Location: PHPKode > projects > 427BB > fourtwosevenbb/showpost.php
<?php
/*************************************************************************
 * 427BB - PHP & MySQL Forum                                             *
 * Copyright (C) 2003-2006 Ben Brown                                     *
 *                                                                       *
 * This program is free software; you can redistribute it and/or modify  *
 * it under the terms of the GNU General Public License as published by  *
 * the Free Software Foundation; version 2 of the License.               *
 *                                                                       *
 * This program is distributed in the hope that it will be useful,       *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of        *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *
 * GNU General Public License for more details.                          *
 *                                                                       *
 * A Copy of the GNU General Public License can be found in the file     *
 * 'liscence.txt' in the root of the forum directory.                    *
 *************************************************************************/

include 'func_chk.php';
include 'getvars.php';
include 'func_posts.php';
include 'func_pages.php';

$sql = "SELECT COUNT(*) FROM " . $t_prefix . "BlockedIPs WHERE IP='$ip'";
$res = mysql_query($sql);
$ipc = mysql_result($res, 0);

$post_id = intval($_REQUEST['post']);

if ($ipc != 0) {
        echo "<html>
<head><title>403 - FORBIDDEN</title>
<meta http-equiv=\"Content-Type\" content=\"text/html;charset=iso-8859-1\">
<meta name=\"AUTHOR\" value=\"Ben Brown\">
<meta name=\"GENERATOR\" value=\"VIM 6.2.0\">
<link rel=stylesheet type=text/css href=styles/white.css>
</head>
<body>
<div class=messtitle>403: Forbidden</div>
<div class=mess>You do not have permission to access this page.</div>
</body>
</html>";
        exit;
}

if ($username != NULL) {
        $chk_username = addslashes($username);
        $chk_sql = "SELECT UserType FROM " . $t_prefix . "Personal WHERE UserName='$chk_username'";
        $chk_res = mysql_query($chk_sql);
        $chk = mysql_result($chk_res, 0);

        if ($chk == "locked" || $chk == NULL) {
                $error = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<html>
<head><title>Locked</title>
<meta http-equiv=\"Content-Type\" content=\"text/html;charset=iso-8859-1\">
<meta name=\"AUTHOR\" value=\"Ben Brown\">
<meta name=\"GENERATOR\" value=\"VIM 6.2.0\">
<link rel=stylesheet type=text/css href=styles/white.css>
</head>
<body>
<div class=messtitle>";
                if ($chk == "locked") {
                        $error .= "Locked Account</div>
<div class=mess>Your account has been locked by an administrator, You will now be logged out.
<br><a href=./?logout=y>Click here to continue</a>";
                } else {
                        $error .= "Deleted Account</div>
<div class=mess>Your account has been deleted. If you beleive this was done in error, please contact an administrator.
<a href=./?logout=y>Click here to return to the forum</a>";
                }

                $error .= "</div>
</body>
</html>";
                echo $error;
                exit;
        }
}

$sql = "SELECT PageWidth, Style FROM " . $t_prefix . "Personal WHERE UserName='$chk_username'";
$res = mysql_query($sql);
$row = mysql_fetch_row($res);

$total_width = $row[0];

if (is_numeric($total_width) != TRUE) {
        $total_width = "100%";
}

$style = $row[1];

$sql = "SELECT DefaultStyle FROM " . $t_prefix . "Forum_inf";
$res = mysql_query($sql);
$row = mysql_fetch_row($res);
$def_style = $row[0];


if ($style != NULL) {
        $style .= ".css";
} else {
        $style = $def_style . ".css";
}

$out = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<!-- Start of Header -->
<html>
<head>
<title>Show Post</title>
<meta http-equiv=\"Content-Type\" content=\"text/html;charset=iso-8859-1\">
<meta name=\"AUTHOR\" value=\"Ben Brown\">
<meta name=\"GENERATOR\" value=\"VIM 6.2.0\">
<link rel=\"shortcut icon\" href=\"favicon.ico\">
<link rel=\"STYLESHEET\" type=\"text/css\" href=\"styles/$style\">
</head>
<body>";

$sql = "SELECT ID, UserName, Post, UTime, IP, InReplyTo, ThreadID From " . $t_prefix . "Posts WHERE ID=$post_id";

$res = mysql_query($sql);
while ($post_row = mysql_fetch_row($res)) {
        $p_id = $post_row[0];
        $p_user = stripslashes($post_row[1]);
        $post = stripslashes($post_row[2]);
        $utime = $post_row[3];
        $ip = $post_row[4];
        $inreply = stripslashes($post_row[5]);
	$ThreadID = $post_row[6];

	$t_sql = "SELECT Status FROM " . $t_prefix . "Threads WHERE ID=$ThreadID";
	$t_res = mysql_query($t_sql);
	$status = mysql_result($t_res, 0);

	$t_sql = "SELECT ThreadTitle, StartUser, UGroup, GroupRights, OtherRights FROM " . $t_prefix . "Threads WHERE ID=$ThreadID";
	$t_res = mysql_query($t_sql);
	$t_row = mysql_fetch_row($t_res);
	$title = stripslashes($t_row[0]);
	$threaduser = stripslashes($t_row[1]);
	$UGroup = $t_row[2];
	$g_acc = $t_row[3];
	$o_acc = $t_row[4];

	if ($g_acc == 0 && $o_acc == 0) {
        	$f_sql = "SELECT GroupRights, OtherRights FROM " . $t_prefix . "Forums WHERE ForumID=$ForumID";
		if (!$f_res = mysql_query($f_sql)) {
			echo "Error " . mysql_error() . "<br>$f_sql";
		}
		$f_row = mysql_fetch_row($f_res);

        	$g_acc = $f_row[0];
        	$o_acc = $f_row[1];
	}

	$acc = get_user_access($username, $UGroup, $g_acc, $o_acc);

	if ($acc['read'] != TRUE) {
        	include 'header.php';
		echo "<div class=messtitle>Access Denied</div>
		<div class=mess>You are not Authorised to view this page.</div>";
		include 'footer.php';
		exit;
	}


        $time = date("g:i:s a", $utime);
        $date = date("D j/m/Y", $utime);

        $pers = get_personal($p_user, $showsigs);

        $p_usertype = $pers[0];
        $sig = $pers[2];

        if ($p_usertype == "admin") {
                $u_style = "admin_name";
        } else {
                $u_style = "white";
        }

        if ($status != "locked") {
                $options = get_options($auth, $usertype, $username, $p_user, $p_id, $acc['write']);
        } else {
                $options = "&nbsp;";
        }

        $out .= "\n\n<table border=0 cellspacing=0 width=100%>
<tr>
        <td class=messtitle_nw><a name=$p_id href=\"profile.php?user=$p_user\" class=$u_style>$p_user</a></td>";
        if ($inreply != NULL) {
                $out .= "\n<td class=messtitle_nw><span class=small>Re: <a href=profile.php?user=$inreply class=white>$inreply</a></span></td>";
        } else {
                $out .= "\n<td class=messtitle_nw>&nbsp;</td>";
        }
        $out .= "\n<td class=messtitle_nw align=right style=\"font-size:10px\">$time on $date</td>
</tr>
<tr valign=top height=150>$pers[1]
        <td class=mess_nw colspan=2>";

        $out .= $post;

        if ($sig != NULL && $showsigs != 0) {
                $out .= "</td></tr>\n<tr valign=bottom>\n\t<td class=mess_nw colspan=2>$sig";
        }

        $out .= "</td>
</tr>
<tr>
        <td class=messtitle_nw><span class=small>";
        if ($usertype == "admin") {
                $out .= "IP: $ip";
        } else {
                $out .= "IP Logged.";
        }
        $out .= "</td>
        <td colspan=2 class=messtitle_nw>$options</td>
</tr>
</table>";

}

echo "$out
&nbsp;<br>
<center>
<a href=# onclick=\"javascript:window.close()\">Close Window</a>
</center>
</body>
</html>";

?>
Return current item: 427BB