Jump to content
MakeWebGames

Mccodes default forums (help)


PHPStudent

Recommended Posts

I can't view threads, instead I get this

A critical error has occurred, and page execution has stopped. Below are the details:
PHP Warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead (2)

Action taken: Line executed: C:\xampp\htdocs\bbcode_engine.php:181

 

bbcode_engine.php file line 180 - 183

            $text =
                    preg_replace($this->parsings[$i], $this->htmls[$i], $text);
            $i++;
        }

 

Edited by PHPStudent
Link to comment
Share on other sites

Going to need your whole file to fix the issue, but I am sure someone had the updated file for you. That line of code not supported in php7 anymore. I think I read a php7 conversion somewhere

Edited by Sim
Link to comment
Share on other sites

18 hours ago, Sim said:

Going to need your whole file to fix the issue, but I am sure someone had the updated file for you. That line of code not supported in php7 anymore. I think I read a php7 conversion somewhere

Strictly speaking, that line of code is fine. Whatever is being passed into the `parsings` array is the issue

Link to comment
Share on other sites

  • 4 weeks later...

Few lines above and below:

    function cust_tag($bbcode = "", $html = "")
    {

        if ($bbcode == "" || $html == "")
        {
            return false;
        }
        $this->parsings[] = $bbcode;
        $this->htmls[] = $html;
    }

    function parse_bbcode($text)
    {

        $i = 0;
        while (isset($this->parsings[$i]))
        {

            $text =
                    preg_replace($this->parsings[$i], $this->htmls[$i], $text);
            $i++;
        }
        return $text;
    }

    function export_parsings()
    {
        return $this->parsings;
    }

    function export_htmls()
    {
        return $this->htmls;
    }
}

 

Link to comment
Share on other sites

7 hours ago, PHPStudent said:

Few lines above and below:

function cust_tag($bbcode = "", $html = "") { if ($bbcode == "" || $html == "") { return false; } $this->parsings[] = $bbcode; $this->htmls[] = $html; } function parse_bbcode($text) { $i = 0; while (isset($this->parsings[$i])) { $text = preg_replace($this->parsings[$i], $this->htmls[$i], $text); $i++; } return $text; } function export_parsings() { return $this->parsings; } function export_htmls() { return $this->htmls; } }


    function cust_tag($bbcode = "", $html = "")
    {

        if ($bbcode == "" || $html == "")
        {
            return false;
        }
        $this->parsings[] = $bbcode;
        $this->htmls[] = $html;
    }

    function parse_bbcode($text)
    {

        $i = 0;
        while (isset($this->parsings[$i]))
        {

            $text =
                    preg_replace($this->parsings[$i], $this->htmls[$i], $text);
            $i++;
        }
        return $text;
    }

    function export_parsings()
    {
        return $this->parsings;
    }

    function export_htmls()
    {
        return $this->htmls;
    }
}

 

That's the "replace BBC with HTML" part. As-is, that part is fine.
Something is adding the eval flag to the parse.

Suggestion: Check the content you're attempting to convert - you may have someone attempting to do something they shouldn't

Link to comment
Share on other sites

8 minutes ago, Magictallguy said:

Suggestion: Check the content you're attempting to convert - you may have someone attempting to do something they shouldn't

Hm, how do you mean MTG? I'm currently working on localhost, if youre saying that someone is trying to something malicious with the code..

 

Link to comment
Share on other sites

Here is my Forum, I don't use it as i think they can be insecure (like this one probs) and hassle to staff. But it works.
 

forums.php

<?php

$forums = 1;

class bbcode
{
    public $engine = '';

    public function __construct()
    {
        require 'bbcode_engine.php';
        $this->engine = new bbcode_engine;
        $this->engine->cust_tag('/</', '&lt;');
        $this->engine->cust_tag('/>/', '&gt;');
//Since \n and <br> screw up preg, convert them out.
        $this->engine->cust_tag("/\n/", '&nbrlb;');
        $this->engine->simple_bbcode_tag('b');
        $this->engine->simple_bbcode_tag('i');
        $this->engine->simple_bbcode_tag('u');
        $this->engine->simple_bbcode_tag('s');
        $this->engine->simple_bbcode_tag('sub');
        $this->engine->simple_bbcode_tag('sup');
        $this->engine->simple_bbcode_tag('big');
        $this->engine->simple_bbcode_tag('small');
        $this->engine->adv_bbcode_tag('list', 'ul');
        $this->engine->adv_bbcode_tag('olist', 'ol');
        $this->engine->adv_bbcode_tag('item', 'li');
        $this->engine->adv_option_tag('font', 'font', 'family');
        $this->engine->adv_option_tag('size', 'font', 'size');
        $this->engine->adv_option_tag('url', 'a', 'href');
        $this->engine->adv_option_tag('color', 'font', 'color');
        $this->engine->adv_option_tag('style', 'span', 'style');
        $this->engine->simp_option_notext('img', 'src');
        $this->engine->simp_bbcode_att('img', 'src');
        $this->engine->cust_tag("/\(c\)/", '&copy;');
        $this->engine->cust_tag("/\(tm\)/", '&#153;');
        $this->engine->cust_tag("/\(r\)/", '&reg;');
        $this->engine->adv_option_tag_em('email', 'a', 'href');
        $this->engine->adv_bbcode_att_em('email', 'a', 'href');
        $this->engine->cust_tag("/\[left\](.+?)\[\/left\]/", "<div align='left'>\\1</div>");
        $this->engine->cust_tag("/\[center\](.+?)\[\/center\]/", "<div align='center'>\\1</div>");
        $this->engine->cust_tag("/\[right\](.+?)\[\/right\]/", "<div align='right'>\\1</div>");
        $this->engine->cust_tag("/\[quote=(.+?)\](.+?)\[\/quote\]/",
            "<div class='quotetop'>QUOTE(\\1)</div><div class='quotemain'>\\2</div>");
        $this->engine->cust_tag("/\[quote\](.+?)\[\/quote\]/",
            "<div class='quotetop'>QUOTE</div><div class='quotemain'>\\1</div>");
        $this->engine->cust_tag("/\[code\](.+?)\[\/code\]/",
            "<div class='codetop'>CODE</div><div class='codemain'><code>\\1</code></div>");
        $this->engine->cust_tag("/\[codebox\](.+?)\[\/codebox\]/",
            "<div class='codetop'>CODE</div><div class='codemain' style='height:200px;white-space:pre;overflow:auto'>\\1</div>");
        $this->engine->cust_tag('/&nbrlb;/', "<br />\n");
    }

    public function bbcode_parse($html)
    {
        return $this->engine->parse_bbcode($html);
    }
}

function strip_html_tags($text)
{
    return preg_replace('/<(.+?)>/s', '', $text);
}

function forums_rank($tp)
{
    if ($tp < 3) {
        return '#1 Absolute Newbie';
    }
    if ($tp < 7) {
        return '#2 Newbie';
    }
    if ($tp < 12) {
        return '#3 Beginner';
    }
    if ($tp < 18) {
        return '#4 Not Experienced';
    }
    if ($tp < 25) {
        return '#5 Rookie';
    }
    if ($tp < 50) {
        return '#6 Average';
    }
    if ($tp < 100) {
        return '#7 Good';
    }
    if ($tp < 200) {
        return '#8 Very Good';
    }
    if ($tp < 350) {
        return '#9 Greater Than Average';
    }
    if ($tp < 500) {
        return '#10 Experienced';
    }
    if ($tp < 750) {
        return '#11 Highly Experienced';
    }
    if ($tp < 1200) {
        return '#12 Honoured';
    }
    if ($tp < 1800) {
        return '#13 Highly Hounoured';
    }
    if ($tp < 2500) {
        return '#14 Respect King';
    }
    if ($tp < 5000) {
        return '#15 True Champion';
    }
    return 'Unknown';
}

require 'globals.php';

$bbc = new bbcode;
print '<h3>Forums</h3><hr />';
if ($ir['forumban']) {
    echo "<font color=red><h3>! ERROR</h3>
You have been forum banned for {$ir['forumban']} days.<br />
<br />
<b>Reason: {$ir['fb_reason']}</font></b>";
    $h->endpage();
    exit;
}
if (!isset($_GET['viewforum']))
{
    $_GET['viewforum'] = '';
}
if (!isset($_GET['reply']))
{
    $_GET['reply'] = '';
}
if (!isset($_GET['viewtopic']))
{
    $_GET['viewtopic'] = '';
}
$_GET['viewforum'] = (int)$_GET['viewforum'];
if ($_GET['viewtopic'] && $_GET['act'] !== 'quote') {
    $_GET['act'] = 'viewtopic';
}
if ($_GET['viewforum']) {
    $_GET['act'] = 'viewforum';
}
if ($_GET['reply']) {
    $_GET['act'] = 'reply';
}
if (!isset($_GET['act']))
{
    $_GET['act'] = '';
}
switch ($_GET['act']) {
    case 'viewforum':
        viewforum();
        break;
    case 'viewtopic':
        viewtopic();
        break;
    case 'reply':
        reply();
        break;
    case 'newtopicform':
        newtopicform();
        break;
    case 'newtopic':
        newtopic();
        break;
    case 'quote':
        quote();
        break;
    case 'edit':
        edit();
        break;
    case 'move':
        move();
        break;
    case 'editsub':
        editsub();
        break;
    case 'lock':
        lock();
        break;
    case 'delepost':
        delepost();
        break;
    case 'deletopic':
        deletopic();
        break;
    case 'pin':
        pin();
        break;
    case 'recache':
        recache_forum($_GET['forum']);
        break;
    default:
        idx();
        break;
}
function idx()
{
    global $ir, $db;
    $q = $db->query("SELECT * FROM forum_forums WHERE ff_auth='public' ORDER BY ff_id ");
    print "<table class='table' width='100%' border='0' cellspacing='1'>
<tr><th>Forum</th> <th>Posts</th> <th>Topics</th> <th>Last Post</th> </tr>\n";
    while ($r = $db->fetch_row($q)) {
        $t = date('F j Y, g:i:s a', $r['ff_lp_time']);
        print "<tr> <td align='center'><a href='forums.php?viewforum={$r['ff_id']}' style='font-weight: 800'>{$r['ff_name']}</a><br /><small>{$r['ff_desc']}</small></td> <td align='center'>{$r['ff_posts']}</td> <td align='center'>{$r['ff_topics']}</td> <td align='center'>$t<br />
In: <a href='forums.php?viewtopic={$r['ff_lp_t_id']}&lastpost=1' style='font-weight: 800'>{$r['ff_lp_t_name']}</a><br />
By: <a href='viewuser.php?u={$r['ff_lp_poster_id']}'>{$r['ff_lp_poster_name']}</a> </td> </tr>\n";
    }
    print "\n</table>";
    if ($ir['user_level'] !== 1) {
        print "<hr /><a id='staff'><h3>Staff-Only Forums</h3></a><hr />";
        $q = $db->query("SELECT * FROM forum_forums WHERE ff_auth='staff' ORDER BY ff_id ");
        print "<table cellspacing='1' class='table' width='100%' border='0'>
<tr><th>Forum</th> <th>Posts</th> <th>Topics</th> <th>Last Post</th> </tr>\n";
        while ($r = $db->fetch_row($q)) {
            $t = date('F j Y, g:i:s a', $r['ff_lp_time']);
            print "<tr> <td align='center'><a href='forums.php?viewforum={$r['ff_id']}' style='font-weight: 800'>{$r['ff_name']}</a><br /><small>{$r['ff_desc']}</small></td> <td align='center'>{$r['ff_posts']}</td> <td align='center'>{$r['ff_topics']}</td> <td align='center'>$t<br />
In: <a href='forums.php?viewtopic={$r['ff_lp_t_id']}&lastpost=1' style='font-weight: 800'>{$r['ff_lp_t_name']}</a><br />
By: <a href='viewuser.php?u={$r['ff_lp_poster_id']}'>{$r['ff_lp_poster_name']}</a> </td> </tr>\n";
        }
        print "\n</table>";
    }
}

function viewforum()
{
    global $ir, $c, $userid, $h, $bbc, $db;
    $q = $db->query("SELECT * FROM forum_forums WHERE ff_id={$_GET['viewforum']}");
    $r = $db->fetch_row($q);
    if (($r['ff_auth'] === 'gang' && $ir['gang'] !== $r['ff_owner'] && $ir['user_level'] < 2) || ($r['ff_auth'] === 'staff' && $ir['user_level'] < 2)) {
        print "You have no permission to view this forum.<br />
&gt; <a href='forums.php'>Back</a>";
        $h->endpage();
        exit;
    }
    if ($_GET['viewforum'] != 1 || $ir['user_level'] == 2) {
        $ntl = "&nbsp;[<a href='forums.php?act=newtopicform&forum={$_GET['viewforum']}'>New Topic</a>]";
    } else {
        $ntl = '';
    }
    print "<big><a href='forums.php'>Forums Home</a> &gt;&gt; <a href='forums.php?viewforum={$_GET['viewforum']}'>{$r['ff_name']}</a>$ntl</big><br />";
    print "<br />
<table cellspacing='1' class='table' width='100%' border='0'>
<tr> <th>Topic</th> <th>Posts</th> <th>Started</th> <th>Last Post</th></tr>\n";
    $q = $db->query("SELECT * FROM forum_topics WHERE ft_forum_id={$_GET['viewforum']} ORDER BY ft_pinned DESC, ft_last_time DESC");
    while ($r2 = $db->fetch_row($q)) {
        $t1 = date('F j Y, g:i:s a', $r2['ft_start_time']);
        $t2 = date('F j Y, g:i:s a', $r2['ft_last_time']);
        if ($r2['ft_pinned']) {
            $pt = '<b>Pinned:</b>&nbsp;';
        } else {
            $pt = '';
        }
        if ($r2['ft_locked']) {
            $lt = '&nbsp;<b>(Locked)</b>';
        } else {
            $lt = '';
        }
        print "<tr> <td align='center'>$pt<a href='forums.php?viewtopic={$r2['ft_id']}&lastpost=1'>{$r2['ft_name']}</a>$lt<br />
<small>{$r2['ft_desc']}</small></td> <td align='center'>{$r2['ft_posts']}</td> <td align='center'>$t1<br />
By: <a href='viewuser.php?u={$r2['ft_owner_id']}'>{$r2['ft_owner_name']}</a></td> <td align='center'>$t2<br />
By: <a href='viewuser.php?u={$r2['ft_last_id']}'>{$r2['ft_last_name']}</a></td> </tr>\n";
    }
    print '</table>';
}

function viewtopic()
{
    global $ir, $c, $userid, $h, $bbc, $db;
    $precache = [];
    $q = $db->query("SELECT * FROM forum_topics WHERE ft_id={$_GET['viewtopic']}");
    $topic = $db->fetch_row($q);
    $q2 = $db->query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}");
    $forum = $db->fetch_row($q2);
    if (($forum['ff_auth'] === 'gang' && $ir['gang'] !== $forum['ff_owner'] && $ir['user_level'] < 2) || ($forum['ff_auth'] === 'staff' && $ir['user_level'] < 2)) {
        print "You have no permission to view this forum.<br />
&gt; <a href='forums.php'>Back</a>";
        $h->endpage();
        exit;
    }
    print "<big><a href='forums.php'>Forums Home</a> &gt;&gt; <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> &gt;&gt; <a href='forums.php?viewtopic={$_GET['viewtopic']}'>{$topic['ft_name']}</a></big><br /><br />";

    $posts_per_page = 20;
    $posts_topic = $topic['ft_posts'];
    $pages = ceil($posts_topic / $posts_per_page);
    $st = ($_GET['st']) ?: 0;
    if ($_GET['lastpost']) {
        $st = ($pages - 1) * 20;
    }
    $pst = -20;
    print 'Pages: ';
    for ($i = 1; $i <= $pages; $i++) {
        $pst += 20;
        print "<a href='forums.php?viewtopic={$topic['ft_id']}&st=$pst'>";
        if ($pst === $st) {
            print '<b>';
        }
        print $i;
        if ($pst === $st) {
            print '</b>';
        }
        print '</a>&nbsp;';
        if ($i % 25 === 0) {
            print '<br />';
        }
    }
    print '<br />';
    if ($ir['user_level'] > 1) {
        print "
<form action='forums.php?act=move&amp;topic={$_GET['viewtopic']}' method='post'><b>Move topic to:</b> " . forum_dropdown('forum', -1) . "<input type='submit' value='Move' /></form><br />
<a href='forums.php?act=pin&topic={$_GET['viewtopic']}''><img src='sticky.jpg' alt='Pin/Unpin Topic' title='Pin/Unpin Topic' /></a><a href='forums.php?act=lock&topic={$_GET['viewtopic']}''><img src='lock.jpg' alt='Lock/Unlock Topic' title='Lock/Unlock Topic' /></a><a href='forums.php?act=deletopic&topic={$_GET['viewtopic']}''><img src='delete.gif' alt='Delete Topic' title='Delete Topic' /></a><br />";
    }
    print "
<table cellspacing='1' class='table' width='100%' border='0'>\n";
    $q3 = $db->query("SELECT * FROM forum_posts WHERE fp_topic_id={$topic['ft_id']} ORDER BY fp_time LIMIT $st, 20");
    $no = $st;
    while ($r = $db->fetch_row($q3)) {
        $qlink = "[<a href='forums.php?act=quote&viewtopic={$_GET['viewtopic']}&quotename=" . strip_html_tags($r['fp_poster_name']) . '&quotetext=' . urlencode($r['fp_text']) . "'>Quote Post</a>]";
        if ($ir['user_level'] > 1 || $ir['userid'] === $r['fp_poster_id']) {
            $elink = "[<a href='forums.php?act=edit&post={$r['fp_id']}&topic={$_GET['viewtopic']}'>Edit Post</a>]";
        } else {
            $elink = '';
        }
        $no++;
        if ($no > 1 && $ir['user_level'] > 1) {
            $dlink = "[<a href='forums.php?act=delepost&post={$r['fp_id']}'>Delete Post</a>]";
        } else {
            $dlink = '';
        }
        $t = date('F j Y, g:i:s a', $r['fp_time']);
        if ($r['fp_edit_count'] > 0) {
            $edittext = "\n<br /><i>Last edited by <a href='viewuser.php?u={$r['fp_editor_id']}'>{$r['fp_editor_name']}</a> at " . date('F j Y, g:i:s a',
                    $r['fp_editor_time']) . ", edited <b>{$r['fp_edit_count']}</b> times in total.</i>";
        } else {
            $edittext = '';
        }
        if (!$precache[$r['fp_poster_id']]['userid']) {
            $membq = $db->query("SELECT * FROM users WHERE userid={$r['fp_poster_id']}");
            $memb = $db->fetch_row($membq);
            $precache[$memb['userid']] = $memb;
        } else {
            $memb = $precache[$r['fp_poster_id']];
        }
        if ($memb['display_pic']) {
            $av = "<img src='{$memb['display_pic']}' width='100' height='100' />";
        } else {
            $av = "<img src='images/avatar.gif' width='100' height='100' />";
        }
        if (!$memb['forums_signature']) {
            $memb['forums_signature'] = 'No Signature';
        } else {
            $memb['forums_signature'] = $bbc->bbcode_parse($memb['forums_signature']);
        }
        $r['fp_text'] = $bbc->bbcode_parse($r['fp_text']);
        print "<tr>
<th align='center'>Post #{$no}</th> <th align='center'>Subject: {$r['fp_subject']}<br />
Posted at: $t $qlink$elink$dlink</th>
</tr>
<tr>
<td valign=top><a href='viewuser.php?u={$r['fp_poster_id']}'>{$r['fp_poster_name']}</a> [{$r['fp_poster_id']}]<br />
$av<br />
Level: {$memb['level']}</td>
<td valign=top>{$r['fp_text']}
{$edittext}<br />
-------------------<br />
{$memb['forums_signature']}</td>
</tr>";
    }
    print '</table>';
    $pst = -20;
    print 'Pages: ';
    for ($i = 1; $i <= $pages; $i++) {
        $pst += 20;
        print "<a href='forums.php?viewtopic={$topic['ft_id']}&st=$pst'>";
        if ($pst === $st) {
            print '<b>';
        }
        print $i;
        if ($pst === $st) {
            print '</b>';
        }
        print '</a>&nbsp;';
        if ($i % 25 === 0) {
            print '<br />';
        }
    }
    if (!$topic['ft_locked']) {
        print <<<EOF
<br /><br />
<b>Post a reply to this topic:</b><br />
<form action='forums.php?reply={$topic['ft_id']}' method='post'>
<table cellspacing='1' class='table' width='80%' border='0'>
<tr>
<td align='right'>Subject:</td>
<td align='left'><input type='text' name='fp_subject' /></td>
</tr>
<tr>
<td align='right'>Post:</td>
<td align='left'><textarea rows='7' cols='40' name='fp_text'></textarea></td>
</tr>
<tr>
<th colspan='2'><input type='submit' value='Post Reply'></th>
</tr>
</table>
</form>
EOF;
    } else {
        print '<br /><br />
<i>This topic has been locked, you cannot reply to it.</i>';
    }
}

function reply()
{
    global $ir, $userid, $h, $db;
    $q = $db->query("SELECT * FROM forum_topics WHERE ft_id={$_GET['reply']}");
    $topic = $db->fetch_row($q);
    $q2 = $db->query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}");
    $forum = $db->fetch_row($q2);
    if (($forum['ff_auth'] === 'gang' && $ir['gang'] !== $forum['ff_owner']) || ($forum['ff_auth'] === 'staff' && $ir['user_level'] < 2)) {
        print "You have no permission to reply to this topic.<br />
&gt; <a href='forums.php'>Back</a>";
        $h->endpage();
        exit;
    }
    if (!$topic['ft_locked']) {
        $u = $ir['username'];
        if ($ir['ul_color']) {
            $uname = "<font color='{$ir['ul_color']}'>";
            if ($ir['ul_isbold']) {
                $uname .= '<b>';
            }
            $uname .= $ir['username'];
            if ($ir['ul_isbold']) {
                $uname .= '</b>';
            }
            $uname .= '</font>';
            $u = $uname;
        } elseif ($ir['donatordays']) {
            $u = "<font color=red>{$ir['username']}</font>";
        }
        $u = $db->escape($u);
        $db->query("INSERT INTO forum_posts VALUES('', {$_GET['reply']}, {$forum['ff_id']}, $userid, '$u', unix_timestamp(), '{$_POST['fp_subject']}', '{$_POST['fp_text']}', 0, '', 0, 0)");
        $db->query("UPDATE forum_topics SET ft_last_id=$userid, ft_last_name='$u', ft_last_time=unix_timestamp(), ft_posts=ft_posts+1 WHERE ft_id={$_GET['reply']}");
        $db->query("UPDATE forum_forums SET ff_lp_time=unix_timestamp(), ff_posts=ff_posts+1, ff_lp_poster_id=$userid, ff_lp_poster_name='$u', ff_lp_t_id={$_GET['reply']}, ff_lp_t_name='{$topic['ft_name']}' WHERE ff_id={$forum['ff_id']}");
        $db->query("UPDATE users SET posts=posts+1 WHERE userid=$userid");
        print '<b>Reply Posted!</b><hr /><br />';
        $_GET['lastpost'] = 1;
        $_GET['viewtopic'] = $_GET['reply'];
        viewtopic();
    } else {
        print "
<i>This topic has been locked, you cannot reply to it.</i><br />
<a href='forums.php?viewtopic={$_GET['reply']}'>Back</a>";
    }
}

function newtopicform()
{
    global $ir, $h, $db;
    $q = $db->query("SELECT * FROM forum_forums WHERE ff_id={$_GET['forum']}");
    $r = $db->fetch_row($q);
    if (($r['ff_auth'] === 'gang' && $ir['gang'] !== $r['ff_owner']) || ($r['ff_auth'] === 'staff' && $ir['user_level'] < 2)) {
        print "You have no permission to view this forum.<br />
&gt; <a href='forums.php'>Back</a>";
        $h->endpage();
        exit;
    }
    print <<<EOF
<big><a href='forums.php'>Forums Home</a> &gt;&gt; <a href='forums.php?viewforum={$_GET['forum']}'>{$r['ff_name']}</a> &gt;&gt; New Topic Form</big>
<form action='forums.php?act=newtopic&forum={$_GET['forum']}' method='post'>
<table cellspacing='1' class='table' width='80%' border='0'>
<tr>
<td align=right>Topic Name:</td>
<td align=left><input type='text' name='ft_name' value='' /></td>
</tr>
<tr>
<td align=right>Topic Description:</td>
<td align=left><input type='text' name='ft_desc' value='' /></td>
</tr>
<tr>
<td align=right>Topic Text:</td>
<td align=left><textarea rows='8' cols='45' name='fp_text'></textarea></td>
</tr>
<tr>
<th colspan=2><input type='submit' value='Post Topic' /></th>
</tr>
</table>
EOF;
}

function newtopic()
{
    global $ir, $userid, $h, $db;
    $q = $db->query("SELECT * FROM forum_forums WHERE ff_id={$_GET['forum']}");
    $r = $db->fetch_row($q);
    if (($r['ff_auth'] === 'gang' && $ir['gang'] !== $r['ff_owner']) || ($r['ff_auth'] === 'staff' && $ir['user_level'] < 2)) {
        print "You have no permission to view this forum.<br />
&gt; <a href='forums.php'>Back</a>";
        $h->endpage();
        exit;
    }
    $u = $ir['username'];
    if ($ir['ul_color']) {
        $uname = "<font color='{$ir['ul_color']}'>";
        if ($ir['ul_isbold']) {
            $uname .= '<b>';
        }
        $uname .= $ir['username'];
        if ($ir['ul_isbold']) {
            $uname .= '</b>';
        }
        $uname .= '</font>';
        $u = $uname;
    } elseif ($ir['donatordays']) {
        $u = "<font color=red>{$ir['username']}</font>";
    }
    $u = $db->escape($u);
    $db->query("INSERT INTO forum_topics VALUES('', {$_GET['forum']}, '{$_POST['ft_name']}', '{$_POST['ft_desc']}', 0, $userid, '$u', unix_timestamp(), 0, '', 0, 0, 0)");
    $i = $db->insert_id();
    $db->query("INSERT INTO forum_posts VALUES('', {$i}, {$r['ff_id']}, $userid, '$u', unix_timestamp(), '{$_POST['ft_desc']}', '{$_POST['fp_text']}', 0, '', 0, 0)");
    $db->query("UPDATE forum_topics SET ft_last_id=$userid, ft_last_name='$u', ft_last_time=unix_timestamp(), ft_posts=ft_posts+1 WHERE ft_id={$i}");
    $db->query("UPDATE forum_forums SET ff_lp_time=unix_timestamp(), ff_posts=ff_posts+1, ff_topics=ff_topics+1, ff_lp_poster_id=$userid, ff_lp_poster_name='$u', ff_lp_t_id={$i}, ff_lp_t_name='{$_POST['ft_name']}' WHERE ff_id={$r['ff_id']}");
    $db->query("UPDATE users SET posts=posts+1 WHERE userid=$userid");
    print '<b>Topic Posted!</b><hr /><br />';
    $_GET['viewtopic'] = $i;
    viewtopic();
}

function emptyallforums()
{
    global $db;
    $db->query("UPDATE forum_forums SET ff_lp_time=0, ff_lp_poster_id=0, ff_lp_poster_name='N/A', ff_lp_t_id=0, ff_lp_t_name='N/A',ff_posts=0, ff_topics=0 WHERE ff_id > 0");
    $db->query('TRUNCATE forum_topics');
    $db->query('TRUNCATE forum_posts');
}

function quote()
{
    global $ir, $h, $db;
    $q = $db->query("SELECT * FROM forum_topics WHERE ft_id={$_GET['viewtopic']}");
    $topic = $db->fetch_row($q);
    $q2 = $db->query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}");
    $forum = $db->fetch_row($q2);
    if (($forum['ff_auth'] === 'gang' && $ir['gang'] !== $forum['ff_owner']) || ($forum['ff_auth'] === 'staff' && $ir['user_level'] < 2)) {
        print "You have no permission to reply to this topic.<br />
&gt; <a href='forums.php'>Back</a>";
        $h->endpage();
        exit;
    }
    print "<big><a href='forums.php'>Forums Home</a> &gt;&gt; <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> &gt;&gt; <a href='forums.php?viewtopic={$_GET['viewtopic']}'>{$topic['ft_name']}</a> &gt;&gt; Quoting a Post</big><br /><br />";
    if (!$topic['ft_locked']) {
        print <<<EOF
<br /><br />
<b>Post a reply to this topic:</b><br />
<form action='forums.php?reply={$topic['ft_id']}' method='post'>
<table cellspacing='1' class='table' width='80%' border='0'>
<tr>
<td align='right'>Subject:</td>
<td align='left'><input type='text' name='fp_subject' /></td>
</tr>
<tr>
<td align='right'>Post:</td>
<td align='left'><textarea rows='7' cols='40' name='fp_text'>[quote={$_GET['quotename']}]{$_GET['quotetext']}[/quote]
</textarea></td>
</tr>
<tr>
<th colspan='2'><input type='submit' value='Post Reply'></th>
</tr>
</table>
</form>
EOF;
    } else {
        print "
<i>This topic has been locked, you cannot reply to it.</i><br />
<a href='forums.php?viewtopic={$_GET['viewtopic']}'>Back</a>";
    }
}

function edit()
{
    global $ir, $h, $db;
    $q = $db->query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}");
    $topic = $db->fetch_row($q);
    $q2 = $db->query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}");
    $forum = $db->fetch_row($q2);
    if (($forum['ff_auth'] === 'gang' && $ir['gang'] !== $forum['ff_owner']) || ($forum['ff_auth'] === 'staff' && $ir['user_level'] < 2)) {
        print "You have no permission to view this forum.<br />
&gt; <a href='forums.php'>Back</a>";
        $h->endpage();
        exit;
    }
    $q3 = $db->query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}");
    $post = $db->fetch_row($q3);
    if (!($ir['user_level'] > 1 || $ir['userid'] === $post['fp_poster_id'])) {
        print "You have no permission to edit this post.<br />
&gt; <a href='forums.php'>Back</a>";
        $h->endpage();
        exit;
    }
    print "<big><a href='forums.php'>Forums Home</a> &gt;&gt; <a href='forums.php?viewforum={$forum['ff_id']}'>{$forum['ff_name']}</a> &gt;&gt; <a href='forums.php?viewtopic={$_GET['topic']}'>{$topic['ft_name']}</a> &gt;&gt; Editing a Post</big><br /><br />";
    print <<<EOF
<form action='forums.php?act=editsub&topic={$topic['ft_id']}&post={$_GET['post']}' method='post'>
<table cellspacing='1' class='table' width='80%' border='0'>
<tr>
<td align='right'>Subject:</td>
<td align='left'><input type='text' name='fp_subject' value='{$post['fp_subject']}' /></td>
</tr>
<tr>
<td align='right'>Post:</td>
<td align='left'><textarea rows='7' cols='40' name='fp_text'>{$post['fp_text']}
</textarea></td>
</tr>
<tr>
<th colspan='2'><input type='submit' value='Edit Post'></th>
</tr>
</table>
</form>
EOF;
}

function editsub()
{
    global $ir, $userid, $h, $db;
    $q = $db->query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}");
    $topic = $db->fetch_row($q);
    $q2 = $db->query("SELECT * FROM forum_forums WHERE ff_id={$topic['ft_forum_id']}");
    $forum = $db->fetch_row($q2);
    if (($forum['ff_auth'] === 'gang' && $ir['gang'] !== $forum['ff_owner']) || ($forum['ff_auth'] === 'staff' && $ir['user_level'] < 2)) {
        print "You have no permission to view this forum.<br />
&gt; <a href='forums.php'>Back</a>";
        $h->endpage();
        exit;
    }
    $q3 = $db->query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}");
    $post = $db->fetch_row($q3);
    if (!($ir['user_level'] > 1 || $ir['userid'] === $post['fp_poster_id'])) {
        print "You have no permission to edit this post.<br />
&gt; <a href='forums.php'>Back</a>";
        $h->endpage();
        exit;
    }
    $db->query("UPDATE forum_posts SET fp_subject='{$_POST['fp_subject']}', fp_text='{$_POST['fp_text']}', fp_editor_id=$userid, fp_editor_name='{$ir['username']}', fp_editor_time=unix_timestamp(), fp_edit_count=fp_edit_count+1 WHERE fp_id={$_GET['post']}");
    print '<b>Post Edited!</b><hr /><br />';
    $_GET['viewtopic'] = $_GET['topic'];
    viewtopic();
}

function recache_forum($forum)
{
    global $db;
    print "Recaching forum ID $forum ... ";
    $q = $db->query("SELECT p.*,t.* FROM forum_posts p LEFT JOIN forum_topics t ON p.fp_topic_id=t.ft_id WHERE p.fp_forum_id=$forum ORDER BY p.fp_time DESC LIMIT 1");
    if (!$db->num_rows($q)) {
        $db->query("update forum_forums set ff_lp_time=0, ff_lp_poster_id=0, ff_lp_poster_name='N/A', ff_lp_t_id=0, ff_lp_t_name='N/A',ff_posts=0, ff_topics=0 where ff_id={$forum}");
        print ' ... Done';
    } else {
        $r = $db->fetch_row($q);
        $tn = $db->escape($r['ft_name']);
        $pn = $db->escape($r['fp_poster_name']);
        $posts = $db->num_rows($db->query("SELECT fp_id FROM forum_posts WHERE fp_forum_id=$forum"));
        $topics = $db->num_rows($db->query("SELECT ft_id FROM forum_topics WHERE ft_forum_id=$forum"));
        $db->query("update forum_forums set ff_lp_time={$r['fp_time']}, ff_lp_poster_id={$r['fp_poster_id']}, ff_lp_poster_name='$pn', ff_lp_t_id={$r['ft_id']}, ff_lp_t_name='$tn',ff_posts=$posts, ff_topics=$topics where ff_id={$forum}");
        print ' ... Done<br />';
    }
}

function recache_topic($forum)
{
    global $db;
    print "Recaching topic ID $forum ... ";
    $q = $db->query("SELECT p.* FROM forum_posts p  WHERE p.fp_topic_id=$forum ORDER BY p.fp_time DESC LIMIT 1");
    if (!$db->num_rows($q)) {
        $db->query("update forum_topics set ft_last_id=0, ft_last_time=0, ft_last_name='N/A',ft_posts=0 where ft_id={$forum}");
        print ' ... Done';
    } else {
        $r = $db->fetch_row($q);
        $pn = $db->escape($r['fp_poster_name']);
        $posts = $db->num_rows($db->query("SELECT fp_id FROM forum_posts WHERE fp_topic_id=$forum"));
        $db->query("update forum_topics set ft_last_id={$r['fp_poster_id']}, ft_last_time={$r['fp_time']}, ft_last_name='$pn',ft_posts=$posts where ft_id={$forum}");
        print ' ... Done<br />';
    }
}

function move()
{
    global $ir, $db;
    if ($ir['user_level'] < 2) {
        die('');
    }
    $q = $db->query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}");
    $topic = $db->fetch_row($q);
    $q2 = $db->query("SELECT * FROM forum_forums WHERE ff_id={$_POST['forum']}");
    $forum = $db->fetch_row($q2);
    $db->query("UPDATE forum_topics SET ft_forum_id={$_POST['forum']} WHERE ft_id={$_GET['topic']}");
    $db->query("UPDATE forum_posts SET fp_forum_id={$_POST['forum']} WHERE fp_topic_id={$_GET['topic']}");
    print 'Topic moved...<br />';
    stafflog_add("Moved Topic {$topic['ft_name']} to {$forum['ff_name']}");
    recache_forum($topic['ft_forum_id']);
    recache_forum($_POST['forum']);
}

function lock()
{
    global $ir, $db;
    if ($ir['user_level'] < 2) {
        die('');
    }
    $db->query("UPDATE forum_topics SET ft_locked=-ft_locked+1 WHERE ft_id={$_GET['topic']}");
    $q = $db->query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}");
    $r = $db->fetch_row($q);
    print "<b>{$r['ft_name']}</b>'s lock status changed, if it was unlocked, it will now be locked, otherwise, it will be unlocked.";
    if ((int)$r['ft_locked'] === 0) {
        stafflog_add("Unlocked Topic {$r['ft_name']}");
    } else {
        stafflog_add("Locked Topic {$r['ft_name']}");
    }
}

function pin()
{
    global $ir, $db;
    if ($ir['user_level'] < 2) {
        die('');
    }
    $db->query("UPDATE forum_topics SET ft_pinned=-ft_pinned+1 WHERE ft_id={$_GET['topic']}");
    $q = $db->query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}");
    $r = $db->fetch_row($q);
    print "<b>{$r['ft_name']}</b>'s pin status changed, if it was unpinned, it will now be pinned, otherwise, it will be unpinned.";
    if ((int)$r['ft_pinned'] === 0) {
        stafflog_add("Unpinned Topic {$r['ft_name']}");
    } else {
        stafflog_add("Pinned Topic {$r['ft_name']}");
    }
}

function delepost()
{
    global $ir, $db;
    if ($ir['user_level'] < 2) {
        die('');
    }
    $q3 = $db->query("SELECT * FROM forum_posts WHERE fp_id={$_GET['post']}");
    $post = $db->fetch_row($q3);
    $q = $db->query("SELECT * FROM forum_topics WHERE ft_id={$post['fp_topic_id']}");
    $topic = $db->fetch_row($q);
    $db->query("DELETE FROM forum_posts WHERE fp_id={$post['fp_id']}");
    print 'Post deleted...<br />';
    recache_topic($post['fp_topic_id']);
    recache_forum($post['fp_forum_id']);
    stafflog_add("Deleted post ({$post['fp_subject']}) in {$topic['ft_name']}");
}

function deletopic()
{
    global $db;
    $q = $db->query("SELECT * FROM forum_topics WHERE ft_id={$_GET['topic']}");
    $topic = $db->fetch_row($q);
    $db->query("DELETE FROM forum_topics WHERE ft_id={$_GET['topic']}");
    $db->query("DELETE FROM forum_posts WHERE fp_topic_id={$_GET['topic']}");
    print 'Deleting topic... Done<br />';
    recache_forum($topic['ft_forum_id']);
    stafflog_add("Deleted topic {$topic['ft_name']}");
}

$h->endpage();

and the bbcode_engine.php

<?php

/*
|------------------------------------------------|
|  BBcode Parsing                                |
| Core engine for MSNForums 1.0                  |
| Copyright 2005 Stewart Marshall                |
|------------------------------------------------|
*/

class bbcode_engine
{
    public $parsings = [];
    public $htmls = [];

    public function simple_bbcode_tag($tag = '')
    {

        if (!$tag) {
            return;
        }
        $this->parsings[] = "/\[" . $tag . "\](.+?)\[\/" . $tag . "\]/";
        $this->htmls[] = '<' . $tag . ">\\1</" . $tag . '>';
    }

    public function adv_bbcode_tag($tag = '', $reptag = '')
    {

        if (!$tag) {
            return;
        }

        $this->parsings[] = "/\[" . $tag . "\](.+?)\[\/" . $tag . "\]/";
        $this->htmls[] = '<' . $reptag . ">\\1</" . $reptag . '>';
    }

    public function simple_option_tag($tag = '', $optionval = '')
    {

        if ($tag === '' || $optionval === '') {
            return;
        }
        $this->parsings[] = "/\[" . $tag . "=(.+?)\](.+?)\[\/" . $tag . "\]/";
        $this->htmls[] = '<' . $tag . ' ' . $optionval . "='\\1'>\\2</" . $tag . '>';
    }

    public function adv_option_tag($tag = '', $reptag = '', $optionval = '')
    {

        if ($tag === '' || $optionval === '' || $reptag === '') {
            return;
        }
        $this->parsings[] = "/\[" . $tag . "=(.+?)\](.+?)\[\/" . $tag . "\]/";
        $this->htmls[] = '<' . $reptag . ' ' . $optionval . "='\\1'>\\2</" . $reptag . '>';
    }

    public function adv_option_tag_em($tag = '', $reptag = '', $optionval = '')
    {

        if ($tag === '' || $optionval === '' || $reptag === '') {
            return;
        }
        $this->parsings[] = "/\[" . $tag . "=(.+?)\](.+?)\[\/" . $tag . "\]/";
        $this->htmls[] = '<' . $reptag . ' ' . $optionval . "='mailto:\\1'>\\2</" . $reptag . '>';
    }

    public function simp_option_notext($tag = '', $optionval = '')
    {

        if ($tag === '' || $optionval === '') {
            return;
        }
        $this->parsings[] = "/\[" . $tag . "=(.+?)\]/";
        $this->htmls[] = '<' . $tag . ' ' . $optionval . "='\\1' />";
    }

    public function adv_option_notext($tag = '', $reptag = '', $optionval = '')
    {

        if ($tag === '' || $optionval === '' || $reptag === '') {
            return;
        }
        $this->parsings[] = "/\[" . $tag . "=(.+?)\]/";
        $this->htmls[] = '<' . $reptag . ' ' . $optionval . "='\\1' />";
    }

    public function adv_option_notext_em($tag = '', $reptag = '', $optionval = '')
    {

        if ($tag === '' || $optionval === '' || $reptag === '') {
            return;
        }
        $this->parsings[] = "/\[" . $tag . "=(.+?)\]/";
        $this->htmls[] = '<' . $reptag . ' ' . $optionval . "='mailto:\\1' >\\1</" . $reptag . '>';
    }

    public function simp_bbcode_att($tag = '', $optionval = '')
    {

        if ($tag === '' || $optionval === '') {
            return;
        }
        $this->parsings[] = "/\[" . $tag . "\](.+?)\[\/" . $tag . "\]/";
        $this->htmls[] = '<' . $tag . ' ' . $optionval . "='\\1' />";
    }

    public function adv_bbcode_att($tag = '', $reptag = '', $optionval = '')
    {

        if ($tag === '' || $optionval === '' || $reptag === '') {
            return;
        }
        $this->parsings[] = "/\[" . $tag . "\](.+?)\[\/" . $tag . "\]/";
        $this->htmls[] = '<' . $reptag . ' ' . $optionval . "='\\1' />";
    }

    public function adv_bbcode_att_em($tag = '', $reptag = '', $optionval = '')
    {

        if ($tag === '' || $optionval === '' || $reptag === '') {
            return;
        }
        $this->parsings[] = "/\[" . $tag . "\](.+?)\[\/" . $tag . "\]/";
        $this->htmls[] = '<' . $reptag . ' ' . $optionval . "='mailto:\\1'>\\1</" . $reptag . '>';
    }


    public function cust_tag($bbcode = '', $html = '')
    {

        if ($bbcode === '' || $html === '') {
            return;
        }
        $this->parsings[] = $bbcode;
        $this->htmls[] = $html;
    }

    public function parse_bbcode($text)
    {

        $i = 0;
        while ($this->parsings[$i]) {

            $text = preg_replace($this->parsings[$i], $this->htmls[$i], $text);
            $i++;
        }
        return $text;
    }
}

 

Edited by peterisgb
Fixed create new thread option
  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...