Viewing file:  index.phtml (62.66 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?
require('ax5.inc');
require('multipart.inc');
//require_once('../../news.axkickboxing.com/public_html/functions.php'); // news functions
/* actions:
- new topic "Create!"
- new message (in a topic)
- display topic list
- display messages (on a topic)
*/
#error_reporting(E_ALL - E_NOTICE);
#ini_set("display_errors",1);
require_once('db.php');
function cantpost()
{
$toreview='f';
// if ($_SERVER['REMOTE_ADDR']=='195.38.123.204') $toreview='t';
// if ($_SERVER['REMOTE_ADDR']=='62.252.192.11') $toreview='t';
return $toreview;
/*
139.134.108.x
139.134.109.x
139.134.220.x
139.134.221.x
139.134.222.x
139.134.223.x
139.134.224.x
139.134.23.10
170.248.3.6
203.18.50.13
203.63.125.5 - 'KIP' posted from here some vulgarities on the 1st Sep. 99
203.134.2.91 - proxy.primus.com.au - Nickos and 'David Sloan' & co.
203.134.2.92 - proxy.primus.com.au - Nickos and 'David Sloan' & co.
*/
if (ereg("^139.134.108",$_SERVER['REMOTE_ADDR'])) $toreview='t';
if (ereg("^139.134.109",$_SERVER['REMOTE_ADDR'])) $toreview='t';
if (ereg("^139.134.220",$_SERVER['REMOTE_ADDR'])) $toreview='t';
if (ereg("^139.134.221",$_SERVER['REMOTE_ADDR'])) $toreview='t';
if (ereg("^139.134.222",$_SERVER['REMOTE_ADDR'])) $toreview='t';
if (ereg("^139.134.223",$_SERVER['REMOTE_ADDR'])) $toreview='t';
if (ereg("^139.134.224",$_SERVER['REMOTE_ADDR'])) $toreview='t';
if (ereg("^203.109.226",$_SERVER['REMOTE_ADDR'])) $toreview='t';
if ($_SERVER['REMOTE_ADDR']=='139.134.23.10') $toreview='t';
if ($_SERVER['REMOTE_ADDR']=='202.0.106.130') $toreview='t';
if ($_SERVER['REMOTE_ADDR']=='203.5.250.244') $toreview='t';
if ($_SERVER['REMOTE_ADDR']=='203.18.50.9') $toreview='t';
if ($_SERVER['REMOTE_ADDR']=='203.18.50.13') $toreview='t';
if ($_SERVER['REMOTE_ADDR']=='203.63.125.5') $toreview='t';
if ($_SERVER['REMOTE_ADDR']=='203.134.2.91') $toreview='t';
if ($_SERVER['REMOTE_ADDR']=='203.134.2.92') $toreview='t';
// if ($_SERVER['REMOTE_ADDR']=='194.88.38.130') $toreview='t';
// if ($_SERVER['REMOTE_ADDR']=='194.88.38.131') $toreview='t';
return $toreview;
}
function new_topic()
{
global $text, $topic;
if (authorized("topic",$_POST['name'],$_POST['password'])) {
record_name_change(TRUE);
if ($text=="") {
disp_preamble("Forum","Topic creation - empty text");
error("You haven't specified a topic!</p>\n");
disp_tail();
} else {
$expired=cantpost();
if ($result=pg_query("insert into msgboard_topics (text, modified, expired, messagecount, creator, ipaddr, topicgroup) values ('".addslashes(ucwords(strtolower($text)))."',now(),'".$expired."',0,'".addslashes($_POST['name'])."','".addslashes($_SERVER['REMOTE_ADDR'])."',(select id from msgboard_topicgroups where codename='".addslashes($_REQUEST['topicgroup'])."'));")) {
//disp_preamble("Message Board","Topic creation successful");
//echo "Your topic '".htmlentities($text)."' was successfully created.";
pg_query("notify newtopic;");
$GLOBALS['topic']=pg_result(pg_query("select currval('msgboard_topics_id_seq');"),0,0);
display_thread($GLOBALS['topic']);
} else {
$errorstring = pg_last_error();
disp_preamble("Forum","Topic creation failed");
error("Your topic could not be created due to an error.");
echo $errorstring;
disp_tail();
}
}
} else {
record_name_change(FALSE);
}
}
function email_account_status($name)
{
$result=pg_query("select * from users where name='".addslashes($name)."';");
if (pg_numrows($result)>0) {
$obj=pg_fetch_array($result,0);
mail($obj['email'],"Your account on the AX Forum","Welcome ".$obj['name'].",\n\nYour login name is: '".$obj['name']."'\nBe careful to type it exactly as it appears between the quotes (but don't type the quotes themselves) when posting to allow the board to recognize you.\nYour password for the AX message board is: ".$obj['password']."\nYour registration has ".($obj['registered']=='t'?"":"not yet ")."been approved.\nYour account is currently ".($obj['enabled']=='t'?"enabled":"disabled").".\n\nYou can reach the board at http://message.axkickboxing.com/\n\n".($obj['registered']=='t'?"We suggest to begin with filling out your profile at http://message.axkickboxing.com/profiles if you want others to be able to learn more about you.\n\n":"")."Thank you,\nThe AX Team","From: Ax Forum Moderation <moderation@axkickboxing.com>");
echo "<p>Now we emailed you your account information.</p>";
} else {
echo "<p>There is no user registered with the name '".$name."'. You might want to check the spelling.<br>If you spelled your name right, then you are not yet registered with us. Please register below.</p>";
disp_register_form();
}
}
function forgot_password_process($email, $name, $forgot_select, $request_ip)
{
switch ($forgot_select) {
case "email":
$result=pg_query("select * from users where lower(email)='".addslashes(strtolower(trim($email)))."' and registered=true and enabled=true;");
if (pg_numrows($result)>1) {
$mailstring = '';
$rows=pg_numrows($result);
for($row=0;$row<$rows;$row++) {
$obj=pg_fetch_array($result,$row);
$mailstring .= "User Name: ".$obj['name']."\n".
"Registration Date: ".$obj['date']."\n".
"No. of posts: ".$obj['messages_posted']."\n".
"-----------------------------------\n";
}
mail('Ax Moderation <moderation@axkickboxing.com>','Ax Forgot Password Request error: '.trim($email),"A user submitted the Forgot Password form.\nRequested by IP: ".$request_ip."\nPROBLEM: Multiple Accounts registered to this email address: ".strtolower($email)."\n\n".$mailstring."\n\nClick Reply to moderate the situation with this user.","From: Ax Server <moderation@axkickboxing.com>\nReply-To: ".strtolower($email));
disp_preamble("Forum","");
echo "<div id=\"postResponse\">\n";
echo "<p><b>Oops!</b> Unfortunately, there are multiple accounts registered with that email address: ".$email."</p>\n";
echo "<p>The moderation has been notified and you should be contacted shortly regarding your multiple accounts.</p>\n";
echo "</div>\n";
} elseif (pg_numrows($result)==0) {
disp_preamble("Forum","");
echo "<div id=\"postResponse\">\n";
echo "<p>There are no accounts registered with that email address: ".$email."</p>\n";
echo "<p>If you would like to try another email address, <b>do not click back in your browser</b>. Instead, <a href=\"./?action=forgotpwd\">click here to enter another email address</a>.</p>\n";
echo "</div>\n";
} elseif (pg_numrows($result)==1) {
$obj=pg_fetch_array($result,0);
mail($obj['email'],"Your Ax account - Info Request","Welcome ".$obj['name'].",\n\nWe are sending your information because someone requested it with the Forgot Password page. If you did not request this information, please let us know.\n--------------------------\nYour login name is: '".$obj['name']."'\nBe careful to type it exactly as it appears between the quotes (but don't type the quotes themselves).\nYour password for the AX message board is: ".$obj['password']."\nYour registration has ".($obj['registered']=='t'?"":"not yet ")."been approved.\nYour account status is currently ".($obj['enabled']=='t'?"enabled":"disabled").".\n\nYou can reach the board at http://message.axkickboxing.com/\n\n".($obj['registered']=='t'?"Fill out your profile at http://message.axkickboxing.com/profiles\n\n":"")."Thank you,\nThe AX Team","From: Ax Forum Moderation <moderation@axkickboxing.com>");
disp_preamble("Forum","");
echo "<div id=\"postResponse\">\n";
echo "<p>Now we emailed you your account information to ".strtolower(trim($email))."</p>\n";
echo "<p>If you do not see an email from us soon, then make sure to <b>check your SPAM filter</b> within your email application. If you have any further questions, feel free to <a href\"contact\">contact us</a>.</p>\n";
echo "</div>\n";
}
break;
case "name":
$result=pg_query("select * from users where name='".addslashes(trim($name))."' and registered=true and enabled=true;");
$obj=pg_fetch_array($result,0);
if (pg_numrows($result)>1) {
$mailstring = '';
$rows=pg_numrows($result);
for($row=0;$row<$rows;$row++) {
$obj=pg_fetch_array($result,$row);
$mailstring .= "Email: ".$obj['email']."\n".
"Registration Date: ".$obj['date']."\n".
"No. of posts: ".$obj['messages_posted']."\n".
"-----------------------------------\n";
}
mail('moderation@axkickboxing.com','Ax Forgot Password Request error: '.trim($name),"A user submitted the Forgot Password Form.\nRequested by IP: ".$request_ip."\nPROBLEM: Duplicate name conflict:".trim($name)."\n\n".$mailstring."\n\nClick Reply to moderate the situation with this user.","From: Ax Server <moderation@axkickboxing.com>\nReply-To: ".strtolower($email));
disp_preamble("Forum","");
echo "<div id=\"postResponse\">\n";
echo "<p><b>Oops!</b> Unfortunately, there are multiple accounts with a similar name to ".trim($name)."</p>\n";
echo "<p>The moderation has been notified of the situation and you may be contacted shortly regarding your account.</p>\n";
echo "<p>If you would like to lookup your account by email address, <b>do not click back in your browser</b>. Instead, <a href=\"./?action=forgotpwd\">click here to access the Forgot Password page/a>.</p>\n";
echo "</div>\n";
} elseif (pg_numrows($result)==0) {
disp_preamble("Forum","");
echo "<div id=\"postResponse\">\n";
echo "<p>There are no accounts registered with that name: ".trim($name)."</p>\n";
echo "<p>If you would like to try another name, <b>do not click back in your browser</b>. Instead, <a href=\"./?action=forgotpwd\">click here to enter another name</a>.</p>\n";
echo "</div>\n";
} elseif (pg_numrows($result)==1) {
$obj=pg_fetch_array($result,0);
mail($obj['email'],"Your Ax account - Info Request","Welcome ".$obj['name'].",\n\nWe are sending your information because someone requested it with the Forgot Password page. If you did not request this information, please let us know.\n--------------------------\nYour login name is: '".$obj['name']."'\nBe careful to type it exactly as it appears between the quotes (but don't type the quotes themselves).\nYour password for the AX message board is: ".$obj['password']."\nYour registration has ".($obj['registered']=='t'?"":"not yet ")."been approved.\nYour account status is currently ".($obj['enabled']=='t'?"enabled":"disabled").".\n\nYou can reach the board at http://message.axkickboxing.com/\n\n".($obj['registered']=='t'?"Fill out your profile at http://message.axkickboxing.com/profiles\n\n":"")."Thank you,\nThe AX Team","From: Ax Forum Moderation <moderation@axkickboxing.com>");
disp_preamble("Forum","");
echo "<div id=\"postResponse\">\n";
echo "<p>Now we emailed you your account information to the registered email address for ".trim($name).".</p>\n";
echo "<p>If you do not see an email from us soon, then make sure to <b>check your SPAM filter</b> within your email application. If you have any further questions, feel free to <a href=\"contact\" contact us</a>.</p>\n";
echo "</div>\n";
}
break;
}
}
function handle_post_report($name, $password, $post_id, $topic_id, $reason, $user_ip, $post_user, $post_message)
{
if (authorized("report post",$name,$password)) {
record_name_change(TRUE);
$result=pg_query("select email from users where name='".addslashes(trim($name))."';");
$obj=pg_fetch_array($result,0);
mail("moderation@axkickboxing.com", "Ax Post Report on post: ".$post_id,
"Post Report from user: ".$name."\n".
"Reason: ".$reason."\n".
"Reporter IP address: ".$user_ip."\n".
"Post: http://message.axkickboxing.com/?action=dispthread&topic=".$topic_id."#".$post_id."\n".
//"Axess Post: https://axess.axkickboxing.com/index.phtml?action=dispthread&topic=".(string) $topic_id."#".(string) $post_id."\n".
"Axess User:".$post_user." https://axess.axkickboxing.com/users?mode=5&searchname=".urlencode($post_user)."\n".
"Axess Topic:".$topic_id." https://axess.axkickboxing.com/topics?mode=4&searchtopicid=".$topic_id."\n".
"------------------------------------------------------------\n".
"Post User:".$post_user."\n".
"Post message:\n".$post_message,
//"From: Ax Moderation <moderation@axkickboxing.com>\nReply-To: ".$obj['email']);
"From: ".trim($name)." <".$obj['email'].">");
disp_preamble("Forum","Post Report");
echo "<div id=\"postResponse\"><p>The post has been reported to the moderation team.</p></div>\n";
} else {
//echo "<h1>This is a test right here<h1>";
record_name_change(FALSE);
}
}
function new_user() {
$name=$_POST["name"];
$password=$_POST["password"];
$email=$_POST["email"];
$hiddenEntry1=$_POST["mail"];
$hiddenEntry2=$_POST["firstname"];
$hiddenEntry3=$_POST["email_address"];
if ($hiddenEntry1!=""||$hiddenEntry2!=""||$hiddenEntry3!="") {
disp_preamble("Forum","User registration failed");
echo "<div id=\"postResponse\">\n";
echo " <p style=\"text-align: center; color:orange;\">You are detected as a bot. Go away!</p> <p style=\"width:365px; margin:auto;\">If this is inaccurate, then <a href=\"contact\">contact us</a></p>\n";
echo "</div>\n";
disp_register_form();
disp_tail();
return;
}
$result=pg_query("select * from users where lower(email)=lower('".addslashes(trim($email))."');");
if (pg_numrows($result)>0) {
disp_preamble("Forum","User registration failed");
echo "<div id=\"postResponse\">\n";
echo " <p style=\"text-align: center; color:orange;\">That email address is already registered on Ax. </p> \n";
echo " <p style=\"text-align: center;\">Click <b>back</b> in your browser and try again</p>\n";
echo " <p style=\"text-align: center;\">If you forgot your password, <a href=\"?action=forgotpwd\">go here to retrieve it</a>.</p>\n";
echo " <p style=\"text-align: center;\">If you forgot your user account name, then <a href=\"contact\">contact us</a></p>\n";
echo "</div>\n";
// disp_register_form();
disp_tail();
return;
}
$result=pg_query("select * from users where lower(name)=lower('".addslashes(trim($name))."');");
if (pg_numrows($result)>0) {
disp_preamble("Forum","User registration failed");
echo "<div id=\"postResponse\">\n";
echo " <p style=\"text-align: center; color: orange;\">There is already a user registered with the name: <span style=\"color: white;\">".trim($name)."</span></p>\n";
echo " <p style=\"text-align: center;\">Click <b>back</b> in your browser and try again</p>\n";
echo "</div>\n";
disp_tail();
} else {
//mt_srand((double)microtime()*1000000);
//$password = mt_rand(1000,9999);
pg_query("insert into users (name,password,email,registered,enabled,ip) values ('".addslashes(trim($name))."','".addslashes($password)."','".addslashes(trim($email))."','f','f','".addslashes($_SERVER['REMOTE_ADDR'])."');");
disp_preamble("Forum","Registration complete");
echo "<div id=\"postResponse\">\n";
echo " <p>Your registration request is in the queue to be approved. Upon approval, your logon password will be emailed to you at the following address: ".$email."</p>\n";
echo " <p>Note, that your account is not enabled yet, but it will get manually approved. The registration process usually varies from 24 hours to up to a week depending on the number of registrations and the details of your account.</p>\n";
echo "</div>\n";
disp_tail();
}
}
function disp_forgot_pwd_form() {
disp_preamble("Forum","Forgotten password");
echo "<script type=\"text/javascript\" src=\"js/forgot_password.js?v1\"></script>\n";
echo "<div id=\"forgotPassword\">\n";
echo " <p>Forgot your password? Enter your username or your email address (the one you registered with) and we will send your account information to your email address.</p>\n";
echo " <p>If you have any questions, please <a href=\"contact\">contact us</a></p>\n";
echo " <div id=\"\"></div>\n";
echo " <form method=\"post\" action=\"".$PHP_SELF."\">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\">\n";
echo " <tr>\n";
echo " <td id=\"forgotEmail\" class=\"selected col1\">\n";
echo " <input type=\"radio\" id=\"forgotSelect1\" name=\"forgotSelect\" value=\"email\" checked=\"checked\" /> <label id=\"nameRadioLabel\" for=\"forgotSelect1\">Email</label><br />\n";
echo " <input type=\"text\" id=\"forgotEmailInput\" name=\"email\" size=\"40\" value=\"".$_POST['email']."\" /></td>\n";
echo " </td>\n";
echo " <td class=\"gutter\"> </td>\n";
echo " <td id=\"forgotName\" class=\"col2\">\n";
echo " <input type=\"radio\" id=\"forgotSelect2\" name=\"forgotSelect\" value=\"name\" /> <label id=\"nameRadioLabel\" for=\"forgotSelect2\">User name</label><br />\n";
echo " <input type=\"text\" id=\"forgotNameInput\" name=\"name\" size=\"40\" value=\"".$_COOKIE['name']."\" />\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td class=\"formButtons\" colspan=\"3\"><input type=\"submit\" name=\"action\" value=\"I forgot my password!\" /></td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </form>\n";
echo "</div>\n";
disp_tail();
}
function disp_report_post_form($post_id, $topic_id) {
disp_preamble("Forum","Report Post to Moderators");
echo "<div id=\"reportFormWrapper\">\n";
$result=pg_query("select id, topic, name, date, text, expired, p.name IS NOT NULL as hasprofile from msgboard_messages as m left join profiles as p using (name) where id='".addslashes($post_id)."' and expired<>'t' order by date;");
$numrows = pg_numrows($result);
$post_content = pg_fetch_array($result,0);
if (!isset($post_id)) {
echo "<h2>Oops!</h2><p>It appears that the post ID is missing from this request. Please click back in your browser and try the report feature again.</p>\n";
} elseif ($numrows==0) {
echo "<h2>It appears the message you are trying to report doesn't exist</h2><p>It is possible that it has already been removed by the moderators. <b>Click back</b> in your browser and check if the post is still visible. If it does exist, then please try reporting it again.</p>\n";
} else {
echo "<p>The purpose of this form is to allow users to assist the moderation in maintaining the forum by reporting posts that are breaking the rules. You should only report posts that appear to be breaking one of the <a href=\"./rules\">forum rules</a>. <b>This feature should NOT be abused</b>. If we feel someone is abusing this feature, we will moderate their account accordingly. <p><b>The identity of users</b> who report posts are not divulged during the moderation process.</p>\n";
echo "<p>The post that you are reporting is shown below the form. If this is not the post you intended to report, then click back and report the appropriate post.</p>\n";
echo "<form method=post url=\"".$PHP_SELF."\">\n";
echo " <input type=\"hidden\" name=\"topic_id\" value=\"".(string) $post_content['topic']."\" />\n";
echo " <input type=\"hidden\" name=\"post_id\" value=\"".(string) $post_content['id']."\" />\n";
echo " <input type=\"hidden\" name=\"post_user\" value=\"".$post_content['name']."\" />\n";
echo " <input type=\"hidden\" name=\"post_message\" value=\"".htmlspecialchars($post_content['text'])."\" />\n";
echo " Your Ax Name:<input type=\"text\" name=\"name\" value=\"".$_COOKIE['name']."\" /><br />\n";
echo " Your Password:<input type=\"password\" name=\"password\" value=\"".$_COOKIE['password']."\" /><br /><br />\n";
echo " What rule is this post breaking? <br /><textarea name=\"reason\" rows=\"5\" cols=\"60\" value=\"".$_POST['reason']."\"></textarea><br />\n";
echo " <input type=\"submit\" name=\"action\" value=\"send post report\" /><br /><br />\n";
echo "</form>\n</div>";
disp_message($post_content, false, false);
}
disp_tail();
}
function disp_register_form() {
echo "<script type=\"text/javascript\" src=\"js/registration.js?v1\"></script>\n";
echo "<div id=\"registrationFormWrapper\">\n";
echo "<p>This is where you choose your Ax user name! Here are some guidelines:</p>\n";
echo "<ol>\n";
echo " <li>Ax user names cannot:\n";
echo " <ol>\n";
echo " <li>use crude or vulgar words</li>\n";
echo " <li>have relgious or political meaning</li>\n";
echo " <li>be a website domain</li>\n";
echo " <li>be an email address</li>\n";
echo " <li>be a phone number</li>\n";
echo " <li>have special characters like !@#%^*</li>\n";
echo " <li>use the name of a known fighter or fight professional, if you are not them. <br />For example, you can't use "Ernesto Hoost", but you could use "'HoostFan"</li>\n";
echo " </ol>\n";
echo " </li>\n";
echo " <li><span class=\"emphasis\">You are only allowed one Ax account per person.</span> If you already have an Ax account, please try to use your existing one.</li>\n";
echo " <li>If you are having trouble using your existing account, please <a href=\"contact\">contact us</a>.</li>\n";
echo " <li><span class=\"emphasis\">If you have forgotten your username or password</span>, go to the <a href=\"./?action=forgotpwd\">Forgot Password</a> page.</li>\n";
echo " <li><span class=\"emphasis\">Ax names are CaSe SeNsItIvE.</span> In other words, if you register with the name \"JOHN\" then you won't be able to login with the name \"John\". Those are considered two different names to Ax.</li>\n";
echo " <li><b>Submit a working Email address</b> that you plan on using for some time in the future. We may use your registered email address to send important information regarding your Ax account. If we find your registered email address is disabled in the future, then your Ax account may be suspended.</li>\n";
echo " <li>The email address you use for registration will <b>not be visible</b> to others and will only be used for moderation tasks and account-related messages from the AxTeam.</li>\n";
echo "</ol>\n";
#echo "<p>Please choose an user name that you will want to use on this message board. We are sorry, but we will not allow you to change it later. Note, that capitalization is important: when posting you will have to type your name exactly as you typed it here; e.g. if you register with 'Somebody' you won't be able to post with 'SOMEBODY'.</p>";
#echo "<p>Please enter your email address. After approving your registration, we will send you your password to this email account.</p>";
#echo "<p><b>Note: the email address you give will not be visible to others, and will only be used for sending your account information to. If you don't give an email address, or give a wrong email address, we will not be able to send you your registration information, and you will have to register again with a valid email address.</b></p>";
echo "<div id=\"registrationJavascript\">Javascript is disabled in your browser. Please turn on Javascript to register.</div>\n";
echo "<form id=\"registrationForm\" method=post url=\"".$PHP_SELF."\">\n";
echo "<p><input type=\"checkbox\" name=\"rulesAgreement\" id=\"rulesAgreement\" /> <b>Check here to confirm that you have read and agree to the <a href=\"rules\">Ax forum rules</a>. <br />If you do not agree to the AX Forum Rules, then you cannot register an account.</p>\n";
echo "<table cellpadding=\"0\" cellspacing=\"0\">\n";
echo "<tr>\n";
echo " <td class=\"col1\">Name:</td>\n";
echo " <td class=\"col2\"><input type=\"text\" id=\"regName\" name=\"name\" size=\"40\" value=\"".$_POST['name']."\" /></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo " <td class=\"col1\">Password:</td>\n";
echo " <td class=\"col2\"><input type=\"password\" name=\"password\" id=\"password\" size=\"40\" value=\"".$_POST['password']."\" /></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo " <td class=\"col1\">Confirm Password:</td>\n";
echo " <td class=\"col2\"><input type=\"password\" name=\"confirm_password\" size=\"40\" value=\"".$_POST['confirm_password']."\" /></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo " <td class=\"col1\">Email address:</td>\n";
echo " <td class=\"col2\"><input type=\"text\" name=\"email\" size=\"40\" value=\"".$_POST['email']."\" /></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo " <td class=\"col1\"> </td>\n";
echo " <td class=\"col2\"><input type=\"submit\" name=\"action\" value=\"Register!\" /></td>\n";
echo "</tr>\n";
echo "</table>\n";
echo "<input type=\"hidden\" name=\"mail\" value=\"\" />\n";
echo "<input type=\"hidden\" name=\"firstname\" value=\"\" />\n";
echo "<input style=\"display:none;\" type=\"text\" name=\"email_address\" value=\"\" />\n";
echo "</form>\n";
echo "</div>";
}
function unauthorized($kind,$why)
{
disp_preamble("Forum","Message/topic creation failed");
echo("<p>Your message/topic could not be posted because ".$why."</p>");
disp_tail();
}
function logauth($name,$password,$result)
{
// name password result date ipaddr
pg_query("insert into authattempt (name,password,result,date,ipaddr) values ('".addslashes(trim($name))."','".addslashes(trim($password))."','".addslashes($result)."',now(),'".addslashes($_SERVER['REMOTE_ADDR'])."');");
}
function authorized($kind,$name,$password)
{
$result=pg_query("select * from users where name='".addslashes(trim($name))."';");
if (pg_numrows($result)==0) {
disp_preamble("Forum",$kind." creation failed");
echo("<div id=\"responseMessage\"><p>Your ".$kind." could not be posted because you are not a registered user.</p>");
echo("<p>Please register now.</p></div>");
logauth($name,$password,"not registered");
disp_register_form();
disp_tail();
return false;
} else {
$obj=pg_fetch_array($result,0);
if ($obj['password']!= addslashes(trim($password))) {
disp_preamble("Forum",$kind." creation failed");
echo("<div id=\"postResponse\"><p>Your ".$kind." could not be posted because the password you submitted was wrong.</p><p>Click back in your browser and try again.</p></div>");
logauth($name,$password,"wrong password");
if ($kind=="message") disp_new_message_form();
else disp_new_topic_form();
disp_tail();
return false;
} else if ($obj['registered']=='f') {
unauthorized($kind,"your registration has not been approved yet.");
logauth($name,$password,"not approved");
return false;
} else if ($obj['enabled']=='f') {
unauthorized($kind,"your account is currently disabled.");
logauth($name,$password,"disabled");
return false;
} else
logauth($name,$password,"OK");
return true;
}
}
function cantupload() {
global $name;
return (trim($name)=="Praying Mantis");
}
function record_name_change($success=NULL) {
if ($_COOKIE['name']!=$_POST['name']) {
pg_query("insert into namechange (oldname,newname,ipaddr,date,success) values ('".addslashes($_COOKIE['name'])."','".addslashes($_POST['name'])."','".addslashes($_SERVER['REMOTE_ADDR'])."',now(),".
($success===NULL?"NULL":($success?"true":"false")).
");");
setcookie("name",$_POST['name'],time()+3650*86400,"",".axkickboxing.com");
}
}
function get_user_id($user_name) {
$user_result=pg_query("select userid, name from users where name = '".$user_name."';");
if (!$user_result) {
echo "An error occured retrieving data for user: ".$user_name."\n";
exit;
}
while ($row = pg_fetch_row($user_result)) {
$id=$row[0];
}
return (string) $id;
}
function check_duplicate_post()
{
//$result=pg_query("select * from msgboard_messages where topic=".$_POST['topic']." and name='".addslashes($_POST['name'])."' and text=\"".addslashes($_POST['text'])."\";");
//$result=pg_query("select * from msgboard_messages where topic=".$_POST['topic']." and name='".addslashes($_POST['name'])."' and text='".addslashes($_POST['text'])."';");
$result=pg_query("select * from msgboard_messages where topic=".$_POST['topic']." and name='".addslashes(trim($_POST['name']))."' order by date desc limit 1;");
if (pg_numrows($result)>0) {
$obj=pg_fetch_array($result);
if ( addslashes($obj[7]) == addslashes(filterpost($_POST['text'])) ) {
header("Location: ".$PHP_SELF."?action=dispthread&topic=".(string) $_POST['topic']);
exit;
}
}
}
function new_message()
{
global $HTTP_POST_FILES;
check_duplicate_post();
if ($_POST['first_name'] != "" || $_POST['email_address'] != "" || $_POST['last_name'] != "something") {
disp_preamble("Forum","Message creation failed");
echo "<div id=\"postResponse\"><p>Your message post has triggered our anti-spambot check and was not posted.</p>\n";
echo "<p>If you are not a spambot, then please <a href=\"contact\">contact us</a> and let us know.</p></div>";
disp_tail();
return false;
}
if ($_POST['savepassword']=="yes") {
if ($_COOKIE['password']!=$_POST['password']) {
setcookie("password",$_POST['password'],time()+3650*86400,"",".axkickboxing.com");
}
} else {
setcookie("password",$_POST['password'],time()-3650*86400,"",".axkickboxing.com");
}
setcookie("msgtype",'HTML',time()+3650*86400,"",".axkickboxing.com");
if (authorized("message",$_POST['name'],$_POST['password'])) {
$user_id = get_user_id(addslashes(trim($_POST['name'])));
record_name_change(TRUE);
// if ((($HTTP_POST_FILES["userfile"]["type"] == "image/gif") || ($HTTP_POST_FILES["userfile"]["type"] == "image/jpeg") || ($HTTP_POST_FILES["userfile"]["type"] == "image/png") || ($HTTP_POST_FILES["userfile"]["type"] == "image/pjpeg")) && ($HTTP_POST_FILES["userfile"]["size"] < 800000) && $HTTP_POST_FILES['userfile'] && $HTTP_POST_FILES['userfile']['tmp_name']!="none" && $HTTP_POST_FILES['userfile']['name']!="" && !cantupload()) {
//if ($HTTP_POST_FILES['userfile'] && $HTTP_POST_FILES['userfile']['tmp_name']!="none" && $HTTP_POST_FILES['userfile']['name']!="" && !cantupload() && $_POST['topic']!=4840 ) {
if ($_FILES['userfile'] && $_FILES['userfile']['tmp_name']!="none" && $_FILES['userfile']['name']!="" ) {
$_POST['text'] = upload_image($user_id, $HTTP_POST_FILES['userfile']);
}
if ($_POST['linkedimage']!='') {
$url=$_POST['linkedimage'];
if (strpos(strtolower($url),'http://') === FALSE)
$url='http://'.$url;
//$_POST['text']='<img src="'.$url.'" />'."\n".$_POST['text'];
$_POST['text']='[img]'.$url.'[/img]'."\n".$_POST['text'];
}
$toreview=cantpost();
$expired=$toreview;
if (pg_query("insert into msgboard_messages (topic,name,email,url,subject,date,expired,toreview,text,ipaddr) values ('".addslashes($_POST['topic'])."','".addslashes($_POST['name'])."','".addslashes($_POST['email'])."','".addslashes($_POST['url'])."','".addslashes($_POST['subject'])."',now(),'".addslashes($expired)."','".$toreview."','".addslashes(filterpost($_POST['text']))."','".addslashes($_SERVER['REMOTE_ADDR'])."');")) {
pg_query("insert into posters_today (date,name) values(now(),'".addslashes(trim($_POST['name']))."');");
pg_query("update users set messages_posted = messages_posted + 1 where name='".addslashes(trim($_POST['name']))."';");
$_POST['text']='';
if ($toreview!='t') {
pg_query("update msgboard_topics set modified=now(), messagecount=messagecount+1 where id='".addslashes($_POST['topic'])."';");
pg_query("notify newmsg;");
// pg_query("select date_part('epoch',now()::datetime");
}
display_thread($_POST['topic']);
} else {
record_name_change(FALSE);
disp_preamble("Forum","Message creation failed");
$string="";
$string.="Topic: ".$_POST['topic']."\n";
$string.="Name: ".$_POST['name']."\n";
$string.="Email: ".$_POST['email']."\n";
$string.="URL: ".$_POST['url']."\n";
$string.="Subject: ".$_POST['subject']."\n";
$string.="Text: ".$_POST['text']."\n";
error("Your message could not be posted due to an error.\n".pg_last_error()."\n".$string);
disp_tail();
}
} else {
}
}
function disp_new_topic_form()
{
global $text,$PHP_SELF;
/*echo "<table align=center><tr valign=top><td>";
echo "<form method=post>\n";
echo "<table>";
echo "<caption>Create a new topic!</caption>";
echo "<tr><td align=right>Username:<td><input type=text name=\"name\" value=\"".$_COOKIE['name']."\">\n";
echo "<a href=\"".$PHP_SELF."?action=forgotpwd\">Forget your password?</a>";
echo "<tr><td align=right>Password:<td><input type=password name=\"password\" value=\"".$_COOKIE['password']."\">\n";
echo "<tr><td align=right>Topic name:<td><input type=text name=text maxlength=50 value=\"".$text."\">\n";
echo "<tr><td align=right>Create in:<td><select name=topicgroup>";
foreach(pg_fetch_all(pg_query("select * from msgboard_topicgroups;")) as $row) {
echo '<option value="'.htmlspecialchars($row['codename']).'"';
echo ($_REQUEST['topicgroup']==$row['codename'])?' selected':'';
echo '>'.htmlspecialchars($row['name']).' Forum</option>';
}
echo "</select></td></tr>\n";
echo "<tr><td><td><input type=submit name=action value=\"Create topic!\">\n";
echo "</table>\n";
echo "</form>\n";
echo "</td><td align=center>";
echo "<form method=post>\n";
echo "<table>";
echo "<caption>Search for words:</caption>";
echo "<tr><td align=center><input type=text name=\"words\" size=40 value=\"".$_REQUEST['words']."\">\n";
echo "<tr><td align=center><input type=submit name=action value=\"Search topic titles!\"> <input type=submit name=action value=\"Search messages!\">\n";
echo "</table>\n";
echo "</form>\n";
echo "</td></tr></table>";*/
}
function chatlogin() {
// echo '<p><font size=6><a href="chat">Click here to join AX Chat!</a></font></p>';
// echo '<p><form method=get action="http://webchat.md.us.undernet.org:8000/unet1/signon.html">Nickname (for the chat): <input type=text name=N><input type=hidden name=C value="#axkickboxing"> <input type=submit value="Log in!"></form></p>';
}
function profilelogin() {
?>
<form method=post action=profiles>
<table>
<tr><td align=right>Name:<td><input type=text name=name value="<? echo htmlspecialchars($_COOKIE['name']) ?>"> <input type=submit name=action value="Create/load profile">
</table>
</form>
<?
}
function display_topics($words='')
{
global $PHP_SELF,$HTTP_USER_AGENT;
$topics_per_page=75;
$offset=$_GET['offset']+0;
// if (strpos(strtoupper($HTTP_USER_AGENT),"MSIE"))
//$targetstring=" target=_blank";
$targetstring="";
/*
$result=pg_query("select topic,count(*) from msgboard_messages where expired<>'t' group by topic;");
$rows=pg_numrows($result);
for($row=0;$row<$rows;$row++) {
$obj=pg_fetch_array($result,$row);
$darab[$obj['topic']]=$obj['count'];
pg_query("update msgboard_topics set messagecount=".$obj['count']." where id=".$obj['topic'].";");
}
*/
if ($_REQUEST['topicgroup']=='axmain') {
$result=pg_query("select text, id, modified, (modified>'now'::timestamp) as future, expired, messagecount, viewcount, creator, ipaddr, p.name IS NOT NULL as hasprofile, date_part('epoch',modified::timestamp) as date_part, type from msgboard_topics as t left join profiles as p on (t.creator=p.name) where expired<>'t' and messagecount>0 and topicgroup in (1,4) ".(!empty($words)?" and textidx @@ plainto_tsquery('default','".addslashes($words)."') ":"")." order by modified desc limit ".($topics_per_page+1).(($offset>0)?(" offset ".$offset):("")).";");
} else {
$result=pg_query("select text, id, modified, (modified>'now'::timestamp) as future, expired, messagecount, viewcount, creator, ipaddr, p.name IS NOT NULL as hasprofile, date_part('epoch',modified::timestamp) as date_part, type from msgboard_topics as t left join profiles as p on (t.creator=p.name) where expired<>'t' and messagecount>0 and topicgroup=(select id from msgboard_topicgroups where codename='".addslashes($_REQUEST['topicgroup'])."') ".(!empty($words)?" and textidx @@ plainto_tsquery('default','".addslashes($words)."') ":"")." order by modified desc limit ".($topics_per_page+1).(($offset>0)?(" offset ".$offset):("")).";");
}
if (!$result) {
disp_preamble("Forum","Error listing topics");
echo pg_result_error($result);
error("An error occured while listing the topics.");
disp_tail();
exit();
}
if ($words) {
disp_preamble("Forum","Searching for words: ".htmlspecialchars($_REQUEST['words'],ENT_QUOTES));
} else {
disp_preamble("Forum","");
}
// echo "<p align=center><font color=#c46802>Want to post? Please <a href=\"".$PHP_SELF."?action=register\">register here</a>.</font><br>";
// echo "<p>You can edit your profile <a href=\"profiles\">here</a>, or can browse profiles of others <a href=\"profiles?action=browse\">here</a>.</p>";
//disp_new_topic_form();
//echo '<p align=center>'.insert_ad_here('message.axkickboxing.com/index').'</p>';
//include('_axvisitors.inc.php');
echo "<div id=\"forumHeading\">\n";
echo " <div id=\"loginLogout\"></div>\n";
//Logged in : Dave Jackson : <a href="">Logout</a>//
echo " <div id=\"forumTitle\">\n";
$full_forum_name = pg_result(pg_query("select name from msgboard_topicgroups where codename='".addslashes($_REQUEST['topicgroup'])."';"),0,0);
echo " Forum: <span>".$full_forum_name."</span>";
echo " </div>\n";
echo "</div>\n";
echo "<div id=\"textAd\">\n";
//echo " <span>Sponsor:</span></span><a href=\"\"> Some Amazing Upcoming event June 26th. Be there or be lame!</a><br />\n";
//echo " <span>Sponsor:</span>\n";
echo "<script type='text/javascript'><!--//<![CDATA[\n";
echo " var m3_u = (location.protocol=='https:'?'https://www.fightadvertising.com/adserver/www/delivery/ajs.php':'http://www.fightadvertising.com/adserver/www/delivery/ajs.php');\n";
echo " var m3_r = Math.floor(Math.random()*99999999999);\n";
echo " if (!document.MAX_used) document.MAX_used = ',';\n";
echo " document.write (\"<scr\"+\"ipt type='text/javascript' src='\"+m3_u);\n";
echo " document.write (\"?zoneid=3&target=_blank&charset=UTF-8\");\n";
echo " document.write ('&cb=' + m3_r);\n";
echo " if (document.MAX_used != ',') document.write (\"&exclude=\" + document.MAX_used);\n";
echo " document.write ('&charset=UTF-8');\n";
echo " document.write (\"&loc=\" + escape(window.location));\n";
echo " if (document.referrer) document.write (\"&referer=\" + escape(document.referrer));\n";
echo " if (document.context) document.write (\"&context=\" + escape(document.context));\n";
echo " if (document.mmm_fo) document.write (\"&mmm_fo=1\");\n";
echo " document.write (\"'><\/scr\"+\"ipt>\");\n";
echo "//]]>--></script>\n";
echo "</div>\n";
echo "<div id=\"specialMessage\">\n";
//echo " <span>Note:</span></span><a href=\"\"> for Event Promoters, gym owners and fighters</a><br />\n";
echo "</div>\n";
//echo '<p align=center><font size=+3>'.pg_result(pg_query("select name from msgboard_topicgroups where codename='".addslashes($_REQUEST['topicgroup'])."';"),0,0).' Forum</font></p>';
$rows=(pg_numrows($result)<$topics_per_page)?pg_numrows($result):$topics_per_page;
if ($rows==0) {echo "<p align=center>There are no ".(empty($words)?"":"such ")."topics onboard.</p>";}
else {
echo "<table id=\"topiclist\" cellpadding=\"0\" cellspacing=\"0\">\n";
echo "<thead>\n";
echo "<tr>\n";
echo "<th class=\"col1\">Topic</th>\n";
echo "<th class=\"col2\">Posts</th>\n";
echo "<th class=\"col3\">Views</th>\n";
echo "<th class=\"col4\">Last post</th>\n";
echo "<th class=\"col5\">Creator</th>\n";
echo "</tr>\n";
echo "</thead>\n";
echo "<tbody>\n";
//echo "<tr><th>Topic<th class='topicPosts'>Posts<th class='topicViews'>Views<th class='topicLastPost'>Last post<th>Creator</tr>\n";
for($row=0;$row<$rows;$row++) {
echo '<tr'.($row == 0 ? ' id="firstRow"' : '').($row%2 ? ' class="even"' : '').' >';
$obj=pg_fetch_array($result,$row);
//if (strlen($obj['text'])>33) $obj['text']=substr($obj['text'],0,33)."...";
$dispcreator=$obj['creator'];
//if (strlen($dispcreator)>22) $dispcreator=substr($dispcreator,0,22)."...";
switch($obj['type']) {
case 1: $class=' class="sticky"'; break;
case 2: $class=' class="newsrelated"'; break;
default: $class=''; break;
}
//echo '<td class="col1"><div><a href="'.$PHP_SELF.'?action=dispthread&topic='.$obj['id'].'&topicgroup='.$_REQUEST['topicgroup'].'&junk='.urlencode($obj['date_part']).'"'.$targetstring.$class.'" title="'.htmlentities($obj['text']).'" >'.htmlentities($obj['text']).'</a></div></td>';
//echo '<td class="col1"><div><a href="'.$PHP_SELF.'?action=dispthread&topic='.$obj['id'].'&topicgroup='.$_REQUEST['topicgroup'].'"'.$targetstring.$class.'" title="'.htmlentities($obj['text']).'" >'.htmlentities($obj['text']).'</a></div></td>';
echo '<td class="col1"><div><a href="'.$PHP_SELF.'?action=dispthread&topic='.$obj['id'].'&topicgroup='.$_REQUEST['topicgroup'].'&junk='.urlencode(substr($obj['date_part'], -4)).'"'.$targetstring.$class.'" title="'.htmlspecialchars($obj['text']).'" >'.htmlspecialchars($obj['text']).'</a></div></td>';
//echo "<td align=left>".$obj['messagecount'].($obj['viewcount']==''?'':(" - ".$obj['viewcount']))." </td>\n";
echo '<td class="col2">'.$obj['messagecount']."</td>\n";
echo '<td class="col3">'.$obj['viewcount']."</td>\n";
echo '<td class="col4">'.($obj['future']=='t'?'':str_replace(' ',' ',substr($obj['modified'],5,19-8)))."</td>\n";
echo '<td class="col5"><div>';
if ($obj['hasprofile']=='t')
echo "<a href=\"profiles?action=display&name=",urlencode($obj['creator']),"\" title=\"$dispcreator\" \>";
echo $dispcreator;
if ($obj['hasprofile']=='t')
echo "</a>";
echo "<div></td></tr>\n";
}
echo '<tr><td class="topicPagination" colspan="5">';
if ($offset>=$topics_per_page) {
echo "<a class=\"nextPage\" href=\"".$PHP_SELF."?";
echo "offset=".($offset-$topics_per_page)."&topicgroup=".(htmlspecialchars(urlencode($_REQUEST['topicgroup']))).(empty($_REQUEST['words'])?"":"&words=".htmlspecialchars(urlencode($_REQUEST['words'])))."\">< Newer topics</a>";
}
echo " ";
if (pg_numrows($result)>$topics_per_page) {
echo "<a class=\"prevPage\" href=\"".$PHP_SELF."?";
echo "offset=".($offset+$topics_per_page)."&topicgroup=".(htmlspecialchars(urlencode($_REQUEST['topicgroup']))).(empty($_REQUEST['words'])?"":"&words=".htmlspecialchars(urlencode($_REQUEST['words'])))."\">Older topics ></a>";
}
echo "</tbody></table>";
}
/*
echo "<div align=center>";
chatlogin();
//profilelogin();
*/
echo "<p align=center>Is <b>",substr(pg_result(pg_query('select current_timestamp;'),0,0),0,19),"</b> your local time? If not, click <a href=\"tzset\">here</a> to set your timezone!</p>";
/*
pg_query('update hitcounter set msgboard=msgboard+1;');
$hits=pg_result(pg_query('select * from hitcounter;'),0,0);
if (($hits % 100)==0) {
pg_query('commit;');
pg_query('vacuum full analyze hitcounter;');
}
echo "<p>Hit counter (started on 1999-07-18): <b>",number_format($hits),"</b> hits up to now.<br>";
pg_query('delete from hits_today where date<(\'now\'::timestamp+\'1 day ago\'::reltime)::timestamp;');
$hits=pg_result(pg_query('select count(date) from hits_today;'),0,0);
$visitors=pg_result(pg_query('select count(distinct ipaddr) from hits_today;'),0,0);
echo "Daily hit counter: <b>",$hits,"</b> hits from <b>",$visitors,"</b> different IP addresses in the last 24 hours.<br>";
pg_query('delete from posters_today where date<(\'now\'::timestamp+\'1 day ago\'::reltime)::timestamp;');
$posters=pg_result(pg_query('select count(distinct name) from posters_today;'),0,0);
$posts=pg_result(pg_query('select count(date) from posters_today;'),0,0);
//$posts=pg_result(pg_query('select count(date) from msgboard_messages where (date::datetime)>=(\'now\'::timestamp+\'1 day ago\'::reltime);'),0,0);
echo "Daily message counter: <b>",$posters,"</b> people posted a total of <b>",$posts,"</b> messages in the last 24 hours.<br>";
if ($posts!=0) {
echo "Daily posting ratio: <b>",sprintf("%.3f",$hits/$posts),"</b> hits/posted message in the last 24 hours.<br>";
}
//echo "Note: MSIE browsers blindly refresh once every five minutes; Netscape browsers refresh only when any visitor posts a new message.</p>";
echo "Note: This page should refresh once every five minutes.</p>";
echo "</div>";
*/
disp_tail();
if (($hits % 200)==0) {
pg_query('commit;');
pg_query('vacuum full hits_today;');
pg_query('vacuum full posters_today;');
}
}
function display_thread($topic_id)
{
global $name,$email,$url,$PHP_SELF;
if (empty($topic_id)) {
disp_preamble("Forum","Topic number missing",1);
echo "<p>The link you clicked on does not contain the number of the topic, so we cannot show the topic because we don't know which one it is.</p>";
echo "<p>If you followed a link from a webpage, please let the maintainers of that page know that their site probably has bugs with links that contain the & (ampersand) character, and refer them to us for further help.</p>";
disp_tail();
exit();
}
$result=pg_query("select msgboard_topics.*,msgboard_topicgroups.name as groupname from msgboard_topics, msgboard_topicgroups where msgboard_topics.id='".addslashes($topic_id)."'".
(($_REQUEST['key']=="bittersweet")?"":" and expired<>'t'").
" and msgboard_topicgroups.id=topicgroup;");
if (pg_numrows($result)==0) {
disp_preamble("Forum","Topic ".$topic_id." not found",1);
//echo "<p align=center><a href=\"".$PHP_SELF."\">[Back to topic list]</a></p>";
error("We could not find this topic.<br> It was either removed by moderation or there is a technical glitch in displaying the topic.");
disp_tail();
exit();
}
pg_query("update msgboard_topics set viewcount=COALESCE(viewcount,messagecount)+1 where id='".addslashes($topic_id)."' and expired<>'t';");
$topic=pg_fetch_array($result,0);
//disp_preamble("Message Board",htmlentities($topic['groupname'])." Forum, Topic '".htmlentities($topic['text'])."'",1);
disp_preamble(htmlspecialchars($topic['groupname'].' Forum'),htmlspecialchars($topic['text']),1);
//echo "<p align=center><a href=\"".$PHP_SELF."\">[Back to topic list]</a></p>";
//$result=pg_query("select * from msgboard_messages where topic=".$topic." and expired<>'t' order by date;");
$topic['type']=2;
if ($topic['type']==2) { // display news article if there is one
//display_article(281,FALSE);
//display_article(pg_result(pg_query("select id from news_articles where topic='";;;;;;;;;;;;.addslashes($topic_id)."';"),0,0),FALSE);
}
$result=pg_query("select id, topic, name, m.email as email, m.url as url, subject, date, text, ipaddr, expired, toreview, p.name IS NOT NULL as hasprofile from msgboard_messages as m left join profiles as p using (name) where topic='".addslashes($topic_id)."' and expired<>'t' order by date;");
if (!$result) {
disp_preamble("Forum","Error listing thread '".$topic['text']."'",1);
//echo "<p align=center><a href=\"".$PHP_SELF."\">[Back to topic list]</a></p>";
error("An error occured while listing the messages in this thread.");
disp_tail();
exit();
}
$rows=pg_numrows($result);
if ($rows==0) {
echo "<p>There are no messages in this thread.</p>\n";
} else {
display_messages($result);
}
// repeating square ad in threads
/*echo '<div class="google_ad_728x90_repeating">';
echo '</div>';*/
echo "<div id=\"adBottom\">\n";
//echo " <a href=\"http://fightadvertising.com\" class=\"adHeading\">Advertise on Ax</a><br />\n";
echo "
<script type='text/javascript'><!--//<![CDATA[
var m3_u = (location.protocol=='https:'?'https://www.fightadvertising.com/adserver/www/delivery/ajs.php':'http://www.fightadvertising.com/adserver/www/delivery/ajs.php');
var m3_r = Math.floor(Math.random()*99999999999);
if (!document.MAX_used) document.MAX_used = ',';
document.write (\"<scr\"+\"ipt type='text/javascript' src='\"+m3_u);
document.write (\"?zoneid=2\");
document.write ('&cb=' + m3_r);
if (document.MAX_used != ',') document.write (\"&exclude=\" + document.MAX_used);
document.write (document.charset ? '&charset='+document.charset : (document.characterSet ? '&charset='+document.characterSet : ''));
document.write (\"&loc=\" + escape(window.location));
if (document.referrer) document.write (\"&referer=\" + escape(document.referrer));
if (document.context) document.write (\"&context=\" + escape(document.context));
if (document.mmm_fo) document.write (\"&mmm_fo=1\");
document.write (\"'><\/scr\"+\"ipt>\");
//]]>--></script><noscript><a href='http://www.fightadvertising.com/adserver/www/delivery/ck.php?n=ae4915f0&cb=INSERT_RANDOM_NUMBER_HERE' target='_blank'><img src='http://www.fightadvertising.com/adserver/www/delivery/avw.php?zoneid=2&cb=INSERT_RANDOM_NUMBER_HERE&n=ae4915f0' border='0' alt='' /></a></noscript>
";
echo "</div>\n";
// RETURN LINK ABOVE POST FORM
if ($rows>0) {
echo "<div class=\"returnLink\"><br />\n";
echo ' <a href="';
switch($_REQUEST['topicgroup']) {
case '':
echo ".";
break;
case 'axmain':
echo ".";
break;
case 'mma':
echo "?topicgroup=mma";
break;
case 'boxing':
echo "?topicgroup=boxing";
break;
case 'axsportscience':
echo "?topicgroup=axsportscience";
break;
case 'axofftopic':
echo "?topicgroup=axofftopic";
break;
}
echo '"> Back to : '.$topic['groupname']." Forum</a><br /><br />\n";
echo "</div>\n";
}
//OLD AD CODE echo '<div class="message_ad_afterposts">'.insert_ad_here('message.axkickboxing.com/topic_form_bigad').'</div>';
if ($topic['closed']=='t')
{
echo "<center>This thread is closed for new posts.</center>";
} else {
disp_new_message_form();
}
// echo "<p align=center><a href=\"".$PHP_SELF."\">[Back to topic list]</a></p>";
disp_tail();
}
function display_messages($result) {
$rows=pg_numrows($result);
echo "<div id=\"topicLayout\">\n";
for ($row=0;$row<$rows;$row++) {
$message=pg_fetch_array($result,$row);
$ad_cycle_length = 5;
$ad_cycle_offset = (($rows-1) % ($ad_cycle_length)) / 2;
settype($ad_cycle_offset,"integer");
$display_large_ad=NULL;
$display_right_ad=NULL;
if ($row==0) {
$display_large_ad='topic_firstpost_bigad';
$display_right_ad='topic_firstpost_rightad';
} else if ($rows>($ad_cycle_length) and $row>=$ad_cycle_length and $row<($rows-$ad_cycle_length)) {
if (($row-$ad_cycle_offset) % $ad_cycle_length == 0) {
if ((($row-$ad_cycle_offset) / $ad_cycle_length) % 2 == 1) {
$display_right_ad='topic_middlepost_rightad';
} else {
$display_large_ad='topic_middlepost_bigad';
}
}
}
disp_message($message,$display_large_ad,$display_right_ad);
}
echo "</div> <!-- end topicLayout -->\n";
}
function display_person($name,$email,$url)
{
if ($name=="") {
echo "An unknown poster";
} else {
if ($email!="") echo "<a href=\"mailto:".$email."\">";
echo $name;
if ($email!="") echo "</a>";
if ($url!="")
echo " (<a href=\"".$url."\">".$url."</a>)";
}
}
function search_messages() {
pg_query("insert into search_queries (words,ipaddr,username) values('".addslashes($_REQUEST['words'])."','".addslashes($_SERVER['REMOTE_ADDR'])."','".addslashes($_COOKIE['name'])."');");
disp_preamble("Forum","Searching messages containing '".htmlspecialchars($_REQUEST['words'])."'",1);
$result=pg_query("select m.id, topic, name, m.email as email, m.url as url, subject, date, m.text as text, m.ipaddr as ipaddr, m.expired as expired, toreview, p.name IS NOT NULL as hasprofile, t.id as topicid, date_part('epoch', modified::timestamp) as topicdate_part, t.text as topictext from msgboard_topics as t, msgboard_messages as m left join profiles as p using (name)
where m.topic = t.id and m.expired<>'t' and t.expired<>'t' and
m.textidx @@ plainto_tsquery('default','".addslashes($_REQUEST['words'])."')
order by date desc;");
$rows=pg_num_rows($result);
if ($rows==0) {
echo "<p align=center>There are no ".(empty($_REQUEST['words'])?"":"such ")."messages onboard.</p>";
} else {
echo "<p align=center>There are ".$rows." ".(empty($_REQUEST['words'])?"":"such ")."messages onboard.</p>";
}
display_messages($result);
disp_tail();
}
function preview_post() {
global $HTTP_POST_FILES,$text;
if ($_POST['first_name'] != "" || $_POST['email_address'] != "" || $_POST['last_name'] != "something") {
disp_preamble("Forum","Message creation failed");
echo "<div id=\"postResponse\"><p>Your message post has triggered our anti-spambot check and was not posted.</p>\n";
echo "<p>If you are not a spambot, then please <a href=\"contact\">contact us</a> and let us know.</p></div>";
disp_tail();
return false;
}
//display_thread($_REQUEST['topic']);
if (authorized("message",$_POST['name'],$_POST['password'])) {
$user_id = get_user_id(addslashes(trim($_POST['name'])));
record_name_change(TRUE);
// if ((($HTTP_POST_FILES["userfile"]["type"] == "image/gif") || ($HTTP_POST_FILES["userfile"]["type"] == "image/jpeg") || ($HTTP_POST_FILES["userfile"]["type"] == "image/png") || ($HTTP_POST_FILES["userfile"]["type"] == "image/pjpeg")) && ($HTTP_POST_FILES["userfile"]["size"] < 800000) && $HTTP_POST_FILES['userfile'] && $HTTP_POST_FILES['userfile']['tmp_name']!="none" && $HTTP_POST_FILES['userfile']['name']!="" && !cantupload()) {
//if ($HTTP_POST_FILES['userfile'] && $HTTP_POST_FILES['userfile']['tmp_name']!="none" && $HTTP_POST_FILES['userfile']['name']!="" && !cantupload() && $_POST['topic']!=4840 ) {
if ($_FILES['userfile'] && $_FILES['userfile']['tmp_name']!="none" && $_FILES['userfile']['name']!="" ) {
//$_POST['text'] = upload_image($user_id, $HTTP_POST_FILES['userfile']);
$text = upload_image($user_id, $HTTP_POST_FILES['userfile']);
}
if ($_POST['linkedimage']!='') {
$url=$_POST['linkedimage'];
if (strpos(strtolower($url),'http://') === FALSE)
$url='http://'.$url;
//$_POST['text']='<img src="'.$url.'" />'."\n".$_POST['text'];
//$text = '<img src="'.$url.'" />'."\n".$_POST['text'];
$text = '[img]'.$url.'[/img]'."\n".$_POST['text'];
}
} else {
return false;
}
disp_preamble('Forum','Review your message');
echo "<div class=\"message\"><b>Your message is below</b></div>\n";
echo "<div class=\"message\">\n";
echo ' <div class="messageText">';
//echo (nl2br($_POST['text']));
echo (nl2br(filterpost($text)));
echo ' </div>';
echo '</div>';
disp_new_message_form();
}
function disp_message($message,$display_large_ad,$display_right_ad) {
echo "<div class=\"message\">\n";
echo " <div id=\"".$message['id']."\" class=\"messageHeader\">\n";
//echo " <b> Message ID: ".$message['id']."</b>\n<br />";
if ($_REQUEST['action']!='reportpost') {
echo " <div class=\"reportPost\"><a href=\"?action=reportpost&postid=".$message['id']."\">Report Post</a></div>\n";
}
/* if ($display_right_ad) {
echo '<div class="google_ad_200x200">';
echo '</div>';
echo '<div class="message_header_with_ad">';
} else {
echo '<div class="message_header">';
} */
//if ($message['subject']) echo '<div id="#'.$message['id'].'" class="message_subject">'.$message['id'].' : '.$message['subject']."</div><br>\n";
if ($message['subject']) echo '<div id="#'.$message['id'].'" class="message_subject">'.$message['id'].' : '.$message['subject']."</div><br>\n";
if ($message['hasprofile']=='t') echo "<a class=\"profileLink\" href=\"profiles?action=display&name=",urlencode($message['name']),"\">";
echo $message['name'];
if ($message['hasprofile']=='t') echo "</a>";
echo " <br>\n";
//echo htmlentities($message['email']),"<br>\n";
//echo htmlentities($message['url']),"<br>\n";
//echo "Posted: ".substr($message['date'],0,19)," (".htmlspecialchars($_REQUEST['timezone'])." time)<br>\n";
echo "Posted: ".substr($message['date'],0,19),"\n";
/*if (isset($message['topicid'])) {
//$targetstring=" target=_blank";
$targetstring="";
echo 'In topic <a href="'.$PHP_SELF.'?action=dispthread&topic='.$message['topicid'].'&junk='.urlencode($message['topicdate_part']).'"'.$targetstring.$class.'">'.htmlentities($message['topictext']).'</a> ';
}*/
//echo htmlentities($message['name'])," writes:</p>\n";
//echo "</font>";
//display_person($message['name'],$message['email'],$message['url']);
//echo " wrote on ".substr($message['date'],0,10)." regarding ".$message['subject'].":<br>\n";
//echo "<pre>\n";
echo ' </div>';
echo ' <div class="messageText">';
//echo "<font color=#FEFFD2>\n"; // #408080
echo(nl2br($message['text']));
//echo "</font>";
//echo "</pre>\n";
echo ' </div>';
echo '</div>';
//echo '<div class="message_delimiter"><hr></div>';
if ($display_large_ad) {
//echo '<div class="message_ad_afterposts">'.insert_ad_here('message.axkickboxing.com/'.$display_large_ad).'</div>';
//echo '<div class="message_delimiter"><hr></div>';
}
}
function disp_new_message_form() {
global $name,$email,$password,$url,$topic,$msgtype,$text,$PHP_SELF;
if (cantpost()=='t') {
echo "<p><b>Warning:</b> Someone using the same IP address (".$_SERVER['REMOTE_ADDR'].") you are using right now has previously displayed inappropriate behaviour on the board. Therefore as a preventive measure, we are not displaying messages posted from this IP address right away; they will be reviewed instead, and made available for others to read when found appropriate.<br>We apologize for the inconvenience.</p>";
}
echo "<div id=\"newMessageJavascript\">Javascript is disabled in your browser. Please turn on Javascript to post messages.</div>\n";
echo "<form id=\"newMessageForm\" method=\"post\" enctype=\"multipart/form-data\" url=\"".$PHP_SELF."\">\n";
echo " <!-- used to protect against spam bots --> \n";
echo " <input type=\"hidden\" name=\"first_name\" value=\"\" />\n";
echo " <input type=\"hidden\" name=\"last_name\" id=\"formLastName\" value=\"\" />\n";
echo " <input type=\"text\" name=\"email_address\" value=\"\" style=\"display: none;\" />\n";
echo "<input type=\"hidden\" name=\"topic\" value=".$topic." />\n";
echo "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"2000000\" />\n";
echo "<table id=\"threadReply\" cellpadding=\"0\" cellspacing=\"0\">\n";
echo " <tr>\n";
echo " <th colspan=\"2\">Post your message</th>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td class=\"col1\">Name:</td>\n";
echo " <td class=\"col2\">\n";
echo " <input type=\"text\" name=\"name\" size=\"40\" value=\"".$name."\" />\n";
echo " <a href=\"".$PHP_SELF."?action=forgotpwd\">Forget your password?</a>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td class=\"col1\">Password:</td>\n";
echo " <td class=\"col2\">\n";
echo " <input type=\"password\" name=\"password\" size=\"40\" value=\"".$password."\" />\n";
echo " <input type=\"checkbox\" name=\"savepassword\" value=\"yes\" ",empty($_COOKIE['password'])?"":"checked"," />Save password\n";
echo " </td>\n";
echo " </tr>\n";
if (cantupload()) {
echo "<tr><td><td>Your uploading privileges have been suspended. <a href=\"contact\" Contact us</a> if you have any questions.\n";
} else {
echo " <tr>\n";
echo " <td class=\"col1\">Attach Picture:</td>\n";
echo " <td class=\"col2\">\n";
echo " <input type=\"file\" size=\"40\" name=\"userfile\" />\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td class=\"col1\">Link to picture:</td>\n";
echo " <td class=\"col2\">\n";
echo " <input type=\"text\" size=\"40\" name=\"linkedimage\" />\n";
echo " </td>\n";
echo " </tr>\n";
}
echo " <tr>\n";
echo " <td class=\"col1\">Text:</td>\n";
echo " <td class=\"col2\">\n";
echo " <textarea name=\"text\" rows=\"20\" cols=\"65\" wrap=\"soft\">".$text."</textarea> \n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td class=\"col1\"> </td>\n";
echo " <td class=\"col2\">\n";
echo " <input type=\"submit\" name=\"action\" value=\"Submit post\" /> <input type=\"submit\" name=\"action\" value=\"Preview post\" /> <input type=\"submit\" name=\"action\" value=\"Cancel post\" />\n";
echo " </td>\n";
echo " </tr>\n";
echo "</table>\n";
echo "</form>\n";
}
function register_visit() {
global $HTTP_USER_AGENT;
$result=pg_query("select agent_id from agentlist where agent_name='".addslashes($HTTP_USER_AGENT)."';");
if (pg_numrows($result)==0) {
pg_query("begin;");
pg_query("lock table agentlist in exclusive mode;");
$result=pg_query("select agent_id from agentlist where agent_name='".addslashes($HTTP_USER_AGENT)."';");
if (pg_numrows($result)==0) {
pg_query("insert into agentlist (agent_name) values ('".addslashes($HTTP_USER_AGENT)."');");
$result=pg_query("select currval('agentlist_agent_id_seq');");
}
pg_query("commit;");
}
$id=pg_result($result,0,0);
//echo "agentid: ",$id;
pg_query("insert into agents (agent_id,ipaddr,date,username,clientip,forwardedfor) values('".addslashes($id)."','".addslashes($_SERVER['REMOTE_ADDR'])."',now(),'".addslashes($_COOKIE['name'])."','".addslashes(getenv("HTTP_CLIENT_IP"))."','".addslashes(getenv("HTTP_X_FORWARDED_FOR"))."');");
pg_query("insert into hits_today (date,ipaddr) values(now(),'".addslashes($_SERVER['REMOTE_ADDR'])."');");
}
function handle_table() {
if ($_REQUEST['timezone'])
pg_query("set time zone '".addslashes($_REQUEST['timezone'])."';");
switch ($_REQUEST['action']) {
case "Create topic!" : new_topic(); break;
case "Submit post" :
new_message();
break;
case "Cancel post" :
header("Location: ./");
break;
case "Preview post" : preview_post(); break;
case "Register!" : new_user(); break;
case "I forgot my password!" :
forgot_password_process($_POST['email'], $_POST['name'], $_POST['forgotSelect'], $_SERVER['REMOTE_ADDR']);
disp_tail();
break;
case "send post report" :
//disp_preamble("Forum","");
handle_post_report($_POST['name'], $_POST['password'], $_POST['post_id'], $_POST['topic_id'], $_POST['reason'], addslashes($_SERVER['REMOTE_ADDR']), $_POST['post_user'], $_POST['post_message']);
disp_tail();
break;
case "dispthread" : display_thread($_REQUEST['topic']); break;
case "forgotpwd" : disp_forgot_pwd_form(); break;
case "reportpost" : disp_report_post_form($_REQUEST['postid'],$_REQUEST['topic']); break;
case "register" :
disp_preamble("Forum","New user registration");
disp_register_form();
disp_tail();
break;
case 'Search messages': search_messages(); break;
case 'Search topic titles':
unset($_GET['offset']);
unset($_GET['words']);
$_REQUEST['words']=$_POST['words'];
$_REQUEST['offset']=$_POST['offset'];
pg_query("insert into search_queries (words,ipaddr,username) values('".addslashes($_REQUEST['words'])."','".addslashes($_SERVER['REMOTE_ADDR'])."','".addslashes($_COOKIE['name'])."');");
default :
// pg_query("listen newtopic;");
// pg_query("listen newmsg;");
register_visit();
/*
if ((strpos(strtoupper($_SERVER['HTTP_USER_AGENT']),"MSIE")) | (strtoupper(substr($_SERVER['HTTP_USER_AGENT'],0,4))=="LYNX")) {
*/
display_topics($_REQUEST['words']);
/*
} else {
multipart_init("ThisRandomString");
while(!connection_aborted()) {
multipart_open('text/html');
display_topics();
multipart_close();
// pg_getnotify(1);
}
multipart_done();
}
*/
break;
}
}
// main
if (empty($_REQUEST['topicgroup'])) $_REQUEST['topicgroup']='axmain';
if ($_COOKIE['converted']<3) {
while (list($key,$val) = each($_COOKIE)) {
setcookie($key,$val,time()-3650*86400);
setcookie($key,$val,time()-3650*86400,"/",".axkickboxing.com");
setcookie($key,$val,time()+3650*86400,"",".axkickboxing.com");
}
setcookie("converted","3",time()+3650*86400,"",".axkickboxing.com");
}
handle_table(db_connect());
?>
|