else
$menu .= "<a href=?action=viewforum&forumid=$forumid&page=" . ($page - 1) . "><< Prev</a>";
$menu .= " ";
if ($last == $num)
$menu .= "<font class=gray>Next >></font>";
else
$menu .= "<a href=?action=viewforum&forumid=$forumid&page=" . ($page + 1) . ">Next >></a>";
$menu .= "</b></p>\n";
$offset = $first - 1;
//------ Get topics data
$topicsres = mysql_query("SELECT * FROM topics WHERE forumid=$forumid ORDER BY sticky, lastpost DESC LIMIT $offset,$perpage") or
stderr("SQL Error", mysql_error());
stdhead("Forum");
$numtopics = mysql_num_rows($topicsres);
print("<h1>$forumname</h1>\n");
if ($CURUSER['last_catchup'] != '0000-00-00 00:00:00')
print("<div align=center><font class=small>Last catchup: ".$CURUSER['last_catchup']."</font></div>\n");
if ($numtopics > 0)
{
print($menu);
print("<table border=1 cellspacing=0 cellpadding=5 width=750>");
print("<tr><td class=colhead align=left>Topic</td><td class=colhead>Replies</td><td class=colhead>Views</td>\n" .
"<td class=colhead align=left>Author</td><td class=colhead align=left>Last post</td>\n");
print("</tr>\n");
while ($topicarr = mysql_fetch_assoc($topicsres))
{
$topicid = $topicarr["id"];
$topic_userid = $topicarr["userid"];
$topic_views = $topicarr["views"];
$views = number_format($topic_views);
$locked = $topicarr["locked"] == "yes";
$sticky = $topicarr["sticky"] == "yes";
//---- Get reply count
$res = mysql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
$posts = $arr[0];
$replies = max(0, $posts - 1);
$tpages = floor($posts / $postsperpage);
if ($tpages * $postsperpage != $posts)
++$tpages;
if ($tpages > 1)
{
$topicpages = " (<img src=pic/multipage.gif>";
for ($i = 1; $i <= $tpages; ++$i)
$topicpages .= " <a href=?action=viewtopic&topicid=$topicid&page=$i>$i</a>";
$topicpages .= ")";
}
else
$topicpages = "";
//---- Get userID and date of last post
$res = mysql_query("SELECT * FROM posts WHERE topicid=$topicid ORDER BY id DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res);
$lppostid = 0 + $arr["id"];
$lpuserid = 0 + $arr["userid"];
$lpadded = "<nobr>" . display_date_time($arr["added"]) . "</nobr>";
//------ Get name of last poster
$res = mysql_query("SELECT * FROM users WHERE id=$lpuserid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 1)
{
$arr = mysql_fetch_assoc($res);
$T2 = array("Owner" => "#8D38C9",
"Super Visor" => "#9172EC",
"System Operator" => "#FF0000",
"Elite Admin" => "#C34A2C",
"Administrator" => "#C85A17",
"Master Moderator" => "#736AFF",
"Moderator" => "#6698FF",
"Premium Uploader" => "#C031C7",
"Uploader" => "#F433FF",
"VIP" => "#87F717",
"Legend User" => "#EAC117",
"Etreme User" => "#FDD017",
"Elite User" => "#D4A017",
"Power User" => "#F87217",
"User" => "#F88017");
$title_color2 = $T2[get_user_class_name($arr["class"])];
$lpusername = "<a href=userdetails.php?id=$lpuserid><b><font color=$title_color2>$arr[username]</font></b></a>";
}
else
$lpusername = "unknown[$topic_userid]";
//------ Get author
$res = mysql_query("SELECT username FROM users WHERE id=$topic_userid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 1)
{
$arr = mysql_fetch_assoc($res);
$lpauthor = "<a href=userdetails.php?id=$topic_userid><b>$arr[username]</b></a>";
}
else
$lpauthor = "unknown[$topic_userid]";
//---- Print row
$r = mysql_query("SELECT lastpostread FROM readposts WHERE userid=$userid AND topicid=$topicid") or sqlerr(__FILE__, __LINE__);
$a = mysql_fetch_row($r);
$new = !$a || $lppostid > $a[0];
$topicpic = ($locked ? ($new ? "lockednew" : "locked") : ($new ? "unlockednew" : "unlocked"));
$subject = ($sticky ? "<b><font color=purple>Sticky:</font></b> " : "") . "<a href=?action=viewtopic&topicid=$topicid><b>" .
encodehtml($topicarr["subject"]) . "</b></a>$topicpages";
print("<tr><td align=left><table border=0 cellspacing=0 cellpadding=0><tr>" .
"<td class=embedded style='padding-right: 5px'><img class=$topicpic src=pic/blankforum.gif>" .
"</td><td class=embedded align=left>\n" .
"$subject</td></tr></table></td><td align=right>$replies</td>\n" .
"<td align=right>$views</td><td align=left>$lpauthor</td>\n" .
"<td align=left>$lpadded<br>by $lpusername</td>\n");
print("</tr>\n");
} // while
print("</table>\n");
print($menu);
} // if
else
print("<p align=center>No topics found</p>\n");
print("<p><table class=main border=0 cellspacing=0 cellpadding=0><tr valing=center>\n");
print("<td class=embedded><img src=pic/blankforum.gif class=forumbottomunlockednew style='margin-right: 5px'></td><td class=embedded>New posts</td>\n");
print("<td class=embedded><img src=pic/blankforum.gif class=forumbottomlocked style='margin-left: 10px; margin-right: 5px'>" .
"</td><td class=embedded>Locked topic</td>\n");
print("</tr></table></p>\n");
$arr = get_forum_access_levels($forumid) or die;
$maypost = get_user_class() >= $arr["write"] && get_user_class() >= $arr["create"];
if (!$maypost)
print("<p><i>You are not permitted to start new topics in this forum.</i></p>\n");
print("<p><table border=0 class=main cellspacing=0 cellpadding=0><tr>\n");
print("<td class=embedded><form method=get action=?><input type=hidden " .
"name=action value=viewunread><input type=submit value='View unread' class=btn2></form></td>\n");
if ($maypost)
print("<td class=embedded><form method=get action=?><input type=hidden " .
"name=action value=newtopic><input type=hidden name=forumid " .
"value=$forumid><input type=submit value='New topic' class=btn2 style='margin-left: 10px'></form></td>\n");
print("</tr></table></p>\n");
insert_quick_jump_menu($forumid);
stdfoot();
die;
}
//-------- Action: View unread posts
if ($action == "viewunread")
{
//die("This feature is currently unavailable.");
$userid = $CURUSER['id'];
$maxresults = 25;
$res = mysql_query("SELECT id, forumid, subject, lastpost FROM topics ORDER BY lastpost") or sqlerr(__FILE__, __LINE__);
stdhead();
print("<h1>Topics with unread posts</h1>\n");
$n = 0;
$uc = get_user_class();
while ($arr = mysql_fetch_assoc($res))
{
$topicid = $arr['id'];
$forumid = $arr['forumid'];
//---- Check if post is read
$r = mysql_query("SELECT lastpostread FROM readposts WHERE userid=$userid AND topicid=$topicid") or sqlerr(__FILE__, __LINE__);
$a = mysql_fetch_row($r);
if ($a && $a[0] == $arr['lastpost'])
continue;
//---- Check access & get forum name
$r = mysql_query("SELECT name, minclassread FROM forums WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
$a = mysql_fetch_assoc($r);
if ($uc < $a['minclassread'])
continue;
++$n;
if ($n > $maxresults)
break;
$forumname = $a['name'];
if ($n == 1)
{
print("<table border=1 cellspacing=0 cellpadding=5>\n");
print("<tr><td class=colhead align=left>Topic</td><td class=colhead align=left>Forum</td></tr>\n");
}
print("<tr><td align=left><table border=0 cellspacing=0 cellpadding=0><tr><td class=embedded>" .
"<img src=pic/blankforum.gif class=forumbottomunlockednew style='margin-right: 5px'></td><td class=embedded>" .
"<a href=?action=viewtopic&topicid=$topicid&page=last#last><b>" . htmlspecialchars($arr["subject"]) .
"</b></a></td></tr></table></td><td align=left><a href=?action=viewforum&forumid=$forumid><b>$forumname</b></a></td></tr>\n");
}
if ($n > 0)
{
print("</table>\n");
if ($n > $maxresults)
print("<p>More than $maxresults items found, displaying first $maxresults.</p>\n");
print("<p><a href=?catchup><b>Catch up</b></a></p>\n");
}
else
print("<b>Nothing found</b>");
stdfoot();
die;
}
if ($action == "search")
{
stdhead("Forum Search");
unset($error);
$error= false;
$keywords = htmlspecialchars(trim($_GET["keywords"]));
if ($keywords != "")
{
$perpage = 8;
$page = max(1, 0 + $_GET["page"]);
$extraSql = "body LIKE '%".mysql_real_escape_string($keywords)."%'";
$res = mysql_query("SELECT COUNT(*) FROM posts WHERE $extraSql") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
$hits = 0 + $arr[0];
if ($hits == 0)
$error = true;
else
{
$pages = 0 + ceil($hits / $perpage);
if ($page > $pages) $page = $pages;
for ($i = 1; $i <= $pages; ++$i)
if ($page == $i)
$pagemenu1 .= "<font class=gray><b>$i</b></font>\n";
else
$pagemenu1 .= "<a href=\"forums.php?action=search&keywords=$keywords&page=$i\"><b>$i</b></a>\n";
if ($page == 1)
$pagemenu2 = "<font class=gray><b><< Prev</b></font>\n";
else
$pagemenu2 = "<a href=\"forums.php?action=search&keywords=$keywords&page=" . ($page - 1) . "\"><b><< Prev</b></a>\n";
$pagemenu2 .= " \n";
if ($page == $pages)
$pagemenu2 .= "<font class=gray><b>Next >></b></font>\n";
else
$pagemenu2 .= "<a href=\"forums.php?action=search&keywords=$keywords&page=" . ($page + 1) . "\"><b>Next >></b></a>\n";
$offset = ($page * $perpage) - $perpage;
$res = mysql_query("SELECT id, topicid,userid,added FROM posts WHERE $extraSql ORDER BY added DESC LIMIT $offset,$perpage") or sqlerr(__FILE__, __LINE__);
$num = mysql_num_rows($res);
print("<p>$pagemenu1<br>$pagemenu2</p>");
print("<table border=1 cellspacing=0 cellpadding=5 width=750>\n");
print("<tr><td class=colhead>Post</td><td class=colhead align=left>Topic</td><td class=colhead align=left>Forum</td><td class=colhead align=left>Posted by</td></tr>\n");
for ($i = 0; $i < $num; ++$i)
{
$post = mysql_fetch_assoc($res);
$res2 = mysql_query("SELECT forumid, subject FROM topics WHERE id=$post[topicid]") or
sqlerr(__FILE__, __LINE__);
$topic = mysql_fetch_assoc($res2);
$res2 = mysql_query("SELECT name,minclassread FROM forums WHERE id=$topic[forumid]") or
sqlerr(__FILE__, __LINE__);
$forum = mysql_fetch_assoc($res2);
if ($forum["name"] == "" || $forum["minclassread"] > $CURUSER["class"])
{
--$hits;
continue;
}
$res2 = mysql_query("SELECT username FROM users WHERE id=$post[userid]") or
sqlerr(__FILE__, __LINE__);
$user = mysql_fetch_assoc($res2);
if ($user["username"] == "")
$user["username"] = "[$post[userid]]";
//---------------------------------
//---- Search Highlight v0.1 by xam
//---------------------------------
print("<tr><td>$post[id]</td><td align=left><a href=?action=viewtopic&highlight=$keywords&topicid=$post[topicid]&page=p$post[id]#$post[id]><b>" . htmlspecialchars($topic["subject"]) . "</b></a></td><td align=left><a href=?action=viewforum&forumid=$topic[forumid]><b>" . htmlspecialchars($forum["name"]) . "</b></a><td align=left><b><a href=userdetails.php?id=$post[userid]>$user[username]</a></b><br>at ".display_date_time($post["added"])."</tr>\n");
//---------------------------------
//---- Search Highlight v0.1 by xam
//---------------------------------
}
print("</table>\n");
print("<p>$pagemenu2<br>$pagemenu1</p>");
$found ="[<b><font color=red> Found $hits post" . ($hits != 1 ? "s" : "")." </font></b> ]";
}
}
?>
<style type="text/css">
<!--
.search_table {
border-collapse: collapse;
border: none;
background-color: #ffffff;
}
-->
</style>
<div class="search">
<div class="search_title">Search on Forums <?=($error ? "[<b><font color=red> Nothing Found</font></b> ]" : $found)?></div>
<div style="margin-left: 53px; margin-top: 13px;">
<form method="get" action="forums.php" id="search_form" style="margin: 0pt; padding: 0pt; font-family: Tahoma,Arial,Helvetica,sans-serif; font-size: 11px;">
<input type="hidden" name="action" value="search">
<table border="0" cellpadding="0" cellspacing="0" width="412" class="search_table">
<tbody>
<tr>
<td style="padding-bottom: 3px; border: 0;" valign="top"><b>by keyword</b></td>
</tr>
<tr>
<td style="padding-bottom: 3px; border: 0;" valign="top">
<input name="keywords" type="text" value="<?=$keywords?>" size="80" /></td>
<td style="padding-bottom: 3px; border: 0;" valign="top"><input name="image" type="image" style="vertical-align: middle; padding-bottom: 7px; margin-left: 1px;" src="pic/search_button.gif" /></td>
</tr>
</tbody>
</table>
</form>
</div>
</div>
<?
stdfoot();
die;
}
if ($action == 'forumview')
{
$forid = 0+$_GET["forid"];
// - Bleaches Edits
mysql_query("UPDATE users SET forum_access='" . get_date_time() . "' WHERE id={$CURUSER["id"]}");// or die(mysql_error());
$forums_res = mysql_query("SELECT * FROM forums WHERE forid=$forid ORDER BY name") or sqlerr(__FILE__, __LINE__);
//------ Get forum name
$res = mysql_query("SELECT name FROM overforums WHERE id=$forid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or die;
$forumname = $arr["name"];
stdhead("Forums");
print("<h1><b><a href=forums.php>Forums</a></b> ->".$forumname."</h1>\n");
print("<table border=1 cellspacing=0 cellpadding=5 width=750>\n");
print("<tr><td class=colhead align=left>Forums</td><td class=colhead align=right>Topics</td>" .
"<td class=colhead align=right>Posts</td>" .
"<td class=colhead align=left>Last post</td></tr>\n");
while ($forums_arr = mysql_fetch_assoc($forums_res))
{
if (get_user_class() < $forums_arr["minclassread"])
continue;
// Set forumid
//mysql_query("UPDATE forums SET forumid=1") or sqlerr(__FILE__, __LINE__);
//$forums_arr["Forumid"] = 1;
//echo ($forum_arr["$forumid"]);
//die('test');
//$fid = $forums_arr["forid"];
//if ($forums_arr["forid"] != $forid)
// continue;
$forumid = $forums_arr["id"];
$forumname = htmlspecialchars($forums_arr["name"]);
$forumdescription = htmlspecialchars($forums_arr["description"]);
$forummoderators = htmlspecialchars($forums_arr["moderators"]);
$topiccount = number_format($forums_arr["topiccount"]);
$postcount = number_format($forums_arr["postcount"]);
/*
while ($topicids_arr = mysql_fetch_assoc($topicids_res))
{
$topicid = $topicids_arr['id'];
$postcount_res = mysql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
$postcount_arr = mysql_fetch_row($postcount_res);
$postcount += $postcount_arr[0];
}
$postcount = number_format($postcount);
*/
// Find last post ID
$lastpostid = get_forum_last_post($forumid);
// Get last post info
$post_res = mysql_query("SELECT UNIX_TIMESTAMP(added) as utadded,topicid,userid FROM posts WHERE id=$lastpostid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($post_res) == 1)
{
$post_arr = mysql_fetch_assoc($post_res) or die("Bad forum last_post");
$lastposterid = $post_arr["userid"];
$lastpostdate = display_date_time($post_arr["added"]);
$lasttopicid = $post_arr["topicid"];
$user_res = mysql_query("SELECT username FROM users WHERE id=$lastposterid") or sqlerr(__FILE__, __LINE__);
$user_arr = mysql_fetch_assoc($user_res);
$lastposter = htmlspecialchars($user_arr['username']);
$topic_res = mysql_query("SELECT subject FROM topics WHERE id=$lasttopicid") or sqlerr(__FILE__, __LINE__);
$topic_arr = mysql_fetch_assoc($topic_res);
$lasttopic = htmlspecialchars($topic_arr['subject']);
$lastpost = "<nobr>$lastpostdate<br>" .
"by <a href=userdetails.php?id=$lastposterid><b>$lastposter</b></a><br>" .
"in <a href=?action=viewtopic&topicid=$lasttopicid&page=p$lastpostid#$lastpostid><b>$lasttopic</b></a></nobr>";
$r = mysql_query("SELECT lastpostread FROM readposts WHERE userid=$CURUSER[id] AND topicid=$lasttopicid") or sqlerr(__FILE__, __LINE__);
$a = mysql_fetch_row($r);
if ($a && $a[0] >= $lastpostid)
$img = "unlocked";
else
$img = "unlockednew";
}
else
{
$lastpost = "N/A";
$img = "unlocked";
}
print("<tr><td align=left><table border=0 cellspacing=0 cellpadding=0><tr><td class=embedded style='padding-right: 5px'><img src=".
"/pic/$img.gif></td><td class=embedded><a href=?action=viewforum&forumid=$forumid><b>$forumname</b></a>\n" .
($CURUSER['class']>=UC_OWNER ? "<font class=small> ".
"[<a class=altlink href=forums.php?action=editforum&forumid=$forumid>E</a>] ".
"[<a class=altlink href=forums.php?action=deleteforum&forumid=$forumid>D</a>]</font>" : "").
"<br>\n$forumdescription</br><b><font color=C8E4FF>$forummoderators</b><b><font color=C8E4FF>$moderators</b></font></td></tr></table></td><td align=right>$topiccount</td></td><td align=right>$postcount</td>" .
"<td align=left>$lastpost</td></tr>\n");
}
// End Table Mod
print("</table>");
forum_stats();
stdfoot();
///////////////////////////////
die();
}
//-------- Handle unknown action
if ($action != "")
stderr("Forum Error", "Unknown action");
//-------- Default action: View forums
if (isset($_GET["catchup"]))
catch_up();
//-------- Get forums
//-------- Get overforums --- being tested
mysql_query("UPDATE users SET forum_access='" . get_date_time() . "' WHERE id={$CURUSER["id"]}");// or die(mysql_error());
$forums2_res = mysql_query("SELECT * FROM overforums ORDER BY sort ASC") or sqlerr(__FILE__, __LINE__);
stdhead("Forums");
print("<h1><b>Forums</b></h1>\n");
print("<table border=1 cellspacing=0 cellpadding=5 width=750>\n");
//forum_stats();
print("<p align=center><a href=?action=search><font color=red><b>Search Forums</b></a></font> | <a href=?action=viewunread><b>View unread</b></a> | <a href=?catchup><b>Mark all as read</b></a> | <a href=/topposters.php><b>Top 10 posts</b></a> ".($CURUSER['class'] >= UC_SYSOP ? "| <a href=forummanage.php#add><b>Add Forum</b></a>":"")."</p><br>");
while ($a = mysql_fetch_assoc($forums2_res))
{
$npost = 0;
if (get_user_class() < $a["minclassview"])
continue;
$forid = $a["id"];
$overforumname = $a["name"];
print("<tr><td align=left class=colhead><a href=?action=forumview&forid=$forid><b><font color=white>".$overforumname."</font></b></a></td><td align=right class=colhead><font color=white><b>Topics</b></td>" .
"<td align=right class=colhead><font color=white><b>Posts</b></font></td>" .
"<td align=left class=colhead><font color=white><b>Last post</b></font></td></tr>\n");
$forums_res = mysql_query("SELECT * FROM forums WHERE forid=$forid ORDER BY forid ASC") or sqlerr(__FILE__, __LINE__);
while ($forums_arr = mysql_fetch_assoc($forums_res))
{
if (get_user_class() < $forums_arr["minclassread"])
continue;
// Set forumid
//mysql_query("UPDATE forums SET forumid=1") or sqlerr(__FILE__, __LINE__);
//$forums_arr["Forumid"] = 1;
//echo ($forum_arr["$forumid"]);
//die('test');
//$fid = $forums_arr["forid"];
//if ($forums_arr["forid"] != $forid)
// continue;
$forumid = $forums_arr["id"];
$forumname = htmlspecialchars($forums_arr["name"]);
$forumdescription = htmlspecialchars($forums_arr["description"]);
$forummoderators = htmlspecialchars($forums_arr["moderators"]);
$topiccount = number_format($forums_arr["topiccount"]);
$postcount = number_format($forums_arr["postcount"]);
/*
while ($topicids_arr = mysql_fetch_assoc($topicids_res))
{
$topicid = $topicids_arr['id'];
$postcount_res = mysql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
$postcount_arr = mysql_fetch_row($postcount_res);
$postcount += $postcount_arr[0];
}
$postcount = number_format($postcount);
*/
// Find last post ID
$lastpostid = get_forum_last_post($forumid);
// Get last post info
$post_res = mysql_query("SELECT UNIX_TIMESTAMP(added) as utadded,topicid,userid FROM posts WHERE id=$lastpostid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($post_res) == 1)
{
$post_arr = mysql_fetch_assoc($post_res) or die("Bad forum last_post");
$lastposterid = $post_arr["userid"];
$lasttopicid = $post_arr["topicid"];
$user_res = mysql_query("SELECT username FROM users WHERE id=$lastposterid") or sqlerr(__FILE__, __LINE__);
$user_arr = mysql_fetch_assoc($user_res);
$lastposter = htmlspecialchars($user_arr['username']);
$topic_res = mysql_query("SELECT subject FROM topics WHERE id=$lasttopicid") or sqlerr(__FILE__, __LINE__);
$topic_arr = mysql_fetch_assoc($topic_res);
$lasttopic = htmlspecialchars($topic_arr['subject']);
$lastpost = "<nobr>$lastpostdate<br>" .
"by <a href=userdetails.php?id=$lastposterid><b>$lastposter</b></a><br>" .
"in <a href=?action=viewtopic&topicid=$lasttopicid&page=p$lastpostid#$lastpostid><b>$lasttopic</b></a></nobr>";
$r = mysql_query("SELECT lastpostread FROM readposts WHERE userid=$CURUSER[id] AND topicid=$lasttopicid") or sqlerr(__FILE__, __LINE__);
$a = mysql_fetch_row($r);
if ($a && $a[0] >= $lastpostid)
$img = "unlocked";
else
$img = "unlockednew";
}
else
{
$lastpost = "N/A";
$img = "unlocked";
}
print("<tr><td align=left><table border=0 cellspacing=0 cellpadding=0><tr><td class=embedded style='padding-right: 5px'><img class=$img src=".
"/pic/blankforum.gif></td><td class=embedded><a href=?action=viewforum&forumid=$forumid><b>$forumname</b></a>\n" .
($CURUSER['class']>=UC_OWNER ? "<font class=small> ".
"[<a class=altlink href=forums.php?action=editforum&forumid=$forumid>E</a>] ".
"[<a class=altlink href=forums.php?action=deleteforum&forumid=$forumid>D</a>]</font>" : "").
"<br>\n$forumdescription</br><b><font color=C8E4FF>$forummoderators</b><b><font color=C8E4FF>$moderators</b></font></td></tr></table></td><td align=right>$topiccount</td></td><td align=right>$postcount</td>" .
"<td align=left>$lastpost</td></tr>\n");
}
}
// End Table Mod
print("</table>");
forum_stats();
//print("<p align=center><a href=?action=search><font color=red><b>Search Forums</b></a></font> | <a href=?action=viewunread><b>View unread</b></a> | <a href=?catchup><b>Mark all as read</b> | <a href=/topposters.php><b>Top 10 posts</b></a> </a> ".($CURUSER['class'] >= UC_SYSOP ? "| <a href=forummanage.php#add><b>Add Forum</b></a>":"")."</p>");
stdfoot();
?>