0.8.1a

[gfh.git] / modnotice.php

<?php include ("config.php");
function auth($userid, $password)
{
        $sql = "SELECT username FROM users WHERE username='$userid' AND userpass='$password'";
        $result = mysql_query($sql);
        if (!mysql_num_rows($result))
                return 0;
        else
        {
                $query_data = mysql_fetch_row($result);
                return $query_data[0];
        }
}
function timetime($topicid)
{
        $sql = "SELECT * FROM messages WHERE messageid='$topicid'";
        $result = mysql_query($sql);
        $myrow = mysql_fetch_array($result);
        $timey = substr($myrow["messsec"], 0, 4).'-'.substr($myrow["messsec"], 4, 2).'-'.substr($myrow["messsec"], 6, 2).' '.substr($myrow["messsec"], 8, 2).':'.substr($myrow["messsec"], 10, 2).':'.substr($myrow["messsec"], 12, 2);
        return $timey;
}
function getlevel($username)
{
        $sql = "SELECT * FROM users WHERE username='$username'";
        $result = mysql_query($sql);
        $myrow = mysql_fetch_array($result);
        return $myrow["level"];
}
$username = auth($uname, $pword);
if (!$username)
{
        echo "You cannot mark messages.";
        exit;
}
if (!$board)
{
        echo "Invalid boardID.";
        exit;
}
if (!$topic)
{
        echo "Invalid topicID.";
        exit;
}
if (!$message)
{
        echo "Invalid messageID.";
        exit;
}
$getlevel = getlevel($uname);
if (($getlevel < 50) AND ($board == 20))
{
        echo "You cannot mark messages on the asshole board.";
        exit;
}
include ("colors.inc");
include ("top.inc");
if ($submit)
{
        $sql = "SELECT * FROM marked WHERE message='$message'";
        $result = mysql_query($sql);
        $myrow = mysql_fetch_array($result);
        if (mysql_num_rows($result) >= 1 AND $myrow["active"] == 0)
        {
                $markid = $myrow["markid"];
                $sql = "UPDATE marked SET markedtimes='1' WHERE markid='$markid'";
                $result = mysql_query($sql);
                $sql = "UPDATE marked SET active='1' WHERE markid='$markid'";
                $result = mysql_query($sql);
                echo "<font color=black>Thank you for marking this probably stupid and inane message.  Return to from which you <a href=messagelist.php?board=".$board."&topic=".$topic."><font color=blue>came</font></a>.";
                exit;
        }
        if (mysql_num_rows($result) >= 1)
        {
                $markid = $myrow["markid"];
                $markt = $myrow["markedtimes"] + 1;
                $sql = "UPDATE marked SET markedtimes='$markt' WHERE markid='$markid'";
                $result = mysql_query($sql);
                echo "<font color=black>Thank you for marking this probably stupid and inane message.  Return to from which you <a href=messagelist.php?board=".$board."&topic=".$topic."><font color=blue>came</font></a>.";
                exit;
        }
        if ($reason == 4)
        {
                $sql = "SELECT * FROM users WHERE username='$uname'";
                $result = mysql_query($sql);
                $myrow = mysql_fetch_array($result);
                $usename = $myrow["username"];
                $other = htmlspecialchars($other);
                $sql = "INSERT INTO marked (reason,markwho,message,topic,board,active,reason2,markedtimes) VALUES ('$reason','$usename','$message','$topic','$board','1','$other','1')";
                $result = mysql_query($sql);
                echo "<font color=black>Thank you for marking this probably stupid and inane message.  Return to from which you <a href=messagelist.php?board=".$board."&topic=".$topic."><font color=blue>came</font></a>.";
                exit;
        }
        $sql = "SELECT * FROM users WHERE username='$uname'";
        $result = mysql_query($sql);
        $myrow = mysql_fetch_array($result);
        $usename = $myrow["username"];
        $sql = "INSERT INTO marked (reason,markwho,message,topic,board,active,markedtimes) VALUES ('$reason','$usename','$message','$topic','$board','1','1')";
        $result = mysql_query($sql);
        echo "<font color=black>Thank you for marking this probably stupid and inane message.  Return to from which you <a href=messagelist.php?board=".$board."&topic=".$topic."><font color=blue>came</font></a>.";
}
if (!$submit)
{
        $sql = "SELECT * FROM boards WHERE boardid='$board'";
        $result = mysql_query($sql);
        $myrow = mysql_fetch_array($result);
        $boardname = $myrow["boardname"];
        $sql = "SELECT * FROM topics WHERE topicid='$topic'";
        $result = mysql_query($sql);
        $myrow = mysql_fetch_array($result);
        $topicname = $myrow["topicname"];
        $sql = "SELECT * FROM messages WHERE messageid='$message'";
        $result = mysql_query($sql);
        $myrow = mysql_fetch_array($result);
        echo "<center><font color=black face=arial>Board: ".$boardname."<br>Topic Name: ".$topicname."</center>";
        $thetime = timetime($myrow["messageid"]);
        $mes = stripslashes($myrow["messbody"]);
        echo "<br><table width=100%>";
        printf("<tr><td bgcolor=".$secondcolor."><font face=arial><b>From: </b>%s | <b>Posted:</b> %s | <a href=modnotice.php?board=%s&topic=%s&message=%s>Mark</a> for moderation</font></td></tr><tr><td bgcolor=".$firstcolor."><font face=arial>%s</font></td></tr></table>", $myrow["messby"], $thetime, $board, $topic, $myrow["messageid"], $mes);
        echo "<br><br><form method=post action=modnotice.php?board=<?= $board ?>&topic=<?= $topic ?>&message=<?= $message ?>>
<input type=radio name=reason value=1> <font color=black>Stupid.<br></font>
<input type=radio name=reason value=2> <font color=black>Annoying.<br></font>
<input type=radio name=reason value=3> <font color=black>Bad Language.<br></font>
<input type=radio name=reason value=5> <font color=black>Illegal.<br></font>
<Input type=radio name=reason value=4> <font color=black>Other:</font> <input type=text name=other><br><br>
<input type=submit name=submit Value=\"Mark this person.\">
</form>";
}
?>