resultq("SELECT MIN(`id`) FROM `posts` WHERE `thread` = '{$id}' AND `date` > '".intval($_GET['lpt'])."'"); } elseif (filter_int($_GET['end']) || (filter_int($_GET['lpt']) && !$gotopost)) { $gotopost = $sql->resultq("SELECT MAX(`id`) FROM `posts` WHERE `thread` = '{$id}'"); } if ($gotopost) { return header("Location: ?pid={$gotopost}#{$gotopost}"); } // Poll votes if ($id && (filter_int($_GET['addvote']) || filter_int($_GET['delvote']))) { $option = (($_GET['addvote']) ? 'addvote' : 'delvote'); $choice = filter_int($_GET[$option]); $pollid = $sql->resultq("SELECT poll FROM threads WHERE id='{$id}'"); if (!$pollid) return header("Location: ?id={$id}#{$id}"); $poll = $sql->fetchq("SELECT * FROM poll WHERE id='$pollid'"); $confirm = md5($loguser['name'] . "sillysaltstring"); // no wrong poll bullshit $valid = $sql->resultq("SELECT COUNT(*) FROM `poll_choices` WHERE `poll` = '$pollid' AND `id` = '$choice'"); if ($log && $poll && !$poll['closed'] && $_GET['dat'] == $confirm && $valid) { if ($option == 'addvote') { if (!$poll['doublevote']) $sql->query("DELETE FROM `pollvotes` WHERE `user` = '$loguserid' AND `poll` = '$pollid'"); $sql->query("INSERT INTO pollvotes (poll,choice,user) VALUES ($pollid,$choice,$loguserid)"); } else $sql->query("DELETE FROM `pollvotes` WHERE `user` = '$loguserid' AND `poll` = '$pollid' AND `choice` = '$choice'"); } return header("Location: ?id={$id}#{$id}"); } $ppp = filter_int($_GET['ppp']) ? $_GET['ppp'] : ($log ? $loguser['postsperpage'] : 20); $ppp = max(min($ppp, 500), 1); if (filter_int($_GET['pid'])) { $pid = $_GET['pid']; $id = $sql->resultq("SELECT `thread` FROM `posts` WHERE `id` = '{$pid}'"); if (!$id) { $meta['noindex'] = true; // prevent search engines from indexing require_once 'lib/layout.php'; errorpage("Couldn't find a post with ID #".intval($pid).". Perhaps it's been deleted?",'the index page',"index.php"); } $numposts = $sql->resultq("SELECT COUNT(*) FROM `posts` WHERE `thread` = '{$id}' AND `id` < '{$pid}'"); $page = floor($numposts / $ppp); } define('E_BADPOSTS', -1); define('E_BADFORUM', -2); $thread_error = 0; $thread = array(); // fuck brace overkill if ($id) do { $thread = $sql->fetchq("SELECT * FROM threads WHERE id=$id"); $tlinks = ''; if (!$thread) { $meta['noindex'] = true; // prevent search engines from indexing if (!$ismod) { trigger_error("Accessed nonexistant thread number #$id", E_USER_NOTICE); require_once 'lib/layout.php'; notAuthorizedError(); } if ($sql->resultq("SELECT COUNT(*) FROM `posts` WHERE `thread` = '{$id}'") <= 0) { require_once 'lib/layout.php'; errorpage("Thread ID #{$id} doesn't exist, and no posts are associated with the invalid thread ID.",'the index page',"index.php"); } // Mod+ can see and possibly remove bad posts $thread_error = E_BADPOSTS; $thread['closed'] = true; $thread['title'] = "Bad posts with ID #$id"; break; } $thread['title'] = str_replace("<", "<", $thread['title']); $forumid = intval($thread['forum']); $forum = $sql->fetchq("SELECT * FROM forums WHERE id=$forumid"); if (!$forum) { $meta['noindex'] = true; // prevent search engines from indexing if (!$ismod) { trigger_error("Accessed thread number #$id with bad forum ID $forumid", E_USER_WARNING); require_once 'lib/layout.php'; notAuthorizedError(); } $thread_error = E_BADFORUM; $forum['title'] = " --- BAD FORUM ID --- "; break; } if ($forum['minpower'] > max(0, $power)) { if ($log) trigger_error("Attempted to access thread $id in level-$forum[minpower] restricted forum $forumid (user's powerlevel: ".intval($loguser['powerlevel']).")", E_USER_NOTICE); $meta['noindex'] = true; // prevent search engines from indexing what they can't access require_once 'lib/layout.php'; notAuthorizedError(); } $specialscheme = $forum['specialscheme']; if ($log) { $readdate = $sql->resultq("SELECT `readdate` FROM `forumread` WHERE `user` = '$loguserid' AND `forum` = '$forumid'"); if ($thread['lastpostdate'] > $readdate) $sql->query("REPLACE INTO threadsread SET `uid` = '$loguserid', `tid` = '$thread[id]', `time` = '".ctime()."', `read` = '1'"); $unreadcount = $sql->resultq( "SELECT COUNT(*) FROM `threads` ". "WHERE `id` NOT IN (SELECT `tid` FROM `threadsread` WHERE `uid` = '$loguserid' AND `read` = '1') ". "AND `lastpostdate` > '$readdate' AND `forum` = '$forumid'"); if ($unreadcount == 0) $sql->query("REPLACE INTO forumread VALUES ('$loguserid', '$forumid', '".ctime().'\')'); } $tlinks = array(); // Favorites if ($log) { if ($sql->fetchq("SELECT * FROM favorites WHERE user={$loguserid} AND thread={$id}")) $tlinks[] = "Remove from favorites"; else $tlinks[] = "Add to favorites"; } $tnext = $sql->resultq("SELECT id FROM threads WHERE forum=$forumid AND lastpostdate>$thread[lastpostdate] ORDER BY lastpostdate ASC LIMIT 1"); if ($tnext) $tlinks[] = "Next newer thread"; $tprev = $sql->resultq("SELECT id FROM threads WHERE forum=$forumid AND lastpostdate<$thread[lastpostdate] ORDER BY lastpostdate DESC LIMIT 1"); if ($tprev) $tlinks[] = "Next older thread"; $tlinks = implode(' | ', $tlinks); // Description for bots $text = $sql->resultq("SELECT text FROM posts_text pt LEFT JOIN posts p ON (pt.pid = p.id) WHERE p.thread=$id ORDER BY pt.pid ASC LIMIT 1"); $text = strip_tags(str_replace(array("[", "]", "\r\n"), array("<", ">", " "), $text)); $text = ((strlen($text) > 160) ? substr($text, 0, 157) . "..." : $text); $text = str_replace("\"", """, $text); $meta['description'] = $text; $sql->query("UPDATE threads SET views=views+1 WHERE id=$id"); $windowtitle = "{$forum['title']}: {$thread['title']}"; } while (false); elseif($user) { $uname = $sql->resultq("SELECT name FROM users WHERE id={$user}"); if (!$uname) { $meta['noindex'] = true; // prevent search engines from indexing what they can't access require_once 'lib/layout.php'; errorpage("User ID #{$user} doesn't exist.",'the index page',"index.php"); } $thread['replies'] = $sql->resultq("SELECT count(*) FROM posts WHERE user={$user}") - 1; $thread['title'] = "Posts by {$uname}"; $windowtitle = "Posts by {$uname}"; $tlinks = ''; } else { $meta['noindex'] = true; // prevent search engines from indexing what they can't access require_once 'lib/layout.php'; errorpage("No thread specified.",'the index page',"index.php"); } //temporary if ($windowtitle) $windowtitle = "$boardname -- $windowtitle"; require_once 'lib/layout.php'; $fonline = ""; if ($id && !$thread_error) { $fonline = fonlineusers($forumid); if (mysql_num_rows($sql->query("SELECT user FROM forummods WHERE forum='$forumid' and user='$loguserid'"))) $ismod = true; } $modfeats = ''; if ($id && $ismod) { $trashid = 27; $fulledit = "Edit thread"; $linklist = array(); $link = "fetchq("SELECT * FROM poll WHERE id='$thread[poll]'"); $uservote = array(); if ($log) { $lsql = $sql->query("SELECT `choice` FROM `pollvotes` WHERE `poll` = '$poll[id]' AND `user` = '$loguserid'"); while ($userchoice = $sql->fetch($lsql, MYSQL_ASSOC)) $uservote[$userchoice['choice']] = true; } if ($forum['pollstyle'] >= 0) $pollstyle = $forum['pollstyle']; else $pollstyle = $loguser['pollstyle']; $tvotes2 = $sql->resultq("SELECT count(*) FROM pollvotes WHERE poll=$poll[id]"); $tvotesi = $sql->resultq("SELECT sum(u.`influence`) as influence FROM pollvotes p LEFT JOIN users u ON p.user = u.id WHERE poll=$poll[id]"); $pollvotes = $sql->getresultsbykey("SELECT choice, count(*) cnt FROM pollvotes WHERE poll=$poll[id] GROUP BY choice WITH ROLLUP",'choice','cnt'); $pollinflu = $sql->getresultsbykey("SELECT choice, sum(u.influence) as inf FROM pollvotes p LEFT JOIN users u ON p.user = u.id WHERE poll=$poll[id] GROUP BY choice WITH ROLLUP",'choice','inf'); $tvotes_u = $sql->resultq("SELECT count(distinct `user`) FROM pollvotes WHERE poll=$poll[id]"); $tvotes_c = $pollvotes[""]; $tvotes_i = $pollinflu[""]; $confirm = md5($loguser['name'] . "sillysaltstring"); $pollcs = $sql->query("SELECT * FROM poll_choices WHERE poll=$poll[id]"); while ($pollc = $sql->fetch($pollcs)) { $votes = intval($pollvotes[$pollc['id']]); $influ = intval($pollinflu[$pollc['id']]); if ($pollstyle) { if ($tvotes_i != 0) $pct = $pct2 = sprintf('%02.1f', $influ / $tvotes_i * 100); else $pct = $pct2 = "0.0"; $votes = intval($influ)." point".($influ == 1 ? '' : 's')." ($votes)"; } else { if ($tvotes_c != 0) { $pct = sprintf('%02.1f', $votes / $tvotes_c * 100); $pct2 = sprintf('%02.1f', $votes / $tvotes_u * 100); } else $pct = $pct2 = "0.0"; $votes = "$votes vote".($votes == 1 ? '' : 's'); } $barpart = ""; if ($pct == "0.0") $barpart = ' '; if ($uservote[$pollc['id']]) { $linkact = 'del'; $dot = " "; } else { $linkact = 'add'; $dot = " "; } $link = ''; if ($log && !$poll['closed']) $link = ""; $choices .= " $tccell1l width=20%>$dot$link".($pollc['choice'])." $tccell2l width=60%>$barpart $tccell1 width=20%>".($poll['doublevote'] ? "$pct% of users, $votes ($pct2%)" : "$pct%, $votes")." "; } if ($poll['closed']) $polltext = 'This poll is closed.'; else $polltext = 'Multi-voting is '.(($poll['doublevote']) ? 'enabled.' : 'disabled.'); if ($tvotes_u != 1) $s_have = 's have'; else $s_have = ' has'; if ($ismod) $polledit = ""; $polltbl = "$tblstart $tccellc colspan=3>".htmlspecialchars($poll['question'])." $tccell2ls colspan=3>".nl2br(dofilters($poll['briefing']))." $choices $tccell2l colspan=3>$smallfont $polltext $tvotes_u user$s_have voted. $polledit $tblend
"; } loadtlayout(); switch($loguser['viewsig']) { case 1: $sfields = ',headtext,signtext'; break; case 2: $sfields = ',u.postheader headtext,u.signature signtext'; break; default: $sfields = ''; break; } $ufields = userfields(); $activity = $sql->query("SELECT user, count(*) num FROM posts WHERE date>".(ctime() - 86400)." GROUP BY user"); while ($n = $sql->fetch($activity)) $act[$n['user']] = $n['num']; $postlist = " $polltbl $tblstart $modfeats $errormsgs "; if ($log && $id && $forum['id']) { $headlinks .= " - Mark forum read"; $header = makeheader($header1, $headlinks, $header2 . (($fonline) ? "$tblstart$tccell1s>$fonline$tblend" : "")); } $threadforumlinks = "

$fonttag".$boardname."" . (($forum['title']) ? " - $forum[title]" : "") . " - $thread[title]

$smallfont "; if ($forumid) { if ($forum['pollstyle'] != -2) $threadforumlinks .= "$newpollpic - "; else $threadforumlinks .= " - "; $threadforumlinks .= "$newthreadpic"; if (!$thread['closed']) $threadforumlinks .= " - $newreplypic"; else $threadforumlinks .= " - $closedpic"; } $threadforumlinks .= '

'; $page = max(0, filter_int($page)); $min = $ppp * $page; if ($user) $searchon = "user={$user}"; else $searchon = "thread={$id}"; $posts = $sql->query( "SELECT p.*,text$sfields,edited,editdate,options,tagval,u.id uid,name,$ufields,regdate ". "FROM posts_text, posts p LEFT JOIN users u ON p.user=u.id ". "WHERE {$searchon} AND p.id=pid ORDER BY p.id LIMIT $min,$ppp"); preplayouts($posts); for ($i = 0; $post = $sql->fetch($posts); $i++) { $postlist .= ''; $bg = $i % 2 + 1; $quote = "Link"; if ($id and ! $thread['closed']) $quote .= " | Quote"; $edit = ''; if ($ismod || (!$banned && $post['user'] == $loguserid)) { if (!$thread['closed']) $edit = ($quote ? ' | ' : '') . "Edit"; $edit .= ($quote || $edit ? ' | ' : ''). "Delete"; } if ($isadmin) $ip = " | IP: $post[ip]"; $pforum = null; $pthread = null; if (!$id) { // Enable caching for these $pthread = $sql->fetchq("SELECT id,title,forum FROM threads WHERE id=$post[thread]", MYSQL_BOTH, true); $pforum = $sql->fetchq("SELECT minpower FROM forums WHERE id=".intval($pthread[forum]), MYSQL_BOTH, true); } $post['act'] = filter_int($act[$post['user']]); if (!$pforum || $pforum['minpower'] <= $power) $postlist .= threadpost($post, $bg, $pthread); else $postlist .= "

(post in restricted forum)

"; } $query = preg_replace("'page=(\d*)'si", '', '?'.getenv("QUERY_STRING")); $query = preg_replace("'pid=(\d*)'si", "id={$id}", $query); $query = preg_replace("'&{2,}'si", "&", $query); if ($query && substr($query, -1) != "&") $query .= "&"; if (!$page) $page = 0; $pageend = (int)($thread['replies'] / $ppp); $pagelinks = "Pages:"; if ($thread['replies'] < $ppp) $pagelinks = ''; else for ($i = 0; $i <= $pageend; $i++) { // restrict page range to sane values if ($i > 9 && $i < $pageend-9) { if ($i < $page-4) { $i = min($page-4, $pageend-9); $pagelinks .= " ..."; } if ($i > $page+4) { $i = $pageend-9; $pagelinks .= " ..."; } } if ($i == $page) $pagelinks .= " ".($i + 1); else $pagelinks .= " ".($i + 1).""; } print $header.sizelimitjs()." $threadforumlinks

$smallfont$pagelinks

$smallfont$tlinks

$postlist $tblstart $modfeats $tblend

$smallfont$pagelinks

$smallfont$tlinks

$threadforumlinks $footer"; printtimedif($startingtime); function notAuthorizedError() { global $log; $redir = (($log) ? 'index.php' : 'login.php'); $rtext = (($log) ? 'the index page' : 'log in (then try again)'); errorpage("Couldn't enter the forum. You don't have access to this restricted forum.", $rtext, $redir); }