25) || (strlen($username) < 4)) {fHeader();UhOh($txt['errUsernameLength']);} //if (eregi("[^a-z0-9_]+",$username)) {fHeader();UhOh($txt['errUsernameFormat']);} if (HasSpecialChar($username)) {fHeader();UhOh($txt['errUsernameFormat']);} $query = "SELECT count(*) from t_users WHERE UserName = '$username'"; $result = mysql_query($query); $row = mysql_fetch_row($result); if ($row[0] >= 1) { if (CheckPassword($username,$password) != 1) { fHeader(); UhOh($txt['errInvalidUser']); } else { if ($fSettings["floodflag"] == "yes") { $query = "SELECT DateEdited from t_messages WHERE Poster = '$username' Order By DateEdited DESC LIMIT 1"; $result = mysql_query($query); $row = mysql_fetch_row($result); $UsrLastActive = $row[0]; $usrfloodprotect = time() - $UsrLastActive; if ($usrfloodprotect <= $fSettings["floodinterval"]) { $txt['errFloodControl']=str_replace("XFLI",$fSettings["floodinterval"],$txt['errFloodControl']); fHeader();UhOh($txt['errFloodControl']); } } $query = "SELECT Password,SavePass,NumPost from t_users WHERE UserName = '$username'"; $result = mysql_query($query); $row = mysql_fetch_array($result); if ($row["SavePass"] == 'yes') CookieStuff(time()+30240000,$username,$row["Password"]); else CookieStuff(0,$username,$row["Password"]); $NumPost = $row["NumPost"]+1; $query = "UPDATE t_users set NumPost=$NumPost WHERE UserName = '$username'"; mysql_query($query); } } $subject = htmlspecialchars($subject); $subject = addslashes($subject); $message = addslashes($message); $dateposted = time(); if ($messagetype == "PostMessage") { $query = "SELECT TopicID from t_messages Order By TopicID DESC LIMIT 1"; $result = mysql_query($query); $row = mysql_fetch_array($result); $TopicID = $row["TopicID"] + 1; $firstmessage = "yes"; if (!(CheckPermission("post",$username))) {fHeader();LogInFirst($txt['CantPost']);} } else { if (!(CheckPermission("reply",$username))) {fHeader();LogInFirst($txt['CantPost']);} $firstmessage = "no"; $query = "SELECT Poster from t_messages WHERE ReplyNotice = 'yes' AND TopicID = $TopicID"; $result = mysql_query($query); $posterlist = "(*ADAD*),"; if ($row = mysql_fetch_array($result)) { do { if (stristr($posterlist,$row["Poster"].",")) { MailReplyNotice($row["Poster"],$TopicID); $posterlist .= $row["Poster"].","; } } while ($row = mysql_fetch_array($result)); } $query = "select numReplies from t_messages where TopicID = '$TopicID' LIMIT 1"; $result2 = mysql_query($query); $row2 = mysql_fetch_row($result2); $numReplies = $row2[0]+1; } //$query = "SELECT count(*) from t_messages WHERE PosterIP LIKE '$REMOTE_ADDR' AND Message LIKE '$message'"; //$result = mysql_query($query); //if ($result) //{ // $row = mysql_fetch_row($result); // if ($row[0] > 0) // { // fHeader(); // $TopicID--; // $prevlink = $fSettings["ScriptURL"]."/viewtopic.php?TopicID=$TopicID"; // Redirect($txt['errDoublePost']." You're now being redirected to the topic. If you don't want to wait, please click here
",$prevlink); // UhOh($txt['errDoublePost']); // } //} UpdateUserLevel($username); $query = "INSERT INTO t_messages (Subject,Message,BoardID,TopicID,numReplies,Poster,DatePosted,ReplyNotice,Emoticon,FirstMessage,PosterIP,PostIcon,AddSig) "; $query .= "VALUES('$subject','$message','$BoardID','$TopicID','$numReplies','$username','$dateposted','$replynotice','$emoticon','$firstmessage','$REMOTE_ADDR','$posticon','$addsig')"; $result = mysql_query($query); $query = "UPDATE t_messages SET DateEdited='$dateposted',numReplies='$numReplies' WHERE TopicID='$TopicID'"; mysql_query($query); if (!$result) {fHeader();UhOh("Error Posting. Reason: ".mysql_error());} $prevlink = $fSettings["ScriptURL"]."/viewtopic.php?TopicID=$TopicID"; Redirect("Your message has been sent. You're now being redirected to the topic. If you don't want to wait, please click here",$prevlink); } function MailReplyNotice($touser,$TopicID) { global $fSettings; $ToUser = GrabUserInfo($touser); if ($ToUser["UserLevel"] != "Guest") { $subject = "tForum Reply Notice"; $message = "Someone has replied to your message on tForum.\n\nPlease use this link to read the topic: ".$fSettings["ScriptURL"]."/viewtopic.php?TopicID=$TopicID"; mail($ToUser["UserName"]." <".$ToUser["Email"].">", $subject, $message, "From: tForum <".$fSettings["Email"].">"); } } function PostEditMSG() { global $addsig,$fSettings,$username,$password,$subject,$message,$replynotice,$emoticon,$MessageID,$deletemessage,$posticon,$txt,$BoardID; $query = "SELECT Locked from t_messages WHERE ID = $MessageID"; $result = mysql_query($query); if (!$result) { fHeader();UhOh(mysql_error());} if ($row = mysql_fetch_array($result)) { if ($row["Locked"] == 1) {fHeader(); UhOh($txt['errLocked']);} } if ($username == "") {fHeader();UhOh($txt['errNeedUsername']);} if ($subject == "") {fHeader();UhOh($txt['errEmptySubject']);} if ($message == "") {fHeader();UhOh($txt['errEmptyMessage']);} if ((strlen($username) > 25) || (strlen($username) < 4)) {fHeader();UhOh($txt['errUsernameLength']);} if (HasSpecialChar($username)) {fHeader();UhOh($txt['errUsernameFormat']);} $msgInfo = GrabMessageInfo($MessageID); $BoardID = $msgInfo['BoardID']; $TopicID = $msgInfo['TopicID']; if ((CheckPermission("editmessage",$username) == 0) && (!is_mod($username,$password,$msgInfo['BoardID']))) {fHeader();UhOh($txt['errNoEditPerm']);} if (CheckPassword($username,$password) != 1) {fHeader();UhOh($txt['errInvalidUser']);} else { if ($fSettings["floodflag"] == "yes") { $query = "SELECT DateEdited from t_messages WHERE Poster = '$username' Order By DateEdited DESC LIMIT 1"; $result = mysql_query($query); $row = mysql_fetch_row($result); $UsrLastActive = $row[0]; $usrfloodprotect = time() - $UsrLastActive; if ($usrfloodprotect <= $fSettings["floodinterval"]) { $txt['errFloodControl']=str_replace("XFLI",$fSettings["floodinterval"],$txt['errFloodControl']); fHeader();UhOh($txt['errFloodControl']); } } $query = "SELECT Password,SavePass,NumPost from t_users WHERE UserName = '$username'"; $result = mysql_query($query); $row = mysql_fetch_array($result); if ($row["SavePass"] == 'yes') CookieStuff(time()+30240000,$username,$row["Password"]); else CookieStuff(0,$username,$row["Password"]); } $subject = htmlspecialchars($subject); $subject = addslashes($subject); $message = addslashes($message); $dateposted = time(); $UserInfo = GrabUserInfo($username); $message .= "\n\n[Edited by ".$UserInfo["UserName"]." on ".FormatDate(time(),$UserInfo["timezone"])." at ".FormatTime(time(),$UserInfo["timezone"])." GMT]"; if ($deletemessage == "yes") { if ($msgInfo["FirstMessage"] == "yes") { if ($msgInfo["IsPoll"]) { $query = "SELECT PollID from t_polls WHERE TopicID =".$msgInfo["TopicID"]; $result = mysql_query($query); if (!$result) { fHeader();UhOh(mysql_error()); } list($PollID) = mysql_fetch_array($result); $query = "DELETE FROM t_polls WHERE TopicID = ".$msgInfo["TopicID"]; $result = mysql_query($query); if (!$result){fHeader();UhOh(mysql_error());} $query = "DELETE from t_polloptions WHERE PollID = ".$PollID; $result = mysql_query($query); if (!$result){fHeader();UhOh(mysql_error());} $query = "DELETE from t_votes WHERE PollID = ".$PollID; $result = mysql_query($query); } $query = "DELETE from t_messages WHERE TopicID = ".$msgInfo["TopicID"]; $result = mysql_query($query); if ($result) { $prevlink = $fSettings["ScriptURL"]."/viewboard.php?BoardID=".$msgInfo["BoardID"]; Redirect("Your topic has been deleted. You're now being redirected to the board you were at. If you don't want to wait, please click here",$prevlink); } else {fHeader();UhOh(mysql_error());} } else { $query = "select numReplies from t_messages where TopicID = '$TopicID' LIMIT 1"; $result2 = mysql_query($query); $row2 = mysql_fetch_row($result2); $numReplies = $row2[0]-1; $query = "UPDATE t_messages SET numReplies='$numReplies' WHERE TopicID='$TopicID'"; mysql_query($query); $query = "DELETE from t_messages WHERE ID = ".$msgInfo["ID"]; $result = mysql_query($query); if ($result) { $prevlink = $fSettings["ScriptURL"]."/viewtopic.php?TopicID=".$msgInfo["TopicID"]; Redirect("Your message has been deleted. You're now being redirected to the message you were at. If you don't want to wait, please click here",$prevlink); } else {fHeader();UhOh(mysql_error());} } } else { $query = "UPDATE t_messages SET Subject='$subject',Message='$message',ReplyNotice='$replynotice',Emoticon='$emoticon',PostIcon='$posticon',AddSig='$addsig' WHERE ID=$MessageID"; $result = mysql_query($query); //$query = "UPDATE t_messages SET DateEdited='$dateposted' WHERE TopicID=".$msgInfo['$TopicID']; //mysql_query($query); $prevlink = $fSettings["ScriptURL"]."/viewtopic.php?TopicID=".$msgInfo["TopicID"]; Redirect("Your message has been editted. You're now being redirected to the topic you were at. If you don't want to wait, please click here",$prevlink); } } function LockTopic($TopicID) { global $fSettings,$txt; $query = "select BoardID from t_messages WHERE TopicID = $TopicID LIMIT 1"; $result = mysql_query($query); $row = mysql_fetch_array($result); $CurrentUserPass = GrabUserPass(); if (is_mod($CurrentUserPass[UserName],$CurrentUserPass[Password],$row["BoardID"]) != 1) {fHeader();UhOh($txt['errNoLockPerm']);} $query = "SELECT Locked from t_messages WHERE TopicID = $TopicID Order By DatePosted ASC"; $result = mysql_query($query); if (!$result) { fHeader();UhOh(mysql_error());} if ($row = mysql_fetch_array($result)) { if ($row["Locked"] == 1) { $query = "UPDATE t_messages SET Locked=0 WHERE TopicID = $TopicID"; $result = mysql_query($query); if (!$result) { fHeader();UhOh(mysql_error());} $prevlink = $fSettings["ScriptURL"]."/viewtopic.php?TopicID=$TopicID"; Redirect("The topic is now unlocked. You're now being redirected to the topic you were at. If you don't want to wait, please click here",$prevlink); } else { $query = "UPDATE t_messages SET Locked=1 WHERE TopicID = $TopicID"; $result = mysql_query($query); if (!$result) { fHeader();UhOh(mysql_error());} $prevlink = $fSettings["ScriptURL"]."/viewtopic.php?TopicID=$TopicID"; Redirect("The topic is now locked. You're now being redirected to the topic you were at. If you don't want to wait, please click here",$prevlink); } } } function MoveTopic($TopicID,$BoardID) { global $fSettings,$txt; $CurrentUserPass = GrabUserPass(); if (is_mod($CurrentUserPass[UserName],$CurrentUserPass[Password],$BoardID) != 1) {fHeader();UhOh($txt['errNoMovePerm']);} $query = "UPDATE t_messages SET BoardID=$BoardID WHERE TopicID = $TopicID"; $result = mysql_query($query); if (!$result) { fHeader();UhOh(mysql_error());} $prevlink = $fSettings["ScriptURL"]."/viewtopic.php?TopicID=$TopicID"; Redirect("The topic is now moved. You're now being redirected to the topic you were at. If you don't want to wait, please click here",$prevlink); } function PrintSmilieWindow() { global $fSettings,$txt; ?> <?echo $txt['AvSmilies']?> " text="" link="" vlink="" alink=""> ";} if ($loop % 8 == 0){echo "";}?>
BORDER="0">
<?echo $fSettings["ForumName"]?>
Close

Click on the Smiley or Text to Add

">
">
">">Emoticons ">">Picture
">
please click here",$prevlink); } else { $query = "UPDATE t_messages SET GlueTop=1 WHERE TopicID = $TopicID"; $result = mysql_query($query); if (!$result) { fHeader();UhOh(mysql_error()); } $prevlink = $fSettings["ScriptURL"]."/viewtopic.php?TopicID=$TopicID"; Redirect("The topic is now topped. You're now being redirected to the topic you were at. If you don't want to wait, please click here",$prevlink); } } } if (empty($Action)) $Action = ""; switch ($Submit) { case "Preview Message": $Action = "PreviewMessage"; break; case "Preview Reply Message": $Action = "PreviewReplyMessage"; break; case "Send Message": $Action = "PostMessage"; break; case "Send Reply": $Action = "ReplyMessage"; break; case "Move Topic": $Action = "movetopic2"; break; case "Edit Message": $Action = "PostEditMessage"; break; case "Send Poll": $Action = "PostPoll"; break; case "Vote": $Action = "SendVote"; break; } switch ($Action) { case "NewMessage": fHeader(); PrintPostForm("Preview Message","Send Message"); fFooter(); break; case "NewReplyMessage": fHeader(); PrintPostForm("Preview Reply Message","Send Reply"); fFooter(); break; case "newquotereply": fHeader(); PrintQuoteReplyForm($MessageID); fFooter(); break; case "PreviewMessage": fHeader(); PreviewMessage("Send Message"); fFooter(); break; case "PreviewReplyMessage": fHeader(); PreviewMessage("Send Reply"); fFooter(); break; case "PostMessage": PostMessage("PostMessage"); break; case "ReplyMessage": PostMessage("ReplyMessage"); break; case "edit": fHeader(); PrintEditPostForm(); fFooter(); break; case "PostEditMessage": PostEditMSG(); break; case "locktopic": LockTopic($TopicID); break; case "movetopic": fHeader(); PrintMoveTopicForm($TopicID); break; case "movetopic2": MoveTopic($TopicID,$BoardID); break; case "printsmilies": PrintOtherSmilieWindow(); break; case "NewPoll": fHeader(); PrintPollForm("Send Poll"); fFooter(); break; case "PostPoll": PostPoll(); break; case "SendVote": AddVote($pollid,$optionid,$topicid); break; case "toptopic": TopTopic($TopicID); break; default: fHeader(); UhOh($txt['errNothing']); } ?>