PHP Code:
<?php
require "include/bittorrent.php";
gzip();
dbconn(false);
/**
* The width of the forum, in percent, 100% is the full width
*
* Note: the width is also set in the function begin_main_frame()
*/
$forum_width = '100%';
/**
* The readpost expiry date, default 14 days
*
* Note: if you already have it, delete this one
*/
$READPOST_EXPIRY = 14*86400;
/**
* Set to true if you want to use the flood mod
*/
$use_flood_mod = true;
/**
* If there are more than $limit(default 10) posts in the last $minutes(default 5) minutes, it will give them a error...
*
* Requires the flood mod set to true
*/
$minutes = 3;
$limit = 2;
/**
* Get's the users posts per page, no need to change
*/
$postsperpage = (empty($CURUSER['postsperpage']) ? 10 : (int)$CURUSER['postsperpage']);
$action = (isset($_GET["action"]) ? trim($_GET["action"]) : (isset($_POST["action"]) ? trim($_POST["action"]) : ''));
if (!function_exists('highlight'))
{
function highlight($search, $subject, $hlstart = '<b><font color=red>', $hlend = '</font></b>')
{
$srchlen = strlen($search); // lenght of searched string
if ($srchlen == 0)
return $subject;
$find = $subject;
while ($find = stristr($find, $search)) // find $search text in $subject -case insensitiv
{
$srchtxt = substr($find,0,$srchlen); // get new search text
$find = substr($find,$srchlen);
$subject = str_replace($srchtxt, $hlstart.$srchtxt.$hlend, $subject); // highlight founded case insensitive search text
}
return $subject;
}
}
function forum_stats()
{
global $pic_base_url, $forum_width, $DEFAULTBASEURL;
$title_who = array();
$dt = sqlesc(time() - 300);
$result = sql_query("SELECT u.id, u.username, u.class FROM users AS u WHERE u.forum_access > ".sqlesc(get_date_time(time() - 300))." ORDER BY u.class DESC");
while (list($uid, $uname, $class) = mysql_fetch_row($result)) {
if (!empty($uname)) {
$title_who[] = "<a href=\"userdetails.php?id=".$uid."\" class=\"online\">".get_user_class_color($class, $uname)."</a>";
}
if ($class >= UC_MODERATOR) {
$staff++;
} elseif (empty($uname)) {
$guests++;
} elseif ($class < UC_MODERATOR) {
$users++;
}
$total++;
if (empty($uname))
continue;
else
$who_online .= $title_who;
}
$topic_post_res = sql_query("SELECT SUM(topiccount) AS stopics, SUM(postcount) AS sposts , (SELECT COUNT(*) FROM posts WHERE posts.added >= DATE_SUB(CURRENT_DATE, INTERVAL 1 DAY)) AS dayposts FROM forums");
while ($topic_post_arr = mysql_fetch_array($topic_post_res))
{
$sposts = number_format($topic_post_arr['sposts']);
$stopics = number_format($topic_post_arr['stopics']);
$dayposts = number_format($topic_post_arr['dayposts']);
}
?>
<table border="0px" cellspacing="3" cellpadding="5" width="100%">
<tr><td class="embedded">
<h2>Online users</h2>
<?
if (count($title_who)) {
echo "<tr><td class=\"embedded\">" . @implode(", ", $title_who) . "</td></tr>\n";
} else {
echo "<tr><td class=\"embedded\">No users over the past 10 minutes.</td></tr>\n";
}
?>
</td></tr>
<br />
<tr><td class="embedded">
<h2>Stats</h2>
<tr><td class="embedded">Users have made <b><?php echo $sposts ?></b> posts in <b><?php echo $stopics ?></b> topics. New posts per day: <b><?php echo $dayposts ?></b> .</td>
</tr>
</td></tr>
</table>
<?
}
function forum_menu_bottom(){
global $CURUSER ;
print("<br><br><p align=center><a href=forum.php><b>To Forum</b></a> | <a href=?action=search><b>Search Topic</b></a> | <a href=?action=getdaily><b>Newest topics</b></a> | <a href=?catchup><b>Catchup</b></a> ".($CURUSER['class'] >= UC_ADMINISTRATOR ? "| <a href=forummanage.php#add><b>Manage forum</b></a>":"")."</p>");
forum_stats();
}
function show_forums($forid)
{
global $CURUSER, $pic_base_url, $READPOST_EXPIRY, $DEFAULTBASEURL;
$forums_res = sql_query("SELECT f.id, f.name, f.description, f.postcount, f.topiccount, f.sort, p.added, p.topicid, p.userid, p.id AS pid, u.username, u.class, t.subject, t.lastpost, r.lastpostread ".
"FROM forums AS f ".
"LEFT JOIN posts AS p ON p.id = (SELECT MAX(lastpost) FROM topics WHERE forumid = f.id) ".
"LEFT JOIN users AS u ON u.id = p.userid ".
"LEFT JOIN topics AS t ON t.id = p.topicid ".
"LEFT JOIN readposts AS r ON r.userid = ".sqlesc($CURUSER['id'])." AND r.topicid = p.topicid ".
"WHERE f.forid = $forid ".
"ORDER BY f.sort ASC") or sqlerr(__FILE__, __LINE__);
while ($forums_arr = mysql_fetch_assoc($forums_res))
{
$forumid = (int)$forums_arr["id"];
$lastpostid = (int)$forums_arr['lastpost'];
if (is_valid_id($forums_arr['pid']))
{
$lastpost = "<nobr><a href='$DEFAULTBASEURL/userdetails.php?id=".(int)$forums_arr["userid"]."'>".get_user_class_color($forums_arr["class"],$forums_arr["username"])."</a>
<a href='".$_SERVER['PHP_SELF']."?action=viewtopic&topicid=".(int)$forums_arr["topicid"]."&page=p$lastpostid#$lastpostid'><img src='$pic_base_url/latest.gif' border='0px' alt='Quote'></a><br /> ".$forums_arr["added"]."</nobr>";
$img = 'unlocked'.((($forums_arr['added']>(get_date_time()-$READPOST_EXPIRY))?((int)$forums_arr['pid'] > $forums_arr['lastpostread']):0)?'new':'');
}
else
{
$lastpost = "N/A";
$img = "unlocked";
}
?><tr>
<td align='left'>
<table border=0 cellspacing=0 cellpadding=0>
<tr>
<td class=embedded style='padding-right: 5px'><img src="<?php echo $pic_base_url . $img; ?>.gif"></td>
<td class=embedded>
<a href='<?php echo $_SERVER['PHP_SELF']; ?>?action=viewforum&forumid=<?php echo $forumid; ?>'><b><?php echo htmlspecialchars($forums_arr["name"]); ?></b></a><?php
if (!empty($forums_arr["description"]))
{
?><br /><?php echo htmlspecialchars($forums_arr["description"]);
}
?></td>
</tr>
</table>
</td>
<td align='center'><?php echo number_format($forums_arr["topiccount"]); ?></td>
<td align='center'><?php echo number_format($forums_arr["postcount"]); ?></td>
<td align='left'> <?php echo $lastpost; ?></td>
</tr><?php
}
}
function catch_up($id = 0)
{
global $CURUSER, $READPOST_EXPIRY;
$userid = (int)$CURUSER['id'];
$res = sql_query("SELECT t.id, t.lastpost, r.id AS r_id, r.lastpostread ".
"FROM topics AS t ".
"LEFT JOIN posts AS p ON p.id = t.lastpost ".
"LEFT JOIN readposts AS r ON r.userid=".sqlesc($userid)." AND r.topicid=t.id ".
"WHERE p.added > ".sqlesc(get_date_time() - $READPOST_EXPIRY).
(!empty($id) ? ' AND t.id '.(is_array($id) ? 'IN ('.implode(', ', $id).')' : '= '.sqlesc($id)) : '')) or sqlerr(__FILE__, __LINE__);
while ($arr = mysql_fetch_assoc($res))
{
$postid = (int)$arr['lastpost'];
if (!is_valid_id($arr['r_id']))
@sql_query("INSERT INTO readposts (userid, topicid, lastpostread) VALUES($userid, ".(int)$arr['id'].", $postid)") or sqlerr(__FILE__, __LINE__);
else if ($arr['lastpostread'] < $postid)
@sql_query("UPDATE LOW_PRIORITY readposts SET lastpostread = $postid WHERE id = ".$arr['r_id']) or sqlerr(__FILE__, __LINE__);
}
mysql_free_result($res);
}
//-------- Returns the minimum read/write class levels of a forum
//-------- Returns the forum ID of a topic, or false on error
function get_topic_forum($topicid)
{
$res = sql_query("SELECT forumid FROM topics WHERE id=".sqlesc($topicid)) or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
return false;
$arr = mysql_fetch_row($res);
return $arr[0];
}
//-------- Returns the ID of the last post of a forum
function update_topic_last_post($topicid)
{
$res = sql_query("SELECT id FROM posts WHERE topicid=".sqlesc($topicid)." ORDER BY id DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res) or die("No post found");
$postid = $arr[0];
@sql_query("UPDATE LOW_PRIORITY topics SET lastpost=$postid WHERE id=".sqlesc($topicid)) or sqlerr(__FILE__, __LINE__);
}
function get_forum_last_post($forumid)
{
$res = sql_query("SELECT lastpost FROM topics WHERE forumid=".sqlesc($forumid)." ORDER BY lastpost DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
$postid = $arr[0];
if ($postid)
return $postid;
else
return 0;
}
//-------- Inserts a quick jump menu
function insert_quick_jump_menu($currentforum = 0)
{
print("<p align=center><form method=get action=? name=jump>\n");
print("<input type=hidden name=action value=viewforum>\n");
print("<div align=right class=success>Quick Link: ");
print("<select name=forumid onchange=\"if(this.options[this.selectedIndex].value != -1){ forms['jump'].submit() }\">\n");
$res = sql_query("SELECT * FROM forums ORDER BY name") or sqlerr(__FILE__, __LINE__);
while ($arr = mysql_fetch_assoc($res))
{
print("<option value=" . $arr["id"] . ($currentforum == $arr["id"] ? " selected>" : ">") . $arr["name"] . "\n");
}
print("</select>\n");
print("<input type=submit value='go!' class='btn'>\n");
print("</form>\n</div></p>");
}
//-------- Inserts a compose frame
function insert_compose_frame($id, $newtopic = true, $quote = false)
{
global $maxsubjectlength, $CURUSER, $pic_base_url ,$forum_pics, $DEFAULTBASEURL;
if ($newtopic)
{
$res = sql_query("SELECT name FROM forums WHERE id = ".sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or die("Bad forum ID!");
?><h3>Create a new topic in the Forum <a href='<?php echo $_SERVER['PHP_SELF']; ?>?action=viewforum&forumid=<?php echo $id; ?>'><?php echo htmlspecialchars($arr["name"]); ?></a></h3><?php
}
else
{
$res = sql_query("SELECT subject, locked FROM topics WHERE id = ".sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or die("Forum error, Topic not found.");
if ($arr['locked'] == 'yes')
{
stdmsg("Sorry", "The topic is locked.");
end_table(); end_main_frame(); stdfoot();
exit();
}
?><h3 align="center">Reply to Topic: <a href='<?php echo $_SERVER['PHP_SELF']; ?>?action=viewtopic&topicid=<?php echo $id; ?>'><?php echo htmlspecialchars($arr["subject"]); ?></a></h3><?php
}
begin_frame("Editor", true);
?>
<form method='post' name='compose' id='compose' action='<?php echo $_SERVER['PHP_SELF']; ?>' enctype='multipart/form-data'>
<input type="hidden" name="action" value="post" />
<input type='hidden' name='<?php echo($newtopic ? 'forumid' : 'topicid'); ?>' value='<?php echo $id; ?>'><?php
begin_table(true);
if ($newtopic)
{
?>
<tr>
<td class='coolhead'><center>Topic<br />
<input type='text' size='120' maxlength='<?php echo $maxsubjectlength; ?>' name='subject' style='height: 19px'>
</center></td>
</tr><?php
}
if ($quote)
{
$postid = (int)$_GET["postid"];
if (!is_valid_id($postid))
{
stdmsg("Error", "Invalid ID!");
end_table(); end_main_frame(); stdfoot();
exit();
}
$res = sql_query("SELECT posts.*, users.username FROM posts JOIN users ON posts.userid = users.id WHERE posts.id = $postid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0)
{
stdmsg("Error", "No post with this ID");
end_table(); end_main_frame(); stdfoot();
exit();
}
$arr = mysql_fetch_assoc($res);
}
?><tr>
<td><center><?php
$qbody = ($quote ? "<<<@!1!@>>>" : '');
textbbcode("compose", "body", $qbody);
?><tr>
<td colspan='2' align='center'>
<input type="button" value="Preview" onClick="javascript:ajaxpreview('area');" ><input type='submit' value='Preview'>
</center>
<script language="javascript" type="text/javascript" src="js/ajax.js"></script>
<script language="javascript" type="text/javascript" src="js/preview.js"></script>
<div id="loading-layer" style="display:none;font-family: Verdana;font-size: 11px;width:200px;height:50px;background:#FFF;padding:10px;text-align:center;border:1px solid #000">
<div style="font-weight:bold;" id="loading-layer-text">Loading...Please wait</div><br />
<img src="pic/loading.gif" border="0" />
</div>
<br />
<div id="preview" style="width:530px;"></div>
</td>
</tr>
</td>
</tr><?php
end_table();
?></form><?php
end_frame();
//------ Get 10 last posts if this is a reply
if (!$newtopic)
{
$postres = sql_query("SELECT p.id, p.added, p.body, u.id AS uid, u.username, u.avatar ".
"FROM posts AS p ".
"LEFT JOIN users AS u ON u.id = p.userid ".
"WHERE p.topicid = ".sqlesc($id)." ".
"ORDER BY p.id DESC LIMIT 10") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($postres) > 0)
{
?><br /><?php
begin_frame("10 lastest posts");
while ($post = mysql_fetch_assoc($postres))
{
$avatar = ($CURUSER["avatars"] == "yes" ? htmlspecialchars($post["avatar"]) : '');
if (empty($avatar))
$avatar = $pic_base_url."default_avatar.gif";
?><p class=sub>#<?php echo $post["id"]; ?> from <?php echo(!empty($post["username"]) ? $post["username"] : "unknown[{$post['uid']}]"); ?> to <?php echo $post["added"]; ?></p><?php
begin_table(true);
?>
<tr>
<td height='100' width='100' align='center' style='padding: 0px' valign="top"><img height='100' width='100' src="<?php echo $avatar; ?>" /></td>
<td class='comment' valign='top'><?php echo format_comment($post["body"]); ?></td>
</tr><?php
end_table();
}
end_frame();
}
}
insert_quick_jump_menu();
}
//-------- Global variables
$maxsubjectlength = 300;
//-------- Action: New topic
if ($action == "newtopic")
{
$forumid = (int)$_GET["forumid"];
stdhead("Create new topic");
begin_main_frame();
insert_compose_frame($forumid,true,false);
end_main_frame();
stdfoot();
die;
}
//-------- Action: Post
elseif ($action == "post")
{
$forumid = (int)$_POST["forumid"];
$topicid = (int)$_POST["topicid"];
$newtopic = $forumid > 0;
$subject = htmlspecialchars($_POST["subject"]);
if ($newtopic)
{
$subject = trim($subject);
if (!$subject)
stderr("Error", "You must enter a subject.");
if (strlen($subject) > $maxsubjectlength)
stderr("Error", "Subject is limited.");
}
else
$forumid = get_topic_forum($topicid) or die("Bad topic ID");
if ($CURUSER["forumpost"] == 'no')
{
stdhead();
stdmsg("Sorry...", "You are not authorized to Post.",false);
stdfoot();
exit;
}
//------ Make sure sure user has write access in forum
$arr = $forumid or die("Bad forum ID");
$body = trim($_POST["body"]);
if ($body == "")
stderr("Error", "No body text.");
$userid = (int)$CURUSER["id"];
if ($CURUSER['class'] < UC_MODERATOR)
{
$seconds = time() - ($minutes * 60);
$res = sql_query("SELECT COUNT(id) AS c FROM posts WHERE userid = ".$CURUSER['id']." AND added > '".$seconds."'");
$arr = mysql_fetch_assoc($res);
if ($arr['c'] > $limit)
stderr("Flood", "More than ".$limit." posts in the last ".$minutes." minutes.");
}
if ($newtopic)
{
//---- Create topic
$subject = sqlesc($subject);
@sql_query("INSERT INTO topics (userid, forumid, subject) VALUES($userid, $forumid, $subject)") or sqlerr(__FILE__, __LINE__);
$topicid = mysql_insert_id() or stderr("Error", "No topic ID returned");
}
else
{
//---- Make sure topic exists and is unlocked
$res = sql_query("SELECT * FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or die("Topic id n/a");
if ($arr["locked"] == 'yes' && get_user_class() < UC_MODERATOR)
stderr("Error", "This topic is locked.");
//---- Get forum ID
$forumid = $arr["forumid"];
}
//------ Insert post
$added = "'" . get_date_time() . "'";
$body = sqlesc($body);
$secsdp = 1*300;
$dtdp = sqlesc(get_date_time(get_date_time() - $secsdp)); // calculate date.
//------ Check double post
$doublepost = sql_query("SELECT posts.id, posts.added, posts.userid, posts.body, topics.lastpost, topics.id FROM posts INNER JOIN topics on posts.id = topics.lastpost WHERE topics.id=$topicid AND posts.userid = $userid AND posts.added > $dtdp ORDER BY added DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
$results = mysql_fetch_assoc($doublepost);
if (!$results) {
@sql_query("INSERT INTO posts (topicid, userid, added, body) VALUES($topicid, $userid, $added, $body)") or sqlerr(__FILE__, __LINE__);
$postid = mysql_insert_id() or die("Post id n/a");
update_topic_last_post($topicid);
}
else {
$oldbody = trim($results['body']);
$newbody = trim($_POST["body"]);
$updatepost = sqlesc("$oldbody\n\n$newbody");
$editedat = sqlesc(get_date_time());
@sql_query("UPDATE LOW_PRIORITY posts SET body=$updatepost, editedat=$editedat, editedby=$userid WHERE id=$results[lastpost]") or sqlerr(__FILE__, __LINE__);
}
//------ All done, redirect user to the post
$headerstr = "Location: $BASEURL/forum.php?action=viewtopic&topicid=$topicid&page=last";
if ($newtopic)
header($headerstr);
else
header("$headerstr#$postid");
die;
}
//-------- Action: View topic
elseif ($action == "viewtopic")
{
unset($count);
$topicid = (int)$_GET["topicid"];
$page = (int)$_GET["page"];
$userid = (int)$CURUSER["id"];
//------ Get topic info
$res = sql_query("SELECT t.locked, t.subject, t.sticky, t.userid AS t_userid, t.forumid, f.name AS forum_name
FROM topics AS t
LEFT JOIN forums AS f ON f.id = t.forumid
WHERE t.id = ".sqlesc($topicid)) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or stderr("Error", "Topic not found");
$t_userid = (int)$arr['t_userid'];
$locked = ($arr['locked'] == 'yes' ? true : false);
$subject = $arr['subject'];
$sticky = ($arr['sticky'] == "yes" ? true : false);
$forumid = (int)$arr['forumid'];
$forum = $arr["forum_name"];
//------ Update hits column
@sql_query("UPDATE LOW_PRIORITY topics SET views = views + 1 WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
//------ Get forum
//------ Get post count
$res = sql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
$postcount = $arr[0];
//------ Make page menu
$pagemenu1 = "<p class=success align=center>\n";
$perpage = $postsperpage;
$pages = ceil($postcount / $perpage);
if ($page[0] == "p")
{
$findpost = substr($page, 1);
$res = sql_query("SELECT id FROM posts WHERE topicid=$topicid ORDER BY added") or sqlerr(__FILE__, __LINE__);
$i = 1;
while ($arr = mysql_fetch_row($res))
{
if ($arr[0] == $findpost)
break;
++$i;
}
$page = ceil($i / $perpage);
}
if ($page == "last")
$page = $pages;
else
{
if($page < 1)
$page = 1;
elseif ($page > $pages)
$page = $pages;
}
$offset = $page * $perpage - $perpage;
for ($i = 1; $i <= $pages; ++$i)
{
if ($i == $page)
$pagemenu2 .= "<b>[<u>$i</u>]</b>\n";
else
$pagemenu2 .= "<a href=?action=viewtopic&topicid=$topicid&page=$i><b>$i</b></a>\n";
}
if ($page == 1)
$pagemenu1 .= "<img src='/pic/prev.gif' border='0px'></a>";
else
$pagemenu1 .= "<a href=?action=viewtopic&topicid=$topicid&page=" . ($page - 1) .
"><img src='/pic/prev.gif' border='0px'></a>";
$pmlb = " ";
if ($page == $pages)
$pagemenu3 .= "<img src='/pic/next.gif' border='0px'></a></p>\n";
else
$pagemenu3 .= "<a href=?action=viewtopic&topicid=$topicid&page=" . ($page + 1) .
"><img src='/pic/next.gif' border='0px'></a></p>\n";
stdhead("Forum :: Topic - $subject");
begin_main_frame();
?>
<link type="text/css" rel="stylesheet" href="css/rating_style.css" />
<script type="text/javascript" src="js/sack.js" ></script>
<script type="text/javascript">
var e = new sack();
function do_rate(rate, id, what) {
var box = document.getElementById('rate_' + id);
e.setVar('rate', rate);
e.setVar('id', id);
e.setVar('ajax', '1');
e.setVar('what', what);
e.requestFile = 'rating.php';
e.method = 'GET';
e.element = 'rate_' + id;
e.onloading = function() {
box.innerHTML = 'Loading ...'
}
e.onCompletion = function() {
if (e.responseStatus)
box.innerHTML = e.response();
}
e.onerror = function() {
alert('That was something wrong with the reques!');
}
e.runAJAX();
}
</script>
<? ?>
<a name='top'></a>
<table width="97%" border="0" cellpadding="0" cellspacing="0" style="border:none;" align="center">
<tr>
<td align="left" width="80%" style="border:none;">
<h1><a href="<?php echo $_SERVER['PHP_SELF']; ?>" title="Main menu">Forum</a> - <a href="<?php echo $_SERVER['PHP_SELF']; ?>?action=viewforum&forumid=<?php echo $forumid; ?>"><?php echo $forum; ?></a> - <?php echo htmlspecialchars($subject); ?></h1>
</td>
<td align="right" width="50%" style="border:none;">
<?php print(getRate($topicid, "topic")); ?>
</td>
</tr>
</table><?php
$res = sql_query(
"SELECT p.id, p.added, p.userid, p.added, p.body, p.editedby, p.editedat, u.id as uid, u.username as uusername, u.class AS uclass, u.avatar, u.donor,
u.title, u.enabled, u.warned,
u.last_access, (SELECT COUNT(id) FROM posts WHERE userid = u.id) AS posts_count, u2.username as u2_username
, (SELECT lastpostread FROM readposts WHERE userid = ".sqlesc((int)$CURUSER['id'])." AND topicid = p.topicid LIMIT 1) AS lastpostread
FROM posts AS p
LEFT JOIN users AS u ON p.userid = u.id
LEFT JOIN users AS u2 ON u2.id = p.editedby
WHERE p.topicid = ".sqlesc($topicid)."
ORDER BY id LIMIT $offset,$perpage") or sqlerr(__FILE__, __LINE__);
$pc = mysql_num_rows($res);
$pn = 0;
while ($arr = mysql_fetch_assoc($res))
{
++$pn;
$lpr = $arr['lastpostread'];
$postid = (int)$arr["id"];
$postadd = $arr['added'];
$posterid = (int)$arr['userid'];
$added = $arr['added'] . " , <i>(" . get_elapsed_time(strtotime($arr['added'])) . ") back</i>";
//---- Get poster details
$last_access = $arr['last_access'];
$postername = get_user_class_color($arr['uclass'],$arr['uusername']).get_user_icons($arr);
$avatar = (!empty($postername) ? ($CURUSER['avatars'] == "yes" ? htmlspecialchars($arr['avatar']) : '') : '');
$title = (!empty($postername) ? (empty($arr['title']) ? "(".get_user_class_name($arr['uclass']).")" : "(".format_comment($arr['title']).")") : '');
$forumposts = (!empty($postername) ? ($arr['posts_count'] != 0 ? $arr['posts_count'] : 'N/A') : 'N/A');
$by = (!empty($postername) ? "<a href='$DEFAULTBASEURL/userdetails.php?id=$posterid'>".$postername."</a>" : "");
if (!$avatar)
$avatar = "pic/default_avatar.gif";
echo "<a name=$postid></a>";
echo ($pn == $pc ? '<a name=last></a>' : '');
print("<p class=sub><table border=0 cellspacing=0 cellpadding=0><tr><td class=embedded width=99%>#$postid by $by $title $added");
print("</td><td class=embedded width=1%><a href=#top><img src=pic/top.gif border=0 alt='Top'></a></td></tr>");
print("\n");
begin_table(true);
$highlight = (isset($_GET['highlight']) ? $_GET['highlight'] : '');
$body = (!empty($highlight) ? highlight(htmlspecialchars(trim($highlight)), format_comment($arr['body'])) : format_comment($arr['body']));
if (is_valid_id($arr['editedby']))
$body .= "<br><p><font size=1 class=small_com><i>Edited <a href='$DEFAULTBASEURL/userdetails.php?id=".$arr['editedby']."'><b>".$arr['u2_username']."</b></a> ".$arr['editedat']." </i></font></p>";
$ratio = $CURUSER['uploaded'] / $CURUSER['downloaded'];
if ($CURUSER['uploaded'] == 0)$ratio = "inf";else {$ratio = number_format($ratio, 3);}
if (empty($CURUSER['uploaded']))$ratio = "inf";else {$ratio = number_format($ratio, 3);}
$stats = "<br> Posts: $forumposts<br>";
unset($onoffpic,$dt);
$dt = get_date_time(gmtime() - 180);
if (get_user_class() < UC_MODERATOR AND $posterid != $CURUSER[id])
$onoffpic = "<img src='pic/button_offline.gif' border='0' />";
elseif ($last_access > $dt OR $posterid == $CURUSER[id])
$onoffpic = "<img src='pic/button_online.gif' border='0' />";
else
$onoffpic = "<img src=pic/button_offline.gif border=0>";
print("<tr valign=top><td width=150 align=left style='padding: 0px'><br>"." " .
($avatar ? " <img width=100 src=\"$avatar\">": ""). "<br>"."<strong>$stats <font color='#009900'> Ratio!</font> $ratio </strong><br><br></td>");
print("<td class=comment>$body</td></tr>\n");
print("<tr><td>".$onoffpic." <a href=\"message.php?receiver=".htmlspecialchars($posterid)."&action=sendmessage\"><img src=\"pic/button_pm.gif\" border=\"0\" alt=\"Send PM\"></a></td>");
print("<td align=right>");
if (!$locked && $CURUSER || get_user_class() >= UC_MODERATOR)
print("<a href=?action=quotepost&topicid=$topicid&postid=$postid><b>[ quote ]</b> </a>");
if (get_user_class() >= UC_MODERATOR || !$locked && $CURUSER)
print("<a href=?action=reply&topicid=$topicid><b>[ reply ]</b> </a>");
if (get_user_class() >= UC_MODERATOR)
print("<a href=?action=deletepost&postid=$postid><b>[ delete ]</b> </a>");
if (($CURUSER["id"] == $posterid && !$locked) || get_user_class() >= UC_MODERATOR)
print("<a href=?action=editpost&postid=$postid><b>[ edit ]</b> </a>");
print("</td></tr></table></p>");
}
if ($CURUSER){
if (($postid > $lpr) && ($postadd > (get_date_time() - $READPOST_EXPIRY)))
{
if ($lpr)
sql_query("UPDATE LOW_PRIORITY readposts SET lastpostread = $postid WHERE userid = $userid AND topicid = $topicid") or sqlerr(__FILE__, __LINE__);
else
sql_query("INSERT INTO readposts (userid, topicid, lastpostread) VALUES($userid, $topicid, $postid)") or sqlerr(__FILE__, __LINE__);
} }
if (get_user_class() >= UC_MODERATOR || !$locked && $CURUSER){
?>
<table id="no_border" width=100%><tr>
<td colspan=2 class=colhead><center><b>Fast reply</b></td></tr>
<tr><td id="no_border">
<center><form name='compose' id='compose' method='post' action='<?php echo $_SERVER['PHP_SELF']; ?>' enctype='multipart/form-data'>
<input type="hidden" name="action" value="post" />
<input type=hidden name=topicid value=<? echo $topicid; ?>>
<?
textbbcode("compose","body","", 1)
?>
<center><input type="button" value="Preview" onClick="javascript:ajaxpreview('area');" ><input type=submit class=gobutton value="Reply">
</center>
<script language="javascript" type="text/javascript" src="js/ajax.js"></script>
<script language="javascript" type="text/javascript" src="js/preview.js"></script>
<div id="loading-layer" style="display:none;font-family: Verdana;font-size: 11px;width:200px;height:50px;background:#FFF;padding:10px;text-align:center;border:1px solid #000">
<div style="font-weight:bold;" id="loading-layer-text">Loading...Please wait</div><br />
<img src="pic/loading.gif" border="0" />
</div>
<br />
<div id="preview" style="width:530px;"></div>
</form>
</td></tr>
</table>
<?
}
//------ Mod options
print("$pagemenu1 $pmlb $pagemenu2 $pmlb $pagemenu3");
if (get_user_class() >= UC_MODERATOR)
{
print("<table border=0 cellspacing=0 cellpadding=0>\n");
print("<form method=post action=?action=setsticky>\n");
print("<input type=hidden name=topicid value=$topicid>\n");
print("<input type=hidden name=returnto value=$_SERVER[REQUEST_URI]>\n");
print("<tr><td class=embedded align=right>Sticky:</td>\n");
print("<td class=embedded><input type=radio name=sticky value='yes' " . ($sticky ? " checked" : "") . "> yes <input type=radio name=sticky value='no' " . (!$sticky ? " checked" : "") . "> no\n");
print("<input type=submit value='Yes' class=btn></td></tr>");
print("</form>\n");
print("<form method=post action=?action=setlocked>\n");
print("<input type=hidden name=topicid value=$topicid>\n");
print("<input type=hidden name=returnto value=$_SERVER[REQUEST_URI]>\n");
print("<tr><td class=embedded align=right>Close:</td>\n");
print("<td class=embedded><input type=radio name=locked value='yes' " . ($locked ? " checked" : "") . "> yes <input type=radio name=locked value='no' " . (!$locked ? " checked" : "") . "> no\n");
print("<input type=submit value='Yes' class=btn></td></tr>");
print("</form>\n");
print("<form method=post action=?action=renametopic>\n");
print("<input type=hidden name=topicid value=$topicid>\n");
print("<input type=hidden name=returnto value=$_SERVER[REQUEST_URI]>\n");
print("<tr><td class=embedded align=right>Rename:</td><td class=embedded><input type=text name=subject size=60 maxlength=$maxsubjectlength value=\"" . htmlspecialchars($subject) . "\">\n");
print("<input type=submit value='go' class=btn></td></tr>");
print("</form>\n");
print("<form method=post action=?action=movetopic&topicid=$topicid>\n");
print("<tr><td class=embedded>Move: </td><td class=embedded><select name=forumid>");
$res = mysql_query("SELECT id, name FROM forums ORDER BY name") or sqlerr(__FILE__, __LINE__);
while ($arr = mysql_fetch_assoc($res))
if ($arr["id"] != $forumid)
print("<option value=" . $arr["id"] . ">" . $arr["name"] . "\n");
print("</select> <input type=submit value='go' class=btn></form></td></tr>\n");
print("<tr><td class=embedded>Delete</td><td class=embedded>\n");
print("<form method=get action=forum.php>\n");
print("<input type=hidden name=action value=deletetopic>\n");
print("<input type=hidden name=topicid value=$topicid>\n");
print("<input type=hidden name=forumid value=$forumid>\n");
print("<input type=checkbox name=sure value=1>I'm sure\n");
print("<input type=submit value='go' class=btn>\n");
print("</form>\n");
print("</td></tr>\n");
print("</table>\n");
}
//------ Forum quick jump drop-down
insert_quick_jump_menu($forumid);
end_main_frame();
stdfoot();
die;
}
//-------- Action: Quote
elseif ($action == "quotepost")
{
loggedinorreturn();
$topicid = (int)$_GET["topicid"];
stdhead("Reply");
begin_main_frame();
insert_compose_frame($topicid, false, true);
end_main_frame();
stdfoot();
die;
}
//-------- Action: Reply
elseif ($action == "reply")
{
loggedinorreturn();
$topicid = (int)$_GET["topicid"];
int_check($topicid,true);
stdhead("Reply");
begin_main_frame();
insert_compose_frame($topicid, false, false);
end_main_frame();
stdfoot();
die;
}
//-------- Action: Move topic
elseif ($action == "movetopic")
{
loggedinorreturn();
$forumid = (int)$_POST["forumid"];
$topicid = (int)$_GET["topicid"];
if (!is_valid_id($forumid) || !is_valid_id($topicid) || get_user_class() < UC_MODERATOR)
die;
$res = @sql_query("SELECT forumid FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
stderr("Error", "Topic not found.");
$arr = mysql_fetch_row($res);
$old_forumid=$arr[0];
// get posts count
$res = sql_query("SELECT COUNT(id) AS nb_posts FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
stderr("Error", "Couldn't get posts count.");
$arr = mysql_fetch_row($res);
$nb_posts = $arr[0];
// move topic
if ($old_forumid != $forumid)
{
@sql_query("UPDATE LOW_PRIORITY topics SET forumid=$forumid WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
// update counts
@sql_query("UPDATE LOW_PRIORITY forums SET topiccount=topiccount-1, postcount=postcount-$nb_posts WHERE id=$old_forumid") or sqlerr(__FILE__, __LINE__);
@sql_query("UPDATE LOW_PRIORITY forums SET topiccount=topiccount+1, postcount=postcount+$nb_posts WHERE id=$forumid") or sqlerr(__FILE__, __LINE__);
}
// Redirect to forum page
header("Location: $BASEURL/forum.php?action=viewforum&forumid=$forumid");
die;
}
//-------- Action: Delete topic
elseif ($action == "deletetopic")
{
loggedinorreturn();
$topicid = (int)$_GET["topicid"];
$forumid = (int)$_GET["forumid"];
if (!is_valid_id($topicid) || get_user_class() < UC_MODERATOR)
die;
$sure = (int)$_GET["sure"];
if (!$sure)
{
begin_main_frame();
stderr("Delete topic", "Are you sure?\n" .
"Press <a href=?action=deletetopic&topicid=$topicid&sure=1>yes</a> if you are sure .",false);
end_main_frame();
}
@sql_query("DELETE FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
@sql_query("DELETE FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
header("Location: $BASEURL/forum.php?action=viewforum&forumid=$forumid");
die;
}
//-------- Action: Edit post
elseif ($action == "editpost")
{
loggedinorreturn();
$postid = (int)$_GET["postid"];
$res = sql_query("SELECT * FROM posts WHERE id=$postid") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) != 1)
stderr("Error", "No post with this ID");
$arr = mysql_fetch_assoc($res);
$res2 = sql_query("SELECT locked FROM topics WHERE id = " . $arr["topicid"]) or sqlerr(__FILE__, __LINE__);
$arr2 = mysql_fetch_assoc($res2);
if (mysql_num_rows($res) != 1)
stderr("Error", "No topic associated with this post ID");
$locked = ($arr2["locked"] == 'yes');
if (($CURUSER["id"] != $arr["userid"] || $locked) && get_user_class() < UC_MODERATOR)
stderr("Error", "Denied!");
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$body = $_POST['body'];
if ($body == "")
stderr("Error", "Body cannot be empty!");
$body = sqlesc($body);
@sql_query("UPDATE LOW_PRIORITY posts SET body=$body, editedat=NOW(), editedby=$CURUSER[id] WHERE id=$postid") or sqlerr(__FILE__, __LINE__);
$returnto = $_POST["returnto"];
if ($returnto != "")
{
$returnto .= "&page=p$postid#$postid";
header("Location: $returnto");
}
else
begin_main_frame();
stderr("Ready", "Message successfully amended.");
end_main_frame();
}
stdhead("Edit");
begin_main_frame();
print("<h3>Edit</h3>\n");
?>
<tr><td id="no_border">
<center><form name=edit id=edit method=post action="?action=editpost&postid=<?=$postid ?>">
<input type=hidden name=returnto value="<?=htmlspecialchars($HTTP_SERVER_VARS["HTTP_REFERER"]) ?>">
<?
textbbcode("edit", "body", htmlspecialchars(unesc($arr["body"])));
?>
<input type="button" value="Preview" onClick="javascript:ajaxpreview('area');" ><input type=submit class=gobutton value="Save">
<script language="javascript" type="text/javascript" src="js/ajax.js"></script>
<script language="javascript" type="text/javascript" src="js/preview.js"></script>
<div id="loading-layer" style="display:none;font-family: Verdana;font-size: 11px;width:200px;height:50px;background:#FFF;padding:10px;text-align:center;border:1px solid #000">
<div style="font-weight:bold;" id="loading-layer-text">Loading...Please wait...</div><br />
<img src="pic/loading.gif" border="0" />
</div>
<br /><br />
<div id="preview" style="width:530px;"></div></center>
</form>
</td></tr>
<? end_main_frame();
stdfoot();
die ;
}
//-------- Action: Delete post
elseif ($action == "deletepost")
{
loggedinorreturn();
$postid = (int)$_GET["postid"];
$sure = (int)$_GET["sure"];
if (get_user_class() < UC_MODERATOR || !is_valid_id($postid))
die;
//------- Get topic id
$res = sql_query("SELECT topicid FROM posts WHERE id=$postid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res) or stderr("Error", "Post not found");
$topicid = $arr[0];
//------- We can not delete the post if it is the only one of the topic
$res = sql_query("SELECT COUNT(*) FROM posts WHERE topicid=$topicid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
if ($arr[0] < 2){
stderr("Error", "Can't delete post; it is the only post of the topic. You should\n" .
"<a href=?action=deletetopic&topicid=$topicid&sure=1>delete the topic</a> instead.\n",false);
}
//------- Get the id of the last post before the one we're deleting
$res = sql_query("SELECT id FROM posts WHERE topicid=$topicid AND id < $postid ORDER BY id DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0)
$redirtopost = "";
else
{
$arr = mysql_fetch_row($res);
$redirtopost = "&page=p$arr[0]#$arr[0]";
}
//------- Make sure we know what we do :-)
if (!$sure)
{
stderr("Delete post ?", "Do you really want to delete this message ?\n" .
"Press <a href=?action=deletepost&postid=$postid&sure=1>yes</a> if you are sure .",false);
}
//------- Delete post
@sql_query("DELETE FROM posts WHERE id=$postid") or sqlerr(__FILE__, __LINE__);
//------- Delete attachments
//------- Update topic
update_topic_last_post($topicid);
header("Location: $BASEURL/forum.php?action=viewtopic&topicid=$topicid$redirtopost");
die;
}
//-------- Action: Lock topic
elseif ($action == "locktopic")
{
loggedinorreturn();
$forumid = (int)$_GET["forumid"];
$topicid = (int)$_GET["topicid"];
$page = (int)$_GET["page"];
if (!is_valid_id($topicid) || get_user_class() < UC_MODERATOR)
die;
sql_query("UPDATE LOW_PRIORITY topics SET locked='yes' WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
header("Location: $BASEURL/forum.php?action=viewforum&forumid=$forumid&page=$page");
die;
}
//-------- Action: Unlock topic
elseif ($action == "unlocktopic")
{
loggedinorreturn();
$forumid = (int)$_GET["forumid"];
$topicid = (int)$_GET["topicid"];
$page = (int)$_GET["page"];
if (!is_valid_id($topicid) || get_user_class() < UC_MODERATOR)
die;
@sql_query("UPDATE LOW_PRIORITY topics SET locked='no' WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
header("Location: $BASEURL/forum.php?action=viewforum&forumid=$forumid&page=$page");
die;
}
//-------- Action: Set locked on/off
elseif ($action == "setlocked")
{
loggedinorreturn();
$topicid = (int)$_POST["topicid"];
if (!$topicid || get_user_class() < UC_MODERATOR)
die;
$locked = sqlesc($_POST["locked"]);
@sql_query("UPDATE LOW_PRIORITY topics SET locked=$locked WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
header("Location: $_POST[returnto]");
die;
}
//-------- Action: Set sticky on/off
elseif ($action == "setsticky")
{
loggedinorreturn();
$topicid = (int)$_POST["topicid"];
if (!topicid || get_user_class() < UC_MODERATOR)
die;
$sticky = sqlesc($_POST["sticky"]);
@sql_query("UPDATE LOW_PRIORITY topics SET sticky=$sticky WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
header("Location: $_POST[returnto]");
die;
}
//-------- Action: Rename topic
elseif ($action == 'renametopic')
{
loggedinorreturn();
if (get_user_class() < UC_MODERATOR)
die;
$topicid = (int)$_POST['topicid'];
$subject = $_POST['subject'];
if ($subject == '')
stderr('Error', 'You must enter a new title!');
$subject = sqlesc($subject);
@sql_query("UPDATE LOW_PRIORITY topics SET subject=$subject WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
$returnto = $_POST['returnto'];
if ($returnto)
header("Location: $returnto");
die;
}
//-------- Action: View forum
elseif ($action == "viewforum") //-------- Action: View forum
{
if ($CURUSER)
@sql_query("UPDATE LOW_PRIORITY users SET forum_access='" . get_date_time() . "' WHERE id={$CURUSER["id"]}") or sqlerr(__FILE__, __LINE__);
$forumid = (int)$_GET['forumid'];
if (!is_valid_id($forumid))
stderr('Error', 'Invalid ID!');
$page = (isset($_GET["page"]) ? (int)$_GET["page"] : 0);
$userid = (int)$CURUSER["id"];
//------ Get forum details
$res = sql_query("SELECT f.name AS forum_name, (SELECT COUNT(id) FROM topics WHERE forumid = f.id) AS t_count ".
"FROM forums AS f ".
"WHERE f.id = ".sqlesc($forumid)) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or stderr('Error', 'No forum with that ID!');
$perpage = (empty($CURUSER['topicsperpage']) ? 20 : (int)$CURUSER['topicsperpage']);
$num = (int)$arr['t_count'];
if ($page == 0)
$page = 1;
$first = ($page * $perpage) - $perpage + 1;
$last = $first + $perpage - 1;
if ($last > $num)
$last = $num;
$pages = floor($num / $perpage);
if ($perpage * $pages < $num)
++$pages;
//------ Build menu
$menu1 = "<p class=success align=center>";
$menu2 = '';
$lastspace = false;
for ($i = 1; $i <= $pages; ++$i)
{
if ($i == $page)
$menu2 .= "<b>[<u>$i</u>]</b>\n";
else if ($i > 3 && ($i < $pages - 2) && ($page - $i > 3 || $i - $page > 3))
{
if ($lastspace)
continue;
$menu2 .= "... \n";
$lastspace = true;
}
else
{
$menu2 .= "<a href=".$_SERVER['PHP_SELF']."?action=viewforum&forumid=$forumid&page=$i><b>$i</b></a>\n";
$lastspace = false;
}
if ($i < $pages)
$menu2 .= "</b>|<b>";
}
$menu1 .= ($page == 1 ? "<img src='/pic/prev.gif' border='0px'/>" : "<a href=".$_SERVER['PHP_SELF']."?action=viewforum&forumid=$forumid&page=" . ($page - 1) . "><img src='/pic/prev.gif' border='0px'/></a>");
$mlb = " ";
$menu3 = ($last == $num ? "<img src='/pic/next.gif' border='0px'/></p>" : "<a href=".$_SERVER['PHP_SELF']."?action=viewforum&forumid=$forumid&page=" . ($page + 1) . "><img src='/pic/next.gif' border='0px'/></a></p>");
$offset = $first - 1;
$topics_res = sql_query(
"SELECT t.id, t.userid,t.views, t.locked,t.ratingsum,t.numratings, t.lastpost AS tlast, t.sticky, t.subject, u1.username, u1.class, r.lastpostread, p.id AS p_id, p.userid AS p_userid, p.added AS p_added,
(SELECT COUNT(id) FROM posts WHERE topicid=t.id) AS p_count, u2.class AS u2_class , u2.username AS u2_username ".
"FROM topics AS t ".
"LEFT JOIN users AS u1 ON u1.id=t.userid ".
"LEFT JOIN readposts AS r ON r.userid = ".sqlesc($userid)." AND r.topicid = t.id ".
"LEFT JOIN posts AS p ON p.id = (SELECT MAX(id) FROM posts WHERE topicid = t.id) ".
"LEFT JOIN users AS u2 ON u2.id = p.userid ".
"WHERE t.forumid = ".sqlesc($forumid)." ORDER BY t.sticky, p_added DESC LIMIT $offset, $perpage") or sqlerr(__FILE__, __LINE__);
stdhead("Forum - ".htmlspecialchars($arr["forum_name"])); begin_main_frame();
?>
<h1><a href="<?php echo $_SERVER['PHP_SELF']; ?>">Forum</a> - <?php echo htmlspecialchars($arr["forum_name"]); ?></h1><?php
if (mysql_num_rows($topics_res) > 0)
{
?><table border="0px" cellspacing=0 cellpadding=5 width=<?php echo $forum_width; ?>>
<tr>
<td class=colhead align=left>Topic</td>
<td class=colhead>Answers</td>
<td class=colhead>Views</td>
<td class=colhead align=left>Author</td>
<td class=colhead align=left><nobr>Lastest message</nobr></td>
</tr>
<?php
while ($topic_arr = mysql_fetch_assoc($topics_res))
{
$topicid = (int)$topic_arr['id'];
$topic_userid = (int)$topic_arr['userid'];
$sticky = ($topic_arr['sticky'] == "yes");
$lpost = (int)$topic_arr["tlast"];
$tpages = floor($topic_arr['p_count'] / $postsperpage);
if (($tpages * $postsperpage) != $topic_arr['p_count'])
++$tpages;
if ($tpages > 1)
{
$topicpages = " (<img src='".$pic_base_url."multipage.gif' alt='Page topics' title='Page topics'>";
$split = ($tpages > 10) ? true : false;
$flag = false;
for ($i = 1; $i <= $tpages; ++$i)
{
if ($split && ($i > 4 && $i < ($tpages - 3)))
{
if (!$flag)
{
$topicpages .= ' ...';
$flag = true;
}
continue;
}
$topicpages .= " <a href=".$_SERVER['PHP_SELF']."?action=viewtopic&topicid=$topicid&page=$i>$i</a>";
}
$topicpages .= ")";
}
else
$topicpages = '';
$lpusername = (is_valid_id($topic_arr['p_userid']) && !empty($topic_arr['u2_username']) ? "<a href='$DEFAULTBASEURL/userdetails.php?id=".(int)$topic_arr['p_userid']."'>".get_user_class_color($topic_arr['u2_class'],$topic_arr['u2_username'])."</b></a>" : "unknown[$topic_userid]");
$lpauthor = (is_valid_id($topic_arr['userid']) && !empty($topic_arr['username']) ? "<a href='$DEFAULTBASEURL/userdetails.php?id=$topic_userid'>".get_user_class_color($topic_arr['class'],$topic_arr['username'])."</b></a>" : "unknown[$topic_userid]");
$new = ($topic_arr["p_added"] > (get_date_time() - $READPOST_EXPIRY)) ? ((int)$topic_arr['p_id'] > $topic_arr['lastpostread']) : 0;
$topicpic = ($topic_arr['locked'] == "yes" ? ($new ? "lockednew" : "locked") : ($new ? "unlockednew" : "unlocked"));
$subject = $topic_arr["subject"];
if (strlen($subject) > 25)
$subject = substr($subject, 0, 25) . "...";
?>
<tr>
<td align=left width="100%">
<table border=0 cellspacing=0 cellpadding=0>
<tr>
<td class=embedded style='padding-right: 5px'><img src='<?php echo $pic_base_url . $topicpic; ?>.gif'></td>
<td class=embedded align=left width="100%"><?php echo($sticky ? '<img src=' . $pic_base_url . '/fsticky.gif border=0px /> ' : ''); ?><a href='<?php echo $_SERVER['PHP_SELF']; ?>?action=viewtopic&topicid=<?php echo $topicid; ?>' title="<?php echo htmlspecialchars($topic_arr['subject']); ?>"><?php echo htmlspecialchars($subject); ?></a><?php echo $topicpages; ?></td>
<? ?>
<link type="text/css" rel="stylesheet" href="css/rating_style.css" />
<? ?>
<td class="embedded" align="right"><?php echo(showRate($topic_arr["ratingsum"],$topic_arr["numratings"]))?></td>
</tr>
</table>
</td>
<td align="center"><?php echo max(0, $topic_arr['p_count'] - 1); ?></td>
<td align="center"><?php echo number_format($topic_arr['views']); ?></td>
<td align="center"><?php echo $lpauthor; ?></td>
<td align='left'> <?php echo $lpusername; ?> <a href="forum.php?action=viewtopic&topicid=<?=$topicid; ?>&page=p<?=$lpost; ?>#<?=$lpost; ?>"><img src='<?=$pic_base_url; ?>/latest.gif' border='0px' alt='Quote'></a><br /> <?php echo $topic_arr["p_added"]; ?></td>
</tr>
<?php
}
end_table();
}
else
{
?><p align=center>No topics found</p><?php
}
echo $menu1.$mlb.$menu2.$mlb.$menu3;
?>
<table class=main border=0 cellspacing=0 cellpadding=0 align=center>
<tr valing=center>
<td class=embedded><img src='<?php echo $pic_base_url; ?>unlockednew.gif' style='margin-right: 5px'></td>
<td class=embedded>New message</td>
<td class=embedded><img src='<?php echo $pic_base_url; ?>locked.gif' style='margin-left: 10px; margin-right: 5px'></td>
<td class=embedded>Topic closed</td>
</tr>
</table>
<?php
$arr = ($forumid) or die();
$maypost = ($CURUSER);
if (!$maypost)
{
?><p><i>You do not have rights to open new topics.</i></p><?php
}
?>
<table border=0 class=main cellspacing=0 cellpadding=0 align=center>
<tr>
<?php
if ($maypost)
{
?>
<td class=embedded><form method=get action='<?php echo $_SERVER['PHP_SELF']; ?>'><input type=hidden name=action value=newtopic><input type=hidden name=forumid value=<?php echo $forumid; ?>><input type=submit value='����� ����' class=gobutton style='margin-left: 10px'></form></td>
<?php
}
?></tr></table><?php
insert_quick_jump_menu($forumid);
forum_menu_bottom();
end_main_frame();
stdfoot();
exit();
}
elseif ($action == "getdaily") {
loggedinorreturn();
stdhead("Messages last 24 h.");
begin_main_frame();
begin_frame("Messages last 24 h.");
$page = 0 + (int)$_GET["page"];
$perpage = 10;
$r = sql_query("SELECT COUNT(*) FROM posts WHERE posts.added >= DATE_SUB(CURRENT_DATE, INTERVAL 1 DAY)") or sqlerr(__FILE__,__LINE__);
$r1 = mysql_fetch_array($r);
$countrows = $r1[0];
list($pagertop, $pagerbottom, $limit) = pager($perpage, $countrows, "forum.php?action=getdaily&");
print("<table width=100% border=0 cellspacing=0 cellpadding=5><tr>".
"<td class=colhead align=left>Topic</td>".
"<td class=colhead align=center>Views</td>".
"<td class=colhead align=center>Author</td>".
"<td class=colhead align=center>Added</td>".
"</tr>");
$res = sql_query("SELECT posts.id AS pid, posts.topicid, posts.userid AS userpost, posts.added, topics.id AS tid, topics.subject, topics.forumid, topics.lastpost, topics.views, forums.name, forums.topiccount, users.username
FROM posts, topics, forums, users, users AS topicposter
WHERE posts.topicid = topics.id AND posts.added >= DATE_SUB(CURRENT_DATE, INTERVAL 1 DAY) AND topics.forumid = forums.id AND posts.userid = users.id AND topics.userid = topicposter.id
ORDER BY posts.added DESC $limit") or sqlerr(__FILE__,__LINE__);
while ($getdaily = mysql_fetch_assoc($res))
{
print("<tr><td><a href=\"forum.php?action=viewtopic&topicid={$getdaily["tid"]}&page=p{$getdaily["pid"]}#{$getdaily["pid"]}\"><b>".htmlspecialchars($getdaily["subject"])."</b></a><br /> <a href=\"forum.php?action=viewforum&forumid={$getdaily["forumid"]}\">{$getdaily["name"]}</a></td>".
"<td align=center>{$getdaily["views"]}</td>".
"<td align=center><a href=userdetails.php?id={$getdaily["userpost"]}><b>{$getdaily["username"]}</b></a></td>".
"<td><center>".$getdaily["added"]."</td></tr>");
}
print("</table></br>");
print("$pagerbottom");
forum_menu_bottom();
end_frame();
end_main_frame();
stdfoot();
die;
}
elseif ($action == "search") //-------- Action: Search
{
stdhead("Search in forum");
begin_main_frame();
begin_table();
$error = false;
$found = '';
$keywords = (isset($_GET['keywords']) ? trim($_GET['keywords']) : '');
?><style type="text/css">
<!--
.search{
width:159px;
margin:5px 0 5px 0;
text-align:left;
}
.search_title{
color:#0062AE;
background-color:#DAF3FB;
font-size:12px;
font-weight:bold;
text-align:left;
padding:7px 0 0 15px;
}
.search_table {
border-collapse: collapse;
border: none;
}
-->
</style>
<?
begin_frame("Search in forum", 70);
?>
<center>
<?=($error ? "[<b><font color=red> Nothing was found</font></b> ]" : $found) ?></div>
<form method="get" action="forum.php" id="search_form" style="margin: 0pt; padding: 0pt; font-family: Tahoma,Arial,Helvetica,sans-serif; font-size: 11px;">
<input type="hidden" name="action" value="search">
<input name="keywords" type="text" value="<?=$keywords ?>" size="65" />
<input type=submit value=����� class=gobutton>
</form>
<?
end_frame();
$error = false;
$found = '';
$keywords = (isset($_GET['keywords']) ? trim($_GET['keywords']) : '');
if (!empty($keywords))
{
$res = mysql_query("SELECT COUNT(id) AS c FROM posts WHERE body LIKE ".sqlesc("%".sqlwildcardesc($keywords)."%")) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res);
$count = (int)$arr['c'];
$keywords = htmlspecialchars($keywords);
if ($count == 0)
$error = true;
else
{
list($pagertop, $pagerbottom, $limit) = pager(10, $count, $_SERVER['PHP_SELF'].'?action='.$action.'&keywords='.$keywords.'&');
$res = mysql_query(
"SELECT p.id, p.topicid, p.userid, p.added, t.forumid, t.subject, f.name, u.username ".
"FROM posts AS p ".
"LEFT JOIN topics AS t ON t.id=p.topicid ".
"LEFT JOIN forums AS f ON f.id=t.forumid ".
"LEFT JOIN users AS u ON u.id=p.userid ".
"WHERE p.body LIKE ".sqlesc("%".$keywords."%")." $limit");
$num = mysql_num_rows($res);
echo "<p>$pagertop</p>";
begin_main_frame();
?>
<table border=0 cellspacing=0 cellpadding=5 width='100%'>
<tr align="left">
<td class=colhead>Message</td>
<td class=colhead>Topic</td>
<td class=colhead>Forum</td>
<td class=colhead>Author</td>
</tr>
<?php
for ($i = 0; $i < $num; ++$i) {
$post = mysql_fetch_assoc($res);
echo "<tr>" . "<td align='center'>" . $post['id'] . "</td>" . "<td align=left width='100%'><a href=" . $_SERVER['PHP_SELF'] . "?action=viewtopic&highlight=$keywords&topicid=" . $post['topicid'] . "&page=p" . $post['id'] . "#" . $post['id'] . "><b>" . htmlspecialchars($post['subject']) . "</b></a></td>" . "<td align=left><nobr>" . (empty($post['name']) ? 'unknown[' . $post['forumid'] . ']' : "<a href=" . $_SERVER['PHP_SELF'] . "?action=viewforum&forumid=" . $post['forumid'] . "><b>" . htmlspecialchars($post['name']) . "</b></a>") . "</nobr></td>" . "<td align=left><nobr>" . (empty($post['username']) ? 'unknown[' . $post['userid'] . ']' : "<b><a href='$DEFAULTBASEURL/userdetails.php?id=" . $post['userid'] . "'>" . $post['username'] . "</a></b>") . "<br /> " . $post['added'] . "</nobr></td>" . "</tr>";
}
end_table();
end_main_frame();
echo "<p>$pagerbottom</p>";
$found = "[<b><font color=red> Found $count post" . ($count != 1 ? "s" : "") . " </font></b> ]";
}
}
forum_menu_bottom();
end_main_frame();
stdfoot();
exit();
}
elseif ($action == 'forumview')
{
$ovfid = (isset($_GET["forid"]) ? (int)$_GET["forid"] : 0);
if (!is_valid_id($ovfid))
stderr('Error', 'Invalid ID!');
$res = sql_query("SELECT name FROM overforums WHERE id = $ovfid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or stderr('Sorry', 'No forums with that ID!');
if ($CURUSER)
sql_query("UPDATE LOW_PRIORITY users SET forum_access = ".sqlesc(get_date_time())." WHERE id = {$CURUSER['id']}") or sqlerr(__FILE__, __LINE__);
stdhead("Forum - ".htmlspecialchars($arr["name"]));
begin_main_frame();
?>
<h1 align="center"><b><a href='<?php echo $_SERVER['PHP_SELF']; ?>'>Forum</a></b> - <?php echo htmlspecialchars($arr["name"]); ?></h1>
<table border=0 cellspacing=0 cellpadding=3 width='<?php echo $forum_width; ?>'>
<tr>
<td class=colhead align=left>Forum</td>
<td class=colhead align=right>Topic</td>
<td class=colhead align=right>Messages</td>
<td class=colhead align=left>Lastest message</td>
</tr>
<?php
show_forums($ovfid);
end_table();
forum_menu_bottom();
end_main_frame();
stdfoot();
exit();
}
//-------- Handle unknown action
elseif ($action != "") {
stderr("Forum Error", "Unknown action");
}
//-------- Default action: View forums
if (isset($_GET["catchup"]))
{
catch_up();
header('Location: '.$_SERVER['PHP_SELF']);
exit();
}
//-------- FORUM MENU
if ($CURUSER)
@sql_query("UPDATE LOW_PRIORITY users SET forum_access='" . get_date_time() . "' WHERE id={$CURUSER["id"]}") or sqlerr(__FILE__, __LINE__);
stdhead("Forum");
begin_main_frame();
?><h1 align="center"><b><?php echo $SITENAME; ?> - Forum</b></h1>
<br />
<table border=0 cellspacing=0 cellpadding=5 width='<?php echo $forum_width; ?>'><?php
$ovf_res = sql_query("SELECT id, name FROM overforums ORDER BY sort ASC") or sqlerr(__FILE__, __LINE__);
while ($ovf_arr = mysql_fetch_assoc($ovf_res))
{
$ovfid = (int)$ovf_arr["id"];
$ovfname = $ovf_arr["name"];
?><tr>
<td align='left' id="no_border" class='colhead' width="100%">
<a href='<?php echo $_SERVER['PHP_SELF']; ?>?action=forumview&forid=<?php echo $ovfid; ?>'><span class="c_title"><?php echo htmlspecialchars($ovfname); ?></span></a>
</td>
<td class='colhead' align='right'><b>Topic</b></td>
<td class='colhead' align='right'><b>Message</b></td>
<td class='colhead' align='left'><nobr><b>Last message</b></nobr></td>
</tr><?php
show_forums($ovfid);
}
print("</table>");
forum_menu_bottom();
?>
<?
$forum_t = gmtime() - 10;
//you can change this value to whatever span you want
$forum_t = sqlesc(get_date_time($forum_t));
$res = mysql_query("SELECT id, username, class FROM users WHERE forum_access >= $forum_t ORDER BY forum_access DESC") or print(mysql_error());
while ($arr = mysql_fetch_assoc($res)) {
if ($forumusers)
$forumusers .= ",\n";
switch ($arr["class"]) {
case UC_SYSOP :
$arr["username"] = "<font color=#0F6CEE>" . $arr["username"] . "</font>";
break;
case UC_ADMINISTRATOR :
$arr["username"] = "<font color=green>" . $arr["username"] . "</font>";
break;
case UC_MODERATOR :
$arr["username"] = "<font color=red>" . $arr["username"] . "</font>";
break;
case UC_UPLOADER :
$arr["username"] = "<font color=orange>" . $arr["username"] . "</font>";
break;
case UC_VIP :
$arr["username"] = "<font color=#9C2FE0>" . $arr["username"] . "</font>";
break;
case UC_POWER_USER :
$arr["username"] = "<font color=#10AF23>" . $arr["username"] . "</font>";
break;
}
if ($CURUSER)
$forumusers .= "<a href=userdetails.php?id={$arr["id"]}><b>{$arr["username"]}</b></a>";
}
if (!$forumusers)
$forumusers = "No Active Members area for the past 15 minutes.";
?>
<br>
<table width=100% border=1 cellspacing=0 cellpadding=5><tr>
<td class="forumcallpic" align="center">Users in forum</td></tr>
</tr><td class=text>
<?=$forumusers ?>
</td></tr></table>
<?
end_main_frame();
stdfoot();
?>