Zed

<?php require_once('globals.php'); $pageName = "Forums"; include_once("int1.php"); $forums=1; print"<center><font size=5>InfamousNation Forums</font></center>"; class bbcode { var $engine=""; function bbcode() { require "bbcode_engine.php"; $this->engine= new bbcode_engine; $this->engine->cust_tag("/</","<"); $this->engine->cust_tag("/>/",">"); //Since \n and screw up preg, convert them out. $this->engine->cust_tag("/\n/","&nbrlb;"); $this->engine->simple_bbcode_tag("b"); $this->engine->simple_bbcode_tag("i"); $this->engine->simple_bbcode_tag("u"); $this->engine->simple_bbcode_tag("s"); $this->engine->simple_bbcode_tag("sub"); $this->engine->simple_bbcode_tag("sup"); $this->engine->simple_bbcode_tag("big"); $this->engine->simple_bbcode_tag("small"); $this->engine->adv_bbcode_tag("list","ul"); $this->engine->adv_bbcode_tag("olist","ol"); $this->engine->adv_bbcode_tag("item","li"); $this->engine->adv_option_tag("font","font","family"); $this->engine->adv_option_tag("size","font","size"); $this->engine->adv_option_tag("url","a","href"); $this->engine->adv_option_tag("color","font","color"); $this->engine->adv_option_tag("style","span","style"); $this->engine->simp_option_notext("img","src"); $this->engine->simp_bbcode_att("img","src"); $this->engine->cust_tag("/\(c\)/","©"); $this->engine->cust_tag("/\(tm\)/","™"); $this->engine->cust_tag("/\(r\)/","®"); $this->engine->adv_option_tag_em("email","a","href"); $this->engine->adv_bbcode_att_em("email","a","href"); $this->engine->cust_tag("/\[left\](.+?)\[\/left\]/","<div align='left'>\\1</div>"); $this->engine->cust_tag("/\[center\](.+?)\[\/center\]/","<div align='center'>\\1</div>"); $this->engine->cust_tag("/\[right\](.+?)\[\/right\]/","<div align='right'>\\1</div>"); $this->engine->cust_tag("/\<div class='bbcode_container'> <div class='bbcode_quote'> <div class='quote_container'> <div class='bbcode_quote_container'></div> <div class='bbcode_postedby'> <img src='digitalvb/morbid/misc/quote_icon.png' alt='Quote' /> Originally Posted by <strong>(.+?)\</strong> </div> <div class='message'>(.+?)\[\/quote\]/","<font color=red><b>Quoting \\1</b></font><blockquote>\\2</blockquote>"); $this->engine->cust_tag("/\[quote\](.+?)\[\/quote\]/","<font color=red><b>Quote:</b></font><table width=100%><tr><td><blockquote>\\1</blockquote><td></tr></table>"); $this->engine->cust_tag("/\[code\](.+?)\[\/code\]/","<div class='codetop'>CODE</div><div class='codemain'><code>\\1</code></div>"); $this->engine->cust_tag("/\[codebox\](.+?)\[\/codebox\]/","<div class='codetop'>CODE</div><div class='codemain' style='height:200px;white-space<img src='images/smilies/tongue.png' border='0' alt='' title='Stick Out Tongue' class='inlineimg' />re;overflow:auto'>\\1</div>"); $this->engine->cust_tag("/&nbrlb;/","\n"); } function bbcode_parse($html) { return $this->engine->parse_bbcode($html); } } function strip_html_tags($text) { return preg_replace("/<(.+?)>/is","", $text); } function forums_rank($tp) { if ( $tp < 3 ) { return "#12 Forum Newbie"; } else if ( $tp < 10 ) { return "#11 Active Member"; } else if ( $tp < 25 ) { return "#10 Beginning Poster"; } else if ( $tp < 50 ) { return "#9 Average Poster"; } else if ( $tp < 100 ) { return "#8 Good Poster"; } else if ( $tp < 250 ) { return "#7 Very Good Poster"; } else if ( $tp < 500 ) { return "#6 Experienced Poster"; } else if ( $tp< 750 ) { return "#5 Honored Poster"; } else if ( $tp < 1000 ) { return "#4 Posting Champion"; } else if ( $tp < 1500 ) { return "#3 Posting King"; } else if ( $tp < 2500 ) { return "#2 Posting God"; } else if ( $tp < 5000 ) { return "#1 Forum Guru"; } } $bbc = new bbcode; if($ir['forumban']) { echo "<font color=red><h3>! ERROR</h3> You have been forum banned for {$ir['forumban']} days. <b>Reason: {$ir['fb_reason']}</font></b>"; $h->endpage(); exit; } $_GET['viewforum']=(int) $_GET['viewforum']; if(is_numeric($_GET['viewtopic']) and $_GET['act'] != 'quote') { $_GET['act']='viewtopic'; } if($_GET['viewforum']) { $_GET['act']='viewforum'; } if($_GET['reply']) { $_GET['act']='reply'; } if($_GET['empty']==1 && $_GET['code']=='kill' && $_SESSION['owner']) { emptyallforums(); } switch($_GET['act']) { case 'viewforum': viewforum(); break; case 'viewtopic': viewtopic(); break; case 'reply': reply(); break; case 'newtopicform': newtopicform(); break; case 'newtopic': newtopic(); break; case 'quote': quote(); break; case 'edit': edit(); break; case 'move': move(); break; case 'editsub': editsub(); break; case 'lock': lock(); break; case 'delepost': delepost(); break; case 'deletopic': deletopic(); break; case 'pin': pin(); break; case 'recache': recache_forum($_GET['forum']); break; default: idx(); break; } function idx() { global $ir, $c, $userid; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_auth='public' ORDER BY ff_id ASC",$c) or die(mysql_error()); print " <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'> <tr bgcolor='#606060'><th width=40%>Forum</th> <th width=10%>Posts</th> <th width=10%>Topics</th> <th width=40%>Last Post</th> </tr>"; while($r=mysql_fetch_array($q)) { $t=date('F j Y, g:i:s a',$r['ff_lp_time']); $pstr=mysql_query("SELECT * FROM users WHERE userid={$r['ff_lp_poster_id']}",$c); $poster=mysql_fetch_array($pstr); $mycolor=""; if($poster['user_level'] == 2) { $mycolor="blue"; } if($poster['user_level'] == 1 && $poster['donatordays'] == 0) { $mycolor=""; } if($poster['user_level'] == 1 && $poster['donatordays'] > 0) { $mycolor="lightblue"; } if($poster['user_level'] == 4) { $mycolor="purple"; } if($poster['user_level'] == 3) { $mycolor="green"; } if($poster['user_level'] == 5) { $mycolor="orange"; } $posts=number_format($r['ff_posts']); print "<tr bgcolor='#404040'> <td align='center'><a href='forums.php?viewforum={$r['ff_id']}' style='font-weight: 800'>{$r['ff_name']}</a><small>{$r['ff_desc']}</small></td> <td align='center'>$posts</td> <td align='center'>{$r['ff_topics']}</td> <td align='center'>$t In: <a href='forums.php?viewtopic={$r['ff_lp_t_id']}&lastpost=1' style='font-weight: 800'>{$r['ff_lp_t_name']}</a> By: <a href='viewuser.php?u={$r['ff_lp_poster_id']}'><font color=$mycolor>{$r['ff_lp_poster_name']}</font></a> </td> </tr>"; } print "</table>"; if($ir['user_level'] == 5 || $ir['user_level'] == 2 || $ir['user_level'] == 3) { print "<hr /><a name='staff'><h3>Staff-Only Forums</h3></a><hr />"; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_auth='staff' ORDER BY ff_id ASC",$c) or die(mysql_error()); print " <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'> <tr bgcolor='#606060'><th>Forum</th> <th>Posts</th> <th>Topics</th> <th>Last Post</th> </tr>"; while($r=mysql_fetch_array($q)) { $t=date('F j Y, g:i:s a',$r['ff_lp_time']); $pstr=mysql_query("SELECT * FROM users WHERE userid={$r['ff_lp_poster_id']}",$c); $poster=mysql_fetch_array($pstr); $mycolor=""; if($poster['user_level'] == 2) { $mycolor="blue"; } if($poster['user_level'] == 1 && $poster['donatordays'] == 0) { $mycolor=""; } if($poster['user_level'] == 1 && $poster['donatordays'] > 0) { $mycolor="lightblue"; } if($poster['user_level'] == 4) { $mycolor="purple"; } if($poster['user_level'] == 3) { $mycolor="green"; } if($poster['user_level'] == 5) { $mycolor="orange"; } $posts=number_format($r['ff_posts']); print "<tr bgcolor='#404040'> <td align='center'><a href='forums.php?viewforum={$r['ff_id']}' style='font-weight: 800'>{$r['ff_name']}</a><small>{$r['ff_desc']}</small></td> <td align='center'>$posts</td> <td align='center'>{$r['ff_topics']}</td> <td align='center'>$t In: <a href='forums.php?viewtopic={$r['ff_lp_t_id']}&lastpost=1' style='font-weight: 800'>{$r['ff_lp_t_name']}</a> By: <a href='viewuser.php?u={$r['ff_lp_poster_id']}'><font color=$mycolor>{$r['ff_lp_poster_name']}</font></a> </td> </tr>"; } print "</table>"; } } function viewforum() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_GET['viewforum']}",$c); $r=mysql_fetch_array($q); if(($r['ff_auth']=='gang' AND $ir['gang'] != $r['ff_owner'] AND $ir["user_level"] < 2) OR ($r['ff_auth'] == 'staff' AND $ir['user_level'] == 1 || $r['ff_auth'] == 'staff' AND $ir['user_level'] == 4)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } if($_GET['viewforum'] <> 1 OR $ir['user_level']==2) { $ntl=" [<a href='forums.php?act=newtopicform&forum={$_GET['viewforum']}'>New Topic</a>]"; } else { $ntl=""; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$_GET['viewforum']}'>{$r['ff_name']}</a>$ntl</big> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'> <tr bgcolor='#606060'> <th width=40%>Topic</th> <th width=10%>Posts</th> <th width=25%>Started</th> <th width=25%>Last Post</th></tr>"; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_forum_id={$_GET['viewforum']} ORDER BY ft_pinned DESC, ft_last_time DESC",$c) or die(mysql_error()); while($r2=mysql_fetch_array($q)) { $pstr=mysql_query("SELECT * FROM users WHERE userid={$r2['ft_owner_id']}",$c); $poster=mysql_fetch_array($pstr); $mycolor=""; if($poster['user_level'] == 2) { $mycolor="blue"; } if($poster['user_level'] == 1 && $poster['donatordays'] == 0) { $mycolor=""; } if($poster['user_level'] == 1 && $poster['donatordays'] > 0) { $mycolor="lightblue"; } if($poster['user_level'] == 4) { $mycolor="purple"; } if($poster['user_level'] == 3) { $mycolor="green"; } if($poster['user_level'] == 5) { $mycolor="orange"; } $lst=mysql_query("SELECT * FROM users WHERE userid={$r2['ft_last_id']}",$c); $last=mysql_fetch_array($lst); $bycolor=""; if($last['user_level'] == 2) { $bycolor="blue"; } if($last['user_level'] == 1 && $last['donatordays'] == 0) { $bycolor=""; } if($last['user_level'] == 1 && $last['donatordays'] > 0) { $bycolor="lightblue"; } if($last['user_level'] == 4) { $bycolor="purple"; } if($last['user_level'] == 3) { $bycolor="green"; } if($last['user_level'] == 5) { $bycolor="orange"; } $t1=date('F j Y, g:i:s a',$r2['ft_start_time']); $t2=date('F j Y, g:i:s a',$r2['ft_last_time']); if($r2['ft_pinned']) { $pt="<b>Pinned:</b> "; } else { $pt=""; } if($r2['ft_locked']) { $lt=" <b>(Locked)</b>"; } else { $lt=""; } $posts=number_format($r2['ft_posts']); print "<tr bgcolor='#404040'> <td align='center'>$pt<a href='forums.php?viewtopic={$r2['ft_id']}&lastpost=1'>{$r2['ft_name']}</a>$lt <small>{$r2['ft_desc']}</small></td> <td align='center'>$posts</td> <td align='center'><font size=1>$t1 By: <a href='viewuser.php?u={$r2['ft_owner_id']}'><font color=$mycolor>{$r2['ft_owner_name']}</font></a></font></td> <td align='center'><font size=1>$t2 By: <a href='viewuser.php?u={$r2['ft_last_id']}'><font color=$bycolor>{$r2['ft_last_name']}</font></a></font></td> </tr>"; } print "</table>"; } function viewtopic() { global $ir, $c, $userid, $h, $bbc, $db; $precache=array(); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['viewtopic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner'] and $ir["user_level"] < 2) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> >> <a href='forums.php?viewtopic={$_GET['viewtopic']}'>{$topic['ft_name']}</a></big>"; $posts_per_page=20; $posts_topic=$topic['ft_posts']; $pages=ceil($posts_topic/$posts_per_page); $st= ($_GET['st']) ? $_GET['st'] : 0; if($_GET['lastpost']) { $st=($pages-1)*20; } $pst=-20; print "Pages: "; for($i=1;$i<=$pages;$i++) { $pst+=20; print "<a href='forums.php?viewtopic={$topic['ft_id']}&st=$pst'>"; if($pst == $st) { print "<b>"; } print $i; if($pst == $st) { print "</b>"; } print "</a> "; if($i % 25 == 0) { print ""; } } print ""; if($ir['user_level'] == 2 || $ir['user_level'] == 4) { print " <form action='forums.php?act=move&topic={$_GET['viewtopic']}' method='post'><b>Move topic to:</b> ".forum_dropdown($c, 'forum', -1)."<input type='submit' value='Move' /></form> <a href='forums.php?act=pin&topic={$_GET['viewtopic']}''><img src='sticky.jpg' alt='Pin/Unpin Topic' title='Pin/Unpin Topic' /></a> | <a href='forums.php?act=lock&topic={$_GET['viewtopic']}''><img src='lock.jpg' alt='Lock/Unlock Topic' title='Lock/Unlock Topic' /></a> | <a href='forums.php?act=deletopic&topic={$_GET['viewtopic']}''><img src='delete.gif' alt='Delete Topic' title='Delete Topic' /></a>"; } print " <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'>"; $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_topic_id={$topic['ft_id']} ORDER BY fp_time ASC LIMIT $st, 20",$c); $no=$st; while($r=mysql_fetch_array($q3)) { $qlink="[<a href='forums.php?act=quote&viewtopic={$_GET['viewtopic']}&post={$r['fp_id']}'>Quote Post</a>]"; if($ir['user_level'] > 1 || $ir['userid']==$r['fp_poster_id']) { $elink="[<a href='forums.php?act=edit&post={$r['fp_id']}&topic={$_GET['viewtopic']}'>Edit Post</a>]"; } else { $elink=""; } $no++; if($ir['user_level'] != 1) { $slink="[<a href='forumsig.php?ID={$r['fp_poster_id']}&forum=sig'>Delete Sig</a>]"; } if($no > 1 && $ir['user_level'] != 1) { $dlink="[<a href='forums.php?act=delepost&post={$r['fp_id']}'>Delete Post</a>]"; } else { $dlink=""; } $t=date('F j Y, g:i:s a',$r['fp_time']); if($r['fp_edit_count'] > 0) { $edittext="\n<i>Last edited by <a href='viewuser.php?u={$r['fp_editor_id']}'>{$r['fp_editor_name']}</a> at ".date('F j Y, g:i:s a',$r['fp_editor_time']).", edited <b>{$r['fp_edit_count']}</b> times in total.</i>"; } else { $edittext=""; } if(!$precache[$r['fp_poster_id']]['userid']) { $membq=mysql_query("SELECT * FROM users WHERE userid={$r['fp_poster_id']}",$c); $memb=mysql_fetch_array($membq); $precache[$memb['userid']]=$memb; } else { $memb=$precache[$r['fp_poster_id']]; } $rank=forums_rank($memb['posts']); $msg="{$memb['forums_avatar']}"; $msg=strip_tags($msg); if($memb['forums_avatar']) { $av="<img src='$msg' width='100' height='100' />"; } else { $av="<img src='noav.gif' />"; } if(!$memb['forums_signature']) { $memb['forums_signature']="No Signature"; } else {$memb['forums_signature']=$bbc->bbcode_parse($memb['forums_signature']); } $r['fp_text']=$bbc->bbcode_parse($r['fp_text']); print "<tr bgcolor='#404040'> <th align='center' width=20%>Post #{$no}</th> <th align='center'>Subject: {$r['fp_subject']} $t $qlink$slink$elink$dlink</th> </tr> <tr bgcolor='#404040'>"; $mycolor=""; if($memb['user_level'] == 2) { $mycolor="blue"; } if($memb['user_level'] == 1 && $memb['donatordays'] == 0) { $mycolor="gray"; } if($memb['user_level'] == 1 && $memb['donatordays'] > 0) { $mycolor="lightblue"; } if($memb['user_level'] == 4) { $mycolor="purple"; } if($memb['user_level'] == 3) { $mycolor="green"; } if($memb['user_level'] == 5) { $mycolor="orange"; } print"<td valign=top><center><a href='viewuser.php?u={$r['fp_poster_id']}'><font color='$mycolor'>{$r['fp_poster_name']}</font></a> [{$r['fp_poster_id']}]Level: {$memb['level']}</br>Posts: {$memb['posts']}</br></br></br> $av </br></br> Rank:</br><font color=red>$rank</font></center></td> <td valign=top>{$r['fp_text']} {$edittext} ------------------- {$memb['forums_signature']}</td> </tr>"; } print "</table>"; $pst=-20; print "Pages: "; for($i=1;$i<=$pages;$i++) { $pst+=20; print "<a href='forums.php?viewtopic={$topic['ft_id']}&st=$pst'>"; if($pst == $st) { print "<b>"; } print $i; if($pst == $st) { print "</b>"; } print "</a> "; if($i % 25 == 0) { print ""; } } if(!$topic['ft_locked']) { print <<<EOF <b>Post a reply to this topic:</b> <form action='forums.php?reply={$topic['ft_id']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align='right' bgcolor='#606060'>Subject:</td> <td align='left' bgcolor='#404040'><input type='text' name='fp_subject' /></td> </tr> <tr> <td align='right' bgcolor='#606060'>Post:</td> <td align='left' bgcolor='#404040'><textarea rows='7' cols='40' name='fp_text'></textarea></td> </tr> <tr bgcolor='#404040'> <th colspan='2' bgcolor='#404040'><input type='submit' value='Post Reply'></th> </tr> </table> </form> EOF; } else { print " <i>This topic has been locked, you cannot reply to it.</i>"; } } function reply() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['reply']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to reply to this topic. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } if(!$topic['ft_locked']) { $u=$ir['username']; $u=mysql_escape($u); $info=str_replace(array("'","\n"),array("'",""),htmlentities($_GET['reply'])); $_GET['reply'] = mysql_real_escape_string($info); $_GET['reply'] = mysql_real_escape_string($_GET['reply']); $subject = mysql_real_escape_string($_POST['fp_subject']); $text = mysql_real_escape_string($_POST['fp_text']); mysql_query("INSERT INTO forum_posts VALUES('', {$_GET['reply']}, {$forum['ff_id']}, $userid, '$u', unix_timestamp(), '$subject', '$text', 0, '', 0, 0)",$c) or die(mysql_error()); mysql_query("UPDATE forum_topics SET ft_last_id=$userid, ft_last_name='$u', ft_last_time=unix_timestamp(), ft_posts=ft_posts+1 WHERE ft_id={$_GET['reply']}",$c); mysql_query("UPDATE forum_forums SET ff_lp_time=unix_timestamp(), ff_posts=ff_posts+1, ff_lp_poster_id=$userid, ff_lp_poster_name='$u', ff_lp_t_id={$_GET['reply']}, ff_lp_t_name='{$topic['ft_name']}' WHERE ff_id={$forum['ff_id']}",$c); if($forum['ff_id'] != 7 && $forum['ff_id'] != 8) { mysql_query("UPDATE users SET posts=posts+1 WHERE userid=$userid",$c); } print "<b>Your reply has been posted.Redirecting back to <a href='forums.php?viewtopic={$_GET['reply']}'>the topic</a>...</b><hr />"; $_GET['lastpost']=1; $_GET['viewtopic']=$_GET['reply']; echo <<< EOF <meta http-equiv="refresh" content="2;url=forums.php?viewtopic={$_GET['viewtopic']}" /> EOF; } else { print " <i>This topic has been locked, you cannot reply to it.</i> <a href='forums.php?viewtopic={$_GET['reply']}'>Back</a>"; } } function newtopicform() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_GET['forum']}",$c); $r=mysql_fetch_array($q); if(($r['ff_auth']=='gang' AND $ir['gang'] != $r['ff_owner']) OR ($r['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print <<<EOF <big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$_GET['forum']}'>{$r['ff_name']}</a> >> New Topic Form</big> <form action='forums.php?act=newtopic&forum={$_GET['forum']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align=right bgcolor='#606060'>Topic Name:</td> <td align=left bgcolor='#404040'><input type='text' name='ft_name' value='' /></td> </tr> <tr> <td align=right bgcolor='#606060'>Topic Description:</td> <td align=left bgcolor='#404040'><input type='text' name='ft_desc' value='' /></td> </tr> <tr> <td align=right bgcolor='#606060'>Topic Text:</td> <td align=left bgcolor='#404040'><textarea rows='8' cols='45' name='fp_text'></textarea></td> </tr> <tr bgcolor='#404040'> <th colspan=2 bgcolor='#404040'><input type='submit' value='Post Topic' /></th> </tr> </table> EOF; } function newtopic() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_GET['forum']}",$c); $r=mysql_fetch_array($q); if(($r['ff_auth']=='gang' AND $ir['gang'] != $r['ff_owner']) OR ($r['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } if($r['ff_id']==1 AND $ir['user_level'] != 2) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $u=$ir['username']; $u=mysql_escape($u); if(!$_POST['ft_name']) { print "You did not supply a topic name. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $info=str_replace(array("'","\n"),array("'",""),htmlentities($_GET['forum'])); $_GET['forum'] = mysql_real_escape_string($info); $name = mysql_real_escape_string($_POST['ft_name']); $desc = mysql_real_escape_string($_POST['ft_desc']); mysql_query("INSERT INTO forum_topics VALUES('', {$_GET['forum']}, '$name', '$desc', 0, $userid, '$u', unix_timestamp(), 0, '', 0, 0, 0)",$c); $i=mysql_insert_id(); $dercp = $_POST['fp_text']; $dercp = mysql_real_escape_string($dercp); mysql_query("INSERT INTO forum_posts VALUES('', '{$i}', '{$r['ff_id']}', '$userid', '$u', unix_timestamp(), '$desc', '$dercp', 0, '', 0, 0)",$c) or die(mysql_error()); mysql_query("UPDATE forum_topics SET ft_last_id=$userid, ft_last_name='$u', ft_last_time=unix_timestamp(), ft_posts=ft_posts+1 WHERE ft_id={$i}",$c); mysql_query("UPDATE forum_forums SET ff_lp_time=unix_timestamp(), ff_posts=ff_posts+1, ff_topics=ff_topics+1, ff_lp_poster_id=$userid, ff_lp_poster_name='$u', ff_lp_t_id={$i}, ff_lp_t_name='$name' WHERE ff_id={$r['ff_id']}",$c); if($r['ff_id'] != 7 && $r['ff_id'] != 8) { mysql_query("UPDATE users SET posts=posts+1 WHERE userid=$userid",$c); } print "<b>Topic Posted!</b><hr />"; $_GET['viewtopic']=$i; viewtopic(); } function emptyallforums() { global $ir, $c, $userid, $h, $bbc, $db; mysql_query("update forum_forums set ff_lp_time=0, ff_lp_poster_id=0, ff_lp_poster_name='N/A', ff_lp_t_id=0, ff_lp_t_name='N/A',ff_posts=0, ff_topics=0",$c); mysql_query("truncate forum_topics",$c); mysql_query("truncate forum_posts",$c); } function quote() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['viewtopic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to reply to this topic. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> >> <a href='forums.php?viewtopic={$_GET['viewtopic']}'>{$topic['ft_name']}</a> >> Quoting a Post</big>"; if(!$topic['ft_locked']) { print" <b>Post a reply to this topic:</b> <form action='forums.php?reply={$topic['ft_id']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align='right' bgcolor='#606060'>Subject:</td> <td align='left' bgcolor='#404040'><input type='text' name='fp_subject' /></td> </tr> <tr> <td align='right' bgcolor='#606060'>Post:</td> <td align='left' bgcolor='#404040'><textarea rows='7' cols='40' name='fp_text'>"; if(eregi('/quote',$post['fp_text'])) { $explode=explode('</div> </div> </div> </div>',$post['fp_text']); print"<div class='bbcode_container'> <div class='bbcode_quote'> <div class='quote_container'> <div class='bbcode_quote_container'></div> <div class='bbcode_postedby'> <img src='digitalvb/morbid/misc/quote_icon.png' alt='Quote' /> Originally Posted by <strong>{$post['fp_poster_name']}</strong> </div> <div class='message'>}]{$explode['1']}</div> </div> </div> </div>"; } else { print"<div class='bbcode_container'> <div class='bbcode_quote'> <div class='quote_container'> <div class='bbcode_quote_container'></div> <div class='bbcode_postedby'> <img src='digitalvb/morbid/misc/quote_icon.png' alt='Quote' /> Originally Posted by <strong>{$post['fp_poster_name']}</strong> </div> <div class='message'>}]{$post['fp_text']}</div> </div> </div> </div>"; } print"</textarea></td> </tr> <tr bgcolor='#404040'> <th colspan='2' bgcolor='#404040'><input type='submit' value='Post Reply'></th> </tr> </table> </form> "; } else { print " <i>This topic has been locked, you cannot reply to it.</i> <a href='forums.php?viewtopic={$_GET['viewtopic']}'>Back</a>"; } } function edit() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); if(!($ir['user_level'] > 1 || $ir['userid']==$post['fp_poster_id'])) { print "You have no permission to edit this post. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> >> <a href='forums.php?viewtopic={$_GET['topic']}'>{$topic['ft_name']}</a> >> Editing a Post</big>"; print <<<EOF <form action='forums.php?act=editsub&topic={$topic['ft_id']}&post={$_GET['post']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align='right' bgcolor='#606060'>Subject:</td> <td align='left' bgcolor='#404040'><input type='text' name='fp_subject' value='{$post['fp_subject']}' /></td> </tr> <tr> <td align='right' bgcolor='#606060'>Post:</td> <td align='left' bgcolor='#404040'><textarea rows='7' cols='40' name='fp_text'>{$post['fp_text']} </textarea></td> </tr> <tr bgcolor='#404040'> <th colspan='2' bgcolor='#404040'><input type='submit' value='Edit Post'></th> </tr> </table> </form> EOF; } function editsub() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); if(!($ir['user_level'] > 1 || $ir['userid']==$post['fp_poster_id'])) { print "You have no permission to edit this post. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $subject = mysql_real_escape_string($_POST['fp_subject']); $text = mysql_real_escape_string($_POST['fp_text']); mysql_query("UPDATE forum_posts SET fp_subject='$subject', fp_text='$text', fp_editor_id=$userid, fp_editor_name='{$ir['username']}', fp_editor_time=unix_timestamp(), fp_edit_count=fp_edit_count+1 WHERE fp_id={$_GET['post']}",$c); print "<b>Post Edited!</b><hr />"; $_GET['viewtopic']=$_GET['topic']; viewtopic(); } function recache_forum($forum) { global $ir, $c, $userid, $h, $bbc, $db; print "Recaching forum ID $forum ... "; $q=mysql_query("SELECT p.*,t.* FROM forum_posts p LEFT JOIN forum_topics t ON p.fp_topic_id=t.ft_id WHERE p.fp_forum_id=$forum ORDER BY p.fp_time DESC LIMIT 1",$c); if(!mysql_num_rows($q)) { mysql_query("update forum_forums set ff_lp_time=0, ff_lp_poster_id=0, ff_lp_poster_name='N/A', ff_lp_t_id=0, ff_lp_t_name='N/A',ff_posts=0, ff_topics=0 where ff_id={$forum}",$c); print " ... Done"; } else { $r=mysql_fetch_array($q); $tn=mysql_escape($r['ft_name']); $pn=mysql_escape($r['fp_poster_name']); $posts=mysql_num_rows(mysql_query("SELECT fp_id FROM forum_posts WHERE fp_forum_id=$forum",$c)); $topics=mysql_num_rows(mysql_query("SELECT ft_id FROM forum_topics WHERE ft_forum_id=$forum",$c)); mysql_query("update forum_forums set ff_lp_time={$r['fp_time']}, ff_lp_poster_id={$r['fp_poster_id']}, ff_lp_poster_name='$pn', ff_lp_t_id={$r['ft_id']}, ff_lp_t_name='$tn',ff_posts=$posts, ff_topics=$topics where ff_id={$forum}",$c); print " ... Done"; } } function recache_topic($forum) { global $ir, $c, $userid, $h, $bbc; print "Recaching topic ID $forum ... "; $q=mysql_query("SELECT p.* FROM forum_posts p WHERE p.fp_topic_id=$forum ORDER BY p.fp_time DESC LIMIT 1",$c); if(!mysql_num_rows($q)) { mysql_query("update forum_topics set ft_last_id=0, ft_last_time=0, ft_last_name='N/A',ft_posts=0 where ft_id={$forum}",$c); print " ... Done"; } else { $r=mysql_fetch_array($q); $pn=mysql_escape($r['fp_poster_name']); $posts=mysql_num_rows(mysql_query("SELECT fp_id FROM forum_posts WHERE fp_topic_id=$forum",$c)); mysql_query("update forum_topics set ft_last_id={$r['fp_poster_id']}, ft_last_time={$r['fp_time']}, ft_last_name='$pn',ft_posts=$posts where ft_id={$forum}",$c); print " ... Done"; } } function move() { global $ir, $c, $userid, $h, $bbc; if($ir['user_level'] == 1) { $h->endpage(); exit; } $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_POST['forum']}",$c); $forum=mysql_fetch_array($q2); mysql_query("UPDATE forum_topics SET ft_forum_id={$_POST['forum']} WHERE ft_id={$_GET['topic']}",$c); mysql_query("UPDATE forum_posts SET fp_forum_id={$_POST['forum']} WHERE fp_topic_id={$_GET['topic']}",$c); print "Topic moved..."; echo "Moved Topic {$topic['ft_name']} to {$forum['ff_name']}"; recache_forum($topic['ft_forum_id']); recache_forum($_POST['forum']); $h->endpage(); exit; } function lock() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } mysql_query("UPDATE forum_topics SET ft_locked=-ft_locked+1 WHERE ft_id={$_GET['topic']}",$c); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $r=mysql_fetch_array($q); print "<b>{$r['ft_name']}</b>'s lock status changed, if it was unlocked, it will now be locked, otherwise, it will be unlocked."; if($r['ft_locked']==0) { echo "Unlocked Topic {$r['ft_name']}"; $h->endpage(); exit; } else { echo "Locked Topic {$r['ft_name']}"; $h->endpage(); exit; } } function pin() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } mysql_query("UPDATE forum_topics SET ft_pinned=-ft_pinned+1 WHERE ft_id={$_GET['topic']}"); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $r=mysql_fetch_array($q); print "<b>{$r['ft_name']}</b>'s pin status changed, if it was unpinned, it will now be pinned, otherwise, it will be unpinned."; if($r['ft_pinned']==0) { echo "Unpinned Topic {$r['ft_name']}"; $h->endpage(); exit; } else { echo "Pinned Topic {$r['ft_name']}"; $h->endpage(); exit; } } function delepost() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$post['fp_topic_id']}",$c); $topic=mysql_fetch_array($q); $u=mysql_escape($post['fp_poster_name']); mysql_query("DELETE FROM forum_posts WHERE fp_id={$post['fp_id']}",$c); print "Post deleted..."; recache_topic($post['fp_topic_id']); recache_forum($post['fp_forum_id']); echo "Deleted post ({$post['fp_subject']}) in {$topic['ft_name']}<A href=http://www.infamousnation.x10.mx/forums.php?viewtopic={$post['fp_topic_id']}>>Back</a>"; $h->endpage(); exit; } function deletopic() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); mysql_query("DELETE FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); mysql_query("DELETE FROM forum_posts WHERE fp_topic_id={$_GET['topic']}",$c); print "Deleting topic... Done"; recache_forum($topic['ft_forum_id']); echo "Deleted topic {$topic['ft_name']}<A href=forums.php>>Back</a>"; $h->endpage(); exit; } $h->endpage(); ?>

try doing a echo $_POST[$set['second_currency']]; just check it is passing gold bars