search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
0.8.1a
[gfh.git] / post.php
blob4000ba524038900d7e108fc764d3a212c025d621
1 <?php if (!$_GET['board'])
2 {
3 echo "Invalid boardID.";
4 exit;
5 }
6 include ("config.php");
7 function clancheck($bdnum, $username)
8 {
9 $sql = "SELECT * FROM users WHERE username='$username'";
10 $result = mysql_query($sql);
11 $myrow = mysql_fetch_array($result);
12 $clan2 = $myrow["faction"];
13 $sql = "SELECT * FROM boards WHERE boardid='$bdnum'";
14 $result = mysql_query($sql);
15 $myrow = mysql_fetch_array($result);
16 if ($clan2 == $myrow["clan"])
17 {
18 return 1;
19 } else
20 {
21 return 0;
22 }
23 }
24 function check($board)
25 {
26 $sql = "SELECT * FROM boards WHERE boardid='$board'";
27 $result = mysql_query($sql);
28 if (!mysql_num_rows($result))
29 {
30 return 0;
31 } else
32 {
33 return 1;
34 }
35 }
36 function check2($board)
37 {
38 $sql = "SELECT * FROM boards WHERE boardid='$board'";
39 $result = mysql_query($sql);
40 $myrow = mysql_fetch_array($result);
41 return $myrow["boardlevel"];
42 }
43 function getlevel($username)
44 {
45 $sql = "SELECT * FROM users WHERE username='$username'";
46 $result = mysql_query($sql);
47 $myrow = mysql_fetch_array($result);
48 return $myrow["level"];
49 }
50
51 $username = auth();
52 if (!$username)
53 {
54 echo "You cannot view this page.";
55 exit;
56 }
57 if ($username)
58 {
59 if (isset($_POST['submit']))
60 {
61 $topictitle = trim($_POST['topictitle']);
62 $message = trim($_POST['message']);
63 if (!$topictitle)
64 {
65 ?>
66 <table cellpadding="2" cellspacing="2" border="0" width="100%">
67 <tbody>
68 <tr>
69 <td valign="Top" bgcolor=<?php echo $systemnotcolor ?> >
70 <div align="Center">Please enter a title for your topic.<br>
71 </div>
72 </td>
73 </tr>
74 <tr>
75 <td valign="Top" bgcolor=<?php echo $titlecolor ?> >
76 <div align="Center"><b><font color="#ffffff">Your Topic Title</font></b><br>
77 </div>
78 </td>
79 </tr>
80 <tr>
81 <td valign="Top">
82 <table cellpadding="0" cellspacing="0" border="0" width="100%">
83 <tbody>
84 <tr>
85 <td valign="Top" width="10%">
86 <form method="Post" action="post.php?board=<?php echo $_GET['board'] ?> ">
87 <font color=black>Topic Title:<br>
88 </td>
89 <td valign="Top"><input type="text" size="60" maxlength="80" name="topictitle"><br>
90 </td>
91 </tr>
92 </tbody>
93 </table>
94 </td>
95 </tr>
96 <tr>
97 <td valign="Top" bgcolor=".$titlecolor.">
98 <div align="Center"><font color="#ffffff"><b>Your Message<br>
99 </b></font></div>
100 </td>
101 </tr>
102 <tr>
103 <td valign="Top">
104 <table cellpadding="0" cellspacing="0" border="0" width="100%">
105 <tbody>
106 <tr>
107 <td valign="Top" width="10%"><font color=black>Message:<br>
108 </td>
109 <td valign="Top"><br>
110 <textarea cols="60" rows="20" name="message" wrap="virtual"></textarea></td>
111 </tr>
112 </tbody>
113 </table>
114 <br>
115 </td>
116 </tr>
117 <tr>
118 <td valign="Top">
119 <select name=previewornot>
120 <option value=preview selected>Preview</option>
121 <option value=post>Post</option>
122 </select>
123 <input type="submit" value="Post Message" name="submit"><input type="reset" value="Reset" name="reset"></form><br>
124 </td>
125 </tr>
126 </tbody><br>
127 </table>
128 <?php } else
129 {
130 $message = ereg_replace(" ", "", $message);
131 $message = ereg_replace("<i></i>", "", $message);
132 $message = ereg_replace("<b></b>", "", $message);
133 if (!$message)
134 {
135 echo "Please enter your message.<br><br>\n";
136 ?>
137 <table cellpadding="2" cellspacing="2" border="0" width="100%">
138 <tbody>
139 <tr>
140 <td valign="Top" bgcolor=<?php echo $systemnotcolor ?> >
141 <div align="Center">Please enter your message<br>
142 </div>
143 </td>
144 </tr>
145 <tr>
146 <td valign="Top" bgcolor=<?php echo $titlecolor ?> >
147 <div align="Center"><b><font color="#ffffff">Your Topic Title</font></b><br>
148 </div>
149 </td>
150 </tr>
151 <tr>
152 <td valign="Top">
153 <table cellpadding="0" cellspacing="0" border="0" width="100%">
154 <tbody>
155 <tr>
156 <td valign="Top" width="10%">
157 <form method="Post" action="post.php?board=<?php echo $_GET['board'] ?> ">
158 <font color=black>Topic Title:<br>
159 </td>
160 <td valign="Top"><input type="text" size="60" maxlength="80" name="topictitle"><br>
161 </td>
162 </tr>
163 </tbody>
164 </table>
165 </td>
166 </tr>
167 <tr>
168 <td valign="Top" bgcolor=<?php echo $titlecolor ?> >
169 <div align="Center"><font color="#ffffff"><b>Your Message<br>
170 </b></font></div>
171 </td>
172 </tr>
173 <tr>
174 <td valign="Top">
175 <table cellpadding="0" cellspacing="0" border="0" width="100%">
176 <tbody>
177 <tr>
178 <td valign="Top" width="10%"><font color=black>Message:<br>
179 </td>
180 <td valign="Top"><br>
181 <textarea cols="60" rows="20" name="message" wrap="virtual"></textarea></td>
182 </tr>
183 </tbody>
184 </table>
185 <br>
186 </td>
187 </tr>
188 <tr>
189 <td valign="Top">
190 <select name=previewornot>
191 <option value=preview selected>Preview</option>
192 <option value=post>Post</option>
193 </select>
194 <input type="submit" value="Post Message" name="submit"><input type="reset" value="Reset" name="reset"></form><br>
195 </td>
196 </tr>
197 </tbody><br>
198 </table>
199 <?php } else
200 {
201 if (strcmp($_POST['previewornot'], "preview") == 0)
202 {
203 $message = ereg_replace("\n", "<br>", $message);
204 $message = stripslashes($message);
205 $topictitle = stripslashes($topictitle);
206 echo "<font color=black><b>Topic Title:</b> ".$topictitle;
207 echo "<table width=100%><tr><td bgcolor="
208 .$secondcolor
209 ."><font face=arial><b>From: </b> | <b>Posted:</b> | ";
210 echo "</td></tr><tr><td bgcolor="
211 .$firstcolor
212 ."><font face=arial>"
213 .$message
214 ."</font></td></tr></table>\n";
215 ?>
216 <br><br>
217 <?php $message =
218 ereg_replace("<br>", "\n", $message);
219 ?>
220 <form method=post action=post.php?board=<?php echo $_GET['board'] ?> &topic=<?php echo $topic ?> >
221 <input type=hidden name=previewornot value=post>
222 <input type=hidden name=message value="<?php echo htmlspecialchars($message) ?> ">
223 <input type=hidden name=topictitle value="<?php echo htmlspecialchars($topictitle) ?> ">
224 <input type=submit name=submit value="Post this Message"></form><br>
225 <table cellpadding="2" cellspacing="2" border="0" width="100%">
226 <tbody>
227 <tr>
228 <td valign="Top" bgcolor=<?php echo $titlecolor ?> >
229 <div align="Center"><b><font color="#ffffff">Your Topic Title</font></b><br>
230 </div>
231 </td>
232 </tr>
233 <tr>
234 <td valign="Top">
235 <table cellpadding="0" cellspacing="0" border="0" width="100%">
236 <tbody>
237 <tr>
238 <td valign="Top" width="10%">
239 <form method="Post" action="post.php?board=<?php echo $_GET['board'] ?> ">
240 <font color=black>Topic Title:<br>
241 </td>
242 <td valign="Top"><input type="text" size="60" maxlength="80" name="topictitle" value="<?php echo $topictitle ?> "><br>
243 </td>
244 </tr>
245 </tbody>
246 </table>
247 </td>
248 </tr>
249 <tr>
250 <td valign="Top" bgcolor=<?php echo $titlecolor ?> >
251 <div align="Center"><font color="#ffffff"><b>Your Message<br>
252 </b></font></div>
253 </td>
254 </tr>
255 <tr>
256 <td valign="Top">
257 <table cellpadding="0" cellspacing="0" border="0" width="100%">
258 <tbody>
259 <tr>
260 <td valign="Top" width="10%"><font color=black>Message:<br>
261 </td>
262 <td valign="Top"><br>
263 <textarea cols="60" rows="20" name="message" wrap="virtual"><?php echo $message ?> </textarea></td>
264 </tr>
265 </tbody>
266 </table>
267 <br>
268 </td>
269 </tr>
270 <tr>
271 <td valign="Top">
272 <select name=previewornot>
273 <option value=preview>Preview</option>
274 <option value=post selected>Post</option>
275 </select>
276 <input type="submit" value="Post Message" name="submit"><input type="reset" value="Reset" name="reset"></form><br>
277 </td>
278 </tr>
279 </tbody><br>
280 </table>
281 <?php exit;
282 }
283 if (strcmp($_POST['previewornot'], "post") == 0)
284 {
285 $toptit = addslashes($topictitle);
286 $bodbod = addslashes($message);
287 $uselevel = getlevel($uname);
288 $boardcheck = check($_GET['board']);
289 if ($boardcheck == 0)
290 {
291 echo "<font color=black>Invalid board.";
292 exit;
293 }
294 $boardlevel = check2($_GET['board']);
295 if ($boardlevel > $uselevel)
296 {
297 echo "<font color=black>You cannot post here.";
298 exit;
299 }
300 $sql = "SELECT * FROM boards WHERE boardid='{$_GET['board']}'";
301 $result = mysql_query($sql);
302 $myrow = mysql_fetch_array($result);
303 $clanvalue = $myrow["clan"];
304 $clan = clancheck($_GET['board'], $uname);
305 if ($clanvalue != 0 AND $uselevel != 60)
306 {
307 if ($clan == 0)
308 {
309 echo "<font color=black>You cannot view this board.";
310 exit;
311 }
312 }
313 if ($uselevel < 60)
314 $toptit = htmlspecialchars($toptit);
315 if ($uselevel < 60)
316 $bodbod = htmlspecialchars($bodbod);
317 $bodbod = ereg_replace("\n", "<br>", $bodbod);
318 $bodbod = ereg_replace("&lt;i&gt;", "<i>", $bodbod);
319 $bodbod = ereg_replace("&lt;/i&gt;", "</i>", $bodbod);
320 $bodbod = ereg_replace("&lt;b&gt;", "<b>", $bodbod);
321 $bodbod = ereg_replace("&lt;B&gt;", "<b>", $bodbod);
322 $bodbod = ereg_replace("&lt;/B&gt;", "</b>", $bodbod);
323 $bodbod = ereg_replace("&lt;I&gt;", "<i>", $bodbod);
324 $bodbod = ereg_replace("&lt;/I&gt;", "</i>", $bodbod);
325 $bodbod = ereg_replace("&lt;/b&gt;", "</b>", $bodbod);
326 $sql = "SELECT * FROM users WHERE username='$uname'";
327 $result = mysql_query($sql);
328 $myrow = mysql_fetch_array($result);
329 $usename = $myrow["username"];
330 /* if ($myrow["level"]==15)
331 {
332 if ($myrow["poststoday"]<50)
333 {
334 if ($myrow["topicstoday"]<5)
335 {
336 $postst=$myrow["poststoday"]+1;
337 $topicst=$myrow["topicstoday"]+1;
338 $sql="UPDATE users SET poststoday='$postst' WHERE username='$uname'";
339 $result=mysql_query($sql);
340 $sql="UPDATE users SET topicstoday='$topicst' WHERE username='$uname'";
341 $result=mysql_query($sql);
342 }}}
343 if ($myrow["level"]==15)
344 {
345 if ($myrow["poststoday"]==50)
346 {
347 echo "You have posted 50 messages already.";
348 exit;
349 }}
350 if ($myrow["level"]==15)
351 {
352 if ($myrow["topicstoday"]==5)
353 {
354 echo "You have posted 5 topics today already.";
355 exit;
356 }} */
357 $sql =
358 "SELECT * FROM topics WHERE topicname='$toptit' AND boardnum='{$_GET['board']}'";
359 $result = mysql_query($sql);
360 if (mysql_num_rows($result) >= 1)
361 {
362 echo "<font color=black>A topic with this title has already been posted.";
363 exit;
364 }
365 $posttime = time();
366 $datedate = date("n/j/Y H:i");
367 $sql =
368 "INSERT INTO topics (topicname,boardnum,topicby,timesec,active,postdate) VALUES ('$toptit','{$_GET['board']}','$usename','$posttime','1','$datedate')";
369 $result = mysql_query($sql);
370 $topicid = mysql_insert_id($db);
371 $datedate = date("n/j/Y h:i:s A");
372 $sql =
373 "INSERT INTO messages (topic,messby,messsec,messbody,mesboard,theorder,postdate) VALUES ('$topicid','$usename','$posttime','$bodbod','{$_GET['board']}','1','$datedate')";
374 $result = mysql_query($sql);
375 $datedate = date("n/j/y H:i:s");
376 $sql =
377 "UPDATE users SET lastactivity='$datedate' WHERE username='$uname'";
378 $result = mysql_query($sql);
379 echo "<font color=black>Your message has been posted. Go to your <a href=messagelist.php?board="
380 .$_GET['board']
381 ."&topic="
382 .$topicid
383 ."><font color=blue>message</font></a>.\n";
384 }
385 }
386 }
387 } else
388 {
389 ?>
390 <table cellpadding="2" cellspacing="2" border="0" width="100%">
391 <tbody>
392 <tr>
393 <td valign="Top" bgcolor=<?php echo $titlecolor ?> >
394 <div align="Center"><b><font color="#ffffff">Your Topic Title</font></b><br>
395 </div>
396 </td>
397 </tr>
398 <tr>
399 <td valign="Top">
400 <table cellpadding="0" cellspacing="0" border="0" width="100%">
401 <tbody>
402 <tr>
403 <td valign="Top" width="10%">
404 <form method="Post" action="post.php?board=<?php echo $_GET['board'] ?> ">
405 <font color=black>Topic Title:<br>
406 </td>
407 <td valign="Top"><input type="text" size="60" maxlength="80" name="topictitle"><br>
408 </td>
409 </tr>
410 </tbody>
411 </table>
412 </td>
413 </tr>
414 <tr>
415 <td valign="Top" bgcolor=<?php echo $titlecolor ?> >
416 <div align="Center"><font color="#ffffff"><b>Your Message<br>
417 </b></font></div>
418 </td>
419 </tr>
420 <tr>
421 <td valign="Top">
422 <table cellpadding="0" cellspacing="0" border="0" width="100%">
423 <tbody>
424 <tr>
425 <td valign="Top" width="10%"><font color=black>Message:<br>
426 </td>
427 <td valign="Top"><br>
428 <textarea cols="60" rows="20" name="message" wrap="virtual"></textarea></td>
429 </tr>
430 </tbody>
431 </table>
432 <br>
433 </td>
434 </tr>
435 <tr>
436 <td valign="Top">
437 <select name=previewornot>
438 <option value=preview>Preview</option>
439 <option value=post selected>Post</option>
440 </select>
441 <input type="submit" value="Post Message" name="submit"><input type="reset" value="Reset" name="reset"></form><br>
442 </td>
443 </tr>
444 </tbody><br>
445 </table>
446 <br><font color=black>Enabled tags. &lt;b&gt;&lt;/b&gt; &lt;i&gt;&lt;/i&gt;
447 <?php }
448 }
449 ?>
asdsad