191 lines
7.2 KiB
PHP
191 lines
7.2 KiB
PHP
<?php
|
||
require("function.php");
|
||
require("layout.php");
|
||
|
||
$fid = $_GET['id'];
|
||
if(!$_GET[id]) $fid=$_POST[fid];
|
||
$forums=mysqli_fetch_array(mysqli_query($con,"SELECT * FROM forums WHERE id = $fid"));
|
||
|
||
$users=mysqli_fetch_array(mysqli_query($con,"SELECT * FROM users WHERE id = $loguserid")) or print "";
|
||
|
||
$posticons=file("posticons.dat");
|
||
$posticonlist="";
|
||
$i=0;
|
||
while ($posticons[$i]!="") {
|
||
$posticonlist.="<INPUT type=radio name=\"iconid\" value=$posticons[$i]> <IMG SRC=$posticons[$i] HEIGHT=15 WIDTH=15>  ";
|
||
$i++;
|
||
if (round($i/10)==($i/10)) {
|
||
$posticonlist.="<br>";
|
||
}
|
||
}
|
||
$posticonlist.="<br><INPUT type=radio name=\"iconid\" value=\"\" checked=1> None";
|
||
if ($logpassword!="" and $users[password]==md5($logpassword)) {
|
||
$username=$users[name];
|
||
$password=$logpassword;
|
||
}
|
||
|
||
|
||
$smilies=readsmilies();
|
||
$tccellha="<td bgcolor=$tableheadbg";
|
||
$tccellhb="><center>$fonthead";
|
||
print "$header<br>";
|
||
if ($_POST[action]=="" and $forums[id]>-1) {
|
||
print "$fonttag<a href=index.php>$boardname</a> - <a href=forum.php?id=$forums[id]>".$forums[title]."</a>
|
||
<table border=0 bgcolor=$tableborder width=$tablewidth align=center cellpadding=0 cellspacing=0>
|
||
<td>
|
||
<FORM ACTION=\"newthread.php\" NAME=\"REPLIER\" METHOD=\"POST\">
|
||
<table border=0 cellpadding=2 cellspacing=1 width=100% bgcolor=$tableborder>
|
||
";
|
||
|
||
$replytable="$tccellha width=150$tccellhb"." </font></td>";
|
||
$replytable.="$tccellh"." </td><tr>";
|
||
|
||
if (!$loguserid) {
|
||
$replytable.="$tccell1"."<b>User name:</td>";
|
||
$replytable.="$tccell2"."</center><INPUT TYPE=TEXT NAME=\"username\" SIZE=25 MAXLENGTH=25></td><tr>";
|
||
$replytable.="$tccell1"."<b>Password:</td>";
|
||
$replytable.="$tccell2"."</center><INPUT TYPE=PASSWORD NAME=\"password\" SIZE=13 MAXLENGTH=13></td><tr>";
|
||
} else {
|
||
$replytable.="$tccell1"."<b>Alternate login</td>";
|
||
$replytable.="$tccell2"."</center><s>Use an alternate login</s> -- Coming soon!</td><tr>";
|
||
}
|
||
|
||
$replytable.="$tccell1"."<b>Thread title:</td>";
|
||
$replytable.="$tccell2"."</center><INPUT TYPE=TEXT NAME=\"subject\" VALUE=\"\" SIZE=40 MAXLENGTH=40></td><tr>";
|
||
$replytable.="$tccell1"."<b>Thread icon:</td>";
|
||
$replytable.="$tccell2"."</center>$posticonlist</td><tr>";
|
||
$replytable.="$tccell1"."<b>Post:</td>";
|
||
$replytable.="$tccell2"."</center><TEXTAREA NAME=\"message\" ROWS=20 COLS=60 WRAP=VIRTUAL></TEXTAREA></td><tr>";
|
||
$replytable.="$tccell1"." </td>";
|
||
$replytable.="$tccell2"."</center>
|
||
<INPUT TYPE=HIDDEN NAME=\"fid\" VALUE=\"$fid\">
|
||
<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"postthread\">
|
||
<INPUT TYPE=HIDDEN NAME=\"ids\" VALUE=\"$_GET[id]\">
|
||
<INPUT TYPE=HIDDEN NAME=\"id\" VALUE=\"$id\">
|
||
<INPUT TYPE=Submit NAME=\"submit\" VALUE=\"Submit thread\">
|
||
<INPUT TYPE=Submit NAME=\"preview\" VALUE=\"Preview post\"></td></FORM>";
|
||
print "$replytable</td>
|
||
</table>
|
||
";
|
||
print "
|
||
</table>
|
||
</td>
|
||
</table>
|
||
|
||
$fonttag<a href=index.php>$boardname</a> - <a href=forum.php?id=$forums[id]>".$forums[title]."</a>
|
||
";
|
||
}
|
||
if ($_POST[action]=="postthread") {
|
||
print "
|
||
<table border=0 bgcolor=$tableborder width=$tablewidth align=center cellpadding=0 cellspacing=0>
|
||
<td>
|
||
<table border=0 cellpadding=2 cellspacing=1 width=100% bgcolor=$tableborder>
|
||
";
|
||
if(!$_POST[message] or !$_POST[subject]){
|
||
print "$tccell1"."You left something blank!";
|
||
print "<br>Click <a href=forum.php?id=$id>here</a> to return to the forum.";
|
||
print $footer;
|
||
die();
|
||
|
||
}
|
||
|
||
$users0=mysqli_query($con,"SELECT id,password,name FROM users");
|
||
|
||
|
||
if($loguserid) {
|
||
$userid=$loguserid;
|
||
$username=$users[name];
|
||
|
||
} else {
|
||
$userid=-1;
|
||
while($users1=mysqli_fetch_array($users0)){
|
||
if ($users1[2]==$_POST[username] and password_verify($_POST[password],$users1[1])) {
|
||
$userid = $users1[0];
|
||
$username=$_POST[username];
|
||
}
|
||
}
|
||
}
|
||
|
||
if ($userid!=-1) {
|
||
if (!$loguserid) $username=$_POST[username];
|
||
$message=str_replace("\x22",""",$_POST[message]);
|
||
$msg=$message;
|
||
$message=str_replace(""","\x22",$message);
|
||
$posticons=file("posticons.dat");
|
||
$posticon=$_POST[posticons[$iconid]];
|
||
if ($_POST[iconid]==-1) {
|
||
$posticon="";
|
||
}
|
||
/*
|
||
|
||
$threadline=$id."<22>".$userid."<22>0<EFBFBD>0<EFBFBD>".$subject."<22>".$posticon;
|
||
if ($users[$userid][5]!="") {
|
||
$message.="<br><br>--------------------<br>".$users[$userid][5];
|
||
}
|
||
*/
|
||
$t--;
|
||
$s=0;
|
||
while ($smilies[$s][0]!="") {
|
||
$smilie=$smilies[$s];
|
||
$smile=$smilie[0];
|
||
eval ("\$message=str_replace(\"$smile\",\"<img src=$smilie[1]>\",\$message);");
|
||
$s++;
|
||
}
|
||
$message=str_replace("
|
||
","<br>",$message);
|
||
|
||
if ($_POST[submit]!="") {
|
||
$date=time();
|
||
$subject1=mysqli_real_escape_string($con,$_POST[subject]);
|
||
$message1=mysqli_real_escape_string($con,$message);
|
||
mysqli_query($con,"UPDATE users SET posts = posts + 1, lastposttime = $date WHERE id = $userid") or die(mysqli_error($con));
|
||
mysqli_query($con,"INSERT INTO `threads` (`forum`, `user`, `lastposter`, `lastpostdate`, `title`, `icon`) VALUES ('$_POST[fid]', '$userid', '$userid', '$date', '$subject1', '$_POST[iconid]')") or die(mysql_error());
|
||
$t = mysqli_insert_id($con);
|
||
mysqli_query($con,"INSERT INTO `posts` (`thread`, `user`, `date`, `ip`, `text`) VALUES ('$t', '$userid', '$date', '$userip', '$message1')") or die(mysql_error());
|
||
|
||
print "$tccell1"."Thank you, ".$username.", for submitting your new thread.";
|
||
print "<br>Click <a href=thread.php?id=$t>here</a> to go to the thread.
|
||
<!-- <META HTTP-EQUIV=\"REFRESH\" CONTENT=\"0; URL=thread.php?id=$t\"> --!>
|
||
</table></td></table>
|
||
";
|
||
|
||
} else {
|
||
|
||
print "
|
||
<FORM ACTION=\"newthread.php\" NAME=\"REPLIER\" METHOD=\"POST\">
|
||
$tccell1 This is a preview of your post.</td><tr>
|
||
$tccell2</center>".$message."</td></table></td></table>
|
||
<br>
|
||
<table border=0 cellpadding=2 cellspacing=1 width=100% bgcolor=$tableborder>
|
||
|
||
$tccell1 <b>Thread title:</td>
|
||
$tccell2 </center><INPUT TYPE=TEXT NAME=\"subject\" VALUE=\"$_POST[subject]\" SIZE=40 MAXLENGTH=40></td><tr>
|
||
$tccell1 <b>Post:</td>
|
||
$tccell2 </center><TEXTAREA NAME=\"message\" VALUE=\"$message\" ROWS=20 COLS=60 WRAP=VIRTUAL>".str_replace("<br>","
|
||
",$message)."</TEXTAREA></td><tr>";
|
||
|
||
if (!$loguserid) {
|
||
print "<INPUT TYPE=HIDDEN NAME=\"password\" VALUE=\"$_POST[password]\">
|
||
<INPUT TYPE=HIDDEN NAME=\"username\" VALUE=\"$_POST[username]\">";
|
||
}
|
||
print "
|
||
<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"postthread\">
|
||
<INPUT TYPE=HIDDEN NAME=\"fid\" VALUE=\"$_POST[fid]\">
|
||
<INPUT TYPE=HIDDEN NAME=\"iconid\" VALUE=\"$_POST[iconid]\">
|
||
<tr>
|
||
$tccell1
|
||
$tccell2 </center><INPUT TYPE=Submit NAME=\"submit\" VALUE=\"Submit thread\">
|
||
<INPUT TYPE=Submit NAME=\"preview\" VALUE=\"Preview post\"></td></FORM>
|
||
</table></td></table>";
|
||
}
|
||
} else {
|
||
print "$tccell1"."Couldn't enter the post. Either you didn't enter an existing username, ";
|
||
print "or you haven't entered the right password for the username.";
|
||
print "<br>Click <a href=forum.php?id=$id>here</a> to return to the forum, or wait to get redirected.
|
||
<!-- <META HTTP-EQUIV=\"REFRESH\" CONTENT=\"0; URL=forum.php?id=$id\"> --!>";
|
||
}
|
||
|
||
}-
|
||
|
||
print $footer;
|
||
?>
|