*

***************************************************************************/

if($setmodules == 1)

{

$file = basename(__FILE__);

<?php

/***************************************************************************

* -------------------

* begin : Thu May 31, 2001

* $Id$

****************************************************************************/

/***************************************************************************

* We will attempt to create a file based backup of all of the data in the

* users phpBB database. The resulting file should be able to be imported by

* the db_restore.php function, or by using the mysql command_line

//

$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);

init_userprefs($userdata);

// End session management

//

define("VERBOSE", 0);

//

// allowed.

//

//

// The following functions are adapted from phpMyAdmin and upgrade_20.php

{

global $db;

AND relkind = 'S' ORDER BY relname";

$seq = $db->sql_query($get_seq_sql);

if($backup_type == 'structure')

{

$row['last_value'] = 1;

$return_val .= "CREATE SEQUENCE $sequence start " . $row['last_value'] . ' increment ' . $row['increment_by'] . ' maxvalue ' . $row['max_value'] . ' minvalue ' . $row['min_value'] . ' cache ' . $row['cache_value'] . "; $crlf";

} // End function...

//

//

// This function returns, will return the table def's for postgres...

//

//

$sql_get_default = "SELECT d.adsrc AS rowdefault

FROM pg_attrdef d, pg_class c

AND d.adnum = " . $row['attnum'];

$def_res = $db->sql_query($sql_get_default);

{

unset($row['rowdefault']);

}

{

$row['rowdefault'] = @pg_result($def_res, 0, 'rowdefault');

}

//

$sql_pri_keys = "SELECT ic.relname AS index_name, bc.relname AS tab_name, ta.attname AS column_name, i.indisunique AS unique_key, i.indisprimary AS primary_key

AND (ta.attnum = i.indkey[ia.attnum-1])

ORDER BY index_name, tab_name, column_name ";

$result = $db->sql_query($sql_pri_keys);

//

// Generate constraint clauses for CHECK constraints

//

FROM pg_relcheck, pg_class bc

AND bc.relname = '$table'

AND NOT EXISTS (

AND c.rcrelid = i.inhparent

)";

$result = $db->sql_query($sql_checks);

{

message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $sql_checks);

}

//

// Add the constraints to the sql file.

//

//

// This function returns the "CREATE TABLE" syntax for mysql dbms...

//

{

global $drop, $db;

{

$schema_create .= "DROP TABLE IF EXISTS $table;$crlf";

}

$schema_create .= "CREATE TABLE $table($crlf";

//

$schema_create .= ' DEFAULT \'' . $row['Default'] . '\'';

}

{

$schema_create .= ' NOT NULL';

}

$kname = "UNIQUE|$kname";

}

{

$index[$kname] = array();

}

$index[$kname][] = $row['Column_name'];

}

{

$schema_create .= ", $crlf";

if($x == 'PRIMARY')

{

$schema_create .= ' PRIMARY KEY (' . implode($columns, ', ') . ')';

elseif (substr($x,0,6) == 'UNIQUE')

{

$schema_create .= ' UNIQUE ' . substr($x,7) . ' (' . implode($columns, ', ') . ')';

else

{

$schema_create .= " KEY $x (" . implode($columns, ', ') . ')';

$schema_create .= "$crlf);";

{

return(stripslashes($schema_create));

{

return($schema_create);

}

} // End get_table_def_mysql

// statement.

//

//

// series of INSERT statements, for each different DBMS...

// After every row a custom callback function $handler gets called.

// $handler must accept one parameter ($sql_insert);

unset($schema_vals);

unset($schema_fields);

unset($schema_insert);

// Build the SQL statement to recreate the data.

//

for($i = 0; $i < $i_num_fields; $i++)

}

$schema_vals .= " $strQuote$strVal$strQuote,";

}

message_die(GENERAL_ERROR, "Faild in get_table_content (select *)", "", __LINE__, __FILE__, "SELECT * FROM $table");

}

{

$schema_insert = "\n#\n# Table Data for $table\n#\n";

}

//

// If there is no data for the column set it to null.

// There was a problem here with an extra space causing the

// any table. Should be fixed now :) JLH

//

$schema_insert .= ' NULL,';

{

$schema_insert .= ' \'' . addslashes($row[$j]) . '\',';

else

{

$schema_insert .= '\'\',';

}

}

//

//

$schema_insert = ereg_replace(',$', '', $schema_insert);

$schema_insert .= ');';

//

function remove_remarks($sql)

{

while($i < strlen($sql))

{

if( $sql[$i] == "#" && ( $sql[$i-1] == "\n" || $i==0 ) )

{

$j = 1;

while( $sql[$i + $j] != "\n" )

{

$j++;

$last_char = "";

$ret = array();

$in_string = true;

for($i = 0; $i < strlen($sql); $i++)

{

$char = $sql[$i];

//

// if delimiter found, add the parsed part to the returned array

//

{

$ret[] = substr($sql, 0, $i);

$sql = substr($sql, $i + 1);

{

$in_string = false;

}

if($char == $in_string && $last_char != "\\")

$in_string = false;

}

elseif(!$in_string && ($char == "\"" || $char == "'") && ($last_char != "\\"))

return($ret);

}

// End Functions

// -------------

if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )

{

$perform = (isset($HTTP_POST_VARS['perform'])) ? $HTTP_POST_VARS['perform'] : $HTTP_GET_VARS['perform'];

switch($perform)

{

case 'backup':

);

$template->assign_vars(array(

"MESSAGE_TEXT" => $lang['Backups_not_supported'])

);

$template->pparse("body");

break;

}

$gzipcompress = (!empty($HTTP_POST_VARS['gzipcompress'])) ? $HTTP_POST_VARS['gzipcompress'] : ( (!empty($HTTP_GET_VARS['gzipcompress'])) ? $HTTP_GET_VARS['gzipcompress'] : 0 );

{

if(ereg(",", $additional_tables))

{

$s_hidden_fields = "<input type=\"hidden\" name=\"perform\" value=\"backup\" /><input type=\"hidden\" name=\"drop\" value=\"1\" /><input type=\"hidden\" name=\"perform\" value=\"$perform\" />";

$template->assign_vars(array(

"L_FULL_BACKUP" => $lang['Full_backup'],

"L_STRUCTURE_BACKUP" => $lang['Structure_backup'],

"L_DATA_BACKUP" => $lang['Data_backup'],

"L_ADDITIONAL_TABLES" => $lang['Additional_tables'],

"L_START_BACKUP" => $lang['Start_backup'],

"S_DBUTILS_ACTION" => append_sid("admin_db_utilities.$phpEx"))

);

$template->pparse("body");

break;

}

else if( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) )

{

$template->set_filenames(array(

"body" => "admin/admin_message_body.tpl")

);

$template->assign_vars(array(

"MESSAGE_TEXT" => $lang['Backup_download'])

);

{

$backup_sql .= "#\n# TABLE: " . $table_prefix . $table_name . "\n#\n";

$backup_sql .= $table_def_function($table_prefix . $table_name, "\n") . "\n";

if($backup_type != 'structure')

{

break;

case 'restore':

// Define Template files...

//

include('page_header_admin.'.$phpEx);

$s_hidden_fields = "<input type=\"hidden\" name=\"perform\" value=\"restore\" /><input type=\"hidden\" name=\"perform\" value=\"$perform\" />";

$template->assign_vars(array(

"S_HIDDEN_FIELDS" => $s_hidden_fields)

);

$template->pparse("body");

break;

}

//

// Handle the file upload ....

// If no file was uploaded report an error...

message_die(GENERAL_MESSAGE, $lang['Restore_Error_no_file']);

}

//

// are actually passed the name of an uploaded file, and not

// a hackers attempt at getting us to process a local system

// file.

$sql_query = trim($sql_query);

{

// Strip out sql comments...

$sql_query = remove_remarks($sql_query);

$sql = trim($pieces[$i]);

if(!empty($sql) and $sql[0] != "#")

{

echo "Executing: $sql\n<br>";

flush();

}

$result = $db->sql_query($sql);

if(!$result && ( !(SQL_LAYER == 'postgres' && eregi("drop table", $sql) ) ) )

{

include('page_header_admin.'.$phpEx);

);

$message = $lang['Restore_success'];

$template->assign_vars(array(

"MESSAGE_TEXT" => $message)

);

}

break;

}

include('page_footer_admin.'.$phpEx);

<?php

/***************************************************************************

* -------------------

* begin : Mon Jul 31, 2001

* $Id$

****************************************************************************/

/***************************************************************************

* immediate forum pruning as well.

***************************************************************************/

//

require('pagestart.inc');

include($phpbb_root_path . 'includes/prune.php');

//

if(isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL]))

{

$forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? $HTTP_POST_VARS[POST_FORUM_URL] : $HTTP_GET_VARS[POST_FORUM_URL];

{

$forum_sql = "";

}

//

// Get a list of forum's or the data for the forum that we are pruning.

//

ORDER BY c.cat_order ASC, f.forum_order ASC";

$f_result = $db->sql_query($sql);

{

$submit = (isset($HTTP_POST_VARS['submit'])) ? $HTTP_POST_VARS['submit'] : $HTTP_GET_VARS['submit'];

}

{

unset($submit);

}

else

{

//

// display a select box to use for pruning.

//

if(empty($forum_id))

// Assign the template variables.

//

$template->assign_vars(array(

"S_FORUMS_SELECT" => $select_list)

);

}

{

//

// Output the form to retrieve Prune information.

$template->set_filenames(array(

"body" => "admin/forum_prune_body.tpl")

);

$forum_name = ($forum_id == "ALL") ? 'All Forums' : $forum_rows[0]['forum_name'];

$prune_data = "Prune Topics that haven't been posted to in the last ";

<?php

if($setmodules == 1)

{

// Start program - define vars

//

$simple_auth_ary = array(

3 => array(0, 2, 2, 2, 2, 2, 2, 3),

4 => array(2, 2, 2, 2, 2, 2, 2, 3),

5 => array(0, 3, 3, 3, 3, 3, 3, 3),

);

$simple_auth_types = array($lang['Public'], $lang['Registered'], $lang['Registered'] . " [" . $lang['Hidden'] . "]", $lang['Private'], $lang['Private'] . " [" . $lang['Hidden'] . "]", $lang['Moderators'], $lang['Moderators'] . " [" . $lang['Hidden'] . "]");

// was

//

$sql = "SELECT f.*

ORDER BY c.cat_order ASC, f.forum_order ASC";

$f_result = $db->sql_query($sql);

$select_list .= "</select>";

$template->assign_vars(array(

"S_AUTH_SELECT" => $select_list)

);

$simple_auth .= $simple_auth_types[$j];

$simple_auth .= "</option>";

}

{

$simple_auth .= "<option value=\"$j\">" . $simple_auth_types[$j] . "</option>";

}

else

{

//

// fields

//

for($j = 0; $j < count($forum_auth_fields); $j++)

$custom_auth[$j] .= $forum_auth_levels[$k];

$custom_auth[$j] .= "</option>";

}

{

$custom_auth[$j] .= "<option value=\"" . $forum_auth_const[$k] . "\">". $forum_auth_levels[$k] . "</option>";

}

$s_hidden_fields = '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '">';

$template->assign_vars(array(

"L_SUBMIT_CHANGES" => $lang['Submit_changes'],

"L_RESET_CHANGES" => $lang['Reset_changes'],

"U_SWITCH_MODE" => $u_switch_mode,

"S_HIDDEN_FIELDS" => $s_hidden_fields)

);

* copyright : (C) 2001 The phpBB Group

* email : support@phpbb.com

*

*

*

***************************************************************************/

if($setmodules==1)

{

$file = basename(__FILE__);

function check_forum_name($forumname)

{

global $db;

$sql = "SELECT * from " . FORUMS_TABLE . "WHERE forum_name = '$forumname'";

$result = $db->sql_query($sql);

if( !$result )

message_die(GENERAL_ERROR, "Couldn't get list of Categories", "", __LINE__, __FILE__, $sql);

}

if ($db->sql_numrows($result) > 0)

FROM $table

WHERE $idfield = $id";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't get Forum/Category information", "", __LINE__, __FILE__, $sql);

}

if( $db->sql_numrows($result) != 1 )

default:

message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__);

}

$sql = "SELECT * FROM $table";

if( $select == FALSE)

{

$sql .= " WHERE $idfield != '$id'";

}

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't get list of Categories/Forums", "", __LINE__, __FILE__, $sql);

}

$cat_list = "";

function renumber_order($mode, $cat=FALSE)

{

global $db;

switch($mode)

{

case 'category':

default:

message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__);

}

$sql = "SELECT * FROM $table";

if( $cat != FALSE)

{

}

$sql .= " ORDER BY $orderfield ASC";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't get list of Categories", "", __LINE__, __FILE__, $sql);

}

$i = 10;

$inc = 10;

while( $row = $db->sql_fetchrow($result) )

{

$sql = "UPDATE $table SET $orderfield = $i WHERE $idfield = ".$row["$idfield"];

if( !$db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't update order fields", "", __LINE__, __FILE__, $sql);

}

$i += 10;

}

}

//

$show_index = TRUE;

break;

case 'createforum': // Create a forum in the DB

max(forum_order) as max_order

WHERE cat_id = '".$HTTP_POST_VARS['cat_id']."'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't get order number from forums table", "", __LINE__, __FILE__, $sql);

}

$row = $db->sql_fetchrow($result);

$next_order = $max_order + 1;

// There is no problem having duplicate forum names so we won't check for it.

INTO ".FORUMS_TABLE."(

forum_name,

cat_id,

'".$next_order."',

'".$HTTP_POST_VARS['forumstatus']."')";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't insert row in forums table", "", __LINE__, __FILE__, $sql);

}

$show_index = TRUE;

break;

case 'modforum': // Modify a forum in the DB

forum_name = '".$HTTP_POST_VARS['forumname']."',

cat_id = '".$HTTP_POST_VARS['cat_id']."',

forum_desc = '".$HTTP_POST_VARS['forumdesc']."',

forum_status = '".$HTTP_POST_VARS['forumstatus']."'

WHERE forum_id = '".$HTTP_POST_VARS['forum_id']."'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't update forum information", "", __LINE__, __FILE__, $sql);

}

$show_index = TRUE;

break;

case 'addcat':

max(cat_order) as max_order

FROM ".CATEGORIES_TABLE;

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't get order number from categories table", "", __LINE__, __FILE__, $sql);

}

$row = $db->sql_fetchrow($result);

'".$HTTP_POST_VARS['catname']."',

'".$next_order."')";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't insert row in categories table", "", __LINE__, __FILE__, $sql);

}

$show_index = TRUE;

// $newmode determines if we are going to INSERT or UPDATE after posting?

$newmode = 'modforum';

$buttonvalue = 'Change';

$forum_id = $HTTP_GET_VARS['forum_id'];

$row = get_info('forum', $forum_id);

$forumstatus = FORUM_UNLOCKED;

$forum_id = '';

}

$catlist = get_list('category', $cat_id, TRUE);

$forumstatus == FORUM_LOCKED ? $forumlocked = "selected" : $forumunlocked = "selected";

$statuslist = "<OPTION VALUE=\"".FORUM_UNLOCKED."\" $forumunlocked>Unlocked</OPTION>\n";

$statuslist .= "<OPTION VALUE=\"".FORUM_LOCKED."\" $forumlocked>Locked</OPTION>\n";

$template->set_filenames(array(

"body" => "admin/forum_edit_body.tpl")

);

'BUTTONVALUE' => $buttonvalue)

);

$template->pparse("body");

break;

case 'editcat':

$newmode = 'modcat';

$buttonvalue = 'Change';

$cat_id = $HTTP_GET_VARS['cat_id'];

$row = get_info('category', $catid);

$cat_title = $row['cat_title'];

$template->set_filenames(array(

"body" => "admin/category_edit_body.tpl")

);

'BUTTONVALUE' => $buttonvalue)

);

$template->pparse("body");

break;

case 'modcat':

cat_title = '".$HTTP_POST_VARS['cat_title']."'

WHERE cat_id = '".$HTTP_POST_VARS['cat_id']."'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't update forum information", "", __LINE__, __FILE__, $sql);

}

print "Modforum: ". $HTTP_POST_VARS['forumname']." sql= <pre>$sql</pre>";

$from_id = $HTTP_POST_VARS['from_id'];

$to_id = $HTTP_POST_VARS['to_id'];

$delete_old = $HTTP_POST_VARS['delete_old'];

print "move '$from_id' to '$to_id'";

$sql = "SELECT * FROM ".FORUMS_TABLE." WHERE forum_id IN ($from_id, $to_id)";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't verify existence of forums", "", __LINE__, __FILE__, $sql);

}

if($db->sql_numrows($result) != 2)

{

message_die(GENERAL_ERROR, "Ambiguous forum ID's", "", __LINE__, __FILE__);

}

// Either delete or move all posts in a forum

if($delete_old == 1)

{

}

else

{

forum_id = '$to_id'

WHERE forum_id = '$from_id'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't move topics to other forum", "", __LINE__, __FILE__, $sql);

}

forum_id = '$to_id'

WHERE forum_id = '$from_id'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't move posts to other forum", "", __LINE__, __FILE__, $sql);

}

sync('forum', $to_id);

}

$sql = "DELETE FROM ".FORUMS_TABLE."

WHERE forum_id = '$from_id'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't delete forum", "", __LINE__, __FILE__, $sql);

}

$show_index = TRUE;

break;

case 'movedelcat':

$from_id = $HTTP_POST_VARS['from_id'];

$to_id = $HTTP_POST_VARS['to_id'];

print "move '$from_id' to '$to_id'";

$sql = "SELECT * FROM ".CATEGORIES_TABLE." WHERE cat_id IN ($from_id, $to_id)";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't verify existence of categories", "", __LINE__, __FILE__, $sql);

}

if($db->sql_numrows($result) != 2)

{

message_die(GENERAL_ERROR, "Ambiguous category ID's", "", __LINE__, __FILE__);

}

cat_id = '$to_id'

WHERE cat_id = '$from_id'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't move forums to other category", "", __LINE__, __FILE__, $sql);

}

$sql = "DELETE FROM ".CATEGORIES_TABLE."

WHERE cat_id = '$from_id'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't delete category", "", __LINE__, __FILE__, $sql);

}

$show_index = TRUE;

break;

case 'deletecat':

$newmode = 'movedelcat';

$catinfo = get_info('category', $cat_id);

$name = $catinfo['cat_title'];

$template->set_filenames(array(

"body" => "admin/forum_delete_body.tpl")

);

$newmode = 'movedelforum';

$foruminfo = get_info('forum', $forum_id);

$name = $foruminfo['forum_name'];

$template->set_filenames(array(

"body" => "admin/forum_delete_body.tpl")

);

$cat_id = $HTTP_GET_VARS['cat_id'];

$sql = "UPDATE ".CATEGORIES_TABLE." SET cat_order = cat_order + $move WHERE cat_id = $cat_id";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);

}

renumber_order('category');

$forum_id = $HTTP_GET_VARS['forum_id'];

$forum_info = get_info('forum', $forum_id);

$cat_id = $forum_info['cat_id'];

$sql = "UPDATE ".FORUMS_TABLE." SET forum_order = forum_order + $move WHERE forum_id = $forum_id";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);

}

renumber_order('forum', $forum_info['cat_id']);

<?php

if($setmodules == 1)

{

$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce");

$auth_field_match = array(

"auth_announce" => AUTH_ANNOUNCE);

$field_names = array(

if(!$single_user)

{

$single_user = $u_ary['group_single_user'];

$result = 0;

switch($type)

{

$auth_user['single_group'] = ($single_user) ? "single" : "group";

}

return $auth_user;

}

//

//

// This is where things become fun ...

//

//

// Get list of user id's for this group_id

//

AND user_id <> " . ANONYMOUS;

if(!$result = $db->sql_query($sql_groupid))

{

//

// for this user

//

AND aa2.group_id = g2.group_id";

/*

AND aa.group_id = g.group_id";*/

$ag_result = $db->sql_query($sql);

$g_access = $db->sql_fetchrowset($ag_result);

}

ORDER BY c.cat_order ASC, f.forum_order ASC";

$fa_result = $db->sql_query($sql);

}

}

}

//

// The data above lists access and moderator permissions

// for this user given by all the groups they belong to.

// These values must be checked against those requested

// informed of problems. For example, if a group the user

// belongs to already grants the user moderator status

// then the user won't have moderator status enabled.

// forum then again, we must warn the admin that giving

// the user access goes against the group permissions

// (although in this case we'll go ahead and add the user)

//

//

//

$warning_mod_userid = array();

$warning_mod_username = array();

{

if($new_mod_status)

{

AND group_id = $group_id";

}

else

{

AND group_id = $group_id";

}

$update_mod = TRUE;

if(!$update_mod && $new_mod_status)

{

VALUES ($this_forum_id, $group_id, $new_mod_status)";

$update_mod = TRUE;

}

}

else

{

AND group_id = $group_id";

}

}

);

$template->assign_vars(array(

"MESSAGE_TEXT" => $warning_list)

);

}

//

// Default user selection box

//

//

WHERE group_single_user <> " . TRUE;

$g_result = $db->sql_query($sql);

$group_list = $db->sql_fetchrowset($g_result);

);

$template->assign_vars(array(

"S_AUTH_SELECT" => $select_list)

);

"body" => "admin/auth_ug_body.tpl")

);

ORDER BY c.cat_order ASC, f.forum_order ASC";

$fa_result = $db->sql_query($sql);

}

}

}

AND ug.group_id = g.group_id

AND u.user_id = ug.user_id";

$g_result = $db->sql_query($sql);

$groupinf = $db->sql_fetchrowset($g_result);

AND g.group_single_user = 0";

$ag_result = $db->sql_query($sql);

$auth_group[$f_forum_id][$key] = 0;

}

break;

case AUTH_MOD:

if($num_forum_access[$f_forum_id])

{

$row_color = "#" . ( ( !($i%2) ) ? $theme['td_color1'] : $theme['td_color2'] );

$template->assign_block_vars("forums", array(

"S_MOD_SELECT" => $optionlist_mod)

);

$s_column_span++;

}

}

$switch_mode = "admin_groupauth.$phpEx?" . POST_GROUPS_URL . "=" . $group_id . "&adv=";

$switch_mode .= ( !$adv ) ? "1" : "0";

$switch_mode_text = ( !$adv ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];

$u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';

$template->assign_vars(array(

"USER_GROUP_MEMBERSHIPS" => $lang['Group_has_members'] . ": " . $t_usergroup_list,

"L_MODERATOR_STATUS" => $lang['Moderator_status'],

"L_SUBMIT_CHANGES" => $lang['Submit_changes'],

"L_RESET_CHANGES" => $lang['Reset_changes'],

"U_SWITCH_MODE" => $u_switch_mode,

"S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"),

"S_HIDDEN_FIELDS" => $s_hidden_fields)

);

<?php

* admin_groups.php

if($setmodules == 1)

{

// They're editing. Grab the vars.

//

$sql = "SELECT *

WHERE group_single_user <> " . TRUE . "

AND group_id = " . $g;

if(!$result = $db->sql_query($sql))

//

// Ok, now we know everything about them, let's show the page.

//

WHERE user_id <> " . ANONYMOUS . "

ORDER BY username";

$u_result = $db->sql_query($sql);

$group_closed = "checked=\"checked\"";

}

$template->assign_vars(array(

"L_GROUP_NAME" => $lang['group_name'],

"L_GROUP_DESCRIPTION" => $lang['group_description'],

"L_GROUP_MODERATOR" => $lang['group_moderator'],

group_moderator = '" . $group_moderator . "'

WHERE group_id = '" . $group_id . "'";

break;

case 'newgroup':

$sql = "INSERT INTO " . GROUPS_TABLE . "

(

'" . $group_moderator . "',

'0'

)";

break;

case 'default':

message_die(GENERAL_ERROR, $lang['Group_mode_not_selected']);

break;

{

include("page_header_admin." . $phpEx);

WHERE group_single_user <> " . TRUE . "

ORDER BY group_name";

$g_result = $db->sql_query($sql);

$template->assign_vars(array(

"L_GROUP_TITLE" => $lang['Group'] . " " . $lang['Admin'],

"L_LOOK_UP" => $lang['Look_up'] . " " . $lang['Group'],

"L_GROUP_NEW" => $lang['New_group'],

"S_GROUP_SELECT" => $select_list)

);

<?php

/***************************************************************************

* -------------------

* begin : Thu May 31, 2001

* $Id$

****************************************************************************/

/**************************************************************************

* This file will be used for modifying the smiley settings for a board.

**************************************************************************/

}

//

//

//

// Check to see what mode we should operate in.

// Get the data that should be passed.

//

$smiley_id = ($HTTP_GET_VARS['id']) ? $HTTP_GET_VARS['id']: $HTTP_POST_VARS['id'];

WHERE smilies_id = ' . $smiley_id;

$result = $db->sql_query($sql);

if( !$result )

// Get the data for the selected smiley.

//

$smiley_id = ($HTTP_GET_VARS['id']) ? $HTTP_GET_VARS['id']: $HTTP_POST_VARS['id'];

WHERE smilies_id = ' . $smiley_id;

$result = $db->sql_query($sql);

if( !$result )

{

$smiley_selected = ($smiley_images[$i] == $smile_data['smile_url']) ? "SELECTED" : "";

$template->assign_block_vars("smile_images", array(

"SELECTED" => $smiley_selected)

);

}

//

// Proceed with updating the smiley table.

//

WHERE smilies_id = $smile_id";

$result = $db->sql_query($sql);

{

message_die(GENERAL_ERROR, $lang['smile_edit_err'], "", __LINE__, __FILE__, $sql);

}

$template->set_filenames(array(

"body" => "admin/smile_action.tpl")

);

$template->assign_vars(array(

"S_SMILEY_URL" => append_sid("admin_smilies.$phpEx"),

"L_SMILEY_TITLE" => $lang['smiley_title'],

//

// Save the data to the smiley table.

//

VALUES ('$smile_code', '$smile_url', '$smile_emotion')";

$result = $db->sql_query($sql);

if( !$result )

//

// Get a listing of smileys.

//

FROM ' . SMILIES_TABLE;

$result = $db->sql_query($sql);

if( !$result )

message_die(GENERAL_ERROR, $lang['smile_load_err'], "", __LINE__, __FILE__, $sql);

}

$smilies = $db->sql_fetchrowset($result);

$my_path = append_sid("admin_smilies.$phpEx");

if(!ereg('\?', $my_path))

{

}

$template->assign_vars(array(

"S_SMILEY_URL" => $my_path,

<?php

if($setmodules == 1)

{

for($i = 0; $i < count($email_list_temp); $i++)

{

//

// contained in the annotated php manual at php.com (ereg

// section)

//

}

}

FROM " . BANLIST_TABLE;

if( !$result = $db->sql_query($sql) )

{

{

$kill_session_sql .= ( ($kill_session_sql != "") ? " OR " : "" ) . "session_user_id = $user_list[$i]";

VALUES ('" . $user_list[$i] . "')";

if( !$result = $db->sql_query($sql) )

{

$kill_session_sql .= ( ($kill_session_sql != "") ? " OR " : "" ) . $kill_ip_sql;

VALUES ('" . $ip_list[$i] . "')";

if( !$result = $db->sql_query($sql) )

{

}

//

// session table with any of the banned

// user or IP info just entered into the

// ban table ... this will force a session

//

if($kill_session_sql != "")

{

WHERE $kill_session_sql";

if( !$result = $db->sql_query($sql) )

{

message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql);

}

}

for($i = 0; $i < count($email_list); $i++)

{

$in_banlist = false;

if(!$in_banlist)

{

VALUES ('" . $email_list[$i] . "')";

if( !$result = $db->sql_query($sql) )

{

if($where_sql != "")

{

WHERE $where_sql";

if( !$result = $db->sql_query($sql) )

{

{

$userban_count = 0;

WHERE user_id <> " . ANONYMOUS . "

ORDER BY user_id ASC";

$u_result = $db->sql_query($sql);

$s_hidden_fields = "<input type=\"hidden\" name=\"bancontrol\" value=\"ban\" />";

$template->assign_vars(array(

"L_BAN_USER" => $lang['Ban_username'],

"L_BAN_USER_EXPLAIN" => $lang['Ban_username_explain'],

"L_BAN_IP" => $lang['Ban_IP'],

"L_EMAIL_ADDRESS" => $lang['Email_address'],

"S_BAN_ACTION" => append_sid("admin_user_ban.$phpEx"))

);

}

$ipban_count = 0;

$emailban_count = 0;

FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u

AND u.user_id <> " . ANONYMOUS . "

ORDER BY u.user_id ASC";

$u_result = $db->sql_query($sql);

$select_userlist = "<select name=\"user[]\"" . ( ($userban_count > 1) ? "multiple=\"multiple\" size=\"" . min(5, $userban_count) . "\">" : ">" ) . $select_userlist;

$select_userlist .= "</select>";

FROM " . BANLIST_TABLE;

$b_result = $db->sql_query($sql);

$banlist = $db->sql_fetchrowset($b_result);

$s_hidden_fields = "<input type=\"hidden\" name=\"bancontrol\" value=\"unban\" />";

$template->assign_vars(array(

"L_BAN_USER" => $lang['Unban_username'],

"L_BAN_USER_EXPLAIN" => $lang['Unban_username_explain'],

"L_BAN_IP" => $lang['Unban_IP'],

"L_EMAIL_ADDRESS" => $lang['Email_address'],

"S_BAN_ACTION" => append_sid("admin_user_ban.$phpEx"))

);

<?php

if($setmodules == 1)

{

$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce");

$auth_field_match = array(

"auth_announce" => AUTH_ANNOUNCE);

$field_names = array(

if(!$single_user)

{

$single_user = $u_ary['group_single_user'];

$result = 0;

switch($type)

{

$auth_user['single_group'] = ($single_user) ? "single" : "group";

}

return $auth_user;

}

//

//

// This is where things become fun ...

//

//

// Get group_id for this user_id

//

AND g.group_single_user = " . TRUE;

if(!$result = $db->sql_query($sql_groupid))

{

//

// Delete any entries granting in auth_access

//

WHERE group_id = " . $ug_info['group_id'];

if(!$result = $db->sql_query($sql))

{

// Error ...

//

// Update users level, reset to USER

//

WHERE user_id = $user_id";

if(!$result = $db->sql_query($sql))

{

// Error ...

}

}

header("Location: admin_userauth.$phpEx?" . POST_USERS_URL . "=$user_id");

}

//

// Make user an admin (if already user)

//

WHERE user_id = $user_id";

if(!$result = $db->sql_query($sql_userlevel))

{

// Error ...

}

// Delete any entries in auth_access, they

// admin

//

WHERE group_id = " . $ug_info['group_id'];

if(!$result = $db->sql_query($sql_unmod))

{

// Error ...

AND auth_mod = 0";

if(!$result = $db->sql_query($sql_unauth))

{

else

{

//

// for this user

//

AND aa.group_id = ug.group_id";

$au_result = $db->sql_query($sql);

$u_access = $db->sql_fetchrowset($au_result);

}

ORDER BY c.cat_order ASC, f.forum_order ASC";

$fa_result = $db->sql_query($sql);

}

}

}

//

// The data above lists access and moderator permissions

// for this user given by all the groups they belong to.

// These values must be checked against those requested

// informed of problems. For example, if a group the user

// belongs to already grants the user moderator status

// then the user won't have moderator status enabled.

// forum then again, we must warn the admin that giving

// the user access goes against the group permissions

// (although in this case we'll go ahead and add the user)

//

//

//

$warning_mod_grpid = array();

$warning_mod_grpname = array();

{

if($new_mod_status)

{

AND group_id = " . $ug_info['group_id'];

}

else

{

AND group_id = " . $ug_info['group_id'];

}

$update_mod = TRUE;

if(!$update_mod && $new_mod_status)

{

VALUES ($this_forum_id, " . $ug_info['group_id'] . ", $new_mod_status)";

$update_mod = TRUE;

}

}

else

{

AND group_id = " . $ug_info['group_id'];

}

}

);

$template->assign_vars(array(

"MESSAGE_TEXT" => $warning_list)

);

}

//

// Default user selection box

//

//

WHERE user_id <> " . ANONYMOUS;

$u_result = $db->sql_query($sql);

$user_list = $db->sql_fetchrowset($u_result);

);

$template->assign_vars(array(

"S_AUTH_SELECT" => $select_list)

);

"body" => "admin/auth_ug_body.tpl")

);

ORDER BY c.cat_order ASC, f.forum_order ASC";

$fa_result = $db->sql_query($sql);

}

}

AND g.group_id = ug.group_id";

$u_result = $db->sql_query($sql);

$userinf = $db->sql_fetchrowset($u_result);

AND g.group_single_user = " . TRUE;

$au_result = $db->sql_query($sql);

$auth_user[$f_forum_id][$key] = 0;

}

break;

case AUTH_MOD:

if($user_id != ANONYMOUS && $num_forum_access[$f_forum_id])

{

$row_color = ( !($i%2) ) ? $theme['td_color1'] : $theme['td_color2'];

$template->assign_block_vars("forums", array(

"S_MOD_SELECT" => $optionlist_mod)

);

$s_column_span++;

}

}

$switch_mode = "admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id . "&adv=";

$switch_mode .= ( empty($adv) ) ? "1" : "0";

$switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];

$u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';

$template->assign_vars(array(

"USER_GROUP_MEMBERSHIPS" => $lang['This_user_is'] . " " . $s_user_type . " " . $lang['and_belongs_groups'] . ": " . $t_usergroup_list,

"L_MODERATOR_STATUS" => $lang['Moderator_status'],

"L_SUBMIT_CHANGES" => $lang['Submit_changes'],

"L_RESET_CHANGES" => $lang['Reset_changes'],

"U_SWITCH_MODE" => $u_switch_mode,

"S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"),

"S_HIDDEN_FIELDS" => $s_hidden_fields)

);

<?php

* admin_users.php

if($setmodules == 1)

{

//

// This looks familiar doesn't it? It's the user profile page! :)

//

//

// Let's find out a little about them...

//

$userdata = get_userdata_from_id($HTTP_GET_VARS[POST_USERS_URL]);

//

// Now parse and display it as a template

//

$email = $userdata['user_email'];

$password = "";

$password_confirm = "";

$icq = $userdata['user_icq'];

$aim = $userdata['user_aim'];

$msn = $userdata['user_msnm'];

$occupation = $userdata['user_occ'];

$interests = $userdata['user_interests'];

$signature = $userdata['user_sig'];

$viewemail = $userdata['user_viewemail'];

$notifypm = $userdata['user_notify_pm'];

$attachsig = $userdata['user_attachsig'];

$user_timezone = $userdata['user_timezone'];

$user_template = $userdata['user_template'];

$user_dateformat = $userdata['user_dateformat'];

if(!isset($coppa))

{

$coppa = FALSE;

$html_status = ($board_config['allow_html']) ? $lang['ON'] : $lang['OFF'];

$bbcode_status = ($board_config['allow_bbcode']) ? $lang['ON'] : $lang['OFF'];

$smilies_status = ($board_config['allow_smilies']) ? $lang['ON'] : $lang['OFF'];

$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';

$s_hidden_fields .= '<input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" />';

// Send the users current email address. If they change it, and account activation is turned on

"L_HTML_IS" => $lang['HTML'] . " " . $lang['is'],

"L_BBCODE_IS" => $lang['BBCode'] . " " . $lang['is'],

"L_SMILIES_ARE" => $lang['Smilies'] . " " . $lang['are'],

"L_DELETE_USER" => $lang['User_delete'],

"L_DELETE_USER_EXPLAIN" => $lang['User_delete_explain'],

"S_ALLOW_AVATAR_UPLOAD" => $board_config['allow_avatar_upload'],

"S_ALLOW_AVATAR_LOCAL" => $board_config['allow_avatar_local'],

"S_ALLOW_AVATAR_REMOTE" => $board_config['allow_avatar_remote'],

$allowviewonline = (isset($HTTP_POST_VARS['hideonline'])) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : 1 ) : 1;

$notifypm = (isset($HTTP_POST_VARS['notifypm'])) ? $HTTP_POST_VARS['notifypm'] : 1;

$attachsig = (isset($HTTP_POST_VARS['attachsig'])) ? $HTTP_POST_VARS['attachsig'] : 0;

$allowhtml = (isset($HTTP_POST_VARS['allowhtml'])) ? $HTTP_POST_VARS['allowhtml'] : $board_config['allow_html'];

$allowbbcode = (isset($HTTP_POST_VARS['allowbbcode'])) ? $HTTP_POST_VARS['allowbbcode'] : $board_config['allow_bbcode'];

$allowsmilies = (isset($HTTP_POST_VARS['allowsmilies'])) ? $HTTP_POST_VARS['allowsmilies'] : $board_config['allow_smilies'];

if(!$error && $file_size > 0 && $file_size < $board_config['avatar_filesize'])

{

$avatar_data = substr($avatar_data, strlen($avatar_data) - $file_size, $file_size);

$tmp_filename = tempnam ("/tmp", $userdata['user_id'] . "-");

$fptr = fopen($tmp_filename, "wb");

$bytes_written = fwrite($fptr, $avatar_data, $file_size);

} // if ... allow_avatar_upload

}

}

if(!$error)

{

if( $HTTP_POST_VARS['deleteuser'] )

{

WHERE poster_id = $user_id";

if( $result = $db->sql_query($sql) )

{

WHERE user_id = $user_id";

if( $result = $db->sql_query($sql) )

{

include('page_header_admin.'. $phpEx);

$template->set_filenames(array(

"body" => "admin/admin_message_body.tpl")

);

$template->assign_vars(array(

"MESSAGE_TITLE" => $lang['User'] . $lang['User_admin'],

"MESSAGE_TEXT" => $lang['User_deleted'])

$template->set_filenames(array(

"body" => "admin/admin_message_body.tpl")

);

$template->assign_vars(array(

"MESSAGE_TITLE" => $lang['User'] . $lang['User_admin'],

"MESSAGE_TEXT" => $lang['Profile_updated'])

//

// Default user selection box

//

//

WHERE user_id <> " . ANONYMOUS;

$u_result = $db->sql_query($sql);

$user_list = $db->sql_fetchrowset($u_result);

);

$template->assign_vars(array(

"S_USER_SELECT" => $select_list)

);

$template->pparse('body');

<?php

* (admin) index.php

$phpbb_root_path = "./../";

include($phpbb_root_path . 'extension.inc');

//

$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);

init_userprefs($userdata);

// End session management

//

$template->set_filenames(array(

"body" => "admin/index_navigate.tpl")

);

$template->assign_vars(array(

"U_BOARD_INDEX" => append_sid("../index.$phpEx"),

"U_ADMIN_INDEX" => append_sid("index.$phpEx?pane=right"),

"L_ADMIN_INDEX" => "Admin Index")

);

$action = preg_replace("'_'", " ", $action);

$template->assign_block_vars("catrow.actionrow", array(

"ACTIONNAME" => $action,

"FILE" => $file)

);

{

include('page_header_admin.'.$phpEx);

$template->set_filenames(array(

"body" => "admin/index_body.tpl")

);

$template->assign_vars(array(

"L_LAST_UPDATE" => $lang['Last_updated'],

"L_NUMBER_POSTS" => $lang['Number_posts'],

"L_POSTS_PER_DAY" => $lang['Posts_per_day'],

"L_NUMBER_TOPICS" => $lang['Number_topics'],

"L_NUMBER_USERS" => $lang['Number_users'],

"L_USERS_PER_DAY" => $lang['Users_per_day'],

"L_BOARD_STARTED" => $lang['Board_started'],

"L_DB_SIZE" => $lang['Database_size'])

);

$avatar_dir_size = 0;

if ($avatar_dir = @opendir($phpbb_root_path . $board_config['avatar_path']))

while($file = readdir($avatar_dir))

{

if($file != "." && $file != "..")

// Borrowed the code from the PHP.net annoted manual, origanally written by:

// Jesse (jesse@jess.on.ca)

//

if($posts_per_day > $total_posts)

{

"POSTS_PER_DAY" => $posts_per_day,

"TOPICS_PER_DAY" => $topics_per_day,

"USERS_PER_DAY" => $users_per_day,

"DB_SIZE" => $dbsize)

);

//

// Get users online information.

//

$sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, s.session_page, s.session_logged_in, s.session_time, s.session_ip

WHERE u.user_id = s.session_user_id

AND s.session_time >= " . (time()-300) . "

ORDER BY s.session_time DESC";

$row_color = "#" . ( ( !($count % 2) ) ? $theme['td_color1'] : $theme['td_color2']);

$row_class = ( !($count % 2) ) ? $theme['td_class1'] : $theme['td_class2'];

$count++;

$ip_address = decode_ip($onlinerow[$i]['session_ip']);

// This resolves the users IP to a host name, but it REALLY slows the page down

//

//$host_name = gethostbyaddr($ip_address);

//$ip_address = $ip_address . " ($host_name)";

if(empty($username))

{

$username = $lang['Guest'];

}

else

//

// Generate frameset

//

header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");

$template->pparse("body");

exit;

}

*

***************************************************************************/

//

// Show the overall footer.

//

//

// Borrowed from php.net!

//

echo pack("V", $gzip_crc);

echo pack("V", $gzip_size);

}

*

***************************************************************************/

define(HEADER_INC, TRUE);

//

else if($phpver > "4.0")

{

if(strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip'))

$do_gzip_compress = TRUE;

ob_start();

}

}

}

$template->set_filenames(array(

);

//

"T_TR_COLOR1" => "#".$theme['tr_color1'],

"T_TR_COLOR2" => "#".$theme['tr_color2'],

"T_TR_COLOR3" => "#".$theme['tr_color3'],

"T_TH_COLOR1" => "#".$theme['th_color1'],

"T_TH_COLOR2" => "#".$theme['th_color2'],

"T_TH_COLOR3" => "#".$theme['th_color3'],

"T_TD_COLOR1" => "#".$theme['td_color1'],

"T_TD_COLOR2" => "#".$theme['td_color2'],

"T_TD_COLOR3" => "#".$theme['td_color3'],

"T_FONTFACE1" => $theme['fontface1'],

"T_FONTFACE2" => $theme['fontface2'],

"T_FONTFACE3" => $theme['fontface3'],

"T_FONTCOLOR1" => "#".$theme['fontcolor1'],

"T_FONTCOLOR2" => "#".$theme['fontcolor2'],

"T_FONTCOLOR3" => "#".$theme['fontcolor3'],

"T_SPAN_CLASS3" => $theme['span_class3'])

);

*

***************************************************************************/

$phpbb_root_path = "../";

include($phpbb_root_path . 'extension.inc');

include($phpbb_root_path . 'common.'.$phpEx);

*

***************************************************************************/

error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables

set_magic_quotes_runtime(0); // Disable magic_quotes_runtime

<?php

// DB connection config

// Uncomment the relevant entry

// and fill in the required details

//

/*

//

//

$dbms = "mssql";

$dbhost = "";

*

***************************************************************************/

if(!defined("SQL_LAYER"))

{

// performance compared to an 'in-built' limit

//

// Another issue is the 'lack' of a returned true value when a query is valid but has

// 'fair' to say that if a query returns a false result (ie. no resource id) then the

// SQL was valid but had no result set. If the query returns nothing but the rowcount

// ... needs checking under Windows itself.

//

if(eregi("LIMIT", $query))

$row_offset = 0;

$num_rows = $limits[2];

}

// $this->query_array[] = $query;

@mssql_query("SET ROWCOUNT ".($row_offset + $num_rows));

$this->query_limit_offset[$this->query_result] = -1;

$this->query_limit_numrows[$this->query_result] = -1;

}

{

// $this->query_array[] = $query;

$result = @mssql_num_rows($query_id) - $this->query_limit_offset[$query_id];

}

else

$result = @mssql_num_rows($query_id);

}

return $result;

}

if($query_id)

{

if($this->query_limit_offset[$query_id] > 0)

{

if($this->query_limit_success)

<?php

/***************************************************************************

* -------------------

* begin : Saturday, Feb 13, 2001

* copyright : (C) 2001 The phpBB Group

*

***************************************************************************/

if(!defined("SQL_LAYER"))

{

if($this->persistency)

{

$this->db_connect_id = @mysql_pconnect($this->server, $this->user, $this->password);

else

{

$this->db_connect_id = @mysql_connect($this->server, $this->user, $this->password);

*

***************************************************************************/

if(!defined("SQL_LAYER"))

{

if(eregi("LIMIT", $query))

{

preg_match("/^(.*)LIMIT ([0-9]+)[, ]*([0-9]+)*/s", $query, $limits);

$query = $limits[1];

if($limits[3])

{

<?php

/***************************************************************************

* -------------------

* begin : Thrusday Feb 15, 2001

* copyright : (C) 2001 The phpBB Group

*

***************************************************************************/

if(!defined("SQL_LAYER"))

{

class sql_db

{

var $db_connect_id;

var $query_result;

var $row;

var $num_queries = 0;

//

// Constructor

//

$this->password = $sqlpassword;

$this->server = $sqlserver;

$this->dbname = $database;

if($this->persistency)

{

$this->db_connect_id = @OCIPLogon($this->user, $this->password, $this->server);

else

{

$this->db_connect_id = @OCINLogon($this->user, $this->password, $this->server);

$num_rows = $limits[2];

}

}

if(eregi("^(INSERT|UPDATE) ", $query))

{

$query = preg_replace("/\\\'/s", "''", $query);

{

$rows = @OCIFetchStatement($query_id, $results);

@OCIExecute($query_id);

{

@OCIFetchInto($query_id, $tmp_result, OCI_ASSOC+OCI_RETURN_NULLS);

for($j = 0; $j < count($tmp_result); $j++)

{

list($key, $val) = each($tmp_result);

return false;

}

}

function sql_nextid()

{

if($this->db_connect_id)

*

***************************************************************************/

if(!defined("SQL_LAYER"))

{

{

var $db_connect_id;

var $in_transaction = 0;

var $row;

var $rownum = array();

*

***************************************************************************/

$phpbb_root_path = "./";

include($phpbb_root_path . 'extension.inc');

include($phpbb_root_path . 'common.'.$phpEx);

// End session management

//

?> \ No newline at end of file

*

***************************************************************************/

$phpbb_root_path = "./";

include($phpbb_root_path . 'extension.inc');

include($phpbb_root_path . 'common.'.$phpEx);

<?php

* auth.php

/*

$type's accepted (pre-pend with AUTH_):

ATTACH

$types pending (for future versions, pre-pend with AUTH_):

Possible options ($type/forum_id combinations):

the single result returned

* If you set type to AUTH_ALL and specify a forum_id an array of all auth types

* If you provide a forum_id a specific lookup on that forum will be done

* If you set forum_id to AUTH_LIST_ALL and specify a type an array listing the

* If you set forum_id to AUTH_LIST_ALL and type to AUTH_ALL a multidimensional

array containing the auth permissions for all types and all forums for that

user is returned

{

$forum_match_sql = ($forum_id != AUTH_LIST_ALL) ? "WHERE a.forum_id = $forum_id" : "";

$forum_match_sql";

$af_result = $db->sql_query($sql);

{

$forum_match_sql = ($forum_id != AUTH_LIST_ALL) ? "AND a.forum_id = $forum_id" : "";

( au.group_id = ug.group_id

AND g.group_id <> 0 )

)

$forum_match_sql";*/

$forum_match_sql";

$a_result = $db->sql_query($sql);

if(!$a_result)

$auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access, $is_admin) : 0;

$auth_user[$key . '_type'] = $lang['Users_granted_access'];

break;

case AUTH_MOD:

$auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0;

$auth_user[$key . '_type'] = $lang['Moderators'];

break;

case AUTH_ADMIN:

$auth_user[$key] = $is_admin;

$auth_user[$key . '_type'] = $lang['Administrators'];

$auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access[$f_forum_id], $is_admin) : 0;

$auth_user[$f_forum_id][$key . '_type'] = $lang['Users_granted_access'];

break;

case AUTH_MOD:

$auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin) : 0;

$auth_user[$f_forum_id][$key . '_type'] = $lang['Moderators'];

break;

case AUTH_ADMIN:

$auth_user[$f_forum_id][$key] = $is_admin;

$auth_user[$f_forum_id][$key . '_type'] = $lang['Administrators'];

if(!$single_user)

{

$single_user = $u_access[$j]['group_single_user'];

$result = 0;

switch($type)

{

{

$auth_user = $is_admin;

}

return $auth_user;

}

*

***************************************************************************/

define("BBCODE_UID_LEN", 10);

/**

*

***************************************************************************/

//

// Constants

//

<?php

* db.php

switch($dbms)

{

// Make the database connection.

$db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, false);

{

message_die(CRITICAL_ERROR, "Could not connect to the database");

}

***************************************************************************/

//

// The emailer class has support for attaching files, that isn't implemented

// in the 2.0 release but we can probable find some way of using it in a future

*

***************************************************************************/

/***************************************************************************

*

* This program is free software; you can redistribute it and/or modify

function make_forum_box($box_name, $default_forum = -1)

{

$limit_forums = "";

$sql = "SELECT forum_id, forum_name

}

return($boxstring);

//

// Initialise user settings on page load

function init_userprefs($userdata)

function validate_email($email)

{

global $db;

if($email != "")

{

$sql = "SELECT ban_email

}

}

$sql = "SELECT user_email

WHERE user_email = '" . $email . "'";

if(!$result = $db->sql_query($sql))

{

// So we have to use two queries

case 'mysql':

$sql_users = "SELECT u.username, g.group_name

OR LOWER(g.group_name) = '" . strtolower($username) . "' )";

$sql_disallow = "SELECT disallow_username

FROM " . DISALLOW_TABLE . "

default:

$sql = "SELECT u.username, g.group_name

OR LOWER(g.group_name) = '" . strtolower($username) . "' )

SELECT disallow_username, NULL

FROM " . DISALLOW_TABLE . "

WHERE disallow_username = '$username'";

}

{

global $db;

{

case 'forum':

$sql = "SELECT max(p.post_id) AS last_post FROM ".POSTS_TABLE." p, ".TOPICS_TABLE." t WHERE p.forum_id = $id AND p.topic_id = t.topic_id AND t.topic_status <> ".TOPIC_MOVED;

{

$last_post = 0;

}

$sql = "SELECT count(post_id) AS total FROM ".POSTS_TABLE." WHERE forum_id = $id";

if(!$result = $db->sql_query($sql))

{

{

$total_posts = $rowset[0]['total'];

}

$sql = "SELECT count(topic_id) AS total FROM ".TOPICS_TABLE." WHERE forum_id = $id";

if(!$result = $db->sql_query($sql, $db))

{

{

$total_topics = $rowset[0]['total'];

}

$sql = "UPDATE ".FORUMS_TABLE." SET forum_last_post_id = '$last_post', forum_posts = $total_posts, forum_topics = $total_topics WHERE forum_id = $id";

if(!$result = $db->sql_query($sql))

{

{

$last_post = $row[0]["last_post"];

}

$sql = "SELECT count(post_id) AS total FROM ".POSTS_TABLE." WHERE topic_id = $id";

if(!$result = $db->sql_query($sql))

{

global $db, $board_config, $lang;

$sql = "SELECT themes_id, themes_name

WHERE themes_name LIKE '" . $board_config['default_template'] . "-%'

ORDER BY themes_name";

if($result = $db->sql_query($sql))

}

else

{

}

}

else

if(empty($smilies))

{

FROM " . SMILIES_TABLE;

if($result = $db->sql_query($sql))

{

<?php

* message.php

//

// This function gets called to output any message or error

//

// $msg_code takes one of four constant values:

//

// board configuration data is available

//

// CRITICAL_ERROR -> Used whenever a DB connection cannot be

// configuration data. Shouldn't be used in general

// no templates are used)

//

{

global $db, $template, $board_config, $theme, $lang, $phpEx, $phpbb_root_path;

global $userdata, $user_ip, $session_length;

*

***************************************************************************/

define(HEADER_INC, TRUE);

//

else if($phpver > "4.0")

{

if(strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip'))

if(extension_loaded("zlib"))

{

$do_gzip_compress = TRUE;

ob_start();

}

}

}

// Get basic (usernames + totals) online

// situation

//

FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s

WHERE u.user_id = s.session_user_id

AND s.session_time >= ".( time() - 300 );

//

if($userdata['session_logged_in'])

{

AND privmsgs_to_userid = " . $userdata['user_id'];

$result_pm = $db->sql_query($sql);

if(!$result_pm)

"L_PROFILE" => $lang['Profile'],

"L_SEARCH" => $lang['Search'],

"L_PRIVATEMSGS" => $lang['Private_msgs'],

"L_MEMBERLIST" => $lang['Memberlist'],

"L_FAQ" => $lang['FAQ'],

"L_USERGROUPS" => $lang['Usergroups'],

"L_NEWPOSTS" => $lang['New_posts'],

"L_NONEWPOSTS_HOT" => $lang['No_new_posts_hot'],

"L_NEWPOSTS_HOT" => $lang['New_posts_hot'],

"L_POSTED" => $lang['Posted'],

"L_JOINED" => $lang['Joined'],

"L_AUTO_LOGIN" => $lang['Log_me_in'],

"T_TR_COLOR1" => "#".$theme['tr_color1'],

"T_TR_COLOR2" => "#".$theme['tr_color2'],

"T_TR_COLOR3" => "#".$theme['tr_color3'],

"T_TH_COLOR1" => "#".$theme['th_color1'],

"T_TH_COLOR2" => "#".$theme['th_color2'],

"T_TH_COLOR3" => "#".$theme['th_color3'],

"T_TD_COLOR1" => "#".$theme['td_color1'],

"T_TD_COLOR2" => "#".$theme['td_color2'],

"T_TD_COLOR3" => "#".$theme['td_color3'],

"T_FONTFACE1" => $theme['fontface1'],

"T_FONTFACE2" => $theme['fontface2'],

"T_FONTFACE3" => $theme['fontface3'],

"T_FONTCOLOR1" => "#".$theme['fontcolor1'],

"T_FONTCOLOR2" => "#".$theme['fontcolor2'],

"T_FONTCOLOR3" => "#".$theme['fontcolor3'],

"T_SPAN_CLASS3" => $theme['span_class3'])

);

*

***************************************************************************/

//

// Show the overall footer.

//

//

// Borrowed from php.net!

//

echo pack("V", $gzip_crc);

echo pack("V", $gzip_size);

}

<?php

*

* $Id$

//

// entry into the database.

//

function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid = 0)

}

}

{

$message = str_replace(substr($message, $start, $length), htmlspecialchars(substr($message, $start, $length)), $message);

}

<?php

/***************************************************************************

* prune.php

* $Id$

function prune($forum_id, $prune_date)

{

global $db, $lang;

AND p.post_id = t.topic_last_post_id";

// Do we want to delete everything in the forum?

if ($prune_date != FALSE)

{

}

if(!$result_topics = $db->sql_query($sql))

{

}

$pruned_topics = $db->sql_numrows($result_topics);

AND t.topic_type = " . POST_NORMAL;

// Do we want to delete everything in the forum?

if ($prune_date != FALSE)

{

}

if(!$result_posts = $db->sql_query($sql))

{

}

$sql_post_text = "DELETE FROM " . POSTS_TEXT_TABLE . " WHERE " . $sql_post_text;

if(!$result = $db->sql_query($sql_post_text, BEGIN_TRANSACTION))

{

}

}

WHERE forum_id = $forum_id";

if(!$result = $db->sql_query($sql))

{

$one_day = 60 * 60 * 24;

WHERE forum_id = $forum_id";

if(!$result = $db->sql_query($sql))

{

message_die(GENERAL_ERROR, "Auto-Prune: Couldn't read auto_prune table.", __LINE__, __FILE__);

*

***************************************************************************/

//

// session_begin()

//

***************************************************************************/

/****************************************************************************

* This script should be included if the admin has configured the board for

* smtp mail instead of standard sendmail. It includes a function smtpmail

* Description: This funtion processes the smtp server's response codes

* Usage: This function is only used interanally by the smtpmail

* function. It takes two arguments the first a socket pointer

* response code you are looking for.

****************************************************************************/

function server_parse($socket, $response)

/****************************************************************************

* Function: smtpmail

* function, that uses smtp.

* Usage: The usage for this function is identical to that of php's

* built in mail function.

****************************************************************************/

{

// For now I'm using an array based $smtp_vars to hold the smtp server

// info, but it should probably change to $board_config...

// $board_config['smtp_port'].

global $board_config;

//

// Fix any bare linefeeds in the message to make it RFC821 Compliant.

//

if(sizeof($headers) > 1)

{

$headers = join("\r\n", $headers);

else

{

$headers = $headers[0];

}

$headers = chop($headers);

$headers = ereg_replace("[^\r]\n", "\r\n", $headers);

}

if(trim($mail_to) == "")

message_die(GENERAL_ERROR, "Could not connect to smtp host : $errno : $errstr", "", __LINE__, __FILE__);

}

server_parse($socket, "220");

// Send the RFC821 specified HELO.

fputs($socket, "HELO " . $board_config['smtp_host'] . "\r\n");

// From this point onward most server response codes should be 250

server_parse($socket, "250");

// Specify who the mail is from....

fputs($socket, "MAIL FROM: $email_from\r\n");

server_parse($socket, "250");

server_parse($socket, "250");

$to_header .= "<$mail_to_address>, ";

}

// Ok now we tell the server we are ready to start sending data

fputs($socket, "DATA\r\n");

// This is the last response code we look for until the end of the message.

server_parse($socket, "354");

// Now any custom headers....

fputs($socket, "$headers\r\n\r\n");

// Ok now we are ready for the message...

fputs($socket, "$message\r\n");

<?php

* template.inc

* $Id$

/**

* Template class. By Nathan Codding of the phpBB group.

* The interface was originally inspired by PHPLib templates,

* and the template file formats are quite similar.

*/

class Template {

// if it's a root-level variable, it'll be like this:

// $this->_tpldata[.][0][varname] == value

var $_tpldata = array();

// Hash of filenames for each template handle.

var $files = array();

// Root template directory.

var $root = "";

// this will hash handle names to the compiled code for that handle.

var $compiled_code = array();

// This will hold the uncompiled code for that handle.

var $uncompiled_code = array();

/**

* Constructor. Simply sets the root dir.

*/

{

$this->set_rootdir($root);

}

/**

* Sets the template root directory for this Template object.

{

{

return false;

}

$this->root = $dir;

return true;

}

* Sets the template filenames for handles. $filename_array

* should be a hash of handle => filename pairs.

*/

{

if (!is_array($filename_array))

{

}

reset($filename_array);

{

$this->files[$handle] = $this->make_filename($filename);

}

return true;

}

/**

* Load the file for the handle, compile the file,

* and run the compiled code. This will print out

{

if (!$this->loadfile($handle))

{

}

// actually compile the template now.

if (!isset($this->compiled_code[$handle]) || empty($this->compiled_code[$handle]))

{

// Actually compile the code now.

$this->compiled_code[$handle] = $this->compile($this->uncompiled_code[$handle]);

}

// Run the compiled code.

eval($this->compiled_code[$handle]);

return true;

}

/**

* Inserts the uncompiled code for $handle as the

* value of $varname in the root-level. This can be used

* template.

* Note that all desired assignments to the variables in $handle should be done

* BEFORE calling this function.

{

if (!$this->loadfile($handle))

{

}

// Compile it, with the "no echo statements" option on.

$code = $this->compile($this->uncompiled_code[$handle], true);

// turn it into a variable assignment.

$code = '$_str = \'' . $code . '\';';

// evaluate the variable assignment.

eval($code);

// assign the value of the generated variable to the given varname.

$this->assign_var($varname, $_str);

return true;

}

/**

* Block-level variable assignment. Adds a new block iteration with the given

* iteration.

*/

function assign_block_vars($blockname, $vararray)

{

if (strstr($blockname, '.'))

{

$blocks = explode('.', $blockname);

$blockcount = sizeof($blocks) - 1;

$str = '$this->_tpldata';

// We're adding a new iteration to this block with the given

// variable assignments.

$str .= '[\'' . $blocks[$blockcount] . '.\'][] = $vararray;';

// Now we evaluate this assignment we've built up.

eval($str);

}

// we were given.

$this->_tpldata[$blockname . '.'][] = $vararray;

}

return true;

}

/**

* Root-level variable assignment. Adds to current assignments, overriding

* any existing variable assignment with the same name.

reset ($vararray);

while (list($key, $val) = each($vararray))

{

}

return true;

}

/**

* Root-level variable assignment. Adds to current assignments, overriding

* any existing variable assignment with the same name.

function assign_var($varname, $varval)

{

$this->_tpldata['.'][0][$varname] = $varval;

}

* Generates a full path+filename for the given filename, which can either

* be an absolute name, or a name relative to the rootdir for this Template

* object.

*/

{

// Check if it's an absolute or relative path.

if (substr($filename, 0, 1) != '/')

{

$filename = $this->root . '/' . $filename;

}

if (!file_exists($filename))

{

die("Template->make_filename(): Error - file $filename does not exist");

}

return $filename;

}

/**

* If not already done, load the file for the given handle and populate

* the uncompiled_code[] hash with its code. Do not compile.

*/

{

// If the file for this handle is already loaded and compiled, do nothing.

if (isset($this->uncompiled_code[$handle]) && !empty($this->uncompiled_code[$handle]))

}

// If we don't have a file assigned to this handle, die.

{

die("Template->loadfile(): No file specified for handle $handle");

}

$filename = $this->files[$handle];

$str = implode("", @file($filename));

{

die("Template->loadfile(): File $filename for handle $handle is empty");

}

$this->uncompiled_code[$handle] = $str;

return true;

}

/**

* Compiles the given string of code, and returns

* the result in a string.

* If "do_not_echo" is true, the returned code will not be directly

* for use in assign_code_from_handle().

*/

function compile($code, $do_not_echo = false)

// replace \ with \\ and then ' with \'.

$code = str_replace('\\', '\\\\', $code);

$code = str_replace('\'', '\\\'', $code);

// change template varrefs into PHP varrefs

// This one will handle varrefs WITH namespaces

$varrefs = array();

preg_match_all('#\{(([a-z0-9\-_]+?\.)+?)([a-z0-9\-_]+?)\}#is', $code, $varrefs);

$namespace = $varrefs[1][$i];

$varname = $varrefs[3][$i];

$new = $this->generate_block_varref($namespace, $varname);

$code = str_replace($varrefs[0][$i], $new, $code);

}

// This will handle the remaining root-level varrefs

$code = preg_replace('#\{([a-z0-9\-_]*?)\}#is', '\' . $this->_tpldata[\'.\'][0][\'\1\'] . \'', $code);

// Break it up into lines.

$code_lines = explode("\n", $code);

$block_nesting_level = 0;

$block_names = array();

$block_names[0] = ".";

// Second: prepend echo ', append ' . "\n"; to each line.

$line_count = sizeof($code_lines);

for ($i = 0; $i < $line_count; $i++)

else

{

// This block is nested.

// Generate a namespace string for this block.

$namespace = implode('.', $block_names);

// strip leading period from root level..

$namespace = substr($namespace, 2);

// current indices of all parent blocks.

$varref = $this->generate_block_data_ref($namespace, false);

// Create the for loop code to iterate over this block.

$code_lines[$i] .= "\n" . 'for ($_' . $n[1] . '_i = 0; $_' . $n[1] . '_i < $_' . $n[1] . '_count; $_' . $n[1] . '_i++)';

$code_lines[$i] .= "\n" . '{';

}

// We have the end of a block.

unset($block_names[$block_nesting_level]);

$block_nesting_level--;

else

{

// This block is nested.

// Generate a namespace string for this block.

$namespace = implode('.', $block_names);

// strip leading period from root level..

$namespace = substr($namespace, 2);

// current indices of all parent blocks.

$varref = $this->generate_block_data_ref($namespace, false);

// Create the for loop code to iterate over this block.

$code_lines[$i] = '$_' . $m[1] . '_count = sizeof(' . $varref . ');';

$code_lines[$i] .= "\n" . 'for ($_' . $m[1] . '_i = 0; $_' . $m[1] . '_i < $_' . $m[1] . '_count; $_' . $m[1] . '_i++)';

$code_lines[$i] .= "\n" . '{';

}

}

else if (preg_match('#<!-- END (.*?) -->#', $code_lines[$i], $m))

}

}

}

// Bring it back into a single string of lines of code.

return $code ;

}

/**

* Generates a reference to the given variable inside the given (possibly nested)

* block namespace. This is a string of the form:

{

// Strip the trailing period.

$namespace = substr($namespace, 0, strlen($namespace) - 1);

// Get a reference to the data block for this namespace.

$varref = $this->generate_block_data_ref($namespace, true);

// Prepend the necessary code to stick this in an echo line.

$varref = '\' . ' . $varref;

// Append the variable reference.

$varref .= '[\'' . $varname . '\'] . \'';

return $varref;

}

/**

* (possibly nested) block namespace. This is a string of the form:

* $this->_tpldata['parent'][$_parent_i]['$child1'][$_child1_i]['$child2'][$_child2_i]...['$childN']

*

// Build up the string with everything but the last child.

for ($i = 0; $i < $blockcount; $i++)

{

}

// Add the block reference for the last child.

$varref .= '[\'' . $blocks[$blockcount] . '.\']';

{

$varref .= '[$_' . $blocks[$blockcount] . '_i]';

}

return $varref;

}

*

***************************************************************************/

$phpbb_root_path = "./";

include($phpbb_root_path . 'extension.inc');

include($phpbb_root_path . 'common.'.$phpEx);

$limit_forums = ($viewcat != -1) ? "AND f.cat_id = $viewcat " : "";

$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time, p.post_username

WHERE f.forum_last_post_id = p.post_id

AND p.post_id = t.topic_last_post_id

AND p.poster_id = u.user_id

$limit_forums = ($viewcat != -1) ? "AND f.cat_id = $viewcat " : "";

$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time, p.post_username

WHERE f.forum_last_post_id = p.post_id(+)

AND p.post_id = t.topic_last_post_id(+)

AND p.poster_id = u.user_id(+)

}

$forum_rows = $db->sql_fetchrowset($q_forums);

AND p.post_time > " . $userdata['session_last_visit'];

if(!$new_topic_ids = $db->sql_query($sql))

{

//

// Obtain list of moderators of each forum

//

ORDER BY aa.forum_id, g.group_id, u.user_id";

if(!$q_forum_mods = $db->sql_query($sql))

{

message_die(GENERAL_ERROR, "Could not query forum moderator information", "", __LINE__, __FILE__, $sql);

"NEWEST_UID" => $newest_uid,

"USERS_BROWSING" => $users_browsing,

"U_NEWEST_USER_PROFILE" => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$newest_uid"))

);

{

$moderators_links .= "<a href=\"" . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $forum_mods_id[$forum_id][$mods]) . "\">" . $forum_mods_name[$forum_id][$mods] . "</a>";

}

{

$moderators_links .= "<a href=\"" . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=" . $forum_mods_id[$forum_id][$mods]) . "\">" . $forum_mods_name[$forum_id][$mods] . "</a>";

}

$template->assign_block_vars("catrow.forumrow", array(

"ROW_COLOR" => "#" . $row_color,

"FOLDER" => $folder_image,

"FORUM_NAME" => stripslashes($forum_rows[$j]['forum_name']),

"FORUM_DESC" => stripslashes($forum_rows[$j]['forum_desc']),

*

****************************************************************************/

//

// The future format of this file will be:

//

<?php

* login.php

* $Id$

$phpbb_root_path = "./";

include($phpbb_root_path . 'extension.inc');

{

message_die(GENERAL_ERROR, "Error in obtaining userdata : login", __LINE__, __FILE__, $sql);

}

$rowresult = $db->sql_fetchrow($result);

if(count($rowresult))

{

if((md5($password) == $rowresult['user_password']) && $rowresult['user_active'] != 0)

$autologin = (isset($HTTP_POST_VARS['autologin'])) ? TRUE : FALSE;

$session_id = session_begin($rowresult['user_id'], $user_ip, PAGE_INDEX, $session_length, TRUE, $autologin);

if(isset($HTTP_POST_VARS['forward_page']) || isset($HTTP_GET_VARS['forward_page']))

{

$forward_to = $HTTP_SERVER_VARS['QUERY_STRING'];

if(preg_match("/^forward_page=(.*)(&sid=[0-9]*)$|^forward_page=(.*)$/si", $forward_to, $forward_matches))

{

$forward_to = ($forward_matches[3]) ? $forward_matches[3] : $forward_matches[1];

}

$username = ($userdata['user_id'] != ANONYMOUS) ? $userdata['username'] : "";

$template->assign_vars(array(

"FORWARD_PAGE" => $forward_page,

"USERNAME" => $username,

*

***************************************************************************/

$phpbb_root_path = "./";

include($phpbb_root_path . 'extension.inc');

include($phpbb_root_path . 'common.'.$phpEx);

{

$order_by = "user_regdate $sort_order LIMIT $start, " . $board_config['topics_per_page'];

}

ORDER BY $order_by";

//

$jumpbox = make_jumpbox();

$template->assign_vars(array(

"JUMPBOX_LIST" => $jumpbox,

"SELECT_NAME" => POST_FORUM_URL)

);

$template->assign_var_from_handle("JUMPBOX", "jumpbox");

$template->assign_vars(array(

"L_EMAIL" => $lang['Email'],

"L_WEBSITE" => $lang['Website'],

"S_MODE_SELECT" => $select_sort_mode,

"S_MODE_ACTION" => append_sid("memberlist.$phpEx"))

);

$members = $db->sql_fetchrowset($result);

for($i = 0; $i < $selected_members; $i++)

$joined = create_date($board_config['default_dateformat'], $members[$i]['user_regdate'], $board_config['default_timezone']);

$posts = ($members[$i]['user_posts']) ? $members[$i]['user_posts'] : 0;

if($members[$i]['user_avatar'] != "" && $user_id != ANONYMOUS)

{

$poster_avatar = (strstr("http", $members[$i]['user_avatar']) && $board_config['allow_avatar_remote']) ? "<img src=\"" . $members[$i]['user_avatar'] . "\" alt=\"\" />" : "<img src=\"" . $board_config['avatar_path'] . "/" . $members[$i]['user_avatar'] . "\" alt=\"\" />";

}

$pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post&amp;" . POST_USERS_URL . "=" . $members[$i]['user_id']) . "\"><img src=\"" . $images['icon_pm'] . "\" border=\"0\" alt=\"" . $lang['Send_private_message'] . "\" /></a>";

if($members[$i]['user_website'] != "")

{

$www_img = "<a href=\"" . stripslashes($members[$i]['user_website']) . "\" target=\"_userwww\"><img src=\"" . $images['icon_www'] . "\" border=\"0\" alt=\"" . $lang['Visit_website'] . "\" /></a>";

$row_class = (!($i % 2)) ? $theme['td_class1'] : $theme['td_class2'];

$template->assign_block_vars("memberrow", array(

"USERNAME" => $username,

"FROM" => $from,

"JOINED" => $joined,

"POSTS" => $posts,

"EMAIL_IMG" => $email_img,

"PM_IMG" => $pm_img,

"WWW_IMG" => $www_img,

"SEARCH_IMG" => $search)

);

}

if($mode != "topten" || $board_config['topics_per_page'] < 10)

{

WHERE user_id <> " . ANONYMOUS;

if(!$count_result = $db->sql_query($sql))

}

else

{

$total_members = 10;

}

$template->assign_vars(array(

"PAGINATION" => $pagination,

"ON_PAGE" => ( floor( $start / $board_config['topics_per_page'] ) + 1 ),

"TOTAL_PAGES" => ceil( $total_members / $board_config['topics_per_page'] ),

"L_OF" => $lang['of'],

"L_PAGE" => $lang['Page'],

"L_GOTO_PAGE" => $lang['Goto_page'])

*

***************************************************************************/

/**

* Moderator Control Panel

*

$forum_id = ($HTTP_POST_VARS[POST_FORUM_URL]) ? $HTTP_POST_VARS[POST_FORUM_URL] : $HTTP_GET_VARS[POST_FORUM_URL];

$topic_id = ($HTTP_POST_VARS[POST_TOPIC_URL]) ? $HTTP_POST_VARS[POST_TOPIC_URL] : $HTTP_GET_VARS[POST_TOPIC_URL];

if(empty($forum_id) || !isset($forum_id))

{

$sql = "SELECT f.forum_id, f.forum_name, f.forum_topics

$template->set_filenames(array(

"body" => "modcp_body.tpl",

"confirm" => "confirm_body.tpl",

"split_body" => "split_body.tpl")

);

$template->pparse("split_body");

}

}

default:

*

***************************************************************************/

$phpbb_root_path = "./";

include($phpbb_root_path . 'extension.inc');

include($phpbb_root_path . 'common.'.$phpEx);

//

// Set initial conditions

//

{

$forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? $HTTP_POST_VARS[POST_FORUM_URL] : $HTTP_GET_VARS[POST_FORUM_URL];

}

{

if( isset($HTTP_POST_VARS['submit']) || isset($HTTP_POST_VARS['preview']) )

{

}

else

{

AND user_id = " . $userdata['user_id'];

if( !$result = $db->sql_query($sql) )

{

}

//

// Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id

//

if( $mode != "newtopic" )

{

if($mode == "reply" && !empty($topic_id) )

{

AND f.forum_id = t.forum_id";

$msg = $lang['No_topic_id'];

}

else if( !empty($post_id) )

{

AND f.forum_id = t.forum_id";

$msg = $lang['No_post_id'];

{

if( isset($post_id) )

{

LIMIT 1";

}

else

$check_row = $db->sql_fetchrow($result);

$forum_id = $check_row['forum_id'];

$forum_status = $check_row['forum_status'];

if( $mode == "editpost" )

{

}

else

{

}

else

{

WHERE forum_id = $forum_id";

if($result = $db->sql_query($sql))

{

}

//

// ... note that we send NOT'ed version of the disable vars to the function

//

$message = prepare_message(stripslashes($HTTP_POST_VARS['message']), $html_on, $bbcode_on, $smilies_on, $bbcode_uid);

$message .= (ereg(" $", $message)) ? "[addsig]" : " [addsig]";

}

}

{

$message = stripslashes(trim($HTTP_POST_VARS['message']));

}

if($mode == "reply" || ( $mode == "newtopic" && $result ) )

{

VALUES ($new_topic_id, $forum_id, " . $userdata['user_id'] . ", '$username', $topic_time, '$user_ip', '$bbcode_uid', $bbcode_on, $html_on, $smilies_on)";

if($mode == "reply")

{

{

$new_post_id = $db->sql_nextid();

VALUES ($new_post_id, '$subject', '$message')";

if($db->sql_query($sql))

{

SET topic_last_post_id = $new_post_id";

if($mode == "reply")

{

if($db->sql_query($sql))

{

SET forum_last_post_id = $new_post_id, forum_posts = forum_posts + 1";

if($mode == "newtopic")

{

if($db->sql_query($sql))

{

WHERE user_id = " . $userdata['user_id'];

if($db->sql_query($sql, END_TRANSACTION))

//

if($mode == "reply")

{

AND u.user_id = tw.user_id";

if( $result = $db->sql_query($sql) )

{

$path = (dirname($HTTP_SERVER_VARS['REQUEST_URI']) == "/") ? "" : dirname($HTTP_SERVER_VARS['REQUEST_URI']);

$emailer->assign_vars(array(

"SITENAME" => $board_config['sitename'],

"TOPIC_TITLE" => $email_set[$i]['topic_title'],

"UN_WATCH_URL" => "http://" . $HTTP_SERVER_VARS['SERVER_NAME'] . $path . "/viewtopic.$phpEx?" . POST_TOPIC_URL . "=$new_topic_id&unwatch=topic",

"EMAIL_SIG" => $board_config['board_email'])

);

{

$update_watched_sql .= " OR ";

}

}

}

if($update_watched_sql != "")

{

$sql = "UPDATE " . TOPICS_WATCH_TABLE . "

AND $update_watched_sql";

$db->sql_query($sql);

}

{

if($mode == "reply")

{

AND user_id = " . $userdata['user_id'];

if( !$result = $db->sql_query($sql) )

{

{

if( !$notify )

{

AND user_id = " . $userdata['user_id'];

if( !$result = $db->sql_query($sql) )

{

}

else if( $notify )

{

VALUES (" . $userdata['user_id'] . ", $new_topic_id, 0)";

if( !$result = $db->sql_query($sql) )

{

}

else if( $notify )

{

VALUES (" . $userdata['user_id'] . ", $new_topic_id, 0)";

if( !$result = $db->sql_query($sql) )

{

{

if(SQL_LAYER == "mysql")

{

WHERE post_id = $new_post_id";

if( !$db->sql_query($sql) )

{

if( isset($post_id) )

{

AND p.poster_id = u.user_id";

if($result = $db->sql_query($sql))

{

$message = str_replace("<br />", "\n", $message);

$message = undo_htmlspecialchars($message);

// Special handling for </textarea> tags in the message, which can break the editing form..

$message = preg_replace('#</textarea>#si', '&lt;/TEXTAREA&gt;', $message);

$page_title = " " . $lang['Edit_post'];

$section_title = $lang['Edit_post_in'];

!$error && !$preview )

{

WHERE post_id = $post_id";

if($result = $db->sql_query($sql))

message_die(GENERAL_MESSAGE, $msg);

}

}

( $is_last_post || $is_auth['auth_mod'] ) )

{

// Output a confirmation message, unless we've over-ridden it on the posting_body form (

// override_confirm set ), this is so people can implement JavaScript checkers if they wish

//

!isset($HTTP_GET_VARS['confirm']) && !isset($HTTP_POST_VARS['confirm']))

{

);

$template->assign_vars(array(

"MESSAGE_TITLE" => $lang['Information'],

"S_HIDDEN_FIELDS" => $s_hidden_fields)

);

$template->pparse("confirm_body");

include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

}

isset($HTTP_POST_VARS['override_confirm']) )

{

WHERE post_id = $post_id";

if($db->sql_query($sql, BEGIN_TRANSACTION))

{

WHERE post_id = $post_id";

if($is_last_post && $is_first_post)

//

if($db->sql_query($sql))

{

WHERE topic_id = $topic_id";

$if_die_msg = "Couldn't delete from topics table";

}

//

if($db->sql_query($sql))

{

WHERE topic_id = $topic_id";

if($result = $db->sql_query($sql))

{

list($new_last_post_id) = $db->sql_fetchrow($result);

WHERE topic_id = $topic_id";

$sql_forum_upd = "forum_posts = forum_posts - 1";

message_die(GENERAL_ERROR, "Error deleting from post table", "", __LINE__, __FILE__, $sql);

}

}

{

//

// It's not last and it's not both first and last so it's somewhere in

$if_die_msg = "Couldn't delete from posts table";

}

//

// Updating the forum is common to all three possibilities,

// _remember_ we're still in a transaction here!

{

if($is_last_post_forum)

{

WHERE forum_id = $forum_id";

if($result = $db->sql_query($sql))

{

list($new_last_post_id) = $db->sql_fetchrow($result);

$new_last_sql = "";

}

WHERE forum_id = $forum_id";

if($db->sql_query($sql, END_TRANSACTION))

// If we get here the post has been deleted successfully.

//

$msg = $lang['Deleted'];

if(!$is_last_post || !$is_first_post)

{

$msg .= "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . "\">" . $lang['Here'] . "</a> " . $lang['to_return_topic'];

$edited_sql = "";

}

WHERE post_id = $post_id";

if($db->sql_query($sql, BEGIN_TRANSACTION))

{

WHERE post_id = $post_id";

if($is_first_post)

//

// Update topics table here, set notification level and such

//

WHERE topic_id = $topic_id";

if($db->sql_query($sql, END_TRANSACTION))

{

if( !empty($post_id) )

{

AND p.poster_id = u.user_id";

if($result = $db->sql_query($sql))

$message = str_replace("<br />", "\n", $message);

$message = undo_htmlspecialchars($message);

// Special handling for </textarea> tags in the message, which can break the editing form..

$message = preg_replace('#</textarea>#si', '&lt;/TEXTAREA&gt;', $message);

}

//

// preview but doing this here allows us to use it as a

// check for attach_sig later

//

//

// Define censored word matches

//

FROM " . WORDS_TABLE;

if( !$words_result = $db->sql_query($sql) )

{

$preview_message = bbencode_second_pass($preview_message, $bbcode_uid);

//

// HTML handling

//

if( !$html_on )

"preview" => "posting_preview.tpl")

);

$template->assign_vars(array(

"POSTER_NAME" => stripslashes($username),

"POST_DATE" => create_date($board_config['default_dateformat'], time(), $board_config['default_timezone']),

"MESSAGE" => $preview_message,

"L_PREVIEW" => $lang['Preview'],

"L_POSTED" => $lang['Posted'])

);

"L_OPTIONS" => $lang['Options'],

"L_PREVIEW" => $lang['Preview'],

"L_SUBMIT" => $lang['Submit_post'],

"L_POST_A" => $post_a,

"L_HTML_IS" => $lang['HTML'] . " " . $lang['is'],

"L_BBCODE_IS" => $lang['BBCode'] . " " . $lang['is'],

"L_SMILIES_ARE" => $lang['Smilies'] . " " . $lang['are'],

"S_POST_ACTION" => append_sid("posting.$phpEx"),

"S_HIDDEN_FORM_FIELDS" => $hidden_form_fields)

*

***************************************************************************/

$phpbb_root_path = "./";

include($phpbb_root_path . 'extension.inc');

include($phpbb_root_path . 'common.'.$phpEx);

*

***************************************************************************/

$phpbb_root_path = "./";

include($phpbb_root_path . 'extension.inc');

include($phpbb_root_path . 'common.'.$phpEx);

*

***************************************************************************/

//

// Massive overhaul for phpBB2,

// originally based on search code

$searchstring = stripslashes(trim(preg_replace($searchchars, $replacechars, preg_quote(strip_tags($searchstring)))));

//

// specific words which should not be search on

//

// This is what I actually use on the Typhoon site. The

//

// Search for words (OR AND and NOT arrays)

$searchstring = "";

for($i=0;$i<count($binsearchtype);$i++)

{

if($binsearchtype[$i] == "AND" && count($searchlistandtype["AND"]))

{

$searchstring .= ") AND (";

for($j=0;$j<count($searchlistandtype["AND"]);$j++)

{

$searchstring .= " AND ";

$findword = addslashes($searchlistandtype["AND"][$j]);

$is_phrase_word = $searchlist_isphrase["AND"][$j];

}

elseif($binsearchtype[$i] == "OR" && count($searchlistandtype["OR"]))

{

$searchstring .= ") AND (";

for($j=0;$j<count($searchlistandtype["OR"]);$j++)

{

$searchstring .= " OR ";

$findword = addslashes($searchlistandtype["OR"][$j]);

$is_phrase_word = $searchlist_isphrase["OR"][$j];

}

elseif($binsearchtype[$i] == "NOT" && count($searchlistandtype["NOT"]))

{

$searchstring .= ") AND (";

for($j=0;$j<count($searchlistandtype["NOT"]);$j++)

{

$searchstring .= " AND ";

$findword = addslashes($searchlistandtype["NOT"][$j]);

$is_phrase_word = $searchlist_isphrase["NOT"][$j];

$authorstring = (isset($HTTP_POST_VARS['authorstring'])) ? $HTTP_POST_VARS['authorstring'] : ( (!empty($HTTP_GET_VARS['a'])) ? stripslashes($HTTP_GET_VARS['a']) : "" );

$return_chars = ($HTTP_POST_VARS['charsreqd'] != "all") ? $HTTP_POST_VARS['charsreqd'] : -1;

$searchall = ($HTTP_POST_VARS['addterms'] == "all") ? 1 : ( ($HTTP_GET_VARS['m'] == "all") ? 1 : 0 );

$searchforum = (isset($HTTP_POST_VARS['searchforum'])) ? $HTTP_POST_VARS['searchforum'] : $HTTP_GET_VARS['f'] ;

$sortby = (isset($HTTP_POST_VARS['sortby'])) ? $HTTP_POST_VARS['sortby'] : $HTTP_GET_VARS['b'];

// forums

//

$is_auth_ary = auth(AUTH_READ, AUTH_LIST_ALL, $userdata);

//

// Start building appropriate SQL query

//

FROM ".FORUMS_TABLE." f, ".TOPICS_TABLE." t, ".USERS_TABLE." u, ".POSTS_TEXT_TABLE." pt, ".POSTS_TABLE." p ";

//

if(!ereg("\([ ]*\)",$search_sql))

{

AND (p.poster_id = u.user_id)";

if($searchforum != "all")

}

$sql .= " ORDER BY ".$sortby_sql[$sortby]." $sortby_dir";

$result = $db->sql_query($sql);

if(!$result)

{

//

// Output header

//

$template->set_filenames(array(

"body" => "search_results_body.tpl",

{

$message = (strlen($message) > $return_chars) ? substr($message, 0, $return_chars) . " ..." : $message;

}

$message = strip_tags($message);

//

// Remove BBCode

$template->assign_block_vars("searchresults", array(

"TOPIC_TITLE" => stripslashes($searchset[$i]['topic_title']),

"FORUM_NAME" => stripslashes($searchset[$i]['forum_name']),

"POSTER_NAME" => stripslashes($searchset[$i]['username']),

"TOPIC_REPLIES" => $searchset[$i]['topic_replies'],

"TOPIC_VIEWS" => $searchset[$i]['topic_views'],

"PAGINATION" => generate_pagination($base_url, count($searchset), $board_config['posts_per_page'], $start),

"ON_PAGE" => (floor($start/$board_config['posts_per_page'])+1),

"TOTAL_PAGES" => ceil((count($searchset))/$board_config['posts_per_page']),

"L_OF" => $lang['of'],

"L_PAGE" => $lang['Page'],

"L_GOTO_PAGE" => $lang['Goto_page'])

// an auth function return of

// all accessible forums ... I think

//

FROM " . FORUMS_TABLE . "

ORDER BY cat_id, forum_order";

$result = $db->sql_query($sql);

"L_SEARCH_AUTHOR" => $lang['Search_author'],

"L_LIMIT_CHARACTERS" => $lang['Limit_chars'],

"L_SORT_BY" => $lang['Sort_by'],

"L_SORT_DECENDING" => $lang['Sort_Decending'],

"S_SEARCH_ACTION" => append_sid("search.$phpEx"),

"S_CHARACTER_OPTIONS" => $s_characters,

"S_SORT_OPTIONS" => $s_sortby,

"S_HIDDEN_FIELDS" => $s_hidden_fields)

);

* upgrade_20.php

* -------------------

* begin : Sat Oct 14 2000

* $id upgrade_20.php,v 1.9 2001/03/23 01:32:41 psotfx Exp $

****************************************************************************/

include('extension.inc');

include('config.'.$phpEx);

include('includes/constants.'.$phpEx);

}

{

{

$ip_sep = explode(".", $ip);

$return = (( $ip_sep[0] * 0xFFFFFF + $ip_sep[0] ) + ( $ip_sep[1] * 0xFFFF + $ip_sep[1] ) + ( $ip_sep[2] * 0xFF + $ip_sep[2] ) + ( $ip_sep[3] ) );

}

{

$return = sprintf( "%d.%d.%d.%d", ( ( $ip >> 24 ) & 0xFF ), ( ( $ip >> 16 ) & 0xFF ), ( ( $ip >> 8 ) & 0xFF ), ( ( $ip ) & 0xFF ) );

}

return($return);

function convert_date($date_in)

{

// Original phpBB format

list($year, $month, $day) = split("-", $date);

list($hours, $minutes) = split(":", $time);

return($timestamp);

}

//

// Following functions adapted from phpMyAdmin

//

// Returns a string containing the CREATE statement on success

//

function get_table_def($db, $table, $crlf) {

}

while ($row = $db->sql_fetchrow($result)) {

$schema_create .= " $row[Field] $row[Type]";

if (!empty($row["Default"])){

$schema_create .= " DEFAULT '$row[Default]'";

}

if ($row["Extra"] != ""){

$schema_create .= " $row[Extra]";

}

$schema_create .= ",$crlf";

}

$error = $db->sql_error();

error_die($db, GENERAL_ERROR, "Failed in get_table_content (show keys) : ".$error["message"]);

}

while ($row = $db->sql_fetchrow($result)){

$kname=$row['Key_name'];

if (($kname != "PRIMARY") && ($row['Non_unique'] == 0)){

$kname="UNIQUE|$kname";

}

$schema_create .= " KEY $x (" . implode($columns, ", ") . ")";

}

}

$schema_create .= "$crlf);";

return (stripslashes($schema_create));

//

// Get the content of table as a series of INSERT statements.

error_die($db, GENERAL_ERROR, "Failed in get_table_content (select * ) : ".$error["message"]);

}

$i = 0;

while ($row = $db->sql_fetchrow($result)) {

$schema_insert = "INSERT INTO $table VALUES(";

for ($j=0; $j<$db->sql_numfields($result);$j++) {

function output_table_content($content){

echo $content."\n";

return;

}

$quote_end_html = "</BLOCKQUOTE></FONT></TD></TR><TR><TD><HR></TD></TR></TABLE><!-- BBCode Quote End -->";

$message = str_replace($quote_start_html, "[quote]", $message);

$message = str_replace($quote_end_html, "[/quote]", $message);

// Undo [b] and [i]

$message = preg_replace("#<!-- BBCode Start --><B>(.*?)</B><!-- BBCode End -->#s", "[b]\\1[/b]", $message);

$message = preg_replace("#<!-- BBCode Start --><I>(.*?)</I><!-- BBCode End -->#s", "[i]\\1[/i]", $message);

// Undo [url] (long form)

$message = preg_replace("#<!-- BBCode u2 Start --><A HREF=\"([a-z]+?://)(.*?)\" TARGET=\"_blank\">(.*?)</A><!-- BBCode u2 End -->#s", "[url=\\1\\2]\\3[/url]", $message);

// Undo [url] (short form)

$message = preg_replace("#<!-- BBCode u1 Start --><A HREF=\"([a-z]+?://)(.*?)\" TARGET=\"_blank\">(.*?)</A><!-- BBCode u1 End -->#s", "[url]\\3[/url]", $message);

// Undo [email]

$message = preg_replace("#<!-- BBCode Start --><A HREF=\"mailto:(.*?)\">(.*?)</A><!-- BBCode End -->#s", "[email]\\1[/email]", $message);

$message = preg_replace("#<!-- BBCode Start --><IMG SRC=\"(.*?)\" BORDER=\"0\"><!-- BBCode End -->#s", "[img]\\1[/img]", $message);

// Undo lists (unordered/ordered)

// <li> tags:

$message = str_replace("<!-- BBCode --><LI>", "[*]", $message);

// [list] tags:

$message = str_replace("<!-- BBCode ulist Start --><UL>", "[list]", $message);

// [list=x] tags:

$message = preg_replace("#<!-- BBCode olist Start --><OL TYPE=([A1])>#si", "[list=\\1]", $message);

// [/list] tags:

$message = str_replace("</UL><!-- BBCode ulist End -->", "[/list]", $message);

$message = str_replace("</OL><!-- BBCode olist End -->", "[/list]", $message);

* - Does not distinguish between "www.xxxx.yyyy" and "http://aaaa.bbbb" type URLs.

*

*/

function undo_make_clickable($text) {

$text = preg_replace("#<!-- BBCode auto-link start --><a href=\"(.*?)\" target=\"_blank\">.*?</a><!-- BBCode auto-link end -->#i", "\\1", $text);

$text = preg_replace("#<!-- BBcode auto-mailto start --><a href=\"mailto:(.*?)\">.*?</a><!-- BBCode auto-mailto end -->#i", "\\1", $text);

return $text;

}

//

?>

<?php

{

{

case 'backup':

{

while($row = $db->sql_fetchrow($result))

{

('".$row["ban_id"]."', '".$row["ban_userid"]."', '".convert_ip($row["ban_ip"])."', '".$row["ban_start"]."', '".$row["ban_end"]."', '".$row["ban_time_type"]."')";

$insert_result = $db->sql_query($sql);

if(!$insert_result)

{

while($row = $db->sql_fetchrow($result))

{

(config_id, sitename, allow_html, allow_bbcode, allow_sig, allow_namechange, selected, posts_per_page, hot_threshold, topics_per_page, allow_theme_create, override_themes, email_sig, email_from, default_lang)

VALUES

('".$row["config_id"]."', '".$row["sitename"]."', '".$row["allow_html"]."', '".$row["allow_bbcode"]."', '".$row["allow_sig"]."', '".$row["allow_namechange"]."', '".$row["selected"]."', '".$row["posts_per_page"]."', '".$row["hot_threshold"]."', '".$row["topics_per_page"]."', '".$row["allow_theme_create"]."', '".$row["override_themes"]."', '".$row["email_sig"]."', '".$row["email_from"]."', '".$row["default_lang"]."')";

// do 2.x first-pass encoding..

$row['post_text'] = bbencode_first_pass($row['post_text'], $uid);

$row['post_text'] = addslashes($row['post_text']);

$sql = "INSERT INTO phpbb_posts

(post_id, topic_id, forum_id, poster_id, post_time, poster_ip, bbcode_uid)

VALUES

} // switch

} // if next

{

common_header();

?>

<INPUT TYPE="HIDDEN" NAME="next" VALUE="backup">

<INPUT TYPE="SUBMIT" VALUE="Next >">

</FORM>

}

?>

</BODY>

*

***************************************************************************/

$phpbb_root_path = "./";

include($phpbb_root_path . 'extension.inc');

include($phpbb_root_path . 'common.'.$phpEx);

AND t.topic_poster = u.user_id

AND p.post_id = t.topic_last_post_id

AND p.poster_id = u2.user_id

ORDER BY p.post_time DESC";

if(!$ta_result = $db->sql_query($sql))

{

<?php

* viewonline.php

* $Id$

$phpbb_root_path = "./";

include($phpbb_root_path . 'extension.inc');

$jumpbox = make_jumpbox();

$template->assign_vars(array(

"JUMPBOX_LIST" => $jumpbox,

"SELECT_NAME" => POST_FORUM_URL)

);

//

$sql = "SELECT u.user_id, u.username, u.user_allow_viewonline, s.session_page, s.session_logged_in, s.session_time

AND u.user_id = s.session_user_id

ORDER BY s.session_time DESC";

if(!$result = $db->sql_query($sql))

{

$sql = "SELECT session_page, session_logged_in, session_time

FROM " . SESSIONS_TABLE . "

AND session_time >= " . ( time() - 300 ) . "

ORDER BY session_time DESC";

if(!$result = $db->sql_query($sql))

$template->assign_vars(array(

"L_WHOSONLINE" => $lang['Who_is_online'],

"L_USERNAME" => $lang['Username'],

"L_LOCATION" => $lang['Location'],

"L_LAST_UPDATE" => $lang['Last_updated'])

$hidden = FALSE;

$registered_users++;

}

{

$displayed_userid_list .= "," . $onlinerow_reg[$i]['user_id'];

$l_is_are = ($registered_users == 1) ? $lang['is'] : $lang['are'];

$template->assign_vars(array(

);

}

else

{

$template->assign_vars(array(

"L_NO_REGISTERED_USERS_BROWSING" => $lang['No_users_browsing'])

);

}

$l_is_are = ($guest_users == 1) ? $lang['is'] : $lang['are'];

$template->assign_vars(array(

);

}

else

{

$template->assign_vars(array(

"L_NO_GUESTS_BROWSING" => $lang['No_guests_browsing'])

);

}

//

//

// be combined into the above query but the LEFT JOIN causes

// a number of problems which will probably end up in this

// solution being practically as fast and certainly simpler!

{

$can_watch_topic = TRUE;

AND user_id = " . $userdata['user_id'];

if( !$result = $db->sql_query($sql) )

{

$is_watching_topic = 0;

$sql_priority = (SQL_LAYER == "mysql") ? "LOW_PRIORITY" : "";

AND user_id = " . $userdata['user_id'];

if( !$result = $db->sql_query($sql) )

{

if( $watch_data['notify_status'] )

{

$sql_priority = (SQL_LAYER == "mysql") ? "LOW_PRIORITY" : "";

AND user_id = " . $userdata['user_id'];

if( !$result = $db->sql_query($sql) )

{

$is_watching_topic = TRUE;

$sql_priority = (SQL_LAYER == "mysql") ? "LOW_PRIORITY" : "";

VALUES (" . $userdata['user_id'] . ", $topic_id, 0)";

if( !$result = $db->sql_query($sql) )

{

//

// Define censored word matches

//

FROM " . WORDS_TABLE;

if( !$words_result = $db->sql_query($sql) )

{

"TOPIC_ID" => $topic_id,

"TOPIC_TITLE" => $topic_title,

"S_SELECT_POST_DAYS" => $select_post_days,

"S_SELECT_POST_ORDER" => $select_post_order,

if( $is_auth['auth_mod'] )

{

$delpost_img = "<a href=\"" . append_sid("topicadmin.$phpEx?mode=delpost&amp;" . POST_POST_URL . "=" . $postrow[$i]['post_id']) . "\"><img src=\"" . $images['icon_delpost'] . "\" alt=\"" . $lang['Delete_post'] . "\" border=\"0\" /></a>";

}

$message = stripslashes($postrow[$i]['post_text']);

$post_subject = ($postrow[$i]['post_subject'] != "") ? stripslashes($postrow[$i]['post_subject']) : $topic_title;

$message = bbencode_second_pass($message, $bbcode_uid);

//

// HTML handling

//

if(!$postrow[$i]['enable_html'] || ($postrow[$i]['enable_html'] && !$board_config['allow_html']) )

"ON_PAGE" => ( floor( $start / $board_config['posts_per_page'] ) + 1 ),

"TOTAL_PAGES" => ceil( $total_replies / $board_config['posts_per_page'] ),

"S_AUTH_MOD_IMG" => $s_auth_mod_img,

"L_OF" => $lang['of'],

"L_PAGE" => $lang['Page'],