Location: PHPKode > projects > 427BB > fourtwosevenbb/func_posts.php
<?php
/*************************************************************************
 * 427BB - PHP & MySQL Forum                                             *
 * Copyright (C) 2003-2006 Ben Brown                                     *
 *                                                                       *
 * This program is free software; you can redistribute it and/or modify  *
 * it under the terms of the GNU General Public License as published by  *
 * the Free Software Foundation; version 2 of the License.               *
 *                                                                       *
 * This program is distributed in the hope that it will be useful,       *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of        *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *
 * GNU General Public License for more details.                          *
 *                                                                       *
 * A Copy of the GNU General Public License can be found in the file     *
 * 'liscence.txt' in the root of the forum directory.                    *
 *************************************************************************/

include 'sql_connect.php';

function get_personal($p_user, $showsig) {
	include 'config.php';
        $pers_sql = "SELECT UserType, Status, Avatar, Signature, Posts, Location FROM " . $t_prefix . "Personal WHERE UserName='$p_user'";
        $pers_res = mysql_query($pers_sql);
        $pers_row = mysql_fetch_row($pers_res);

        $p_usertype = $pers_row[0];
        $p_status = stripslashes($pers_row[1]);
        $avatar = stripslashes($pers_row[2]);
        $sig = stripslashes($pers_row[3]);
        $postcount = $pers_row[4];
        $location = stripslashes($pers_row[5]);

	$out = "<td class=mess_nw width=120";

	if ($sig != NULL && $showsig != 0) {
                $out .= " rowspan=2";
        }
        $out .= "><span class=small>$p_status
        <br>$avatar";

        if ($location != NULL) {
                $out.= "\n<br>$location";
        }

        $out .= "\n<br>Posts: $postcount
        </span></td>";

	$out = array ($p_usertype, $out, $sig);

	return $out;
}

function get_options($auth, $usertype, $username, $p_user, $postid, $write) {
	if ($write != TRUE) {
		return "&nbsp;";
	}
        $out = "<div class=small style=\"text-align:right\">[ ";
        if (!isset($auth) || $auth == NULL) {
                $out .= "You are not logged in. Log in or <a href=register.php class=white>register</a> to post ]</div>";
                return $out;
        }

	$out .= "<a href=\"ignorelist.php?ignore_user=$p_user\" class=white>Ignore User</a> | ";

        if ($usertype == "admin" || $username == $p_user) {
                $out .= "<a href=\"posts.php?delete=$postid\" class=white>delete</a> | <a href=\"posts.php?edit=$postid\" class=white>edit</a> | ";
        }

        $out .= "<a href=\"posts.php?quote=$postid\" class=white>quote</a> | <a href=\"posts.php?reply=$postid\" class=white>reply</a>";

        $out .= " ]</div>";

        return $out;
}

function get_post_info($post_id, $type = NULL) {
	include 'config.php';
	if ($type == "thread") {
		$sql = "SELECT ForumTitle FROM " . $t_prefix . "Forums WHERE ForumID=$post_id";
		$res = mysql_query($sql);
		$out = mysql_result($res, 0);
		return $out;
	} else if ($type == "ethread") {
		$sql = "SELECT ThreadTitle, ForumID FROM " . $t_prefix . "Threads WHERE ID=$post_id";
		$res = mysql_query($sql);
		$out = mysql_fetch_row($res);
		return $out;
	}	
	$p_sql = "SELECT UserName, Post, ThreadID, ForumID FROM " . $t_prefix . "Posts WHERE ID=$post_id";
	$p_res = mysql_query($p_sql);
	if (!$p_row = mysql_fetch_row($p_res)) {
		return mysql_error() . "\n$p_sql";
	}

	$ThreadID = $p_row[2];

	$t_sql = "SELECT ThreadTitle FROM " . $t_prefix . "Threads WHERE ID=$ThreadID";
	$t_res = mysql_query($t_sql);
	$title = mysql_result($t_res, 0);


	$p_row[4] = $title;

	return $p_row;
}

function draw_form($post_id, $type, $prev_post = NULL) {
	include 'config.php';
	include 'func_chk.php';
        $info = get_post_info($post_id, $type);
	if (isset($_POST['refer'])) {
		$refer = $_POST['refer'];
	} else {
        	$refer = $_SERVER['HTTP_REFERER'];
	}
       	$page = $_SERVER['PHP_SELF'];

	$preview = $_POST['preview'];

	if ($type != "ethread") {
		$post = $info[1];

		$ThreadID = $info[2];
		$ForumID = $info[3];

		$ThreadTitle = stripslashes($info[4]);
	} else {
		$ThreadTitle = stripslashes($info[0]);
		$ForumID = $info[1];
		$ThreadID = $post_id;
	}

        $out = "<form action=\"$page\" method=post name=form>
<table border=0 width=\"$table_width\" cellspacing=3 cellpadding=0>";

        if ($type == "ethread" || $type == "thread") {
                $out  .= "<tr>
        <td class=formright width=100>Thread Title:</td>
        <td class=formleft><input type=text size=60 name=ThreadTitle value=\"";
		if ($type == "ethread") {
			$out .= $ThreadTitle;
		}
		$out .= "\"></td>
</tr>";
        }

	if ($type == "delete") {
		$out .= "<input type=hidden name=postid value=$post_id>
<tr height=100 valign=top>
	<td class=mess>$post</td>
</tr>
<tr>
	<td classformleft><input type=submit name=save value=\"Delete\">
	&nbsp;<input type=submit name=save value=\"Cancel\"></td>
</tr>";
	}

        if ($type == "reply" || $type == "quote") {
                $out .= "<input type=hidden name=replyuser value=\"" . $info[0] . "\">";
        }

        if ($type != "delete" && $type != "ethread") {
                $out .= "<tr valign=top>
        <td class=formright>Post:</td>
        <td class=formleft><textarea name=post rows=10 cols=80>";
		if ($prev_post != NULL) {
			$out .= $prev_post;
                } else if ($type == "edit" || $type == "quote") {
                        $post = post_replace($post, "edit");
			if ($type == "quote") {
				$out .= "[quote={$info[0]}]\n" . $post . "\n[/quote]";
				$type = "reply";
			} else {
                        	$out .= $post;
			}
                }

                $out .= "</textarea></td></tr>";

        }

	if ($type == "edit" || $type == "reply") {
		$out .= show_smilies();
		if ($type == "edit" && $usertype == "admin") {
			$out .= "\n<tr><td>&nbsp;</td>\n<td class=formleft><input type=checkbox name=showedit checked>&nbsp;Show Edit</td></tr>";
		}
		$out .= "\n<tr><td>&nbsp;</td>\n<td class=formleft><input type=checkbox name=preview checked>&nbsp;Preview</td></tr>
		<input type=hidden name=postid value=$post_id>";
	}

	if ($type == "thread") {
		$out .= "\n<input type=hidden name=ForumID value=$post_id>";
	} else {
        	$out .= "\n<input type=hidden name=ThreadID value=$ThreadID>";
	}

	if ($type == "thread") {
		$out .= show_smilies();
	}

	if ($type == "thread" || $type == "ethread") {
		if ($usertype == "admin") {
			$out .= get_thread_admin($post_id, $type);
		}
	}

	if ($type != "thread") {
		$out .= "<input type=hidden name=ForumID value=$ForumID>";
	}

	$out .= "<input type=hidden name=refer value=\"$refer\">
<input type=hidden name=type value=\"$type\">
<tr>";
	if ($type != "delete") {
        	$out .= "<td class=formleft>&nbsp;</td>
        <td class=formleft><input type=submit name=save value=\"Save\">
        &nbsp;<input type=submit name=save value=\"Cancel\"></td>
</tr>";
	}

        $out .= "</table></form>";

        return $out;

}

function show_last_posts($ThreadID, $table_width) {
	include 'config.php';
        $sql = "SELECT UserName, Post FROM " . $t_prefix . "Posts WHERE ThreadID=$ThreadID ORDER BY UTime DESC LIMIT 10";
        $res = mysql_query($sql);
        
	$out .= "<div class=messtitle>Last 10 Posts:</div>
<div class=mess_nw>
<table border=0 cellspacing=0 width=\"$table_width\">";

        while ($row = mysql_fetch_row($res)) {
                $username = stripslashes($row[0]);
                $post = img_replace($row[1]);
                $post = stripslashes($post);

                $out .= "<tr valign=top>
        <td class=mess_nw width=120>$username</td>
        <td class=mess_nw>$post</td>
</tr>";

        }
        $out .= "</table>";

        return $out;
}

function increase_postcount($user) {
	include 'config.php';
	if ($user == NULL) {
		return "Username not supplied";
	}


	$sql = "SELECT UserType, Posts FROM " . $t_prefix . "Personal WHERE UserName='$user'";
	$res = mysql_query($sql);

	if (!$row = mysql_fetch_row($res)) {
		return mysql_error();
	}

	$usertype = $row[0];
	$postcount = $row[1];


	if ($postcount == NULL) {
		$postcount = 0;
	}

	$postcount++;

	$statuses = get_statuses();

	foreach ($statuses as $key => $val) {
		if (preg_match("/^custom$/", $val['status'])) {
			$trigger = $val['posts'];
		}
	}

	if ($usertype == "admin" || $postcount >= $trigger) {
		$sql = "UPDATE " . $t_prefix . "Personal SET Posts=$postcount WHERE UserName='$user'";
		if (!mysql_query($sql)) {
			return mysql_error();
		} else {
			return;
		}
	}

	foreach ($statuses as $key => $val) {
		if ($postcount == $val['posts']) {
			$status = addslashes($val['status']);
		}
	}


	if ($status == NULL) {
		$sql = "UPDATE " . $t_prefix . "Personal SET Posts=$postcount WHERE UserName='$user'";
	} else {
		$sql = "UPDATE " . $t_prefix . "Personal SET Posts=$postcount, Status='$status' WHERE UserName='$user'";
	}

	if (!mysql_query($sql)) {
		return mysql_error();
	} else {
		return;
	}
			
}

function show_preview($post) {
	$p_post = post_replace($post, "post");
	$p_post = stripslashes($p_post);
	$out = "\n
<!-- Start of Preview -->
<div class=messtitle>Preview</div>
<div class=mess>$p_post</div>";

	$post = base64_encode($post);

	$ThreadID = $_POST['ThreadID'];
	$ForumID = $_POST['ForumID'];
	$postid = $_POST['postid'];
	$refer = $_POST['refer'];
	$type = $_POST['type'];
	$replyuser = stripslashes($_POST['replyuser']);
	$showedit = $_POST['showedit'];

	$action = $_SERVER['PHP_SELF'];

	$out .= "\n<form action=\"$action\" method=POST>
<input type=hidden name=ThreadID value=$ThreadID>
<input type=hidden name=ForumID value=$ForumID>
<input type=hidden name=postid value=$postid>
<input type=hidden name=refer value=$refer>
<input type=hidden name=type value=$type>
<input type=hidden name=post value=\"$post\">
<input type=hidden name=showedit value=$showedit>
<input type=hidden name=replyuser value=\"$replyuser\">
<input type=hidden name=enc value=1>
<input type=submit name=save value=\"Save\">
</form>

<!-- End of Preview -->

";

	return $out;
}

function get_thread_admin($ThreadID, $type = NULL) {
	include 'config.php';
	if ($ThreadID != NULL) {
		if ($type == "thread") {
			$sql1 = NULL;
			$sql2 = "Forums";
			$id = "ForumID";
		} else {
			$sql1 = ", Status, Sticky";
			$sql2 = "Threads";
			$id = "ID";
		}
		$sql = "SELECT UGroup, GroupRights, OtherRights{$sql1} FROM " . $t_prefix . $sql2 . " WHERE {$id}=$ThreadID";
		if (!$res = mysql_query($sql)) {
			return mysql_error();
		}
		$row = mysql_fetch_row($res);
		$status = $row[3];
		$sticky = $row[4];
		$UGroup = $row[0];
		$g_acc = $row[1];
		$o_acc = $row[2];
	} else {
		$status = "unlocked";
		$sticky = 'NULL';
	}


	$out = "<tr>
	<td class=messtitle_nw colspan=2>Edit Thread Settings</div>
</tr>
<tr>
	<td class=formright>";


	$opts = array ("unlocked", "locked");

	$out .= "Thread Status:</td>
	<td class=formleft><select name=status>";

	foreach($opts as $value) {
		$out .= "\n<option";
			if ($value == $status) {
				$out .= " selected";
			}
		$out .= ">$value</option>";
	}

	$out .= "</select></td>
</tr>
<tr>
	<td class=formright>Sticky:</td>
	<td class=formleft><input type=checkbox name=sticky";

	if ($sticky == "a") {
		$out .= " checked";
	}

	$out .= "></td>
</tr>
<tr>
	<td class=messtitle_nw colspan=2>Access Rights</td>
</tr>
<tr>
	<td class=formright>Group:</td>
	<td class=formleft><select name=UGroup>";

	$groups = get_groups();

	foreach ($groups as $key => $val) {
		$out .= "<option";
		if ($val['name'] == $UGroup) {
			$out .= " selected";
		}
		$out .= ">" . $val['name'] . "</option>";
	}	

	$out .= "</select></td>
</tr>
<tr valign=top>
	<td class=formright>&nbsp;</td>";

	$code = get_access_html($g_acc, $o_acc);
	$out .= "<td>$code</td>";

	$out .="\n</tr>
<tr>
	<td>&nbsp;</td>
	<td>(Leave blank to use the same permissions as the forum)</td>
</tr>";

	return $out;
}

function show_smilies($tab_width = "100%") {
	include 'config.php';
	$out = "\n<!-- Start of Smiley script -->
<script language=javascript>
<!--

function add_smiley(text) {
	document.form.post.value = document.form.post.value + text;
}

function add_url() {
	url = document.form.url.value;
	comment = document.form.comment.value;
	if (comment == \"\") {
		comment = url;
	}

	text = \"[url=\" + url + \"]\" + comment + \"[/url]\";

	document.form.post.value = document.form.post.value + text;
	document.form.url.value = \"\";
	document.form.comment.value = \"\";
}

function add_img() {
	img = document.form.img.value;
	text = \"[img]\" + img + \"[/img]\";
	document.form.post.value = document.form.post.value + text;
	document.form.img.value = \"\";
}


// -->
</script>
<tr>
	<td>&nbsp;</td>
	<td>
<table border=0 cellspacing=0>
<tr valign=top>
	<td>
<table border=0 cellspacing=0>";

	$sql = "SELECT COUNT(*) FROM " . $t_prefix . "Smilies";
	$res = mysql_query($sql);
	$count = mysql_result($res, 0);

	$sql = "SELECT URL, Shortcut FROM " . $t_prefix . "Smilies";
	$res = mysql_query($sql);

	$r_count = 0;
	$t_count = 0;

	while ($row = mysql_fetch_row($res)) {
		$URL = $row[0];
		$Shortcut = $row[1];
		if ($r_count == 0) {
			$out .= "<tr>";
		}

		$out .= "\n\t<td><a href=# onclick=\"javascript:add_smiley('$Shortcut');\">$URL</a></td>";

		$r_count ++;
		$t_count ++;

		if ($r_count == 4 || $t_count == $count) {
			$out .= "\n</tr>";
			$r_count = 0;
		}
	}

	$out .= "\n</table>
	</td>
<td>
	<table border=0 cellspacing=0 width=\"$tab_width\">
	<tr>
		<td class=messtitle_nw colspan=5>QuickURL</td>
	</tr>
	<tr>
		<td>URL:</td>
		<td><input name=url type=text></td>
		<td>Comment:</td>
		<td><input name=comment type=text></td>
		<td><input type=button onclick=\"javascript:add_url();\" value=\"Add URL\"></td>
	</tr>
	<tr>
		<td class=messtitle_nw colspan=5>QuickIMG</td>
	</tr>
	<tr>
		<td>IMG:</td>
		<td><input name=img type=text></td>
		<td><input type=button onclick=\"javascript:add_img();\" value=\"Add IMG\"></td>
	</tr>
	</table>
</td>
</tr>
</table>
</tr>
<!-- End of Smiley Script -->";

	return $out;
}

?>
Return current item: 427BB