Mini Shell Moded By TiGER HeX
Home
||
Turbo Force
||
B-F Config_Cpanel
Current Path :
/
mnt
/
volume_sfo2_01
/
50mmla
/
admin
/
Linux midnightridazz 4.19.0-11-cloud-amd64 #1 SMP Debian 4.19.146-1 (2020-09-17) x86_64
Upload File :
New :
File
Dir
/mnt/volume_sfo2_01/50mmla/admin/forumsSearch.php
<?php include_once('../includes/static/configure.php'); include_once('../includes/static/util.php'); include_once('../includes/static/dbcon.php'); include_once('../includes/static/gdimg.php'); include_once('../includes/static/sessions.php'); include_once('includes/static/util.php'); include_once('includes/appTop.php'); $page_id = str_replace(".php","",basename($_SERVER['PHP_SELF'])); if(!has_permission($page_id)){ die("You don't have permission to view this page!"); } if( isset($_REQUEST['delete']) ){ while(list($key,$value) = each($_REQUEST)){ if(preg_match("/topic_/i",$key)){ $ids = explode("_",$key); $sql = "DELETE FROM 50mm_forum_replies WHERE topic_id = '".$ids[1]."'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $sql = "DELETE FROM 50mm_forum_topics WHERE topic_id = '".$ids[1]."'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } } } echo "<div class=\"hilite\">operation successful</div>"; } //1124 //reply_id include_once('includes/header.php'); ?> <script> errDivs = new Array('errorTitle','errorBody','errorUser'); function search(theForm,errDiv){ for(i=0;i<errDivs.length;i++){ visibleOff(errDivs[i]);//turn off every div } keyword = theForm['keyword'].value; if(keyword == ""){ visibleOn(errDiv);//turn on errDiv return false; }else{ return true; } } </script> <table border="0" cellspacing="0" cellpadding="0"> <tr> <td> <form action="<?echo $_SERVER['PHP_SELF']?>" onSubmit="return search(this,'errorTitle');"> Search Threads By Title:<br> <input type="text" name="keyword" value="" class="field"><br> <input name="title" type="submit" class="button" value="Search"> <span id="errorTitle" style="visibility:hidden;" class="error"> Enter a title!</span> </form> </td> <td width="50"> </td> <td> <form action="<?echo $_SERVER['PHP_SELF']?>" onSubmit="return search(this,'errorBody');"> Search Threads By Body:<br> <input type="text" name="keyword" value="" class="field"><br> <input name="body" type="submit" class="button" value="Search"> <span id="errorBody" style="visibility:hidden;" class="error"> Enter a body!</span> </form> </td> <td width="50"> </td> <td> <form action="<?echo $_SERVER['PHP_SELF']?>" onSubmit="return search(this,'errorUser');"> Search Threads By User:<br> <input type="text" name="keyword" value="" class="field"><br> <input name="user" type="submit" class="button" value="Search"> <span id="errorUser" style="visibility:hidden;" class="error"> Enter a username!</span> </form> </td> <td width="50"> </td> <td> <form action="<?echo $_SERVER['PHP_SELF']?>"> <input type="hidden" name="keyword" value="All Threads" class="field"><br> <input name="all" type="submit" class="button" value="Get All Threads"> </form> </td> </tr> </table> <? $search = false; /* if you try and use a join during any of these searches you'll be sorry becasue the mysql server will probably come to a halt*/ $result_array = Array(); if(isset($_REQUEST['title'])){ $sql = "SELECT DISTINCT topic_id, title FROM 50mm_forum_topics WHERE title REGEXP '[[:<:]]".$_REQUEST['keyword']."[[:>:]]'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } while($row = $db->sql_fetchrow($result)){ array_push($result_array,$row); } $search = true; } if(isset($_REQUEST['body'])){ //search thread topics $sql = "SELECT DISTINCT topic_id, title FROM 50mm_forum_topics WHERE body REGEXP '[[:<:]]".$_REQUEST['keyword']."[[:>:]]'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } while($row = $db->sql_fetchrow($result)){ array_push($result_array,$row); } //search thread replies $sql = "SELECT DISTINCT t.topic_id, t.title FROM 50mm_forum_topics t,50mm_forum_replies r WHERE t.topic_id=r.topic_id AND r.body REGEXP '[[:<:]]".$_REQUEST['keyword']."[[:>:]]'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } while($row = $db->sql_fetchrow($result)){ array_push($result_array,$row); } $search = true; } if(isset($_REQUEST['user'])){ $sql = "SELECT DISTINCT t.topic_id, t.title FROM 50mm_forum_topics t,50mm_users u WHERE t.user_id = u.user_id AND u.username REGEXP '[[:<:]]".$_REQUEST['keyword']."[[:>:]]'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } while($row = $db->sql_fetchrow($result)){ array_push($result_array,$row); } $sql = "SELECT DISTINCT t.topic_id, t.title FROM 50mm_forum_topics t, 50mm_forum_replies r,50mm_users u WHERE t.topic_id=r.topic_id AND r.user_id = u.user_id AND u.username REGEXP '[[:<:]]".$_REQUEST['keyword']."[[:>:]]'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } while($row = $db->sql_fetchrow($result)){ array_push($result_array,$row); } $search = true; } if(isset($_REQUEST['all'])){ $sql = "SELECT t.topic_id, t.title,u.username FROM 50mm_forum_topics t,50mm_users u WHERE t.user_id = u.user_id ORDER BY t.entry_time DESC"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } while($row = $db->sql_fetchrow($result)){ array_push($result_array,$row); } $search = true; } ?> <form action="<?echo $_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data"> <? //list results //make sure that there are no duplicate entries //$result_array = array_unique($result_array); if($search){ echo "<div class=\"hilite\">Your search for '".$_REQUEST['keyword']."' produced ".count($result_array)." result(s)</div>"; } if(count($result_array) > 0 ){ $modrows = Array(); while(list($key,$row) = each($result_array)){ $id = $row['topic_id']; $xtras = Array(); if(has_permission("forumsTopicEdit")){ $xtras['edit'] = "<a href=\"forumsTopicEdit.php?topicId=$id\">edit</a>"; } if(has_permission("forumsTopicDelete")){ $xtras['delete'] = "<input type=\"checkbox\" name=\"topic_".$id."\" value=\"\">"; } unset($row['user_id']); $all = array_merge($row,$xtras); array_push($modrows, $all); } echo(get_table($modrows)); } if(has_permission("forumsTopicDelete")){ $submit.= "<div class=\"error\">ATTENTION!!!<br>By deleting this topic(s) please note that <br>you are deleting ENTIRE threads and the replies associated with them!<br></div>\n"; $submit.= "<input class=\"button\" type=\"submit\" name=\"delete\" value=\"Delete Selected Topics\" onClick=\"return validateDelete(this.form);\">"; echo $submit; } ?> </form> <? include_once('includes/footer.php'); include_once('includes/appBottom.php'); ?>