","
", "    ", "\\2", "", "\\1", "\\1", "\\1", "\\1", "\\1", "&#\\1;", ); $tags_decode_search=array( "/
/", "/    /", "/(.*?)<\/a>/", "//", "/(.*?)<\/i>/", "/(.*?)<\/u>/", "/(.*?)<\/b>/", "/(.*?)<\/em>/", "/(.*?)<\/small>/", ); $tags_decode_replace=array( "\n", "\t", "[url=\\1]\\2[/url]", "[img=\\1]", "[i]\\1[/i]", "[u]\\1[/u]", "[b]\\1[/b]", "[em]\\1[/em]", "[small]\\1[/small]", ); function pageheader($title=NULL) { $messages=array( "So, you wanted a message board, eh?", "Waah! Mommy, where are my cookies", "Keep It Simple, Stupid", "Minimalist, yet functional (barely)", "Not even your father's rock & roll (we're still beating the rocks together)", "What, you want the server to search *for* you?", "It's one of the places to be! :)", "It's like eating", "The world is corrupt!", "Not even remotely secure", "We bring slightly less buggy things to life", "Brute force ROMhacking since 2004", "With a side of search", "It's like you want", "Anything else is gaslight", "take that, morning-me", "obscure enough to be secure?", "Welcome to the Blast Radius", "Therefore you are wrong.", "it shifts to attack mode", "activate, resonate, precipitate", ); echo "HCS Forum - "; if (is_null($title)) echo $messages[rand(0,count($messages)-1)]; else echo $title; ?> Tags:

bold: [b]bold[/b]
italics: [i]italics[/i]
emphasis: [em]emphasis[/em]
underline: [u]underline[/u]
small: [small]small[/small]
Link: [url=http://www.google.com]Link[/url]

[img=http://www.hcs64.com/images/mm1.png]
?addpost" method="POST">
User Name "; else echo $_COOKIE[$cookie_uname]; tagsinstructions(); ?>
Password "; else echo "**********"; ?>
Subject
Message
User Name "; else echo $_COOKIE[$cookie_uname]; tagsinstructions(); ?>
Password "; else echo "**********"; ?>
Subject
Message
\n"; if( $ppage > 0) { echo ""; echo "
\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "
\n"; echo "\n"; } if(($highr) < $nresults) { echo ""; echo "
\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "
\n"; echo "\n"; } echo "\n"; } // authenticate by user name/pass or by cookies // return user id, die if authentication fails function authenticate($dbh,$user,$pass) { global $cookie_uname,$cookie_token; if (isset($user) && $user!='' && isset($pass) && $pass!='') { $query=mysqli_prepare($dbh," SELECT idx FROM users WHERE uname = ? AND pass = ? ") or die("auth attempt: ".mysqli_error($dbh)); mysqli_stmt_bind_param($query,'ss',$user,$pass); mysqli_stmt_execute($query) or die(mysqli_error($dbh)); mysqli_stmt_bind_result($query,$uid); if (!mysqli_stmt_fetch($query)) die("Authentication failed ".mysqli_error($dh)); mysqli_stmt_close($query); } else if (isset($_COOKIE[$cookie_uname]) && isset($_COOKIE[$cookie_token])) { $query=mysqli_prepare($dbh," SELECT idx FROM users WHERE uname = ? AND logintoken = ? ") or die("auth attempt: ".mysqli_error($dbh)); mysqli_stmt_bind_param($query,'ss',$_COOKIE[$cookie_uname],$_COOKIE[$cookie_token]); mysqli_stmt_execute($query) or die(mysqli_error($dbh)); mysqli_stmt_bind_result($query,$uid); if (!mysqli_stmt_fetch($query)) die ("Authentication failed".mysqli_error($dbh)); mysqli_stmt_close($query); } else die("Authentication failed (incomplete data)."); return $uid; } // update the last updated timestamp for a post/thread function update_post_time($dbh,$idx) { $query = mysqli_prepare($dbh," UPDATE board SET lasttime = NOW() WHERE idx = ? LIMIT 1 ") or die("update error: ".mysqli_error($dbh)); mysqli_stmt_bind_param($query,'i',$idx); mysqli_stmt_execute($query) or die(mysqli_error($dbh)); mysqli_stmt_close($query); } // ***************************** Top of code ******************************** require("dblogin.php"); require("dblogin_write.php"); $dbh = dblogin(); if (isset($_GET[login])) { // **** Display login form pageheader(); ?>
User Name
Password
0) echo "

welcome back $_POST[uname].
your last recorded activity was ".date($timefmt." ".$datefmt,$llstamp); else echo "

Thanks for logging in, $_POST[uname]."; echo "
proceed to the forum"; } else if (isset($_GET[logout])) { // Log Out setcookie($cookie_uname, "", time() - 3600, $cookie_path,$cookie_site); setcookie($cookie_token, "", time() - 3600, $cookie_path,$cookie_site); if (isset($_COOKIE[$cookie_uname])) { $dbh_write = dblogin_write(); $query=mysqli_prepare($dbh_write," UPDATE users SET logintoken = NULL, lastlogin = NOW() WHERE uname = ? AND logintoken = ?"); mysqli_stmt_bind_param($query,'ss',$_COOKIE[$cookie_uname],$_COOKIE[$cookie_token]); mysqli_stmt_execute($query) or die(mysqli_error($dbh_write)); mysqli_stmt_close($query); mysqli_close($dbh_write); $deleted=1; } else $deleted=0; pageheader(); if ($deleted==1) echo "Cookies deleted.

"; else echo "Cookies not found, trying to delete anyway."; } else if (isset($_GET[adduser])) { // **** Display form to add a user pageheader(); ?>
User Name
Password
Verify Password
Please note that passwords are stored and transmitted unencrypted,
so don't use anything sensitive.
the forum!"; } else echo "the passwords did not match"; } else echo "User name $_POST[uname] already exists."; } else if (isset($_GET[userinfo])) { // **** User info page // get info from users database $query= mysqli_prepare($dbh,"SELECT uname, UNIX_TIMESTAMP(joined) as joindate, logintoken, UNIX_TIMESTAMP(lastlogin) as login FROM users WHERE idx = ?"); mysqli_stmt_bind_param($query,'i',$_GET[userinfo]); mysqli_stmt_execute($query) or die(mysqli_error($dbh)); mysqli_stmt_store_result($query); if (mysqli_stmt_num_rows($query) != 1) die("no such user"); mysqli_stmt_bind_result($query,$uname,$joindate,$logintoken,$login); mysqli_stmt_fetch($query) or die(mysqli_error($dbh)); mysqli_stmt_close($query); // get post count, last post $query = mysqli_prepare($dbh,"SELECT COUNT(*) AS postcount, UNIX_TIMESTAMP(MAX(postedtime)) as lasttime FROM board WHERE author = ?"); mysqli_stmt_bind_param($query,'i',$_GET[userinfo]); mysqli_stmt_execute($query) or die(mysqli_error($dbh)); mysqli_stmt_bind_result($query,$postcount,$lasttime); mysqli_stmt_fetch($query) or die(mysqli_error($dbh)); mysqli_stmt_close($query); pageheader($uname." user info"); echo "Info for user "$uname":

"; echo "Joined: ".date($datefmt,$joindate)."
"; echo "Posts: $postcount"; if ($postcount > 0) echo ", last posted ".date("$datefmt $timefmt",$lasttime)."
"; if (isset($logintoken) && $logintoken != "") echo "Logged in ".date("$datefmt $timefmt",$login)."
"; else if ($login > 0) echo "Last logged in ".date("$datefmt $timefmt",$login)."
"; else echo "Never logged in.
"; echo "
User List"; } else if (isset($_GET[userlist])) { // **** User list pageheader("User List"); $query = mysqli_prepare($dbh," SELECT COUNT(*) AS postcount, users.uname AS uname, UNIX_TIMESTAMP(users.joined) AS joined, users.idx AS idx FROM board, users WHERE board.author = users.idx GROUP BY uname ORDER BY postcount DESC "); mysqli_stmt_execute($query); mysqli_stmt_store_result($query); echo "User list:

".mysqli_stmt_num_rows($query)." users
\n"; mysqli_stmt_bind_result($query,$postcount,$uname,$joined,$uid); while (mysqli_stmt_fetch($query)) { echo "\n"; } mysqli_stmt_close($query); echo "
NamePost CountJoined
$uname$postcount".date($datefmt,$joined)."
\n"; } else if (isset($_GET[chpass])) { // **** Change password form pageheader(); ?> Change Password:
User Name
Old Password
New Password
Verify New Password
"; if ($pageno > 0) echo "Previous Page"; if ($pageno > 0 && $pageno < floor(($postcount-1)/$postsperpage)) echo " | "; if ($pageno < floor(($postcount-1)/$postsperpage)) echo "Next Page"; echo "

"; $query = mysqli_prepare($dbh," SELECT board.subject AS subject, board.message AS message, board.idx AS idx, UNIX_TIMESTAMP(board.postedtime) AS postedtime, UNIX_TIMESTAMP(board.lasttime) AS lasttime, users.uname AS uname, users.idx AS uidx FROM board, users WHERE board.author = users.idx AND (board.replyto = ? OR board.idx = ?) ORDER BY postedtime ASC LIMIT ?,? ") or die (mysqli_error($dbh)); mysqli_stmt_bind_param($query,'iiii',$_GET[showthread],$_GET[showthread],$firstonpage,$postsperpage); mysqli_stmt_execute($query) or die(mysqli_error($dbh)); mysqli_stmt_bind_result($query,$subject,$message,$message_id,$postedtime,$updatetime,$uname,$uid); echo "
\n"; $firstpost=1; while (mysqli_stmt_fetch($query)) { echo "
"; if ($lastlogin > 0 && $updatetime > $lastlogin) echo "* "; echo "$subject by $uname at ".date($timefmt,$postedtime)." on ".date($datefmt,$postedtime)."
\n"; echo "
$message"; if (time()-$postedtime < $editexpire && ((!isset($_COOKIE[$cookie_uname]) || !isset($_COOKIE[$cookie_token])) || !strcmp($uname,$_COOKIE[$cookie_uname]))) echo "
[edit]"; echo "
\n"; } mysqli_stmt_close($query); echo "
\n"; echo "

"; if ($pageno > 0) echo "Previous Page"; if ($pageno > 0 && $pageno < floor(($postcount-1)/$postsperpage)) echo " | "; if ($pageno < floor(($postcount-1)/$postsperpage)) echo "Next Page"; echo "
"; echo "Go to Page "; for ($i = 0; $i <= $lastpage; $i++) { if ($pageno != $i) echo ""; echo "$i"; if ($pageno != $i) echo ""; echo " "; } echo "
"; echo "Search this thread"; echo "
"; echo "Show all threads

"; echo "Reply to this thread:
"; NewPostForm($_GET[showthread]); echo "

"; } else if (isset($_GET['addpost'])) { // **** Add a post pageheader(); $uid = authenticate($dbh,$_POST[author],$_POST[pass]); if ($_POST[inresponseto]=="0" && (!isset($_POST[subject]) || $_POST[subject]=="" || ctype_space($_POST[subject]))) die("Cannot start thread with empty subject"); $dbh_write = dblogin_write(); $query = mysqli_prepare($dbh_write," INSERT INTO board VALUES(NULL,NOW(),NOW(),?,?,?,?,?) ") or die ("post error: ".mysqli_error($dbh_write)); mysqli_stmt_bind_param($query,'iisss',$uid,$_POST[inresponseto],htmlspecialchars($_POST[subject],ENT_QUOTES),preg_replace($tags_search,$tags_replace,htmlspecialchars($_POST[message],ENT_QUOTES)),$_SERVER[REMOTE_ADDR]); mysqli_stmt_execute($query) or die(mysqli_error($dbh_write)); mysqli_stmt_close($query); echo "Added.
"; // update thread last updated time if ($_POST[inresponseto] != 0) { update_post_time($dbh_write,$_POST[inresponseto]); echo "Return to thread
"; } echo "Return to forum"; mysqli_close($dbh_write); } else if (isset($_GET['editpost'])) { // **** Display post edit form pageheader(); $query = mysqli_prepare($dbh," SELECT subject,message FROM board WHERE idx = ?") or die(mysqli_error($dbh)); mysqli_stmt_bind_param($query,'i',$_GET['editpost']); mysqli_stmt_execute($query) or die(mysqli_error($dbh)); mysqli_stmt_bind_result($query,$subject,$message); if (!mysqli_stmt_fetch($query)) die("no such post ".mysqli_error($dbh)); mysqli_stmt_close($query); EditPostForm($_GET['editpost'],preg_replace($tags_decode_search,$tags_decode_replace,$message),$subject); } else if (isset($_GET['editpost2'])) { // **** Commit an edited post pageheader(); $posttoedit = intval($_POST[posttoupdate]); // look up what post this reponds to and when it was first posted $query = mysqli_prepare($dbh,"SELECT replyto, UNIX_TIMESTAMP(postedtime) FROM board WHERE idx = ? LIMIT 1") or die(mysqli_error($dbh)); mysqli_stmt_bind_param($query,'i',$_POST[posttoupdate]); mysqli_stmt_execute($query) or die(mysqli_error($dbh)); mysqli_stmt_bind_result($query,$inresponseto,$postedtime); mysqli_stmt_fetch($query) or die("couldn't find first post in thread".mysqli_error($dbh)); mysqli_stmt_close($query); if (time()-$postedtime >= $editexpire) die("edit time for this post has expired ($editexpire seconds)"); $uid = authenticate($dbh,$_POST[author],$_POST[pass]); if ($inresponseto=="0" && (!isset($_POST[subject]) || $_POST[subject]=="" || ctype_space($_POST[subject]))) die("Thread cannot have empty subject"); $dbh_write = dblogin_write(); $query = mysqli_prepare($dbh_write," UPDATE board SET subject = ?, message = ?, ip = ?, lasttime = NOW() WHERE idx = ? AND author = ? LIMIT 1 ") or die (mysqli_error($dbh_write)); $newmessage = preg_replace($tags_search,$tags_replace,htmlspecialchars($_POST[message],ENT_QUOTES))."

edited ".date($timefmt." ".$datefmt).""; mysqli_stmt_bind_param($query,'sssii',htmlspecialchars($_POST[subject],ENT_QUOTES),$newmessage,$_SERVER[REMOTE_ADDR],$_POST[posttoupdate],$uid); mysqli_stmt_execute($query) or die(mysqli_error($dbh_write)); if (mysqli_stmt_affected_rows($query) != 1) die("no such post by you"); mysqli_stmt_close($query); echo "Updated.
"; if ($inresponseto != 0) { update_post_time($dbh_write,$inresponseto); echo "Return to thread
"; echo "Return to forum"; } mysqli_close($dbh_write); } else if (isset($_GET['searchmode'])) { // **** Searching (largely ripped off from Josh W) pageheader(); $post_action = "$my_path?searchmode"; if(isset($_GET['threadid'])) { $post_action .= "&threadid=${_GET['threadid']}"; } echo "
\n"; echo "\n"; echo "\n"; if(isset($_GET['threadid'])) { echo "\n"; } echo ""; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo ""; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "

\n"; echo "
Search for: 
In thread: 
Search where? In Message Body In Subject by Author
Search how? Phrase Any Words All Words
\n"; if(isset($_POST[query])) { if(isset($_POST[page])) $lowr = ($_POST[page]-1)*$postsperpage; else $lowr = 0; $highr = $lowr + $postsperpage; switch ($_POST[searchwhere]) { case "message": $field = "message"; break; case "subject": $field = "subject"; break; case "uname": $field = "users.uname"; break; default: $field = "message"; } switch ($_POST[searchhow]) { case "phrase": $query_sql = "$field LIKE ?"; $query = "%" . mysqli_real_escape_string($dbh,htmlspecialchars($_POST[query],ENT_QUOTES)) . "%"; break; case "anywords": $word_count = substr_count($_POST[query]," ")+1; $query_sql = "$field LIKE ?" . str_repeat(" OR $field LIKE ?",$word_count-1); $query = explode(" ", "%" . str_replace(" ","% %",htmlspecialchars($_POST[query],ENT_QUOTES)) . "%" ); break; case "allwords": $word_count = substr_count($_POST[query]," ")+1; $query_sql = "$field LIKE ?" . str_repeat(" AND $field LIKE ?",$word_count-1); $query = explode(" ", "%" . str_replace(" ","% %",htmlspecialchars($_POST[query],ENT_QUOTES)) . "%" ); break; default: $query = "'%mothballs%'"; break; } $full_query = "SELECT board.idx AS idx FROM board"; if ($field == "users.uname") { $full_query .= ",users"; } $full_query .= " WHERE ( $query_sql )"; if ($field == "users.uname") { $full_query .= " AND board.author = users.idx"; } if (isset($_GET['threadid'])) { $threadid = intval($_GET['threadid']); $full_query .= " AND ( board.idx = $threadid OR board.replyto = $threadid )"; } $full_query .= " ORDER BY board.postedtime ASC "; $stmt=mysqli_prepare($dbh,$full_query) or die (mysqli_error($dbh)); if ($_POST[searchhow] == "anywords" || $_POST[searchhow] == "allwords") { $i = 2; $query2[0] = $stmt; $query2[1] = str_repeat('s',$word_count); foreach ($query as $q) { $query2[$i] = $query[$i-2]; $i++; } call_user_func_array(mysqli_stmt_bind_param,$query2); } else { mysqli_stmt_bind_param($stmt,'s',$query) or die (mysqli_error($dbh)); } mysqli_stmt_execute($stmt) or die(mysqli_error($dbh)); mysqli_stmt_bind_result($stmt,$message_idx) or die(mysqli_error($dbh)); mysqli_stmt_store_result($stmt); $nresults = mysqli_stmt_num_rows($stmt); for($i = 0; $i < $nresults && $i < $lowr; $i++) if (!mysqli_stmt_fetch($stmt)) die(mysqli_error($dbh)); for($i = $lowr; $i < $nresults && $i < $highr && mysqli_stmt_fetch($stmt); $i++) { $indexes[$i] = $message_idx; } mysqli_stmt_close($stmt); $npage = (int)(($highr+$postsperpage) / $postsperpage); $ppage = $npage - 2; $highr3 = $highr; if($highr > $nresults) $highr = $nresults; $test2 = preg_replace(array("[ ]"),array("+") ,$_POST[query]); echo "
\n"; PrevNext($post_action,$ppage,$npage,$highr3,$nresults); echo "

Showing " . ($lowr + 1) . " - $highr out of $nresults posts

\n"; for($i = $lowr; $i < $highr; $i++) { $post_index = $indexes[$i]; // fetch the thread index $stmt = mysqli_prepare($dbh,"SELECT replyto FROM board WHERE idx = ?") or die (mysqli_error($dbh)); mysqli_stmt_bind_param($stmt,'i',$post_index) or die(mysqli_error($dbh)); mysqli_stmt_execute($stmt) or die(mysqli_error($dbh)); mysqli_stmt_bind_result($stmt,$thread_index) or die(mysqli_error($dbh)); mysqli_stmt_fetch($stmt) or die ("error fetching a post".mysqli_error($dbh)); mysqli_stmt_close($stmt); if ($thread_index != 0) { // fetch the thread title and index $stmt = mysqli_prepare($dbh,"SELECT subject FROM board WHERE idx = ?") or die(mysqli_error($dbh)); mysqli_stmt_bind_param($stmt,'i',$thread_index) or die(mysqli_error($dbh)); mysqli_stmt_execute($stmt) or die (mysqli_error($dbh)); mysqli_stmt_store_result($stmt) or die (mysqli_error($dbh)); if (mysqli_stmt_num_rows($stmt) != 0) { mysqli_stmt_bind_result($stmt,$thread_subject) or die(mysqli_error($dbh)); mysqli_stmt_fetch($stmt) or die ("error fetching thread title and index $thread_index ".mysqli_error($dbh)); } else { $thread_index = 0; } mysqli_stmt_close($stmt); } if ($thread_index != 0) { // count how many posts come before this one $stmt = mysqli_prepare($dbh,"SELECT COUNT(*) FROM board WHERE (replyto = ? OR idx = ?) AND board.idx < ?") or die(mysqli_error($dbh)); mysqli_stmt_bind_param($stmt,'iii',$thread_index,$thread_index,$post_index) or die (mysqli_error($dbh)); mysqli_stmt_execute($stmt) or die (mysqli_error($dbh)); mysqli_stmt_bind_result($stmt,$postcount) or die(mysqli_error($dbh)); mysqli_stmt_fetch($stmt) or die(mysqli_error($dbh)); mysqli_stmt_close($stmt); $pageno = floor(($postcount) / $postsperpage); } // retrieve details of this post $stmt = mysqli_prepare($dbh,"SELECT board.subject, board.message, UNIX_TIMESTAMP(board.postedtime), users.idx, users.uname FROM board, users WHERE board.idx = ? AND users.idx = board.author") or die(mysqli_error($dbh)); mysqli_stmt_bind_param($stmt,'i',$post_index); mysqli_stmt_execute($stmt) or die (mysqli_error($dbh)); mysqli_stmt_bind_result($stmt,$subject,$message,$postedtime,$uid,$uname); mysqli_stmt_fetch($stmt) or die ("error getting post details ".mysqli_error($dbh)); mysqli_stmt_close($stmt); if($thread_index != 0) echo "Thread: $thread_subject
"; else echo "Thread: $subject
"; echo "
$subject by $uname at " . date($timefmt,$postedtime)." on ".date($datefmt,$postedtime); echo "
$message
"; } echo "

"; PrevNext($post_action,$ppage,$npage,$highr3,$nresults); } // end if query } else if (isset($_GET[rss])) { // **** RSS feed (again ripped off from josh */ echo "\n\n"; echo "HCS Forum\n$full_path\n"; echo "10 most recently active threads in the HCS Forum\n"; $stmt=mysqli_prepare($dbh, "SELECT board.idx AS threadid,board.subject,board.lasttime, (SELECT COUNT(*) FROM board WHERE replyto = threadid) AS replycount FROM board,users WHERE board.author = users.idx AND board.replyto = '0' ORDER BY lasttime DESC LIMIT 10") or die (mysqli_error($dbh)); mysqli_stmt_execute($stmt) or die(mysqli_error($dbh)); mysqli_stmt_bind_result($stmt, $index, $subject, $lasttime, $replies); while (mysqli_stmt_fetch($stmt)) { echo ""; echo "$subject ($replies replies)\n"; echo "$subject ($replies replies)\n"; echo "$full_path?showthread=$index&lastpage\n"; echo "\n"; } mysqli_stmt_close($stmt); echo ""; mysqli_close($dbh); exit; // avoid outputting the html footer } else { // **** Display Threads pageheader(); $firstonpage=$_GET[showpage]*$threadsperpage; // get user's last login time if (isset($_COOKIE[$cookie_uname]) && isset($_COOKIE[$cookie_token])) { // login time $query = mysqli_prepare($dbh,"SELECT UNIX_TIMESTAMP(prevlogin) AS llstamp FROM users WHERE uname = ? AND logintoken = ?"); mysqli_stmt_bind_param($query,'ss',$_COOKIE[$cookie_uname],$_COOKIE[$cookie_token]); mysqli_stmt_execute($query) or die(mysqli_error($dbh)); mysqli_stmt_bind_result($query,$lastlogin); if (!mysqli_stmt_fetch($query)) $lastlogin=0; mysqli_stmt_close($query); } else { $lastlogin=0; } // thread list $query = mysqli_prepare($dbh," SELECT board.idx AS threadid, board.subject AS subject, UNIX_TIMESTAMP(board.postedtime) AS postedtime, UNIX_TIMESTAMP(board.lasttime) AS lasttime, users.uname AS uname, users.idx AS idx, (SELECT COUNT(*) FROM board WHERE idx = threadid) + (SELECT COUNT(*) FROM board WHERE replyto = threadid) AS postcount FROM board, users WHERE board.author = users.idx AND board.replyto = '0' ORDER BY lasttime DESC LIMIT ?, ? ") or die(mysqli_error($dbh)); mysqli_bind_param($query,'ii',$firstonpage,$threadsperpage) or die(mysqli_error($dbh)); // get thread list mysqli_execute($query) or die(mysqli_error($dbh)); mysqli_bind_result($query,$threadid,$subject,$postedtime,$thread_lasttime,$thread_uname,$thread_uid,$postcount); echo ""; while (mysqli_stmt_fetch($query)) { echo "\n\n"; } echo "
Threadses
SubjectStarted byStarted atLast UpdatePosts
"; if ($lastlogin > 0 && $thread_lasttime > $lastlogin) echo "* "; echo "$subject"; if ($postcount > $postsperpage) echo " (last page)"; echo " $thread_uname ".date($timefmt." ".$datefmt,$postedtime)." ".date($timefmt." ".$datefmt,$thread_lasttime)." $postcount
\n"; mysqli_stmt_close($query); $query = mysqli_prepare($dbh,"SELECT COUNT(*) FROM board WHERE replyto = '0'") or die(mysqli_error($dbh)); mysqli_execute($query) or die (mysqli_error($dbh)); mysqli_bind_result($query,$count) or die(mysqli_error($dbh)); mysqli_fetch($query) or die("error fetching thread list ".mysqli_error($dbh)); mysqli_stmt_close($query) or die(mysqli_error($dbh)); echo "

"; if ($_GET[showpage] > 0) echo "Previous Page"; if ($_GET[showpage] > 0 && $showpage < floor(($count-1)/$threadsperpage)) echo " | "; if ($showpage < floor(($count-1)/$threadsperpage)) echo "Next Page"; echo "

Search | Create an account | Change Password | "; if (!isset($_COOKIE[$cookie_uname]) || !isset($_COOKIE[$cookie_token])) echo "Log In"; else echo "Log Out"; echo "
User List"; echo "

\n"; echo "

Create a new thread:
"; NewPostForm(0); echo "

\n"; } mysqli_close($dbh); ?>
HCS Forum Index
Halley's Comet Software
forum source
Generated in