".constant($tmpdata[1]); else $tmp.=""; $oldcat=$tmpdata[2]; } if ($tmpdata[0]==$value) $flist.=""; return $flist; } function build_level_select() { $sql = "SELECT * FROM ".$GLOBALS['DBprefix']."UserLevel ORDER BY l_level"; return build_select($sql,$udata['u__level']); } function build_userlevel_select($level=0) { $sql = "SELECT * FROM ".$GLOBALS['DBprefix']."UserLevel WHERE l_level!=0 AND l_level<1024"; return build_select($sql,$level); } function error($errmsg) { if (!$GLOBALS['admin']) load_style("message.php"); $tmp_link1 = "".MSG_go_back.""; $tmp_link2 = "".MSG_go_mainpage.""; output_message(MSG_e.$errmsg,$tmp_link1,$tmp_link2,""); exit(); } function message($textmsg,$golink=0) { if ($_POST['refpage']) $tmp_link1 = $_POST['refpage']; elseif ($GLOBALS['refpage']) $tmp_link1 = $GLOBALS['refpage']; elseif ($_SERVER['HTTP_REFERER']) $tmp_link1 =$_SERVER['HTTP_REFERER']; else $tmp_link1 = "".MSG_go_back.""; $tmp_link2 = "".MSG_go_mainpage.""; if ($golink) $newlink=$tmp_link1; output_message($textmsg,"".MSG_go_back."",$tmp_link2,"",$newlink); } function topic_message($textmsg,$golink=0) { $tmp_message = $textmsg; $tmp_link1 = "".MSG_go_topic.""; $tmp_link2 = "".MSG_go_forum.""; $tmp_link3 = "".MSG_go_mainpage.""; if ($golink) $newlink="index.php?f=".$GLOBALS['forum']."&t=".$GLOBALS['topic']; output_message($tmp_message,$tmp_link1,$tmp_link2,$tmp_link3,$newlink); } function month_replace($date) { $date=str_replace("January",MSG_January,$date); $date=str_replace("February",MSG_February,$date); $date=str_replace("March",MSG_March,$date); $date=str_replace("April",MSG_April,$date); $date=str_replace("May",MSG_May,$date); $date=str_replace("June",MSG_June,$date); $date=str_replace("July",MSG_July,$date); $date=str_replace("August",MSG_August,$date); $date=str_replace("September",MSG_September,$date); $date=str_replace("October",MSG_October,$date); $date=str_replace("November",MSG_November,$date); $date=str_replace("December",MSG_December,$date); $date=str_replace("Jan",MSG_Jan,$date); $date=str_replace("Feb",MSG_Feb,$date); $date=str_replace("Mar",MSG_Mar,$date); $date=str_replace("Apr",MSG_Apr,$date); $date=str_replace("May",MSG_May,$date); $date=str_replace("Jun",MSG_Jun,$date); $date=str_replace("Jul",MSG_Jul,$date); $date=str_replace("Aug",MSG_Aug,$date); $date=str_replace("Sep",MSG_Sep,$date); $date=str_replace("Oct",MSG_Oct,$date); $date=str_replace("Nov",MSG_Nov,$date); $date=str_replace("Dec",MSG_Dec,$date); return $date; } function long_date_out($date) { $date=$date+$GLOBALS['inuser']['u_timeregion']-$GLOBALS['opt_timeregion']; if ($date<0) $date=0; if ($date) $date=date($GLOBALS['inuser']['u_lformat'],$date); else $date=MSG_none; return month_replace($date); } function short_date_out($date) { $date=$date+$GLOBALS['inuser']['u_timeregion']-$GLOBALS['opt_timeregion']; if ($date<0) $date=0; if ($date) $date=date($GLOBALS['inuser']['u_sformat'],$date); else $date=MSG_none; return month_replace($date); } function addlinks(&$text) { $text = " ".$text." "; $text = str_replace("<"," <",$text); $text = str_replace(">","> ",$text); $text = preg_replace("/\n/","",$text); $text = preg_replace("/\r/","",$text); $text = preg_replace("/ ([^:\t \n\[]+?\@[^\t \n\[]+?) /is"," $1 ",$text); $text = preg_replace("/ (http:\/\/\S+?) /is"," $1 ",$text); $text = preg_replace("/ (www\.\S+?) /is"," $1 ",$text); $text = preg_replace("/ ([\w-\.]+?\.ru) /is"," $1 ",$text); $text = preg_replace("/ ([\w-\.]+?\.com) /is"," $1 ",$text); $text = preg_replace("/ ([\w-\.]+?\.net) /is"," $1 ",$text); $text = preg_replace("/ ([\w-\.]+?\.org) /is"," $1 ",$text); $text = str_replace(" <","<",$text); $text = str_replace("> ",">",$text); } function check_hidden($posts,$text) { if (!$GLOBALS['inuserposts'] && $GLOBALS['inuserid']>3) { $link=$GLOBALS['link']; $sql = "SELECT COUNT(*) FROM ".$GLOBALS['DBprefix']."Post WHERE p_uid=".$GLOBALS['inuserid']." AND p__premoderate=0"; $res = db_query($sql,$link); list($count)=db_fetch_row($res); db_free_result($res); $GLOBALS['inuserposts']=$count; } if ($posts<=$GLOBALS['inuserposts']) return $text; else return "
".MSG_p_posthide." ".format_word($posts,MSG_p1,MSG_p2,MSG_p3).".
"; } function check_level($level,$text) { if ($level<=$GLOBALS['inuserlevel']) return $text; else return "
".MSG_p_levelhide.".
"; } function check_url($url) { $url=strtolower($url); $res=1; if (strpos($url,"script:")!==false) $res=0; if (strpos($url,"/admin")!==false) $res=0; return $res; } function check_img($imgtext) { preg_match("/src=[\"']?(\S+?)[\"']?[\s>]/is",$imgtext,$matches); if (check_url($matches[1])) return $imgtext; else { $GLOBALS['hackattempt']++; return "
HACK ATTEMPT: ".$matches[1]."
"; } } function check_link($linktext) { preg_match("/href=[\"']?(\S+?)[\"']?[\s>]/is",$linktext,$matches); if (check_url($matches[1])) return $linktext; else { $GLOBALS['hackattempt']++; return "
HACK ATTEMPT: ".$matches[1]."
"; } } function boardcode(&$text) { if (strpos($text,"[")!==false) { $text = str_replace("[hr]","
",$text); $text = str_replace("[br]","
",$text); $text = preg_replace("/\[quote\](.*?)\[\/quote\]/is","
$1
",$text); $text = preg_replace("/\[q\](.*?)\[\/q\]/is","
$1
",$text); $text = preg_replace("/\[quote=(.+?)\](.*?)\[\/quote\]/is","$1 ".MSG_written.":
$2
",$text);//.short_date_out($2)." $text = preg_replace("/\[q=(.+?)\](.*?)\[\/q\]/is","$1 ".MSG_written.":
$2
",$text); $text = preg_replace("/\[q(\d+)\](.*?)\[\/q$1\]/is","
$2
",$text); $text = preg_replace("/\[url\](http:\/\/\S+?)\[\/url\]/is","$1",$text); $text = preg_replace("/\[url\](\S+?)\[\/url\]/is","$1",$text); $text = preg_replace("/\[url=(http:\/\/.+?)\](.+?)\[\/url\]/is","$2",$text); $text = preg_replace("/\[url=(.+?)\](.+?)\[\/url\]/is","$2",$text); $text = preg_replace("/\[email\](\S+?\@\S+?)\[\/email\]/is","$1",$text); $text = preg_replace("/\[email=(\S+?\@\S+?)\](.+?)\[\/email\]/is","$2",$text); $text = str_replace("[b]","",$text); $text = str_replace("[/b]","",$text); $text = str_replace("[i]","",$text); $text = str_replace("[/i]","",$text); $text = str_replace("[u]","",$text); $text = str_replace("[/u]","",$text); $text = str_replace("[s]","",$text); $text = str_replace("[/s]","",$text); $text = preg_replace("/\[font=([^<>]+?)\]/is","",$text); $text = preg_replace("/\[color=([^<>]+?)\]/is","",$text); $text = preg_replace("/\[size=([^<>]+?)\]/is","",$text); $text = str_replace("[/font]","",$text); $text = str_replace("[/color]","",$text); $text = str_replace("[/size]","",$text); $text = str_replace("[list]","",$text); $text = preg_replace("/\[img\](\S+?)\[\/img\]/is","",$text); $text = preg_replace("/\[img=(\S+?)\]/is","",$text); $text = preg_replace("/\[table\](.*?)\[\/table\]/is","$1
",$text); $text = preg_replace("/\[tr\](.*?)\[\/tr\]/is","$1",$text); $text = preg_replace("/\[td\](.*?)\[\/td\]/is","$1",$text); $text = preg_replace("/\[td colspan=(\d+)\](.*?)\[\/td\]/is","$2",$text); $text = preg_replace("/\[code\](.*?)\[\/code\]/is","
$1

",$text); $text = preg_replace("/\[off\](.*?)\[\/off\]/is","
".MSG_offtopic.": $1
",$text); $text = preg_replace("/\[center\](.*?)\[\/center\]/is","
$1
",$text); $text = preg_replace("/\[right\](.*)\[\/right\]/is","
$1
",$text); $text = preg_replace("/\[translit\](.*)\[\/translit\]/esi","untransliterate(\"$1\")",$text); $text = preg_replace("/()/ise","check_img(\"$1\")",$text); $text = preg_replace("/(.*<\/a>)/ise","check_link(\"$1\")",$text); $text = preg_replace("/\[hide=(\d+?)\](.*?)\[\/hide\]/esi","check_hidden($1,\"$2\")",$text); $text = preg_replace("/\[level=(\d+?)\](.*?)\[\/level\]/esi","check_level($1,\"$2\")",$text); } $text = str_replace("(c)","©",$text); $text = str_replace("(C)","©",$text); $text = str_replace("(r)","®",$text); $text = str_replace("(R)","®",$text); $text = str_replace("(tm)","™",$text); $text = str_replace("(TM)","™",$text); } function sign_code(&$text) { if (strpos($text,"[")!==false) { $text = preg_replace("/\[br\]/","
",$text); $text = str_replace("[b]","",$text); $text = str_replace("[/b]","",$text); $text = str_replace("[i]","",$text); $text = str_replace("[/i]","",$text); $text = str_replace("[u]","",$text); $text = str_replace("[/u]","",$text); $text = str_replace("[s]","",$text); $text = str_replace("[/s]","",$text); $text = preg_replace("/\[font=([^<>]+?)\]/is","",$text); $text = preg_replace("/\[color=([^<>]+?)\]/is","",$text); $text = preg_replace("/\[size=([^<>]+?)\]/is","",$text); $text = str_replace("[/font]","",$text); $text = str_replace("[/color]","",$text); $text = str_replace("[/size]","",$text); $text = preg_replace("/\[url\](http:\/\/\S+?)\[\/url\]/is","
$1",$text); $text = preg_replace("/\[url\](\S+?)\[\/url\]/is","$1",$text); $text = preg_replace("/\[url=(http:\/\/\S+?)\](.+?)\[\/url\]/is","$2",$text); $text = preg_replace("/\[url=(\S+?)\](.+?)\[\/url\]/is","$2",$text); $text = preg_replace("/\[email\](\S+?\@\S+?)\[\/email\]/is","$1",$text); $text = preg_replace("/\[email=(\S+?\@\S+?)\](.+?)\[\/email\]/is","$2",$text); } $text = str_replace("(c)","©",$text); $text = str_replace("(C)","©",$text); $text = str_replace("(r)","®",$text); $text = str_replace("(R)","®",$text); $text = str_replace("(tm)","™",$text); $text = str_replace("(TM)","™",$text); if ($GLOBALS['opt_sigpics']) { $text = preg_replace("/\[img\](\S+?)\[\/img\]/is","",$text); $text = preg_replace("/\[img=(\S+?)\]/is","",$text); if ($text = preg_replace("//is","HACK ATTEMPT: $1",$text)) $GLOBALS['hackattempts']++; if ($text = preg_replace("/(.*?)<\/a>/is","HACK ATTEMPT: $1 $2",$text)) $GLOBALS['hackattempt']++; if ($text = preg_replace("//is","HACK ATTEMPT: $1",$text)) $GLOBALS['hackattempts']++; if ($text = preg_replace("/(.*?)<\/a>/is","HACK ATTEMPT: $1 $2",$text)) $GLOBALS['hackattempt']++; } return $text; } function textout($text,$html,$bcode,$smiles) { if ($html) $text=nl2br($text); else $text=nl2br(htmlspecialchars($text)); $text=str_replace(""","\"",$text); addlinks($text); if ($smiles) smiles($text); if ($bcode) boardcode($text); $text=stripslashes($text); if ($hlight=getvar('hl')) { $hlight=preg_replace("/\W+/","",$hlight); $hls=explode(" ",$hlight); foreach ($hls as $curhl) { $text=str_replace(" ".$curhl." "," $curhl ",$text); } } return $text; } function build_avatar_select() { $dir=opendir($GLOBALS['opt_dir']."/avatars"); while ($curfile=readdir($dir)) if (!is_dir($GLOBALS['opt_dir']."avatars/".$curfile)) $avatarselect.="Email"; } elseif ($showtype==2) { $curpos=0; $email="Email"; $buffer=""; } elseif ($showtype==3) { $buffer="Email"; } return $buffer; } function show_email_f($email,$showtype,$uid) { if ($showtype==1) { echo "$email"; } elseif ($showtype==2) { $curpos=0; $email="$email"; echo ""; } elseif ($showtype==3) { echo "\"E-mail\""; } } function push_parents(&$locations,$fid) { if ($fid!=0) { $link=$GLOBALS['link']; $sql = "SELECT f_title,f_parent FROM ".$GLOBALS['DBprefix']."Forum WHERE f_id=$fid"; $res = db_query($sql,$link); $fname = db_fetch_row($res); push_parents($locations,$fname[1]); array_push($locations,"".$fname[0].""); } } function user_out($uname,$uid) { if ($uid==1 || !$uid) $output = $uname; else $output = "$uname"; return $output; } function load_mail($filename) { if (!file_exists($GLOBALS['opt_dir']."/langs/".$GLOBALS['inuser']['ln_file']."/$filename")) error(MSG_e_nomail); $size = filesize($GLOBALS['opt_dir']."/langs/".$GLOBALS['inuser']['ln_file']."/$filename"); $fh = fopen($GLOBALS['opt_dir']."/langs/".$GLOBALS['inuser']['ln_file']."/$filename","r"); $buffer = fread($fh,$size); fclose($fh); return $buffer; } function process_mail($filename,$email,$subject) { $buffer=load_mail($filename); replace_mail($buffer,$email,$subject); } function replace_mail($buffer,$email,$subject) { if (ereg("^[a-zA-Z0-9_.\-]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$", $email)) { preg_match_all("/\\$(\\w+)/m",$buffer,$matches); foreach ($matches[1] as $curmatch) { $buffer = str_replace("\$".$curmatch,$GLOBALS[$curmatch],$buffer); } if ($GLOBALS['opt_noname_mail']==0 && $GLOBALS['username']) $email=$GLOBALS['username']." <".$email.">"; $buffer=stripslashes($buffer); mail($email,$subject,$buffer,"From: ".$GLOBALS['opt_mailout']."\r\nX-Mailer: Intellect Board 2.0 Forum Script\r\nContent-Type: text/plain; charset=".$GLOBALS['inuser']['ln_charset']); } } function show_avatar(&$udata) { if ($GLOBALS['opt_avatarx']) $size=" width=".$GLOBALS['opt_avatarx']; if ($GLOBALS['opt_avatary']) $size.=" height=".$GLOBALS['opt_avatary']; if ($udata['u_avatartype']==1) { $tmp="\"".$udata['u__name']."\"$size"; } elseif ($udata['u_avatartype']==2) { $tmp="\"".$udata['u__name']."\"$size"; } elseif ($udata['u_avatartype']==3) { $tmp="\"".$udata['u__name']."\"$size"; } return $tmp; } function check_image($name,$maxsize,$maxx,$maxy,$errsize,$errtype,$errxy) { if (!is_uploaded_file($_FILES[$name]['tmp_name']) || $_FILES[$name]['size']==0 || $_FILES[$name]['size']>$maxsize || strpos($_FILES[$name]['type'],"image")===false) error($errsize); if ($GLOBALS['opt_graphics']) { $imdata=getimagesize($_FILES[$name]['tmp_name']); if (!$imdata) error($errtype); if (($maxx && $imdata[0]>$maxx) || ($$maxy && $imdata[1]>$maxy)) error($errxy); } } function is_new($tviews,$maxdata) { if ($GLOBALS['opt_fixviews']) $tmp = $tviews; else $tmp = ($maxdata['p__time']<$GLOBALS['userlast2']); if ($GLOBALS['inuserid']<=3) $tmp=1; return !$tmp; } function check_moderate(&$udata,$level) { $tmp=0; if ($udata['ua_level'] && $udata['ua_level']>$level) $tmp=1; elseif ($udata['u__level']>$level) $tmp=1; return $tmp; } function send_pm($urecv,$usend,$text,$subj,$sqldata) { $link = $GLOBALS['link']; if ($sqldata) $sqldata=", ".$sqldata; $curtime = $GLOBALS['curtime']; $sql = "INSERT INTO ".$GLOBALS['DBprefix']."PersonalMessage SET pm__box=0, pm__owner=$urecv, pm__senddate=$curtime, pm__readdate=0, pm__correspondent=$usend, pm_subj=\"$subj\", pm_text=\"$text\" $sqldata"; $res = db_query($sql,$link); return db_insert_id($res); } function delete_topic($topic) { $link = $GLOBALS['link']; $sql = "DELETE FROM ".$GLOBALS['DBprefix']."Topic WHERE t_id=\"$topic\""; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."Bookmark WHERE tid=\"$topic\""; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."Subscription WHERE tid=\"$topic\""; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."TopicView WHERE tid=\"$topic\""; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."TopicRate WHERE tid=\"$topic\""; $res = db_query($sql,$link); $sql = "SELECT * FROM ".$GLOBALS['DBprefix']."Poll WHERE pl_tid=\"$topic\""; $res = db_query($sql,$link); if (db_num_rows($res)>0) { $plid=db_fetch_row($res); db_free_result($res); $sql = "SELECT pv_id FROM ".$GLOBALS['DBprefix']."PollVariant WHERE pv_plid=".$plid[0]; $res = db_query($sql,$link); while ($pvid=db_fetch_row) { if ($sqldata) $sqldata.=" OR "; $sqldata = "pvid=".$pvid[0]; } db_free_result($res); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."Vote WHERE $sqldata"; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."PollVariant WHERE pv_plid=".$plid[0]; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."Poll WHERE pl_id=".$plid[0]; $res = db_query($sql,$link); } $sql = "SELECT p_attach FROM ".$GLOBALS['DBprefix']."Post WHERE p_tid=\"$topic\" AND p_attach!=0"; $res = db_query($sql,$link); $attachcount=db_num_rows($res); if ($attachcount) { while ($pnumber=db_fetch_row($res)) { if ($sqldata) $sqldata.=" OR "; $sqldata.="file_id=".$pnumber[0]; } db_free_result($res); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."File WHERE $sqldata"; $res = db_query($sql,$link); } } function build_topic_table($forum,$filter="") { $link = $GLOBALS['link']; if ($filter) $sqldata=" AND MATCH(t_title,t_descr) AGAINST (\"$filter\")>0"; $sql = "DROP TABLE IF EXISTS tmpTopics"; $res = db_query($sql,$link); $sql = "CREATE TEMPORARY TABLE tmpTopics (". "tl_tid INT UNSIGNED NOT NULL, ". "tl_fid INT UNSIGNED NOT NULL, ". "tl_views INT NOT NULL, tl_pmin INT NOT NULL, tl_pmax INT NOT NULL, ". "tl_count INT NOT NULL, tl_lasttime INT NOT NULL, tl_firsttime INT NOT NULL, ". "tl_visited TINYINT NOT NULL, KEY(tl_tid)) TYPE=HEAP"; $res = db_query($sql,$link); if ($forum) $sqldata.=" AND t_fid=\"$forum\" "; $sql = "INSERT INTO tmpTopics SELECT p_tid, t_fid, t__views, MIN(p_id), MAX(p_id), COUNT(p_id), MAX(p__time), MIN(p__time), COUNT(DISTINCT tid) ". "FROM ".$GLOBALS['DBprefix']."Post, ".$GLOBALS['DBprefix']."Topic ". "LEFT JOIN ".$GLOBALS['DBprefix']."TopicView ON (tid=t_id AND uid=".$GLOBALS['inuserid'].") ". "WHERE t_id=p_tid AND p__premoderate=0 $sqldata GROUP BY p_tid"; $res = db_query($sql,$link); return db_affected_rows(); } function check_selfmod() { return ($GLOBALS['inforum']['f_selfmod'] && $GLOBALS['intopic']['p_uid']==$GLOBALS['inuserid']); } function out_online($prefix,$starttime,$endtime,$group,$more="") { $link=$GLOBALS['link']; $sql = "DROP TABLE IF EXISTS TmpOnline"; $res = db_query($sql,$link); $sql = "CREATE TEMPORARY TABLE TmpOnline (sid CHAR(32),uo_time INT) TYPE=HEAP"; $res = db_query($sql,$link); $sql = "INSERT INTO TmpOnline SELECT l.sid,MAX(uo_time) FROM ".$GLOBALS['DBprefix']."Log l WHERE uo_time>=$starttime AND uo_time<=$endtime ".$more; if ($group) $sql.=" GROUP BY sid"; else $sql.=" GROUP BY uo_time,uid,sid"; $res = db_query($sql,$link); $sql = "SELECT uo.*,u.u_id,u.u__name,f.f_id,f.f_title,f.f_lview,t.t_id,t.t_title ". "FROM TmpOnline, ".$GLOBALS['DBprefix']."Log uo, ".$GLOBALS['DBprefix']."User u LEFT JOIN ".$GLOBALS['DBprefix']."Forum f ON ". "(uo.uo_fid=f.f_id) LEFT JOIN ".$GLOBALS['DBprefix']."Topic t ON (uo.uo_tid=t.t_id) WHERE uo.uid=u.u_id AND ". "TmpOnline.sid=uo.sid AND TmpOnline.uo_time=uo.uo_time ORDER BY uo_time DESC"; $res = db_query($sql,$link); $sql = "DROP TABLE TmpOnline"; $res2 = db_query($sql,$link); while ($udata=db_fetch_array($res)) { if ($udata['uo_module']=="main") $comment = MSG_view_mainpage; elseif ($udata['f_id'] && $udata['f_lview']>$GLOBALS['inuserlevel']) $comment = MSG_view_mainpage; elseif (strpos($udata['uo_action'],"_view")!==false && $udata['t_id']) $comment = MSG_view_topic." \"".$udata['t_title']."\" ".MSG_view_inforum." \"".$udata['f_title']."\""; elseif (strpos($udata['uo_action'],"_view")!==false && $udata['f_id']) $comment = MSG_view_forum." \"".$udata['f_title']."\""; elseif ($udata['uo_action']=="do_post") $comment = MSG_view_dopost." \"".$udata['t_title']."\" ".MSG_view_inforum." \"".$udata['f_title']."\""; elseif ($udata['uo_action']=="do_topic") $comment = MSG_view_dotopic." ".MSG_view_inforum. " \"".$udata['f_title']."\""; elseif ($udata['uo_module']=="stdforum" && $udata['uo_action']=="rules") $comment = MSG_view_rules." ". MSG_view_inforum." \"".$udata['f_title']."\""; elseif ($udata['uo_module']=="profile") { if ($udata['uo_action']=="rules") $comment = MSG_view_rules." ".MSG_view_before_register; elseif ($udata['uo_action']=="register") $comment = MSG_view_registering; elseif ($udata['uo_action']=="do_register") $comment = MSG_view_registered; elseif ($udata['uo_action']=="login") $comment = MSG_view_logging_in; elseif ($udata['uo_action']=="do_login") $comment = MSG_view_logged_in; elseif ($udata['uo_action']=="do_logout") $comment = MSG_view_logged_out; elseif ($udata['uo_action']=="view") $comment = MSG_view_profile; elseif ($udata['uo_action']=="listusers") $comment = MSG_view_userlist; elseif ($udata['uo_action']=="online") $comment = MSG_view_online; } elseif ($udata['uo_module']=="search") { if ($udata['uo_action']=="view") $comment = MSG_view_start_search; elseif ($udata['uo_action']=="topic") $comment = MSG_view_search_topic; elseif ($udata['uo_action']=="post") $comment = MSG_view_search_post; elseif ($udata['uo_action']=="user") $comment = MSG_view_search_user; } else $comment = MSG_view_undescribed; online_entry($udata,$comment); } } function delete_user($uid) { $link=$GLOBALS['link']; $sql = "UPDATE ".$GLOBALS['DBprefix']."Post SET p_uid=1 WHERE p_uid=$uid"; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."UGroupMember WHERE uid=$uid"; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."UserRating WHERE uid=$uid"; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."UserWarning WHERE uw_id=$uid"; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."PersonalMessage WHERE pm__owner=$uid"; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."TopicView WHERE uid=$uid"; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."UserAccess WHERE uid=$uid"; $res = db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."LastVisit WHERE uid=$uid"; $res = db_query($sql,$link); $sql = "SELECT u__pavatar_id,u__photo_id FROM ".$GLOBALS['DBprefix']."User WHERE u_id=$uid"; $res = db_query($sql,$link); list($avatar,$photo)=db_fetch_row($res); db_free_result($res); if ($avatar) { $sql = "DELETE FROM ".$GLOBALS['DBprefix']."File WHERE file_id=\"$avatar\""; $res = db_query($sql,$link); } if ($photo) { $sql = "DELETE FROM ".$GLOBALS['DBprefix']."File WHERE file_id=\"$photo\""; $res = db_query($sql,$link); } $sql = "DELETE FROM ".$GLOBALS['DBprefix']."User WHERE u_id=$uid"; $res = db_query($sql,$link); } function common_topic_view($topic) { $link=$GLOBALS['link']; if ($GLOBALS['opt_fixviews'] && !$GLOBALS['intopic']['visited'] && $GLOBALS['inuserid']>3) { $sql = "INSERT INTO ".$GLOBALS['DBprefix']."TopicView VALUES (\"$topic\",".$GLOBALS['inuserid'].")"; $res = db_query($sql,$link); } $sql = "UPDATE ".$GLOBALS['DBprefix']."Topic SET t__views=t__views+1 WHERE t_id=\"$topic\""; $res = db_query($sql,$link); $sql = "SELECT COUNT(*) FROM ".$GLOBALS['DBprefix']."TopicRate WHERE tid=\"$topic\" AND uid=\"".$GLOBALS['inuserid']."\""; $res = db_query($sql,$link); list($rate) = db_fetch_row($res); db_free_result($res); return $rate; } function process_post($topic) { $link=$GLOBALS['link']; $inforum=$GLOBALS['inforum']; $inuserlevel=$GLOBALS['inuserlevel']; $inuser=$GLOBALS['inuser']; $inuserid=$GLOBALS['inuserid']; $intopic=$GLOBALS['intopic']; if ($inuserlevel<$inforum['f_lpost']) error(MSG_e_p_norights); if ($intopic['t__status']!=0) error(MSG_e_t_closed); if ($inforum['f_status']!=0) error(MSG_e_f_closed); if (!$text=addslashes($_POST['p_text'])) error(MSG_e_p_empty); if (strlen($text)<$GLOBALS['opt_minpost']) error(MSG_e_p_toosmall); if ($GLOBALS['opt_maxpost'] && strlen($text)>$GLOBALS['opt_maxpost']) error(MSG_e_p_toolarge); if (is_uploaded_file($_FILES['attach']['tmp_name'])) { if ($inuserlevel<$inforum['f_lattach']) error(MSG_e_p_norightsattach); if ($inforum['f_attachpics']) { check_image("attach",$GLOBALS['opt_maxfileattach'],0,0,MSG_e_p_toobig,MSG_e_p_onlypics,""); } elseif ($_FILES['attach']['size']>$GLOBALS['opt_maxfileattach']) error(MSG_e_p_toobig); $fsize=$_FILES['attach']['size']; $fh=fopen($_FILES['attach']['tmp_name'],"r"); $buffer=fread($fh,$fsize); fclose($fh); $sql = "INSERT INTO ".$GLOBALS['DBprefix']."File VALUES(0,\"".addslashes($buffer)."\",\"".$_FILES['attach']['type']. "\",\"".addslashes($_FILES['attach']['name'])."\")"; $res = db_query($sql,$link); $pattach = db_insert_id($res); } else { $pattach=0; } if ($GLOBALS['inuser']['u_detrans']) { load_smiles(); $_POST['p_text']=untransliterate($_POST['p_text']); } $text=" ".$text." "; $sql = "SELECT * FROM ".$GLOBALS['DBprefix']."BadWord"; $res = db_query($sql,$link); while ($wdata=db_fetch_array($res)) { $wdata['w_bad']="/([\s,\.:;-\?!\(\)\[\]\{\}])".str_replace("*","\S*?",$wdata['w_bad'])."([\s,\.:;-\?!\(\)\[\]\{\}])/is"; $text=preg_replace($wdata['w_bad'],"$1".$wdata['w_good']."$2",$text); } $text=substr($text,1,strlen($text)-2); unset($_POST['p_text']); db_free_result($res); $inname=getvar("inname"); $uid=$inuserid; $sqldata = build_sql("p_"); if ($inuserid<=3) { $pname=getvar("inusername"); if (!$pname) $pname="Guest"; $sql = "SELECT COUNT(*) FROM ".$GLOBALS['DBprefix']."User WHERE u__name=\"$pname\" AND u_id>1"; $res = db_query($sql,$link); list($count)=db_fetch_row($res); if ($count>0) error(MSG_e_p_reguser); } elseif ($GLOBALS['inuserlevel']>=1000 && $GLOBALS['opt_impersonation'] && $inname!=$GLOBALS['inuser']['u__name'] && $inname!="") { $sql = "SELECT u_id FROM ".$GLOBALS['DBprefix']."User WHERE u__name=\"$inname\""; $res = db_query($sql,$link); if ($tmp=db_fetch_row($res)) { $uid=$tmp[0]; } else $uid=1; $pname=$inname; } else $pname=$inuser['u__name']; $time = $GLOBALS['curtime']; if ($inuserlevel<$inforum['f_lmoderate']) { if ($inuserid>3) { $sql = "SELECT COUNT(*) FROM ".$GLOBALS['DBprefix']."Post WHERE p_uid=$inuserid AND p__time>".($time-$GLOBALS['opt_flood']); } else { $sql = "SELECT COUNT(*) FROM ".$GLOBALS['DBprefix']."Post WHERE p__ip=\"".getip()."\" AND p__time>".($time-$GLOBALS['opt_flood']); } $res = db_query($sql,$link); $count=db_fetch_row($res); if ($count[0]>0) error(MSG_e_p_flood); db_free_result($res); } if ($sqldata) $sqldata.=", "; $sqldata.="p_uname=\"$pname\", "; $sqldata.="p_uid=\"$uid\", "; $sqldata.="p_tid=$topic, "; $sqldata.="p__time=\"$time\", "; $sqldata.="p__ip=\"".iptonum(getip())."\", "; $sqldata.="p_attach=$pattach, "; if ($inuserlevel<$inforum['f_lmoderate']) $sqldata.="p__premoderate=".intval($inforum['f_premoderate']); else $sqldata.="p__premoderate=0"; $sqldata.=check_post_params(); $sql = "INSERT INTO ".$GLOBALS['DBprefix']."Post SET p_text=\"$text\", $sqldata"; $res = db_query($sql,$link); if (!$GLOBALS['inuser']['l_custom'] && $inuserid>3) { $sql = "SELECT COUNT(p.p_uid) AS pcount, l.* FROM ".$GLOBALS['DBprefix']."Post p, ".$GLOBALS['DBprefix']."UserLevel l WHERE p.p_uid=".$GLOBALS['inuserid']. " AND l.l_custom=0 GROUP BY l.l_minpost HAVING pcount=l.l_minpost"; $res = db_query($sql,$link); if (db_num_rows($res)>0) { $tmp=db_fetch_array($res); $sql = "UPDATE ".$GLOBALS['DBprefix']."User SET u__level=".$tmp['l_level']." WHERE u_id=".$inuserid." AND u__level<".$tmp['l_level']; $res = db_query($sql,$link); } } if ($GLOBALS['opt_fixviews']) { $sql = "DELETE FROM ".$GLOBALS['DBprefix']."TopicView WHERE tid=\"$topic\""; $res = db_query($sql,$link); $sql = "INSERT INTO ".$GLOBALS['DBprefix']."TopicView VALUES (\"$topic\",".$GLOBALS['inuserid'].")"; $res = db_query($sql,$link); } if (($GLOBALS['inforum']['f_lmoderate']<=$GLOBALS['inuserlevel'] || check_selfmod()) && getvar("close")) { $sql = "UPDATE ".$GLOBALS['DBprefix']."Topic SET t__status=1 WHERE t_id=\"".$GLOBALS['topic']."\""; $res = db_query($sql,$link); } if (getvar("subscr") && $GLOBALS['inuserid']>3 && !$GLOBALS['intopic']['subscr']) { $sql = "INSERT INTO ".$GLOBALS['DBprefix']."Subscription VALUES (\"$inuserid\",\"$topic\",\"".$inforum['f_id']."\")"; $res = db_query($sql,$link); } if (!$GLOBALS['inforum']['f_premoderate'] || $GLOBALS['inuserlevel']>=$GLOBALS['inforum']['f_lmoderate']) { $sql = "SELECT u__name,u__email,u_id,u__key FROM ".$GLOBALS['DBprefix']."Subscription sb, ".$GLOBALS['DBprefix']."User u WHERE sb.uid=u.u_id ". " AND sb.tid=\"".$GLOBALS['topic']."\" AND sb.uid!=".$GLOBALS['inuserid']; $buffer=load_mail("std_post.txt"); } else { $sql = "SELECT u__name,u__email,u_id,u__key FROM ".$GLOBALS['DBprefix']."Subscription sb, ".$GLOBALS['DBprefix']."User u ". "LEFT JOIN ".$GLOBALS['DBprefix']."UserAccess ua ON (ua.uid=u.u_id AND ua.fid=".$GLOBALS['forum'].") ". "WHERE sb.uid=u.u_id AND sb.tid=\"".$GLOBALS['topic']."\" AND sb.uid!=".$GLOBALS['inuserid']. " AND ((ua_level IS NULL AND u__level<=".$GLOBALS['inforum']['f_lmoderate'].") OR (ua_level IS NOT NULL AND ua_level<=".$GLOBALS['inforum']['f_lmoderate']."))"; $buffer=load_mail("std_pmod.txt"); $GLOBALS['premod_link']=$GLOBALS['opt_url']."/index.php?m=moderate&a=premod&f=".$GLOBALS['forum']; } $res = db_query($sql,$link); $GLOBALS['ttitle']=$GLOBALS['intopic']['t_title']; $GLOBALS['ftitle']=$GLOBALS['inforum']['f_title']; $GLOBALS['text']=stripslashes($text); $GLOBALS['postername']=$GLOBALS['inuser']['u__name']; while ($email=db_fetch_row($res)) { $GLOBALS['username']=$email[0]; $GLOBALS['flink']=$GLOBALS['opt_url']."/index.php?t=".$GLOBALS['topic']; $GLOBALS['unsublink']=$GLOBALS['opt_url']."/agent.php?a=unsub&u=".$email[2]. "&f=".$GLOBALS['forum']."&t=".$GLOBALS['topic']."&key=".md5($GLOBALS['topic'].$email[3]); replace_mail($buffer,$email[1],MSG_p_newmessage." ".$GLOBALS['ttitle']); } } function build_mod_list($forum,$flevel) { $link=$GLOBALS['link']; $GLOBALS['modlist']=""; $sql = "SELECT u_id,u__name FROM ".$GLOBALS['DBprefix']."User LEFT JOIN ".$GLOBALS['DBprefix']."UserAccess ON (u_id=uid AND fid=$forum) WHERE ". "u_id>3 AND (u__level>=$flevel OR ua_level>=$flevel) AND u__level<1000"; $res = db_query($sql,$link); while ($udata=db_fetch_array($res)) { if ($GLOBALS['modlist']) $GLOBALS['modlist'].=", "; $GLOBALS['modlist'].= user_out($udata['u__name'],$udata['u_id']); } if (db_num_rows($res)==1) $GLOBALS['modlist']=MSG_moderator.": ".$GLOBALS['modlist']; elseif (db_num_rows($res)>1) $GLOBALS['modlist']=MSG_moderators.": ".$GLOBALS['modlist']; } function check_premod(&$fdata) { $link=$GLOBALS['link']; if ($GLOBALS['inuserbasic']>=$fdata['f_lmoderate'] || $fdata['ua_level']>=$fdata['f_lmoderate']) { $sql="SELECT COUNT(*) FROM ".$GLOBALS['DBprefix']."Post p, ".$GLOBALS['DBprefix']."Topic t ". "WHERE t_fid=".$fdata['f_id']." AND p_tid=t_id AND p__premoderate=1"; $res = db_query($sql,$link); $pcount=db_fetch_row($res); } return $pcount[0]; } function big_search_form($mode=0) { load_style("search.php"); $link = $GLOBALS['link']; if ($mode==0) { $sql = "SELECT f_id,f_title,ct_id,ct_name FROM ".$GLOBALS['DBprefix']."Category ct, ".$GLOBALS['DBprefix']."Forum f, ".$GLOBALS['DBprefix']."ForumType tp ". "LEFT JOIN ".$GLOBALS['DBprefix']."UserAccess ua ON (ua.uid=".$GLOBALS['inuserid']." AND ua.fid=f.f_id) ". "WHERE f_tpid=tp_id AND ct_id=f_ctid AND tp_searchable=1 AND ((ua.ua_level IS NULL AND f_lread<=\"".$GLOBALS['inuserbasic']."\") OR (ua.ua_level IS NOT NULL AND f_lread<=ua.ua_level))". "ORDER BY ct_sortfield,f_sortfield"; $res = db_query($sql,$link); $_POST['a']="post"; $_POST['res']="post"; $_POST['o']="rel"; } search_form_start($mode); $oldcat=0; if ($mode==0) { while ($fdata=db_fetch_array($res)) { if ($oldcat!=$fdata['ct_id']) { search_form_category($fdata['ct_id'],$fdata['ct_name']); $oldcat=$fdata['ct_id']; } search_form_entry($fdata); } } elseif (is_array($_POST['fs'])) { foreach ($_POST['fs'] as $key=>$value) if (is_numeric($key) && is_numeric($value)) $buffer.=""; } elseif (is_array($_GET['fs'])) { foreach ($_GET['fs'] as $key=>$value) if (is_numeric($key) && is_numeric($value)) $buffer.=""; } search_form_end($buffer); } function last_topics($topics=10) { $link=$GLOBALS['link']; $sql = "SELECT t_id,t_title FROM ".$GLOBALS['DBprefix']."Topic, ".$GLOBALS['DBprefix']."Post, ".$GLOBALS['DBprefix']."Forum f ". "LEFT JOIN ".$GLOBALS['DBprefix']."UserAccess ua ON (ua.uid=".$GLOBALS['inuserid']." AND ua.fid=f.f_id) ". "WHERE p_tid=t_id AND t_fid=f_id AND p__premoderate=0 AND ". "((ua.ua_level IS NULL AND f.f_lview<=".$GLOBALS['inuserbasic'].") OR (ua.ua_level IS NOT NULL AND f.f_lview<=ua.ua_level)) ". "GROUP BY t_id ORDER BY p__time DESC LIMIT $topics"; $res = db_query($sql,$link); tlist_start(MSG_t_lasts." ".format_word($topics,MSG_t1,MSG_t2,MSG_t3)); while ($tdata=db_fetch_row($res)) { $list.=tlist_entry($tdata); } tlist_end(); } function active_topics($topics=10) { $link=$GLOBALS['link']; $sql = "SELECT t_id,t_title,COUNT(p_id) AS tcount FROM ".$GLOBALS['DBprefix']."Topic, ".$GLOBALS['DBprefix']."Post, ".$GLOBALS['DBprefix']."Forum f ". "LEFT JOIN ".$GLOBALS['DBprefix']."UserAccess ua ON (ua.uid=".$GLOBALS['inuserid']." AND ua.fid=f.f_id) ". "WHERE p_tid=t_id AND t_fid=f_id AND p__premoderate=0 AND ". "((ua.ua_level IS NULL AND f.f_lview<=".$GLOBALS['inuserbasic'].") OR (ua.ua_level IS NOT NULL AND f.f_lview<=ua.ua_level)) ". "GROUP BY p_tid ORDER BY tcount DESC LIMIT $topics"; $res = db_query($sql,$link); tlist_start(MSG_t_actives." ".format_word($topics,MSG_t1,MSG_t2,MSG_t3)); while ($tdata=db_fetch_row($res)) { $list.=tlist_entry($tdata); } tlist_end(); } function check_system_pass($password) { $link=$GLOBALS['link']; $sql = "SELECT u__password FROM ".$GLOBALS['DBprefix']."User WHERE u_id=2"; $res = db_query($sql,$link); list($rightpass)=db_fetch_row($res); db_free_result($res); if (md5($password)==$rightpass) $result=1; else $result=0; return $result; } function check_ddos($name) { $code = getvar($name); $link=$GLOBALS['link']; $sid=session_id(); $sql = "SELECT code FROM ".$GLOBALS['DBprefix']."Code WHERE sid=\"$sid\""; $res = db_query($sql,$link); list($rightcode)=db_fetch_row($res); $res = db_query($sql,$link); if ($code!=$rightcode) error(MSG_e_badcode); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."Code WHERE sid=\"$sid\""; $res = db_query($sql,$link); } function get_premod() { $link=$GLOBALS['link']; if ($GLOBALS['inuserlevel']>=$GLOBALS['inforum']['f_lmoderate'] && $GLOBALS['inforum']['f_premoderate']) { $sql = "SELECT COUNT(*) FROM ".$GLOBALS['DBprefix']."Post p, ".$GLOBALS['DBprefix']."Topic t ". "WHERE p_tid=t_id AND t_fid=".$GLOBALS['forum']." AND p__premoderate=1"; $res = db_query($sql,$link); list($pcount)=db_fetch_row($res); } return $pcount; } function do_rate() { $link=$GLOBALS['link']; if ($GLOBALS['inuserid']<=3) error(MSG_e_t_rnoguest); $sql = "SELECT COUNT(*) FROM ".$GLOBALS['DBprefix']."TopicRate WHERE tid=\"".$GLOBALS['topic']."\" AND uid=\"".$GLOBALS['inuserid']."\""; $res = db_query($sql,$link); $rate = db_fetch_row($res); db_free_result($res); if ($rate[0]>0) error(MSG_e_t_rated); $trvalue=getvar("tr_value"); if ($trvalue<1 || $trvalue>7) error(MSG_e_t_badvalue); $sql = "INSERT INTO ".$GLOBALS['DBprefix']."TopicRate VALUES(\"".$GLOBALS['topic']."\", \"".$GLOBALS['inuserid']."\",\"$trvalue\")"; $res = db_query($sql,$link); topic_message(MSG_t_rated); } function format_calendar($vardate,$mindate,$reflink) { $day = date("j",$vardate); $month = date("n",$GLOBALS['curtime']); $year = date("Y",$GLOBALS['curtime']); $curdate=mktime(0,0,0,$month,$day,$year); $testdate=mktime(0,0,0,date("n",$mindate),1,date("Y",$mindate)); $first_day=date("w",mktime(0,0,0,date("n",$vardate),1,date("Y",$vardate))); if ($first_day==0) $first_day=7; while ($curdate>=$testdate) { $monthselect.="