forums.php - orodlin-1-pub in Orodlin v.1

<?php
/**
 *   File functions:
 *   Forums in game
 *
 *   @name                 : forums.php
 *   @copyright            : (C) 2004,2005,2006 Vallheru Team based on Gamers-Fusion ver 2.5
 *   @author               : thindil <thindil@users.sourceforge.net>
 *   @author               : mori <ziniquel@users.sourceforge.net>
 *   @author               : eyescream <tduda@users.sourceforge.net>
 *   @author               : Erechail <kuba.stasiak at gmail.com>
 *   @version              : 1.4a
 *   @since                : 17.07.2007
 *
 */

//
//
//       This program is free software; you can redistribute it and/or modify
//   it under the terms of the GNU General Public License as published by
//   the Free Software Foundation; either version 2 of the License, or
//   (at your option) any later version.
//
//   This program is distributed in the hope that it will be useful,
//   but WITHOUT ANY WARRANTY; without even the implied warranty of
//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//   GNU General Public License for more details.
//
//   You should have received a copy of the GNU General Public License
//   along with this program; if not, write to the Free Software
//   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
//
// $Id$

$title = 'Forum';
require_once('includes/head.php');

function FormatDate ($milis)
{
	return Date ("y/m/d H:i:s", $milis);
}

/**
* Get the localization for game
*/
require_once('languages/'.$player -> lang.'/forums.php');

/**
* Category list
*/
if (isset ($_GET['view']) && $_GET['view'] == 'categories')
{
    if (isset($_GET['sweep']) && ereg('^[1-9][0-9]*$', $_GET['sweep']))
    {
        if (!isset($_GET['step']))
        {
            $smarty -> assign(array('Sweep' => $_GET['sweep'],
                                    'Fquestion' => YOU_SURE,
                                    'Ayes' => A_YES));
        }
        else
            if ($player-> rank =='Admin' || $player -> rank == 'Staff')
        {
            $objTest = $db -> Execute('SELECT `id`,`perm_write`  FROM `categories` WHERE `id`='.$_GET['sweep']);
            if (strpos($objTest -> fields['perm_write'], 'All') === false && strpos($objTest -> fields['perm_write'], 'Staff') === false && $player -> rank != 'Admin')
            {
                error(NO_PERM);
            }
                else
            {
                $objTopics = $db -> Execute('SELECT `id` FROM `topics` WHERE `cat_id`='.$_GET['sweep'].' AND `sticky`=\'N\'');
                while (!$objTopics -> EOF)
                {
                    $db -> Execute('DELETE FROM `replies` WHERE `topic_id`='.$objTopics -> fields['id']);
                    $objTopics -> MoveNext();
                }
                $db -> Execute('DELETE FROM `topics` WHERE `cat_id`='.$_GET['sweep'].' AND `sticky`=\'N\'');
                $smarty -> assign ('Message',YOU_SWEEPED);
                $smarty -> display('error1.tpl');
            }
            $objTest -> Close();
        }
    }
    /**
     * Display categories viewable for all
     */
    $cat = $db -> Execute('SELECT `id`, `name`, `desc` FROM `categories` WHERE `perm_visit` LIKE \'All;\' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
    $arrid = array();
    $arrname = array();
    $arrtopics = array();
    $arrdesc = array();
    $i = 0;
    while (!$cat -> EOF)
    {
        $query = $db -> Execute('SELECT count(*) FROM `topics` WHERE `cat_id`='.$cat -> fields['id']);
        $arrtopics[$i] = $query -> fields['count(*)'];
        $query -> Close();
        $arrid[$i] = $cat -> fields['id'];
        $arrname[$i] = $cat -> fields['name'];
        $arrdesc[$i] = $cat -> fields['desc'];
        $cat -> MoveNext();
        $i ++;
    }
    $cat -> Close();
    /**
     * Display categories with permission to view
     */
    $strPermission = ($player -> rank == 'Admin') ? '%' : $player -> rank;
    $cat = $db -> Execute('SELECT `id`, `name`, `desc` FROM categories WHERE `perm_visit` LIKE \'%'.$strPermission.'%\' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
    while (!$cat -> EOF)
    {
        if (in_array($cat -> fields['id'], $arrid))
        {
            $cat -> MoveNext();
            continue;
        }
        $query = $db -> Execute('SELECT count(*) FROM `topics` WHERE `cat_id`='.$cat -> fields['id']);
        $arrtopics[$i] = $query -> fields['count(*)'];
        $query -> Close();
        $arrid[$i] = $cat -> fields['id'];
        $arrname[$i] = $cat -> fields['name'];
        $arrdesc[$i] = $cat -> fields['desc'];
        $cat -> MoveNext();
        $i ++;
    }
    $cat -> Close();
    $smarty -> assign(array('Id' => $arrid,
                            'Name' => $arrname,
                            'Topics1' => $arrtopics,
                            'Description' => $arrdesc,
                            'Tcategory' => T_CATEGORY,
                            'Ttopics' => T_TOPICS,
                            'ASweep' => A_SWEEP));
}

/**
* Topic list
*/
if (isset($_GET['topics']))
{
    if (!ereg("^[1-9][0-9]*$", $_GET['topics']))
    {
        error(ERROR);
    }
    /**
     * Check for permissions
     */
    if ($player -> rank != 'Admin')
    {
        $objPerm = $db -> Execute('SELECT `perm_visit` FROM `categories` WHERE id='.$_GET['topics']);
        if ($objPerm -> fields['perm_visit'] != 'All;')
        {
            $intPerm = strpos($objPerm -> fields['perm_visit'], $player -> rank);
            if ($intPerm === false)
            {
                error(NO_PERM);
            }
        }
        $objPerm -> Close();
    }

		/*
			 Extract category name
			 */

		$objCatName = $db->Execute ('SELECT name FROM categories WHERE id=\''.$_GET['topics'].'\'');
		$CatName = $objCatName->fields ['name'];

    /**
    * Show new topic and replies on forums
    */
    if (!isset($_SESSION['forums']))
    {
        $objLasttime = $db -> Execute('SELECT `forum_time` FROM `players` WHERE `id`='.$player -> id);
        $_SESSION['forums'] = $objLasttime -> fields['forum_time'];
        $objLasttime -> Close();
        $db -> Execute('UPDATE `players` SET `forum_time`='.(time()).' WHERE id='.$player -> id);
    }

    /**
     * Select sticky threads
     */
    $topic = $db -> Execute('SELECT `w_time`, `id`, `topic`, `starter`, `gracz` FROM `topics` WHERE `sticky`=\'Y\' AND `cat_id`='.$_GET['topics'].' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
    $arrid = array();
    $arrtopic = array();
    $arrstarter = array();
	$arrStarterID = array ();
    $arrreplies = array();
    $arrNewtopic = array();
	$arrDates = array ();
    $i = 0;
    while (!$topic -> EOF)
    {
        $arrNewtopic[$i] = ($topic -> fields['w_time'] > $_SESSION['forums']) ? 'Y' : 'N';
        $query = $db -> Execute('SELECT `w_time` FROM `replies` WHERE `topic_id`='.$topic -> fields['id']);
        if ($arrNewtopic[$i] == 'N')
        {
            while (!$query -> EOF)
            {
                if ($query -> fields['w_time'] > $_SESSION['forums'])
                {
                    $arrNewtopic[$i] = 'Y';
                    break;
                }
                $query -> MoveNext();
            }
        }
        $replies = $query -> RecordCount();
        $query -> Close();
        $arrid[$i] = $topic -> fields['id'];
        $arrtopic[$i] = "<b>".$topic -> fields['topic']."</b>";
		//$arrtopic[$i] = $topic->fields['topic'];

		//TODO:
		/*
		   Przejściowe, jak poznikają tematy z dodanymi w treści datami to się usunie. :)
		   */
		$arrtopic[$i] = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $arrtopic[$i]);			
		//end TODO


		$arrDates[$i] = FormatDate ($topic->fields['w_time']);

        $arrstarter[$i] = $topic -> fields['starter'];
		$arrStarterID[$i] = $topic->fields['gracz'];
        $arrreplies[$i] = $replies;
        $topic -> MoveNext();
        $i = $i + 1;
    }
    $topic -> Close();

    /**
     * Select normal threads
     */
    $topic = $db -> Execute('SELECT `w_time`, `id`, `topic`, `starter`, `gracz` FROM `topics` WHERE `sticky`=\'N\' AND `cat_id`='.$_GET['topics'].' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
    while (!$topic -> EOF)
    {
        $arrNewtopic[$i] = ($topic -> fields['w_time'] > $_SESSION['forums']) ? 'Y' : 'N';
        $query = $db -> Execute('SELECT `w_time` FROM `replies` WHERE `topic_id`='.$topic -> fields['id']);
        if ($arrNewtopic[$i] == 'N')
        {
            while (!$query -> EOF)
            {
                if ($query -> fields['w_time'] > $_SESSION['forums'])
                {
                    $arrNewtopic[$i] = 'Y';
                    break;
                }
                $query -> MoveNext();
            }
        }
        $replies = $query -> RecordCount();
        $query -> Close();
        $arrid[$i] = $topic -> fields['id'];
        $arrtopic[$i] = $topic -> fields['topic'];

		//TODO:
		/*
		   Przejściowe, jak poznikają tematy z dodanymi w treści datami to się usunie. :)
		   */
		$arrtopic[$i] = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $arrtopic[$i]);			
		
		$arrDates[$i] = FormatDate ($topic->fields['w_time']);


        $arrstarter[$i] = $topic -> fields['starter'];
		$arrStarterID[$i] = $topic->fields['gracz'];
        $arrreplies[$i] = $replies;
        $topic -> MoveNext();
        $i = $i + 1;
    }
    $topic -> Close();
    $smarty -> assign(array('Category' => $_GET['topics'],
				'CategoryName' => $CatName,
        'Id' => $arrid,
        'Topic1' => $arrtopic,
        'Starter1' => $arrstarter,
		'StarterID'	=>	$arrStarterID,
        'Replies1' => $arrreplies,
		'Dates'	=>	$arrDates,
		'Tcategory' => T_CATEGORY,
        'Ttopic' => T_TOPIC,
        'Tauthor' => T_AUTHOR,
        'Treplies' => T_REPLIES,
        'Addtopic' => ADD_TOPIC,
        'Ttext' => T_TEXT,
        'Aback' => A_BACK,
        'Tocategories' => TO_CATEGORIES,
        'Asearch' => A_SEARCH,
        'Tword' => T_WORD,
        'Tsticky' => T_STICKY,
        'Newtopic' => $arrNewtopic));
}

/**
* View topic
*/
if (isset($_GET['topic']))
{
    if (!ereg("^[1-9][0-9]*$", $_GET['topic']))
    {
        error(ERROR);
    }
    if (isset($_GET['quote']))
    {
        if (!ereg("^[1-9][0-9]*$", $_GET['quote']))
        {
            error(ERROR);
        }
    }
    $topicinfo = $db -> Execute('SELECT * FROM `topics` WHERE `id`='.$_GET['topic']);
    if (!$topicinfo -> fields['id'])
    {
        error (NO_TOPIC);
    }
    /**
     * Check for permissions
     */
    if ($player -> rank != 'Admin')
    {
        $objPerm = $db -> Execute('SELECT `perm_visit` FROM `categories` WHERE `id`='.$topicinfo -> fields['cat_id']);
        if ($objPerm -> fields['perm_visit'] != 'All;')
        {
            $intPerm = strpos($objPerm -> fields['perm_visit'], $player -> rank);
            if ($intPerm === false)
            {
                error(NO_PERM);
            }
        }
        $objPerm -> Close();
    }
    $strStickyaction = ($topicinfo -> fields['sticky'] == 'N') ? ' (<a href="forums.php?sticky='.$topicinfo -> fields['id'].'&amp;action=Y">'.A_STICKY.'</a>)' : ' (<a href="forums.php?sticky='.$topicinfo -> fields['id'].'&amp;action=N">'.A_UNSTICKY.'</a>)';
    $smarty -> assign ('Action', ($player -> rank == 'Admin' || $player -> rank == 'Staff') ? ' (<a href="forums.php?kasuj1='.$topicinfo -> fields['id'].'">'.A_DELETE.'</a>)'.$strStickyaction : '' );

    $text1 = wordwrap($topicinfo -> fields['body'],45,"\n",1);
    $strReplytext = isset($_GET['quotet']) ? '[quote]'.$text1.'[/quote]' : R_TEXT;
    $reply = $db -> Execute('SELECT * FROM `replies` WHERE `topic_id`='.$topicinfo -> fields['id'].' ORDER BY `id` ASC');
    $arrstarter = array();
    $arrplayerid = array();
    $arrtext = array();
    $arraction = array();
    $arrRid = array();
	$arrDates = array ();

	/*
	   Extract category name.
	  */

	$objCatName = $db->Execute ('SELECT name FROM categories WHERE id=\''.$topicinfo->fields['cat_id'].'\'');
	$CatName = $objCatName->fields ['name'];


	//TODO:
	/*
	   Przejściowe, jak poznikają tematy z dodanymi w treści datami to się usunie. :)
	   */
	$topicinfo->fields['topic'] = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $topicinfo->fields['topic']);
	$TopicDate = FormatDate ($topicinfo->fields['w_time']);

    $i = 0;
    while (!$reply -> EOF)
    {
        $arrstarter[$i] = $reply -> fields['starter'];
        $arrplayerid[$i] = $reply -> fields['gracz'];
        $arraction[$i] = ($player -> rank == 'Admin' || $player -> rank == 'Staff') ? '(<a href="forums.php?kasuj='.$reply -> fields['id'].'">'.A_DELETE.'</a>)' : '';
        $text = wordwrap($reply -> fields['body'],45,"\n",1);

		//TODO: wywalić później, jw.
		$text = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $text);

        if (isset($_GET['quote']) && $_GET['quote'] == $reply -> fields['id'])
        {
            $strText = preg_replace("/[0-9][0-9]-[0-9][0-9]-[0-9][0-9]/", "", $reply -> fields['body']);
            $strText = str_replace("<b></b><br />", "", $strText);
            $strReplytext = '[quote]'.$strText.'[/quote]';
        }
        $arrtext[$i] = $text;
        $arrRid[$i] = $reply -> fields['id'];
		$arrDates[$i] = FormatDate ($reply->fields['w_time']);
        $reply -> MoveNext();
        $i = $i + 1;
    }
    $reply -> Close();
    $smarty -> assign(array('Topic2' => $topicinfo -> fields['topic'],
        'Starter' => $topicinfo -> fields['starter'],
        'Playerid' => $topicinfo -> fields['gracz'],
        'Category' => $topicinfo -> fields['cat_id'],
		'TopicDate'	=>	$TopicDate,
		'CategoryName'	=>	$CatName,
		'Tcategory'	=>	T_CATEGORY,
		'Tocategories'	=>	TO_CATEGORIES,
		'Totopics'	=>	TO_TOPICS,
		'or'	=>	A_OR,
		'Dates'	=>	$arrDates,
        'Ttext' => $text1,
        'Rstarter' => $arrstarter,
        'Rplayerid' => $arrplayerid,
        'Rtext' => $arrtext,
        'Action2' => $arraction,
        'Id' => $topicinfo -> fields['id'],
        'Rid' => $arrRid,
        'Writeby' => WRITE_BY,
        'Wid' => W_ID,
        'Areply' => A_REPLY,
        'Rtext2' => $strReplytext,
        'Aback' => A_BACK,
        'Aquote' => A_QUOTE,
        'Write' => WRITE));
    $topicinfo -> Close();
}

/**
* Add topic
*/
if (isset ($_GET['action']) && $_GET['action'] == 'addtopic')
{
    if (empty ($_POST['title2']) || empty ($_POST['body']))
    {
        error (EMPTY_FIELDS);
    }
    /**
     * Check for permissions
     */
    if ($player -> rank != 'Admin')
    {
        $objPerm = $db -> Execute('SELECT `perm_write` FROM `categories` WHERE `id`='.$_POST['catid']);
        if ($objPerm -> fields['perm_write'] != 'All;')
        {
            $intPerm = strpos($objPerm -> fields['perm_write'], $player -> rank);
            if ($intPerm === false)
            {
                error(NO_PERM2);
            }
        }
        $objPerm -> Close();
    }
    if (isset($_POST['sticky']))
    {
        if ($player -> rank != 'Admin' && $player -> rank != 'Staff')
        {
            error(NO_PERM3);
        }
        $strSticky = 'Y';
    }
        else
    {
        $strSticky = 'N';
    }
    $_POST['title2'] = strip_tags($_POST['title2']);
    require_once('includes/bbcode.php');
    $_POST['body'] = censorship($_POST['body']);
    $_POST['body'] = bbcodetohtml($_POST['body']);
    $_POST['title2'] = censorship($_POST['title2']);
    //$_POST['title2'] = '<b>'.$data.'</b> '.$_POST['title2']; !!!
    $strBody = $db -> qstr($_POST['body'], get_magic_quotes_gpc());
    $strTitle = $db -> qstr($_POST['title2'], get_magic_quotes_gpc());
    $db -> Execute('INSERT INTO `topics` (`topic`, `body`, `starter`, `gracz`, `cat_id`, `w_time`, `sticky`) VALUES('.$strTitle.', '.$strBody.', \''.$player -> user.'\', '.$player -> id.', '.$_POST['catid'].', '.(time()).', \''.$strSticky.'\')') or die('Could not add topic.');
    error (TOPIC_ADD.' <a href="forums.php?topics='.$_POST['catid'].'">'.TO_BACK);
}

/**
* Add reply
*/
if (isset($_GET['reply']))
{
    $query = $db -> Execute('SELECT `cat_id` FROM `topics` WHERE `id`='.$_GET['reply']);
    /**
     * Check for permissions
     */
    if ($player -> rank != 'Admin')
    {
        $objPerm = $db -> Execute('SELECT `perm_write` FROM `categories` WHERE `id`='.$query -> fields['cat_id']);
        if ($objPerm -> fields['perm_write'] != 'All;')
        {
            $intPerm = strpos($objPerm -> fields['perm_write'], $player -> rank);
            if ($intPerm === false)
            {
                error(NO_PERM2);
            }
        }
        $objPerm -> Close();
    }
    $exists = $query -> RecordCount();
    $intCatID = $query -> fields['cat_id'];
    $query -> Close();
    if ($exists <= 0)
    {
        error (NO_TOPIC);
    }
    if (empty ($_POST['rep']))
    {
        error (EMPTY_FIELDS);
    }
    require_once('includes/bbcode.php');
    $_POST['rep'] = censorship($_POST['rep']);
    $_POST['rep'] = bbcodetohtml($_POST['rep']);
    //$_POST['rep'] = '<b>'.$data.'</b><br />'.$_POST['rep']; !!! Tak!
    $strBody = $db -> qstr($_POST['rep'], get_magic_quotes_gpc());
    $db -> Execute('INSERT INTO `replies` (`starter`, `topic_id`, `body`, `gracz`, `w_time`) VALUES(\''.$player -> user.'\', '.$_GET['reply'].', '.$strBody.', '.$player -> id.', '.(time()).')');// or die('Could not add reply.');
    error (REPLY_ADD.' <a href="forums.php?topic='.$_GET['reply'].'">'.A_HERE.'</a> '.RETURN1.' <a href="forums.php?topics='.$intCatID.'">'.A_HERE.'</a> '.RETURN2);
}

/**
 * Sticky/Unsticky topics
 */
if (isset($_GET['sticky']))
{
    if ($player -> rank != 'Admin' && $player -> rank != 'Staff' || !ereg("^[1-9][0-9]*$", $_GET['sticky'] || $_GET['action'] != 'Y' && $_GET['action'] != 'N'))
    {
        error(ERROR);
    }
    $db -> Execute('UPDATE `topics` SET `sticky`=\''.$_GET['action'].'\' WHERE `id`='.$_GET['sticky']);
    error((($_GET['action'] == 'Y') ? YOU_STICKY : YOU_UNSTICKY).' <a href="forums.php?topic='.$_GET['sticky'].'">'.A_BACK.'</a>');
}

/**
* Delete post
*/
if (isset($_GET['kasuj']))
{
    if ($player -> rank != 'Admin' && $player -> rank != 'Staff')
    {
        error(ERROR);
    }
    if (!ereg("^[1-9][0-9]*$", $_GET['kasuj']))
    {
        error(ERROR);
    }
    $tid = $db -> Execute('SELECT `topic_id` FROM `replies` WHERE `id`='.$_GET['kasuj']);
    $db -> Execute('DELETE FROM `replies` WHERE `id`='.$_GET['kasuj']);
    error (POST_DEL.' <a href="forums.php?topic='.$tid -> fields['topic_id'].'">'.A_BACK.'</a>');
}

/**
* Delete topic
*/
if (isset($_GET['kasuj1']))
{
    if ($player -> rank != 'Admin' && $player -> rank != 'Staff')
    {
        error(ERROR);
    }
    if (!ereg("^[1-9][0-9]*$", $_GET['kasuj1']))
    {
        error(ERROR);
    }
    $cid = $db -> Execute('SELECT `cat_id` FROM `topics` WHERE `id`='.$_GET['kasuj1']);
    $db -> Execute('DELETE FROM `replies` WHERE `topic_id`='.$_GET['kasuj1']);
    $db -> Execute('DELETE FROM `topics` WHERE `id`='.$_GET['kasuj1']);
    error (TOPIC_DEL.' <a href="forums.php?topics='.$cid -> fields['cat_id'].'">'.A_BACK.'</a>');
}

/**
* Search words
*/
if (isset($_GET['action']) && $_GET['action'] == 'search')
{
    if (empty($_POST['search']))
    {
        error(EMPTY_FIELDS);
    }
    if (!ereg("^[1-9][0-9]*$", $_POST['catid']))
    {
        error(ERROR);
    }
    $strSearch = strip_tags($_POST['search']);

    /**
    * Search string in topics
    */
    $objResult = $db -> Execute('SELECT `id` FROM `topics` WHERE `cat_id`='.$_POST['catid'].' AND `topic` LIKE \'%'.$strSearch.'%\' OR `body` LIKE \'%'.$strSearch.'%\'');
    $arrResult = array();
    $i = 0;
    while (!$objResult -> EOF)
    {
        $arrResult[$i] = $objResult -> fields['id'];
        $i = $i + 1;
        $objResult -> MoveNext();
    }
    $objResult -> Close();

    /**
    * Search string in replies
    */
    $objTopics = $db -> Execute('SELECT `id` FROM `topics` WHERE `cat_id`='.$_POST['catid']);
    $intTest = 0;
    while (!$objTopics -> EOF)
    {
        $objResult2 = $db -> Execute('SELECT `topic_id` FROM `replies` WHERE `topic_id`='.$objTopics -> fields['id'].' AND body LIKE \'%'.$strSearch.'%\'');
        foreach ($arrResult as $intResult)
        {
            if ($intResult == $objResult2 -> fields['topic_id'])
            {
                $intTest = 1;
                break;
            }
        }
        if (!$intTest && $objResult2 -> fields['topic_id'])
        {
            $arrResult[$i] = $objResult2 -> fields['topic_id'];
            $i = $i + 1;
            $intTest = 0;
        }
        $objResult2 -> Close();
        $objTopics -> MoveNext();
    }
    $objTopics -> Close();

    /**
    * Display search result
    */
    $arrTopic = array();
    $arrId = array();
    $i = 0;
    foreach ($arrResult as $intResult)
    {
        $objTopic = $db -> Execute('SELECT `id`, `topic`, `cat_id` FROM `topics` WHERE `id`='.$intResult);
        $objPerm = $db -> Execute('SELECT `perm_visit` FROM `categories` WHERE `id`='.$objTopic -> fields['cat_id']);
        if ($objPerm -> fields['perm_visit'] != 'All;' && $player -> rank != 'Admin')
        {
            $intPerm = strpos($objPerm -> fields['perm_visit'], $player -> rank);
            if ($intPerm === false)
            {
                continue;
            }
        }
        $objPerm -> Close();
        $arrTopic[$i] = $objTopic -> fields['topic'];
        $arrId[$i] = $objTopic -> fields['id'];
        $i = $i + 1;
        $objTopic -> Close();
    }
    $smarty -> assign(array('Category' => $_POST['catid'],
        'Aback' => A_BACK,
        'Amount' => $i,
        'Ttopic' => $arrTopic,
        'Tid' => $arrId,
        'Nosearch' => NO_SEARCH,
        'Youfind' => YOU_FIND));
}

/**
* Initialization of variables
*/
if (!isset($_GET['topics']))
{
    $_GET['topics'] = '';
}

if (!isset($_GET['topic']))
{
    $_GET['topic'] = '';
}

if (!isset($_GET['view']))
{
    $_GET['view'] = '';
}

if (!isset($_GET['action']))
{
    $_GET['action'] = '';
}

/**
* Assign variables to template and display page
*/
$smarty -> assign(array('View' => $_GET['view'],
    'Topics' => $_GET['topics'],
    'Topic' => $_GET['topic'],
    'Action3' => $_GET['action'],
    'Rank' => $player -> rank));
$smarty -> display ('forums.tpl');

require_once("includes/foot.php");
?>

1	<?php
2	/**
3	* File functions:
4	* Forums in game
5	*
6	* @name : forums.php
7	* @copyright : (C) 2004,2005,2006 Vallheru Team based on Gamers-Fusion ver 2.5
8	* @author : thindil <thindil@users.sourceforge.net>
9	* @author : mori <ziniquel@users.sourceforge.net>
10	* @author : eyescream <tduda@users.sourceforge.net>
11	* @author : Erechail <kuba.stasiak at gmail.com>
12	* @version : 1.4a
13	* @since : 17.07.2007
14	*
15	*/
16
17	//
18	//
19	// This program is free software; you can redistribute it and/or modify
20	// it under the terms of the GNU General Public License as published by
21	// the Free Software Foundation; either version 2 of the License, or
22	// (at your option) any later version.
23	//
24	// This program is distributed in the hope that it will be useful,
25	// but WITHOUT ANY WARRANTY; without even the implied warranty of
26	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27	// GNU General Public License for more details.
28	//
29	// You should have received a copy of the GNU General Public License
30	// along with this program; if not, write to the Free Software
31	// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
32	//
33	// $Id$
34
35	$title = 'Forum';
36	require_once('includes/head.php');
37
38	function FormatDate ($milis)
39	{
40	return Date ("y/m/d H:i:s", $milis);
41	}
42
43	/**
44	* Get the localization for game
45	*/
46	require_once('languages/'.$player -> lang.'/forums.php');
47
48	/**
49	* Category list
50	*/
51	if (isset ($_GET['view']) && $_GET['view'] == 'categories')
52	{
53	if (isset($_GET['sweep']) && ereg('^[1-9][0-9]*$', $_GET['sweep']))
54	{
55	if (!isset($_GET['step']))
56	{
57	$smarty -> assign(array('Sweep' => $_GET['sweep'],
58	'Fquestion' => YOU_SURE,
59	'Ayes' => A_YES));
60	}
61	else
62	if ($player-> rank =='Admin' \|\| $player -> rank == 'Staff')
63	{
64	$objTest = $db -> Execute('SELECT `id`,`perm_write` FROM `categories` WHERE `id`='.$_GET['sweep']);
65	if (strpos($objTest -> fields['perm_write'], 'All') === false && strpos($objTest -> fields['perm_write'], 'Staff') === false && $player -> rank != 'Admin')
66	{
67	error(NO_PERM);
68	}
69	else
70	{
71	$objTopics = $db -> Execute('SELECT `id` FROM `topics` WHERE `cat_id`='.$_GET['sweep'].' AND `sticky`=\'N\'');
72	while (!$objTopics -> EOF)
73	{
74	$db -> Execute('DELETE FROM `replies` WHERE `topic_id`='.$objTopics -> fields['id']);
75	$objTopics -> MoveNext();
76	}
77	$db -> Execute('DELETE FROM `topics` WHERE `cat_id`='.$_GET['sweep'].' AND `sticky`=\'N\'');
78	$smarty -> assign ('Message',YOU_SWEEPED);
79	$smarty -> display('error1.tpl');
80	}
81	$objTest -> Close();
82	}
83	}
84	/**
85	* Display categories viewable for all
86	*/
87	$cat = $db -> Execute('SELECT `id`, `name`, `desc` FROM `categories` WHERE `perm_visit` LIKE \'All;\' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
88	$arrid = array();
89	$arrname = array();
90	$arrtopics = array();
91	$arrdesc = array();
92	$i = 0;
93	while (!$cat -> EOF)
94	{
95	$query = $db -> Execute('SELECT count(*) FROM `topics` WHERE `cat_id`='.$cat -> fields['id']);
96	$arrtopics[$i] = $query -> fields['count(*)'];
97	$query -> Close();
98	$arrid[$i] = $cat -> fields['id'];
99	$arrname[$i] = $cat -> fields['name'];
100	$arrdesc[$i] = $cat -> fields['desc'];
101	$cat -> MoveNext();
102	$i ++;
103	}
104	$cat -> Close();
105	/**
106	* Display categories with permission to view
107	*/
108	$strPermission = ($player -> rank == 'Admin') ? '%' : $player -> rank;
109	$cat = $db -> Execute('SELECT `id`, `name`, `desc` FROM categories WHERE `perm_visit` LIKE \'%'.$strPermission.'%\' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
110	while (!$cat -> EOF)
111	{
112	if (in_array($cat -> fields['id'], $arrid))
113	{
114	$cat -> MoveNext();
115	continue;
116	}
117	$query = $db -> Execute('SELECT count(*) FROM `topics` WHERE `cat_id`='.$cat -> fields['id']);
118	$arrtopics[$i] = $query -> fields['count(*)'];
119	$query -> Close();
120	$arrid[$i] = $cat -> fields['id'];
121	$arrname[$i] = $cat -> fields['name'];
122	$arrdesc[$i] = $cat -> fields['desc'];
123	$cat -> MoveNext();
124	$i ++;
125	}
126	$cat -> Close();
127	$smarty -> assign(array('Id' => $arrid,
128	'Name' => $arrname,
129	'Topics1' => $arrtopics,
130	'Description' => $arrdesc,
131	'Tcategory' => T_CATEGORY,
132	'Ttopics' => T_TOPICS,
133	'ASweep' => A_SWEEP));
134	}
135
136	/**
137	* Topic list
138	*/
139	if (isset($_GET['topics']))
140	{
141	if (!ereg("^[1-9][0-9]*$", $_GET['topics']))
142	{
143	error(ERROR);
144	}
145	/**
146	* Check for permissions
147	*/
148	if ($player -> rank != 'Admin')
149	{
150	$objPerm = $db -> Execute('SELECT `perm_visit` FROM `categories` WHERE id='.$_GET['topics']);
151	if ($objPerm -> fields['perm_visit'] != 'All;')
152	{
153	$intPerm = strpos($objPerm -> fields['perm_visit'], $player -> rank);
154	if ($intPerm === false)
155	{
156	error(NO_PERM);
157	}
158	}
159	$objPerm -> Close();
160	}
161
162	/*
163	Extract category name
164	*/
165
166	$objCatName = $db->Execute ('SELECT name FROM categories WHERE id=\''.$_GET['topics'].'\'');
167	$CatName = $objCatName->fields ['name'];
168
169	/**
170	* Show new topic and replies on forums
171	*/
172	if (!isset($_SESSION['forums']))
173	{
174	$objLasttime = $db -> Execute('SELECT `forum_time` FROM `players` WHERE `id`='.$player -> id);
175	$_SESSION['forums'] = $objLasttime -> fields['forum_time'];
176	$objLasttime -> Close();
177	$db -> Execute('UPDATE `players` SET `forum_time`='.(time()).' WHERE id='.$player -> id);
178	}
179
180	/**
181	* Select sticky threads
182	*/
183	$topic = $db -> Execute('SELECT `w_time`, `id`, `topic`, `starter`, `gracz` FROM `topics` WHERE `sticky`=\'Y\' AND `cat_id`='.$_GET['topics'].' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
184	$arrid = array();
185	$arrtopic = array();
186	$arrstarter = array();
187	$arrStarterID = array ();
188	$arrreplies = array();
189	$arrNewtopic = array();
190	$arrDates = array ();
191	$i = 0;
192	while (!$topic -> EOF)
193	{
194	$arrNewtopic[$i] = ($topic -> fields['w_time'] > $_SESSION['forums']) ? 'Y' : 'N';
195	$query = $db -> Execute('SELECT `w_time` FROM `replies` WHERE `topic_id`='.$topic -> fields['id']);
196	if ($arrNewtopic[$i] == 'N')
197	{
198	while (!$query -> EOF)
199	{
200	if ($query -> fields['w_time'] > $_SESSION['forums'])
201	{
202	$arrNewtopic[$i] = 'Y';
203	break;
204	}
205	$query -> MoveNext();
206	}
207	}
208	$replies = $query -> RecordCount();
209	$query -> Close();
210	$arrid[$i] = $topic -> fields['id'];
211	$arrtopic[$i] = "<b>".$topic -> fields['topic']."</b>";
212	//$arrtopic[$i] = $topic->fields['topic'];
213
214	//TODO:
215	/*
216	Przejściowe, jak poznikają tematy z dodanymi w treści datami to się usunie. :)
217	*/
218	$arrtopic[$i] = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $arrtopic[$i]);
219	//end TODO
220
221
222	$arrDates[$i] = FormatDate ($topic->fields['w_time']);
223
224	$arrstarter[$i] = $topic -> fields['starter'];
225	$arrStarterID[$i] = $topic->fields['gracz'];
226	$arrreplies[$i] = $replies;
227	$topic -> MoveNext();
228	$i = $i + 1;
229	}
230	$topic -> Close();
231
232	/**
233	* Select normal threads
234	*/
235	$topic = $db -> Execute('SELECT `w_time`, `id`, `topic`, `starter`, `gracz` FROM `topics` WHERE `sticky`=\'N\' AND `cat_id`='.$_GET['topics'].' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
236	while (!$topic -> EOF)
237	{
238	$arrNewtopic[$i] = ($topic -> fields['w_time'] > $_SESSION['forums']) ? 'Y' : 'N';
239	$query = $db -> Execute('SELECT `w_time` FROM `replies` WHERE `topic_id`='.$topic -> fields['id']);
240	if ($arrNewtopic[$i] == 'N')
241	{
242	while (!$query -> EOF)
243	{
244	if ($query -> fields['w_time'] > $_SESSION['forums'])
245	{
246	$arrNewtopic[$i] = 'Y';
247	break;
248	}
249	$query -> MoveNext();
250	}
251	}
252	$replies = $query -> RecordCount();
253	$query -> Close();
254	$arrid[$i] = $topic -> fields['id'];
255	$arrtopic[$i] = $topic -> fields['topic'];
256
257	//TODO:
258	/*
259	Przejściowe, jak poznikają tematy z dodanymi w treści datami to się usunie. :)
260	*/
261	$arrtopic[$i] = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $arrtopic[$i]);
262
263	$arrDates[$i] = FormatDate ($topic->fields['w_time']);
264
265
266	$arrstarter[$i] = $topic -> fields['starter'];
267	$arrStarterID[$i] = $topic->fields['gracz'];
268	$arrreplies[$i] = $replies;
269	$topic -> MoveNext();
270	$i = $i + 1;
271	}
272	$topic -> Close();
273	$smarty -> assign(array('Category' => $_GET['topics'],
274	'CategoryName' => $CatName,
275	'Id' => $arrid,
276	'Topic1' => $arrtopic,
277	'Starter1' => $arrstarter,
278	'StarterID' => $arrStarterID,
279	'Replies1' => $arrreplies,
280	'Dates' => $arrDates,
281	'Tcategory' => T_CATEGORY,
282	'Ttopic' => T_TOPIC,
283	'Tauthor' => T_AUTHOR,
284	'Treplies' => T_REPLIES,
285	'Addtopic' => ADD_TOPIC,
286	'Ttext' => T_TEXT,
287	'Aback' => A_BACK,
288	'Tocategories' => TO_CATEGORIES,
289	'Asearch' => A_SEARCH,
290	'Tword' => T_WORD,
291	'Tsticky' => T_STICKY,
292	'Newtopic' => $arrNewtopic));
293	}
294
295	/**
296	* View topic
297	*/
298	if (isset($_GET['topic']))
299	{
300	if (!ereg("^[1-9][0-9]*$", $_GET['topic']))
301	{
302	error(ERROR);
303	}
304	if (isset($_GET['quote']))
305	{
306	if (!ereg("^[1-9][0-9]*$", $_GET['quote']))
307	{
308	error(ERROR);
309	}
310	}
311	$topicinfo = $db -> Execute('SELECT * FROM `topics` WHERE `id`='.$_GET['topic']);
312	if (!$topicinfo -> fields['id'])
313	{
314	error (NO_TOPIC);
315	}
316	/**
317	* Check for permissions
318	*/
319	if ($player -> rank != 'Admin')
320	{
321	$objPerm = $db -> Execute('SELECT `perm_visit` FROM `categories` WHERE `id`='.$topicinfo -> fields['cat_id']);
322	if ($objPerm -> fields['perm_visit'] != 'All;')
323	{
324	$intPerm = strpos($objPerm -> fields['perm_visit'], $player -> rank);
325	if ($intPerm === false)
326	{
327	error(NO_PERM);
328	}
329	}
330	$objPerm -> Close();
331	}
332	$strStickyaction = ($topicinfo -> fields['sticky'] == 'N') ? ' (<a href="forums.php?sticky='.$topicinfo -> fields['id'].'&action=Y">'.A_STICKY.'</a>)' : ' (<a href="forums.php?sticky='.$topicinfo -> fields['id'].'&action=N">'.A_UNSTICKY.'</a>)';
333	$smarty -> assign ('Action', ($player -> rank == 'Admin' \|\| $player -> rank == 'Staff') ? ' (<a href="forums.php?kasuj1='.$topicinfo -> fields['id'].'">'.A_DELETE.'</a>)'.$strStickyaction : '' );
334
335	$text1 = wordwrap($topicinfo -> fields['body'],45,"\n",1);
336	$strReplytext = isset($_GET['quotet']) ? '[quote]'.$text1.'[/quote]' : R_TEXT;
337	$reply = $db -> Execute('SELECT * FROM `replies` WHERE `topic_id`='.$topicinfo -> fields['id'].' ORDER BY `id` ASC');
338	$arrstarter = array();
339	$arrplayerid = array();
340	$arrtext = array();
341	$arraction = array();
342	$arrRid = array();
343	$arrDates = array ();
344
345	/*
346	Extract category name.
347	*/
348
349	$objCatName = $db->Execute ('SELECT name FROM categories WHERE id=\''.$topicinfo->fields['cat_id'].'\'');
350	$CatName = $objCatName->fields ['name'];
351
352
353	//TODO:
354	/*
355	Przejściowe, jak poznikają tematy z dodanymi w treści datami to się usunie. :)
356	*/
357	$topicinfo->fields['topic'] = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $topicinfo->fields['topic']);
358	$TopicDate = FormatDate ($topicinfo->fields['w_time']);
359
360	$i = 0;
361	while (!$reply -> EOF)
362	{
363	$arrstarter[$i] = $reply -> fields['starter'];
364	$arrplayerid[$i] = $reply -> fields['gracz'];
365	$arraction[$i] = ($player -> rank == 'Admin' \|\| $player -> rank == 'Staff') ? '(<a href="forums.php?kasuj='.$reply -> fields['id'].'">'.A_DELETE.'</a>)' : '';
366	$text = wordwrap($reply -> fields['body'],45,"\n",1);
367
368	//TODO: wywalić później, jw.
369	$text = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $text);
370
371	if (isset($_GET['quote']) && $_GET['quote'] == $reply -> fields['id'])
372	{
373	$strText = preg_replace("/[0-9][0-9]-[0-9][0-9]-[0-9][0-9]/", "", $reply -> fields['body']);
374	$strText = str_replace("<b></b><br />", "", $strText);
375	$strReplytext = '[quote]'.$strText.'[/quote]';
376	}
377	$arrtext[$i] = $text;
378	$arrRid[$i] = $reply -> fields['id'];
379	$arrDates[$i] = FormatDate ($reply->fields['w_time']);
380	$reply -> MoveNext();
381	$i = $i + 1;
382	}
383	$reply -> Close();
384	$smarty -> assign(array('Topic2' => $topicinfo -> fields['topic'],
385	'Starter' => $topicinfo -> fields['starter'],
386	'Playerid' => $topicinfo -> fields['gracz'],
387	'Category' => $topicinfo -> fields['cat_id'],
388	'TopicDate' => $TopicDate,
389	'CategoryName' => $CatName,
390	'Tcategory' => T_CATEGORY,
391	'Tocategories' => TO_CATEGORIES,
392	'Totopics' => TO_TOPICS,
393	'or' => A_OR,
394	'Dates' => $arrDates,
395	'Ttext' => $text1,
396	'Rstarter' => $arrstarter,
397	'Rplayerid' => $arrplayerid,
398	'Rtext' => $arrtext,
399	'Action2' => $arraction,
400	'Id' => $topicinfo -> fields['id'],
401	'Rid' => $arrRid,
402	'Writeby' => WRITE_BY,
403	'Wid' => W_ID,
404	'Areply' => A_REPLY,
405	'Rtext2' => $strReplytext,
406	'Aback' => A_BACK,
407	'Aquote' => A_QUOTE,
408	'Write' => WRITE));
409	$topicinfo -> Close();
410	}
411
412	/**
413	* Add topic
414	*/
415	if (isset ($_GET['action']) && $_GET['action'] == 'addtopic')
416	{
417	if (empty ($_POST['title2']) \|\| empty ($_POST['body']))
418	{
419	error (EMPTY_FIELDS);
420	}
421	/**
422	* Check for permissions
423	*/
424	if ($player -> rank != 'Admin')
425	{
426	$objPerm = $db -> Execute('SELECT `perm_write` FROM `categories` WHERE `id`='.$_POST['catid']);
427	if ($objPerm -> fields['perm_write'] != 'All;')
428	{
429	$intPerm = strpos($objPerm -> fields['perm_write'], $player -> rank);
430	if ($intPerm === false)
431	{
432	error(NO_PERM2);
433	}
434	}
435	$objPerm -> Close();
436	}
437	if (isset($_POST['sticky']))
438	{
439	if ($player -> rank != 'Admin' && $player -> rank != 'Staff')
440	{
441	error(NO_PERM3);
442	}
443	$strSticky = 'Y';
444	}
445	else
446	{
447	$strSticky = 'N';
448	}
449	$_POST['title2'] = strip_tags($_POST['title2']);
450	require_once('includes/bbcode.php');
451	$_POST['body'] = censorship($_POST['body']);
452	$_POST['body'] = bbcodetohtml($_POST['body']);
453	$_POST['title2'] = censorship($_POST['title2']);
454	//$_POST['title2'] = '<b>'.$data.'</b> '.$_POST['title2']; !!!
455	$strBody = $db -> qstr($_POST['body'], get_magic_quotes_gpc());
456	$strTitle = $db -> qstr($_POST['title2'], get_magic_quotes_gpc());
457	$db -> Execute('INSERT INTO `topics` (`topic`, `body`, `starter`, `gracz`, `cat_id`, `w_time`, `sticky`) VALUES('.$strTitle.', '.$strBody.', \''.$player -> user.'\', '.$player -> id.', '.$_POST['catid'].', '.(time()).', \''.$strSticky.'\')') or die('Could not add topic.');
458	error (TOPIC_ADD.' <a href="forums.php?topics='.$_POST['catid'].'">'.TO_BACK);
459	}
460
461	/**
462	* Add reply
463	*/
464	if (isset($_GET['reply']))
465	{
466	$query = $db -> Execute('SELECT `cat_id` FROM `topics` WHERE `id`='.$_GET['reply']);
467	/**
468	* Check for permissions
469	*/
470	if ($player -> rank != 'Admin')
471	{
472	$objPerm = $db -> Execute('SELECT `perm_write` FROM `categories` WHERE `id`='.$query -> fields['cat_id']);
473	if ($objPerm -> fields['perm_write'] != 'All;')
474	{
475	$intPerm = strpos($objPerm -> fields['perm_write'], $player -> rank);
476	if ($intPerm === false)
477	{
478	error(NO_PERM2);
479	}
480	}
481	$objPerm -> Close();
482	}
483	$exists = $query -> RecordCount();
484	$intCatID = $query -> fields['cat_id'];
485	$query -> Close();
486	if ($exists <= 0)
487	{
488	error (NO_TOPIC);
489	}
490	if (empty ($_POST['rep']))
491	{
492	error (EMPTY_FIELDS);
493	}
494	require_once('includes/bbcode.php');
495	$_POST['rep'] = censorship($_POST['rep']);
496	$_POST['rep'] = bbcodetohtml($_POST['rep']);
497	//$_POST['rep'] = '<b>'.$data.'</b><br />'.$_POST['rep']; !!! Tak!
498	$strBody = $db -> qstr($_POST['rep'], get_magic_quotes_gpc());
499	$db -> Execute('INSERT INTO `replies` (`starter`, `topic_id`, `body`, `gracz`, `w_time`) VALUES(\''.$player -> user.'\', '.$_GET['reply'].', '.$strBody.', '.$player -> id.', '.(time()).')');// or die('Could not add reply.');
500	error (REPLY_ADD.' <a href="forums.php?topic='.$_GET['reply'].'">'.A_HERE.'</a> '.RETURN1.' <a href="forums.php?topics='.$intCatID.'">'.A_HERE.'</a> '.RETURN2);
501	}
502
503	/**
504	* Sticky/Unsticky topics
505	*/
506	if (isset($_GET['sticky']))
507	{
508	if ($player -> rank != 'Admin' && $player -> rank != 'Staff' \|\| !ereg("^[1-9][0-9]*$", $_GET['sticky'] \|\| $_GET['action'] != 'Y' && $_GET['action'] != 'N'))
509	{
510	error(ERROR);
511	}
512	$db -> Execute('UPDATE `topics` SET `sticky`=\''.$_GET['action'].'\' WHERE `id`='.$_GET['sticky']);
513	error((($_GET['action'] == 'Y') ? YOU_STICKY : YOU_UNSTICKY).' <a href="forums.php?topic='.$_GET['sticky'].'">'.A_BACK.'</a>');
514	}
515
516	/**
517	* Delete post
518	*/
519	if (isset($_GET['kasuj']))
520	{
521	if ($player -> rank != 'Admin' && $player -> rank != 'Staff')
522	{
523	error(ERROR);
524	}
525	if (!ereg("^[1-9][0-9]*$", $_GET['kasuj']))
526	{
527	error(ERROR);
528	}
529	$tid = $db -> Execute('SELECT `topic_id` FROM `replies` WHERE `id`='.$_GET['kasuj']);
530	$db -> Execute('DELETE FROM `replies` WHERE `id`='.$_GET['kasuj']);
531	error (POST_DEL.' <a href="forums.php?topic='.$tid -> fields['topic_id'].'">'.A_BACK.'</a>');
532	}
533
534	/**
535	* Delete topic
536	*/
537	if (isset($_GET['kasuj1']))
538	{
539	if ($player -> rank != 'Admin' && $player -> rank != 'Staff')
540	{
541	error(ERROR);
542	}
543	if (!ereg("^[1-9][0-9]*$", $_GET['kasuj1']))
544	{
545	error(ERROR);
546	}
547	$cid = $db -> Execute('SELECT `cat_id` FROM `topics` WHERE `id`='.$_GET['kasuj1']);
548	$db -> Execute('DELETE FROM `replies` WHERE `topic_id`='.$_GET['kasuj1']);
549	$db -> Execute('DELETE FROM `topics` WHERE `id`='.$_GET['kasuj1']);
550	error (TOPIC_DEL.' <a href="forums.php?topics='.$cid -> fields['cat_id'].'">'.A_BACK.'</a>');
551	}
552
553	/**
554	* Search words
555	*/
556	if (isset($_GET['action']) && $_GET['action'] == 'search')
557	{
558	if (empty($_POST['search']))
559	{
560	error(EMPTY_FIELDS);
561	}
562	if (!ereg("^[1-9][0-9]*$", $_POST['catid']))
563	{
564	error(ERROR);
565	}
566	$strSearch = strip_tags($_POST['search']);
567
568	/**
569	* Search string in topics
570	*/
571	$objResult = $db -> Execute('SELECT `id` FROM `topics` WHERE `cat_id`='.$_POST['catid'].' AND `topic` LIKE \'%'.$strSearch.'%\' OR `body` LIKE \'%'.$strSearch.'%\'');
572	$arrResult = array();
573	$i = 0;
574	while (!$objResult -> EOF)
575	{
576	$arrResult[$i] = $objResult -> fields['id'];
577	$i = $i + 1;
578	$objResult -> MoveNext();
579	}
580	$objResult -> Close();
581
582	/**
583	* Search string in replies
584	*/
585	$objTopics = $db -> Execute('SELECT `id` FROM `topics` WHERE `cat_id`='.$_POST['catid']);
586	$intTest = 0;
587	while (!$objTopics -> EOF)
588	{
589	$objResult2 = $db -> Execute('SELECT `topic_id` FROM `replies` WHERE `topic_id`='.$objTopics -> fields['id'].' AND body LIKE \'%'.$strSearch.'%\'');
590	foreach ($arrResult as $intResult)
591	{
592	if ($intResult == $objResult2 -> fields['topic_id'])
593	{
594	$intTest = 1;
595	break;
596	}
597	}
598	if (!$intTest && $objResult2 -> fields['topic_id'])
599	{
600	$arrResult[$i] = $objResult2 -> fields['topic_id'];
601	$i = $i + 1;
602	$intTest = 0;
603	}
604	$objResult2 -> Close();
605	$objTopics -> MoveNext();
606	}
607	$objTopics -> Close();
608
609	/**
610	* Display search result
611	*/
612	$arrTopic = array();
613	$arrId = array();
614	$i = 0;
615	foreach ($arrResult as $intResult)
616	{
617	$objTopic = $db -> Execute('SELECT `id`, `topic`, `cat_id` FROM `topics` WHERE `id`='.$intResult);
618	$objPerm = $db -> Execute('SELECT `perm_visit` FROM `categories` WHERE `id`='.$objTopic -> fields['cat_id']);
619	if ($objPerm -> fields['perm_visit'] != 'All;' && $player -> rank != 'Admin')
620	{
621	$intPerm = strpos($objPerm -> fields['perm_visit'], $player -> rank);
622	if ($intPerm === false)
623	{
624	continue;
625	}
626	}
627	$objPerm -> Close();
628	$arrTopic[$i] = $objTopic -> fields['topic'];
629	$arrId[$i] = $objTopic -> fields['id'];
630	$i = $i + 1;
631	$objTopic -> Close();
632	}
633	$smarty -> assign(array('Category' => $_POST['catid'],
634	'Aback' => A_BACK,
635	'Amount' => $i,
636	'Ttopic' => $arrTopic,
637	'Tid' => $arrId,
638	'Nosearch' => NO_SEARCH,
639	'Youfind' => YOU_FIND));
640	}
641
642	/**
643	* Initialization of variables
644	*/
645	if (!isset($_GET['topics']))
646	{
647	$_GET['topics'] = '';
648	}
649
650	if (!isset($_GET['topic']))
651	{
652	$_GET['topic'] = '';
653	}
654
655	if (!isset($_GET['view']))
656	{
657	$_GET['view'] = '';
658	}
659
660	if (!isset($_GET['action']))
661	{
662	$_GET['action'] = '';
663	}
664
665	/**
666	* Assign variables to template and display page
667	*/
668	$smarty -> assign(array('View' => $_GET['view'],
669	'Topics' => $_GET['topics'],
670	'Topic' => $_GET['topic'],
671	'Action3' => $_GET['action'],
672	'Rank' => $player -> rank));
673	$smarty -> display ('forums.tpl');
674
675	require_once("includes/foot.php");
676	?>

Gitorious