/*
+-------------------------------------------------------------------+
| S I M P L E F O R U M (v3.8) |
| |
| Copyright Gerd Tentler www.gerd-tentler.de/tools |
| Created: Nov. 21, 2001 Last modified: Jun. 14, 2009 |
+-------------------------------------------------------------------+
| This program may be used and hosted free of charge by anyone for |
| personal purpose as long as this copyright notice remains intact. |
| |
| Obtain permission before selling the code for this program or |
| hosting this software on a commercial website or redistributing |
| this software over the Internet or in any other medium. In all |
| cases copyright must remain intact. |
+-------------------------------------------------------------------+
*/
error_reporting(E_WARNING);
if(function_exists('session_start')) session_start();
//========================================================================================================
// Set global variables, if they are not registered globally; needs PHP 4.1.0 or higher
//========================================================================================================
if(isset($_REQUEST['start'])) $start = $_REQUEST['start'];
if(isset($_REQUEST['showMessage'])) $showMessage = $_REQUEST['showMessage'];
if(isset($_REQUEST['date_show'])) $date_show = $_REQUEST['date_show'];
if(isset($_REQUEST['mNr'])) $mNr = $_REQUEST['mNr'];
if(isset($_REQUEST['tNr'])) $tNr = $_REQUEST['tNr'];
if(isset($_POST['create'])) $create = $_POST['create'];
if(isset($_REQUEST['new'])) $new = $_REQUEST['new'];
if(isset($_REQUEST['delete'])) $delete = $_REQUEST['delete'];
if(isset($_REQUEST['admin'])) $admin = $_REQUEST['admin'];
if(isset($_REQUEST['open'])) $open = $_REQUEST['open'];
if(isset($_POST['tstamp'])) $tstamp = $_POST['tstamp'];
if(isset($_POST['sfID'])) $sfID = $_POST['sfID'];
if(isset($_POST['sfName'])) $sfName = $_POST['sfName'];
if(isset($_POST['sfEMail'])) $sfEMail = $_POST['sfEMail'];
if(isset($_POST['sfSubject'])) $sfSubject = $_POST['sfSubject'];
if(isset($_POST['sfText'])) $sfText = $_POST['sfText'];
if(isset($_POST['sfSignature'])) $sfSignature = $_POST['sfSignature'];
if(isset($_SERVER['PHP_SELF'])) $PHP_SELF = $_SERVER['PHP_SELF'];
if(isset($_SERVER['HTTP_HOST'])) $HTTP_HOST = $_SERVER['HTTP_HOST'];
if(isset($_SERVER['HTTP_USER_AGENT'])) $HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
if(isset($_SERVER['HTTP_REFERER'])) $HTTP_REFERER = $_SERVER['HTTP_REFERER'];
//========================================================================================================
// Make sure that the following variables are integers
//========================================================================================================
$mNr = (int) $mNr;
$tNr = (int) $tNr;
$thr = (int) $thr;
$new = (int) $new;
$delete = (int) $delete;
$start = (int) $start;
$showMessage = (int) $showMessage;
$open = (int) $open;
//========================================================================================================
// Check variable contents
//========================================================================================================
if(!ereg('^[0-9]{4}-[0-9]{2}-[0-9]{2}$', $date_show)) $date_show = '';
//========================================================================================================
// Includes
//========================================================================================================
if($HTTP_HOST == 'localhost' || $HTTP_HOST == '127.0.0.1' || ereg('^192\.168\.0\.[0-9]+$', $HTTP_HOST)) {
include('config_local.inc.php');
}
else {
include('config_main.inc.php');
}
if(!isset($language)) $language = 'en';
include("languages/lang_$language.inc");
include('smilies.inc');
include('funclib.inc');
//========================================================================================================
// Set session variables (admin login and message ID); needs PHP 4.1.0 or higher
//========================================================================================================
if($admin && $admin == $adminPass) $_SESSION['sf_admin'] = $admin;
if(!$new && $enableIDs && !$_SESSION['msgID']) {
srand((double) microtime() * 1000000);
$_SESSION['msgID'] = md5(uniqid(rand()));
}
//========================================================================================================
// Functions
//========================================================================================================
function showTreeItem($item, $level, $hilight) {
global $message, $wordLength, $forumWidth, $adminPass,
$forum, $tNr, $mNr, $lines, $open,
$tbl_name, $fld_id, $fld_date, $fld_subject, $fld_name, $fld_email;
$id = $item['id'];
$pid = $item['pid'];
$thread = $item['thread'];
$sql = "SELECT $fld_subject, $fld_date, $fld_name, $fld_email FROM $tbl_name WHERE $fld_id='$id'";
$row = mysql_fetch_row(mysql_query($sql));
$subject = format($row[0], $wordLength, $forumWidth - 105, true);
$date = $row[1];
$name = format($row[2], $wordLength, $forumWidth - 105, true);
$email = preg_match('/^[a-z0-9\.\_\-]+@[a-z0-9äöüÄÖÜ\.\-]+\.[a-z]{2,4}$/i', $row[3]) ? $row[3] : '';
if(($item['open'] || $tNr) && $item['replies']) {
$img = './forum/minus.gif';
$link = ($open || $mNr) ? '' : "$forum&showMessage=$pid";
}
else if($item['replies']) {
$img = './forum/plus.gif';
$link = ($open || $mNr) ? '' : "$forum&showMessage=$id";
}
else {
$img = './forum/point.gif';
$link = '';
}
?>
if(($item['open'] || $tNr) && $item['replies']) {
$cnt = 0;
while(list($key, $sub_item) = each($item['items'])) {
$last = (++$cnt >= count($item['items']));
$lines[$level+1] = $last ? './forum/blank.gif' : './forum/line.gif';
showTreeItem($sub_item, $level+1, $hilight);
}
}
}
function showThreads($tree, $hilight) {
global $threadsPerPage, $mNr, $tNr, $lines;
$total = count($tree);
$cnt = 0;
while(list($thread, $items) = each($tree)) {
$cnt++;
$last = ($tNr || $cnt == $total);
$lines[0] = $last ? './forum/blank.gif' : './forum/line.gif';
while(list($key, $item) = each($items)) {
showTreeItem($item, 0, $hilight);
}
}
}
function updateTreeItem(&$item, $date, $sub = false) {
global $open;
$item['replies']++;
if($date > $item['date']) $item['update'] = $date;
if($open || $sub) $item['open'] = true;
}
function addTreeItem(&$tree, $item) {
$id = $item['id'];
$pid = $item['pid'];
if($pid && $tree[$pid]) {
$tree[$pid]['items'][$id] = $item;
updateTreeItem($tree[$pid], $item['date'], $item['open']);
return true;
}
reset($tree);
while(list($key, $val) = each($tree)) {
if(addTreeItem($tree[$key]['items'], $item)) {
updateTreeItem($tree[$key], $item['date'], $item['open']);
return true;
}
}
return false;
}
function buildThreads($open = 0) {
global $threadsPerPage, $start, $date_show, $date_show_from, $tNr, $total_threads,
$tbl_name, $fld_id, $fld_date, $fld_thread, $fld_pid;
$errors = $cond = '';
$threads = $keys = array();
if($tNr) {
$cond = "$fld_thread='$tNr'";
}
else if($date_show_from && $date_show) {
$cond = "$fld_date>='$date_show_from' AND $fld_date<='$date_show'";
}
$sql = "SELECT $fld_thread, MAX($fld_id) FROM $tbl_name";
if($cond) $sql .= " WHERE $cond";
$sql .= " GROUP BY $fld_thread";
$result = mysql_query($sql);
if($result) while($row = mysql_fetch_row($result)) {
$threads[$row[0]] = $tNr ? array() : $row[1];
}
else sql_error();
$total_threads = count($threads);
if(!$tNr) {
arsort($threads);
$cnt = 0;
while(list($thread, $val) = each($threads)) {
if($cnt < $start || $cnt >= $start + $threadsPerPage) {
unset($threads[$thread]);
}
else {
$threads[$thread] = array();
$keys[] = $thread;
}
$cnt++;
}
if(count($keys)) $cond = "$fld_thread IN (" . join(',', $keys) . ")";
}
$sql = "SELECT $fld_id, $fld_pid, $fld_thread, $fld_date FROM $tbl_name";
if($cond) $sql .= " WHERE $cond";
$sql .= " ORDER BY $fld_id";
$result = mysql_query($sql);
if($result) while($row = mysql_fetch_row($result)) {
$item = array(
'id' => $row[0],
'pid' => $row[1],
'thread' => $row[2],
'date' => $row[3],
'open' => ($open == $row[0]) ? true : false,
'replies' => 0,
'update' => $row[3],
'items' => array()
);
if(!addTreeItem($threads[$row[2]], $item)) {
if(!$row[1]) $threads[$row[2]][$row[0]] = $item;
else $errors .= 'ERROR: could not add ID ' . $item['id'] . ' to tree
';
}
}
else sql_error();
if($errors) echo '
' . $errors . '
';
return $threads;
}
//========================================================================================================
// Main
//========================================================================================================
if($open == '') $open = $openThreads ? 1 : 0;
// $forum = $forum_all = "$PHP_SELF?open=$open";
$forum = $forum_all = "?id=./forum/forum&open=$open";
$forum_date = "$forum&date_show";
if($start >= 0) $forum .= "&start=$start";
if($date_show) $forum .= "&date_show=$date_show";
$forum_open = preg_replace('/open=\d+/', 'open=1', $forum);
$forum_close = preg_replace('/open=\d+/', 'open=0', $forum);
//donbiker
// header('Cache-control: private, no-cache, must-revalidate');
// header('Expires: Sat, 01 Jan 2000 00:00:00 GMT');
// header('Date: ' . gmdate('D, d M Y H:i:s') . ' GMT');
// header('Pragma: no-cache');
?>
echo $forumTitle; ?>
echo $forumTitle; ?>
if($admin && !$_SESSION['sf_admin']) {
?>
echo $message[17]; ?>
}
if(db_open($db_server, $db_user, $db_pass, $db_name)) {
if(!mysql_query("SELECT 1 FROM $tbl_name LIMIT 1")) {
$table_exists = false;
if($create == 'yes') {
$sql = "CREATE TABLE $tbl_name ( " .
"$fld_id INT(10) NOT NULL auto_increment, " .
"$fld_date DATE DEFAULT '0000-00-00' NOT NULL, " .
"$fld_name VARCHAR(50), " .
"$fld_email VARCHAR(75), " .
"$fld_subject VARCHAR(50) NOT NULL, " .
"$fld_thread INT(10) NOT NULL, " .
"$fld_pid INT(10), " .
"$fld_text TEXT NOT NULL, " .
"PRIMARY KEY ($fld_id))";
if(!mysql_query($sql)) sql_error();
else $table_exists = true;
}
else if($create == 'no') echo 'Operation cancelled. ';
else {
echo '';
echo ' ';
}
}
else $table_exists = true;
if($table_exists) {
if($_SESSION['sf_admin'] && $_SESSION['sf_admin'] == $adminPass && $delete) {
$result = mysql_query("SELECT $fld_thread, $fld_pid FROM $tbl_name WHERE $fld_id='$delete'");
if($result && mysql_num_rows($result)) {
$row = mysql_fetch_row($result);
$thr = $row[0];
$pid = $row[1];
if(!mysql_query("DELETE FROM $tbl_name WHERE $fld_thread='$thr' AND $fld_pid>=$delete")) sql_error();
if(!mysql_query("DELETE FROM $tbl_name WHERE $fld_id='$delete'")) sql_error();
$date_show = 0;
if($pid) {
$tNr = $thr;
$mNr = $pid;
}
}
}
if($new) {
if($tstamp) {
if(!$sfSubject || !$sfText) {
$error = $message[1];
}
else {
$kuk = checkSpam($sfID, $tstamp, $sfName, $sfEMail, $sfSubject, $sfText, $sfSignature);
echo $kuk;
if($kuk) $error = $message[21];
}
if($error) {
?>
echo $error; ?>
}
else {
if($enableSignature) $_SESSION['secCode'] = rand(100000, 999999);
if($sfEMail && !$sfName) $sfName = str_replace('@', ' @ ', $sfEMail);
if(!$tNr) $tNr = mysql_result(mysql_query("SELECT MAX($fld_thread) FROM $tbl_name"), $fld_thread) + 1;
if(!get_magic_quotes_gpc()) {
$sfName = addslashes($sfName);
$sfEMail = addslashes($sfEMail);
$sfSubject = addslashes($sfSubject);
$sfText = addslashes($sfText);
}
$date = date('Y-m-d');
$sql = "INSERT INTO $tbl_name ($fld_date, $fld_name, $fld_email, $fld_subject, $fld_thread, $fld_pid, $fld_text) ";
$sql .= "VALUES ('$date', '$sfName', '$sfEMail', '$sfSubject', '$tNr', '$mNr', '$sfText')";
if(!mysql_query($sql)) sql_error();
else {
$nr = mysql_result(mysql_query("SELECT MAX($fld_id) FROM $tbl_name"), $fld_id);
$link = "$forum&mNr=$nr&tNr=$tNr";
?>
}
}
}
if($mNr && !$sfSubject) {
$sfSubject = 'RE: ' . mysql_result(mysql_query("SELECT $fld_subject FROM $tbl_name WHERE $fld_id='$mNr'"), $fld_subject);
$sfSubject = replaceNonos($sfSubject);
}
$link = $forum . ($mNr ? "&mNr=$mNr&tNr=$tNr" : '');
if(get_magic_quotes_gpc()) {
$sfName = stripslashes($sfName);
$sfEMail = stripslashes($sfEMail);
$sfSubject = stripslashes($sfSubject);
$sfText = stripslashes($sfText);
}
$sfName = str_replace('"', '"', $sfName);
$sfEMail = str_replace('"', '"', $sfEMail);
$sfSubject = str_replace('"', '"', $sfSubject);
?>
|
HTML: 
URLs: 
UBBs: 
$cnt = 0;
reset($sm);
while(list($code, $img) = each($sm)) {
if($img != $img_old) {
?>
$cnt++;
if(!($cnt % 4)) echo '
';
}
$img_old = $img;
}
?>
|
}
else if($mNr) {
$row = mysql_fetch_array(mysql_query("SELECT * FROM $tbl_name WHERE $fld_id='$mNr'"));
$date = $row[$fld_date];
$name = format($row[$fld_name], $wordLength, $forumWidth - 105, true);
$email = $row[$fld_email];
$subject = format($row[$fld_subject], $wordLength, $forumWidth - 105, true);
$text = format($row[$fld_text], $wordLength, $forumWidth - 105, false);
?>
echo $message[3]; ?>: |
echo $date; ?> |
echo $message[10]; ?>: |
echo $name ? $name : '???'; ?>
if($email) echo '(' . format($email, $wordLength, $forumWidth - 105, true) . ')'; ?>
|
|
echo $message[6]; ?>: |
echo $subject; ?> |
|
echo $message[7]; ?>: |
echo $text; ?> |
echo 'Thread:
';
$showMessage = $mNr;
$threads = buildThreads();
showThreads($threads, $mNr);
?>
}
else {
if($autoDelete) {
$date = date('Y-m-d', time() - $autoDelete * 24 * 60 * 60);
$result = mysql_query("SELECT $fld_thread, MAX($fld_date) FROM $tbl_name GROUP BY $fld_thread");
if($result) while($row = mysql_fetch_row($result)) {
if($row[1] <= $date) {
if(!mysql_query("DELETE FROM $tbl_name WHERE $fld_thread='$row[0]'")) sql_error();
}
}
else sql_error();
}
if($date_show) {
$d = explode('-', $date_show);
$tstamp_to = mktime(0, 0, 0, $d[1], $d[2], $d[0]);
$tstamp_from = $tstamp_to - $latestPostsDays * 24 * 3600;
$date_show_from = date('Y-m-d', $tstamp_from);
}
else {
$result = mysql_query("SELECT MAX($fld_date) AS date FROM $tbl_name");
$latest = mysql_result($result, 0);
}
$threads = buildThreads($showMessage);
if($start >= $total_threads) $start = $total_threads - $threadsPerPage;
if($start < 0) $start = 0;
$forum2 = preg_replace('/&start=\d+/', '', $forum);
?>
showThreads($threads, $mNr);
?>
}
}
mysql_close();
}
?>
|