File size: 4.45Kb
<?php
$where = $_GET['where'];
$shid = $_GET['shid'];
$nick = $_GET['nick'];
$pass = $_GET['pass'];
$page = $_GET['page'];
//include "header_inc.php";
//include "mysql_inc.php";
//include "source/classes/user_check.php";
if($where=="shout"){
echo "<p align=\"center\">";
echo "<small>Only 2 smileys per shout!</small><br/>";
echo "Text: <input name=\"shtxt\" maxlength=\"150\"/><br/>";
echo "<anchor>Shout";
echo "
<go href=\"shout.php?where=shout2&nick=$nick&pass=$pass\" method=\"post\">
<postfield name=\"shtxt\" value=\"$(shtxt)\"/>
</go>
";
echo "</anchor>";
echo "</p>";
}else if($where=="shout2"){
echo "<p align=\"center\">";
$shtxt = $_POST["shtxt"];
$shtm = time();
$res = mysql_query("INSERT INTO shouts SET shout='".$shtxt."', shouter='".$nick."', shtime='".$shtm."'");
if($res)
{
echo "Shout added successfully<br/>";
}else{
echo "Database Error<br/>";
}
echo "</p>";
}else if($where=="shouts"){
if($page=="" || $page<=0)$page=1;
if($who=="")
{
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM shouts"));
}else{
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM shouts WHERE shouter='".$who."'"));
}
$num_items = $noi[0]; //changable
$items_per_page= 10;
$num_pages = ceil($num_items/$items_per_page);
if(($page>$num_pages)&&$page!=1)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
//changable sql
if($who =="")
{
$sql = "SELECT id, shout, shouter, shtime FROM shouts ORDER BY shtime DESC LIMIT $limit_start, $items_per_page";
}else{
$sql = "SELECT id, shout, shouter, shtime FROM shouts WHERE shouter='".$who."'ORDER BY shtime DESC LIMIT $limit_start, $items_per_page";
}
echo "<p><small>";
$items = mysql_query($sql);
echo mysql_error();
if(mysql_num_rows($items)>0)
{
while ($item = mysql_fetch_array($items))
{
$sht = smiles($item[1],$path);
$shdt = date("d m y-H:i", $item[3]);
$lnk = "<a href=\"/source/members/info.php?nick=$nick&pass=$pass&nickname=$item[2]\">$item[2]</a>: $sht<br/>$shdt";
$admincheck = mysql_num_rows(mysql_query("select * from users WHERE nick='$nick' and pass='$pass' and (status='admin' OR status='moderator' OR status='hijacker' OR status='modjunior')"));
if ($admincheck>0){
$dlsh = "<a href=\"shout.php?where=delsh&shid=$item[0]&nick=$nick&pass=$pass\">[x]</a>";
}else{
$dlsh = "";
}
echo "$lnk $dlsh<br/>";
}
}
echo "</small></p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<small>";
echo "<a href=\"shout.php?where=shouts&page=$ppage&nick=$nick&pass=$pass\">«PREV</a> ";
echo "</small>";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<small>";
echo "<a href=\"shout.php?where=shouts&page=$npage&nick=$nick&pass=$pass\">Next»</a>";
echo "</small>";
}
echo "<small>";
echo "<br/>$page/$num_pages<br/>";
echo "</small>";
if($num_pages>2)
{
$rets = "<small>Jump To Page: </small><input name=\"pg\" format=\"*N\" size=\"3\"/>";
$rets .= "<anchor><small>GO</small>";
$rets .= "<go href=\"shout.php\" method=\"get\">";
$rets .= "<postfield name=\"where\" value=\"$where\"/>";
$rets .= "<postfield name=\"nick\" value=\"$nick\"/>";
$rets .= "<postfield name=\"pass\" value=\"$pass\"/>";
$rets .= "<postfield name=\"page\" value=\"$(pg)\"/>";
$rets .= "</go></anchor>";
echo $rets;
}
echo "</p>
}else if($where=="delsh"){
echo "<p align=\"center\">";
$admincheck = mysql_num_rows(mysql_query("select * from users WHERE nick='$nick' and pass='$pass' and (status='admin' OR status='moderator' OR status='hijacker' OR status='modjunior')"));
if ($admincheck>0){
$res = mysql_query("DELETE FROM shouts WHERE id ='".$shid."'");
if($res){
echo "<small>";
echo "Shout deleted";
}else{
echo "Database Error";
}
echo "<br/><br/>";
}else{
echo "You Are Not A mod<br/>";
}
echo "</small>";
echo "</p>";
}
echo "<p align=\"center\">";
echo "<small>";
echo "<br/><br/><a href=\"index.php?nick=$nick&pass=$pass\">Home</a><br/>";
echo "</small>";
//mysql_close($db);
//include "bottom_inc.php";
?>