The Coder Posted July 24, 2012 Share Posted July 24, 2012 Hey, I've recently updated my in-game forums to a more secure version, this may be a stupid question, but each time I try to access my new forums.php file it automatically redirects to the login page, here is my code:- <?php session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; include "mysql.php"; global $c; $is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error()); $ir=mysql_fetch_array($is); check_level(); $fm=money_formatter($ir['money']); $cm=money_formatter($ir['crystals'],''); $lv=date('F j, Y, g:i a',$ir['laston']); $pageName = "Forums"; include_once("int1.php"); $forums=1; print"<center><font size=5>InfamousNation Forums</font></center><br>"; class bbcode { var $engine=""; function bbcode() { require "bbcode_engine.php"; $this->engine= new bbcode_engine; $this->engine->cust_tag("/</","<"); $this->engine->cust_tag("/>/",">"); //Since \n and <br> screw up preg, convert them out. $this->engine->cust_tag("/\n/","&nbrlb;"); $this->engine->simple_bbcode_tag("b"); $this->engine->simple_bbcode_tag("i"); $this->engine->simple_bbcode_tag("u"); $this->engine->simple_bbcode_tag("s"); $this->engine->simple_bbcode_tag("sub"); $this->engine->simple_bbcode_tag("sup"); $this->engine->simple_bbcode_tag("big"); $this->engine->simple_bbcode_tag("small"); $this->engine->adv_bbcode_tag("list","ul"); $this->engine->adv_bbcode_tag("olist","ol"); $this->engine->adv_bbcode_tag("item","li"); $this->engine->adv_option_tag("font","font","family"); $this->engine->adv_option_tag("size","font","size"); $this->engine->adv_option_tag("url","a","href"); $this->engine->adv_option_tag("color","font","color"); $this->engine->adv_option_tag("style","span","style"); $this->engine->simp_option_notext("img","src"); $this->engine->simp_bbcode_att("img","src"); $this->engine->cust_tag("/\(c\)/","©"); $this->engine->cust_tag("/\(tm\)/","™"); $this->engine->cust_tag("/\(r\)/","®"); $this->engine->adv_option_tag_em("email","a","href"); $this->engine->adv_bbcode_att_em("email","a","href"); $this->engine->cust_tag("/\[left\](.+?)\[\/left\]/","<div align='left'>\\1</div>"); $this->engine->cust_tag("/\[center\](.+?)\[\/center\]/","<div align='center'>\\1</div>"); $this->engine->cust_tag("/\[right\](.+?)\[\/right\]/","<div align='right'>\\1</div>"); $this->engine->cust_tag("/\[quote name='(.+?)\'](.+?)\[\/quote\]/","<font color=red><b>Quoting \\1</b></font><br><blockquote>\\2</blockquote>"); $this->engine->cust_tag("/\[quote\](.+?)\[\/quote\]/","<font color=red><b>Quote:</b></font><table width=100%><tr><td><blockquote>\\1</blockquote><td></tr></table>"); $this->engine->cust_tag("/\[code\](.+?)\[\/code\]/","<div class='codetop'>CODE</div><div class='codemain'><code>\\1</code></div>"); $this->engine->cust_tag("/\[codebox\](.+?)\[\/codebox\]/","<div class='codetop'>CODE</div><div class='codemain' style='height:200px;white-space:pre;overflow:auto'>\\1</div>"); $this->engine->cust_tag("/&nbrlb;/","<br />\n"); } function bbcode_parse($html) { return $this->engine->parse_bbcode($html); } } function strip_html_tags($text) { return preg_replace("/<(.+?)>/is","", $text); } function forums_rank($tp) { if ( $tp < 3 ) { return "#12 Forum Newbie"; } else if ( $tp < 10 ) { return "#11 Active Member"; } else if ( $tp < 25 ) { return "#10 Beginning Poster"; } else if ( $tp < 50 ) { return "#9 Average Poster"; } else if ( $tp < 100 ) { return "#8 Good Poster"; } else if ( $tp < 250 ) { return "#7 Very Good Poster"; } else if ( $tp < 500 ) { return "#6 Experienced Poster"; } else if ( $tp< 750 ) { return "#5 Honored Poster"; } else if ( $tp < 1000 ) { return "#4 Posting Champion"; } else if ( $tp < 1500 ) { return "#3 Posting King"; } else if ( $tp < 2500 ) { return "#2 Posting God"; } else if ( $tp < 5000 ) { return "#1 Forum Guru"; } } $bbc = new bbcode; if($ir['forumban']) { echo "<font color=red><h3>! ERROR</h3> You have been forum banned for {$ir['forumban']} days.<br /> <br /> <b>Reason: {$ir['fb_reason']}</font></b>"; $h->endpage(); exit; } $_GET['viewforum']=(int) $_GET['viewforum']; if(is_numeric($_GET['viewtopic']) and $_GET['act'] != 'quote') { $_GET['act']='viewtopic'; } if($_GET['viewforum']) { $_GET['act']='viewforum'; } if($_GET['reply']) { $_GET['act']='reply'; } if($_GET['empty']==1 && $_GET['code']=='kill' && $_SESSION['owner']) { emptyallforums(); } switch($_GET['act']) { case 'viewforum': viewforum(); break; case 'viewtopic': viewtopic(); break; case 'reply': reply(); break; case 'newtopicform': newtopicform(); break; case 'newtopic': newtopic(); break; case 'quote': quote(); break; case 'edit': edit(); break; case 'move': move(); break; case 'editsub': editsub(); break; case 'lock': lock(); break; case 'delepost': delepost(); break; case 'deletopic': deletopic(); break; case 'pin': pin(); break; case 'recache': recache_forum($_GET['forum']); break; default: idx(); break; } function idx() { global $ir, $c, $userid; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_auth='public' ORDER BY ff_id ASC",$c) or die(mysql_error()); print " <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'> <tr bgcolor='#606060'><th width=40%>Forum</th> <th width=10%>Posts</th> <th width=10%>Topics</th> <th width=40%>Last Post</th> </tr>"; while($r=mysql_fetch_array($q)) { $t=date('F j Y, g:i:s a',$r['ff_lp_time']); $pstr=mysql_query("SELECT * FROM users WHERE userid={$r['ff_lp_poster_id']}",$c); $poster=mysql_fetch_array($pstr); $mycolor=""; if($poster['user_level'] == 2) { $mycolor="blue"; } if($poster['user_level'] == 1 && $poster['donatordays'] == 0) { $mycolor=""; } if($poster['user_level'] == 1 && $poster['donatordays'] > 0) { $mycolor="lightblue"; } if($poster['user_level'] == 4) { $mycolor="purple"; } if($poster['user_level'] == 3) { $mycolor="green"; } if($poster['user_level'] == 5) { $mycolor="orange"; } $posts=number_format($r['ff_posts']); print "<tr bgcolor='#404040'> <td align='center'><a href='forums.php?viewforum={$r['ff_id']}' style='font-weight: 800'>{$r['ff_name']}</a><br /><small>{$r['ff_desc']}</small></td> <td align='center'>$posts</td> <td align='center'>{$r['ff_topics']}</td> <td align='center'>$t<br /> In: <a href='forums.php?viewtopic={$r['ff_lp_t_id']}&lastpost=1' style='font-weight: 800'>{$r['ff_lp_t_name']}</a><br /> By: <a href='viewuser.php?u={$r['ff_lp_poster_id']}'><font color=$mycolor>{$r['ff_lp_poster_name']}</font></a> </td> </tr>"; } print "</table>"; if($ir['user_level'] == 5 || $ir['user_level'] == 2 || $ir['user_level'] == 3) { print "<hr /><a name='staff'><h3>Staff-Only Forums</h3></a><hr />"; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_auth='staff' ORDER BY ff_id ASC",$c) or die(mysql_error()); print " <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'> <tr bgcolor='#606060'><th>Forum</th> <th>Posts</th> <th>Topics</th> <th>Last Post</th> </tr>"; while($r=mysql_fetch_array($q)) { $t=date('F j Y, g:i:s a',$r['ff_lp_time']); $pstr=mysql_query("SELECT * FROM users WHERE userid={$r['ff_lp_poster_id']}",$c); $poster=mysql_fetch_array($pstr); $mycolor=""; if($poster['user_level'] == 2) { $mycolor="blue"; } if($poster['user_level'] == 1 && $poster['donatordays'] == 0) { $mycolor=""; } if($poster['user_level'] == 1 && $poster['donatordays'] > 0) { $mycolor="lightblue"; } if($poster['user_level'] == 4) { $mycolor="purple"; } if($poster['user_level'] == 3) { $mycolor="green"; } if($poster['user_level'] == 5) { $mycolor="orange"; } $posts=number_format($r['ff_posts']); print "<tr bgcolor='#404040'> <td align='center'><a href='forums.php?viewforum={$r['ff_id']}' style='font-weight: 800'>{$r['ff_name']}</a><br /><small>{$r['ff_desc']}</small></td> <td align='center'>$posts</td> <td align='center'>{$r['ff_topics']}</td> <td align='center'>$t<br /> In: <a href='forums.php?viewtopic={$r['ff_lp_t_id']}&lastpost=1' style='font-weight: 800'>{$r['ff_lp_t_name']}</a><br /> By: <a href='viewuser.php?u={$r['ff_lp_poster_id']}'><font color=$mycolor>{$r['ff_lp_poster_name']}</font></a> </td> </tr>"; } print "</table>"; } } function viewforum() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_GET['viewforum']}",$c); $r=mysql_fetch_array($q); if(($r['ff_auth']=='gang' AND $ir['gang'] != $r['ff_owner'] AND $ir["user_level"] < 2) OR ($r['ff_auth'] == 'staff' AND $ir['user_level'] == 1 || $r['ff_auth'] == 'staff' AND $ir['user_level'] == 4)) { print "You have no permission to view this forum.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } if($_GET['viewforum'] <> 1 OR $ir['user_level']==2) { $ntl=" [<a href='forums.php?act=newtopicform&forum={$_GET['viewforum']}'>New Topic</a>]"; } else { $ntl=""; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$_GET['viewforum']}'>{$r['ff_name']}</a>$ntl</big><br /><br /> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'> <tr bgcolor='#606060'> <th width=40%>Topic</th> <th width=10%>Posts</th> <th width=25%>Started</th> <th width=25%>Last Post</th></tr>"; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_forum_id={$_GET['viewforum']} ORDER BY ft_pinned DESC, ft_last_time DESC",$c) or die(mysql_error()); while($r2=mysql_fetch_array($q)) { $pstr=mysql_query("SELECT * FROM users WHERE userid={$r2['ft_owner_id']}",$c); $poster=mysql_fetch_array($pstr); $mycolor=""; if($poster['user_level'] == 2) { $mycolor="blue"; } if($poster['user_level'] == 1 && $poster['donatordays'] == 0) { $mycolor=""; } if($poster['user_level'] == 1 && $poster['donatordays'] > 0) { $mycolor="lightblue"; } if($poster['user_level'] == 4) { $mycolor="purple"; } if($poster['user_level'] == 3) { $mycolor="green"; } if($poster['user_level'] == 5) { $mycolor="orange"; } $lst=mysql_query("SELECT * FROM users WHERE userid={$r2['ft_last_id']}",$c); $last=mysql_fetch_array($lst); $bycolor=""; if($last['user_level'] == 2) { $bycolor="blue"; } if($last['user_level'] == 1 && $last['donatordays'] == 0) { $bycolor=""; } if($last['user_level'] == 1 && $last['donatordays'] > 0) { $bycolor="lightblue"; } if($last['user_level'] == 4) { $bycolor="purple"; } if($last['user_level'] == 3) { $bycolor="green"; } if($last['user_level'] == 5) { $bycolor="orange"; } $t1=date('F j Y, g:i:s a',$r2['ft_start_time']); $t2=date('F j Y, g:i:s a',$r2['ft_last_time']); if($r2['ft_pinned']) { $pt="<b>Pinned:</b> "; } else { $pt=""; } if($r2['ft_locked']) { $lt=" <b>(Locked)</b>"; } else { $lt=""; } $posts=number_format($r2['ft_posts']); print "<tr bgcolor='#404040'> <td align='center'>$pt<a href='forums.php?viewtopic={$r2['ft_id']}&lastpost=1'>{$r2['ft_name']}</a>$lt<br /> <small>{$r2['ft_desc']}</small></td> <td align='center'>$posts</td> <td align='center'><font size=1>$t1<br /> By: <a href='viewuser.php?u={$r2['ft_owner_id']}'><font color=$mycolor>{$r2['ft_owner_name']}</font></a></font></td> <td align='center'><font size=1>$t2<br /> By: <a href='viewuser.php?u={$r2['ft_last_id']}'><font color=$bycolor>{$r2['ft_last_name']}</font></a></font></td> </tr>"; } print "</table>"; } function viewtopic() { global $ir, $c, $userid, $h, $bbc, $db; $precache=array(); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['viewtopic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner'] and $ir["user_level"] < 2) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> >> <a href='forums.php?viewtopic={$_GET['viewtopic']}'>{$topic['ft_name']}</a></big><br /><br />"; $posts_per_page=20; $posts_topic=$topic['ft_posts']; $pages=ceil($posts_topic/$posts_per_page); $st= ($_GET['st']) ? $_GET['st'] : 0; if($_GET['lastpost']) { $st=($pages-1)*20; } $pst=-20; print "Pages: "; for($i=1;$i<=$pages;$i++) { $pst+=20; print "<a href='forums.php?viewtopic={$topic['ft_id']}&st=$pst'>"; if($pst == $st) { print "<b>"; } print $i; if($pst == $st) { print "</b>"; } print "</a> "; if($i % 25 == 0) { print "<br />"; } } print "<br />"; if($ir['user_level'] == 2 || $ir['user_level'] == 4) { print " <form action='forums.php?act=move&topic={$_GET['viewtopic']}' method='post'><b>Move topic to:</b> ".forum_dropdown($c, 'forum', -1)."<input type='submit' value='Move' /></form><br /> <a href='forums.php?act=pin&topic={$_GET['viewtopic']}''><img src='sticky.jpg' alt='Pin/Unpin Topic' title='Pin/Unpin Topic' /></a> | <a href='forums.php?act=lock&topic={$_GET['viewtopic']}''><img src='lock.jpg' alt='Lock/Unlock Topic' title='Lock/Unlock Topic' /></a> | <a href='forums.php?act=deletopic&topic={$_GET['viewtopic']}''><img src='delete.gif' alt='Delete Topic' title='Delete Topic' /></a><br />"; } print " <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'>"; $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_topic_id={$topic['ft_id']} ORDER BY fp_time ASC LIMIT $st, 20",$c); $no=$st; while($r=mysql_fetch_array($q3)) { $qlink="[<a href='forums.php?act=quote&viewtopic={$_GET['viewtopic']}&post={$r['fp_id']}'>Quote Post</a>]"; if($ir['user_level'] > 1 || $ir['userid']==$r['fp_poster_id']) { $elink="[<a href='forums.php?act=edit&post={$r['fp_id']}&topic={$_GET['viewtopic']}'>Edit Post</a>]"; } else { $elink=""; } $no++; if($ir['user_level'] != 1) { $slink="[<a href='forumsig.php?ID={$r['fp_poster_id']}&forum=sig'>Delete Sig</a>]"; } if($no > 1 && $ir['user_level'] != 1) { $dlink="[<a href='forums.php?act=delepost&post={$r['fp_id']}'>Delete Post</a>]"; } else { $dlink=""; } $t=date('F j Y, g:i:s a',$r['fp_time']); if($r['fp_edit_count'] > 0) { $edittext="\n<br /><i>Last edited by <a href='viewuser.php?u={$r['fp_editor_id']}'>{$r['fp_editor_name']}</a> at ".date('F j Y, g:i:s a',$r['fp_editor_time']).", edited <b>{$r['fp_edit_count']}</b> times in total.</i>"; } else { $edittext=""; } if(!$precache[$r['fp_poster_id']]['userid']) { $membq=mysql_query("SELECT * FROM users WHERE userid={$r['fp_poster_id']}",$c); $memb=mysql_fetch_array($membq); $precache[$memb['userid']]=$memb; } else { $memb=$precache[$r['fp_poster_id']]; } $rank=forums_rank($memb['posts']); $msg="{$memb['forums_avatar']}"; $msg=strip_tags($msg); if($memb['forums_avatar']) { $av="<img src='$msg' width='100' height='100' />"; } else { $av="<img src='noav.gif' />"; } if(!$memb['forums_signature']) { $memb['forums_signature']="No Signature"; } else {$memb['forums_signature']=$bbc->bbcode_parse($memb['forums_signature']); } $r['fp_text']=$bbc->bbcode_parse($r['fp_text']); print "<tr bgcolor='#404040'> <th align='center' width=20%>Post #{$no}</th> <th align='center'>Subject: {$r['fp_subject']}<br /> $t $qlink$slink$elink$dlink</th> </tr> <tr bgcolor='#404040'>"; $mycolor=""; if($memb['user_level'] == 2) { $mycolor="blue"; } if($memb['user_level'] == 1 && $memb['donatordays'] == 0) { $mycolor="gray"; } if($memb['user_level'] == 1 && $memb['donatordays'] > 0) { $mycolor="lightblue"; } if($memb['user_level'] == 4) { $mycolor="purple"; } if($memb['user_level'] == 3) { $mycolor="green"; } if($memb['user_level'] == 5) { $mycolor="orange"; } print"<td valign=top><center><a href='viewuser.php?u={$r['fp_poster_id']}'><font color='$mycolor'>{$r['fp_poster_name']}</font></a> [{$r['fp_poster_id']}]<br />Level: {$memb['level']}</br>Posts: {$memb['posts']}</br></br></br> $av<br /> </br></br> Rank:</br><font color=red>$rank</font></center></td> <td valign=top>{$r['fp_text']} {$edittext}<br /> -------------------<br /> {$memb['forums_signature']}</td> </tr>"; } print "</table>"; $pst=-20; print "Pages: "; for($i=1;$i<=$pages;$i++) { $pst+=20; print "<a href='forums.php?viewtopic={$topic['ft_id']}&st=$pst'>"; if($pst == $st) { print "<b>"; } print $i; if($pst == $st) { print "</b>"; } print "</a> "; if($i % 25 == 0) { print "<br />"; } } if(!$topic['ft_locked']) { print <<<EOF <br /><br /> <b>Post a reply to this topic:</b><br /> <form action='forums.php?reply={$topic['ft_id']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align='right' bgcolor='#606060'>Subject:</td> <td align='left' bgcolor='#404040'><input type='text' name='fp_subject' /></td> </tr> <tr> <td align='right' bgcolor='#606060'>Post:</td> <td align='left' bgcolor='#404040'><textarea rows='7' cols='40' name='fp_text'></textarea></td> </tr> <tr bgcolor='#404040'> <th colspan='2' bgcolor='#404040'><input type='submit' value='Post Reply'></th> </tr> </table> </form> EOF; } else { print "<br /><br /> <i>This topic has been locked, you cannot reply to it.</i>"; } } function reply() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['reply']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to reply to this topic.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } if(!$topic['ft_locked']) { $u=$ir['username']; $u=mysql_escape($u); $info=str_replace(array("'","\n"),array("'","<br />"),htmlentities($_GET['reply'])); $_GET['reply'] = mysql_real_escape_string($info); $_GET['reply'] = mysql_real_escape_string($_GET['reply']); $subject = mysql_real_escape_string($_POST['fp_subject']); $text = mysql_real_escape_string($_POST['fp_text']); mysql_query("INSERT INTO forum_posts VALUES('', {$_GET['reply']}, {$forum['ff_id']}, $userid, '$u', unix_timestamp(), '$subject', '$text', 0, '', 0, 0)",$c) or die(mysql_error()); mysql_query("UPDATE forum_topics SET ft_last_id=$userid, ft_last_name='$u', ft_last_time=unix_timestamp(), ft_posts=ft_posts+1 WHERE ft_id={$_GET['reply']}",$c); mysql_query("UPDATE forum_forums SET ff_lp_time=unix_timestamp(), ff_posts=ff_posts+1, ff_lp_poster_id=$userid, ff_lp_poster_name='$u', ff_lp_t_id={$_GET['reply']}, ff_lp_t_name='{$topic['ft_name']}' WHERE ff_id={$forum['ff_id']}",$c); if($forum['ff_id'] != 7 && $forum['ff_id'] != 8) { mysql_query("UPDATE users SET posts=posts+1 WHERE userid=$userid",$c); } print "<b>Your reply has been posted.<br>Redirecting back to <a href='forums.php?viewtopic={$_GET['reply']}'>the topic</a>...</b><hr /><br />"; $_GET['lastpost']=1; $_GET['viewtopic']=$_GET['reply']; echo <<< EOF <meta http-equiv="refresh" content="2;url=forums.php?viewtopic={$_GET['viewtopic']}" /> EOF; } else { print " <i>This topic has been locked, you cannot reply to it.</i><br /> <a href='forums.php?viewtopic={$_GET['reply']}'>Back</a>"; } } function newtopicform() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_GET['forum']}",$c); $r=mysql_fetch_array($q); if(($r['ff_auth']=='gang' AND $ir['gang'] != $r['ff_owner']) OR ($r['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print <<<EOF <big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$_GET['forum']}'>{$r['ff_name']}</a> >> New Topic Form</big> <form action='forums.php?act=newtopic&forum={$_GET['forum']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align=right bgcolor='#606060'>Topic Name:</td> <td align=left bgcolor='#404040'><input type='text' name='ft_name' value='' /></td> </tr> <tr> <td align=right bgcolor='#606060'>Topic Description:</td> <td align=left bgcolor='#404040'><input type='text' name='ft_desc' value='' /></td> </tr> <tr> <td align=right bgcolor='#606060'>Topic Text:</td> <td align=left bgcolor='#404040'><textarea rows='8' cols='45' name='fp_text'></textarea></td> </tr> <tr bgcolor='#404040'> <th colspan=2 bgcolor='#404040'><input type='submit' value='Post Topic' /></th> </tr> </table> EOF; } function newtopic() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_GET['forum']}",$c); $r=mysql_fetch_array($q); if(($r['ff_auth']=='gang' AND $ir['gang'] != $r['ff_owner']) OR ($r['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } if($r['ff_id']==1 AND $ir['user_level'] != 2) { print "You have no permission to view this forum.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $u=$ir['username']; $u=mysql_escape($u); if(!$_POST['ft_name']) { print "You did not supply a topic name.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $info=str_replace(array("'","\n"),array("'","<br />"),htmlentities($_GET['forum'])); $_GET['forum'] = mysql_real_escape_string($info); $name = mysql_real_escape_string($_POST['ft_name']); $desc = mysql_real_escape_string($_POST['ft_desc']); mysql_query("INSERT INTO forum_topics VALUES('', {$_GET['forum']}, '$name', '$desc', 0, $userid, '$u', unix_timestamp(), 0, '', 0, 0, 0)",$c); $i=mysql_insert_id(); $dercp = $_POST['fp_text']; $dercp = mysql_real_escape_string($dercp); mysql_query("INSERT INTO forum_posts VALUES('', '{$i}', '{$r['ff_id']}', '$userid', '$u', unix_timestamp(), '$desc', '$dercp', 0, '', 0, 0)",$c) or die(mysql_error()); mysql_query("UPDATE forum_topics SET ft_last_id=$userid, ft_last_name='$u', ft_last_time=unix_timestamp(), ft_posts=ft_posts+1 WHERE ft_id={$i}",$c); mysql_query("UPDATE forum_forums SET ff_lp_time=unix_timestamp(), ff_posts=ff_posts+1, ff_topics=ff_topics+1, ff_lp_poster_id=$userid, ff_lp_poster_name='$u', ff_lp_t_id={$i}, ff_lp_t_name='$name' WHERE ff_id={$r['ff_id']}",$c); if($r['ff_id'] != 7 && $r['ff_id'] != 8) { mysql_query("UPDATE users SET posts=posts+1 WHERE userid=$userid",$c); } print "<b>Topic Posted!</b><hr /><br />"; $_GET['viewtopic']=$i; viewtopic(); } function emptyallforums() { global $ir, $c, $userid, $h, $bbc, $db; mysql_query("update forum_forums set ff_lp_time=0, ff_lp_poster_id=0, ff_lp_poster_name='N/A', ff_lp_t_id=0, ff_lp_t_name='N/A',ff_posts=0, ff_topics=0",$c); mysql_query("truncate forum_topics",$c); mysql_query("truncate forum_posts",$c); } function quote() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['viewtopic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to reply to this topic.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> >> <a href='forums.php?viewtopic={$_GET['viewtopic']}'>{$topic['ft_name']}</a> >> Quoting a Post</big><br /><br />"; if(!$topic['ft_locked']) { print" <br /><br /> <b>Post a reply to this topic:</b><br /> <form action='forums.php?reply={$topic['ft_id']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align='right' bgcolor='#606060'>Subject:</td> <td align='left' bgcolor='#404040'><input type='text' name='fp_subject' /></td> </tr> <tr> <td align='right' bgcolor='#606060'>Post:</td> <td align='left' bgcolor='#404040'><textarea rows='7' cols='40' name='fp_text'>"; if(eregi('/quote',$post['fp_text'])) { $explode=explode('[/quote]',$post['fp_text']); print"[quote name='{$post['fp_poster_name'']}]{$explode['1']}[/quote]"; } else { print"[quote name='{$post['fp_poster_name'']}]{$post['fp_text']}[/quote]"; } print"</textarea></td> </tr> <tr bgcolor='#404040'> <th colspan='2' bgcolor='#404040'><input type='submit' value='Post Reply'></th> </tr> </table> </form> "; } else { print " <i>This topic has been locked, you cannot reply to it.</i><br /> <a href='forums.php?viewtopic={$_GET['viewtopic']}'>Back</a>"; } } function edit() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); if(!($ir['user_level'] > 1 || $ir['userid']==$post['fp_poster_id'])) { print "You have no permission to edit this post.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> >> <a href='forums.php?viewtopic={$_GET['topic']}'>{$topic['ft_name']}</a> >> Editing a Post</big><br /><br />"; print <<<EOF <form action='forums.php?act=editsub&topic={$topic['ft_id']}&post={$_GET['post']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align='right' bgcolor='#606060'>Subject:</td> <td align='left' bgcolor='#404040'><input type='text' name='fp_subject' value='{$post['fp_subject']}' /></td> </tr> <tr> <td align='right' bgcolor='#606060'>Post:</td> <td align='left' bgcolor='#404040'><textarea rows='7' cols='40' name='fp_text'>{$post['fp_text']} </textarea></td> </tr> <tr bgcolor='#404040'> <th colspan='2' bgcolor='#404040'><input type='submit' value='Edit Post'></th> </tr> </table> </form> EOF; } function editsub() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); if(!($ir['user_level'] > 1 || $ir['userid']==$post['fp_poster_id'])) { print "You have no permission to edit this post.<br /> > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $subject = mysql_real_escape_string($_POST['fp_subject']); $text = mysql_real_escape_string($_POST['fp_text']); mysql_query("UPDATE forum_posts SET fp_subject='$subject', fp_text='$text', fp_editor_id=$userid, fp_editor_name='{$ir['username']}', fp_editor_time=unix_timestamp(), fp_edit_count=fp_edit_count+1 WHERE fp_id={$_GET['post']}",$c); print "<b>Post Edited!</b><hr /><br />"; $_GET['viewtopic']=$_GET['topic']; viewtopic(); } function recache_forum($forum) { global $ir, $c, $userid, $h, $bbc, $db; print "Recaching forum ID $forum ... "; $q=mysql_query("SELECT p.*,t.* FROM forum_posts p LEFT JOIN forum_topics t ON p.fp_topic_id=t.ft_id WHERE p.fp_forum_id=$forum ORDER BY p.fp_time DESC LIMIT 1",$c); if(!mysql_num_rows($q)) { mysql_query("update forum_forums set ff_lp_time=0, ff_lp_poster_id=0, ff_lp_poster_name='N/A', ff_lp_t_id=0, ff_lp_t_name='N/A',ff_posts=0, ff_topics=0 where ff_id={$forum}",$c); print " ... Done"; } else { $r=mysql_fetch_array($q); $tn=mysql_escape($r['ft_name']); $pn=mysql_escape($r['fp_poster_name']); $posts=mysql_num_rows(mysql_query("SELECT fp_id FROM forum_posts WHERE fp_forum_id=$forum",$c)); $topics=mysql_num_rows(mysql_query("SELECT ft_id FROM forum_topics WHERE ft_forum_id=$forum",$c)); mysql_query("update forum_forums set ff_lp_time={$r['fp_time']}, ff_lp_poster_id={$r['fp_poster_id']}, ff_lp_poster_name='$pn', ff_lp_t_id={$r['ft_id']}, ff_lp_t_name='$tn',ff_posts=$posts, ff_topics=$topics where ff_id={$forum}",$c); print " ... Done<br />"; } } function recache_topic($forum) { global $ir, $c, $userid, $h, $bbc; print "Recaching topic ID $forum ... "; $q=mysql_query("SELECT p.* FROM forum_posts p WHERE p.fp_topic_id=$forum ORDER BY p.fp_time DESC LIMIT 1",$c); if(!mysql_num_rows($q)) { mysql_query("update forum_topics set ft_last_id=0, ft_last_time=0, ft_last_name='N/A',ft_posts=0 where ft_id={$forum}",$c); print " ... Done"; } else { $r=mysql_fetch_array($q); $pn=mysql_escape($r['fp_poster_name']); $posts=mysql_num_rows(mysql_query("SELECT fp_id FROM forum_posts WHERE fp_topic_id=$forum",$c)); mysql_query("update forum_topics set ft_last_id={$r['fp_poster_id']}, ft_last_time={$r['fp_time']}, ft_last_name='$pn',ft_posts=$posts where ft_id={$forum}",$c); print " ... Done<br />"; } } function move() { global $ir, $c, $userid, $h, $bbc; if($ir['user_level'] == 1) { $h->endpage(); exit; } $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_POST['forum']}",$c); $forum=mysql_fetch_array($q2); mysql_query("UPDATE forum_topics SET ft_forum_id={$_POST['forum']} WHERE ft_id={$_GET['topic']}",$c); mysql_query("UPDATE forum_posts SET fp_forum_id={$_POST['forum']} WHERE fp_topic_id={$_GET['topic']}",$c); print "Topic moved...<br />"; echo "Moved Topic {$topic['ft_name']} to {$forum['ff_name']}"; recache_forum($topic['ft_forum_id']); recache_forum($_POST['forum']); $h->endpage(); exit; } function lock() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } mysql_query("UPDATE forum_topics SET ft_locked=-ft_locked+1 WHERE ft_id={$_GET['topic']}",$c); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $r=mysql_fetch_array($q); print "<b>{$r['ft_name']}</b>'s lock status changed, if it was unlocked, it will now be locked, otherwise, it will be unlocked."; if($r['ft_locked']==0) { echo "Unlocked Topic {$r['ft_name']}"; $h->endpage(); exit; } else { echo "Locked Topic {$r['ft_name']}"; $h->endpage(); exit; } } function pin() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } mysql_query("UPDATE forum_topics SET ft_pinned=-ft_pinned+1 WHERE ft_id={$_GET['topic']}"); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $r=mysql_fetch_array($q); print "<b>{$r['ft_name']}</b>'s pin status changed, if it was unpinned, it will now be pinned, otherwise, it will be unpinned."; if($r['ft_pinned']==0) { echo "Unpinned Topic {$r['ft_name']}"; $h->endpage(); exit; } else { echo "Pinned Topic {$r['ft_name']}"; $h->endpage(); exit; } } function delepost() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$post['fp_topic_id']}",$c); $topic=mysql_fetch_array($q); $u=mysql_escape($post['fp_poster_name']); mysql_query("DELETE FROM forum_posts WHERE fp_id={$post['fp_id']}",$c); print "Post deleted...<br />"; recache_topic($post['fp_topic_id']); recache_forum($post['fp_forum_id']); echo "Deleted post ({$post['fp_subject']}) in {$topic['ft_name']}<br><br><A href=http://www.infamousnation.x10.mx/forums.php?viewtopic={$post['fp_topic_id']}>>Back</a>"; $h->endpage(); exit; } function deletopic() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); mysql_query("DELETE FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); mysql_query("DELETE FROM forum_posts WHERE fp_topic_id={$_GET['topic']}",$c); print "Deleting topic... Done<br />"; recache_forum($topic['ft_forum_id']); echo "Deleted topic {$topic['ft_name']}<br><br><A href=forums.php>>Back</a>"; $h->endpage(); exit; } $h->endpage(); ?> Anyone spot the issue? Quote Link to comment Share on other sites More sharing options...
Dave Posted July 24, 2012 Share Posted July 24, 2012 I'm guessing you're using 2.0.5? They have a session_name() but I can't recall what it is, pop open globals.php and check. Quote Link to comment Share on other sites More sharing options...
The Coder Posted July 24, 2012 Author Share Posted July 24, 2012 Yep this is the name by the looks of it: session_name('MCCSID'); Is there anything I should change? :) Quote Link to comment Share on other sites More sharing options...
Zed Posted August 1, 2012 Share Posted August 1, 2012 <?php require_once('globals.php'); $pageName = "Forums"; include_once("int1.php"); $forums=1; print"<center><font size=5>InfamousNation Forums</font></center>"; class bbcode { var $engine=""; function bbcode() { require "bbcode_engine.php"; $this->engine= new bbcode_engine; $this->engine->cust_tag("/</","<"); $this->engine->cust_tag("/>/",">"); //Since \n and screw up preg, convert them out. $this->engine->cust_tag("/\n/","&nbrlb;"); $this->engine->simple_bbcode_tag("b"); $this->engine->simple_bbcode_tag("i"); $this->engine->simple_bbcode_tag("u"); $this->engine->simple_bbcode_tag("s"); $this->engine->simple_bbcode_tag("sub"); $this->engine->simple_bbcode_tag("sup"); $this->engine->simple_bbcode_tag("big"); $this->engine->simple_bbcode_tag("small"); $this->engine->adv_bbcode_tag("list","ul"); $this->engine->adv_bbcode_tag("olist","ol"); $this->engine->adv_bbcode_tag("item","li"); $this->engine->adv_option_tag("font","font","family"); $this->engine->adv_option_tag("size","font","size"); $this->engine->adv_option_tag("url","a","href"); $this->engine->adv_option_tag("color","font","color"); $this->engine->adv_option_tag("style","span","style"); $this->engine->simp_option_notext("img","src"); $this->engine->simp_bbcode_att("img","src"); $this->engine->cust_tag("/\(c\)/","©"); $this->engine->cust_tag("/\(tm\)/","™"); $this->engine->cust_tag("/\(r\)/","®"); $this->engine->adv_option_tag_em("email","a","href"); $this->engine->adv_bbcode_att_em("email","a","href"); $this->engine->cust_tag("/\[left\](.+?)\[\/left\]/","<div align='left'>\\1</div>"); $this->engine->cust_tag("/\[center\](.+?)\[\/center\]/","<div align='center'>\\1</div>"); $this->engine->cust_tag("/\[right\](.+?)\[\/right\]/","<div align='right'>\\1</div>"); $this->engine->cust_tag("/\<div class='bbcode_container'> <div class='bbcode_quote'> <div class='quote_container'> <div class='bbcode_quote_container'></div> <div class='bbcode_postedby'> <img src='digitalvb/morbid/misc/quote_icon.png' alt='Quote' /> Originally Posted by <strong>(.+?)\</strong> </div> <div class='message'>(.+?)\[\/quote\]/","<font color=red><b>Quoting \\1</b></font><blockquote>\\2</blockquote>"); $this->engine->cust_tag("/\[quote\](.+?)\[\/quote\]/","<font color=red><b>Quote:</b></font><table width=100%><tr><td><blockquote>\\1</blockquote><td></tr></table>"); $this->engine->cust_tag("/\[code\](.+?)\[\/code\]/","<div class='codetop'>CODE</div><div class='codemain'><code>\\1</code></div>"); $this->engine->cust_tag("/\[codebox\](.+?)\[\/codebox\]/","<div class='codetop'>CODE</div><div class='codemain' style='height:200px;white-space<img src='images/smilies/tongue.png' border='0' alt='' title='Stick Out Tongue' class='inlineimg' />re;overflow:auto'>\\1</div>"); $this->engine->cust_tag("/&nbrlb;/","\n"); } function bbcode_parse($html) { return $this->engine->parse_bbcode($html); } } function strip_html_tags($text) { return preg_replace("/<(.+?)>/is","", $text); } function forums_rank($tp) { if ( $tp < 3 ) { return "#12 Forum Newbie"; } else if ( $tp < 10 ) { return "#11 Active Member"; } else if ( $tp < 25 ) { return "#10 Beginning Poster"; } else if ( $tp < 50 ) { return "#9 Average Poster"; } else if ( $tp < 100 ) { return "#8 Good Poster"; } else if ( $tp < 250 ) { return "#7 Very Good Poster"; } else if ( $tp < 500 ) { return "#6 Experienced Poster"; } else if ( $tp< 750 ) { return "#5 Honored Poster"; } else if ( $tp < 1000 ) { return "#4 Posting Champion"; } else if ( $tp < 1500 ) { return "#3 Posting King"; } else if ( $tp < 2500 ) { return "#2 Posting God"; } else if ( $tp < 5000 ) { return "#1 Forum Guru"; } } $bbc = new bbcode; if($ir['forumban']) { echo "<font color=red><h3>! ERROR</h3> You have been forum banned for {$ir['forumban']} days. <b>Reason: {$ir['fb_reason']}</font></b>"; $h->endpage(); exit; } $_GET['viewforum']=(int) $_GET['viewforum']; if(is_numeric($_GET['viewtopic']) and $_GET['act'] != 'quote') { $_GET['act']='viewtopic'; } if($_GET['viewforum']) { $_GET['act']='viewforum'; } if($_GET['reply']) { $_GET['act']='reply'; } if($_GET['empty']==1 && $_GET['code']=='kill' && $_SESSION['owner']) { emptyallforums(); } switch($_GET['act']) { case 'viewforum': viewforum(); break; case 'viewtopic': viewtopic(); break; case 'reply': reply(); break; case 'newtopicform': newtopicform(); break; case 'newtopic': newtopic(); break; case 'quote': quote(); break; case 'edit': edit(); break; case 'move': move(); break; case 'editsub': editsub(); break; case 'lock': lock(); break; case 'delepost': delepost(); break; case 'deletopic': deletopic(); break; case 'pin': pin(); break; case 'recache': recache_forum($_GET['forum']); break; default: idx(); break; } function idx() { global $ir, $c, $userid; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_auth='public' ORDER BY ff_id ASC",$c) or die(mysql_error()); print " <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'> <tr bgcolor='#606060'><th width=40%>Forum</th> <th width=10%>Posts</th> <th width=10%>Topics</th> <th width=40%>Last Post</th> </tr>"; while($r=mysql_fetch_array($q)) { $t=date('F j Y, g:i:s a',$r['ff_lp_time']); $pstr=mysql_query("SELECT * FROM users WHERE userid={$r['ff_lp_poster_id']}",$c); $poster=mysql_fetch_array($pstr); $mycolor=""; if($poster['user_level'] == 2) { $mycolor="blue"; } if($poster['user_level'] == 1 && $poster['donatordays'] == 0) { $mycolor=""; } if($poster['user_level'] == 1 && $poster['donatordays'] > 0) { $mycolor="lightblue"; } if($poster['user_level'] == 4) { $mycolor="purple"; } if($poster['user_level'] == 3) { $mycolor="green"; } if($poster['user_level'] == 5) { $mycolor="orange"; } $posts=number_format($r['ff_posts']); print "<tr bgcolor='#404040'> <td align='center'><a href='forums.php?viewforum={$r['ff_id']}' style='font-weight: 800'>{$r['ff_name']}</a><small>{$r['ff_desc']}</small></td> <td align='center'>$posts</td> <td align='center'>{$r['ff_topics']}</td> <td align='center'>$t In: <a href='forums.php?viewtopic={$r['ff_lp_t_id']}&lastpost=1' style='font-weight: 800'>{$r['ff_lp_t_name']}</a> By: <a href='viewuser.php?u={$r['ff_lp_poster_id']}'><font color=$mycolor>{$r['ff_lp_poster_name']}</font></a> </td> </tr>"; } print "</table>"; if($ir['user_level'] == 5 || $ir['user_level'] == 2 || $ir['user_level'] == 3) { print "<hr /><a name='staff'><h3>Staff-Only Forums</h3></a><hr />"; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_auth='staff' ORDER BY ff_id ASC",$c) or die(mysql_error()); print " <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'> <tr bgcolor='#606060'><th>Forum</th> <th>Posts</th> <th>Topics</th> <th>Last Post</th> </tr>"; while($r=mysql_fetch_array($q)) { $t=date('F j Y, g:i:s a',$r['ff_lp_time']); $pstr=mysql_query("SELECT * FROM users WHERE userid={$r['ff_lp_poster_id']}",$c); $poster=mysql_fetch_array($pstr); $mycolor=""; if($poster['user_level'] == 2) { $mycolor="blue"; } if($poster['user_level'] == 1 && $poster['donatordays'] == 0) { $mycolor=""; } if($poster['user_level'] == 1 && $poster['donatordays'] > 0) { $mycolor="lightblue"; } if($poster['user_level'] == 4) { $mycolor="purple"; } if($poster['user_level'] == 3) { $mycolor="green"; } if($poster['user_level'] == 5) { $mycolor="orange"; } $posts=number_format($r['ff_posts']); print "<tr bgcolor='#404040'> <td align='center'><a href='forums.php?viewforum={$r['ff_id']}' style='font-weight: 800'>{$r['ff_name']}</a><small>{$r['ff_desc']}</small></td> <td align='center'>$posts</td> <td align='center'>{$r['ff_topics']}</td> <td align='center'>$t In: <a href='forums.php?viewtopic={$r['ff_lp_t_id']}&lastpost=1' style='font-weight: 800'>{$r['ff_lp_t_name']}</a> By: <a href='viewuser.php?u={$r['ff_lp_poster_id']}'><font color=$mycolor>{$r['ff_lp_poster_name']}</font></a> </td> </tr>"; } print "</table>"; } } function viewforum() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_GET['viewforum']}",$c); $r=mysql_fetch_array($q); if(($r['ff_auth']=='gang' AND $ir['gang'] != $r['ff_owner'] AND $ir["user_level"] < 2) OR ($r['ff_auth'] == 'staff' AND $ir['user_level'] == 1 || $r['ff_auth'] == 'staff' AND $ir['user_level'] == 4)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } if($_GET['viewforum'] <> 1 OR $ir['user_level']==2) { $ntl=" [<a href='forums.php?act=newtopicform&forum={$_GET['viewforum']}'>New Topic</a>]"; } else { $ntl=""; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$_GET['viewforum']}'>{$r['ff_name']}</a>$ntl</big> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'> <tr bgcolor='#606060'> <th width=40%>Topic</th> <th width=10%>Posts</th> <th width=25%>Started</th> <th width=25%>Last Post</th></tr>"; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_forum_id={$_GET['viewforum']} ORDER BY ft_pinned DESC, ft_last_time DESC",$c) or die(mysql_error()); while($r2=mysql_fetch_array($q)) { $pstr=mysql_query("SELECT * FROM users WHERE userid={$r2['ft_owner_id']}",$c); $poster=mysql_fetch_array($pstr); $mycolor=""; if($poster['user_level'] == 2) { $mycolor="blue"; } if($poster['user_level'] == 1 && $poster['donatordays'] == 0) { $mycolor=""; } if($poster['user_level'] == 1 && $poster['donatordays'] > 0) { $mycolor="lightblue"; } if($poster['user_level'] == 4) { $mycolor="purple"; } if($poster['user_level'] == 3) { $mycolor="green"; } if($poster['user_level'] == 5) { $mycolor="orange"; } $lst=mysql_query("SELECT * FROM users WHERE userid={$r2['ft_last_id']}",$c); $last=mysql_fetch_array($lst); $bycolor=""; if($last['user_level'] == 2) { $bycolor="blue"; } if($last['user_level'] == 1 && $last['donatordays'] == 0) { $bycolor=""; } if($last['user_level'] == 1 && $last['donatordays'] > 0) { $bycolor="lightblue"; } if($last['user_level'] == 4) { $bycolor="purple"; } if($last['user_level'] == 3) { $bycolor="green"; } if($last['user_level'] == 5) { $bycolor="orange"; } $t1=date('F j Y, g:i:s a',$r2['ft_start_time']); $t2=date('F j Y, g:i:s a',$r2['ft_last_time']); if($r2['ft_pinned']) { $pt="<b>Pinned:</b> "; } else { $pt=""; } if($r2['ft_locked']) { $lt=" <b>(Locked)</b>"; } else { $lt=""; } $posts=number_format($r2['ft_posts']); print "<tr bgcolor='#404040'> <td align='center'>$pt<a href='forums.php?viewtopic={$r2['ft_id']}&lastpost=1'>{$r2['ft_name']}</a>$lt <small>{$r2['ft_desc']}</small></td> <td align='center'>$posts</td> <td align='center'><font size=1>$t1 By: <a href='viewuser.php?u={$r2['ft_owner_id']}'><font color=$mycolor>{$r2['ft_owner_name']}</font></a></font></td> <td align='center'><font size=1>$t2 By: <a href='viewuser.php?u={$r2['ft_last_id']}'><font color=$bycolor>{$r2['ft_last_name']}</font></a></font></td> </tr>"; } print "</table>"; } function viewtopic() { global $ir, $c, $userid, $h, $bbc, $db; $precache=array(); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['viewtopic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner'] and $ir["user_level"] < 2) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> >> <a href='forums.php?viewtopic={$_GET['viewtopic']}'>{$topic['ft_name']}</a></big>"; $posts_per_page=20; $posts_topic=$topic['ft_posts']; $pages=ceil($posts_topic/$posts_per_page); $st= ($_GET['st']) ? $_GET['st'] : 0; if($_GET['lastpost']) { $st=($pages-1)*20; } $pst=-20; print "Pages: "; for($i=1;$i<=$pages;$i++) { $pst+=20; print "<a href='forums.php?viewtopic={$topic['ft_id']}&st=$pst'>"; if($pst == $st) { print "<b>"; } print $i; if($pst == $st) { print "</b>"; } print "</a> "; if($i % 25 == 0) { print ""; } } print ""; if($ir['user_level'] == 2 || $ir['user_level'] == 4) { print " <form action='forums.php?act=move&topic={$_GET['viewtopic']}' method='post'><b>Move topic to:</b> ".forum_dropdown($c, 'forum', -1)."<input type='submit' value='Move' /></form> <a href='forums.php?act=pin&topic={$_GET['viewtopic']}''><img src='sticky.jpg' alt='Pin/Unpin Topic' title='Pin/Unpin Topic' /></a> | <a href='forums.php?act=lock&topic={$_GET['viewtopic']}''><img src='lock.jpg' alt='Lock/Unlock Topic' title='Lock/Unlock Topic' /></a> | <a href='forums.php?act=deletopic&topic={$_GET['viewtopic']}''><img src='delete.gif' alt='Delete Topic' title='Delete Topic' /></a>"; } print " <table style='border-style:solid;border-width:1px;border-color:#303030;' width='100%' cellpadding='5'>"; $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_topic_id={$topic['ft_id']} ORDER BY fp_time ASC LIMIT $st, 20",$c); $no=$st; while($r=mysql_fetch_array($q3)) { $qlink="[<a href='forums.php?act=quote&viewtopic={$_GET['viewtopic']}&post={$r['fp_id']}'>Quote Post</a>]"; if($ir['user_level'] > 1 || $ir['userid']==$r['fp_poster_id']) { $elink="[<a href='forums.php?act=edit&post={$r['fp_id']}&topic={$_GET['viewtopic']}'>Edit Post</a>]"; } else { $elink=""; } $no++; if($ir['user_level'] != 1) { $slink="[<a href='forumsig.php?ID={$r['fp_poster_id']}&forum=sig'>Delete Sig</a>]"; } if($no > 1 && $ir['user_level'] != 1) { $dlink="[<a href='forums.php?act=delepost&post={$r['fp_id']}'>Delete Post</a>]"; } else { $dlink=""; } $t=date('F j Y, g:i:s a',$r['fp_time']); if($r['fp_edit_count'] > 0) { $edittext="\n<i>Last edited by <a href='viewuser.php?u={$r['fp_editor_id']}'>{$r['fp_editor_name']}</a> at ".date('F j Y, g:i:s a',$r['fp_editor_time']).", edited <b>{$r['fp_edit_count']}</b> times in total.</i>"; } else { $edittext=""; } if(!$precache[$r['fp_poster_id']]['userid']) { $membq=mysql_query("SELECT * FROM users WHERE userid={$r['fp_poster_id']}",$c); $memb=mysql_fetch_array($membq); $precache[$memb['userid']]=$memb; } else { $memb=$precache[$r['fp_poster_id']]; } $rank=forums_rank($memb['posts']); $msg="{$memb['forums_avatar']}"; $msg=strip_tags($msg); if($memb['forums_avatar']) { $av="<img src='$msg' width='100' height='100' />"; } else { $av="<img src='noav.gif' />"; } if(!$memb['forums_signature']) { $memb['forums_signature']="No Signature"; } else {$memb['forums_signature']=$bbc->bbcode_parse($memb['forums_signature']); } $r['fp_text']=$bbc->bbcode_parse($r['fp_text']); print "<tr bgcolor='#404040'> <th align='center' width=20%>Post #{$no}</th> <th align='center'>Subject: {$r['fp_subject']} $t $qlink$slink$elink$dlink</th> </tr> <tr bgcolor='#404040'>"; $mycolor=""; if($memb['user_level'] == 2) { $mycolor="blue"; } if($memb['user_level'] == 1 && $memb['donatordays'] == 0) { $mycolor="gray"; } if($memb['user_level'] == 1 && $memb['donatordays'] > 0) { $mycolor="lightblue"; } if($memb['user_level'] == 4) { $mycolor="purple"; } if($memb['user_level'] == 3) { $mycolor="green"; } if($memb['user_level'] == 5) { $mycolor="orange"; } print"<td valign=top><center><a href='viewuser.php?u={$r['fp_poster_id']}'><font color='$mycolor'>{$r['fp_poster_name']}</font></a> [{$r['fp_poster_id']}]Level: {$memb['level']}</br>Posts: {$memb['posts']}</br></br></br> $av </br></br> Rank:</br><font color=red>$rank</font></center></td> <td valign=top>{$r['fp_text']} {$edittext} ------------------- {$memb['forums_signature']}</td> </tr>"; } print "</table>"; $pst=-20; print "Pages: "; for($i=1;$i<=$pages;$i++) { $pst+=20; print "<a href='forums.php?viewtopic={$topic['ft_id']}&st=$pst'>"; if($pst == $st) { print "<b>"; } print $i; if($pst == $st) { print "</b>"; } print "</a> "; if($i % 25 == 0) { print ""; } } if(!$topic['ft_locked']) { print <<<EOF <b>Post a reply to this topic:</b> <form action='forums.php?reply={$topic['ft_id']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align='right' bgcolor='#606060'>Subject:</td> <td align='left' bgcolor='#404040'><input type='text' name='fp_subject' /></td> </tr> <tr> <td align='right' bgcolor='#606060'>Post:</td> <td align='left' bgcolor='#404040'><textarea rows='7' cols='40' name='fp_text'></textarea></td> </tr> <tr bgcolor='#404040'> <th colspan='2' bgcolor='#404040'><input type='submit' value='Post Reply'></th> </tr> </table> </form> EOF; } else { print " <i>This topic has been locked, you cannot reply to it.</i>"; } } function reply() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['reply']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to reply to this topic. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } if(!$topic['ft_locked']) { $u=$ir['username']; $u=mysql_escape($u); $info=str_replace(array("'","\n"),array("'",""),htmlentities($_GET['reply'])); $_GET['reply'] = mysql_real_escape_string($info); $_GET['reply'] = mysql_real_escape_string($_GET['reply']); $subject = mysql_real_escape_string($_POST['fp_subject']); $text = mysql_real_escape_string($_POST['fp_text']); mysql_query("INSERT INTO forum_posts VALUES('', {$_GET['reply']}, {$forum['ff_id']}, $userid, '$u', unix_timestamp(), '$subject', '$text', 0, '', 0, 0)",$c) or die(mysql_error()); mysql_query("UPDATE forum_topics SET ft_last_id=$userid, ft_last_name='$u', ft_last_time=unix_timestamp(), ft_posts=ft_posts+1 WHERE ft_id={$_GET['reply']}",$c); mysql_query("UPDATE forum_forums SET ff_lp_time=unix_timestamp(), ff_posts=ff_posts+1, ff_lp_poster_id=$userid, ff_lp_poster_name='$u', ff_lp_t_id={$_GET['reply']}, ff_lp_t_name='{$topic['ft_name']}' WHERE ff_id={$forum['ff_id']}",$c); if($forum['ff_id'] != 7 && $forum['ff_id'] != 8) { mysql_query("UPDATE users SET posts=posts+1 WHERE userid=$userid",$c); } print "<b>Your reply has been posted.Redirecting back to <a href='forums.php?viewtopic={$_GET['reply']}'>the topic</a>...</b><hr />"; $_GET['lastpost']=1; $_GET['viewtopic']=$_GET['reply']; echo <<< EOF <meta http-equiv="refresh" content="2;url=forums.php?viewtopic={$_GET['viewtopic']}" /> EOF; } else { print " <i>This topic has been locked, you cannot reply to it.</i> <a href='forums.php?viewtopic={$_GET['reply']}'>Back</a>"; } } function newtopicform() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_GET['forum']}",$c); $r=mysql_fetch_array($q); if(($r['ff_auth']=='gang' AND $ir['gang'] != $r['ff_owner']) OR ($r['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print <<<EOF <big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$_GET['forum']}'>{$r['ff_name']}</a> >> New Topic Form</big> <form action='forums.php?act=newtopic&forum={$_GET['forum']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align=right bgcolor='#606060'>Topic Name:</td> <td align=left bgcolor='#404040'><input type='text' name='ft_name' value='' /></td> </tr> <tr> <td align=right bgcolor='#606060'>Topic Description:</td> <td align=left bgcolor='#404040'><input type='text' name='ft_desc' value='' /></td> </tr> <tr> <td align=right bgcolor='#606060'>Topic Text:</td> <td align=left bgcolor='#404040'><textarea rows='8' cols='45' name='fp_text'></textarea></td> </tr> <tr bgcolor='#404040'> <th colspan=2 bgcolor='#404040'><input type='submit' value='Post Topic' /></th> </tr> </table> EOF; } function newtopic() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_GET['forum']}",$c); $r=mysql_fetch_array($q); if(($r['ff_auth']=='gang' AND $ir['gang'] != $r['ff_owner']) OR ($r['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } if($r['ff_id']==1 AND $ir['user_level'] != 2) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $u=$ir['username']; $u=mysql_escape($u); if(!$_POST['ft_name']) { print "You did not supply a topic name. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $info=str_replace(array("'","\n"),array("'",""),htmlentities($_GET['forum'])); $_GET['forum'] = mysql_real_escape_string($info); $name = mysql_real_escape_string($_POST['ft_name']); $desc = mysql_real_escape_string($_POST['ft_desc']); mysql_query("INSERT INTO forum_topics VALUES('', {$_GET['forum']}, '$name', '$desc', 0, $userid, '$u', unix_timestamp(), 0, '', 0, 0, 0)",$c); $i=mysql_insert_id(); $dercp = $_POST['fp_text']; $dercp = mysql_real_escape_string($dercp); mysql_query("INSERT INTO forum_posts VALUES('', '{$i}', '{$r['ff_id']}', '$userid', '$u', unix_timestamp(), '$desc', '$dercp', 0, '', 0, 0)",$c) or die(mysql_error()); mysql_query("UPDATE forum_topics SET ft_last_id=$userid, ft_last_name='$u', ft_last_time=unix_timestamp(), ft_posts=ft_posts+1 WHERE ft_id={$i}",$c); mysql_query("UPDATE forum_forums SET ff_lp_time=unix_timestamp(), ff_posts=ff_posts+1, ff_topics=ff_topics+1, ff_lp_poster_id=$userid, ff_lp_poster_name='$u', ff_lp_t_id={$i}, ff_lp_t_name='$name' WHERE ff_id={$r['ff_id']}",$c); if($r['ff_id'] != 7 && $r['ff_id'] != 8) { mysql_query("UPDATE users SET posts=posts+1 WHERE userid=$userid",$c); } print "<b>Topic Posted!</b><hr />"; $_GET['viewtopic']=$i; viewtopic(); } function emptyallforums() { global $ir, $c, $userid, $h, $bbc, $db; mysql_query("update forum_forums set ff_lp_time=0, ff_lp_poster_id=0, ff_lp_poster_name='N/A', ff_lp_t_id=0, ff_lp_t_name='N/A',ff_posts=0, ff_topics=0",$c); mysql_query("truncate forum_topics",$c); mysql_query("truncate forum_posts",$c); } function quote() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['viewtopic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to reply to this topic. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> >> <a href='forums.php?viewtopic={$_GET['viewtopic']}'>{$topic['ft_name']}</a> >> Quoting a Post</big>"; if(!$topic['ft_locked']) { print" <b>Post a reply to this topic:</b> <form action='forums.php?reply={$topic['ft_id']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align='right' bgcolor='#606060'>Subject:</td> <td align='left' bgcolor='#404040'><input type='text' name='fp_subject' /></td> </tr> <tr> <td align='right' bgcolor='#606060'>Post:</td> <td align='left' bgcolor='#404040'><textarea rows='7' cols='40' name='fp_text'>"; if(eregi('/quote',$post['fp_text'])) { $explode=explode('</div> </div> </div> </div>',$post['fp_text']); print"<div class='bbcode_container'> <div class='bbcode_quote'> <div class='quote_container'> <div class='bbcode_quote_container'></div> <div class='bbcode_postedby'> <img src='digitalvb/morbid/misc/quote_icon.png' alt='Quote' /> Originally Posted by <strong>{$post['fp_poster_name']}</strong> </div> <div class='message'>}]{$explode['1']}</div> </div> </div> </div>"; } else { print"<div class='bbcode_container'> <div class='bbcode_quote'> <div class='quote_container'> <div class='bbcode_quote_container'></div> <div class='bbcode_postedby'> <img src='digitalvb/morbid/misc/quote_icon.png' alt='Quote' /> Originally Posted by <strong>{$post['fp_poster_name']}</strong> </div> <div class='message'>}]{$post['fp_text']}</div> </div> </div> </div>"; } print"</textarea></td> </tr> <tr bgcolor='#404040'> <th colspan='2' bgcolor='#404040'><input type='submit' value='Post Reply'></th> </tr> </table> </form> "; } else { print " <i>This topic has been locked, you cannot reply to it.</i> <a href='forums.php?viewtopic={$_GET['viewtopic']}'>Back</a>"; } } function edit() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); if(!($ir['user_level'] > 1 || $ir['userid']==$post['fp_poster_id'])) { print "You have no permission to edit this post. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } print "<big><a href='forums.php'>Forums Home</a> >> <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> >> <a href='forums.php?viewtopic={$_GET['topic']}'>{$topic['ft_name']}</a> >> Editing a Post</big>"; print <<<EOF <form action='forums.php?act=editsub&topic={$topic['ft_id']}&post={$_GET['post']}' method='post'> <table style='border-style:solid;border-width:1px;border-color:#303030;' width='80%' cellpadding='5'> <tr> <td align='right' bgcolor='#606060'>Subject:</td> <td align='left' bgcolor='#404040'><input type='text' name='fp_subject' value='{$post['fp_subject']}' /></td> </tr> <tr> <td align='right' bgcolor='#606060'>Post:</td> <td align='left' bgcolor='#404040'><textarea rows='7' cols='40' name='fp_text'>{$post['fp_text']} </textarea></td> </tr> <tr bgcolor='#404040'> <th colspan='2' bgcolor='#404040'><input type='submit' value='Edit Post'></th> </tr> </table> </form> EOF; } function editsub() { global $ir, $c, $userid, $h, $bbc, $db; $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}",$c); $forum=mysql_fetch_array($q2); if(($forum['ff_auth']=='gang' AND $ir['gang'] != $forum['ff_owner']) OR ($forum['ff_auth'] == 'staff' AND $ir['user_level'] < 2)) { print "You have no permission to view this forum. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); if(!($ir['user_level'] > 1 || $ir['userid']==$post['fp_poster_id'])) { print "You have no permission to edit this post. > <a href='forums.php'>Back</a>"; $h->endpage(); exit; } $subject = mysql_real_escape_string($_POST['fp_subject']); $text = mysql_real_escape_string($_POST['fp_text']); mysql_query("UPDATE forum_posts SET fp_subject='$subject', fp_text='$text', fp_editor_id=$userid, fp_editor_name='{$ir['username']}', fp_editor_time=unix_timestamp(), fp_edit_count=fp_edit_count+1 WHERE fp_id={$_GET['post']}",$c); print "<b>Post Edited!</b><hr />"; $_GET['viewtopic']=$_GET['topic']; viewtopic(); } function recache_forum($forum) { global $ir, $c, $userid, $h, $bbc, $db; print "Recaching forum ID $forum ... "; $q=mysql_query("SELECT p.*,t.* FROM forum_posts p LEFT JOIN forum_topics t ON p.fp_topic_id=t.ft_id WHERE p.fp_forum_id=$forum ORDER BY p.fp_time DESC LIMIT 1",$c); if(!mysql_num_rows($q)) { mysql_query("update forum_forums set ff_lp_time=0, ff_lp_poster_id=0, ff_lp_poster_name='N/A', ff_lp_t_id=0, ff_lp_t_name='N/A',ff_posts=0, ff_topics=0 where ff_id={$forum}",$c); print " ... Done"; } else { $r=mysql_fetch_array($q); $tn=mysql_escape($r['ft_name']); $pn=mysql_escape($r['fp_poster_name']); $posts=mysql_num_rows(mysql_query("SELECT fp_id FROM forum_posts WHERE fp_forum_id=$forum",$c)); $topics=mysql_num_rows(mysql_query("SELECT ft_id FROM forum_topics WHERE ft_forum_id=$forum",$c)); mysql_query("update forum_forums set ff_lp_time={$r['fp_time']}, ff_lp_poster_id={$r['fp_poster_id']}, ff_lp_poster_name='$pn', ff_lp_t_id={$r['ft_id']}, ff_lp_t_name='$tn',ff_posts=$posts, ff_topics=$topics where ff_id={$forum}",$c); print " ... Done"; } } function recache_topic($forum) { global $ir, $c, $userid, $h, $bbc; print "Recaching topic ID $forum ... "; $q=mysql_query("SELECT p.* FROM forum_posts p WHERE p.fp_topic_id=$forum ORDER BY p.fp_time DESC LIMIT 1",$c); if(!mysql_num_rows($q)) { mysql_query("update forum_topics set ft_last_id=0, ft_last_time=0, ft_last_name='N/A',ft_posts=0 where ft_id={$forum}",$c); print " ... Done"; } else { $r=mysql_fetch_array($q); $pn=mysql_escape($r['fp_poster_name']); $posts=mysql_num_rows(mysql_query("SELECT fp_id FROM forum_posts WHERE fp_topic_id=$forum",$c)); mysql_query("update forum_topics set ft_last_id={$r['fp_poster_id']}, ft_last_time={$r['fp_time']}, ft_last_name='$pn',ft_posts=$posts where ft_id={$forum}",$c); print " ... Done"; } } function move() { global $ir, $c, $userid, $h, $bbc; if($ir['user_level'] == 1) { $h->endpage(); exit; } $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); $q2=mysql_query("SELECT * FROM forum_forums WHERE ff_id={$_POST['forum']}",$c); $forum=mysql_fetch_array($q2); mysql_query("UPDATE forum_topics SET ft_forum_id={$_POST['forum']} WHERE ft_id={$_GET['topic']}",$c); mysql_query("UPDATE forum_posts SET fp_forum_id={$_POST['forum']} WHERE fp_topic_id={$_GET['topic']}",$c); print "Topic moved..."; echo "Moved Topic {$topic['ft_name']} to {$forum['ff_name']}"; recache_forum($topic['ft_forum_id']); recache_forum($_POST['forum']); $h->endpage(); exit; } function lock() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } mysql_query("UPDATE forum_topics SET ft_locked=-ft_locked+1 WHERE ft_id={$_GET['topic']}",$c); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $r=mysql_fetch_array($q); print "<b>{$r['ft_name']}</b>'s lock status changed, if it was unlocked, it will now be locked, otherwise, it will be unlocked."; if($r['ft_locked']==0) { echo "Unlocked Topic {$r['ft_name']}"; $h->endpage(); exit; } else { echo "Locked Topic {$r['ft_name']}"; $h->endpage(); exit; } } function pin() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } mysql_query("UPDATE forum_topics SET ft_pinned=-ft_pinned+1 WHERE ft_id={$_GET['topic']}"); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $r=mysql_fetch_array($q); print "<b>{$r['ft_name']}</b>'s pin status changed, if it was unpinned, it will now be pinned, otherwise, it will be unpinned."; if($r['ft_pinned']==0) { echo "Unpinned Topic {$r['ft_name']}"; $h->endpage(); exit; } else { echo "Pinned Topic {$r['ft_name']}"; $h->endpage(); exit; } } function delepost() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } $q3=mysql_query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}",$c); $post=mysql_fetch_array($q3); $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$post['fp_topic_id']}",$c); $topic=mysql_fetch_array($q); $u=mysql_escape($post['fp_poster_name']); mysql_query("DELETE FROM forum_posts WHERE fp_id={$post['fp_id']}",$c); print "Post deleted..."; recache_topic($post['fp_topic_id']); recache_forum($post['fp_forum_id']); echo "Deleted post ({$post['fp_subject']}) in {$topic['ft_name']}<A href=http://www.infamousnation.x10.mx/forums.php?viewtopic={$post['fp_topic_id']}>>Back</a>"; $h->endpage(); exit; } function deletopic() { global $ir, $c, $userid, $h, $bbc, $db; if($ir['user_level'] == 1) { $h->endpage(); exit; } $q=mysql_query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); $topic=mysql_fetch_array($q); mysql_query("DELETE FROM forum_topics WHERE ft_id={$_GET['topic']}",$c); mysql_query("DELETE FROM forum_posts WHERE fp_topic_id={$_GET['topic']}",$c); print "Deleting topic... Done"; recache_forum($topic['ft_forum_id']); echo "Deleted topic {$topic['ft_name']}<A href=forums.php>>Back</a>"; $h->endpage(); exit; } $h->endpage(); ?> Quote Link to comment Share on other sites More sharing options...
Cronus Posted August 1, 2012 Share Posted August 1, 2012 The reason is because you are using my secured forums, and you still have include_once(int1.php); it is very unlikely you use that file in your game, so remove that line. Quote Link to comment Share on other sites More sharing options...
Seker Posted August 2, 2012 Share Posted August 2, 2012 Awesomely bug free, Cronus. Just saying. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.