<?
// ORDER BY topic_sticky DESC, topic_create_dt DESC LIMIT $startfrom,$topicsperpage
if(!isset($_GET['id'])) $_GET["id"]='0';
$id=substr($_GET["id"],0,5);
// Post new topic seciton
$error = false;
$submit_parm = '';
if (isset($_POST['new_title'])) $new_title=$_POST['new_title']; else $new_title='';
if (isset($_POST['new_message'])) $new_message=$_POST['new_message']; else $new_message='';
if (isset($_POST['new_submit']) && $user_level>=5 && is_numeric($_POST['new_forumid']) && $_POST['seccodeverify']=='')
{
if (strlen($new_title)<4 || strlen($new_message)<4) { $error='Topic or message is too short.'; goto register;}
if (strlen($new_title+$new_message)>$spam_maxpostlength) { $error='Topic or message is too short.'; goto register;}
if (preg_match("/\<|\>/si",$new_title.$new_message) && $user_level<9) { $error='HTML is not allowed.'; goto register;}
if (preg_match_all("/http/si",$new_title.$new_message)>3 && $user_level<9) { $error='HTML HTTP is not allowed.'; goto register;}
if (preg_match('#\b[0-9A-Za-z_]{'.$spam_maxwordlength.',}\b#s',$new_message)!=0) { $error='Some words are too long ( maxwordlength ).'; goto register;}
if (is_forumlocked($id) == TRUE && $user_level<9 ) { $error='Forum is locked.'; goto register;}
if ($spam_sec_num == true ) {
if (chr(substr($_POST['spam_sec_num2'],0,2)) + date("h") != substr($_POST['spam_sec_num3'],0,2 + date("h")) ) { $error='Wrong calculation.'; goto register; } // if POST spam_sec condition
} // if spam_sec num
if ($error== false ) // if for PHP<5.3
{
mysql_query("INSERT INTO board_topics
(topic_parent,topic_title,topic_create_dt,topic_lastpost_dt,topic_poster_id)
values ('".$_POST['new_forumid']."','".$new_title."','".time()."','".time()."','".$user_id."')") or die(mysql_error());
$post_parent_id=$_POST['new_forumid'];
$post_id=mysql_insert_id();
mysql_query("INSERT INTO board_comments
(post_parent_id,post_author_id,post_author_ip,post_create_dt,post_text)
values ('".mysql_insert_id()."','".$user_id."','".$user_ip."','".time()."','".$new_message."')
") or die(mysql_error());
mysql_query("UPDATE board_forums SET `forum_lastpost_id`='".$post_id."',`forum_numtopics` = `forum_numtopics` + 1 where `forum_id`='".$post_parent_id."' limit 1") or die(mysql_error());
$submit_parm = 'disabled';
} // if error==false
} //if isset new_submit
register:
// Post new topic end
$line = 0;
$page = 1;
if ($id==0)
{
$result = mysql_query("SELECT * from board_forums WHERE forum_parent='$id' order by forum_name asc") or die(mysql_error());
while($row = mysql_fetch_assoc($result))
{
$row_color = !$row_color;
echo "<div class='".$row_colors[$row_color]."'><h2>";
// print_r ($row);
if ($user_level==9) echo "<a href='?action=admin&action2=edit_forum&id=".$row['forum_id']."'>EDIT</a> ";
echo "<a href='?action=vforum&id=".$row['forum_id']."'>".$row['forum_name']."</a></h2>";
echo "<i>".$row['forum_desc']."  </i> <div>".$lang['last'].": <a href='?action=vtopic&id=".$row['forum_lastpost_id']."'>".substr(get_topic_title($row['forum_lastpost_id']),0,15)."</a>, Topics: ".$row['forum_numtopics']." </div>";
// echo '[forum_numtopics] => 0 [forum_numreplies] => 0 [forum_lastpost_id]<br/>';
echo "</div>";
} // while row
}
else
{
if (isset($_GET['page'])) { if(is_numeric($_GET['page'])) $page=substr($_GET['page'],0,5);}
$query = "SELECT * from board_topics WHERE topic_parent='$id' order by topic_sticky desc,topic_lastpost_dt desc limit ".($page -1) * $topicsperpage.",".$topicsperpage;
$result = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($result) == 0) { echo '<div class=even>'.$lang['empty'].'</div>';}
while($row = mysql_fetch_assoc($result))
{
$row_color = !$row_color;
$line++;
echo "<div class='".$row_colors[$row_color]."'><h2>";
if ($user_level==9) echo "<a href='?action=admin&action2=edit_topic&id=".$row['topic_id']."'>EDIT</a> ";
if ($row['topic_locked'] == true) echo '[L] ';
if ($row['topic_sticky'] == true) echo '[S] ';
if ($modrewrite == true )
{
echo "<a href='/topics/".$row['topic_id']."/".str_replace(" ",'_',$row['topic_title'])."'>".$row['topic_title']."</a>";
} else
{
echo "<a href='?action=vtopic&id=".$row['topic_id']."'>".$row['topic_title']."</a>";
} // else modrewrite false
echo "</h2>";
echo "".$lang['created'].': '.date("Y-m-d H:i",$row['topic_create_dt'])." by ".get_username($row['topic_poster_id']).' ,'.$lang['viewed'].': '.$row['topic_numviews']."";
if ($row['topic_numreplies']>0)
{ echo "<div>Last: ".date("Y-m-d",$row['topic_lastpost_dt'])." ".$lang['replies'].": ".$row['topic_numreplies']."</div>"; }
echo "";
echo "</div>";
} // while row
} // if id==0
// PAGINATION list
echo '<br><div class=\'pagination\'>'.$lang['page'].':';
if ($page>1) echo '<a href=\'?action=vforum&id='.$id.'&page='.($page-1).'\'>'.($page-1).'</a> ';
echo '< <a href=\'?action=vforum&id='.$id.'&page='.$page.'\'> '.$page.'</a> > ';
if ($line>=$topicsperpage) echo '<a href=\'?action=vforum&id='.$id.'&page='.($page+1).'\'>'.($page+1).'</a> ';
echo '</div><br>';
if ($id!=0)
{
echo "<div class=newreply>";
if ($user_level<5)
{
echo "<div class='error'>Your account doesn't have privileges to post new topic.</div><br>";
} else
{
echo "<div class='group'>".$lang['new_topic']."</div></br>";
if ($error) echo "<div class='error'>$error</div><br>";
echo "<form method=post>
Title:<br>
<input type=text name='new_title' value='".$new_title."'><br>
Message:<br>
<textarea name=new_message rows=6 ".$submit_parm.">".$new_message."</textarea><br><br>";
if ($spam_sec_num == true )
{
$spam_sec_num1= date ("h");
$spam_sec_num2= rand (1,9);
echo $spam_sec_num2." + ".$spam_sec_num1." = ? <input type=tel size=4 name='spam_sec_num3' ".$submit_parm."><input type=hidden name='spam_sec_num2' value='".ord($spam_sec_num2)."'><br><br>";
} // if spam_sec_num
echo "<input type=submit name='new_submit' value='submit' ".$submit_parm.">
<input type=hidden name='new_forumid' value='".$id."'>";
echo "<input id=\"seccodeverify\" type=\"text\" maxlength=\"4\" size=\"8\" name=\"seccodeverify\">"; // anti bot field generator spam , keep this value clear and hidden in css
echo "</form>";
} // if user level<5
echo "</div>";
} // id!=0