PageRenderTime 50ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/forums.php

https://bitbucket.org/marecki/orodlin-v.1
PHP | 676 lines | 507 code | 43 blank | 126 comment | 123 complexity | 73efffbeddb6c3540fb4165fad35b6a5 MD5 | raw file
  1. <?php
  2. /**
  3. * File functions:
  4. * Forums in game
  5. *
  6. * @name : forums.php
  7. * @copyright : (C) 2004,2005,2006 Vallheru Team based on Gamers-Fusion ver 2.5
  8. * @author : thindil <thindil@users.sourceforge.net>
  9. * @author : mori <ziniquel@users.sourceforge.net>
  10. * @author : eyescream <tduda@users.sourceforge.net>
  11. * @author : Erechail <kuba.stasiak at gmail.com>
  12. * @version : 1.4a
  13. * @since : 17.07.2007
  14. *
  15. */
  16. //
  17. //
  18. // This program is free software; you can redistribute it and/or modify
  19. // it under the terms of the GNU General Public License as published by
  20. // the Free Software Foundation; either version 2 of the License, or
  21. // (at your option) any later version.
  22. //
  23. // This program is distributed in the hope that it will be useful,
  24. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  25. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  26. // GNU General Public License for more details.
  27. //
  28. // You should have received a copy of the GNU General Public License
  29. // along with this program; if not, write to the Free Software
  30. // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  31. //
  32. // $Id$
  33. $title = 'Forum';
  34. require_once('includes/head.php');
  35. function FormatDate ($milis)
  36. {
  37. return Date ("y/m/d H:i:s", $milis);
  38. }
  39. /**
  40. * Get the localization for game
  41. */
  42. require_once('languages/'.$player -> lang.'/forums.php');
  43. /**
  44. * Category list
  45. */
  46. if (isset ($_GET['view']) && $_GET['view'] == 'categories')
  47. {
  48. if (isset($_GET['sweep']) && ereg('^[1-9][0-9]*$', $_GET['sweep']))
  49. {
  50. if (!isset($_GET['step']))
  51. {
  52. $smarty -> assign(array('Sweep' => $_GET['sweep'],
  53. 'Fquestion' => YOU_SURE,
  54. 'Ayes' => A_YES));
  55. }
  56. else
  57. if ($player-> rank =='Admin' || $player -> rank == 'Staff')
  58. {
  59. $objTest = $db -> Execute('SELECT `id`,`perm_write` FROM `categories` WHERE `id`='.$_GET['sweep']);
  60. if (strpos($objTest -> fields['perm_write'], 'All') === false && strpos($objTest -> fields['perm_write'], 'Staff') === false && $player -> rank != 'Admin')
  61. {
  62. error(NO_PERM);
  63. }
  64. else
  65. {
  66. $objTopics = $db -> Execute('SELECT `id` FROM `topics` WHERE `cat_id`='.$_GET['sweep'].' AND `sticky`=\'N\'');
  67. while (!$objTopics -> EOF)
  68. {
  69. $db -> Execute('DELETE FROM `replies` WHERE `topic_id`='.$objTopics -> fields['id']);
  70. $objTopics -> MoveNext();
  71. }
  72. $db -> Execute('DELETE FROM `topics` WHERE `cat_id`='.$_GET['sweep'].' AND `sticky`=\'N\'');
  73. $smarty -> assign ('Message',YOU_SWEEPED);
  74. $smarty -> display('error1.tpl');
  75. }
  76. $objTest -> Close();
  77. }
  78. }
  79. /**
  80. * Display categories viewable for all
  81. */
  82. $cat = $db -> Execute('SELECT `id`, `name`, `desc` FROM `categories` WHERE `perm_visit` LIKE \'All;\' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
  83. $arrid = array();
  84. $arrname = array();
  85. $arrtopics = array();
  86. $arrdesc = array();
  87. $i = 0;
  88. while (!$cat -> EOF)
  89. {
  90. $query = $db -> Execute('SELECT count(*) FROM `topics` WHERE `cat_id`='.$cat -> fields['id']);
  91. $arrtopics[$i] = $query -> fields['count(*)'];
  92. $query -> Close();
  93. $arrid[$i] = $cat -> fields['id'];
  94. $arrname[$i] = $cat -> fields['name'];
  95. $arrdesc[$i] = $cat -> fields['desc'];
  96. $cat -> MoveNext();
  97. $i ++;
  98. }
  99. $cat -> Close();
  100. /**
  101. * Display categories with permission to view
  102. */
  103. $strPermission = ($player -> rank == 'Admin') ? '%' : $player -> rank;
  104. $cat = $db -> Execute('SELECT `id`, `name`, `desc` FROM categories WHERE `perm_visit` LIKE \'%'.$strPermission.'%\' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
  105. while (!$cat -> EOF)
  106. {
  107. if (in_array($cat -> fields['id'], $arrid))
  108. {
  109. $cat -> MoveNext();
  110. continue;
  111. }
  112. $query = $db -> Execute('SELECT count(*) FROM `topics` WHERE `cat_id`='.$cat -> fields['id']);
  113. $arrtopics[$i] = $query -> fields['count(*)'];
  114. $query -> Close();
  115. $arrid[$i] = $cat -> fields['id'];
  116. $arrname[$i] = $cat -> fields['name'];
  117. $arrdesc[$i] = $cat -> fields['desc'];
  118. $cat -> MoveNext();
  119. $i ++;
  120. }
  121. $cat -> Close();
  122. $smarty -> assign(array('Id' => $arrid,
  123. 'Name' => $arrname,
  124. 'Topics1' => $arrtopics,
  125. 'Description' => $arrdesc,
  126. 'Tcategory' => T_CATEGORY,
  127. 'Ttopics' => T_TOPICS,
  128. 'ASweep' => A_SWEEP));
  129. }
  130. /**
  131. * Topic list
  132. */
  133. if (isset($_GET['topics']))
  134. {
  135. if (!ereg("^[1-9][0-9]*$", $_GET['topics']))
  136. {
  137. error(ERROR);
  138. }
  139. /**
  140. * Check for permissions
  141. */
  142. if ($player -> rank != 'Admin')
  143. {
  144. $objPerm = $db -> Execute('SELECT `perm_visit` FROM `categories` WHERE id='.$_GET['topics']);
  145. if ($objPerm -> fields['perm_visit'] != 'All;')
  146. {
  147. $intPerm = strpos($objPerm -> fields['perm_visit'], $player -> rank);
  148. if ($intPerm === false)
  149. {
  150. error(NO_PERM);
  151. }
  152. }
  153. $objPerm -> Close();
  154. }
  155. /*
  156. Extract category name
  157. */
  158. $objCatName = $db->Execute ('SELECT name FROM categories WHERE id=\''.$_GET['topics'].'\'');
  159. $CatName = $objCatName->fields ['name'];
  160. /**
  161. * Show new topic and replies on forums
  162. */
  163. if (!isset($_SESSION['forums']))
  164. {
  165. $objLasttime = $db -> Execute('SELECT `forum_time` FROM `players` WHERE `id`='.$player -> id);
  166. $_SESSION['forums'] = $objLasttime -> fields['forum_time'];
  167. $objLasttime -> Close();
  168. $db -> Execute('UPDATE `players` SET `forum_time`='.(time()).' WHERE id='.$player -> id);
  169. }
  170. /**
  171. * Select sticky threads
  172. */
  173. $topic = $db -> Execute('SELECT `w_time`, `id`, `topic`, `starter`, `gracz` FROM `topics` WHERE `sticky`=\'Y\' AND `cat_id`='.$_GET['topics'].' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
  174. $arrid = array();
  175. $arrtopic = array();
  176. $arrstarter = array();
  177. $arrStarterID = array ();
  178. $arrreplies = array();
  179. $arrNewtopic = array();
  180. $arrDates = array ();
  181. $i = 0;
  182. while (!$topic -> EOF)
  183. {
  184. $arrNewtopic[$i] = ($topic -> fields['w_time'] > $_SESSION['forums']) ? 'Y' : 'N';
  185. $query = $db -> Execute('SELECT `w_time` FROM `replies` WHERE `topic_id`='.$topic -> fields['id']);
  186. if ($arrNewtopic[$i] == 'N')
  187. {
  188. while (!$query -> EOF)
  189. {
  190. if ($query -> fields['w_time'] > $_SESSION['forums'])
  191. {
  192. $arrNewtopic[$i] = 'Y';
  193. break;
  194. }
  195. $query -> MoveNext();
  196. }
  197. }
  198. $replies = $query -> RecordCount();
  199. $query -> Close();
  200. $arrid[$i] = $topic -> fields['id'];
  201. $arrtopic[$i] = "<b>".$topic -> fields['topic']."</b>";
  202. //$arrtopic[$i] = $topic->fields['topic'];
  203. //TODO:
  204. /*
  205. Przejściowe, jak poznikają tematy z dodanymi w treści datami to się usunie. :)
  206. */
  207. $arrtopic[$i] = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $arrtopic[$i]);
  208. //end TODO
  209. $arrDates[$i] = FormatDate ($topic->fields['w_time']);
  210. $arrstarter[$i] = $topic -> fields['starter'];
  211. $arrStarterID[$i] = $topic->fields['gracz'];
  212. $arrreplies[$i] = $replies;
  213. $topic -> MoveNext();
  214. $i = $i + 1;
  215. }
  216. $topic -> Close();
  217. /**
  218. * Select normal threads
  219. */
  220. $topic = $db -> Execute('SELECT `w_time`, `id`, `topic`, `starter`, `gracz` FROM `topics` WHERE `sticky`=\'N\' AND `cat_id`='.$_GET['topics'].' AND `lang`=\''.$player -> lang.'\' OR `lang`=\''.$player -> seclang.'\' ORDER BY `id` ASC');
  221. while (!$topic -> EOF)
  222. {
  223. $arrNewtopic[$i] = ($topic -> fields['w_time'] > $_SESSION['forums']) ? 'Y' : 'N';
  224. $query = $db -> Execute('SELECT `w_time` FROM `replies` WHERE `topic_id`='.$topic -> fields['id']);
  225. if ($arrNewtopic[$i] == 'N')
  226. {
  227. while (!$query -> EOF)
  228. {
  229. if ($query -> fields['w_time'] > $_SESSION['forums'])
  230. {
  231. $arrNewtopic[$i] = 'Y';
  232. break;
  233. }
  234. $query -> MoveNext();
  235. }
  236. }
  237. $replies = $query -> RecordCount();
  238. $query -> Close();
  239. $arrid[$i] = $topic -> fields['id'];
  240. $arrtopic[$i] = $topic -> fields['topic'];
  241. //TODO:
  242. /*
  243. Przejściowe, jak poznikają tematy z dodanymi w treści datami to się usunie. :)
  244. */
  245. $arrtopic[$i] = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $arrtopic[$i]);
  246. $arrDates[$i] = FormatDate ($topic->fields['w_time']);
  247. $arrstarter[$i] = $topic -> fields['starter'];
  248. $arrStarterID[$i] = $topic->fields['gracz'];
  249. $arrreplies[$i] = $replies;
  250. $topic -> MoveNext();
  251. $i = $i + 1;
  252. }
  253. $topic -> Close();
  254. $smarty -> assign(array('Category' => $_GET['topics'],
  255. 'CategoryName' => $CatName,
  256. 'Id' => $arrid,
  257. 'Topic1' => $arrtopic,
  258. 'Starter1' => $arrstarter,
  259. 'StarterID' => $arrStarterID,
  260. 'Replies1' => $arrreplies,
  261. 'Dates' => $arrDates,
  262. 'Tcategory' => T_CATEGORY,
  263. 'Ttopic' => T_TOPIC,
  264. 'Tauthor' => T_AUTHOR,
  265. 'Treplies' => T_REPLIES,
  266. 'Addtopic' => ADD_TOPIC,
  267. 'Ttext' => T_TEXT,
  268. 'Aback' => A_BACK,
  269. 'Tocategories' => TO_CATEGORIES,
  270. 'Asearch' => A_SEARCH,
  271. 'Tword' => T_WORD,
  272. 'Tsticky' => T_STICKY,
  273. 'Newtopic' => $arrNewtopic));
  274. }
  275. /**
  276. * View topic
  277. */
  278. if (isset($_GET['topic']))
  279. {
  280. if (!ereg("^[1-9][0-9]*$", $_GET['topic']))
  281. {
  282. error(ERROR);
  283. }
  284. if (isset($_GET['quote']))
  285. {
  286. if (!ereg("^[1-9][0-9]*$", $_GET['quote']))
  287. {
  288. error(ERROR);
  289. }
  290. }
  291. $topicinfo = $db -> Execute('SELECT * FROM `topics` WHERE `id`='.$_GET['topic']);
  292. if (!$topicinfo -> fields['id'])
  293. {
  294. error (NO_TOPIC);
  295. }
  296. /**
  297. * Check for permissions
  298. */
  299. if ($player -> rank != 'Admin')
  300. {
  301. $objPerm = $db -> Execute('SELECT `perm_visit` FROM `categories` WHERE `id`='.$topicinfo -> fields['cat_id']);
  302. if ($objPerm -> fields['perm_visit'] != 'All;')
  303. {
  304. $intPerm = strpos($objPerm -> fields['perm_visit'], $player -> rank);
  305. if ($intPerm === false)
  306. {
  307. error(NO_PERM);
  308. }
  309. }
  310. $objPerm -> Close();
  311. }
  312. $strStickyaction = ($topicinfo -> fields['sticky'] == 'N') ? ' (<a href="forums.php?sticky='.$topicinfo -> fields['id'].'&amp;action=Y">'.A_STICKY.'</a>)' : ' (<a href="forums.php?sticky='.$topicinfo -> fields['id'].'&amp;action=N">'.A_UNSTICKY.'</a>)';
  313. $smarty -> assign ('Action', ($player -> rank == 'Admin' || $player -> rank == 'Staff') ? ' (<a href="forums.php?kasuj1='.$topicinfo -> fields['id'].'">'.A_DELETE.'</a>)'.$strStickyaction : '' );
  314. $text1 = wordwrap($topicinfo -> fields['body'],45,"\n",1);
  315. $strReplytext = isset($_GET['quotet']) ? '[quote]'.$text1.'[/quote]' : R_TEXT;
  316. $reply = $db -> Execute('SELECT * FROM `replies` WHERE `topic_id`='.$topicinfo -> fields['id'].' ORDER BY `id` ASC');
  317. $arrstarter = array();
  318. $arrplayerid = array();
  319. $arrtext = array();
  320. $arraction = array();
  321. $arrRid = array();
  322. $arrDates = array ();
  323. /*
  324. Extract category name.
  325. */
  326. $objCatName = $db->Execute ('SELECT name FROM categories WHERE id=\''.$topicinfo->fields['cat_id'].'\'');
  327. $CatName = $objCatName->fields ['name'];
  328. //TODO:
  329. /*
  330. Przejściowe, jak poznikają tematy z dodanymi w treści datami to się usunie. :)
  331. */
  332. $topicinfo->fields['topic'] = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $topicinfo->fields['topic']);
  333. $TopicDate = FormatDate ($topicinfo->fields['w_time']);
  334. $i = 0;
  335. while (!$reply -> EOF)
  336. {
  337. $arrstarter[$i] = $reply -> fields['starter'];
  338. $arrplayerid[$i] = $reply -> fields['gracz'];
  339. $arraction[$i] = ($player -> rank == 'Admin' || $player -> rank == 'Staff') ? '(<a href="forums.php?kasuj='.$reply -> fields['id'].'">'.A_DELETE.'</a>)' : '';
  340. $text = wordwrap($reply -> fields['body'],45,"\n",1);
  341. //TODO: wywalić później, jw.
  342. $text = preg_replace ('/^<b>[0-9][0-9]-[01][0-9]-[0-3][0-9]<\/b>/', '', $text);
  343. if (isset($_GET['quote']) && $_GET['quote'] == $reply -> fields['id'])
  344. {
  345. $strText = preg_replace("/[0-9][0-9]-[0-9][0-9]-[0-9][0-9]/", "", $reply -> fields['body']);
  346. $strText = str_replace("<b></b><br />", "", $strText);
  347. $strReplytext = '[quote]'.$strText.'[/quote]';
  348. }
  349. $arrtext[$i] = $text;
  350. $arrRid[$i] = $reply -> fields['id'];
  351. $arrDates[$i] = FormatDate ($reply->fields['w_time']);
  352. $reply -> MoveNext();
  353. $i = $i + 1;
  354. }
  355. $reply -> Close();
  356. $smarty -> assign(array('Topic2' => $topicinfo -> fields['topic'],
  357. 'Starter' => $topicinfo -> fields['starter'],
  358. 'Playerid' => $topicinfo -> fields['gracz'],
  359. 'Category' => $topicinfo -> fields['cat_id'],
  360. 'TopicDate' => $TopicDate,
  361. 'CategoryName' => $CatName,
  362. 'Tcategory' => T_CATEGORY,
  363. 'Tocategories' => TO_CATEGORIES,
  364. 'Totopics' => TO_TOPICS,
  365. 'or' => A_OR,
  366. 'Dates' => $arrDates,
  367. 'Ttext' => $text1,
  368. 'Rstarter' => $arrstarter,
  369. 'Rplayerid' => $arrplayerid,
  370. 'Rtext' => $arrtext,
  371. 'Action2' => $arraction,
  372. 'Id' => $topicinfo -> fields['id'],
  373. 'Rid' => $arrRid,
  374. 'Writeby' => WRITE_BY,
  375. 'Wid' => W_ID,
  376. 'Areply' => A_REPLY,
  377. 'Rtext2' => $strReplytext,
  378. 'Aback' => A_BACK,
  379. 'Aquote' => A_QUOTE,
  380. 'Write' => WRITE));
  381. $topicinfo -> Close();
  382. }
  383. /**
  384. * Add topic
  385. */
  386. if (isset ($_GET['action']) && $_GET['action'] == 'addtopic')
  387. {
  388. if (empty ($_POST['title2']) || empty ($_POST['body']))
  389. {
  390. error (EMPTY_FIELDS);
  391. }
  392. /**
  393. * Check for permissions
  394. */
  395. if ($player -> rank != 'Admin')
  396. {
  397. $objPerm = $db -> Execute('SELECT `perm_write` FROM `categories` WHERE `id`='.$_POST['catid']);
  398. if ($objPerm -> fields['perm_write'] != 'All;')
  399. {
  400. $intPerm = strpos($objPerm -> fields['perm_write'], $player -> rank);
  401. if ($intPerm === false)
  402. {
  403. error(NO_PERM2);
  404. }
  405. }
  406. $objPerm -> Close();
  407. }
  408. if (isset($_POST['sticky']))
  409. {
  410. if ($player -> rank != 'Admin' && $player -> rank != 'Staff')
  411. {
  412. error(NO_PERM3);
  413. }
  414. $strSticky = 'Y';
  415. }
  416. else
  417. {
  418. $strSticky = 'N';
  419. }
  420. $_POST['title2'] = strip_tags($_POST['title2']);
  421. require_once('includes/bbcode.php');
  422. $_POST['body'] = censorship($_POST['body']);
  423. $_POST['body'] = bbcodetohtml($_POST['body']);
  424. $_POST['title2'] = censorship($_POST['title2']);
  425. //$_POST['title2'] = '<b>'.$data.'</b> '.$_POST['title2']; !!!
  426. $strBody = $db -> qstr($_POST['body'], get_magic_quotes_gpc());
  427. $strTitle = $db -> qstr($_POST['title2'], get_magic_quotes_gpc());
  428. $db -> Execute('INSERT INTO `topics` (`topic`, `body`, `starter`, `gracz`, `cat_id`, `w_time`, `sticky`) VALUES('.$strTitle.', '.$strBody.', \''.$player -> user.'\', '.$player -> id.', '.$_POST['catid'].', '.(time()).', \''.$strSticky.'\')') or die('Could not add topic.');
  429. error (TOPIC_ADD.' <a href="forums.php?topics='.$_POST['catid'].'">'.TO_BACK);
  430. }
  431. /**
  432. * Add reply
  433. */
  434. if (isset($_GET['reply']))
  435. {
  436. $query = $db -> Execute('SELECT `cat_id` FROM `topics` WHERE `id`='.$_GET['reply']);
  437. /**
  438. * Check for permissions
  439. */
  440. if ($player -> rank != 'Admin')
  441. {
  442. $objPerm = $db -> Execute('SELECT `perm_write` FROM `categories` WHERE `id`='.$query -> fields['cat_id']);
  443. if ($objPerm -> fields['perm_write'] != 'All;')
  444. {
  445. $intPerm = strpos($objPerm -> fields['perm_write'], $player -> rank);
  446. if ($intPerm === false)
  447. {
  448. error(NO_PERM2);
  449. }
  450. }
  451. $objPerm -> Close();
  452. }
  453. $exists = $query -> RecordCount();
  454. $intCatID = $query -> fields['cat_id'];
  455. $query -> Close();
  456. if ($exists <= 0)
  457. {
  458. error (NO_TOPIC);
  459. }
  460. if (empty ($_POST['rep']))
  461. {
  462. error (EMPTY_FIELDS);
  463. }
  464. require_once('includes/bbcode.php');
  465. $_POST['rep'] = censorship($_POST['rep']);
  466. $_POST['rep'] = bbcodetohtml($_POST['rep']);
  467. //$_POST['rep'] = '<b>'.$data.'</b><br />'.$_POST['rep']; !!! Tak!
  468. $strBody = $db -> qstr($_POST['rep'], get_magic_quotes_gpc());
  469. $db -> Execute('INSERT INTO `replies` (`starter`, `topic_id`, `body`, `gracz`, `w_time`) VALUES(\''.$player -> user.'\', '.$_GET['reply'].', '.$strBody.', '.$player -> id.', '.(time()).')');// or die('Could not add reply.');
  470. error (REPLY_ADD.' <a href="forums.php?topic='.$_GET['reply'].'">'.A_HERE.'</a> '.RETURN1.' <a href="forums.php?topics='.$intCatID.'">'.A_HERE.'</a> '.RETURN2);
  471. }
  472. /**
  473. * Sticky/Unsticky topics
  474. */
  475. if (isset($_GET['sticky']))
  476. {
  477. if ($player -> rank != 'Admin' && $player -> rank != 'Staff' || !ereg("^[1-9][0-9]*$", $_GET['sticky'] || $_GET['action'] != 'Y' && $_GET['action'] != 'N'))
  478. {
  479. error(ERROR);
  480. }
  481. $db -> Execute('UPDATE `topics` SET `sticky`=\''.$_GET['action'].'\' WHERE `id`='.$_GET['sticky']);
  482. error((($_GET['action'] == 'Y') ? YOU_STICKY : YOU_UNSTICKY).' <a href="forums.php?topic='.$_GET['sticky'].'">'.A_BACK.'</a>');
  483. }
  484. /**
  485. * Delete post
  486. */
  487. if (isset($_GET['kasuj']))
  488. {
  489. if ($player -> rank != 'Admin' && $player -> rank != 'Staff')
  490. {
  491. error(ERROR);
  492. }
  493. if (!ereg("^[1-9][0-9]*$", $_GET['kasuj']))
  494. {
  495. error(ERROR);
  496. }
  497. $tid = $db -> Execute('SELECT `topic_id` FROM `replies` WHERE `id`='.$_GET['kasuj']);
  498. $db -> Execute('DELETE FROM `replies` WHERE `id`='.$_GET['kasuj']);
  499. error (POST_DEL.' <a href="forums.php?topic='.$tid -> fields['topic_id'].'">'.A_BACK.'</a>');
  500. }
  501. /**
  502. * Delete topic
  503. */
  504. if (isset($_GET['kasuj1']))
  505. {
  506. if ($player -> rank != 'Admin' && $player -> rank != 'Staff')
  507. {
  508. error(ERROR);
  509. }
  510. if (!ereg("^[1-9][0-9]*$", $_GET['kasuj1']))
  511. {
  512. error(ERROR);
  513. }
  514. $cid = $db -> Execute('SELECT `cat_id` FROM `topics` WHERE `id`='.$_GET['kasuj1']);
  515. $db -> Execute('DELETE FROM `replies` WHERE `topic_id`='.$_GET['kasuj1']);
  516. $db -> Execute('DELETE FROM `topics` WHERE `id`='.$_GET['kasuj1']);
  517. error (TOPIC_DEL.' <a href="forums.php?topics='.$cid -> fields['cat_id'].'">'.A_BACK.'</a>');
  518. }
  519. /**
  520. * Search words
  521. */
  522. if (isset($_GET['action']) && $_GET['action'] == 'search')
  523. {
  524. if (empty($_POST['search']))
  525. {
  526. error(EMPTY_FIELDS);
  527. }
  528. if (!ereg("^[1-9][0-9]*$", $_POST['catid']))
  529. {
  530. error(ERROR);
  531. }
  532. $strSearch = strip_tags($_POST['search']);
  533. /**
  534. * Search string in topics
  535. */
  536. $objResult = $db -> Execute('SELECT `id` FROM `topics` WHERE `cat_id`='.$_POST['catid'].' AND `topic` LIKE \'%'.$strSearch.'%\' OR `body` LIKE \'%'.$strSearch.'%\'');
  537. $arrResult = array();
  538. $i = 0;
  539. while (!$objResult -> EOF)
  540. {
  541. $arrResult[$i] = $objResult -> fields['id'];
  542. $i = $i + 1;
  543. $objResult -> MoveNext();
  544. }
  545. $objResult -> Close();
  546. /**
  547. * Search string in replies
  548. */
  549. $objTopics = $db -> Execute('SELECT `id` FROM `topics` WHERE `cat_id`='.$_POST['catid']);
  550. $intTest = 0;
  551. while (!$objTopics -> EOF)
  552. {
  553. $objResult2 = $db -> Execute('SELECT `topic_id` FROM `replies` WHERE `topic_id`='.$objTopics -> fields['id'].' AND body LIKE \'%'.$strSearch.'%\'');
  554. foreach ($arrResult as $intResult)
  555. {
  556. if ($intResult == $objResult2 -> fields['topic_id'])
  557. {
  558. $intTest = 1;
  559. break;
  560. }
  561. }
  562. if (!$intTest && $objResult2 -> fields['topic_id'])
  563. {
  564. $arrResult[$i] = $objResult2 -> fields['topic_id'];
  565. $i = $i + 1;
  566. $intTest = 0;
  567. }
  568. $objResult2 -> Close();
  569. $objTopics -> MoveNext();
  570. }
  571. $objTopics -> Close();
  572. /**
  573. * Display search result
  574. */
  575. $arrTopic = array();
  576. $arrId = array();
  577. $i = 0;
  578. foreach ($arrResult as $intResult)
  579. {
  580. $objTopic = $db -> Execute('SELECT `id`, `topic`, `cat_id` FROM `topics` WHERE `id`='.$intResult);
  581. $objPerm = $db -> Execute('SELECT `perm_visit` FROM `categories` WHERE `id`='.$objTopic -> fields['cat_id']);
  582. if ($objPerm -> fields['perm_visit'] != 'All;' && $player -> rank != 'Admin')
  583. {
  584. $intPerm = strpos($objPerm -> fields['perm_visit'], $player -> rank);
  585. if ($intPerm === false)
  586. {
  587. continue;
  588. }
  589. }
  590. $objPerm -> Close();
  591. $arrTopic[$i] = $objTopic -> fields['topic'];
  592. $arrId[$i] = $objTopic -> fields['id'];
  593. $i = $i + 1;
  594. $objTopic -> Close();
  595. }
  596. $smarty -> assign(array('Category' => $_POST['catid'],
  597. 'Aback' => A_BACK,
  598. 'Amount' => $i,
  599. 'Ttopic' => $arrTopic,
  600. 'Tid' => $arrId,
  601. 'Nosearch' => NO_SEARCH,
  602. 'Youfind' => YOU_FIND));
  603. }
  604. /**
  605. * Initialization of variables
  606. */
  607. if (!isset($_GET['topics']))
  608. {
  609. $_GET['topics'] = '';
  610. }
  611. if (!isset($_GET['topic']))
  612. {
  613. $_GET['topic'] = '';
  614. }
  615. if (!isset($_GET['view']))
  616. {
  617. $_GET['view'] = '';
  618. }
  619. if (!isset($_GET['action']))
  620. {
  621. $_GET['action'] = '';
  622. }
  623. /**
  624. * Assign variables to template and display page
  625. */
  626. $smarty -> assign(array('View' => $_GET['view'],
  627. 'Topics' => $_GET['topics'],
  628. 'Topic' => $_GET['topic'],
  629. 'Action3' => $_GET['action'],
  630. 'Rank' => $player -> rank));
  631. $smarty -> display ('forums.tpl');
  632. require_once("includes/foot.php");
  633. ?>