check($_POST['sb_captcha_code']) == false) { redirect($link); } } $shout_message = str_replace("\n", " ", $_POST['shout_message']); $shout_message = preg_replace("/^(.{255}).*$/", "$1", $shout_message); $shout_message = trim(stripinput(censorwords($shout_message))); if (checkwords($shout_message)) { redirect(INFUSIONS."sf_shoutbox_panel/shoutbox_archive.php?message=".$shout_message); } if (iMEMBER && (isset($_GET['s_action']) && $_GET['s_action'] == "edit") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) { $comment_updated = false; if ((iADMIN && checkrights("S")) || (iMEMBER && dbcount("(shout_id)", DB_SHOUTBOX, "shout_id='".$_GET['shout_id']."' AND shout_name='".$userdata['user_id']."'"))) { if ($shout_message) { $result = dbquery("UPDATE ".DB_SHOUTBOX." SET shout_message='$shout_message' WHERE shout_id='".$_GET['shout_id']."'".(iADMIN ? "" : " AND shout_name='".$userdata['user_id']."'")); } } redirect($link); } elseif ($shout_name && $shout_message) { require_once INCLUDES."flood_include.php"; if (!flood_control("shout_datestamp", DB_SHOUTBOX, "shout_ip='".USER_IP."'")) { $result = dbquery("INSERT INTO ".DB_SHOUTBOX." (shout_name, shout_message, shout_datestamp, shout_ip) VALUES ('$shout_name', '$shout_message', '".time()."', '".USER_IP."')"); } } redirect($link); } elseif (iMEMBER && (isset($_GET['s_action']) && (($_GET['s_action'] == "n_vote") || ($_GET['s_action'] == "y_vote"))) && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) { $result = dbquery( "SELECT SUM(COALESCE(sv.vote_value,0)) as vote_count, ts.*, COALESCE(sa.shout_amnesty,0) as amnesty, tu.user_level FROM ".DB_SHOUTBOX." ts LEFT JOIN ".DB_USERS." tu ON ts.shout_name=tu.user_id LEFT JOIN ".DB_SF_SHOUT_VOTE." sv ON ts.shout_id=sv.shout_id LEFT JOIN ".DB_SF_SHOUT_AMNESTY." sa ON ts.shout_id=sa.shout_id WHERE ts.shout_id = ".$_GET['shout_id']." GROUP BY ts.shout_id HAVING amnesty = 1 OR vote_count > ".SF_VOTE_LIMIT." ORDER BY ts.shout_datestamp DESC LIMIT 1" ); if (dbrows($result)) { $data = dbarray($result); if (iMEMBER && $data['shout_name'] != $userdata['user_id'] && $data['amnesty'] == 0 && $data['user_level'] == 101) { if (!dbcount("(vote_id)", DB_SF_SHOUT_VOTE, "shout_id='".$data['shout_id']."' AND vote_user_id='".$userdata['user_id']."'")) { $vote_value = ($_GET['s_action'] == "y_vote" ? "1" : "-1"); $result = dbquery("INSERT INTO ".DB_SF_SHOUT_VOTE." ( vote_user_id, shout_id, vote_value, vote_datestamp ) VALUES ( '".$userdata['user_id']."', '".$_GET['shout_id']."', '$vote_value', '".time()." ')"); } } } redirect($link."#edit_shout"); } elseif (iMEMBER && (isset($_GET['s_action']) && $_GET['s_action'] == "edit") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) { $esresult = dbquery( "SELECT ts.*, tu.user_id, tu.user_name FROM ".DB_SHOUTBOX." ts LEFT JOIN ".DB_USERS." tu ON ts.shout_name=tu.user_id WHERE ts.shout_id='".$_GET['shout_id']."'" ); if (dbrows($esresult)) { $esdata = dbarray($esresult); if ((iADMIN && checkrights("S")) || (iMEMBER && $esdata['shout_name'] == $userdata['user_id'] && isset($esdata['user_name']))) { if ((isset($_GET['s_action']) && $_GET['s_action'] == "edit") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) { $edit_url = $sep."s_action=edit&shout_id=".$esdata['shout_id']; } else { $edit_url = ""; } $shout_link = $link.$edit_url; $shout_message = $esdata['shout_message']; } } else { $shout_link = $link; $shout_message = ""; } } else { $shout_link = $link; $shout_message = ""; } echo "\n"; echo "
\n"; if (iGUEST) { echo $locale['global_151']."
\n"; echo "
\n"; echo $locale['global_152']."
\n"; } echo "
\n"; echo display_bbcodes("150px;", "shout_message", "chatform", "smiley|b|u|url|color")."\n"; if (iGUEST) { echo $locale['global_158']."
\n"; echo "
\n"; echo "\n"; echo "
\n"; echo $locale['global_159']."
\n
\n"; } echo "
\n"; echo "
\n
\n"; } else { echo "
".$locale['global_154']."

\n"; } $numrows = dbcount_sb(); $result = dbquery( "SELECT SUM(COALESCE(sv.vote_value,0)) as vote_count, ts.*, COALESCE(sa.shout_amnesty,0) as amnesty, tu.user_id, tu.user_name, tu.user_level FROM ".DB_SHOUTBOX." ts LEFT JOIN ".DB_USERS." tu ON ts.shout_name=tu.user_id LEFT JOIN ".DB_SF_SHOUT_VOTE." sv ON ts.shout_id=sv.shout_id LEFT JOIN ".DB_SF_SHOUT_AMNESTY." sa ON ts.shout_id=sa.shout_id GROUP BY ts.shout_id HAVING amnesty = 1 OR vote_count > ".SF_VOTE_LIMIT." ORDER BY ts.shout_datestamp DESC LIMIT 0,".$settings['numofshouts'] ); if (dbrows($result)) { $i = 0; while ($data = dbarray($result)) { echo "
"; if ($data['user_name']) { echo " ".$data['user_name']."\n"; } else { echo $data['shout_name']."\n"; } // Vote Images Start if ($data['user_level'] == 101) { echo ""; if ($data['vote_count'] < 0) { echo "".$data['vote_count'].""; } else { echo ($data['vote_count'] > 0 ? "+".$data['vote_count']."" : $data['vote_count']); } echo "\n"; } if (iMEMBER && $data['user_id'] != $userdata['user_id'] && $data['amnesty'] == 0 && $data['user_level'] == 101) { if (!dbcount("(vote_id)", DB_SF_SHOUT_VOTE, "shout_id='".$data['shout_id']."' AND vote_user_id='".$userdata['user_id']."'")) { echo ""; echo "-"; echo " "; echo ""; echo "+"; echo ""; } } // Vote Images End echo "
\n"; echo "
".showdate("shortdate", $data['shout_datestamp'])."
"; echo "
".sbwrap(parseubb(parsesmileys($data['shout_message']), "b|i|u|url|color"))."
\n"; if ((iADMIN && checkrights("S")) || (iMEMBER && $data['shout_name'] == $userdata['user_id'] && isset($data['user_name']))) { echo "[".$locale['global_076']."]\n"; echo "[".$locale['global_157']."]
\n"; } $i++; if ($i != $numrows) { echo "
\n"; } } if ($numrows > $settings['numofshouts']) { echo "
\n".$locale['global_155']."\n
\n"; } } else { echo "
".$locale['global_156']."
\n"; } closeside(); ?>