\n Error caused by statement: $sql"; return $error; } function template ($file) { return addslashes(implode("",file("templates/$file"))); } function template_cache ($file) { if (!$cache[$file]) $cache[$file] = addslashes(implode("",file("templates/$file"))); return $cache[$file]; } function create_index($text) { // Originally, this function used tokenizing to create a unique index, but it figures that it won't be in best interest for the search utility. $strip_words = array ("the", "this", "and", "but", "was", "that", "with", "its", "you", "they", "what", "why", "for", "are", "our", "then", "there", "which"); $text=strtolower($text); $text=ereg_replace("<[^>]*>"," ",$text); $text=ereg_replace("&[^;];"," ",$text); $words=explode(" ",$text); while (list($key_strip, $val_strip) = each($strip_words)) { $word = stripslashes($val_strip); $text = eregi_replace(" $word ", " ", $text); } return $text; } function n_mail($to, $subject, $core_msg, $add_header) { $from = $admin_email; $cmd_line=sprintf("/usr/sbin/sendmail %s -t",$from); $fp=popen($cmd_line,"w"); $temp=sprintf("To: %s\n",$to); $len=strlen($temp); $ret_p=fputs($fp,$temp,$len); $temp=sprintf("Subject: %s\n",$subject); $len=strlen($temp); $ret_p=fputs($fp,$temp,$len); if ($add_header != "") { $temp=sprintf("%s\n",$add_header); $len=strlen($temp); $ret_p=fputs($fp,$temp,$len); } $temp=sprintf("\n%s\n",$core_msg); $len=strlen($temp); $ret_p=fputs($fp,$temp,$len); pclose($fp); } function checkban($email) { global $REMOTE_ADDR; $sql = "SELECT IP, email FROM banned"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); if ($results = mysql_fetch_array($query)) { $IP = split("\n", $results["IP"]); for ($index = 0; $index < count($IP); $index++) { $ip = trim(ereg_replace("\*", "", $IP[$index])); if ($ip != "") { if (ereg($ip,$REMOTE_ADDR)) { echo "You ($REMOTE_ADDR) have been banned from this forum."; exit; } } } $EMAIL = split("\n", $results["email"]); for ($index = 0; $index < count($EMAIL); $index++) { $mail = trim(ereg_replace("\*", "", $EMAIL[$index])); if ($mail != "") { if (ereg($mail, $email)) { echo "You ($email) have been banned from this forum."; exit; } } } } } function checkid($UserName, $Password, $status, $FID) { if ($status == "Administrator") { $sql_append = "AND status='Administrator'"; } elseif ($status == "Moderator") { $sql_append = "AND (status='Moderator' OR status='Administrator')"; } else { } $sql = "SELECT password, status FROM members WHERE username='$UserName' $sql_append"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); if ($member = mysql_fetch_array($query)) { if (($Password != crypt($member[password], "BB")) && ($Password != $member[password])) { echo "Sorry, but your password did not match."; echo $sql; exit; } } elseif($UserName != "Anonymous") { echo "Sorry, but your username is not in the db."; exit; } if ($FID != "") { $sql = "SELECT FID FROM moderator WHERE moderator='$UserName' AND FID='$FID'"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); $mod = mysql_fetch_array($query); if (($member[status] != "Administrator") AND ($member[status] != "Super Moderator") AND ($FID != $mod[FID])) { echo "Sorry, but you are not authorized to moderate this board."; exit; } } return 1; } function checkid_edit($UserName, $Password, $status, $FID) { $value = 1; if ($status == "Administrator") { $sql_append = "AND status='Administrator'"; } elseif ($status == "Moderator") { $sql_append = "AND (status='Moderator' OR status='Administrator')"; } else { } $sql = "SELECT password, status FROM members WHERE username='$UserName' $sql_append"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); if ($member = mysql_fetch_array($query)) { if (($Password != crypt($member[password], "BB")) && ($Password != $member[password])) { $value = 0; } } else { $value = 0; } if ($FID != "") { $sql = "SELECT FID FROM moderator WHERE moderator='$UserName' AND FID='$FID'"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); $mod = mysql_fetch_array($query); if (($member[status] != "Administrator") AND ($FID != $mod[FID])) { $value = 0; } } return $value; } // Determines if the user is online or not function check_session ($username, $title, $place, $ip) { if (!isset($username)) { $username = "$ip"; $guest = 1; } $sql = "DELETE FROM session WHERE time < '" . ((time()-($timeoffset*3600))-600) . "'"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); $sql = "SELECT time FROM session WHERE username='$username'"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); $url = "$title"; if ($row = mysql_fetch_array($query)) { //session exists, update last action $sql = "UPDATE session SET username='$username', time='" . time() . "', activity='" . addslashes($url) . "', host_addr='$ip', guest='$guest' WHERE username='$username'"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); } else { //session doesn't exist, create new online info $sql = "INSERT INTO session (username, time, activity, host_addr, guest) VALUES ('$username', '" . time() . "', '" . addslashes($url) . "', '$ip', '$guest')"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); } } // Necessary routines for speed checks function ss_timing_start ($name = 'default') { global $ss_timing_start_times; $ss_timing_start_times[$name] = explode(' ', microtime()); } function ss_timing_stop ($name = 'default') { global $ss_timing_stop_times; $ss_timing_stop_times[$name] = explode(' ', microtime()); } function ss_timing_current ($name = 'default') { global $ss_timing_start_times, $ss_timing_stop_times; if (!isset($ss_timing_start_times[$name])) { return 0; } if (!isset($ss_timing_stop_times[$name])) { $stop_time = explode(' ', microtime()); } else { $stop_time = $ss_timing_stop_times[$name]; } // do the big numbers first so the small ones aren't lost $current = $stop_time[1] - $ss_timing_start_times[$name][1]; $current += $stop_time[0] - $ss_timing_start_times[$name][0]; return $current; } function cookie($lastactive, $lastvisit, $cookiepath) { $time = (time() + 3600 * 24 * 7 * 52); // sets one year if ($lastvisit != "") { if ($lastactive+600 > time()) { $visit = $lastvisit; } else { $visit = $lastactive; } SetCookie("lastvisit",$visit,$time,$cookiepath); } else { SetCookie("lastvisit",time(),$time,$cookiepath); } SetCookie("lastactive",time(),$time,$cookiepath); } function cookie_old ($newvisit, $lastvisit) { if($newvisit == "") { $time = (time() + 3600 * 24 * 7 * 52); // sets one year setcookie("lastvisit", time(), $time, $cookiepath); } $min = date("i",time()); $hour = date("H",time()); $day = date("Y-m-d",time()); $oldmin = date("i",$lastvisit); $oldhour = date("H",$lastvisit); $oldday = date("Y-m-d",$lastvisit); if((time() - 3600) > $lastvisit) { $time = (time() + 3600 * 24 * 7 * 52); // sets one year setcookie("lastvisit", $newvisit, $time, $cookiepath); } $time = (time() + 3600 * 24 * 7 * 52); // sets one year setcookie("newvisit", time(), $time, $cookiepath); } function bbcodeparse($message) { $message = str_replace("&","&",$message); $message = str_replace("<","<",$message); $message = str_replace(">",">",$message); $message = nl2br($message); $message = eregi_replace(quotemeta("[b]"),quotemeta(""),$message); $message = eregi_replace(quotemeta("[/b]"),quotemeta(""),$message); $message = eregi_replace(quotemeta("[i]"),quotemeta(""),$message); $message = eregi_replace(quotemeta("[/i]"),quotemeta(""),$message); $message = eregi_replace(quotemeta("[u]"),quotemeta(""),$message); $message = eregi_replace(quotemeta("[/u]"),quotemeta(""),$message); $message = eregi_replace("\\[url\\]www.([^\\[]*)\\[/url\\]", "\\1",$message); $message = eregi_replace("\\[url\\]([^\\[]*)\\[/url\\]","\\1",$message); $message = eregi_replace("\\[url=([^\\[]*)\\]([^\\[]*)\\[/url\\]","\\2",$message); $message = eregi_replace("\\[email\\]([^\\[]*)\\[/email\\]", "\\1",$message); $message = eregi_replace("quote\\]", "quote]", $message); $message = str_replace("[quote]\r\n", "

quote:
", $message); $message = str_replace("[quote]", "
quote:
", $message); $message = str_replace("[/quote]\r\n", "
", $message); $message = str_replace("[/quote]", "

", $message); $message=eregi_replace("\\[img\\]([^\\[]*)\\[/img\\]","

",$message); $message=eregi_replace("\\[swf width=([^\\[]*) height=([^\\[]*)\\]([^\\[]*)\\[/swf\\]","

", $message); $sql = "SELECT short, url FROM smilies"; $query = mysql_query($sql); while($row = mysql_fetch_array($query)) { $message = eregi_replace(quotemeta($row['short']), "

", $message); } return $message; } function str_repeats($input, $mult) { //str_repeat() - replacement(backward-comp.) $ret = ""; while ($mult > 0) { $ret .= $input; $mult --; } return $ret; } function censor($message) { $sql = "SELECT * FROM censor"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); while ($censor = mysql_fetch_array($query)) { $word = stripslashes($censor[word]); $replacement = str_repeats("*", strlen($word)); $message = eregi_replace("$word", "$replacement", $message); } return $message; } function admin_check_id ($username, $password) { $sql = "SELECT * FROM members WHERE username='$username'"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); if ($member = mysql_fetch_array($query)) { if ($member[password] != $password) { echo "Sorry, but the password did not match the username. Please check and make sure you have entered in the right password."; exit; } } else { echo "Sorry, but there is no such member in the database. Please check and make sure you have entered in the right username."; exit; } if ($member[status] != "Administrator") { echo "Sorry, but you are not a valid Administrator to utilize this feature."; exit; } } function hiearchy ($FID, $TID) { $sql = "SELECT home_name FROM foruminfo"; $query_foruminfo = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); $foruminfo = mysql_fetch_array($query_foruminfo); $hiearchy .= "

$foruminfo[home_name]\n
"; if ($FID != "") { $sql = "SELECT FID, title FROM forum WHERE FID='$FID'"; $query_forum = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); $forum = mysql_fetch_array($query_forum); } if (($TID != "") && ($TID)) { $hiearchy .= "

$forum[title]\n
"; } else { $hiearchy .= "

$forum[title]\n
"; } if ($TID != "") { $sql = "SELECT TID, title FROM thread WHERE TID='$TID'"; $query_thread = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); $thread = mysql_fetch_array($query_thread); $hiearchy .= "

$thread[title]\n
"; } return $hiearchy; } function jump_to () { $sql = "SELECT CID, category, displayorder FROM category ORDER BY displayorder"; $query_cat = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); $jump = ""; return $jump; } // This function directed primary for PMS function makefolderjump($username) { $sql = "SELECT pmfolder FROM members WHERE username='$username'"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); $pminfo = mysql_fetch_array($query); if ($pminfo[pmfolder]) { $folderjump = ""; return $folderjump; } //Boolean Creation for SQL queries function b_parse($str, $field) { if($str) { $quoted = explode( "\\\"", $str); for($i = 0; $i < count($quoted); $i++) { if($i == 0 && !$quoted[$i]) { //quote came at beginning of string $begin = True; $i++; } if($begin) { $words[] = $quoted[$i]; } else { $phrase = explode( " ", $quoted[$i]); for($n = 0; $n < count($phrase); $n++) { if($phrase[$n]) { $words[] = $phrase[$n]; } } } $begin = !$begin; } for($i = 0; $i < count($words); $i++) { if($words[$i]) { if($words[$i] == "AND" || $words[$i] == "OR" || $words[$i] == "NOT") { if($words[$i] == "NOT") { $i++; if($sql_out) { $sql_out .= " AND "; } $sql_out .= $field . " NOT LIKE '%" . $words[$i] . "%'"; } else if($i > 0) { $sql_out .= " " . strtoupper($words[$i]) . " "; $boolean = True; } } else { if($sql_out && !$boolean) { $sql_out .= " OR "; } $sql_out .= $field . " LIKE '%" . $words[$i] . "%'"; $boolean = False; } } } } return $sql_out; } function foruminfo () { global $showgender, $bg, $body, $text, $link, $alink, $vlink, $face, $small, $medium, $large, $head_color, $head_bg_color, $nav_color; global $border_color, $nav_bg_color, $main_head_bg_color, $utilities_bg_color, $cat_bg_color, $cat_color, $fader_bg_color, $col1_bg, $col2_bg, $row, $in_head, $shade; global $bb_name, $header, $footer, $urltoforum, $urltologo, $admin_email, $timezone; global $daysprune, $mult, $pmperpage, $searchperpage, $memberlistper, $topicsper, $hottopic, $cookiepath, $num_view_replies, $lang_file, $pageincr, $use_smtp, $SMTP, $floodtime, $pms; $sql = "SELECT gender, bb_name, header, footer, urltoforum, urltologo, bg, body, text, link, alink, vlink, face, small, medium, large, head_color, head_bg_color, nav_color, border_color, nav_bg_color, main_head_bg_color, utilities_bg_color, cat_bg_color, cat_color, fader_bg_color, col1_bg, col2_bg, row, in_head, shade, admin_email, timezone, prune, mult, pmperpage, searchperpage, memberlistper, topicsper, hottopic, cookiepath, num_view_replies, lang_file, pageincr, use_smtp, sendmail, SMTP, floodtime, pms FROM foruminfo"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); list($showgender, $bb_name, $header, $footer, $urltoforum, $urltologo, $bg, $body, $text, $link, $alink, $vlink, $face, $small, $medium, $large, $head_color, $head_bg_color, $nav_color, $border_color, $nav_bg_color, $main_head_bg_color, $utilities_bg_color, $cat_bg_color, $cat_color, $fader_bg_color, $col1_bg, $col2_bg, $row, $in_head, $shade, $admin_email, $timezone, $daysprune, $mult, $pmperpage, $searchperpage, $memberlistper, $topicsper, $hottopic, $cookiepath, $num_view_replies, $lang_file, $pageincr, $use_smtp, $sendmail, $SMTP, $floodtime, $pms) = mysql_fetch_array($query); } function styles ($FID) { $sql = "SELECT * FROM forum WHERE FID='$FID'"; $query = mysql_db_query($GLOBALS["database"], $sql) or die(geterrdesc($sql)); $foruminfo = mysql_fetch_array($query); global $bg, $body, $text, $link, $alink, $vlink, $face, $small, $medium, $large, $head_color, $head_bg_color, $nav_color; global $border_color, $nav_bg_color, $main_head_bg_color, $utilities_bg_color, $cat_bg_color, $cat_color, $fader_bg_color, $col1_bg, $col2_bg, $row, $in_head, $shade; if ($foruminfo[bg] != "") { $bg = $foruminfo[bg]; } if ($foruminfo[body] != "") { $body = $foruminfo[body]; } if ($foruminfo[text] != "") { $text = $foruminfo[text]; } if ($foruminfo[link] != "") { $link = $foruminfo[link]; } if ($foruminfo[alink] != "") { $alink = $foruminfo[alink]; } if ($foruminfo[vlink] != "") { $vlink = $foruminfo[vlink]; } if ($foruminfo[face] != "") { $face = $foruminfo[face]; } if ($foruminfo[small] != "") { $small = $foruminfo[small]; } if ($foruminfo[medium] != "") { $medium = $foruminfo[medium]; } if ($foruminfo[large] != "") { $large = $foruminfo[large]; } if ($foruminfo[head_color] != "") { $head_color = $foruminfo[head_color]; } if ($foruminfo[head_bg_color] != "") { $head_bg_color = $foruminfo[head_bg_color]; } if ($foruminfo[nav_color] != "") { $nav_color = $foruminfo[nav_color]; } if ($foruminfo[border_color] != "") { $border_color = $foruminfo[border_color]; } if ($foruminfo[nav_bg_color] != "") { $nav_bg_color = $foruminfo[nav_bg_color]; } if ($foruminfo[main_head_bg_color] != "") { $main_head_bg_color = $foruminfo[main_head_bg_color]; } if ($foruminfo[utilities_bg_color] != "") { $utilities_bg_color = $foruminfo[utilities_bg_color]; } if ($foruminfo[cat_bg_color] != "") { $cat_bg_color = $foruminfo[cat_bg_color]; } if ($foruminfo[cat_color] != "") { $cat_color = $foruminfo[cat_color]; } if ($foruminfo[fader_bg_color] != "") { $fader_bg_color = $foruminfo[fader_bg_color]; } if ($foruminfo[col1_bg] != "") { $col1_bg = $foruminfo[col1_bg]; } if ($foruminfo[col2_bg] != "") { $col2_bg = $foruminfo[col2_bg]; } if ($foruminfo[row] != "") { $row = $foruminfo[row]; } if ($foruminfo[in_head] != "") { $in_head = $foruminfo[in_head]; } if ($foruminfo[shade] != "") { $shade = $foruminfo[shade]; } } function redirect ($loc, $redirect) { $bb_name = $GLOBALS["bb_name"]; $header = $GLOBALS["header"]; $footer = $GLOBALS["footer"]; $urltoforum = $GLOBALS["urltoforum"]; $urltologo = $GLOBALS["urltologo"]; $bg = $GLOBALS["bg"]; $body = $GLOBALS["body"]; $text = $GLOBALS["text"]; $link = $GLOBALS["link"]; $alink = $GLOBALS["alink"]; $vlink = $GLOBALS["vlink"]; $face = $GLOBALS["face"]; $small = $GLOBALS["small"]; $medium = $GLOBALS["medium"]; $head_color = $GLOBALS["head_color"]; $head_bg_color = $GLOBALS["head_bg_color"]; $nav_color = $GLOBALS["nav_color"]; $border_color = $GLOBALS["border_color"]; $nav_bg_color = $GLOBALS["nav_bg_color"]; $main_head_bg_color = $GLOBALS["main_head_bg_color"]; $utilities_bg_color = $GLOBALS["utilities_bg_color"]; $cat_bg_color = $GLOBALS["cat_bg_color"]; $cat_color = $GLOBALS["cat_color"]; $fader_bg_color = $GLOBALS["fader_bg_color"]; $col1_bg = $GLOBALS["col1_bg"]; $col2_bg = $GLOBALS["col2_bg"]; $row = $GLOBALS["row"]; $in_head = $GLOBALS["in_head"]; $shade = $GLOBALS["shade"]; $newline = template("redirect.html"); eval("echo stripslashes(\"$newline\");"); } function verfify_info($UserName, $email, $Password) { if ((!$email) || (strrpos($email,' ') > 0) || ($email=="") || (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$",$email))) $error = "This is an invalid email address."; if (strlen($Password) > 25) $error = "This password is greater than 25 characters."; if ((!$UserName) || ($UserName=="") || !strcasecmp($UserName,"Anonymous") || (ereg("[^a-zA-Z0-9_-]",$UserName))) $error = "This is an invalid user name."; if (strlen($UserName) > 25) $error = "This username is too long."; if (strrpos($UserName,' ') > 0) $error = "There cannot be any spaces in your username"; return($error); } $smtp_host = $SMTP; /* Ok, this hack attempts to stop access to the admin sections based on the page path containing "admin". Admins must have a cookie set and the cookie password (already crypted) must match the crypted value of the cookie in the database. If so, off we go. If not, prompted to log in. */ if (eregi("admin",$REQUEST_URI)){ connect_db(); // foruminfo(); $sql = "SELECT status,password FROM members WHERE username='$username'"; $member_query = mysql_db_query($database, $sql) or die(geterrdesc($sql)); $memberinfo = mysql_fetch_array($member_query); $status = $memberinfo[status]; $uncryptpassword = $memberinfo['password']; if (crypt($uncryptpassword, "BB") != $password){ echo "The page you are trying to access is an admin page
"; echo "and is only availible upon supplying the proper
"; echo "credentials. You may login here.
"; exit; } } ?>