tforums.php - orodlin-1-pub in Orodlin v.1

<?php
/**
 *   File functions:
 *   Clans forums
 *
 *   @name                 : tforums.php                            
 *   @copyright            : (C) 2004,2005,2006 Vallheru Team based on Gamers-Fusion ver 2.5
 *   @author               : thindil <thindil@users.sourceforge.net>
 *   @version              : 1.3
 *   @since                : 16.10.2006
 *
 */

//
//
//       This program is free software; you can redistribute it and/or modify
//   it under the terms of the GNU General Public License as published by
//   the Free Software Foundation; either version 2 of the License, or
//   (at your option) any later version.
//
//   This program is distributed in the hope that it will be useful,
//   but WITHOUT ANY WARRANTY; without even the implied warranty of
//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//   GNU General Public License for more details.
//
//   You should have received a copy of the GNU General Public License
//   along with this program; if not, write to the Free Software
//   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
//
// $Id: tforums.php 727 2006-10-16 15:48:33Z thindil $

$title = 'Forum klanu';
require_once('includes/head.php');

/**
* Get the localization for game
*/
require_once('languages/'.$player -> lang.'/tforums.php');

if ($player -> tribe == 0) 
{
    error (ERROR);
}

/**
* The topics list
*/
if (isset ($_GET['view']) && $_GET['view'] == 'topics') 
{
    $klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
    $perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND `player`='.$player -> id);
    $smarty -> assign( 'Sticky', ($player -> id == $klan -> fields['owner'] || $perm -> fields['forum']) ?  '<input type="checkbox" name="sticky" />'.T_STICKY.'<br />' : '');
    $perm -> Close();
    $klan -> Close();

    /**
    * Show new topic and replies on forums
    */
    if (!isset($_SESSION['tforums']))
    {
        $objLasttime = $db -> Execute('SELECT `tforum_time` FROM `players` WHERE id='.$player -> id);
        $_SESSION['tforums'] = $objLasttime -> fields['tforum_time'];
        $objLasttime -> Close();
        $db -> Execute('UPDATE `players` SET `tforum_time`='.(time()).' WHERE `id`='.$player -> id);
    }
    
    /**
     * Show sticky threads
     */
    $topic = $db -> Execute('SELECT * FROM `tribe_topics` WHERE `tribe`='.$player -> tribe.' AND `sticky`=\'Y\' ORDER BY `id` ASC');
    $arrid = array();
    $arrrep = array();
    $arrtopic = array();
    $arrstarter = array();
    $arrNewtopic = array();
    $i = 0;
    while (!$topic -> EOF) 
    {
        $arrid[$i] = $topic -> fields['id'];
        $arrNewtopic[$i] = ($topic -> fields['w_time'] > $_SESSION['tforums']) ? 'Y' : 'N';
        $query = $db -> Execute('SELECT `w_time` FROM `tribe_replies` WHERE `topic_id`='.$topic -> fields['id']);
        if ($arrNewtopic[$i] == 'N')
        {
            while (!$query -> EOF)
            {
                if ($query -> fields['w_time'] > $_SESSION['tforums'])
                {
                    $arrNewtopic[$i] = 'Y';
                    break;
                }
                $query -> MoveNext();
            }
        }
        $arrrep[$i] = $query -> RecordCount();
        $query -> Close();
        $arrtopic[$i] = '<b>'.$topic -> fields['topic'].'</b>';
        $arrstarter[$i] = $topic -> fields['starter'];
        $topic -> MoveNext();
        $i++;
    }
    $topic -> Close();
    
    $topic = $db -> Execute('SELECT * FROM `tribe_topics` WHERE `tribe`='.$player -> tribe.' AND `sticky`=\'N\' ORDER BY id ASC');
    while (!$topic -> EOF) 
    {
        $arrid[$i] = $topic -> fields['id'];
        $arrNewtopic[$i] = ($topic -> fields['w_time'] > $_SESSION['tforums']) ? 'Y' : 'N';
        $query = $db -> Execute('SELECT `w_time` FROM `tribe_replies` WHERE `topic_id`='.$topic -> fields['id']);
        if ($arrNewtopic[$i] == 'N')
        {
            while (!$query -> EOF)
            {
                if ($query -> fields['w_time'] > $_SESSION['tforums'])
                {
                    $arrNewtopic[$i] = 'Y';
                    break;
                }
                $query -> MoveNext();
            }
        }
        $arrrep[$i] = $query -> RecordCount();
        $query -> Close();
        $arrtopic[$i] = $topic -> fields['topic'];
        $arrstarter[$i] = $topic -> fields['starter'];
        $topic -> MoveNext();
        $i++;
    }
    $topic -> Close();
    $smarty -> assign(array('Topicid' => $arrid, 
        'Topic' => $arrtopic, 
        'Replies' => $arrrep, 
        'Starter' => $arrstarter,
        'Ttopic' => T_TOPIC,
        'Tauthor' => T_AUTHOR,
        'Treplies' => T_REPLIES,
        'Addtopic' => ADD_TOPIC,
        'Ttext' => T_TEXT,
        'Asearch' => A_SEARCH,
        'Tword' => T_WORD,
        'Newtopic' => $arrNewtopic));
}

/**
* View topic
*/
if (isset($_GET['topic'])) 
{
    if (!ereg("^[1-9][0-9]*$", $_GET['topic'])) 
    {
        error (ERROR);
    }
    $klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
    $topicinfo = $db -> Execute('SELECT * FROM `tribe_topics` WHERE `id`='.$_GET['topic'].' AND tribe='.$player -> tribe);
    $perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND player='.$player -> id);
    if (!$topicinfo -> fields['id']) 
    {
        error (NO_TOPIC);
    }
    if (isset($_GET['quote']))
    {
        if (!(int)$_GET['quote'])
        {
            error(ERROR);
        }
        $objTest = $db -> Execute('SELECT `id` FROM `tribe_replies` WHERE id='.$_GET['quote'].' AND topic_id='.$topicinfo -> fields['id']);
        if (!$objTest -> fields['id'])
        {
            error(ERROR);
        }
        $objTest -> Close();
    }
    $smarty -> assign(array('Topic' => $topicinfo -> fields['topic'], 
                            'Starter' => $topicinfo -> fields['starter'],
                            'Starterid' => $topicinfo -> fields['pid']));
    
    $strStickyaction = ' (<a href="tforums.php?sticky='.$topicinfo -> fields['id'].'&amp;action='.($topicinfo -> fields['sticky'] == 'N' ? Y : N).'">'.($topicinfo -> fields['sticky'] == 'N' ? A_STICKY : A_UNSTICKY).'</a>)';
    $smarty -> assign ('Delete', ($player -> id == $klan -> fields['owner'] || $perm -> fields['forum']) ? ' (<a href="tforums.php?kasuj1='.$topicinfo -> fields['id'].'">'.A_DELETE.'</a>)'.$strStickyaction : '');
    $text = wordwrap($topicinfo -> fields['body'],45,"\n",1);
    $strReplytext = (isset($_GET['quotet'])) ? '[quote]'.$text.'[/quote]' : R_TEXT;
    $smarty -> assign ('Topictext', $text);
    $reply = $db -> Execute('SELECT * FROM `tribe_replies` WHERE `topic_id`='.$topicinfo -> fields['id'].' ORDER BY id ASC');
    $arrstarter = array();
    $arraction = array();
    $arrtext = array();
    $arrRid = array();
    $arrStarterid = array();
    $i = 0;
    while (!$reply -> EOF) 
    {
        $arrstarter[$i] = $reply -> fields['starter'];
        $arrStarterid[$i] = $reply -> fields['pid'];
        $arraction[$i] = ($player -> id == $klan -> fields['owner'] || $perm -> fields['forum']) ? '(<a href="tforums.php?kasuj='.$reply -> fields['id'].'">'.A_DELETE.'</a>)' : '';
        if (isset($_GET['quote']) && $_GET['quote'] == $reply -> fields['id'])
        {
            $strText = preg_replace("/[0-9][0-9]-[0-9][0-9]-[0-9][0-9]/", "", $reply -> fields['body']);
            $strText = str_replace("<b></b><br />", "", $strText);
            $strReplytext = '[quote]'.$strText.'[/quote]';
        }
        $arrtext[$i] = wordwrap($reply -> fields['body'],45,"\n",1);
        $arrRid[$i] = $reply -> fields['id'];
        $reply -> MoveNext();
        $i++;
    }
    $reply -> Close();
    $klan -> Close();
    $smarty -> assign(array('Id' => $topicinfo -> fields['id'], 
                            'Repstarter' => $arrstarter, 
                            'Repstarterid' => $arrStarterid,
                            'Action' => $arraction, 
                            'Reptext' => $arrtext,
                            'Writeby' => WRITE_BY,
                            'Write' => WRITE,
                            'Areply' => A_REPLY,
                            'Rid' => $arrRid,
                            'Aquote' => A_QUOTE,
                            'Rtext' => $strReplytext,
                            'Aback' => A_BACK));
    $topicinfo -> Close();
}

/**
* Add topic
*/
if (isset ($_GET['action']) && $_GET['action'] == 'addtopic') 
{
    if (empty ($_POST['title2']) || empty ($_POST['body'])) 
    {
        error (EMPTY_FIELDS);
    }
    if (isset($_POST['sticky']))
    {
        $klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
        $perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND `player`='.$player -> id);
        if ($player -> id != $klan -> fields['owner'] && !$perm -> fields['forum']) 
        {
            error(NO_PERM);
        }
        $perm -> Close();
        $klan -> Close();
        $strSticky = 'Y';
    }
        else
    {
        $strSticky = 'N';
    }
    $_POST['title2'] = strip_tags($_POST['title2']);
    require_once('includes/bbcode.php');
    $_POST['body'] = censorship($_POST['body']);
    $_POST['body'] = bbcodetohtml($_POST['body']);
    $strBody = $db -> qstr($_POST['body'], get_magic_quotes_gpc());
    $_POST['title2'] = censorship($_POST['title2']);
    $_POST['title2'] = '<b>'.$data.'</b> '.$_POST['title2'];
    $strTitle = $db -> qstr($_POST['title2'], get_magic_quotes_gpc());
    $db -> Execute('INSERT INTO `tribe_topics` (`topic`, `body`, `starter`, `tribe`, `w_time`, `sticky`, `pid`) VALUES('.$strTitle.', '.$strBody.', \''.$player -> user.'\', \''.$player -> tribe.'\', '.(time()).', \''.$strSticky.'\', '.$player -> id.')') or $db -> ErrorMsg();
    error (TOPIC_ADD.' <a href=tforums.php?view=topics>'.TO_BACK);
}

/**
* Add reply
*/
if (isset($_GET['reply'])) 
{
    if (!ereg("^[1-9][0-9]*$", $_GET['reply'])) 
    {
        error (ERROR);
    }
    $test = $db -> Execute('SELECT `tribe` FROM `tribe_topics` WHERE `id`='.$_GET['reply'].' AND `tribe`='.$player -> tribe);
    if (!$test -> fields['tribe']) 
    {
        error (ERROR);
    }
    $test -> Close();
    $query = $db -> Execute('SELECT count(*) FROM `tribe_topics` WHERE `id`='.$_GET['reply']);
    $exists = $query -> fields['count(*)'];
    $query -> Close();
    if ($exists <= 0) 
    {
        error (NO_TOPIC);
    }
    if (empty ($_POST['rep'])) 
    {
        error (EMPTY_FIELDS);
    }
    require_once('includes/bbcode.php');
    $_POST['rep'] = censorship($_POST['rep']);
    $_POST['rep'] = bbcodetohtml($_POST['rep']);
    $_POST['rep'] = '<b>'.$data.'</b><br />'.$_POST['rep'];
    $strRep = $db -> qstr($_POST['rep'], get_magic_quotes_gpc());
    $db -> Execute('INSERT INTO `tribe_replies` (`starter`, `topic_id`, `body`, `w_time`, `pid`) VALUES(\''.$player -> user.'\', '.$_GET['reply'].', '.$strRep.' ,'.(time()).', '.$player -> id.')') or error('Could not add reply.');
    error (REPLY_ADD.' <a href=tforums.php?topic='.$_GET['reply'].'>'.A_HERE.'</a>.');
}

/**
 * Sticky/Unsticky topics
 */
if (isset($_GET['sticky']))
{
    if (!(int)$_GET['sticky'])
    {
        error(ERROR);
    }
    if ($_GET['action'] != 'Y' && $_GET['action'] != 'N')
    {
        error(ERROR);
    }
    $klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
    $perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND player='.$player -> id);
    if ($player -> id != $klan -> fields['owner'] && !$perm -> fields['forum']) 
    {
        error(NO_PERM);
    }
    $perm -> Close();
    $klan -> Close();
    $test = $db -> Execute('SELECT `id` FROM `tribe_topics` WHERE `id`='.$_GET['sticky'].' AND tribe='.$player -> tribe);
    if (!$test -> fields['id']) 
    {
        error (ERROR);
    } 
    $test -> Close();
    $db -> Execute('UPDATE `tribe_topics` SET `sticky`=\''.$_GET['action'].'\' WHERE id='.$_GET['sticky']);
    $strInfo = ($_GET['action'] == 'Y') ? YOU_STICKY : YOU_UNSTICKY;
    error($strInfo.' <a href=tforums.php?view=topics>'.A_BACK.'</a>');
}

/**
* Delete post
*/
if (isset($_GET['kasuj'])) 
{
    if (!(int)$_GET['kasuj']) 
    {
        error (ERROR);
    }
    $klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
    $perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND player='.$player -> id);
    if ($player -> id != $klan -> fields['owner'] && !$perm -> fields['forum']) 
    {
        error(NO_PERM);
    }
    $perm -> Close();
    $klan -> Close();
    $test = $db -> Execute('SELECT `topic_id` FROM `tribe_replies` WHERE `id`='.$_GET['kasuj']);
    if ($test -> fields['topic_id']) 
    {
        $test2 = $db -> Execute('SELECT `id` FROM `tribe_topics` WHERE `id`='.$test -> fields['topic_id'].' and tribe='.$player -> tribe);
        if (!$test2 -> fields['id']) 
        {
            error (ERROR);
        } 
            else 
        {
            $db -> Execute('DELETE FROM `tribe_replies` WHERE `id`='.$_GET['kasuj']);
            error (POST_DEL.' <a href=tforums.php?view=topics>'.A_BACK.'</a>');
        }
    }
}

/**
* Delete topic
*/
if (isset($_GET['kasuj1'])) 
{
    if (!(int)$_GET['kasuj1']) 
    {
        error (ERROR);
    }
    $klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
    $perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND player='.$player -> id);
    if ($player -> id != $klan -> fields['owner'] && !$perm -> fields['forum']) 
    {
        error(NO_PERM);
    }
    $perm -> Close();
    $klan -> Close();
    $test = $db -> Execute('SELECT `id` FROM `tribe_topics` WHERE `id`='.$_GET['kasuj1'].' AND tribe='.$player -> tribe);
    if (!$test -> fields['id']) 
    {
        error (ERROR);
    } 
        else 
    {
        $db -> Execute('DELETE FROM `tribe_replies` WHERE `topic_id`='.$_GET['kasuj1']);
        $db -> Execute('DELETE FROM `tribe_topics` WHERE `id`='.$_GET['kasuj1']);
        error (TOPIC_DEL.' <a href="tforums.php?view=topics">'.A_BACK.'</a>');
    }
}

/**
* Search words
*/
if (isset($_GET['action']) && $_GET['action'] == 'search')
{
    if (empty($_POST['search']))
    {
        error(EMPTY_FIELDS);
    }
    $strSearch = strip_tags($_POST['search']);
    
    /**
    * Search string in topics
    */
    $objResult = $db -> Execute('SELECT `id`, `tribe` FROM `tribe_topics` WHERE `tribe`='.$player -> tribe.' AND topic LIKE \'%'.$strSearch.'%\' OR `body` LIKE \'%'.$strSearch.'%\'');
    $arrResult = array();
    $i = 0;
    while (!$objResult -> EOF)
    {
        if ($objResult -> fields['tribe'] == $player -> tribe)
        {
            $arrResult[$i] = $objResult -> fields['id'];
            $i++;
        }
        $objResult -> MoveNext();
    }
    $objResult -> Close();

    /**
    * Search string in replies
    */
    $objTopics = $db -> Execute('SELECT `id` FROM `tribe_topics` WHERE `tribe`='.$player -> tribe);
    $intTest = 0;
    while (!$objTopics -> EOF)
    {
        $objResult2 = $db -> Execute('SELECT `topic_id` FROM `tribe_replies` WHERE `topic_id`='.$objTopics -> fields['id'].' AND `body` LIKE \'%'.$strSearch.'%\'');
        foreach ($arrResult as $intResult)
        {
            if ($intResult == $objResult2 -> fields['topic_id'])
            {
                $intTest = 1;
                break;
            }
        }
        if (!$intTest && $objResult2 -> fields['topic_id'])
        {
            $arrResult[$i] = $objResult2 -> fields['topic_id'];
            $i++;
            $intTest = 0;
        }
        $objResult2 -> Close();
        $objTopics -> MoveNext();
    }
    $objTopics -> Close();

    /**
    * Display search result
    */
    $arrTopic = array();
    $arrId = array();
    $i = 0;
    foreach ($arrResult as $intResult)
    {
        $objTopic = $db -> Execute('SELECT `id`, `topic` FROM `tribe_topics` WHERE `id`='.$intResult);
        $arrTopic[$i] = $objTopic -> fields['topic'];
        $arrId[$i] = $objTopic -> fields['id'];
        $i++;
        $objTopic -> Close();
    }
    $smarty -> assign(array('Aback' => A_BACK,
        'Amount' => $i,
        'Ttopic' => $arrTopic,
        'Tid' => $arrId,
        'Nosearch' => NO_SEARCH,
        'Youfind' => YOU_FIND));
}

/**
* Initialization of variables
*/
if (!isset($_GET['view'])) 
{
    $_GET['view'] = '';
}
if (!isset($_GET['topic'])) 
{
    $_GET['topic'] = '';
}
if (!isset($_GET['action']))
{
    $_GET['action'] = '';
}

/**
* Assign variables to template and display page
*/
$smarty -> assign(array('View' => $_GET['view'], 
    'Topics' => $_GET['topic'],
    'Action2' => $_GET['action']));
$smarty -> display('tforums.tpl');

require_once('includes/foot.php');
?>

1	<?php
2	/**
3	* File functions:
4	* Clans forums
5	*
6	* @name : tforums.php
7	* @copyright : (C) 2004,2005,2006 Vallheru Team based on Gamers-Fusion ver 2.5
8	* @author : thindil <thindil@users.sourceforge.net>
9	* @version : 1.3
10	* @since : 16.10.2006
11	*
12	*/
13
14	//
15	//
16	// This program is free software; you can redistribute it and/or modify
17	// it under the terms of the GNU General Public License as published by
18	// the Free Software Foundation; either version 2 of the License, or
19	// (at your option) any later version.
20	//
21	// This program is distributed in the hope that it will be useful,
22	// but WITHOUT ANY WARRANTY; without even the implied warranty of
23	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24	// GNU General Public License for more details.
25	//
26	// You should have received a copy of the GNU General Public License
27	// along with this program; if not, write to the Free Software
28	// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29	//
30	// $Id: tforums.php 727 2006-10-16 15:48:33Z thindil $
31
32	$title = 'Forum klanu';
33	require_once('includes/head.php');
34
35	/**
36	* Get the localization for game
37	*/
38	require_once('languages/'.$player -> lang.'/tforums.php');
39
40	if ($player -> tribe == 0)
41	{
42	error (ERROR);
43	}
44
45	/**
46	* The topics list
47	*/
48	if (isset ($_GET['view']) && $_GET['view'] == 'topics')
49	{
50	$klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
51	$perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND `player`='.$player -> id);
52	$smarty -> assign( 'Sticky', ($player -> id == $klan -> fields['owner'] \|\| $perm -> fields['forum']) ? '<input type="checkbox" name="sticky" />'.T_STICKY.'<br />' : '');
53	$perm -> Close();
54	$klan -> Close();
55
56	/**
57	* Show new topic and replies on forums
58	*/
59	if (!isset($_SESSION['tforums']))
60	{
61	$objLasttime = $db -> Execute('SELECT `tforum_time` FROM `players` WHERE id='.$player -> id);
62	$_SESSION['tforums'] = $objLasttime -> fields['tforum_time'];
63	$objLasttime -> Close();
64	$db -> Execute('UPDATE `players` SET `tforum_time`='.(time()).' WHERE `id`='.$player -> id);
65	}
66
67	/**
68	* Show sticky threads
69	*/
70	$topic = $db -> Execute('SELECT * FROM `tribe_topics` WHERE `tribe`='.$player -> tribe.' AND `sticky`=\'Y\' ORDER BY `id` ASC');
71	$arrid = array();
72	$arrrep = array();
73	$arrtopic = array();
74	$arrstarter = array();
75	$arrNewtopic = array();
76	$i = 0;
77	while (!$topic -> EOF)
78	{
79	$arrid[$i] = $topic -> fields['id'];
80	$arrNewtopic[$i] = ($topic -> fields['w_time'] > $_SESSION['tforums']) ? 'Y' : 'N';
81	$query = $db -> Execute('SELECT `w_time` FROM `tribe_replies` WHERE `topic_id`='.$topic -> fields['id']);
82	if ($arrNewtopic[$i] == 'N')
83	{
84	while (!$query -> EOF)
85	{
86	if ($query -> fields['w_time'] > $_SESSION['tforums'])
87	{
88	$arrNewtopic[$i] = 'Y';
89	break;
90	}
91	$query -> MoveNext();
92	}
93	}
94	$arrrep[$i] = $query -> RecordCount();
95	$query -> Close();
96	$arrtopic[$i] = '<b>'.$topic -> fields['topic'].'</b>';
97	$arrstarter[$i] = $topic -> fields['starter'];
98	$topic -> MoveNext();
99	$i++;
100	}
101	$topic -> Close();
102
103	$topic = $db -> Execute('SELECT * FROM `tribe_topics` WHERE `tribe`='.$player -> tribe.' AND `sticky`=\'N\' ORDER BY id ASC');
104	while (!$topic -> EOF)
105	{
106	$arrid[$i] = $topic -> fields['id'];
107	$arrNewtopic[$i] = ($topic -> fields['w_time'] > $_SESSION['tforums']) ? 'Y' : 'N';
108	$query = $db -> Execute('SELECT `w_time` FROM `tribe_replies` WHERE `topic_id`='.$topic -> fields['id']);
109	if ($arrNewtopic[$i] == 'N')
110	{
111	while (!$query -> EOF)
112	{
113	if ($query -> fields['w_time'] > $_SESSION['tforums'])
114	{
115	$arrNewtopic[$i] = 'Y';
116	break;
117	}
118	$query -> MoveNext();
119	}
120	}
121	$arrrep[$i] = $query -> RecordCount();
122	$query -> Close();
123	$arrtopic[$i] = $topic -> fields['topic'];
124	$arrstarter[$i] = $topic -> fields['starter'];
125	$topic -> MoveNext();
126	$i++;
127	}
128	$topic -> Close();
129	$smarty -> assign(array('Topicid' => $arrid,
130	'Topic' => $arrtopic,
131	'Replies' => $arrrep,
132	'Starter' => $arrstarter,
133	'Ttopic' => T_TOPIC,
134	'Tauthor' => T_AUTHOR,
135	'Treplies' => T_REPLIES,
136	'Addtopic' => ADD_TOPIC,
137	'Ttext' => T_TEXT,
138	'Asearch' => A_SEARCH,
139	'Tword' => T_WORD,
140	'Newtopic' => $arrNewtopic));
141	}
142
143	/**
144	* View topic
145	*/
146	if (isset($_GET['topic']))
147	{
148	if (!ereg("^[1-9][0-9]*$", $_GET['topic']))
149	{
150	error (ERROR);
151	}
152	$klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
153	$topicinfo = $db -> Execute('SELECT * FROM `tribe_topics` WHERE `id`='.$_GET['topic'].' AND tribe='.$player -> tribe);
154	$perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND player='.$player -> id);
155	if (!$topicinfo -> fields['id'])
156	{
157	error (NO_TOPIC);
158	}
159	if (isset($_GET['quote']))
160	{
161	if (!(int)$_GET['quote'])
162	{
163	error(ERROR);
164	}
165	$objTest = $db -> Execute('SELECT `id` FROM `tribe_replies` WHERE id='.$_GET['quote'].' AND topic_id='.$topicinfo -> fields['id']);
166	if (!$objTest -> fields['id'])
167	{
168	error(ERROR);
169	}
170	$objTest -> Close();
171	}
172	$smarty -> assign(array('Topic' => $topicinfo -> fields['topic'],
173	'Starter' => $topicinfo -> fields['starter'],
174	'Starterid' => $topicinfo -> fields['pid']));
175
176	$strStickyaction = ' (<a href="tforums.php?sticky='.$topicinfo -> fields['id'].'&action='.($topicinfo -> fields['sticky'] == 'N' ? Y : N).'">'.($topicinfo -> fields['sticky'] == 'N' ? A_STICKY : A_UNSTICKY).'</a>)';
177	$smarty -> assign ('Delete', ($player -> id == $klan -> fields['owner'] \|\| $perm -> fields['forum']) ? ' (<a href="tforums.php?kasuj1='.$topicinfo -> fields['id'].'">'.A_DELETE.'</a>)'.$strStickyaction : '');
178	$text = wordwrap($topicinfo -> fields['body'],45,"\n",1);
179	$strReplytext = (isset($_GET['quotet'])) ? '[quote]'.$text.'[/quote]' : R_TEXT;
180	$smarty -> assign ('Topictext', $text);
181	$reply = $db -> Execute('SELECT * FROM `tribe_replies` WHERE `topic_id`='.$topicinfo -> fields['id'].' ORDER BY id ASC');
182	$arrstarter = array();
183	$arraction = array();
184	$arrtext = array();
185	$arrRid = array();
186	$arrStarterid = array();
187	$i = 0;
188	while (!$reply -> EOF)
189	{
190	$arrstarter[$i] = $reply -> fields['starter'];
191	$arrStarterid[$i] = $reply -> fields['pid'];
192	$arraction[$i] = ($player -> id == $klan -> fields['owner'] \|\| $perm -> fields['forum']) ? '(<a href="tforums.php?kasuj='.$reply -> fields['id'].'">'.A_DELETE.'</a>)' : '';
193	if (isset($_GET['quote']) && $_GET['quote'] == $reply -> fields['id'])
194	{
195	$strText = preg_replace("/[0-9][0-9]-[0-9][0-9]-[0-9][0-9]/", "", $reply -> fields['body']);
196	$strText = str_replace("<b></b><br />", "", $strText);
197	$strReplytext = '[quote]'.$strText.'[/quote]';
198	}
199	$arrtext[$i] = wordwrap($reply -> fields['body'],45,"\n",1);
200	$arrRid[$i] = $reply -> fields['id'];
201	$reply -> MoveNext();
202	$i++;
203	}
204	$reply -> Close();
205	$klan -> Close();
206	$smarty -> assign(array('Id' => $topicinfo -> fields['id'],
207	'Repstarter' => $arrstarter,
208	'Repstarterid' => $arrStarterid,
209	'Action' => $arraction,
210	'Reptext' => $arrtext,
211	'Writeby' => WRITE_BY,
212	'Write' => WRITE,
213	'Areply' => A_REPLY,
214	'Rid' => $arrRid,
215	'Aquote' => A_QUOTE,
216	'Rtext' => $strReplytext,
217	'Aback' => A_BACK));
218	$topicinfo -> Close();
219	}
220
221	/**
222	* Add topic
223	*/
224	if (isset ($_GET['action']) && $_GET['action'] == 'addtopic')
225	{
226	if (empty ($_POST['title2']) \|\| empty ($_POST['body']))
227	{
228	error (EMPTY_FIELDS);
229	}
230	if (isset($_POST['sticky']))
231	{
232	$klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
233	$perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND `player`='.$player -> id);
234	if ($player -> id != $klan -> fields['owner'] && !$perm -> fields['forum'])
235	{
236	error(NO_PERM);
237	}
238	$perm -> Close();
239	$klan -> Close();
240	$strSticky = 'Y';
241	}
242	else
243	{
244	$strSticky = 'N';
245	}
246	$_POST['title2'] = strip_tags($_POST['title2']);
247	require_once('includes/bbcode.php');
248	$_POST['body'] = censorship($_POST['body']);
249	$_POST['body'] = bbcodetohtml($_POST['body']);
250	$strBody = $db -> qstr($_POST['body'], get_magic_quotes_gpc());
251	$_POST['title2'] = censorship($_POST['title2']);
252	$_POST['title2'] = '<b>'.$data.'</b> '.$_POST['title2'];
253	$strTitle = $db -> qstr($_POST['title2'], get_magic_quotes_gpc());
254	$db -> Execute('INSERT INTO `tribe_topics` (`topic`, `body`, `starter`, `tribe`, `w_time`, `sticky`, `pid`) VALUES('.$strTitle.', '.$strBody.', \''.$player -> user.'\', \''.$player -> tribe.'\', '.(time()).', \''.$strSticky.'\', '.$player -> id.')') or $db -> ErrorMsg();
255	error (TOPIC_ADD.' <a href=tforums.php?view=topics>'.TO_BACK);
256	}
257
258	/**
259	* Add reply
260	*/
261	if (isset($_GET['reply']))
262	{
263	if (!ereg("^[1-9][0-9]*$", $_GET['reply']))
264	{
265	error (ERROR);
266	}
267	$test = $db -> Execute('SELECT `tribe` FROM `tribe_topics` WHERE `id`='.$_GET['reply'].' AND `tribe`='.$player -> tribe);
268	if (!$test -> fields['tribe'])
269	{
270	error (ERROR);
271	}
272	$test -> Close();
273	$query = $db -> Execute('SELECT count(*) FROM `tribe_topics` WHERE `id`='.$_GET['reply']);
274	$exists = $query -> fields['count(*)'];
275	$query -> Close();
276	if ($exists <= 0)
277	{
278	error (NO_TOPIC);
279	}
280	if (empty ($_POST['rep']))
281	{
282	error (EMPTY_FIELDS);
283	}
284	require_once('includes/bbcode.php');
285	$_POST['rep'] = censorship($_POST['rep']);
286	$_POST['rep'] = bbcodetohtml($_POST['rep']);
287	$_POST['rep'] = '<b>'.$data.'</b><br />'.$_POST['rep'];
288	$strRep = $db -> qstr($_POST['rep'], get_magic_quotes_gpc());
289	$db -> Execute('INSERT INTO `tribe_replies` (`starter`, `topic_id`, `body`, `w_time`, `pid`) VALUES(\''.$player -> user.'\', '.$_GET['reply'].', '.$strRep.' ,'.(time()).', '.$player -> id.')') or error('Could not add reply.');
290	error (REPLY_ADD.' <a href=tforums.php?topic='.$_GET['reply'].'>'.A_HERE.'</a>.');
291	}
292
293	/**
294	* Sticky/Unsticky topics
295	*/
296	if (isset($_GET['sticky']))
297	{
298	if (!(int)$_GET['sticky'])
299	{
300	error(ERROR);
301	}
302	if ($_GET['action'] != 'Y' && $_GET['action'] != 'N')
303	{
304	error(ERROR);
305	}
306	$klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
307	$perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND player='.$player -> id);
308	if ($player -> id != $klan -> fields['owner'] && !$perm -> fields['forum'])
309	{
310	error(NO_PERM);
311	}
312	$perm -> Close();
313	$klan -> Close();
314	$test = $db -> Execute('SELECT `id` FROM `tribe_topics` WHERE `id`='.$_GET['sticky'].' AND tribe='.$player -> tribe);
315	if (!$test -> fields['id'])
316	{
317	error (ERROR);
318	}
319	$test -> Close();
320	$db -> Execute('UPDATE `tribe_topics` SET `sticky`=\''.$_GET['action'].'\' WHERE id='.$_GET['sticky']);
321	$strInfo = ($_GET['action'] == 'Y') ? YOU_STICKY : YOU_UNSTICKY;
322	error($strInfo.' <a href=tforums.php?view=topics>'.A_BACK.'</a>');
323	}
324
325	/**
326	* Delete post
327	*/
328	if (isset($_GET['kasuj']))
329	{
330	if (!(int)$_GET['kasuj'])
331	{
332	error (ERROR);
333	}
334	$klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
335	$perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND player='.$player -> id);
336	if ($player -> id != $klan -> fields['owner'] && !$perm -> fields['forum'])
337	{
338	error(NO_PERM);
339	}
340	$perm -> Close();
341	$klan -> Close();
342	$test = $db -> Execute('SELECT `topic_id` FROM `tribe_replies` WHERE `id`='.$_GET['kasuj']);
343	if ($test -> fields['topic_id'])
344	{
345	$test2 = $db -> Execute('SELECT `id` FROM `tribe_topics` WHERE `id`='.$test -> fields['topic_id'].' and tribe='.$player -> tribe);
346	if (!$test2 -> fields['id'])
347	{
348	error (ERROR);
349	}
350	else
351	{
352	$db -> Execute('DELETE FROM `tribe_replies` WHERE `id`='.$_GET['kasuj']);
353	error (POST_DEL.' <a href=tforums.php?view=topics>'.A_BACK.'</a>');
354	}
355	}
356	}
357
358	/**
359	* Delete topic
360	*/
361	if (isset($_GET['kasuj1']))
362	{
363	if (!(int)$_GET['kasuj1'])
364	{
365	error (ERROR);
366	}
367	$klan = $db -> Execute('SELECT `id`, `owner` FROM `tribes` WHERE `id`='.$player -> tribe);
368	$perm = $db -> Execute('SELECT `forum` FROM `tribe_perm` WHERE `tribe`='.$klan -> fields['id'].' AND player='.$player -> id);
369	if ($player -> id != $klan -> fields['owner'] && !$perm -> fields['forum'])
370	{
371	error(NO_PERM);
372	}
373	$perm -> Close();
374	$klan -> Close();
375	$test = $db -> Execute('SELECT `id` FROM `tribe_topics` WHERE `id`='.$_GET['kasuj1'].' AND tribe='.$player -> tribe);
376	if (!$test -> fields['id'])
377	{
378	error (ERROR);
379	}
380	else
381	{
382	$db -> Execute('DELETE FROM `tribe_replies` WHERE `topic_id`='.$_GET['kasuj1']);
383	$db -> Execute('DELETE FROM `tribe_topics` WHERE `id`='.$_GET['kasuj1']);
384	error (TOPIC_DEL.' <a href="tforums.php?view=topics">'.A_BACK.'</a>');
385	}
386	}
387
388	/**
389	* Search words
390	*/
391	if (isset($_GET['action']) && $_GET['action'] == 'search')
392	{
393	if (empty($_POST['search']))
394	{
395	error(EMPTY_FIELDS);
396	}
397	$strSearch = strip_tags($_POST['search']);
398
399	/**
400	* Search string in topics
401	*/
402	$objResult = $db -> Execute('SELECT `id`, `tribe` FROM `tribe_topics` WHERE `tribe`='.$player -> tribe.' AND topic LIKE \'%'.$strSearch.'%\' OR `body` LIKE \'%'.$strSearch.'%\'');
403	$arrResult = array();
404	$i = 0;
405	while (!$objResult -> EOF)
406	{
407	if ($objResult -> fields['tribe'] == $player -> tribe)
408	{
409	$arrResult[$i] = $objResult -> fields['id'];
410	$i++;
411	}
412	$objResult -> MoveNext();
413	}
414	$objResult -> Close();
415
416	/**
417	* Search string in replies
418	*/
419	$objTopics = $db -> Execute('SELECT `id` FROM `tribe_topics` WHERE `tribe`='.$player -> tribe);
420	$intTest = 0;
421	while (!$objTopics -> EOF)
422	{
423	$objResult2 = $db -> Execute('SELECT `topic_id` FROM `tribe_replies` WHERE `topic_id`='.$objTopics -> fields['id'].' AND `body` LIKE \'%'.$strSearch.'%\'');
424	foreach ($arrResult as $intResult)
425	{
426	if ($intResult == $objResult2 -> fields['topic_id'])
427	{
428	$intTest = 1;
429	break;
430	}
431	}
432	if (!$intTest && $objResult2 -> fields['topic_id'])
433	{
434	$arrResult[$i] = $objResult2 -> fields['topic_id'];
435	$i++;
436	$intTest = 0;
437	}
438	$objResult2 -> Close();
439	$objTopics -> MoveNext();
440	}
441	$objTopics -> Close();
442
443	/**
444	* Display search result
445	*/
446	$arrTopic = array();
447	$arrId = array();
448	$i = 0;
449	foreach ($arrResult as $intResult)
450	{
451	$objTopic = $db -> Execute('SELECT `id`, `topic` FROM `tribe_topics` WHERE `id`='.$intResult);
452	$arrTopic[$i] = $objTopic -> fields['topic'];
453	$arrId[$i] = $objTopic -> fields['id'];
454	$i++;
455	$objTopic -> Close();
456	}
457	$smarty -> assign(array('Aback' => A_BACK,
458	'Amount' => $i,
459	'Ttopic' => $arrTopic,
460	'Tid' => $arrId,
461	'Nosearch' => NO_SEARCH,
462	'Youfind' => YOU_FIND));
463	}
464
465	/**
466	* Initialization of variables
467	*/
468	if (!isset($_GET['view']))
469	{
470	$_GET['view'] = '';
471	}
472	if (!isset($_GET['topic']))
473	{
474	$_GET['topic'] = '';
475	}
476	if (!isset($_GET['action']))
477	{
478	$_GET['action'] = '';
479	}
480
481	/**
482	* Assign variables to template and display page
483	*/
484	$smarty -> assign(array('View' => $_GET['view'],
485	'Topics' => $_GET['topic'],
486	'Action2' => $_GET['action']));
487	$smarty -> display('tforums.tpl');
488
489	require_once('includes/foot.php');
490	?>

Gitorious