<?php
/////////////////////////////////scripted by captain@wapirate.net
include("../core.php");
include("../config.php");
header("Content-type: text/html; charset=ISO-8859-1");
echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\"\"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">";
$addy = "wapirate.net";
$bcon = connectdb();
if (!$bcon)
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/error.gif\" alt=\"*\"/><br/>";
echo "ERROR! cannot connect to database<br/><br/>";
echo "This error usually happens when backing up the database, please be patient, The site will be up as soon as possible<br/><br/>";
echo "You can temporary use our other <a href=\"http://wapirate.mygamesonline.org/chat/index.php\">chatroom</a> while wapirate is offline<br/>";
echo "<b>THANK YOU VERY MUCH</b>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
$brws = $_SERVER['HTTP_USER_AGENT'];
$ubr = $brws;
$uip = getip();
$action = $_GET["action"];
$sid = $_GET["sid"];
$page = $_GET["page"];
$who = $_GET["who"];
$ice = $_GET["ice"];
$uid = getuid_sid($sid);
$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
$size_bytes = 50485760;
cleardata();
if(isipbanned($uip,$ubr))
{
if(!isshield(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "This IP address is blocked<br/>";
echo "<br/>";
echo "However we grant a shield against IP-Ban for our best users, you can try to see if you are shielded by trying to login, if you keep coming to this page that means you are not shielded, so come back when the ip-ban period is over<br/><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE penalty='2' AND ipadd='".$uip."' AND browserm='".$ubr."' LIMIT 1 "));
//echo mysql_error();
$remain = $banto[0] - time();
$rmsg = gettimemsg($remain);
echo " IP: $rmsg<br/><br/>";
echo "</p>";
echo "<form action=\"/xhtml/login.php\" method=\"get\">";
echo "username:<br/> <input name=\"loguid\" format=\"*x\" size=\"8\" maxlength=\"30\"/><br/>";
echo "password:<br/> <input type=\"password\" name=\"logpwd\" size=\"8\" maxlength=\"30\"/><br/>";
echo "<input type=\"submit\" value=\"login »\"/>";
echo "</form>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
}
//echo isbanned($uid);
if(isbanned($uid))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "You are <b>Banned</b><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1'"));
$banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'"));
$remain = $banto[0]- time();
$rmsg = gettimemsg($remain);
echo "Time to finish your penalty: $rmsg<br/><br/>";
echo "Ban Reason: $banres[0]";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
$res = mysql_query("UPDATE ibwf_users SET browserm='".$ubr."', ipadd='".$uip."' WHERE id='".getuid_sid($sid)."'");
///////////////////////////////////////////////new topic
if($action=="newtopic")
{
$fid = $_GET["fid"];
if(!canaccess(getuid_sid($sid), $fid))
{
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You Don't Have A Permission To View The Contents Of This Forum<br/><br/>";
echo "<a href=\"/index.php?action=main&sid=$sid\">Home</a>";
echo "</p>";
echo "</body>";
echo "</html>";
exit();
}
addonline(getuid_sid($sid),"Attaching new topic","");
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Add Attachment<br/></div>";
echo "<form enctype=\"multipart/form-data\" action=\"index.php?action=newtopic2&sid=$sid&ice=$ice\" method=\"post\">";
echo "Title:<input name=\"ntitle\" maxlength=\"30\"/><br/>";
echo "Text:<input name=\"tpctxt\" maxlength=\"500\"/><br/>";
echo "Attatchment:<input type=\"file\" name=\"filetoupload\"/><br><br/>";
echo "<input type=\"hidden\" name=\"fid\" value=\"$fid\"/>";
echo "<input type=\"submit\" name=\"uploadform\" value=\"Create\"/>";
echo "<form>";
echo "<p align=\"center\">";
if($ice==1){
echo "<br/><br/><a href=\"/index.php?action=viewfrm&sid=$sid&fid=$fid\">";
$fname = getfname($fid);
echo "$fname</a><br/>";
echo "<a href=\"/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
}else{
echo "<br/><br/><a href=\"/xhtml/index.php?action=viewfrm&sid=$sid&fid=$fid\">";
$fname = getfname($fid);
echo "$fname</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
///////////////////////////new topic 2
else if($action=="newtopic2")
{
$fid = $_POST["fid"];
$ntitle = $_POST["ntitle"];
$tpctxt = $_POST["tpctxt"];
if(!canaccess(getuid_sid($sid), $fid))
{
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You Don't Have Permission To View The Contents Of This Forum<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\">Home</a>";
echo "</p>";
echo "</body>";
echo "</html>";
exit();
}
addonline(getuid_sid($sid),"Created New Topic","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Add Attachment<br/></div>";
echo "<p align=\"center\">";
$crdate = time();
//$uid = getuid_sid($sid);
$texst = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE name LIKE '".$ntitle."' AND fid='".$fid."'"));
if($texst[0]==0)
{
$res = false;
$ltopic = mysql_fetch_array(mysql_query("SELECT crdate FROM ibwf_topics WHERE authorid='".$uid."' ORDER BY crdate DESC LIMIT 1"));
global $topic_af;
$antiflood = time()-$ltopic[0];
if($antiflood>$topic_af)
{
if((trim($ntitle)!="")||(trim($tpctxt)!=""))
{
$res = mysql_query("INSERT INTO ibwf_topics SET name='".$ntitle."', fid='".$fid."', authorid='".$uid."', text='".$tpctxt."', crdate='".$crdate."', lastpost='".$crdate."'");
}
if($res)
{
$usts = mysql_fetch_array(mysql_query("SELECT posts, plusses FROM ibwf_users WHERE id='".$uid."'"));
$ups = $usts[0]+1;
$upl = $usts[1]+1;
mysql_query("UPDATE ibwf_users SET posts='".$ups."', plusses='".$upl."' WHERE id='".$uid."'");
$tnm = htmlspecialchars($ntitle);
echo "<img src=\"/images/ok.gif\" alt=\"O\"/>Topic <b>$tnm</b> Created Successfully";
$tid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_topics WHERE name='".$ntitle."' AND fid='".$fid."'"));
////////////here
//$size_bytes=10485760;
$kb = $size_bytes / 1024;
$extlimit="yes";
$limitedext=array(".jpg",".jpeg",".gif",".png",".mid",".mp3",".wma",".amr",".sis",".sisx",".jar",".jad",".3gp",".mp4",".avi",".mov",".wmv",".mpg",".mpeg",".zip",".swf");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>No file selected!<br/>";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload a $ext file!', actdt='".time()."'");
}
else if($file_size>$size_bytes){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
}
else if(file_exists("./$file_name")){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Filename already exists!<br/>";
}
else if(file_exists("./".getnick_sid($sid)."(5)".$ext)){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/><br/><b>Error!!!</b><br/>5 pics hav already been uploaded...<br/>";
}
else if($file_size){
$file_name2=str_replace(" ","",$file_name);
$filename=explode(".",$file_name);
$size = $file_size/1024;
mysql_query("INSERT INTO download_topic SET filename='".$file_name2."', path='http://".$_SERVER['SERVER_NAME']."/xhtml/topics/".$file_name2."', tid='".$tid[0]."', size='".$size."'");
move_uploaded_file($file_tmp, "./$file_name2");
//move_uploaded_file($file_tmp, "./".md5($filename[0]).$ext);
echo "<br/>$file_name2<br/>
successfully uploaded!<br/>";
}
else{
$main.="<img src=\"../images/notok.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>";
}
///////////here
echo "<br/><br/><a href=\"index.php?action=viewtpc&sid=$sid&tid=$tid[0]\">";
echo "View Topic</a>";
}else{
echo "<img src=\"/images/notok.gif\" alt=\"X\"/>Error Creating New Thread";
}
}else{
$af = $topic_af -$antiflood;
echo "<img src=\"/images/notok.gif\" alt=\"X\"/>Antiflood Control: $af";
}
}else{
echo "<img src=\"/images/notok.gif\" alt=\"X\"/>Topic Name already Exist";
}
$fname = getfname($fid);
if($ice>0){
echo "<br/><br/><a href=\"/index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}else{
echo "<br/><br/><a href=\"/xhtml/index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////Post reply
else if($action=="post")
{
$tid = $_GET["tid"];
$tfid = mysql_fetch_array(mysql_query("SELECT fid FROM ibwf_topics WHERE id='".$tid."'"));
$fid = $tfid[0];
if(!canaccess(getuid_sid($sid), $fid))
{
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You Don't Have Permission To View The Contents Of This Forum<br/><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
addonline(getuid_sid($sid),"Posting Reply","");
$qut = $_GET["qut"];
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Add Attachment<br/></div>";
echo "<form enctype=\"multipart/form-data\" action=\"index.php?action=post2&sid=$sid&ice=$ice\" method=\"post\">";
echo "Text: <input name=\"reptxt\" maxlength=\"500\"/><br/>";
echo "<input type=\"hidden\" name=\"tid\" value=\"$tid\"/>";
echo "<input type=\"hidden\" name=\"qut\" value=\"$qut\"/>";
echo "<input type=\"hidden\" name=\"tid\" value=\"$tid\"/>";
echo "Attatchment:<input type=\"file\" name=\"filetoupload\"/><br><br/>";
echo "<input type=\"submit\" name=\"uploadform\" value=\"Reply\"/>";
echo "</form>";
echo "<p align=\"center\">";
$fid = getfid($tid);
$fname = getfname($fid);
if($ice==1){
echo "<br/><br/><a href=\"/index.php?action=viewtpc&sid=$sid&tid=$tid\">";
echo "Back to Topic</a>";
echo "<br/><a href=\"/index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}else{
echo "<br/><br/><a href=\"/xhtml/index.php?action=viewtpc&sid=$sid&tid=$tid\">";
echo "Back to Topic</a>";
echo "<br/><a href=\"/xhtml/index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////post 2
else if($action=="post2")
{
$tid = $_POST["tid"];
$tfid = mysql_fetch_array(mysql_query("SELECT fid FROM ibwf_topics WHERE id='".$tid."'"));
if(!canaccess(getuid_sid($sid), $tfid[0]))
{
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You Don't Have Permission To View The Contents Of This Forum<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
$reptxt = $_POST["reptxt"];
$qut = $_POST["qut"];
addonline(getuid_sid($sid),"Posted A reply","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Add Attachment<br/></div>";
echo "<p align=\"center\">";
$crdate = time();
$fid = getfid($tid);
//$uid = getuid_sid($sid);
$res = false;
$closed = mysql_fetch_array(mysql_query("SELECT closed FROM ibwf_topics WHERE id='".$tid."'"));
if(($closed[0]!='1')||(ismod($uid)))
{
$lpost = mysql_fetch_array(mysql_query("SELECT dtpost FROM ibwf_posts WHERE uid='".$uid."' ORDER BY dtpost DESC LIMIT 1"));
global $post_af;
$antiflood = time()-$lpost[0];
if($antiflood>$post_af)
{
if(trim($reptxt)!="")
{
$res = mysql_query("INSERT INTO ibwf_posts SET text='".$reptxt."', tid='".$tid."', uid='".$uid."', dtpost='".$crdate."', quote='".$qut."'");
}
if($res)
{
$usts = mysql_fetch_array(mysql_query("SELECT posts, plusses FROM ibwf_users WHERE id='".$uid."'"));
$ups = $usts[0]+1;
$upl = $usts[1]+1;
mysql_query("UPDATE ibwf_users SET posts='".$ups."', plusses='".$upl."' WHERE id='".$uid."'");
mysql_query("UPDATE ibwf_topics SET lastpost='".$crdate."' WHERE id='".$tid."'");
echo "<img src=\"/images/ok.gif\" alt=\"O\"/>Message Posted Successfully<br/>";
$pid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_posts WHERE text='".$reptxt."'"));
$pid = $pid[0];
//$size_bytes=10485760;
$kb = $size_bytes / 1024;
$extlimit="yes";
$limitedext=array(".jpg",".jpeg",".gif",".png",".mid",".mp3",".wma",".amr",".sis",".sisx",".jar",".jad",".3gp",".mp4",".avi",".mov",".wmv",".mpg",".mpeg",".zip",".swf");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>No file selected!<br/>";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload a $ext file!', actdt='".time()."'");
}
else if($file_size>$size_bytes){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
}
else if(file_exists("./$file_name")){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Filename already exists!<br/>";
}
else if(file_exists("./".getnick_sid($sid)."(5)".$ext)){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/><br/><b>Error!!!</b><br/>5 pics hav already been uploaded...<br/>";
}
else if($file_size){
$file_name2=str_replace(" ","",$file_name);
$filename=explode(".",$file_name);
$size = $file_size/1024;
mysql_query("INSERT INTO download_post SET filename='".$file_name2."', path='http://".$_SERVER['SERVER_NAME']."/xhtml/topics/".$file_name2."', pid='".$pid."', size='".$size."'");
move_uploaded_file($file_tmp, "./$file_name2");
//move_uploaded_file($file_tmp, "./".md5($filename[0]).$ext);
echo "$file_name2<br/>
successfully uploaded!<br/>";
}
else{
$main.="<img src=\"../images/notok.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>\n";
}
}else{
echo "<img src=\"/images/notok.gif\" alt=\"X\"/>Error Posting Message";
}
}else{
$af = $post_af -$antiflood;
echo "<img src=\"/images/notok.gif\" alt=\"X\"/>Antiflood Control: $af";
}
}else{
echo "<img src=\"/images/notok.gif\" alt=\"X\"/>Topic is closed for posting";
}
$fname = getfname($fid);
if($ice>0){
echo "<br/><br/><a href=\"/index.php?action=viewtpc&sid=$sid&tid=$tid&go=last\">";
echo "View Topic</a>";
echo "<br/><br/><a href=\"/index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}else{
echo "<br/><br/><a href=\"/xhtml/index.php?action=viewtpc&sid=$sid&tid=$tid&go=last\">";
echo "View Topic</a>";
echo "<br/><br/><a href=\"/xhtml/index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////Post upload edit
else if($action=="pup")
{
$pid = $_GET["pid"];
$page = $_GET["page"];
$fid = $_GET["fid"];
addonline(getuid_sid($sid),"Adding Attatchment","");
$pinfo= mysql_fetch_array(mysql_query("SELECT uid,tid, text FROM ibwf_posts WHERE id='".$pid."'"));
$trid = $pinfo[0];
$tid = $pinfo[1];
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Add Attachment<br/></div>";
echo "<form method=\"post\" enctype=\"multipart/form-data\" action=\"index.php?action=pup2&pid=$pid&fid=$fid&page=$page&sid=$sid&ice=$ice\">";
echo "<b>File:</b><br/>";
echo "<input type=\"file\" name=\"filetoupload\"/><br>";
echo "<input type=\"submit\" name=\"uploadform\" value=\"Upload\"/>";
echo "</form>";
echo "<p align=\"center\"><br/><br/>";
if($ice==1){
echo "<a href=\"/index.php?action=viewtpc&sid=$sid&tid=$tid&page=$page\">«Back to Topic</a><br/>";
echo "<a href=\"/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}else{
echo "<a href=\"/xhtml/index.php?action=viewtpc&sid=$sid&tid=$tid&page=$page\">«Back to Topic</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////Post upload 2 edit
else if($action=="pup2")
{
$pid = $_GET["pid"];
$page = $_GET["page"];
$fid = $_GET["fid"];
addonline(getuid_sid($sid),"Added Attatchment","");
$pinfo= mysql_fetch_array(mysql_query("SELECT uid,tid, text FROM ibwf_posts WHERE id='".$pid."'"));
$trid = $pinfo[0];
$tid = $pinfo[1];
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Add Attachment<br/></div>";
echo "<p align=\"center\">";
//$size_bytes=10485760;
$kb = $size_bytes / 1024;
$extlimit="yes";
$limitedext=array(".jpg",".jpeg",".gif",".png",".mid",".mp3",".wma",".amr",".sis",".sisx",".jar",".jad",".3gp",".mp4",".avi",".mov",".wmv",".mpg",".mpeg",".zip",".swf");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>No file selected!<br/>";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload a $ext file!', actdt='".time()."'");
}
else if($file_size>$size_bytes){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
}
else if(file_exists("./$file_name")){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Filename already exists!<br/>";
}
else if(file_exists("./".getnick_sid($sid)."(5)".$ext)){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/><br/><b>Error!!!</b><br/>5 pics hav already been uploaded...<br/>";
}
else if($file_size){
$file_name2=str_replace(" ","",$file_name);
$filename=explode(".",$file_name);
$size = $file_size/1024;
mysql_query("INSERT INTO download_post SET filename='".$file_name2."', path='http://".$_SERVER['SERVER_NAME']."/xhtml/topics/".$file_name2."', pid='".$pid."', size='".$size."'");
move_uploaded_file($file_tmp, "./$file_name2");
//move_uploaded_file($file_tmp, "./".md5($filename[0]).$ext);
echo "$file_name2<br/>
successfully uploaded!<br/>";
}
else{
$main.="<img src=\"../images/notok.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>\n";
}
echo "</p>";
echo "<p align=\"center\"><br/><br/>";
if($ice==1){
echo "<a href=\"/index.php?action=viewtpc&sid=$sid&tid=$tid&page=$page\">«Back to Topic</a><br/>";
echo "<a href=\"/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}else{
echo "<a href=\"/xhtml/index.php?action=viewtpc&sid=$sid&tid=$tid&page=$page\">«Back to Topic</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////topic upload
else if($action=="tup")
{
$pid = $_GET["pid"];
$page = $_GET["page"];
$tid = $_GET["fid"];
addonline(getuid_sid($sid),"Adding Attatchment","");
$pinfo= mysql_fetch_array(mysql_query("SELECT uid,tid, text FROM ibwf_posts WHERE id='".$pid."'"));
$trid = $pinfo[0];
$tid = $pinfo[1];
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Add Attachment<br/></div>";
echo "<form method=\"post\" enctype=\"multipart/form-data\" action=\"index.php?action=tup2&pid=$pid&tid=$tid&page=$page&sid=$sid&ice=$ice\">";
echo "<b>File:</b><br/>";
echo "<input type=\"file\" name=\"filetoupload\"/><br>";
echo "<input type=\"submit\" name=\"uploadform\" value=\"Upload\"/>";
echo "</form>";
echo "<p align=\"center\"><br/><br/>";
if($ice==1){
echo "<a href=\"/index.php?action=viewtpc&sid=$sid&tid=$tid&page=$page\">«Back to Topic</a><br/>";
echo "<a href=\"/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}else{
echo "<a href=\"/xhtml/index.php?action=viewtpc&sid=$sid&tid=$tid&page=$page\">«Back to Topic</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////topic upload 2
else if($action=="tup2")
{
$fid = $_GET["fid"];
$page = $_GET["page"];
$tid = $_GET["tid"];
addonline(getuid_sid($sid),"Added Attatchment","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Add Attachment<br/></div>";
echo "<p align=\"center\">";
//$size_bytes=10485760;
$kb = $size_bytes / 1024;
$extlimit="yes";
$limitedext=array(".jpg",".jpeg",".gif",".png",".mid",".mp3",".wma",".amr",".sis",".sisx",".jar",".jad",".3gp",".mp4",".avi",".mov",".wmv",".mpg",".mpeg",".zip",".swf");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>No file selected!<br/>";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload a $ext file!', actdt='".time()."'");
}
else if($file_size>$size_bytes){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
}
else if(file_exists("./$file_name")){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/>Filename already exists!<br/>";
}
else if(file_exists("./".getnick_sid($sid)."(5)".$ext)){
echo "<img src=\"../images/notok.gif\" alt=\"[x]\"/><br/><b>Error!!!</b><br/>5 pics hav already been uploaded...<br/>";
}
else if($file_size){
$file_name2=str_replace(" ","",$file_name);
$filename=explode(".",$file_name);
$size = $file_size/1024;
mysql_query("INSERT INTO download_topic SET filename='".$file_name2."', path='http://".$_SERVER['SERVER_NAME']."/xhtml/topics/".$file_name2."', tid='".$tid."', size='".$size."'");
move_uploaded_file($file_tmp, "./$file_name2");
//move_uploaded_file($file_tmp, "./".md5($filename[0]).$ext);
echo "$file_name2<br/>
successfully uploaded!<br/>";
}
else{
$main.="<img src=\"../images/notok.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>\n";
}
echo "</p>";
echo "<p align=\"center\"><br/><br/>";
if($ice==1){
echo "<a href=\"/index.php?action=viewtpc&sid=$sid&tid=$tid&page=$page\">«Back to Topic</a><br/>";
echo "<a href=\"/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}else{
echo "<a href=\"/xhtml/index.php?action=viewtpc&sid=$sid&tid=$tid&page=$page\">«Back to Topic</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
}
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////Get post
else if($action=="getpost")
{
$pid = $_GET["pid"];
$page = $_GET["page"];
$fid = $_GET["fid"];
addonline(getuid_sid($sid),"Downloading","");
$pinfo= mysql_fetch_array(mysql_query("SELECT uid,tid, text FROM ibwf_posts WHERE id='".$pid."'"));
$trid = $pinfo[0];
$tid = $pinfo[1];
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Download<br/></div>";
echo "<p align=\"center\">";
echo "<b>Download Attatchment</b><br/>";
$path=mysql_fetch_array(mysql_query("SELECT path, hits FROM download_post WHERE pid='".$pid."'"));
$download = $path[0];
$res=mysql_query("UPDATE download_post SET hits='".($path[1]+1)."' WHERE pid='".$pid."'");
echo "<meta http-equiv=Refresh content=1;url=".$download.">";
echo "If Your Download Does Not Start In 5 seconds Click below<br/>";
echo "<a href=\"".$download."\">Get File</a><br/><br/><br/>";
echo "<a href=\"/xhtml/index.php?action=viewtpc&sid=$sid&tid=$tid&page=$page\">«Back to Topic</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////Get topic
else if($action=="gettopic")
{
$tid = $_GET["tid"];
$page = $_GET["page"];
$fid = $_GET["fid"];
addonline(getuid_sid($sid),"Downloading","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Download<br/></div>";
echo "<p align=\"center\">";
echo "<b>Download Attatchment</b><br/>";
$path = mysql_fetch_array(mysql_query("SELECT path, hits FROM download_topic WHERE tid='".$tid."'"));
$download = $path[0];
$res=mysql_query("UPDATE download_topic SET hits='".($path[1]+1)."' WHERE tid='".$tid."'");
echo "<meta http-equiv=Refresh content=1;url=".$download.">";
echo "If Your Download Does Not Start In 5 seconds Click below<br/>";
echo "<a href=\"".$download."\">Get File</a><br/><br/><br/>";
echo "<a href=\"/xhtml/index.php?action=viewfrm&sid=$sid&fid=$fid&page=$page\">«Back to Forum</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////delete attatchment
else if($action=="delpup"){
if(!ismod(getuid_sid($sid))){
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You are not a mod<br/>";
echo "<br/>";
echo "<a href=\"/index.php\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}else{
$pid = $_GET["pid"];
$page = $_GET["page"];
$tid = $_GET["tid"];
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/red_medium.css\">";
echo "</head>";
echo "<div><br/>Delete Attachment<br/></div>";
echo "<body>";
echo "<p align=\"center\">";
echo "<br/>";
$file = mysql_fetch_array(mysql_query("SELECT filename FROM download_topic WHERE pid='".$pid."'"));
mysql_query("INSERT INTO ibwf_mlog SET action='Attachments', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted Post Attatchment $file[0] from ".mysql_escape_string(gettname($tid))."', actdt='".time()."'");
$res = mysql_query("DELETE FROM download_post WHERE pid='".$pid."'");
if($res){
echo "<img src=\"/images/ok.gif\" alt=\"O\"/>Attachment deleted successfully";
}else{
echo "<img src=\"/images/notok.gif\" alt=\"X\"/>Error deleting Attachment";
}
echo "<br/><br/><a href=\"/xhtml/index.php?action=viewtpc&tid=$tid&sid=$sid\">Back To Topic</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
}
//////////////////////////////////delete attatchment
else if($action=="deltup"){
if(!ismod(getuid_sid($sid))){
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<div><br/>Doh!<br/></div>";
echo "You are not a mod<br/>";
echo "<br/>";
echo "<a href=\"/index.php\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}else{
$tid = $_GET["tid"];
$page = $_GET["page"];
$fid = $_GET["fid"];
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Delete Attachment<br/></div>";
echo "<p align=\"center\">";
echo "<br/>";
$file = mysql_fetch_array(mysql_query("SELECT filename FROM download_topic WHERE tid='".$tid."'"));
mysql_query("INSERT INTO ibwf_mlog SET action='Attachments', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted Topic Attatchment $file[0] $from ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
$res = mysql_query("DELETE FROM download_topic WHERE tid='".$tid."'");
if($res){
echo "<img src=\"/images/ok.gif\" alt=\"O\"/>Attachment deleted successfully";
}else{
echo "<img src=\"/images/notok.gif\" alt=\"X\"/>Error deleting Attachment";
}
echo "<br/><br/><a href=\"/xhtml/index.php?action=viewfrm&fid=$fid&sid=$sid\">Back To Forum</a><br/>";
echo "<a href=\"/xhtml/index.php?action=main&sid=$sid\"><img src=\"/images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
}
////////////////////////////////////////lost
else{
addonline(getuid_sid($sid),"Lost in Forums","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"http://wapirate.net/themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "I don't know how did you get into here, but there's nothing to show<br/><br/>";
echo "<a href=\"/index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
echo "</html>";
?>