";
$p="-1";
while($post = mysqli_fetch_array($posts)){
$userpost=mysqli_fetch_array(mysqli_query($con,"SELECT users.*, posts.* FROM users INNER JOIN posts ON users.id = posts.user AND posts.id=$post[id]")) or die('error');
if ($post[thread]==$_GET[id]) {
$totalposts=mysqli_num_rows(mysqli_query($con,"SELECT * FROM posts WHERE thread=$_GET[id]"));
if ($totalposts>0) {
$postlist.="
$fonttag$boardname - $forums[title] - $threads[title]
";
}
}
if ($_POST[action]=="postreply") {
print "
$tblstart
";
if(!$_POST[message]){
print "$tccell1"."You left your post blank!";
print " Click here to return to the thread.";
print $footer;
die();
}
$users0=mysqli_query($con,"SELECT id,password,name FROM users");
if($loguserid) {
$userid=$loguserid;
$username=$users[name];
} else {
$userid=-1;
while($users1=mysqli_fetch_array($users0)){
if ($users1[2]==$_POST[username] and password_verify($_POST[password],$users1[1])) {
$userid = $users1[0];
$username=$_POST[username];
}
}
}
if ($userid!=-1) {
if (!$loguserid) $username=$_POST[username];
$s=0;
$message=str_replace("\x22",""",$_POST[message]);
$message=str_replace("")","")",$message);
$message=str_replace("src="","src=\"",$message);
// $msg=$message;
$message=str_replace(""","\x22",$message);
/*
if ($users[$userid][5]!="") {
$msg.="
-------------------- ".$users[$userid][5];
}
*/
$s=0;
while ($smilies[$s][0]!="") {
$smilie=$smilies[$s];
$smile=$smilie[0];
eval ("\$message=str_replace(\"$smile\",\"\",\$message);");
$s++;
}
$message=str_replace("
"," ",$message);
if ($_POST[submit]!="") {
$date=time();
$message1=mysqli_real_escape_string($con,$message);
mysqli_query($con,"UPDATE users SET posts = posts + 1, lastposttime = $date WHERE id = $userid") or die(mysqli_error($con));
mysqli_query($con,"INSERT INTO `posts` (`thread`, `user`, `date`, `ip`, `text`) VALUES ('$_POST[fid]', '$userid', '$date', '$userip', '$message1')") or die(mysql_error());
mysqli_query($con,"UPDATE threads SET lastpostdate = $date WHERE id = $_POST[fid]") or die(mysqli_error($con));
print "$tccell1"."Thank you, ".$username.", for submitting your post.";
print " Click here to go to the thread.
";
} else {
print "