* @link http://www.pioder.pl/ * @license see LICENSE.txt **/ if (!defined('IN_uF')) { die('Hacking attempt'); } if (isset($_GET['mode'])) { switch($_GET['mode']) { case 'shoutbox_add': { if (isset($_POST['shoutbox_message'])) { $content = strip_tags($_POST['shoutbox_message']); $content = Post::SmilesReplace($content); if ((strlen($content)>3) and (strlen($content)<300)) { $sql = "DELETE FROM ".SHOUTBOX_TABLE." WHERE `mtime`<'".($_SERVER['REQUEST_TIME']-$forum_config['shoutbox_max_time'])."'"; DataBase::sql_query($sql,GENERAL,'Could not delete old messages'); $sql = "INSERT INTO ".SHOUTBOX_TABLE." VALUES('','".$_SESSION['uid']."','".$content."','".$_SERVER['REQUEST_TIME']."')"; DataBase::sql_query($sql,GENERAL,'Could not add shoutbox message'); } } echo ''; break; } case 'shoutbox_delete': { if (isset($_GET['id']) && (RANK>0)) { DataBase::sql_query("DELETE FROM ".SHOUTBOX_TABLE." WHERE `m_id`='".intval($_GET['id'])."'",GENERAL,'Could not delete shoutbox message'); } break; } case 'shoutbox_desc': { $desc = ''; break; } } } if(!isset($desc)) { $desc = 'DESC'; } else { $desc = ''; } $shoutbox_content = ''; $sql = "SELECT ".SHOUTBOX_TABLE.".*, ".USERS_TABLE.".* FROM ".SHOUTBOX_TABLE." LEFT JOIN ".USERS_TABLE." ON ".SHOUTBOX_TABLE.".u_id = ".USERS_TABLE.".u_id ORDER BY `mtime` $desc LIMIT ".$forum_config['shoutbox_max']; $query = DataBase::sql_query($sql,CRITICAL,'Could not obtain shoutbox information'); while($sb_msg = DataBase::fetch($query)) { $allow_del = (RANK>0) ? 'X ' : ''; $shoutbox_content .= '