Location: PHPKode > projects > AdaptBB > plugins/cms_integration_functions.php
<?php
//mysql_query("DELETE FROM adaptbb_forums WHERE id > 15");
//mysql_query("ALTER TABLE `adaptbb_forums`  AUTO_INCREMENT =16");

//mysql_query("DELETE FROM adaptbb_pm WHERE id > 7");
//mysql_query("ALTER TABLE `adaptbb_pm`  AUTO_INCREMENT =8");

$fetch = mysql_fetch_row(mysql_query("SELECT data,user_id FROM ".$pre."fielddata WHERE fname = 'cms_integration'"));
if ($fetch[0] && $fetch[1]) {
$preu = $fetch[0];
$cms = $fetch[1];

if ($cms == "AdaptCMS") {
	if ($_COOKIE[$cookiename."username"] && $_COOKIE[$cookiename."password"]) {
	$upd = sprintf("UPDATE ".$preu."users SET logged = '".time()."' WHERE username = '%s' AND password = '%s'",
    mysql_real_escape_string(check($_COOKIE[$cookiename."username"])),
    mysql_real_escape_string($_COOKIE[$cookiename."password"]));
	@mysql_query($upd);
	$prf2 = sprintf("SELECT email,level,rank,logged,date,id FROM ".$preu."users WHERE username = '%s' AND password = '%s'",
    mysql_real_escape_string(check($_COOKIE[$cookiename."username"])),
    mysql_real_escape_string($_COOKIE[$cookiename."password"]));
	//echo $prf2;
	$prf = @mysql_fetch_row(@mysql_query($prf2));
	$email = $prf[0];
	$group = $prf[1];
	$rank = $prf[2];
	$logged = $prf[3];
	$regdate = $prf[4];
	$useridn = $prf[5];

	$act = "yes";
	$ver = "yes";

	$grp2 = mysql_fetch_row(mysql_query("SELECT value FROM ".$preu."levels WHERE name = '".$group."'"));
	$grp = $grp2[0];
	} else {
	$grp2 = mysql_fetch_row(mysql_query("SELECT name FROM ".$preu."levels WHERE value = '' AND options = 'yes'"));
	$group = $grp2[0];
	}

	if ($_COOKIE[$cookiename."username"] && $_COOKIE[$cookiename."password"] && $useridn == "" && $_GET['do'] != "login" & $_GET['do'] != "logout" && $_GET['do'] != "register") {
	echo "Your information does not match. Please clear your cookies and <a href='".$mrw_1["register"]."register'>register</a> or <a href='".$mrw_1["login"]."login'>login</a>. Thank you.<br /><br />Stopping Script.";
	die;
	}
	if ($_COOKIE[$cookiename."skin"]) {
	$skin = $_COOKIE[$cookiename."skin"];
	} else {
	$skin1 = mysql_fetch_row(mysql_query("SELECT name FROM ".$pre."skins WHERE template = 'skin' ORDER BY `id` DESC"));
	$skin = $skin1[0];
	}

	if ($ptype == "acp") {
	$adinfo = sprintf("SELECT email,level,rank,logged,date,id FROM ".$preu."users WHERE username = '%s' AND password = '%s'",
    mysql_real_escape_string(check($_SESSION[$cookiename."username"])),
    mysql_real_escape_string($_SESSION[$cookiename."password"]));
	$admin_info = @mysql_fetch_row(@mysql_query($adinfo));
	}

if ($ptype == "bb") {
if ($_GET['do'] == "memberslist") {

if(!isset($_GET['page'])){
    $page = 1;
} else {
    $page = $_GET['page'];
}
$from = (($page * $setting["topics_limit"]) - $setting["topics_limit"]);

if ($_GET['by'] == "") {
$sort_by = "`logged`";
} else {
$_GET['by'] = strip_tags(htmlentities(stripslashes($_GET['by'])));
$sort_by = "`".$_GET['by']."`";
$pga .= "&by=".$_GET['by'];
}
if ($_GET['how'] == "") {
$sort_how = " DESC";
} else {
$_GET['how'] = strip_tags(htmlentities(stripslashes($_GET['how'])));
$sort_how = " ".$_GET['how'];
$pga .= "&how=".$_GET['how'];
}
if ($_GET['rank']) {
$_GET['rank'] = strip_tags(htmlentities(stripslashes($_GET['rank'])));
$ord .= " WHERE rank = '".$_GET['rank']."'";
} elseif ($_GET['group']) {
$_GET['group'] = strip_tags(htmlentities(stripslashes($_GET['group'])));
$ord .= " WHERE level = '".$_GET['group']."'";
}
$sortby = $sort_by.$sort_how." LIMIT $from, ".$setting["topics_limit"];

$total_results = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ".$preu."users".$ord),0);
$total_pages = ceil($total_results / $setting['topics_limit']);

if ($total_pages > "1") {
$pages .= "<b>Page(s):</b> ";

// Build Previous Link
if($page > 1){
	    $test = ($page - 1);
    $pages .= "<a href=\"{siteurl}index.php?do=memberslist".$pga."&page=$test\"><b>Previous</b></a>&nbsp;";
}

for($i = 1; $i <= $total_pages; $i++){
    if(($page) == $i){
        $pages .= "$i&nbsp;";
        } else {
            $pages .= "<a href=\"{siteurl}index.php?do=memberslist".$pga."&page=$i\">$i</a>&nbsp;";
    }
}

// Build Next Link
if($page < $total_pages){
    $next = ($page + 1);
    $pages .= "<a href=\"{siteurl}index.php?do=memberslist".$pga."&page=$next\"><b>Next</b></a>";
}
}

$i = 0;
$sql = mysql_query("SELECT * FROM ".$preu."users ".$ord." ORDER BY ".$sortby);
while($r = mysql_fetch_array($sql)) {
$color = mysql_fetch_row(mysql_query("SELECT color FROM ".$preu."ranks WHERE name = '".$r[rank]."'"));
if (!$color) {
$color = mysql_fetch_row(mysql_query("SELECT color FROM ".$preu."ranks WHERE name = '".$r[rank]."'"));
}
$topics = mysql_num_rows(mysql_query("SELECT * FROM ".$pre."posts WHERE post_type != 'post' AND user_id = '".$r[id]."'"));
$posts = mysql_num_rows(mysql_query("SELECT * FROM ".$pre."posts WHERE post_type = 'post' AND user_id = '".$r[id]."'"));
$posts = $topics + $posts;

$adata[] = "{username}";
$adata[] = "{user_id}";
$adata[] = "{id}";
$adata[] = "{email}";
$adata[] = "{level}";
$adata[] = "{group}";
$adata[] = "{rank}";
$adata[] = "{date}";
$adata[] = "{join_date}";
$adata[] = "{last_visit}";
$adata[] = "{edit_profile}";
$adata[] = "{posts}";
$adata[] = "{topics}";
$adata[] = "{class}";

$bdata[] = get_user($r[id], "");
$bdata[] = $r[id];
$bdata[] = $r[id];
$bdata[] = $r[email];
$bdata[] = "<a href='".$siteurl."index.php?do=memberslist".$pga."&group=".$r[level]."'>".$r[level]."</a>";
$bdata[] = "<a href='".$siteurl."index.php?do=memberslist".$pga."&group=".$r[level]."'>".$r[level]."</a>";
$bdata[] = "<a href='".$siteurl."index.php?do=memberslist".$pga."&rank=".$r[rank]."'><font color='".$color[0]."'>".ucwords($r[rank])."</font></a>";
$bdata[] = date($setting['date_format'], $r[date]);
$bdata[] = date($setting['date_format'], $r[date]);
$bdata[] = date($setting['date_format'], $r[logged]);
if ($_COOKIE[$cookiename."username"]) {
$bdata[] = "<a href='".$mrw["edit_profile"]."'>Edit Profile</a>";
} else {
$bdata[] = "";
}
$bdata[] = $posts;
$bdata[] = $topics;
if (($i % 2) === 0) {
$bdata[] = " class='light'";
} else {
$bdata[] = " class='dark'";
}

// start - custom fields
unset($name, $data, $row);
$sql_cf = mysql_query("SELECT * FROM ".$pre."fields WHERE ftype = 'user-profile'");
while ($row = mysql_fetch_array($sql_cf)) {
$name = "$row[name]";
$names .= ",".$name;

$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$pre."fielddata WHERE fname = '".$name."' AND user_id = '".$r[id]."'  ORDER BY `id` DESC"));
if (!$data) {
$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$preu."fielddata WHERE fname = '".$name."' AND aid = '".$r[username]."'  ORDER BY `id` DESC"));
}
$fdata[$name] = $data[0];

if ($data[0]) {
$adata[] = "{".$name."}";
if ($row[field_type] == "textarea") {
$bdata[] = parse_text($data[0]);
} else {
$bdata[] = stripslashes(html_entity_decode($data[0]));
}
} else {
$adata[] = "{".$name."}";
$bdata[] = "";
}
}
// end - custom fields

// start - custom fields
unset($name, $data, $row);
$sql_cf = mysql_query("SELECT * FROM ".$preu."fields WHERE cat = 'user-profile'");
while ($row = mysql_fetch_array($sql_cf)) {
$name = "$row[name]";
if (stristr($name, $names) == FALSE) {
$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$preu."fielddata WHERE fname = '".$name."' AND aid = '".$r[username]."'  ORDER BY `id` DESC"));
$fdata[$name] = $data[0];

if ($data[0]) {
$adata[] = "{".$name."}";
if ($row[type] == "textarea") {
$bdata[] = parse_text($data[0]);
} else {
$bdata[] = stripslashes(html_entity_decode($data[0]));
}
} else {
$adata[] = "{".$name."}";
$bdata[] = "";
}
}
}
// end - custom fields

$content .= str_replace($adata, $bdata, stripslashes(template("memberslist_list")));
unset($adata, $bdata);
$i = $i + 1;
}
}

if ($_GET['do'] == "profile") {
$r = mysql_fetch_row(mysql_query("SELECT id,email,level,rank,date,username FROM ".$preu."users WHERE username = '".check($_GET['user'])."'")); // gets basic info of user
$color = mysql_fetch_row(mysql_query("SELECT color FROM ".$preu."ranks WHERE name = '".$r[3]."'"));

// start - custom fields
unset($name, $data, $row);
$sql_cf = mysql_query("SELECT * FROM ".$pre."fields WHERE ftype = 'user-profile'");
while ($row = mysql_fetch_array($sql_cf)) {
$name = "$row[name]";
$names .= ",".$name;

$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$pre."fielddata WHERE fname = '".$name."' AND user_id = '".$r[0]."'  ORDER BY `id` DESC"));
if (!$data) {
$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$preu."fielddata WHERE fname = '".$name."' AND aid = '".$r[5]."'  ORDER BY `id` DESC"));
}
$fdata[$name] = $data[0];

if ($data[0]) {
$adata[] = "{".$name."}";
if ($row[field_type] == "textarea") {
$bdata[] = parse_text($data[0]);
} else {
$bdata[] = stripslashes(html_entity_decode($data[0]));
}
} else {
$adata[] = "{".$name."}";
$bdata[] = "";
}
}
// end - custom fields

// start - custom fields
unset($name, $data, $row);
$sql_cf = mysql_query("SELECT * FROM ".$preu."fields WHERE cat = 'user-profile'");
while ($row = mysql_fetch_array($sql_cf)) {
$name = "$row[name]";
if (stristr($name, $names) == FALSE) {
$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$preu."fielddata WHERE fname = '".$name."' AND aid = '".$r[5]."'  ORDER BY `id` DESC"));
$fdata[$name] = $data[0];

if ($data[0]) {
$adata[] = "{".$name."}";
if ($row[type] == "textarea") {
$bdata[] = parse_text($data[0]);
} else {
$bdata[] = stripslashes(html_entity_decode($data[0]));
}
} else {
$adata[] = "{".$name."}";
$bdata[] = "";
}
}
}
// end - custom fields
}

if ($_GET['do'] == "edit_profile") {
if (!$_POST['submit']) {
// start - custom fields
unset($name, $row, $data, $r, $sql_cf, $s, $fdata);
$sql_cf = mysql_query("SELECT * FROM ".$pre."fields WHERE ftype = 'user-profile'");
while ($r = mysql_fetch_array($sql_cf)) {
$names .= ",".$r[name];
$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$pre."fielddata WHERE fname = '".$r[name]."' AND user_id = '".$useridn."' ORDER BY `id` DESC"));
if (!$data) {
$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$preu."fielddata WHERE fname = '".$r[name]."' AND aid = '".$_COOKIE[$cookiename."username"]."' ORDER BY `id` DESC"));
}
$fdata = stripslashes(html_entity_decode($data[0]));
$show .= "<input type='hidden' name='id[]' value='".$r[name]."'><input type='hidden' name='cfdata_".$r[name]."' value='".htmlentities(stripslashes($fdata))."'>";

$s = str_replace("_", " ", $r[name]);
$s = str_replace("-", " ", $s);
$s = str_replace("user", "", $s);

$show .= "<tr><td><b>".ucwords($s).":</b></td><td>";

if ($r[field_type] == "textfield") {
$show .= "<input type='text' name='cf_".$r[name]."' size='16' style='font-family: tahoma; font-size: 11px; border: 1px solid #444444' value='".$fdata."'></td><td>".stripslashes($r[des]);
}
if ($r[field_type] == "textarea") {
$show .= "<input type='hidden' name='cfield_type_".$r[name]."' value='textarea'><textarea cols='60' rows='16' id='cf_".$r[name]."' name='cf_".$r[name]."' style='font-family: tahoma; font-size: 11px; border: 1px solid #444444'>".$fdata."</textarea></td><td>".stripslashes($r[des]);
}
if ($r[field_type] == "radio") {
$ex = explode(",", $r[info]);
sort($ex);
while (list(, $a) = each ($ex)) {
$show .= $a." <input type='radio' name='cf_".$r[name]."' value='".$a."' style='font-family: tahoma; font-size: 11px; border: 1px solid #444444'";
if ($a == $fdata) {
$show .= " checked";
}
$show .= ">";
}
$show .= "</td><td>".stripslashes($r[des]);
}
if ($r[field_type] == "checkbox") {
$ex = explode(",", $r[info]);
sort($ex);
while (list(, $a) = each ($ex)) {
$show .= $a." <input type='checkbox' name='cf_".$r[name]."' value='".$a."' style='font-family: tahoma; font-size: 11px; border: 1px solid #444444'";
if ($a == $fdata) {
$show .= " checked";
}
$show .= ">";
}
$show .= "</td><td>".stripslashes($r[des]);
}
if ($r[field_type] == "select") {
$show .= "<select name='cf_".$r[name]."' style='font-family: tahoma; font-size: 11px; border: 1px solid #444444'><option value=''>-- Select --</option>";
$ex = explode(",", $r[info]);
sort($ex);
while (list(, $a) = each ($ex)) {
$show .= "<option value='".$a."'";
if ($a == $fdata) {
$show .= " selected>- ";
} else {
$show .= ">";
}
$show .= ucwords($a);
if ($a == $fdata) {
$show .= " -";
}
$show .= "</option>";
}
$show .= "</select></td><td>".stripslashes($r[des]);
}

$show .= "</td></tr>";
}
// end - custom fields

// start - custom fields
unset($name, $row, $data, $r, $sql_cf, $s, $fdata);
$sql_cf = mysql_query("SELECT * FROM ".$preu."fields WHERE cat = 'user-profile'");
while ($r = mysql_fetch_array($sql_cf)) {
if (preg_match("/".$r[name]."/", $names) == FALSE) {
$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$preu."fielddata WHERE fname = '".$r[name]."' AND aid = '".$_COOKIE[$cookiename."username"]."' ORDER BY `id` DESC"));
$fdata = stripslashes(html_entity_decode($data[0]));
$show .= "<input type='hidden' name='id2[]' value='".$r[name]."'><input type='hidden' name='cf2data_".$r[name]."' value='".htmlentities(stripslashes($fdata))."'>";

$s = str_replace("_", " ", $r[name]);
$s = str_replace("-", " ", $s);
$s = str_replace("user", "", $s);

$show .= "<tr><td><b>".ucwords($s).":</b></td><td>";

if ($r[type] == "textfield") {
$show .= "<input type='text' name='cf2_".$r[name]."' size='16' style='font-family: tahoma; font-size: 11px; border: 1px solid #444444' value='".$fdata."'></td><td>".stripslashes($r[des]);
}
if ($r[type] == "textarea") {
$show .= "<input type='hidden' name='ctype_".$r[name]."' value='textarea'><textarea cols='60' rows='16' id='cf2_".$r[name]."' name='cf2_".$r[name]."' style='font-family: tahoma; font-size: 11px; border: 1px solid #444444'>".$fdata."</textarea></td><td>".stripslashes($r[des]);
}
if ($r[type] == "radio") {
$ex = explode(",", $r[info]);
sort($ex);
while (list(, $a) = each ($ex)) {
$show .= $a." <input type='radio' name='cf2_".$r[name]."' value='".$a."' style='font-family: tahoma; font-size: 11px; border: 1px solid #444444'";
if ($a == $fdata) {
$show .= " checked";
}
$show .= ">";
}
$show .= "</td><td>".stripslashes($r[des]);
}
if ($r[type] == "checkbox") {
$ex = explode(",", $r[info]);
sort($ex);
while (list(, $a) = each ($ex)) {
$show .= $a." <input type='checkbox' name='cf2_".$r[name]."' value='".$a."' style='font-family: tahoma; font-size: 11px; border: 1px solid #444444'";
if ($a == $fdata) {
$show .= " checked";
}
$show .= ">";
}
$show .= "</td><td>".stripslashes($r[des]);
}
if ($r[type] == "select") {
$show .= "<select name='cf2_".$r[name]."' style='font-family: tahoma; font-size: 11px; border: 1px solid #444444'><option value=''>-- Select --</option>";
$ex = explode(",", $r[info]);
sort($ex);
while (list(, $a) = each ($ex)) {
$show .= "<option value='".$a."'";
if ($a == $fdata) {
$show .= " selected>- ";
} else {
$show .= ">";
}
$show .= ucwords($a);
if ($a == $fdata) {
$show .= " -";
}
$show .= "</option>";
}
$show .= "</select></td><td>".stripslashes($r[des]);
}

$show .= "</td></tr>";
}
}
// end - custom fields
} else {

while (@list(, $i) = @each ($_POST['id'])) {
if ($i) {
if (strtolower($setting["wysiwyg"]) == "no" && $_POST["cftype_$i"]) {
$autobr = preg_replace("/<br>\n/","\n",addslashes($_POST["cf_$i"]));
$autobr = preg_replace("/<br \/>\n/","\n",addslashes($_POST["cf_$i"]));
$autobr = preg_replace("/(\015\012)|(\015)|(\012)/","<br />\n",addslashes($_POST["cf_$i"]));
$text = $autobr;
//$text = preg_replace("/\n/", "<br />\n", addslashes($_POST["cf_$i"]));
} else {
$text = addslashes($_POST["cf_$i"]);
}
if ($text) {
if ($_POST["cfdata_$i"] == "") {
@mysql_query("INSERT INTO ".$pre."fielddata VALUES (null, '".$i."', '".check($text)."', '".$useridn."')");
} else {
@mysql_query("UPDATE ".$pre."fielddata SET data = '".check($text)."' WHERE fname = '".$i."' AND user_id = '".$useridn."'");
}
}
}
}

unset($i, $text, $autobr);
if ($_POST['id2']) {
while (list(, $k) = each ($_POST['id2'])) {
if ($k) {
if (strtolower($setting["wysiwyg"]) == "no" && $_POST["cf2type_$k"]) {
$autobr = preg_replace("/<br>\n/","\n",addslashes($_POST["cf2_$k"]));
$autobr = preg_replace("/<br \/>\n/","\n",addslashes($_POST["cf2_$k"]));
$autobr = preg_replace("/(\015\012)|(\015)|(\012)/","<br />\n",addslashes($_POST["cf2_$k"]));
$text = $autobr;
//$text = preg_replace("/\n/", "<br />\n", addslashes($_POST["cf2_$k"]));
} else {
$text = addslashes($_POST["cf2_$k"]);
}
if ($text) {
if ($_POST["cf2data_$k"] == "") {
mysql_query("INSERT INTO ".$preu."fielddata VALUES (null, '".$k."', '".check($text)."', '".$_COOKIE[$cookiename."username"]."')");
} else {
mysql_query("UPDATE ".$preu."fielddata SET data = '".check($text)."' WHERE fname = '".$k."' AND aid = '".$_COOKIE[$cookiename."username"]."'");
}
}
}
}
}


}
}

if ($_GET['do'] == "register" && $_POST['reg_submit']) {
$pass = mysql_real_escape_string(check($_POST['password']));
$_POST['username'] = mysql_real_escape_string(check($_POST['username']));
$_POST['password']= md5(mysql_real_escape_string(check($_POST['password'])));
$_POST['email'] = mysql_real_escape_string(check($_POST['email']));

if ($_POST['username'] && $_POST['password'] && valid_email($_POST['email']) == TRUE) {
if (md5(strtoupper($_POST['captcha'])) == $_SESSION['captcha']) {
if (mysql_num_rows(mysql_query("SELECT * FROM ".$preu."users WHERE username = '".$_POST['username']."'")) == 0 && mysql_num_rows(mysql_query("SELECT * FROM ".$preu."users WHERE email = '".$_POST['email']."'")) == 0) {

$fetch = mysql_fetch_row(mysql_query("SELECT name FROM ".$preu."levels WHERE value = '3' AND options = 'yes' OR value = '3' ORDER BY `id` DESC"));
$fetch2 = mysql_fetch_row(mysql_query("SELECT name FROM ".$preu."ranks WHERE prequired = '0' ORDER BY `id` DESC"));

$sqly = mysql_query("INSERT INTO ".$preu."users VALUES (null, '".$_POST['username']."', '".$_POST['password']."', '".$_POST['email']."', '".$fetch[0]."', '".$fetch2[0]."', '".time()."', '".time()."')");
$register = 1;
}
}
}
}

if ($_GET['do'] == "messages" && $_GET['view'] == "send") {
$sql = mysql_query("SELECT * FROM ".$preu."users");
while($r = mysql_fetch_array($sql)) {
if ($r[username] != $_COOKIE[$cookiename."username"]) {
$to_who .= "<option value='".$r[id]."'>".$r[username]."</option>";
}
}
}

if ($_GET['do'] == "messages" && $_GET['view'] == "message" && $_GET['id']) {
$sql = mysql_query("SELECT * FROM ".$pre."pm WHERE id = '".$_GET['id']."' AND receiver_id = '".$useridn."' OR id = '".$_GET['id']."' AND sender_id = '".$useridn."'");
while($r = mysql_fetch_array($sql)) {
$poster = mysql_fetch_row(mysql_query("SELECT email,username FROM ".$preu."users WHERE id = '".$r[sender_id]."'"));

// start - custom fields
unset($name, $data, $row);
$sql_cf = mysql_query("SELECT * FROM ".$preu."fields WHERE cat = 'user-profile'");
while ($row = mysql_fetch_array($sql_cf)) {
$name = "$row[name]";

$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$preu."fielddata WHERE fname = '".$name."' AND aid = '".$poster[1]."'  ORDER BY `id` DESC"));
$fdata[$name] = $data[0];
$names .= $name;

if ($data[0]) {
$cdata[] = "{".$name."}";
if ($row[type] == "textarea") {
//$ddata[] = parse_text($data[0]);
$ddata[] = str_replace("</ul>","</ul><br />",str_replace("</p>","</p><br />",parse_text($data[0])));
} else {
$ddata[] = stripslashes(html_entity_decode($data[0]));
}
} else {
$cdata[] = "{".$name."}";
$ddata[] = "";
}
}
// end - custom fields

// start - custom fields
unset($name, $data, $row, $sql_cf, $fdata);
$sql_cf = mysql_query("SELECT * FROM ".$pre."fields WHERE ftype = 'user-profile'");
while ($row = mysql_fetch_array($sql_cf)) {
$name = "$row[name]";

if (stristr($name, $names) == FALSE) {
$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$pre."fielddata WHERE fname = '".$name."' AND user_id = '".$r[sender_id]."'  ORDER BY `id` DESC"));
$fdata[$name] = $data[0];

if ($data[0]) {
$cdata[] = "{".$name."}";
if ($row[field_type] == "textarea") {
//$ddata[] = parse_text($data[0]);
$ddata[] = str_replace("</ul>","</ul><br />",str_replace("</p>","</p><br />",parse_text($data[0])));
} else {
$ddata[] = stripslashes(html_entity_decode($data[0]));
}
} else {
$cdata[] = "{".$name."}";
$ddata[] = "";
}
}
}
// end - custom fields
}
}

if ($_GET['do'] == "topic") {
if(!isset($_GET['page'])){
    $page = 1;
} else {
    $page = $_GET['page'];
}
$from = (($page * $setting["topics_limit"]) - $setting["topics_limit"]);

if ($_GET['by'] == "") {
$sort_by = "`lpostdate`";
} else {
$_GET['by'] = strip_tags(htmlentities(stripslashes($_GET['by'])));
$sort_by = "`".$_GET['by']."`";
}
if ($_GET['how'] == "") {
$sort_how = " DESC";
} else {
$_GET['how'] = strip_tags(htmlentities(stripslashes($_GET['how'])));
$sort_how = " ".$_GET['how'];
}
$sortby = "`id` ASC, ".$sort_by.$sort_how." LIMIT $from, ".$setting["topics_limit"];

$sql = mysql_query("SELECT * FROM ".$pre."posts WHERE topic_id = '".$_GET['topic_id']."' ORDER BY ".$sortby);
while($r = mysql_fetch_array($sql)) {
unset($name, $data, $row, $sql_cf, $fdata, $id, $names);
$n = 29;

$id = $r[id];
if ($r[post_type] == "post") {
$type = " OR ftype = 'new_reply' OR ftype = 'quick_reply'";
$type2 = " OR cat = 'new_reply' OR cat = 'quick_reply'";
} elseif ($r[post_type] != "post") {
$type = " OR ftype = 'new_topic'";
$type2 = " OR cat = 'new_topic'";
}

$poster = mysql_fetch_row(mysql_query("SELECT email,username FROM ".$preu."users WHERE id = '".$r[user_id]."'"));

// start - custom fields
unset($name, $data, $row);
$sql_cf = mysql_query("SELECT * FROM ".$preu."fields WHERE cat = 'user-profile'".$type2);
while ($row = mysql_fetch_array($sql_cf)) {
$name = "$row[name]";

$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$preu."fielddata WHERE fname = '".$name."' AND aid = '".$poster[1]."'  ORDER BY `id` DESC"));
$fdata[$name] = $data[0];
$names .= $name;

if ($data[0]) {
$n = $n + 1;
$cdata[$id][$n] = "{".$name."}";
if ($row[type] == "textarea") {
//$ddata[] = parse_text($data[0]);
$ddata[$id][$n] = str_replace("</ul>","</ul><br />",str_replace("</p>","</p><br />",parse_text($data[0])));
} else {
$ddata[$id][$n] = stripslashes(html_entity_decode($data[0]));
}
} else {
$n = $n + 1;
$cdata[$id][$n] = "{".$name."}";
$ddata[$id][$n] = "";
}
}
// end - custom fields

// start - custom fields
unset($name, $data, $row, $sql_cf, $fdata);
$sql_cf = mysql_query("SELECT * FROM ".$pre."fields WHERE ftype = 'user-profile'".$type);
while ($row = mysql_fetch_array($sql_cf)) {
$name = "$row[name]";

if (preg_match("/".$name."/", $names) == FALSE) {
$data = mysql_fetch_row(mysql_query("SELECT data FROM ".$pre."fielddata WHERE fname = '".$name."' AND user_id = '".$r[user_id]."'  ORDER BY `id` DESC"));
$fdata[$name] = $data[0];

if ($data[0]) {
$n = $n + 1;
$cdata[$id][$n] = "{".$name."}";
if ($row[field_type] == "textarea") {
//$ddata[] = parse_text($data[0]);
$ddata[$id][$n] = str_replace("</ul>","</ul><br />",str_replace("</p>","</p><br />",parse_text($data[0])));
} else {
$ddata[$id][$n] = stripslashes(html_entity_decode($data[0]));
}
} else {
$n = $n + 1;
$cdata[$id][$n] = "{".$name."}";
$ddata[$id][$n] = "";
}
}
}
// end - custom fields
}
}

if (!$_GET['do']) {
$ranksql = mysql_query("SELECT * FROM ".$preu."ranks ORDER BY `prequired` ASC LIMIT 5");
}
if ($_GET['do'] == "forum") {
$ranksql = mysql_query("SELECT * FROM ".$preu."ranks ORDER BY `prequired` ASC LIMIT 5");
}

if ($_GET['do'] == "new_topic" && $_POST['message'] or $_GET['do'] == "new_reply" && $_POST['message']) {
$rank = mysql_fetch_row(mysql_query("SELECT prequired FROM ".$preu."ranks WHERE name = '".$rank."'"));
$postcount = mysql_num_rows(mysql_query("SELECT * FROM ".$pre."posts WHERE user_id = '".$useridn."'"));

$ranks = mysql_query("SELECT * FROM ".$preu."ranks ORDER BY `prequired` ASC");
while($s = mysql_fetch_array($ranks)) {
if ($postcount >= $s[prequired]) {
if ($s[prequired] > $rank[0]) {
mysql_query("UPDATE ".$preu."users SET rank = '".$s[name]."' WHERE id = '".$useridn."'");
}
}
}
}

}

}
}
?>
Return current item: AdaptBB