adds_block('SUBMITTED',array('QUOTE' => (nl2br(htmlspecialchars($_POST['rash_quote'])) . "\n"))); if (!isLoggedIn()) { $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")"; } else { $today = mktime(date('G'),date('i'),date('s'),date('m'),date('d'),date('Y')); $insquote = "INSERT INTO rash_quotes (quote, rating, flag, date) VALUES (\"" . mysql_real_escape_string($_POST['rash_quote']) . "\", 0, 0, \"" . $today . "\")"; } $insquote2 = mysql_query($insquote); } $template->display(); } elseif ($_GET['act'] == 'bottom') { $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating < 0 ORDER BY rating ASC LIMIT 50"; quote_generation($query, "Bottom", -1); } elseif ($_GET['act'] == 'browse') { $query = "SELECT id, quote, rating, flag FROM rash_quotes ORDER BY id ASC "; quote_generation($query, "Browse", (isset($_GET['page']) ? $_GET['page'] : 1), 10, 5); } elseif ($_GET['act'] == 'flag') { $template = new FITemplate('msg'); $tracking_verdict = user_quote_status('flag', $quote_num, $template); if ($tracking_verdict < 3) { $getfla = "SELECT flag FROM rash_quotes WHERE id = " . $quote_num . " LIMIT 0,1"; $getfla2 = mysql_query($getfla); $getfla3 = mysql_fetch_array($getfla2); if ($getfla3['flag'] == 2) { $template->add('MSG',"This quote has been flagged and rechecked by a moderator already."); } elseif ($getfla3['flag'] == 1) { $template->add('MSG',"This quote is currently pending deletion."); } else { $template->add('MSG',"You have marked this quote for deletion."); $setfla = "UPDATE rash_quotes SET flag = 1 WHERE id = " . $quote_num; $setfla2 = mysql_query($setfla); } } $template->add('BACK','Quote #' . $quote_num); $template->display(); } elseif ($_GET['act'] == 'random') { $query = "SELECT id, quote, rating, flag FROM rash_quotes ORDER BY rand() LIMIT 50"; quote_generation($query, "Random", -1); } elseif ($_GET['act'] == 'random2') { $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating > 1 ORDER BY rand() LIMIT 50"; quote_generation($query, "Random2", -1); } elseif ($_GET['act'] == 'search') { if (isset($_GET['fetch'])) { if ($_POST['sortby'] == 'rating') { $how = 'desc'; } else { $how = 'asc'; } $getquotes = "SELECT id, quote, rating, flag FROM rash_quotes WHERE quote LIKE \"%" . $_POST['search'] . "%\" ORDER BY " . $_POST['sortby'] . " " . $how . " LIMIT 0," . $_POST['number']; quote_generation($getquotes, "Query Results", -1); } $template = new FITemplate('quotes/search'); $template->display(); } elseif ($_GET['act'] == 'top') { $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE rating > 0 ORDER BY rating DESC LIMIT 50"; quote_generation($query, "Top", -1); } elseif ($_GET['act'] == 'vote') { $template = new FITemplate('msg'); $tracking_verdict = user_quote_status('vote', $quote_num,$template); $template->add('BACK','Quote #' . $quote_num); $template->display(); if ($tracking_verdict < 3) { if ($_GET['dir'] == "plus") { $setquote = "UPDATE rash_quotes SET rating = rating+1 WHERE id = " . $quote_num; $setquote2 = mysql_query($setquote); } elseif($_GET['dir'] == "minus") { $setquote = "UPDATE rash_quotes SET rating = rating-1 WHERE id = " . $quote_num; $setquote2 = mysql_query($setquote); } } } else { if ((is_int($_GET['act']) || ($_GET['act'] != false)) && (verify_int($_GET['act']))) { $query = "SELECT id, quote, rating, flag FROM rash_quotes WHERE id = " . $_GET['act']; quote_generation($query, "#" . $_GET['act'], -1); $page_id = 'quote-' . $_GET['act']; include('includes/comments.php'); } else { generateError('404'); } } function quote_generation($query, $origin, $page = 1, $quote_limit = 50, $page_limit = 10) { $template = new FITemplate('quotes/browse'); if ($page != -1) { $template->adds_block('PAGENUMBERS',array('exi'=>1)); page_numbers($template, $origin, $quote_limit, $page, $page_limit); $up_lim = ($quote_limit * $page); $low_lim = $up_lim - $quote_limit; $query .= "LIMIT $low_lim,$quote_limit"; } $template->add('ORIGIN',$origin); $getquotes2 = mysql_query($query); $i=0; while ($getquotes3[$i] = mysql_fetch_array($getquotes2)) { $template->adds_block('QUOTES',array( 'NUMBER' => $getquotes3[$i]['id'], 'RATING' => $getquotes3[$i]['rating'], 'QUOTE' => parseSmilies(str_replace("\n","
",stripslashes($getquotes3[$i]['quote']))))); $i++; } $template->display(); } function page_numbers($template, $origin, $quote_limit, $page_default, $page_limit) { $numrows = countRows('rash_quotes'); $testrows = $numrows; $pagenum = (($testrows + 1) / ($quote_limit > 0 ? $quote_limit : 1)); if (($page_limit % 2)) { $page_limit++; } if (($page_limit < 2) || (!$page_limit)) { $page_limit = 5; } $pagebase = 0; do { $pagebase++; $page_limit -= 2; } while ($page_limit > 1); $template->add('LORIGIN',strtolower($origin)); $template->add('MINUSTEN',(($page_default - 10) > 1) ? ($page_default - 10) : 1); if ($page_default - $pagebase > 1) { $template->add('BDDD','...'); } $i = $page_default - $pagebase; do { if ($i > 0) { $template->adds_block('BPAGES',array('PAGENUM' => $i)); } $i++; } while ($i < $page_default); $template->add('CURPAGE',$page_default); $i = $page_default + 1; do { if ($i <= $pagenum) { $template->adds_block('APAGES',array('PAGENUM' => $i)); } $i++; } while ($i < ($page_default + $pagebase + 1)); if (($page_default + $pagebase) < $pagenum) { $template->add('ADDD','...'); } $template->add('PLUSTEN',(($page_default + 10) < $pagenum) ? ($page_default + 10) : $pagenum); $template->add('LASTPAGE',$pagenum); } function user_quote_status($where, $quote_num, $template) { $tracking_verdict = ip_track($where, $quote_num); if ($where != 'flag') { switch ($tracking_verdict) { case 1: $template->add('TRACKING',"Quote has been modified, and data of your action has been recorded in the database."); break; case 2: $template->add('TRACKING',"Quote has been modified, your IP has been logged, and data of your action has been recorded in the database."); break; case 3: $template->add('TRACKING',"You have already voted on this quote, please try again later."); break; } } return $tracking_verdict; } function ip_track($where, $quote_num) { switch ($where) { case 'flag': $where2 = 'vote'; break; case 'vote': $where2 = 'flag'; break; } $getip = "SELECT * FROM rash_tracking WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; $getip2 = mysql_query($getip); $getip3 = mysql_fetch_array($getip2); if ($getip3['ip'] == $_SERVER['REMOTE_ADDR']) { $quote_array = explode(",", $getip3['quote_id']); $quote_place = array_search($quote_num, $quote_array); if (in_array($quote_num, $quote_array)) { $where_result = explode(",", $getip3[$where]); if (!isset($where_result[$quote_place])) { $where_result[$quote_place] = 1; $where_result = implode(",", $where_result); $setip = "UPDATE rash_tracking SET " . $where . " = \"" . $where_result . "\" WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; $setip2 = mysql_query($getip); return 1; } else { return 3; } } else { $setip = "UPDATE rash_tracking SET " . $where . " = CONCAT(" . $where . ",\",1\"), " . $where2 . " = CONCAT(" . $where2 . ",\",0\"), quote_id = CONCAT(quote_id,\"," . $quote_num . "\") WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; $setip2 = mysql_query($setip); return 1; } } else { $insip = "INSERT INTO rash_tracking (ip, quote_id, " . $where . ", " . $where2 . ") VALUES (\"" . $_SERVER['REMOTE_ADDR'] . "\", \"" . $quote_num . "\", 1, 0)"; $insip2 = mysql_query($insip); return 2; } } function verify_int($subject) { $ymax = strlen($subject); $y = 0; while($y < $ymax) { if ((is_int((int)($subject{$y})) && (int)($subject{$y})) || (int)($subject{$y}) === 0 ) { $y++; } else { return false; } } return true; } ?>