is there any folder name in this code?

**something else** · 15.12.13, 16:09

Ctrl + F - enter folder name - to find your answer. Or alternatively read it your self and tell us is there any folder name lol

**pmbguy** · 15.12.13, 17:45

the code you posted doesn't handle the uploading of the file... that code outputs the form that you select a file to upload... if you post complete function code i can add a few comments for you as to what does what in the php...

**shohel** · 16.12.13, 08:54

Originally posted by pmbguy View Post

the code you posted doesn't handle the uploading of the file... that code outputs the form that you select a file to upload... if you post complete function code i can add a few comments for you as to what does what in the php...

PHP Code:


<?php

include 's_functions.php';

$title="Viwing Files";

include 'header.php';

echo notify($tbdid);

if($bid>100 && $bid<109) {

$two="2";}

if(uxist($tbdid)=="1" && $action=="upload2" && $bid>100 && $bid<109) {

if($ok=="ok") {

echo addufile($name,$text,$bid,$tbdid);

}

echo "

<div class=\"blyx\" align=\"center\"><b><div class=\"bar4\" align=\"center\"><table><td><b>Uploading files...</b></td><td align=\"right\" width=\"10%\"><a href=\"dlist.php?bid={$bid}\"><img src=\"x.png\" alt=\"x\"/></a></td></table></div></b>";



echo "<form enctype=\"multipart/form-data\" action=\"dlist.php?action=upload2&bid={$bid}&ok=ok\" method=\"post\">

<b><img src=\"img/point.gif\"/> File(<font color=\"gray\">max 5 mb</font>):</b><br/><input type=\"file\" name=\"filea\"/><br/>

<b><img src=\"img/point.gif\"/> Aditional name:</b><br/><input name=\"name\"/><br/>

<b>Screenshot(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"fileb\" accept=\"image/*\"/><br/>

<b>Prov file(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"filec\" accept=\"image/*\"/><br/>

<b>Description(<font color=\"gray\">optional</font>):</b><br/><textarea name=\"text\"></textarea><br/>



<input type=\"submit\" value=\"UPLOAD\"></form>";

echo "</div>

";



}

if(($action=="upload" || $action=="uploadurl") && power($tbdid)>7) {



if($ok=="ok") {

echo addfile($name,$text,$bid,$tbdid);

echo addfile2($name,$text,$bid,$tbdid);

echo addfile3($name,$text,$bid,$tbdid);

echo addfile4($name,$text,$bid,$tbdid);

echo addfile5($name,$text,$bid,$tbdid);





} elseif($ok=="okz") {

echo addfileurl($name,$text,$bid,$tbdid);



} else {}

if(power($tbdid)=="10" && $bid<101) {

echo "{$ok}...

<div class=\"blyx\" align=\"center\"><b><div class=\"bar4\" align=\"center\"><table><td><b>Uploading files...</b></td><td align=\"right\" width=\"10%\"><a href=\"dlist.php?bid={$bid}\"><img src=\"x.png\" alt=\"x\"/></a></td></table></div></b>";

if($ok=="url" || $ok=="okz") {

echo "<form enctype=\"multipart/form-data\" action=\"dlist.php?action=uploadurl&bid={$bid}&ok=okz\" method=\"post\">

<b><img src=\"img/point.gif\"/> File:</b><br/><input type=\"text\" name=\"url\" value=\"http://\"/><br/>

<b><img src=\"img/point.gif\"/> Aditional name:</b><br/><input name=\"name\"/><br/>

<b>Screenshot(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"fileb\" accept=\"image/*\"/><br/>

<b>Prov file(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"filec\" accept=\"image/*\"/><br/>

<b>Description(<font color=\"gray\">optional</font>):</b><br/><textarea name=\"text\"></textarea><br/>



<input type=\"submit\" value=\"UPLOAD\"></form>";

} else {

echo "<h2>1</h2><form enctype=\"multipart/form-data\" action=\"dlist.php?action=upload&bid={$bid}&ok=ok\" method=\"post\">

<b><img src=\"img/point.gif\"/> File:</b><br/><input type=\"file\" name=\"filea\"/><br/>

<b><img src=\"img/point.gif\"/> Aditional name:</b><br/><input name=\"name\"/><br/>

<b>Screenshot(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"fileb\" accept=\"image/*\"/><br/>

<b>Prov file(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"filec\" accept=\"image/*\"/><br/>

<b>Description(<font color=\"gray\">optional</font>):</b><br/><textarea name=\"text\"></textarea><br/>





<b><h2>2</h2><img src=\"img/point.gif\"/> File:</b><br/><input type=\"file\" name=\"filea2\"/><br/>

<b><img src=\"img/point.gif\"/> Aditional name:</b><br/><input name=\"name2\"/><br/>

<b>Screenshot(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"fileb2\" accept=\"image/*\"/><br/>

<b>Prov file(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"filec2\" accept=\"image/*\"/><br/>

<b>Description(<font color=\"gray\">optional</font>):</b><br/><textarea name=\"text2\"></textarea><br/>





<b><h2>3</h2><img src=\"img/point.gif\"/> File:</b><br/><input type=\"file\" name=\"filea3\"/><br/>

<b><img src=\"img/point.gif\"/> Aditional name:</b><br/><input name=\"name3\"/><br/>

<b>Screenshot(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"fileb3\" accept=\"image/*\"/><br/>

<b>Prov file(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"filec3\" accept=\"image/*\"/><br/>

<b>Description(<font color=\"gray\">optional</font>):</b><br/><textarea name=\"text3\"></textarea><br/>





<b><h2>4</h2><img src=\"img/point.gif\"/> File:</b><br/><input type=\"file\" name=\"filea4\"/><br/>

<b><img src=\"img/point.gif\"/> Aditional name:</b><br/><input name=\"name4\"/><br/>

<b>Screenshot(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"fileb4\" accept=\"image/*\"/><br/>

<b>Prov file(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"filec4\" accept=\"image/*\"/><br/>

<b>Description(<font color=\"gray\">optional</font>):</b><br/><textarea name=\"text4\"></textarea><br/>



<b><h2>5</h2><img src=\"img/point.gif\"/> File:</b><br/><input type=\"file\" name=\"filea5\"/><br/>

<b><img src=\"img/point.gif\"/> Aditional name:</b><br/><input name=\"name5\"/><br/>

<b>Screenshot(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"fileb5\" accept=\"image/*\"/><br/>

<b>Prov file(<font color=\"gray\">optional</font>):</b><br/><input type=\"file\" name=\"filec5\" accept=\"image/*\"/><br/>

<b>Description(<font color=\"gray\">optional</font>):</b><br/><textarea name=\"text5\"></textarea><br/>



<input type=\"submit\" value=\"UPLOAD\"></form>

<div class=\"alert\"><a href=\"dlist.php?action=uploadurl&ok=url&bid={$bid}\">Upload from url</a></div>";

}

echo "</div>

"; }

} else {echo "<div class=\"mainbox\"><div class=\"mainblok2\"><b><div class=\"bar4\" align=\"center\"><table><td><a href=\"dlist.php?action=upload{$two}&bid={$bid}\"><b>Upload a file</b></a></td></table></div></b></div>

";}

echo "<div class=\"mainbox\"><div class=\"mainblok2\"><b><div class=\"bar4\" align=\"center\"><table><td><b>".gndcat2($bid)."</b></td></table></div></b>";



$rec_limit = 10;

/* Get total number of records */

$sql ="SELECT count(text) FROM dlist WHERE dcat=$bid AND pnlty!=4 AND vld=1";

$retval=mysql_query($sql);

if(! $retval ){

}

$row=mysql_fetch_array($retval);

$rec_count = $row[0];



if($rec_count=="0") {echo "<div class=\"alert\" align=\"center\">This Folder is empty.</div>";} 

if( isset($_GET{'page'} ) )

{

$page = $_GET{'page'} + 1;

$offset = $rec_limit * $page ;

}

else

{

$page = 0;

$offset = 0;

}

$left_rec = $rec_count-($page * $rec_limit);

if($bid>100 && $bid<109) {



$sql = "SELECT * FROM dlist WHERE dcat=$bid AND pnlty!=4 AND vld=1 AND byid=$tbdid ORDER BY id DESC LIMIT $offset,$rec_limit";



} else {

$sql = "SELECT * FROM dlist WHERE dcat=$bid AND pnlty!=4 AND vld=1 ORDER BY id DESC LIMIT $offset,$rec_limit";

}

$retval = mysql_query($sql);

if(! $retval )

{

}

echo "

<table width=\"100%\" cellspacing=\"0\" valign=\"top\">";

while($row=mysql_fetch_array($retval))

{ 

/*

echo "<tr><td width=\"50px\" align=\"left\" valign=\"top\">

<img src=\"{$row['img']}\" style=\"width:80px;height:80px;\"/></td>

<td align=\"left\">

<a href=\"v.php?aid={$row['id']}\" style=\"color:#C14B34\"><div class=\"bar5\">".substr($row['name'],0,300)."<br/>Tuner: ".ulink($row['byid'])."</div></a>

<div>".substr($row['text'],0,340)."<div align=\"right\">[<a href=\"v.php?aid={$row['id']}\">Read full story...]</div></div>

</td></tr>";

*/

if($row['screen']=="") {$simg="notpc.jpg";} else {$simg=$row['screen'];}

echo "<tr class=\"listx\">

<td align=\"left\" valign=\"top\"><td width=\"30px\"><img src=\"{$simg}\" style=\"width:30px;height:30px;\"/></td>

<td align=\"left\" valign=\"top\"><a href=\"dv.php?bid={$row['id']}\"><div class=\"listx\"><img src=\"list.png\"/>{$row['name']}<br/><font color=\"gray\">About: ".substr($row['text'],0,100)."</font></div></a></td></tr>";



}

echo "

</table>

";



if( $page > 0 )

{

$last = $page - 2;

$prev= "<a href=\"$_PHP_SELF?action=$action&bid=$bid&page=$last&aid=$aid\">Prev</a> |";

$next= "<a href=\"$_PHP_SELF?action=$action&bid=$bid&page=$page&aid=$aid\">Next </a>";

}

elseif( $page == 0 )

{

$next= "<a href=\"$_PHP_SELF?action=$action&bid=$bid&page=$page&aid=$aid\">Next</a>";

}

elseif( $left_rec < $rec_limit )

{

$last = $page - 2;

$prev= "<a href=\"$_PHP_SELF?action=$action&bid=$bid&page=$last&aid=$aid\">Prev</a>";

}

else {}



echo "<b><div class=\"bar4btm\" align=\"center\"><table width=\"100%\"><td align=\"left\">{$prev}</td><td align=\"right\">{$next}</td></table></div></b></div>";



include 'footer.php';

?>

please tell me y its not uploading to my server

**arnage** · 18.12.13, 20:49

Please use BB tags when posting codes. Next time will be deleted. Thanks.

**something else** · 19.12.13, 00:27

upload script looks to be on s_functions.php

**shohel** · 20.12.13, 14:53

Originally posted by something else View Post

upload script looks to be on s_functions.php

Code:

<?php
session_start();
error_reporting(0);
$xdb="2";
if($xdb=="1") {
$dbhost='localhost';
$dbuser='*******';
$dbname='******';
$dbpass='*******';
} elseif($xdb=="2") {
$dbuser='*******';
$dbname='******';
$dbpass='*******';
else {
$dbhost='localhost';
$dbuser='*******';
$dbname='******';
$dbpass='*******';}
    $con = @mysql_connect($dbhost,$dbuser,$dbpass);
    if(!$con) {echo "We are updating site. Please try again few minutes later. Thank you."; exit();} else {}
    $conx = @mysql_select_db($dbname);
    if(!$conx) {} else {
    }
	$rpa=array("`","sex","order","****");
$rpb=array("","","ord-er","");
$himel=$_GET['himel'];
$timeex=time()+365*30*24*60*60;

if(strlen($himel)>5) {
setcookie("cp",$himel,$timeex);
header("Location: index.php");}
$cook=mysql_real_escape_string($_COOKIE['cp']);
if(strlen($cook)>10 && $cook!="no") {
$guc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE cookie='{$cook}'"));
if($guc[0]=="1") {
$gucid=mysql_fetch_array(mysql_query("SELECT id,pnlty FROM tbd_user WHERE cookie='{$cook}'"));
$cookid=(int) $gucid[0];
} else {
$cookid="0";
}
}
$cookid=(int) $cookid;

if(uxist($cookid)=="1" && $cookid>0) {
$tbdid=$cookid;
} else {
$tbdid=mysql_real_escape_string($_SESSION['tRixbHimz']);
}

$tbdid=(int) $tbdid;
$pn=mysql_fetch_array(mysql_query("SELECT pnlty FROM tbd_user WHERE id=$tbdid"));
if($pn[0]=="4" || $gucid[1]=="4") {
header("Location: ban.php");
exit();
}
$aid=mysql_real_escape_string($_REQUEST['aid']);
$aid=preg_replace('/[^0-9]/','',$aid);
$aid=str_replace(".","",$aid);
$aid=(int) $aid;
$bid=mysql_real_escape_string($_REQUEST['bid']);

$bid=preg_replace('/[^0-9]/','',$bid);
$bid=str_replace(".","",$bid);
$bid=(int) $bid;
$cid=mysql_real_escape_string($_REQUEST['cid']);
$cid=preg_replace('/[^0-9]/','',$cid);
$cid=str_replace(".","",$cid);
$cid=(int) $cid;


$action=mysql_real_escape_string(strtolower($_REQUEST['action']));
$action=preg_replace('/[^a-z0-9]/si','',$action);
$ok=mysql_real_escape_string(strtolower($_REQUEST['ok']));
$ok=preg_replace('/[^a-z0-9]/si','',$ok);
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);

$text=trim($_REQUEST['text']);
$text = $text;
$text=mysql_real_escape_string(strip_tags(htmlspecialchars($text)))." ";
$text=str_replace('\r\n','[br/]',$text);
$name=mysql_real_escape_string(trim($_REQUEST['name']));
$name=htmlspecialchars($name);
$name=strip_tags($name);
$pass=mysql_real_escape_string(htmlspecialchars($_REQUEST['pass']));
$emaila=mysql_real_escape_string(htmlspecialchars(trim($_REQUEST['emaila'])));
$emaila=preg_replace('/[^a-zA-Z0-9\-\_.]/','',$emaila);
$emailb=mysql_real_escape_string(htmlspecialchars(trim($_REQUEST['emailb'])));
$emailb=preg_replace('/[^a-zA-Z0-9.]/','',$emailb);
$email=$emaila."@".$emailb;

$cemail=mysql_real_escape_string($_REQUEST['cemail']);
$cemail=preg_replace('/[^a-zA-Z0-9_.\-@]/si','',$cemail);

//reg
function himzreg($name,$pass,$email,$cemail,$fb,$age) {
$time=time();
$timex=gmdate("d M,Y-l",time()+6*60*60);
$name=strtolower($name);
$pass=strtolower($pass);
$passmd=md5($pass);
$emailap=mysql_real_escape_string(htmlspecialchars(trim($_REQUEST['emaila'])));
$emaila=preg_replace('/[^a-zA-Z0-9\-\_.]/','',$emailap);
$emailb=mysql_real_escape_string(htmlspecialchars(trim($_REQUEST['emailb'])));
$emailb=preg_replace('/[^a-zA-Z0-9.]/','',$emailb);
$email=$emaila."@".$emailb;

$email=strtolower($email);
$emailallow=explode(',',adminset("24"));
$checkuser=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE lower(name)='$name'"));
$checkemail=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE lower(email)='$email'"));
if(adminset("2")=="1") {
$rand=rand(111111,999999);
$evld=$rand;
}
else {$evld="1"; }
if(adminset("3")=="1") {
$vld="2";
}
else {$vld="1";}


if(preg_match('/[^a-zA-Z0-9_\-]/',$name)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Username containing unsupported characters.Allowed chs are a-z,A-Z,0-9,_-</div>";
}

elseif(strlen($name)<4) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Username can not be less than 4 ch</div>";
}
elseif(preg_match('/[^a-zA-Z0-9]/',$pass)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Password allows a-z,A-Z,0-9</div>";
}
elseif(strlen($pass)<6) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Password not less than 6 ch</div>";
}

elseif(strlen($name)>25) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Username can not be more than 20 ch.</div>";
}

elseif(strlen($pass)>25) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>pass can not be more than 20 ch.</div>";
}

elseif((!preg_match('/[0-9]/',$pass)) || (!preg_match('/[a-zA-Z]/',$pass))) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>password shoud contain numberic and alphabatic</div>";
}
elseif(preg_match('/\'"`<>&=/si',$pass)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Html codes like [&gt; &lt; ' \" & =] not allowed</div>";
}

//elseif(!preg_match('/[a-zA-Z0-9_\-.]+[@]+(yahoo)|(ymail)|(gmail)|(hotmail)|(live)|(rocketmail)|(facebook)|(aol)|(ovi)|(nokiamail)|(msn)+[.]+(com)|(net)|(info)|(co.uk)/',$email)) {
//return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Email format not valid. we support only yahoo,ymail,gmail,hotmail,live,aol</div>";

//}

elseif(strlen($emailap)<4) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Email is too short.</div>";
}
elseif((preg_match('/[^a-zA-Z0-9\-_.]/',$emailap))) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid character in Email.</div>";
}
elseif(!in_array($emailb,$emailallow)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Email format <b>{$email}</b> not valid. we support only ".adminset('24')."</div>";
}
//elseif(strtolower($email)!=strtolower($cemail)) {
//return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Confirm email does not match.!!</div>";

//}
elseif($checkuser[0]>0) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Username taken...</div>";
}
elseif($checkemail[0]>0) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Email registerred.Select lost password option..</div>";
}
else {
$name=preg_replace('/[^a-zA-Z0-9\-_]/si','',$name);

$sql=mysql_query("INSERT INTO tbd_user(name,pass,email,evld,vld,regtime,regtimex,credit,pnlty) VALUE('$name','$passmd','$email','$evld','$vld','$time','$timex','58','1')");
if(!$sql) {} else {
if(adminset("2")=="1") {


$myemail=$email;
$subject="Complete your registration.";
$body="Dear ".utxt($tbdid).", \n Username: {$name} \n password={$pass}\n Your confirmation code is ".$evld." \n or click here http://vutergoli.com/confirm.php?action=confirm&ok=".$rand." \n if you face any problem just contact with site admin or call: +8801734824328";
$mail=mail($myemail,$subject,$body,"From: noreplay@vutergoli.com");
if(!$mail) {}
else {
$axs="<br/><font color=\"red\">A confirmation email was sent. check your inbox or spam or junk folder.</font><br/>";
}
}
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Well done!!. You have registerd to trickbd successfully.<br/>
<a href=\"login.php?name={$name}&pass={$pass}\">Click here to login Vutergoli.com</a><br/>
 {$axs}</div>";}
}
}
//login
function login($name,$pass){
$name=preg_replace('/[^a-zA-Z0-9\-_]/si','',$name);
$time=time();
$rtd=rand(1111,9999);
$cct=$time*$rtd;
$ckie=md5($cct);
$passmd=md5(strtolower($pass));
$passmdx=md5($pass);
$ckk=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE (lower(name)='$name' AND pass='$passmd') OR (lower(name)='$name' AND pass='$passmdx')"));
$ckkz=mysql_fetch_array(mysql_query("SELECT id FROM tbd_user WHERE (lower(name)='$name' AND pass='$passmd') OR (lower(name)='$name' AND pass='$passmdx')"));

if($ckk[0]=="1" && strlen($name)>3 && strlen($pass)>5) {
if($ckkz['pnlty']=="7") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>You are banned!!</div>";}
else {
$_SESSION['tRixbHimz']=$ckkz['id'];
mysql_query("UPDATE tbd_user SET logtime=$time,cookie='$ckie' WHERE id={$ckkz[0]}");
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>{$name} You have logged in successfully<br/>You may bookmark this page for auto login<br/>
<a href=\"index.php?himel={$ckie}\">Enter home page.</a></div>";
}
} 
else {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error!! check your login information. </div>";}
}

function adminset($a) {
$a=(int) $a;
$ak=mysql_fetch_array(mysql_query("SELECT * FROM adminset WHERE id=1"));
if($a=="1") {
return $ak['reg'];
}
elseif($a=="1") {
return $ak['reg'];
}
elseif($a=="2") {
return $ak['evld'];
}
elseif($a=="3") {
return $ak['vld'];
}
elseif($a=="4") {
return $ak['echk'];
}
elseif($a=="5") {
return $ak['topic'];
}
elseif($a=="6") {
return $ak['comment'];
}
elseif($a=="7") {
return $ak['minst'];
}
elseif($a=="8") {
return $ak['maxst'];
}
elseif($a=="9") {
return $ak['status'];
}

elseif($a=="10") {
return $ak['mintpc'];
}
elseif($a=="11") {
return $ak['maxtpc'];
}
elseif($a=="12") {
return $ak['mintpccm'];
}
elseif($a=="13") {
return $ak['maxtpccm'];
}
elseif($a=="14") {
return $ak['tpccrdt'];
}
elseif($a=="15") {
return $ak['mob'];
}
elseif($a=="16") {
return $ak['email'];
}
elseif($a=="17") {
return $ak['post'];
}
elseif($a=="18") {
return $ak['spama'];
}
elseif($a=="19") {
return $ak['spamb'];
}
elseif($a=="20") {
return $ak['spamset'];
}
elseif($a=="21") {
return $ak['comsess'];
}
elseif($a=="22") {
return $ak['comcrdt'];
}
elseif($a=="23") {
return $ak['blocksite'];
}
elseif($a=="24") {
return $ak['emailset'];
}
elseif($a=="25") {
return $ak['online'];
}
elseif($a=="26") {
return $ak['regswitch'];
}

else {return false;}
}
function power($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT himzpwr FROM tbd_user WHERE id=$a"));
return $gt[0];

}
//addforum
function addforum($name,$bid,$tbdid,$text) {

$tbdid=(int) $tbdid;
if(uxist($tbdid)=="1" && power($tbdid)=="10") {
$name=mysql_real_escape_string($name);
$namelw=strtolower($name);

$bid=(int) $bid; 
$ckk=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM forum WHERE lower(text)='$namelw' AND cat=$bid"));

if($bid!=0 && strlen($name)>2) {
if($ckk[0]>0) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This forum already created in <b>".gnforum($bid)."</b> section</div>";} else {
$sql=mysql_query("INSERT INTO forum(text,cat,name) VALUES('$name','$bid','$text')");
if(!$sql) {} else {return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Forum added!<br/><a href=\"forum.php?aid={$bid}\">View Forum</a></div>";}
}
}
} else {return false;}
}
//ad

function ad($a,$b) {
$a=(int) $a;
$b=(int) $b;
if(power($b)=="10") {$xv=" (<a style=\"color:red\" href=\"ad.php?aid=$a\">B-{$a}</a>)";}

$r=rand(1,3);
$rx=$r-1;
$ad=mysql_fetch_array(mysql_query("SELECT text FROM ad WHERE id=$a AND vld=1"));
if(strlen($ad['text'])>0) {
return "<div align=\"center\"><b>{$xv} {$ad[0]}</b></div>";
}
elseif(strlen($ad[0])=="0" && power($b)=="10") {
return "<div align=\"center\">{$xv}<a style=\"color:red\" href=\"ad.php?aid=$a\"> </a><a href=\"ad.php?aid=$a\">Add your site</a></div>";
}
}

//addtopic
function cancreatetpc($a) {
$a=(int) $a;
$gu=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE vld=2 AND byid=$a "));
if($gu[0]<3) {
return "1";
}
else {
return "<div class=\"rmenu\">We are checking your last 2 topics. Please wait until we finish our checking. after activation you will get a notification. Thank you for being with TrickWorld24.</div>";
}
}
function addtopic($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$tbdid=(int) $tbdid;
$bid=(int) $bid; 
$name=mysql_real_escape_string($name);
$acode=array("<",">","'",'"',"`");
$bcode=array("&gt;","&lt;","singleqt",'doubleqt',"upperqt");
$code="";

$namelw=strtolower($name);
$gt=mysql_fetch_array(mysql_query("SELECT id FROM tbd_topics ORDER BY id DESC"));
$gt[0]+1;
$text=mention($text,"tpca{$gt[0]}",$tbdid);
$text=$text;
$textlw=strtolower($text);
$brwsr=mysql_real_escape_string(brwsr($tbdid));
if(uxist($tbdid)=="1" && forumxist($bid)=="1" && uvld($tbdid)=="1" || uevld($tbdid)=="1") {
if((time()-lasttpctime($tbdid))>3) {
$cat=fcat($bid);
if(adminset("5")=="1" && power($tbdid)<8) {$vld="2"; $xtra="<br/>Your topic is waiting for validation. 20 credits are deducted from your account. Dont worry , you will get 30 credits if Trickbd team approve your topic. ** Stay with us:)<br/>";} else {$vld="1";}
if(adminset("5")=="2" && power($tbdid)<8) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Creating topic is close now. Try again Later</div>";}
elseif(c($tbdid)<adminset("14")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Insufficient Balance. Need more than ".adminset('14')." credits to Create topics.</div>";}
elseif(strlen($name)<adminset("10") || strlen($name)>adminset("11")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name limit is ".adminset('10')."-".adminset('11')."</div>";}
elseif(strlen($text)<adminset("12") || strlen($text)>adminset("13")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Text limit is ".adminset('12')."-".adminset('13')."</div>";}
else {
$sql=mysql_query("INSERT INTO tbd_topics(name,text,time,timex,vld,pnlty,view,byid,forums,cat,code) VALUES('$name','$text','$time','$timex','$vld','1','0','$tbdid','$bid','$cat','$code')");
if(!$sql) {} else {
//start
$file=$_FILES['file']['name'];
$filesz=$_FILES['file']['size'];
if($filesz<=200000) {
$accept = array('jpg','png','gif','jpeg');
$extension = substr($file,strrpos($file,'.')+1);
$target="./pix/";
$rand=rand(1111111111,9999999999);
$target = $target ."tpc".lasttpc('1').".".$extension; 
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
if(!in_array($extension,$accept)){
 
}
else {
if(move_uploaded_file($_FILES['file']['tmp_name'], $target)) 
{$img=mysql_real_escape_string($target);
} else {} }
} else {}
//end
$tagid=(int) lasttpc("1");

$tag="tpc{$tagid}";
$img=$img;
if(file_get_contents($img)==true) {$img=$img;} else {$img="notpc.jpg";}
mysql_query("UPDATE tbd_topics SET img='$img' WHERE id=$tagid");
mysql_query("INSERT INTO notify(toid,name) VALUES('$tbdid','$tag') ");
return "".dc($tbdid,'20')."<div class=\"noti\"><img src=\"ok.png\" alt=\"o\">Thank you ".utxt($tbdid).". your status updated.{$xtra}</div>";
}
}
} else {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"> Please wait 5 min of last Topic</div>";}

} else {return false;}
}
function edittopic($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$tbdid=(int) $tbdid;
$aid=preg_replace('/[^0-9]/','',$_REQUEST["aid"]);
$aid=mysql_real_escape_string($aid);
$aid=(int) $aid;
$bid=(int) $bid; 
if(power($tbdid)<8) {$vld="2";} else {$vld="1";}
$vld=(int) $vld;
$name=mysql_real_escape_string($name);
$namelw=strtolower($name);
$text=mysql_real_escape_string($text);
$text = preg_replace('~[\r\n]+~', '', $text);
$textlw=strtolower(nl2br($text));
$img=mysql_real_escape_string($_REQUEST['logo']);
$accept = array('jpg','png','gif','jpeg');
$extension = substr($file,strrpos($file,'.')+1);
if(!in_array($extension,$accept)){
$img="notpc.jpg";
}
else {
$img=$img;
}

$brwsr=mysql_real_escape_string(brwsr($tbdid));
if(uxist($tbdid)=="1" && forumxist($bid)=="1" && uvld($tbdid)=="1" || uevld($tbdid)=="1") {
if((time()-lasttpctime($tbdid))>3) {
$cat=fcat($bid);
if(strlen($name)<adminset("10") || strlen($name)>adminset("11")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name limit is ".adminset('10')."-".adminset('11')."</div>";}
elseif(strlen($text)<adminset("12") || strlen($text)>adminset("13")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Text limit is ".adminset('12')."-".adminset('13')."</div>";}
else {
if(file_get_contents($img)==true) {$img=$img;} else {$img="notpc.jpg";}
$sql=mysql_query("UPDATE tbd_topics SET name='$name',text='$text',img='$img',vld=$vld,cat=$aid WHERE id=$bid");
if(!$sql) {} else {
//start

return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"> Topic edited.<br/><a href=\"v.php?bid={$bid}\">View topic</a></div>";

$tpc=mysql_fetch_array(mysql_query("SELECT byid FROM tbd_topics WHERE id=$bid"));
$all=mysql_query("SELECT id FROM tbd_user WHERE himzpwr>9");
if(power($tbdid)<9) {
while($rw=mysql_fetch_array($all)) {
$tag="tpca{$bid}";
$ntxt=utxt($tbdid)." edited his topic [tpc=".$bid."]".gntpc($bid)."[/tpc].";
$tpcow=$all[0];
mysql_query("INSERT INTO notify(text,toid,byid,time,vld,name) VALUES('$ntxt','$tpcow','$tbdid','$time','2','$tag')");

}
} else {
$tag="tpca{$bid}";
$ntxt="your topic [tpc=".$bid."]".gntpc($bid)."[/tpc] edited by trickbd team.";
$tpcow=$tpc[0];

mysql_query("INSERT INTO notify(text,toid,byid,time,vld,name) VALUES('$ntxt','$tpcow','$tbdid','$time','2','$tag')");

}
}
}
} else {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"> Please wait 5 min of last Topic</div>";}

} else {return false;}
}

//comment on topic
function addtopiccm($name,$text,$bid,$tbdid,$d) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$tbdid=(int) $tbdid;
$bid=(int) $bid; 
$textvbc=preg_replace('/[^a-zA-Z0-9]/','',$text);

$zxcd=explode(',',strtolower(adminset("23")));
$zxcc=implode('|',$zxcd);

if(preg_match('/'.$zxcc.'/',strtolower($textvbc))){
$nocm="y"; 
 $alerttxt="<div>Your text may containing words those are blocked by trickbd</div>";
}

$name=mysql_real_escape_string($name);
$namelw=strtolower($name);
$text=mention($text,"tpca{$bid}",$tbdid);
$text=mysql_real_escape_string($text);
$textlw=strtolower($text);
$spama=explode(',',adminset('18'));
$spamb=explode(',',adminset('19'));
if(adminset('20')=="1" && power($tbdid)<6) {

$text=str_ireplace($spama,$spamb,$text);

}
elseif(adminset('20')=="2" && power($tbdid)<6) {
$spamv=implode('|',$spama);
$txtrr=preg_replace('/[^a-zA-Z0-9.\/\/]/','',$text);
if(preg_match('/'.$spamv.'/',$txtrr)) {
return"<div class=\"alert\">Your text may b containing bad words or spam</div>";
$nocm="y"; $alerttxt="<div>Your text may b containing words those are blocked by trickworld24</div>";
}
}

$brwsr=mysql_real_escape_string(brwsr($tbdid));
if($nocm!="y" && uxist($tbdid)=="1" && tpcxist($bid)=="1" && uvld($tbdid)=="1" && uevld($tbdid)=="1") {
if((time()-lcmtime($tbdid))>adminset('21')) {
$cat=fcat($bid);
if(adminset("6")=="1") {$vld="2"; $xtra="<br/>Your comment is waiting for validation. 20 credits are deducted from your account. Dont worry , you will get 30 credits if Trickbd team approve your topic. ** Stay with us:)<br/>";} else {$vld="1";}
if(strlen($text)<adminset("12") || strlen($text)>adminset("13")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Text limit is ".adminset('12')."-".adminset('13')."</div>";}
else {
$sql=mysql_query("INSERT INTO tbd_topiccm(name,text,time,timex,vld,pnlty,view,byid,tpc,dx) VALUES('$name','$text','$time','$timex','$vld','1','0','$tbdid','$bid','$d')");
if(!$sql) {} else {
$tag="tpc{$bid}";
//start
$file=$_FILES['file']['name'];
$filesz=$_FILES['file']['size'];
if($filesz<=200000) {
$accept = array('jpg','png','gif','jpeg');
$extension = substr($file,strrpos($file,'.')+1);
$target="./pix/";
$rand=rand(1111111111,9999999999);
$target = $target ."tpccm".lasttpc('1').".".$extension; 
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
if(!in_array($extension,$accept)){

}
else {
if(move_uploaded_file($_FILES['file']['tmp_name'], $target)) 
{$img=mysql_real_escape_string("[br/][img=40=40]".$target."[/img]");
} else {} }
} else {}
//end
$lcmid=lcmid($tbdid,$bid);
$text=lcmtxt($tbdid,$bid).$img;
mysql_query("UPDATE tbd_topiccm SET text='$text' WHERE id=$lcmid ");
$coa=subcx($bid);
if($coa<2) {
$ntxtx=utxt($tbdid);
}
else {
$cob=$coa-1;
$ntxtx=utxt($tbdid)." & ".$cob." other";
}
$ntxt=$ntxtx." commented on this topic [tpc=".$bid."]".gntpc($bid)."[/tpc]";
if(isnoti($bid,"tpc",$tbdid)=="0") {

mysql_query("INSERT INTO notify(toid,name) VALUES('$tbdid','$tag') ");

}

mysql_query("UPDATE notify SET byid=$tbdid,text='$ntxt',time=$time,vld=2 WHERE name='$tag' AND byid!=$tbdid ");
if(strlen($text)>24) {$cr="5";} else {$cr="2";}
mysql_query("UPDATE tbd_topics SET o=$time WHERE id=$bid");
$crdt=adminset('22');
return "<meta http-equiv=\"refresh\" content=\"0;url=v.php?bid={$bid}\"/>".ac($tbdid,$crdt)."<div class=\"noti\"><img src=\"ok.png\" alt=\"o\">
Thank you ".utxt($tbdid).". your Comment updated.{$xtra}</div>";
}
} 
} else {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\">{$textvbc}{$alerttxt}<br/> Please wait ".adminset('21')." seconds of last comment</div>";}
} else {return  "<div class=\"alert\"><img src=\"x.png\" alt=\"x\">{$alerttxt}</div>";}
}
//
function editforum($name,$bid,$tbdid,$aid,$text) {

$tbdid=(int) $tbdid;
if(uxist($tbdid)=="1" && power($tbdid)=="10") {
$name=mysql_real_escape_string($name);
$namelw=strtolower($name);
$aid=(int) $aid;
$bid=(int) $bid; 
$ckk=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM forum WHERE lower(text)='$namelw' AND cat=$bid AND id!=$aid"));

if($bid!=0 && strlen($name)>2 && forumxist($aid)=="1" && uvld($tbdid)=="1" || uevld($tbdid)=="1") {
if($ckk[0]>0) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This forum already created pn this section</div>";} else {
$sql=mysql_query("UPDATE forum SET text='$name',name='$text',cat=$bid WHERE id=$aid");
if(!$sql) {} else {return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Forum Edited!</div>";}
}
}
} else {return false;}
}
//download
function addfile($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$name);
$name=strtolower($name);
$text=mysql_real_escape_string($text);
$bid=(int) $bid;
if(strlen($name)<5) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea']['name'];
$filesz=$_FILES['filea']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb']['name'],strrpos($_FILES['fileb']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec']['name'],strrpos($_FILES['filec']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}

function addfile2($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$_REQUEST["name2"]);
$name=strtolower($name);
$text=mysql_real_escape_string($_REQUEST["text2"]);
$bid=(int) $bid;
if(strlen($name)<5) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea2']['name'];
$filesz=$_FILES['filea2']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea2']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb2']['name'],strrpos($_FILES['fileb2']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec2']['name'],strrpos($_FILES['filec2']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb2']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec2']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}


function addfile3($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$_REQUEST["name3"]);
$name=strtolower($name);
$text=mysql_real_escape_string($_REQUEST["text3"]);
$bid=(int) $bid;
if(strlen($name)<5) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea3']['name'];
$filesz=$_FILES['filea3']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea3']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb3']['name'],strrpos($_FILES['fileb3']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec3']['name'],strrpos($_FILES['filec3']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb3']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec3']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}

function addfile4($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$_REQUEST["name4"]);
$name=strtolower($name);
$text=mysql_real_escape_string($_REQUEST["text4"]);
$bid=(int) $bid;
if(strlen($name)<5) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea4']['name'];
$filesz=$_FILES['filea4']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea4']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb4']['name'],strrpos($_FILES['fileb4']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec4']['name'],strrpos($_FILES['filec4']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb4']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec4']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}


function addfile5($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$_REQUEST["name5"]);
$name=strtolower($name);
$text=mysql_real_escape_string($_REQUEST["text5"]);
$bid=(int) $bid;
if(strlen($name)<5) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea5']['name'];
$filesz=$_FILES['filea5']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea5']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb5']['name'],strrpos($_FILES['fileb5']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec5']['name'],strrpos($_FILES['filec5']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb5']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec5']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}



////////
function addfileurl($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$name);
$name=strtolower($name);
$text=mysql_real_escape_string($text);
$bid=(int) $bid;
if(strlen($name)<6) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_REQUEST['url'];
$filesz=1000;
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."._".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!file_put_contents($target, file_get_contents($file))) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb']['name'],strrpos($_FILES['fileb']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec']['name'],strrpos($_FILES['filec']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}
//userfile
function addufile($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$name);
$name=strtolower($name);
$text=mysql_real_escape_string($text);
$bid=(int) $bid;
if(strlen($name)<6) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif($bid<101 || $bid>106) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid catagory</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea']['name'];
$filesz=$_FILES['filea']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=5000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./uswft/";
$targetb="./uswft/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
if(!move_uploaded_file($_FILES['filea']['tmp_name'], $targetb)) {} else {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb']['name'],strrpos($_FILES['fileb']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec']['name'],strrpos($_FILES['filec']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tb=mysql_real_escape_string(htmlspecialchars($tb));
$tc="./swft/{$name}{$rand}.prov";
$tc=mysql_real_escape_string(htmlspecialchars($tc));
if(!move_uploaded_file($_FILES['fileb']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec']['tmp_name'], $tc)) {
$bxx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}

//
function adddcat($name,$bid,$tbdid) {

$tbdid=(int) $tbdid;
if(uxist($tbdid)=="1" && power($tbdid)=="10") {
$name=mysql_real_escape_string($name);
$namelw=strtolower($name);

$bid=(int) $bid; 
$ckk=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dcat WHERE lower(name)='$namelw' AND cat=$bid"));

if($bid!=0 && strlen($name)>2) {
if($ckk[0]>0) {return "<div class=\"noti\"><img src=\"x.png\" alt=\"x\"/>This forum already created pn this section</div>";} else {
$sql=mysql_query("INSERT INTO dcat(text,cat) VALUES('$name','$bid')");
if(!$sql) {} else {return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Download sub-catagory addedadded!</div>";}
}
}
} else {return false;}
}
function editdcat($name,$bid,$tbdid,$aid) {

$tbdid=(int) $tbdid;
if(uxist($tbdid)=="1" && power($tbdid)=="10") {
$name=mysql_real_escape_string($name);
$namelw=strtolower($name);
$aid=(int) $aid;
$bid=(int) $bid; 
$ckk=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dcat WHERE lower(text)='$namelw' AND cat=$bid AND id!=$aid"));

if($bid!=0 && strlen($name)>2 && dcatxist($aid)=="1") {
if($ckk[0]>0) {return "<div class=\"noti\"><img src=\"x.png\" alt=\"x\"/>This forum already created pn this section</div>";} else {
$sql=mysql_query("UPDATE dcat SET text='$name',cat=$bid WHERE id=$aid");
if(!$sql) {return 'noo';} else {return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Forum edited!</div>";}
}
} else {}
} else {}
}
//cpanel
function cpass($a,$pass) {
$a=(int) $a;
if(preg_match('/[^a-zA-Z0-9]/',$pass)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Password allows a-z,A-Z,0-9</div>";
}
elseif(uvld($a)!="1" && uevld($a)!="1") {return "err usr";}
elseif((!preg_match('/[0-9]/',$pass)) || (!preg_match('/[a-zA-Z]/',$pass))) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>password shoud contain numberic and alphabatic</div>";
}
elseif(preg_match('/\'"`<>&=/si',$pass)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Html codes like [&gt; &lt; ' \" & =] not allowed</div>";
}
elseif(strlen($pass)<5 || strlen($pass)>25) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Password must 6-25</div>";

}

else {
$passmd=md5(strtolower($pass));
$bc=mysql_query("UPDATE tbd_user SET pass='$passmd' WHERE id=$a ");
if(!$bc) {return "err sql";} else {
echo "<br/><div class=\"noti\"><font color=\"red\">Password changed to {$pass}.</font></div><br/>";
$lpi=mysql_fetch_array(mysql_query("SELECT email FROM tbd_user WHERE id=$a"));
$timex=gmdate("d M,Y-l",time()+6*60*60);
$myemail=$lpi[0];
$subject="Password reset.";
$body="Your password changed to {$pass}\n From: ".brwsr($a)." \n On: {$timex}";
$mail=mail($myemail,$subject,$body,"From: admin@trickbd.com");
if(!$mail) {}
else {
}
}
}
}
function cemail($a,$email,$cemail) {
$a=(int) $a;

if(!preg_match('/[a-zA-Z0-9_\-.]+[@]+(yahoo)|(ymail)|(gmail)|(hotmail)|(live)|(rocketmail)|(facebook)|(aol)|(msn)+[.]+(com)|(net)|(info)|(co.uk)/',$email)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Email format not valid. we support only yahoo,ymail,gmail,hotmail,live,aol</div>";

}
elseif($email!=$cemail) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Confirm email doesnt match.!!</div>";

}
elseif(emailxist($email)=="1") {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This email exist.!!</div>";

}

else {
$rand=rand(111111,999999);

$myemail=$email;
$subject="Changing email";
$body="Dear ".utxt($tbdid).", Your confirmation code is ".$rand." \n or click here http://trickbd.com/confirm.php?ok=".$rand." \n if you face any problem just contact with site admin or call: +8801720319101";
$mail=mail($myemail,$subject,$body,"From: admin@trickbd.com");
if(!$mail) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>There was a problem to send you confirmation code. Please Contact with site admin or call +8801720319101</div>";

} else {
$bc=mysql_query("UPDATE tbd_user SET email='$email' WHERE id=$a ");
if(!$bc) {
return "error";
} else {
$xc="<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>A confirmation code was sent.</div>";
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Your new Email is : {$email}{$xc}</div>";

}
}

}
}
function stafflog($text,$a) {
$text=mysql_real_escape_string($text);
$a=(int) $a;
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
mysql_query("INSERT INTO stafflog(text,timex,byid) VALUES('$text','$timex','$a')");
$sl=mysql_query("SELECT id FROM tbd_user WHERE himzpwr>7");
while($ss=mysql_fetch_array($sl)) {
$sdf=mysql_fetch_array(mysql_query("SELECT stafflog FROM tbd_user WHERE id={$ss[0]}"));
$ssc=$sdf[0]+1;
$ssc=(int) $ssc;
mysql_query("UPDATE tbd_user SET stafflog=$ssc WHERE id={$ss[0]}");
}
}
//last topic id
function lasttpc($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT id FROM tbd_topics ORDER BY id DESC"));
return $gt[0];
}
function lasttpctime($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT time FROM tbd_topics WHERE byid=$a ORDER BY id DESC"));
return $gt[0];
}
//last comment id
function lcmid($a,$b) {
$a=(int) $a;
$b=(int) $b;
$gt=mysql_fetch_array(mysql_query("SELECT id FROM tbd_topiccm WHERE tpc=$b AND byid=$a ORDER BY id DESC"));
return $gt[0];
}
function lcmtxt($a,$b) {
$a=(int) $a;
$b=(int) $b;
$gt=mysql_fetch_array(mysql_query("SELECT text FROM tbd_topiccm WHERE tpc=$b AND byid=$a ORDER BY id DESC"));
return $gt[0];
}
function lcmtime($a) {
$a=(int) $a;

$gt=mysql_fetch_array(mysql_query("SELECT time FROM tbd_topiccm WHERE byid=$a ORDER BY id DESC"));
return $gt[0];
}
//isnoti
function isnoti($a,$b,$c) {
$a=(int) $a;
$c=(int) $c;
$d=$b.$a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE name='$d' AND toid=$c "));
return $xst[0];
}
function unvld($a) {
$a=(int) $a;
$c=(int) $c;
$d=$b.$a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE vld!=1 AND evld=1 "));
return $xst[0];
}
function unevld($a) {
$a=(int) $a;
$c=(int) $c;
$d=$b.$a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE evld!=1 "));
return $xst[0];
}

function untpcvld($a) {
$a=(int) $a;
$c=(int) $_SESSION['tRixbHimz'];
$dep=mysql_fetch_array(mysql_query("SELECT dep FROM tbd_user WHERE id=$c"));

if($a>0) {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE vld=2 AND pnlty=1 AND cat=$a"));

}
elseif($a=="0" && power($c)>8) {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE vld=2 AND pnlty=1 "));

}
else {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE vld=2 AND pnlty=1 AND cat={$dep[0]}"));
}
return $xst[0];
}

function untpcdlt($a) {
$a=(int) $a;
$c=(int) $c;
$d=$b.$a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE pnlty=4 "));
return $xst[0];
}
//
function pnlty($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT pnlty FROM tbd_user WHERE id=$a"));
return $gt[0];
}
function bantime($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT bantime FROM tbd_user WHERE id=$a"));
return $gt[0];
}
//edit profile
function ep($a,$b) {
$a=(int) $a;
$b=(int) $b;
if(uxist($a=="1") || uxist($b)=="1") {
$p1=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p1'])));
$p1=$p1;
$p2=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p2'])));
$p2=$p2;
$p3=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p3'])));
$p3=$p3;
$p4=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p4'])));
$p4=$p4;
$p5=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p5'])));
$p5=$p5;
$p6=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p6'])));
$p6=$p6;
$p7=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p7'])));
$p7=$p7;
$p8=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p8'])));
$p8=$p8;
$p9=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p9'])));
$p9=$p9;
$rpa=array(">","<","`","sex","order","****",'"',"'","=");
$rpb=array("&gt;","&lt;","","","ord-er","",""","'","=");

$text=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['text'])));

$text=strip_tags($text);
$p11=mysql_real_escape_string(trim(substr($text,0,240)));
$xi=(strlen($p1)*strlen($p2)*strlen($p3)*strlen($p4)*strlen($p5)*strlen($p6)*strlen($p7)*strlen($p8)*strlen($p9)*strlen($p11));
if($xi=="0") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>All fields required</div>";} 
else {
$bm=mysql_query("UPDATE tbd_profile SET fname='$p1',lname='$p2',home='$p3',city='$p4',country='$p5',zip='$p6',bkash='$p7',mob='$p8',fb='$p9',text='$p11' WHERE byid=$a");
if(!$bm) {} else { 
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>".utxt($a)." {$p1} ' s Profile updated</div>";
}
}
}
}
//lastcom

function cmlast($a) {
$a=(int) $a;
$rby=mysql_fetch_array(mysql_query("SELECT byid FROM tbd_topiccm WHERE tpc=$a ORDER BY id DESC "));
return $rby[0];
}
//countcoms
function comc($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_tpccm WHERE tpc=$a"));
return $xst[0];
}
//credit option

function c($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT credit FROM tbd_user WHERE id=$a"));
return $gt[0];
}
function ac($a,$b) {

$a=(int) $a;
$b=(int) $b;
$c=c($a)+$b;
$c=(int) $c;
if(uxist($a)=="1") {
$gt=mysql_fetch_array(mysql_query("UPDATE tbd_user SET credit=$c WHERE id=$a"));
return "";
} else {return false;}
}
function dc($a,$b) {

$a=(int) $a;
$b=(int) $b;
$c=c($a)-$b;
$c=(int) $c;
if(uxist($a)=="1" && c($a)>$b) {
$gt=mysql_fetch_array(mysql_query("UPDATE tbd_user SET credit=$c WHERE id=$a"));
return "";
} else {return false;}
}
//time
function gtime($xtime) {
$cur_tm = time(); $dif = $cur_tm-$xtime;
   $pds = array('second','minute','hour','day','week','month','year','decade');
   $lngh = array(1,60,3600,86400,604800,2630880,31570560,315705600);
   for($v = sizeof($lngh)-1; ($v >= 0)&&(($no = $dif/$lngh[$v])<=1); $v--); if($v < 0) $v = 0; $_tm = $cur_tm-($dif%$lngh[$v]);

   $no = floor($no); if($no <> 1) $pds[$v] .='s'; $x=sprintf("%d %s ",$no,$pds[$v]);
   if(($rcs == 1)&&($v >= 1)&&(($cur_tm-$_tm) > 0)) $x = time_ago($_tm);
   return "<small>".$x." ago</small>";
}
//online
function online($a,$b) {
$a=(int) $a;
$b=(int) $b;
$bx=time()-$b;
$bx=(int) $bx;
if($a=="1") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE otime>$bx"));
}
elseif($a=="2") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE otime>$bx AND himzpwr>6"));

}
elseif($a=="4") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE himzpwr=4"));

}

elseif($a=="5") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE himzpwr=5"));

}

elseif($a=="6") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE himzpwr>6"));

}

elseif($a=="7") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user"));

}
elseif($a=="7") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM follow WHERE "));

$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user"));

}
return $xst[0];
}
function gonline($b) {
$a=(int) $a;
$b=(int) $b;
$bx=time()-$b;
$bx=(int) $bx;

$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM brwsr WHERE time>$bx"));

return $xst[0];

}
function addon($a,$b) {
$time=time();
$a=(int) $a;
$b=$b;
$brws=mysql_real_escape_string(brws($_SERVER["HTTP_USER_AGENT"]));
$ip=mysql_real_escape_string(brws($_SERVER["REMOTE_ADDR"]));
if(uxist($a)=="1") {

mysql_query("UPDATE tbd_user SET otime=$time,oloc='$b',brwsr='$brws',ip='$ip' WHERE id=$a");
}
else {
$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM brwsr WHERE text='$brws' AND byid=$a"));
if($bc[0]=="0") {
mysql_query("INSERT INTO brwsr(text,byid,time) VALUES('$brws','$a','$time')");
}
else {
mysql_query("UPDATE brwsr SET time=$time WHERE byid=$a");

}
}
}
//browser filter
function brws($a) {
$a=htmlspecialchars($a);
$a=mysql_real_escape_string($a);
return $a;
}
//userexist
function uxist($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE id=$a"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
function emailxist($a) {
$a= mysql_real_escape_string($a);
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE email='$a'"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
//profile
function p($a,$c,$b) {
$a=(int) $a;
$b=(int) $b;
$c=(int) $c;
$gt=mysql_fetch_array(mysql_query("SELECT fname, lname, home, city, country, zip, bkash, mob, fb, text FROM tbd_profile WHERE byid=$a"));
$gtx=mysql_fetch_array(mysql_query("SELECT email FROM tbd_user WHERE id=$a"));
if($b=="1") {
return $gt[0];
}
elseif($b=="10") {
return $gt[1];
}
elseif($b=="2") {
return $gt[2];
}
elseif($b=="3") {
return $gt[3];
}
elseif($b=="4") {
return $gt[4];
}
elseif($b=="5") {
return $gt[5];
}
elseif($b=="6"  && (power($c)=="10" || $a==$c)) {
return $gt[6];
}
elseif($b=="6"  && (power($c)!="10" || $a!=$c)) {
return "Permission denied!";
}
elseif($b=="7"  && (power($c)=="10" || $a==$c)) {
return $gt[7];
}
elseif($b=="7"  && (power($c)!="10" || $a!=$c)) {
return "Permission denied!";
}
elseif($b=="8") {
return $gt[8];
}
elseif($b=="9"  && (power($c)=="10" || $a==$c)) {
return $gtx[0];
}
elseif($b=="9"  && (power($c)!="10" || $a!=$c)) {
return "Permission denied!";
}
elseif($b=="11") {
return $gt[9];
}
else {return false;}

}
//forum xist
function forumxist($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM forum WHERE id=$a"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
function filexist($a) {
$a=strtolower($a);
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dlist WHERE lower(name)='$a'"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
function filexist2($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dlist WHERE id=$a"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
function filepnlty($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT pnlty FROM dlist WHERE id=$a"));
return $xst[0];
}
function filevld($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT vld FROM dlist WHERE id=$a"));
return $xst[0];
}

function dcatxist($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dcat WHERE id=$a"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
//user
function uvld($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT vld FROM tbd_user WHERE id=$a"));
return $xst[0];
}
function uevld($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT evld FROM tbd_user WHERE id=$a"));
return $xst[0];
}

//frnd
function isfrnd($a,$b) {
$a=(int) $a;
$b=(int) $b;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM follow WHERE (byid=$a AND toid=$b) OR (byid=$b AND toid=$a)" ));
if($xst[0]=="0") {return "2";} else {return "1";}
}
function isreqme($a,$b) {
$a=(int) $a;
$b=(int) $b;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM follow WHERE byid=$b AND toid=$a AND vld=2"));
if($xst[0]!="1") {return "2";} else {return "1";}

}
function allreq($a) {
$a=(int) $a;
$b=(int) $b;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM follow WHERE toid=$a AND vld>1"));
return $xst[0];
}

function tpcxist($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE id=$a"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
function tpcpnlty($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT pnlty FROM tbd_topics WHERE id=$a"));
return $xst[0];
}
function tpcvld($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT vld FROM tbd_topics WHERE id=$a"));
return $xst[0];
}
function tpcbyu($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE byid=$a AND vld=1 "));
return $xst[0];

}
function tpccbyu($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topiccm WHERE byid=$a AND vld=1 "));
return $xst[0];

}
//
function ulink($a) {
$a=(int) $a;

if(uxist($a)=="1") {

$info=mysql_fetch_array(mysql_query("SELECT name FROM tbd_user WHERE id=$a"));

return "<a href=\"profile.php?action=about&aid={$a}\">{$info[0]}</a>".urank($a)."";} else {return "guest";}
}
function smiley($a) {
$sqls = "SELECT fname,lname FROM smiley";
  $smilies = mysql_query($sqls);
  while($smilie=mysql_fetch_array($smilies))
  {
    $scode = $smilie[0];
    $spath = $smilie[1];
    $text = str_replace($scode,"<img src='sm/$spath' alt='$scode'/>",$text);
  }
  return $text;

}
function uirank($a) {
$a=(int) $a;

if(uxist($a)=="1") {
if(power($a)=="4") {return "<img src=\"img/vip.png\"/>";}
elseif(power($a)=="5") {return "<img src=\"img/premium.png\"/>";}
elseif(power($a)=="8") {return "<img src=\"img/moderator.png\"/>";}
elseif(power($a)=="9") {return "<img src=\"img/admin.png\"/>";}
elseif(power($a)=="10") {return "<img src=\"img/president.png\"/>";}
else {}
}
}
function urank($a) {
$a=(int) $a;

if(uxist($a)=="1") {
if(power($a)=="4") {return "(<font color=\"black\">Vip</font>)";}
elseif(power($a)=="5") {return "(<font color=\"green\">Premium</font>)";}
elseif(power($a)=="8") {return "(<font color=\"orange\">Moderator</font>)";}
elseif(power($a)=="9") {return "(<font color=\"blue\">Global Admin</font>)";}
elseif(power($a)=="10") {return "(<font color=\"red\">President</font>)";}
else {return "";}
}
}
function lctime($a) {
$a=(int) $a;
$info=mysql_fetch_array(mysql_query("SELECT time FROM tbd_topiccm WHERE tpc=$a ORDER BY id DESC"));

return $info[0];
}
//
//
function utxt($a) {
$a=(int) $a;

if(uxist($a)=="1") {
$info=mysql_fetch_array(mysql_query("SELECT name FROM tbd_user WHERE id=$a ORDER BY id DESC"));

return $info[0];} else {return "guest";}
}
//
function upsts($text,$tbdid) {
$tbdid=(int) $tbdid;
if(uxist($tbdid)=="1") {
$time=time();
$timex=gmdate("d M,Y-l",time()+6*60*60);

if(adminset("9")=="1") {$vld="2"; $s="Your status awaiting for moderation.";} else {$vld="1";}
if(pnlty($tbdid)=="3") { return "<div class=\"noti\"><img src=\"x.png\" alt=\"x\">You are post banned</div>";} 
elseif(strlen($text)<adminset("7") || strlen($text)>adminset("8") ) { return "<div class=\"noti\"><img src=\"x.png\" alt=\"x\">Invalid lenght. Text must ".adminset('7')."-".adminset('8')."</div>";}
else {
$sql=mysql_query("INSERT INTO status(name,text,time,timex,vld,pnlty,o,view) VALUES('$tbdid','$text','$time','$timex','$vld','1','time','0')");
if(!$sql) {} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\">Thank you ".utxt($tbdid).". your status updated.{$s}</div>";
}
}
} else {return false;}
}
//icon
function giforum($a) {
$a=(int) $a;
/*
if($a=="8") {return "<img src=\"game.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="1") {return "<img src=\"apps.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="2") {return "<img src=\"internet.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="3") {return "<img src=\"mbl.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="4") {return "<img src=\"computer.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="5") {return "<img src=\"script.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="6") {return "<img src=\"rlg.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="7") {return "<img src=\"buy.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="9") {return "<img src=\"other.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="10") {return "<img src=\"help.png\" width=\"25px\" height=\"25px\"/>";}
*/
$fmenu=mysql_fetch_array(mysql_query("SELECT cat FROM fmenu WHERE id=$a"));

return "<img src=\"{$fmebu[0]}\" width=\"25px\" height=\"25px\"/>";

}
//frmcat name
function gnforum($a) {
$a=(int) $a;
/*
if($a=="8") {return "Gaming zone";}
elseif($a=="1") {return "Java Zone";}
elseif($a=="2") {return "Symbian Zone";}
elseif($a=="3") {return "Android Zone";}
elseif($a=="4") {return "Pc Zone";}
elseif($a=="5") {return "Coding Zone";}
elseif($a=="6") {return "Religious Portal";}
elseif($a=="7") {return "Buy & Sell";}
elseif($a=="9") {return "Open Talk";}
elseif($a=="10") {return "Help Desk";}
*/
$fmenu=mysql_fetch_array(mysql_query("SELECT name,text,cat FROM fmenu WHERE id=$a"));

return giforum($fmenu[2])." {$fmenu[0]}<br/><font color=\"gray\"/>{$fmenu[1]}</font>";

}
function fmenu($a,$b) {
$a=(int) $a;
$b=(int) $b;
if(power($b)=="10")  {$e="<a href=\"index.php?action=editfmenu&aid=$a\">E</a>";} else {$e="";}

$fmenu=mysql_fetch_array(mysql_query("SELECT * FROM fmenu WHERE id=$a"));
if($fmenu['vld']!=2 || power($b)=="10"){
return "<div class=\"mainblok\"><table width=\"100%\"><td width=\"30px\"><img src=\"{$fmenu['cat']}\" width=\"25px\" height=\"25px\"/></td><td> <a href=\"forum.php?aid=$a\">{$fmenu['name']}</a><span id=\"a1\"></span><div><span class=\"gray\">{$fmenu['text']}<br/>Forum: ".frmcount($a)." Topic: ".tpccount($a)."</span>{$e}</div></td></table></div>";
} 
else {
return "";
}

}

function dmenu($a,$b) {
$a=(int) $a;
$b=(int) $b;
if(power($b)=="10")  {$e="<a href=\"index.php?action=editdmenu&aid=$a\">E</a>";} else {$e="";}

$dmenu=mysql_fetch_array(mysql_query("SELECT * FROM dmenu WHERE id=$a"));
if($dmenu['vld']!=2 || power($b)=="10"){
return "<div class=\"listx\"><table width=\"100%\"><td width=\"30px\"><img src=\"{$dmenu['cat']}\" width=\"25px\" height=\"25px\"/></td><td> <a href=\"download.php?aid=$a\">{$dmenu['name']}<span id=\"a1\"></a></span><div><span class=\"gray\">{$dmenu['text']}</span>{$e}</div></td></table></div>";
}
else {
return "";
}

}
//icon
function gidcat($a) {
$a=(int) $a;
/*
if($a=="8") {return "<img src=\"game.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="1") {return "<img src=\"mbl.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="2") {return "<img src=\"internet.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="3") {return "<img src=\"computer.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="4") {return "<img src=\"script.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="5") {return "<img src=\"apps.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="6") {return "<img src=\"rlg.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="7") {return "<img src=\"buy.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="9") {return "<img src=\"other.png\" width=\"25px\" height=\"25px\"/>";}
*/
$dmenu=mysql_fetch_array(mysql_query("SELECT cat FROM dmenu WHERE id=$a"));

return "<img src=\"{$dmenu[0]}\" width=\"25px\" height=\"25px\"/>";
}
//frmcat name
function gndcat($a) {
$a=(int) $a;
/*
if($a=="1") {return "Mobile software";}
elseif($a=="2") {return "Free internet software";}
elseif($a=="3") {return "Computer software";}
elseif($a=="4") {return "Games";}
elseif($a=="5") {return "utilities";}
elseif($a=="6") {return "Music zone";}
elseif($a=="7") {return "Video portal";}
elseif($a=="8") {return "Wallpaper";}
elseif($a=="9") {return "Themes";}
*/
$dmenu=mysql_fetch_array(mysql_query("SELECT name,text,cat FROM dmenu WHERE id=$a"));

return gidcat($dmenu[2])." {$dmenu[0]}<br/><font color=\"gray\"/>{$dmenu[1]}</font>";

}
function gnfmenu($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT name FROM fmenu WHERE id=$a"));
return $b[0];

}
function gnforum2($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT text FROM forum WHERE id=$a"));
return $b[0];

}
function gndcat2($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT text FROM dcat WHERE id=$a"));
return $b[0];

}
function gntpc($a) {
$a=(int) $a;
if(tpcxist($a)=="1") {
$b=mysql_fetch_array(mysql_query("SELECT name FROM tbd_topics WHERE id=$a"));
return $b[0];
} else { return "{$a} Topic deleted";}

}
function lctpc($a,$b) {
$a=(int) $a;
$b=$b;
if(tpcxist($a)=="1" && $b=="like") {
$l=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tpclike WHERE vld=1 AND toid=$a"));
}
if(tpcxist($a)=="1" && $b=="dislike") {
$l=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tpclike WHERE vld=2 AND toid=$a"));
}
return $l[0];
}
function lctpccm($a,$b) {
$a=(int) $a;
$b=$b;
if($b=="like") {
$l=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tpccmlike WHERE vld=1 AND toid=$a"));
}
if($b=="dislike") {
$l=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tpccmlike WHERE vld=2 AND toid=$a"));
}
return $l[0];
}

function notify($a) {


}
function notifyxit($a,$b,$c) {
$a=(int) $a;
$b= $b;
$d=$b.$a;
$bc=mysql_query("UPDATE notify SET vld=1 WHERE name='$d' AND toid=$c ");
return "";

}
function frmcount($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM forum WHERE cat=$a"));
return $b[0];

}

function msgcount($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM msg WHERE toid=$a AND vld=2"));
return $b[0];

}
function inboxcount($a,$b) {
$a=(int) $a;
$b=(int) $b;

$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM inbox WHERE toid=$a AND byid=$b AND vld=2"));
return $bc[0];

}
function ufilec($a,$b) {
$a=(int) $a;
$b=(int) $b;

$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dlist WHERE byid=$a AND dcat=$b AND vld=2"));
return $bc[0];

}
function tpccount($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE cat=$a AND vld=1 AND pnlty!=4"));
return $b[0];

}
function ignored($a) {
$a=(int) $a;
$bx=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE pnlty=2"));
return $bx[0];

}
function myignored ($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE pnlty=2 AND byid=$a"));
return $b[0];

}
function myunvld ($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE pnlty=1 AND vld=2 AND byid=$a"));
return $b[0];

}
function fcat($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT cat FROM forum WHERE id=$a"));
return $b[0];
}

//subscribe
function subc($a) {
$a=(int) $a;

$tag="tpc".$a;
if(tpcxist($a)=="1") {
$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE name='$tag'"));

return "<a style=\"color:#EDB431;\" href=\"list.php?action=tpcsub&bid=$a\">{$bc[0]} subscribers</a>";


} else {return "";}
}
function subcx($a) {
$a=(int) $a;

$tag="tpc".$a;

$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE name='$tag'"));
return $bc[0];
}

function subs($a,$b) {
$a=(int) $a;
$b=(int) $b;
$tag="tpc".$b;
if(uxist($a)=="1") {
$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE toid=$a AND name='$tag'"));
if($bc[0]=="0") {
return "<a style=\"color:#EDB431;\" href=\"v.php?action=subs&bid=$b\">Subscribe</a>";
}
else {
return "<a style=\"color:#EDB431;\" href=\"v.php?action=unsubs&bid=$b\">Unsubscribe</a>";

}
} else {return "";}
}

function subadd($a,$b) {
$a=(int) $a;
$b=(int) $b;
$tag="tpc".$b;
if(uxist($a)=="1") {
$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE toid=$a AND name='$tag'"));
if($bc[0]=="0") {
$s=mysql_query("INSERT INTO notify(toid,name) VALUES('$a','$tag')");
if(!$s) {} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/> You are now in this thread.</div>";
}
}
else {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>You can not subscribe to this thread coz you are already subscribed to this.</div>";

}
} 
}
function unsub($a,$b) {
$a=(int) $a;
$b=(int) $b;
$tag="tpc".$b;
if(uxist($a)=="1") {
$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE toid=$a AND name='$tag'"));
if($bc[0]!="0") {
$s=mysql_query("delete FROM notify WHERE toid=$a AND name='$tag'");
if(!$s) {} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/> You are now out of this thread.</div>";
}
}
else {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>You can not unsubscribe to this thread coz you are not subscribed to this.</div>";

}
} 
}
function pphoto($a) {
$a=(int) $a;
$s=mysql_fetch_array(mysql_query("SELECT pphoto FROM tbd_user WHERE id=$a"));
if(file_get_contents($s[0])==true) {
return $s[0];
}
else {
return "nopphoto.jpg";
}
}

function lastreg($a) {
$a=(int) $a;
$s=mysql_fetch_array(mysql_query("SELECT id FROM tbd_user WHERE vld=1 AND pnlty=1 ORDER BY id DESC"));
RETURN ulink($s[0]);
}
function lastlog($a) {
$a=(int) $a;
$s=mysql_fetch_array(mysql_query("SELECT id FROM tbd_user WHERE vld=1 AND pnlty=1 ORDER BY logtime DESC"));
RETURN ulink($s[0]);
}
function code($txt,$a,$b) {
$a=(int) $a;
$b=(int) $b;
$aid=(int) $_GET['aid'];
$bid=(int) $_GET['bid'];

$rplca=array(
'@\[(?i)tpc=(.*?)\](.*?)\[/(?i)tpc\]@si',
'@\[(?i)img=(.*?)=(.*?)\](.*?)\[/(?i)img\]@si',
'@\[(?i)img\](.*?)\[/(?i)img\]@si',
'@\[(?i)fimg=(.*?)\]@si',
'@\[(?i)b\](.*?)\[/b\]@si',
'@\[(?i)noti\](.*?)\[/noti\]@si',
'@\[(?i)u\](.*?)\[/u\]@si',
'@\[(?i)left\](.*?)\[/left\]@si',
'@\[(?i)right\](.*?)\[/right\]@si',
'@\[(?i)center\](.*?)\[/center\]@si',
'@\[(?i)sub\](.*?)\[/sub\]@si',
'@\[(?i)sup\](.*?)\[/sup\]@si',
'@\[(?i)s\](.*?)\[/s\]@si',
'@\[(?i)c=(.*?)\](.*?)\[/c\]@si',
'@\[(?i)opc=(.*?)\](.*?)\[/opc\]@si',
'@\[(?i)sd=(.*?)\](.*?)\[/sd\]@si',
'@\[(?i)dot=(.*?)\](.*?)\[/dot\]@si',
'@\[(?i)dash=(.*?)\](.*?)\[/dash\]@si',
'@\[(?i)solid=(.*?)\](.*?)\[/solid\]@si',
'@\[(?i)bg=(.*?)\](.*?)\[/bg\]@si',
'@%(.*?) @si',
'@\[(?i)user=(.*?)\](.*?)\[/(?i)user\]@si',
'@\[(?i)q=(.*?)\](.*?)\[/(?i)q\]@si',
'@\[(?i)url=(.*?)\](.*?)\[/(?i)url\]@si',
'@\[br/\]@si',
'@\[m\]@si',
'@\[(?i)f=(.*?)\](.*?)\[(?i)/f\]@si',
'@\[reply\]@i',
'@\[(?i)y\](.*?)\[/y\]@si'
);
$rplcb=array(
"<a href='v.php?bid=$1&ok=n'>$2</a>",
'<a href="imgview.php?img=$3"><img src="$3" style="width:$1px; height:$2px;"/></a>',
'<a href="imgview.php?img=$1"><img src="$1" onmouseover="object.style.maxWidth=\'1000px\'" style="width:140px; height:160px;"/></a>',
'<a href="imgview.php?img=bbimg/$1.jpg"><img onmouseover="object.style.maxWidth=\'1000px\'" src="bbimg/$1.jpg" style="max-width:240px; max-height:320px;"/></a>',
'<b>\\1</b>',
'<a href="notifications.php">\\1</a>',
'<u>\\1</u>',
'<div align="left">\\1</div>',
'<div align="right">\\1</div>',
'<div align="center">\\1</div>',
'<sub>\\1</sub>',
'<sup>\\1</sup>',
'<s>\\1</s>',
'<span style="color:\\1">\\2</span>',
'<span style="opacity:\\1">\\2</span>',
'<span style="text-shadow:2px 2px \\1">\\2</span>',
'<span style="border:1px dotted \\1">\\2</span>',
'<span style="border:1px dashed \\1">\\2</span>',
'<span style="border:1px solid \\1">\\2</span>',
'<span style="background-color:\\1">\\2</span>',
'<a href="search.php?text=\\1">%\\1</a> ',
'<a href="profile.php?aid=\\1">\\2</a>',
'<div class=\"listx\"><font color="#222">\\2</font></div>',
'<a href="$1">$2</a>',
'<br/>',
ulink($b),
'<a href="dv.php?bid=\\1">\\2</a>',
'<form enctype="multipart/form-data" action="v.php?action=comment&bid='.$a.'&ok=ok" method="post"><div class="bly" style="width:50%"><div class="bar4">Quick reply</div>
<input type="text" name="text" value="@'.utxt($b).' "/><br/><input type="submit" value="Reply me"/></form></div>',
'  <div class="my_modal_open" id="my_modal"><div onclick="youtube(\'$1\')" class="youtube" id="$1"><object width="225" height="150">
  <param name="movie" value="http://www.youtube.com/v/$1" />
  <param name="wmode" value="transparent" />
  <embed src="http://www.youtube.com/v/$1"
         type="application/x-shockwave-flash"
         wmode="transparent" width="225" height="150" />
</object><a href="http://ssyoutube.com/watch/?v=$1">3gp</a>|<a href="">Mp3</a></div></div>'
);
return preg_replace($rplca,$rplcb,$txt);
}
function makelink($text) {
$text=" {$text} ";
$text=str_replace(array(' www.',' wap.'),array(' http://www.',' http://wap.'),$text);;
// The Regular Expression filter
$reg_exUrl = "/( http| https)\:\/\/[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,4}(\/\S*)?/si";
$reg_exUrlx = "/( www| wap)\.[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,4}(\/\S*)?/si";
$uu=array($reg_exUrl,$reg_exUrlx);
// The Text you want to filter for urls
$text =$text;

// Check if there is a url in the text
if(preg_match($reg_exUrl, $text, $url)) {
$urlz=str_replace(" ","",$url[0]);
       // make the urls hyper links
	    $tts= preg_replace($uu, "<a href=\"{$urlz}\">{$urlz}</a> ", $text);

}
else {$tts=$text;}


 return $tts;
}
function mention($text,$tag,$tbdid) {
$text=mysql_real_escape_string($text);
/*
preg_match('/@[a-zA-Z0-9]+/',$text,$u);
$ux=strtolower(preg_replace('/[^a-zA-Z0-9\-_]/','',$u[0]);
*/
$us=mysql_query("SELECT name,id FROM tbd_user");
while($usr=mysql_fetch_array($us)) {
$ust="/@".$usr[0]." /";
if(!preg_match(strtolower($ust),strtolower($text)) && $tbdid!=$usr[1]) {}
else {
$text=preg_replace($ust,"[user={$usr[1]}]{$usr[0]}[/user] ",$text);
$tag=$tag;
$tagx=preg_replace('/[^0-9]/','',$tag);
$tagx=(int) $tagx;
$ntxt=utxt($tbdid)." mentioned You in a Topic [tpc={$tagx}][b]".gntpc($tagx)."[/b][/tpc].";
$tpcow=$usr[1];
 

mysql_query("INSERT INTO notify(text,toid,byid,time,vld,name) VALUES('$ntxt','$tpcow','$tbdid','$time','2','$tag')");

}
}
return $text;
}
function brw($a) {
$a=(int) $a;
$br=mysql_real_escape_string(htmlspecialchars($_SERVER['HTTP_USER_AGENT']));
$br=preg_replace('/[^a-zA-z0-9\.\-\/_]/','',$br);
return $br;
}

function brwsr($a) { 
	  $a=(int) $a;
	  $gb=mysql_fetch_array(mysql_query("SELECT brwsr FROM tbd_user WHERE id=$a"));
         $userAgent = strtolower($gb[0]);

         // Identify the browser. Check Opera and Safari first in case of spoof. Let Google Chrome be identified as Safari. 
         if (preg_match('/opera mini/', $userAgent)) { 
		  preg_match("/ mini\/[0-9].[0-9]/",$userAgent,$cx);
             $name = 'Opera '.$cx[0]; 
         } 
         elseif (preg_match('/webkit/', $userAgent)) { 
             $name = 'safari'; 
         } 
          elseif (preg_match('/opera/', $userAgent)) { 
		
             $name = 'Opera'; 
         } 
         elseif (preg_match('/msie/', $userAgent)) { 
             $name = 'msie'; 
         } 
         elseif (preg_match('/mozilla/', $userAgent) && !preg_match('/compatible/', $userAgent)) { 
             $name = 'mozilla'; 
         } 
         else { 
           $a=$userAgent;
		 
		   preg_match("/(.*?)\//",$a,$p);
			
			$name=$p[0];
         } 

         // What version? 
         if (preg_match('/.+(?:rv|it|ra|ie)[\/: ]([\d.]+)/', $userAgent, $matches)) { 
             $version = $matches[1]; 
         } 
         else { 
             $version = 'unknown'; 
         } 

         // Running on what platform? 
         if (preg_match('/linux/', $userAgent)) { 
             $platform = 'linux'; 
         } 
         elseif (preg_match('/macintosh|mac os x/', $userAgent)) { 
             $platform = 'mac'; 
         } 
         elseif (preg_match('/windows nt 5/', $userAgent)) { 
             $platform = 'windows XP'; 
         } 
		  elseif (preg_match('/windows nt 6/', $userAgent)) { 
             $platform = 'windows 7'; 
         }
		  elseif (preg_match('/j2me/', $userAgent)) { 
             $platform = 'Java Platform'; 
         }
		  elseif (preg_match('/series/', $userAgent)) { 
             $platform = 'Symbian Platform'; 
         }
		  elseif (preg_match('/midp/', $userAgent)) { 
             $platform = 'Java Platform'; 
         }
         else { 
             $platform = 'unrecognized'; 
         } 

    
 return '|Â» Browser: '.$name.'<br/>|Â» version: '.$version.'<br/>|Â» OS: '.$platform; 
} 

?>

**gammz** · 21.12.13, 08:03

Originally posted by shohel View Post

Code:

<?php
session_start();
error_reporting(0);
$xdb="2";
if($xdb=="1") {
$dbhost='localhost';
$dbuser='*******';
$dbname='******';
$dbpass='*******';
} elseif($xdb=="2") {
$dbuser='*******';
$dbname='******';
$dbpass='*******';
else {
$dbhost='localhost';
$dbuser='*******';
$dbname='******';
$dbpass='*******';}
    $con = @mysql_connect($dbhost,$dbuser,$dbpass);
    if(!$con) {echo "We are updating site. Please try again few minutes later. Thank you."; exit();} else {}
    $conx = @mysql_select_db($dbname);
    if(!$conx) {} else {
    }
	$rpa=array("`","sex","order","****");
$rpb=array("","","ord-er","");
$himel=$_GET['himel'];
$timeex=time()+365*30*24*60*60;

if(strlen($himel)>5) {
setcookie("cp",$himel,$timeex);
header("Location: index.php");}
$cook=mysql_real_escape_string($_COOKIE['cp']);
if(strlen($cook)>10 && $cook!="no") {
$guc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE cookie='{$cook}'"));
if($guc[0]=="1") {
$gucid=mysql_fetch_array(mysql_query("SELECT id,pnlty FROM tbd_user WHERE cookie='{$cook}'"));
$cookid=(int) $gucid[0];
} else {
$cookid="0";
}
}
$cookid=(int) $cookid;

if(uxist($cookid)=="1" && $cookid>0) {
$tbdid=$cookid;
} else {
$tbdid=mysql_real_escape_string($_SESSION['tRixbHimz']);
}

$tbdid=(int) $tbdid;
$pn=mysql_fetch_array(mysql_query("SELECT pnlty FROM tbd_user WHERE id=$tbdid"));
if($pn[0]=="4" || $gucid[1]=="4") {
header("Location: ban.php");
exit();
}
$aid=mysql_real_escape_string($_REQUEST['aid']);
$aid=preg_replace('/[^0-9]/','',$aid);
$aid=str_replace(".","",$aid);
$aid=(int) $aid;
$bid=mysql_real_escape_string($_REQUEST['bid']);

$bid=preg_replace('/[^0-9]/','',$bid);
$bid=str_replace(".","",$bid);
$bid=(int) $bid;
$cid=mysql_real_escape_string($_REQUEST['cid']);
$cid=preg_replace('/[^0-9]/','',$cid);
$cid=str_replace(".","",$cid);
$cid=(int) $cid;


$action=mysql_real_escape_string(strtolower($_REQUEST['action']));
$action=preg_replace('/[^a-z0-9]/si','',$action);
$ok=mysql_real_escape_string(strtolower($_REQUEST['ok']));
$ok=preg_replace('/[^a-z0-9]/si','',$ok);
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);

$text=trim($_REQUEST['text']);
$text = $text;
$text=mysql_real_escape_string(strip_tags(htmlspecialchars($text)))." ";
$text=str_replace('\r\n','[br/]',$text);
$name=mysql_real_escape_string(trim($_REQUEST['name']));
$name=htmlspecialchars($name);
$name=strip_tags($name);
$pass=mysql_real_escape_string(htmlspecialchars($_REQUEST['pass']));
$emaila=mysql_real_escape_string(htmlspecialchars(trim($_REQUEST['emaila'])));
$emaila=preg_replace('/[^a-zA-Z0-9\-\_.]/','',$emaila);
$emailb=mysql_real_escape_string(htmlspecialchars(trim($_REQUEST['emailb'])));
$emailb=preg_replace('/[^a-zA-Z0-9.]/','',$emailb);
$email=$emaila."@".$emailb;

$cemail=mysql_real_escape_string($_REQUEST['cemail']);
$cemail=preg_replace('/[^a-zA-Z0-9_.\-@]/si','',$cemail);

//reg
function himzreg($name,$pass,$email,$cemail,$fb,$age) {
$time=time();
$timex=gmdate("d M,Y-l",time()+6*60*60);
$name=strtolower($name);
$pass=strtolower($pass);
$passmd=md5($pass);
$emailap=mysql_real_escape_string(htmlspecialchars(trim($_REQUEST['emaila'])));
$emaila=preg_replace('/[^a-zA-Z0-9\-\_.]/','',$emailap);
$emailb=mysql_real_escape_string(htmlspecialchars(trim($_REQUEST['emailb'])));
$emailb=preg_replace('/[^a-zA-Z0-9.]/','',$emailb);
$email=$emaila."@".$emailb;

$email=strtolower($email);
$emailallow=explode(',',adminset("24"));
$checkuser=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE lower(name)='$name'"));
$checkemail=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE lower(email)='$email'"));
if(adminset("2")=="1") {
$rand=rand(111111,999999);
$evld=$rand;
}
else {$evld="1"; }
if(adminset("3")=="1") {
$vld="2";
}
else {$vld="1";}


if(preg_match('/[^a-zA-Z0-9_\-]/',$name)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Username containing unsupported characters.Allowed chs are a-z,A-Z,0-9,_-</div>";
}

elseif(strlen($name)<4) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Username can not be less than 4 ch</div>";
}
elseif(preg_match('/[^a-zA-Z0-9]/',$pass)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Password allows a-z,A-Z,0-9</div>";
}
elseif(strlen($pass)<6) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Password not less than 6 ch</div>";
}

elseif(strlen($name)>25) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Username can not be more than 20 ch.</div>";
}

elseif(strlen($pass)>25) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>pass can not be more than 20 ch.</div>";
}

elseif((!preg_match('/[0-9]/',$pass)) || (!preg_match('/[a-zA-Z]/',$pass))) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>password shoud contain numberic and alphabatic</div>";
}
elseif(preg_match('/\'"`<>&=/si',$pass)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Html codes like [&gt; &lt; ' \" & =] not allowed</div>";
}

//elseif(!preg_match('/[a-zA-Z0-9_\-.]+[@]+(yahoo)|(ymail)|(gmail)|(hotmail)|(live)|(rocketmail)|(facebook)|(aol)|(ovi)|(nokiamail)|(msn)+[.]+(com)|(net)|(info)|(co.uk)/',$email)) {
//return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Email format not valid. we support only yahoo,ymail,gmail,hotmail,live,aol</div>";

//}

elseif(strlen($emailap)<4) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Email is too short.</div>";
}
elseif((preg_match('/[^a-zA-Z0-9\-_.]/',$emailap))) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid character in Email.</div>";
}
elseif(!in_array($emailb,$emailallow)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Email format <b>{$email}</b> not valid. we support only ".adminset('24')."</div>";
}
//elseif(strtolower($email)!=strtolower($cemail)) {
//return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Confirm email does not match.!!</div>";

//}
elseif($checkuser[0]>0) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Username taken...</div>";
}
elseif($checkemail[0]>0) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Email registerred.Select lost password option..</div>";
}
else {
$name=preg_replace('/[^a-zA-Z0-9\-_]/si','',$name);

$sql=mysql_query("INSERT INTO tbd_user(name,pass,email,evld,vld,regtime,regtimex,credit,pnlty) VALUE('$name','$passmd','$email','$evld','$vld','$time','$timex','58','1')");
if(!$sql) {} else {
if(adminset("2")=="1") {


$myemail=$email;
$subject="Complete your registration.";
$body="Dear ".utxt($tbdid).", \n Username: {$name} \n password={$pass}\n Your confirmation code is ".$evld." \n or click here http://vutergoli.com/confirm.php?action=confirm&ok=".$rand." \n if you face any problem just contact with site admin or call: +8801734824328";
$mail=mail($myemail,$subject,$body,"From: noreplay@vutergoli.com");
if(!$mail) {}
else {
$axs="<br/><font color=\"red\">A confirmation email was sent. check your inbox or spam or junk folder.</font><br/>";
}
}
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Well done!!. You have registerd to trickbd successfully.<br/>
<a href=\"login.php?name={$name}&pass={$pass}\">Click here to login Vutergoli.com</a><br/>
 {$axs}</div>";}
}
}
//login
function login($name,$pass){
$name=preg_replace('/[^a-zA-Z0-9\-_]/si','',$name);
$time=time();
$rtd=rand(1111,9999);
$cct=$time*$rtd;
$ckie=md5($cct);
$passmd=md5(strtolower($pass));
$passmdx=md5($pass);
$ckk=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE (lower(name)='$name' AND pass='$passmd') OR (lower(name)='$name' AND pass='$passmdx')"));
$ckkz=mysql_fetch_array(mysql_query("SELECT id FROM tbd_user WHERE (lower(name)='$name' AND pass='$passmd') OR (lower(name)='$name' AND pass='$passmdx')"));

if($ckk[0]=="1" && strlen($name)>3 && strlen($pass)>5) {
if($ckkz['pnlty']=="7") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>You are banned!!</div>";}
else {
$_SESSION['tRixbHimz']=$ckkz['id'];
mysql_query("UPDATE tbd_user SET logtime=$time,cookie='$ckie' WHERE id={$ckkz[0]}");
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>{$name} You have logged in successfully<br/>You may bookmark this page for auto login<br/>
<a href=\"index.php?himel={$ckie}\">Enter home page.</a></div>";
}
} 
else {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error!! check your login information. </div>";}
}

function adminset($a) {
$a=(int) $a;
$ak=mysql_fetch_array(mysql_query("SELECT * FROM adminset WHERE id=1"));
if($a=="1") {
return $ak['reg'];
}
elseif($a=="1") {
return $ak['reg'];
}
elseif($a=="2") {
return $ak['evld'];
}
elseif($a=="3") {
return $ak['vld'];
}
elseif($a=="4") {
return $ak['echk'];
}
elseif($a=="5") {
return $ak['topic'];
}
elseif($a=="6") {
return $ak['comment'];
}
elseif($a=="7") {
return $ak['minst'];
}
elseif($a=="8") {
return $ak['maxst'];
}
elseif($a=="9") {
return $ak['status'];
}

elseif($a=="10") {
return $ak['mintpc'];
}
elseif($a=="11") {
return $ak['maxtpc'];
}
elseif($a=="12") {
return $ak['mintpccm'];
}
elseif($a=="13") {
return $ak['maxtpccm'];
}
elseif($a=="14") {
return $ak['tpccrdt'];
}
elseif($a=="15") {
return $ak['mob'];
}
elseif($a=="16") {
return $ak['email'];
}
elseif($a=="17") {
return $ak['post'];
}
elseif($a=="18") {
return $ak['spama'];
}
elseif($a=="19") {
return $ak['spamb'];
}
elseif($a=="20") {
return $ak['spamset'];
}
elseif($a=="21") {
return $ak['comsess'];
}
elseif($a=="22") {
return $ak['comcrdt'];
}
elseif($a=="23") {
return $ak['blocksite'];
}
elseif($a=="24") {
return $ak['emailset'];
}
elseif($a=="25") {
return $ak['online'];
}
elseif($a=="26") {
return $ak['regswitch'];
}

else {return false;}
}
function power($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT himzpwr FROM tbd_user WHERE id=$a"));
return $gt[0];

}
//addforum
function addforum($name,$bid,$tbdid,$text) {

$tbdid=(int) $tbdid;
if(uxist($tbdid)=="1" && power($tbdid)=="10") {
$name=mysql_real_escape_string($name);
$namelw=strtolower($name);

$bid=(int) $bid; 
$ckk=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM forum WHERE lower(text)='$namelw' AND cat=$bid"));

if($bid!=0 && strlen($name)>2) {
if($ckk[0]>0) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This forum already created in <b>".gnforum($bid)."</b> section</div>";} else {
$sql=mysql_query("INSERT INTO forum(text,cat,name) VALUES('$name','$bid','$text')");
if(!$sql) {} else {return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Forum added!<br/><a href=\"forum.php?aid={$bid}\">View Forum</a></div>";}
}
}
} else {return false;}
}
//ad

function ad($a,$b) {
$a=(int) $a;
$b=(int) $b;
if(power($b)=="10") {$xv=" (<a style=\"color:red\" href=\"ad.php?aid=$a\">B-{$a}</a>)";}

$r=rand(1,3);
$rx=$r-1;
$ad=mysql_fetch_array(mysql_query("SELECT text FROM ad WHERE id=$a AND vld=1"));
if(strlen($ad['text'])>0) {
return "<div align=\"center\"><b>{$xv} {$ad[0]}</b></div>";
}
elseif(strlen($ad[0])=="0" && power($b)=="10") {
return "<div align=\"center\">{$xv}<a style=\"color:red\" href=\"ad.php?aid=$a\"> </a><a href=\"ad.php?aid=$a\">Add your site</a></div>";
}
}

//addtopic
function cancreatetpc($a) {
$a=(int) $a;
$gu=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE vld=2 AND byid=$a "));
if($gu[0]<3) {
return "1";
}
else {
return "<div class=\"rmenu\">We are checking your last 2 topics. Please wait until we finish our checking. after activation you will get a notification. Thank you for being with TrickWorld24.</div>";
}
}
function addtopic($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$tbdid=(int) $tbdid;
$bid=(int) $bid; 
$name=mysql_real_escape_string($name);
$acode=array("<",">","'",'"',"`");
$bcode=array("&gt;","&lt;","singleqt",'doubleqt',"upperqt");
$code="";

$namelw=strtolower($name);
$gt=mysql_fetch_array(mysql_query("SELECT id FROM tbd_topics ORDER BY id DESC"));
$gt[0]+1;
$text=mention($text,"tpca{$gt[0]}",$tbdid);
$text=$text;
$textlw=strtolower($text);
$brwsr=mysql_real_escape_string(brwsr($tbdid));
if(uxist($tbdid)=="1" && forumxist($bid)=="1" && uvld($tbdid)=="1" || uevld($tbdid)=="1") {
if((time()-lasttpctime($tbdid))>3) {
$cat=fcat($bid);
if(adminset("5")=="1" && power($tbdid)<8) {$vld="2"; $xtra="<br/>Your topic is waiting for validation. 20 credits are deducted from your account. Dont worry , you will get 30 credits if Trickbd team approve your topic. ** Stay with us:)<br/>";} else {$vld="1";}
if(adminset("5")=="2" && power($tbdid)<8) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Creating topic is close now. Try again Later</div>";}
elseif(c($tbdid)<adminset("14")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Insufficient Balance. Need more than ".adminset('14')." credits to Create topics.</div>";}
elseif(strlen($name)<adminset("10") || strlen($name)>adminset("11")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name limit is ".adminset('10')."-".adminset('11')."</div>";}
elseif(strlen($text)<adminset("12") || strlen($text)>adminset("13")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Text limit is ".adminset('12')."-".adminset('13')."</div>";}
else {
$sql=mysql_query("INSERT INTO tbd_topics(name,text,time,timex,vld,pnlty,view,byid,forums,cat,code) VALUES('$name','$text','$time','$timex','$vld','1','0','$tbdid','$bid','$cat','$code')");
if(!$sql) {} else {
//start
$file=$_FILES['file']['name'];
$filesz=$_FILES['file']['size'];
if($filesz<=200000) {
$accept = array('jpg','png','gif','jpeg');
$extension = substr($file,strrpos($file,'.')+1);
$target="./pix/";
$rand=rand(1111111111,9999999999);
$target = $target ."tpc".lasttpc('1').".".$extension; 
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
if(!in_array($extension,$accept)){
 
}
else {
if(move_uploaded_file($_FILES['file']['tmp_name'], $target)) 
{$img=mysql_real_escape_string($target);
} else {} }
} else {}
//end
$tagid=(int) lasttpc("1");

$tag="tpc{$tagid}";
$img=$img;
if(file_get_contents($img)==true) {$img=$img;} else {$img="notpc.jpg";}
mysql_query("UPDATE tbd_topics SET img='$img' WHERE id=$tagid");
mysql_query("INSERT INTO notify(toid,name) VALUES('$tbdid','$tag') ");
return "".dc($tbdid,'20')."<div class=\"noti\"><img src=\"ok.png\" alt=\"o\">Thank you ".utxt($tbdid).". your status updated.{$xtra}</div>";
}
}
} else {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"> Please wait 5 min of last Topic</div>";}

} else {return false;}
}
function edittopic($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$tbdid=(int) $tbdid;
$aid=preg_replace('/[^0-9]/','',$_REQUEST["aid"]);
$aid=mysql_real_escape_string($aid);
$aid=(int) $aid;
$bid=(int) $bid; 
if(power($tbdid)<8) {$vld="2";} else {$vld="1";}
$vld=(int) $vld;
$name=mysql_real_escape_string($name);
$namelw=strtolower($name);
$text=mysql_real_escape_string($text);
$text = preg_replace('~[\r\n]+~', '', $text);
$textlw=strtolower(nl2br($text));
$img=mysql_real_escape_string($_REQUEST['logo']);
$accept = array('jpg','png','gif','jpeg');
$extension = substr($file,strrpos($file,'.')+1);
if(!in_array($extension,$accept)){
$img="notpc.jpg";
}
else {
$img=$img;
}

$brwsr=mysql_real_escape_string(brwsr($tbdid));
if(uxist($tbdid)=="1" && forumxist($bid)=="1" && uvld($tbdid)=="1" || uevld($tbdid)=="1") {
if((time()-lasttpctime($tbdid))>3) {
$cat=fcat($bid);
if(strlen($name)<adminset("10") || strlen($name)>adminset("11")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name limit is ".adminset('10')."-".adminset('11')."</div>";}
elseif(strlen($text)<adminset("12") || strlen($text)>adminset("13")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Text limit is ".adminset('12')."-".adminset('13')."</div>";}
else {
if(file_get_contents($img)==true) {$img=$img;} else {$img="notpc.jpg";}
$sql=mysql_query("UPDATE tbd_topics SET name='$name',text='$text',img='$img',vld=$vld,cat=$aid WHERE id=$bid");
if(!$sql) {} else {
//start

return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"> Topic edited.<br/><a href=\"v.php?bid={$bid}\">View topic</a></div>";

$tpc=mysql_fetch_array(mysql_query("SELECT byid FROM tbd_topics WHERE id=$bid"));
$all=mysql_query("SELECT id FROM tbd_user WHERE himzpwr>9");
if(power($tbdid)<9) {
while($rw=mysql_fetch_array($all)) {
$tag="tpca{$bid}";
$ntxt=utxt($tbdid)." edited his topic [tpc=".$bid."]".gntpc($bid)."[/tpc].";
$tpcow=$all[0];
mysql_query("INSERT INTO notify(text,toid,byid,time,vld,name) VALUES('$ntxt','$tpcow','$tbdid','$time','2','$tag')");

}
} else {
$tag="tpca{$bid}";
$ntxt="your topic [tpc=".$bid."]".gntpc($bid)."[/tpc] edited by trickbd team.";
$tpcow=$tpc[0];

mysql_query("INSERT INTO notify(text,toid,byid,time,vld,name) VALUES('$ntxt','$tpcow','$tbdid','$time','2','$tag')");

}
}
}
} else {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"> Please wait 5 min of last Topic</div>";}

} else {return false;}
}

//comment on topic
function addtopiccm($name,$text,$bid,$tbdid,$d) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$tbdid=(int) $tbdid;
$bid=(int) $bid; 
$textvbc=preg_replace('/[^a-zA-Z0-9]/','',$text);

$zxcd=explode(',',strtolower(adminset("23")));
$zxcc=implode('|',$zxcd);

if(preg_match('/'.$zxcc.'/',strtolower($textvbc))){
$nocm="y"; 
 $alerttxt="<div>Your text may containing words those are blocked by trickbd</div>";
}

$name=mysql_real_escape_string($name);
$namelw=strtolower($name);
$text=mention($text,"tpca{$bid}",$tbdid);
$text=mysql_real_escape_string($text);
$textlw=strtolower($text);
$spama=explode(',',adminset('18'));
$spamb=explode(',',adminset('19'));
if(adminset('20')=="1" && power($tbdid)<6) {

$text=str_ireplace($spama,$spamb,$text);

}
elseif(adminset('20')=="2" && power($tbdid)<6) {
$spamv=implode('|',$spama);
$txtrr=preg_replace('/[^a-zA-Z0-9.\/\/]/','',$text);
if(preg_match('/'.$spamv.'/',$txtrr)) {
return"<div class=\"alert\">Your text may b containing bad words or spam</div>";
$nocm="y"; $alerttxt="<div>Your text may b containing words those are blocked by trickworld24</div>";
}
}

$brwsr=mysql_real_escape_string(brwsr($tbdid));
if($nocm!="y" && uxist($tbdid)=="1" && tpcxist($bid)=="1" && uvld($tbdid)=="1" && uevld($tbdid)=="1") {
if((time()-lcmtime($tbdid))>adminset('21')) {
$cat=fcat($bid);
if(adminset("6")=="1") {$vld="2"; $xtra="<br/>Your comment is waiting for validation. 20 credits are deducted from your account. Dont worry , you will get 30 credits if Trickbd team approve your topic. ** Stay with us:)<br/>";} else {$vld="1";}
if(strlen($text)<adminset("12") || strlen($text)>adminset("13")) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Text limit is ".adminset('12')."-".adminset('13')."</div>";}
else {
$sql=mysql_query("INSERT INTO tbd_topiccm(name,text,time,timex,vld,pnlty,view,byid,tpc,dx) VALUES('$name','$text','$time','$timex','$vld','1','0','$tbdid','$bid','$d')");
if(!$sql) {} else {
$tag="tpc{$bid}";
//start
$file=$_FILES['file']['name'];
$filesz=$_FILES['file']['size'];
if($filesz<=200000) {
$accept = array('jpg','png','gif','jpeg');
$extension = substr($file,strrpos($file,'.')+1);
$target="./pix/";
$rand=rand(1111111111,9999999999);
$target = $target ."tpccm".lasttpc('1').".".$extension; 
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
if(!in_array($extension,$accept)){

}
else {
if(move_uploaded_file($_FILES['file']['tmp_name'], $target)) 
{$img=mysql_real_escape_string("[br/][img=40=40]".$target."[/img]");
} else {} }
} else {}
//end
$lcmid=lcmid($tbdid,$bid);
$text=lcmtxt($tbdid,$bid).$img;
mysql_query("UPDATE tbd_topiccm SET text='$text' WHERE id=$lcmid ");
$coa=subcx($bid);
if($coa<2) {
$ntxtx=utxt($tbdid);
}
else {
$cob=$coa-1;
$ntxtx=utxt($tbdid)." & ".$cob." other";
}
$ntxt=$ntxtx." commented on this topic [tpc=".$bid."]".gntpc($bid)."[/tpc]";
if(isnoti($bid,"tpc",$tbdid)=="0") {

mysql_query("INSERT INTO notify(toid,name) VALUES('$tbdid','$tag') ");

}

mysql_query("UPDATE notify SET byid=$tbdid,text='$ntxt',time=$time,vld=2 WHERE name='$tag' AND byid!=$tbdid ");
if(strlen($text)>24) {$cr="5";} else {$cr="2";}
mysql_query("UPDATE tbd_topics SET o=$time WHERE id=$bid");
$crdt=adminset('22');
return "<meta http-equiv=\"refresh\" content=\"0;url=v.php?bid={$bid}\"/>".ac($tbdid,$crdt)."<div class=\"noti\"><img src=\"ok.png\" alt=\"o\">
Thank you ".utxt($tbdid).". your Comment updated.{$xtra}</div>";
}
} 
} else {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\">{$textvbc}{$alerttxt}<br/> Please wait ".adminset('21')." seconds of last comment</div>";}
} else {return  "<div class=\"alert\"><img src=\"x.png\" alt=\"x\">{$alerttxt}</div>";}
}
//
function editforum($name,$bid,$tbdid,$aid,$text) {

$tbdid=(int) $tbdid;
if(uxist($tbdid)=="1" && power($tbdid)=="10") {
$name=mysql_real_escape_string($name);
$namelw=strtolower($name);
$aid=(int) $aid;
$bid=(int) $bid; 
$ckk=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM forum WHERE lower(text)='$namelw' AND cat=$bid AND id!=$aid"));

if($bid!=0 && strlen($name)>2 && forumxist($aid)=="1" && uvld($tbdid)=="1" || uevld($tbdid)=="1") {
if($ckk[0]>0) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This forum already created pn this section</div>";} else {
$sql=mysql_query("UPDATE forum SET text='$name',name='$text',cat=$bid WHERE id=$aid");
if(!$sql) {} else {return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Forum Edited!</div>";}
}
}
} else {return false;}
}
//download
function addfile($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$name);
$name=strtolower($name);
$text=mysql_real_escape_string($text);
$bid=(int) $bid;
if(strlen($name)<5) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea']['name'];
$filesz=$_FILES['filea']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb']['name'],strrpos($_FILES['fileb']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec']['name'],strrpos($_FILES['filec']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}

function addfile2($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$_REQUEST["name2"]);
$name=strtolower($name);
$text=mysql_real_escape_string($_REQUEST["text2"]);
$bid=(int) $bid;
if(strlen($name)<5) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea2']['name'];
$filesz=$_FILES['filea2']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea2']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb2']['name'],strrpos($_FILES['fileb2']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec2']['name'],strrpos($_FILES['filec2']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb2']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec2']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}


function addfile3($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$_REQUEST["name3"]);
$name=strtolower($name);
$text=mysql_real_escape_string($_REQUEST["text3"]);
$bid=(int) $bid;
if(strlen($name)<5) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea3']['name'];
$filesz=$_FILES['filea3']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea3']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb3']['name'],strrpos($_FILES['fileb3']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec3']['name'],strrpos($_FILES['filec3']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb3']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec3']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}

function addfile4($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$_REQUEST["name4"]);
$name=strtolower($name);
$text=mysql_real_escape_string($_REQUEST["text4"]);
$bid=(int) $bid;
if(strlen($name)<5) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea4']['name'];
$filesz=$_FILES['filea4']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea4']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb4']['name'],strrpos($_FILES['fileb4']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec4']['name'],strrpos($_FILES['filec4']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb4']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec4']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}


function addfile5($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$_REQUEST["name5"]);
$name=strtolower($name);
$text=mysql_real_escape_string($_REQUEST["text5"]);
$bid=(int) $bid;
if(strlen($name)<5) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea5']['name'];
$filesz=$_FILES['filea5']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea5']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb5']['name'],strrpos($_FILES['fileb5']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec5']['name'],strrpos($_FILES['filec5']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb5']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec5']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}



////////
function addfileurl($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$name);
$name=strtolower($name);
$text=mysql_real_escape_string($text);
$bid=(int) $bid;
if(strlen($name)<6) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_REQUEST['url'];
$filesz=1000;
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=200000000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./swft/";
$targetb="./swftx/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."._".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!file_put_contents($target, file_get_contents($file))) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
file_put_contents($targetb, file_get_contents($target));
if($x) {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb']['name'],strrpos($_FILES['fileb']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec']['name'],strrpos($_FILES['filec']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tc="./swft/{$name}{$rand}.prov";
if(!move_uploaded_file($_FILES['fileb']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec']['tmp_name'], $tc)) {
$axx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}
//userfile
function addufile($name,$text,$bid,$tbdid) {
$time=time();
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
$name=preg_replace('/[^a-zA-Z0-9]/','',$name);
$name=strtolower($name);
$text=mysql_real_escape_string($text);
$bid=(int) $bid;
if(strlen($name)<6) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Name must>5 </div>";
}
elseif(filexist($name)=="1") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This file name exist</div>";
}
elseif($bid<101 || $bid>106) {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid catagory</div>";
}
elseif(uvld($tbdid)!="1" && uevld($tbdid)!="1") {}
else {
//start
$file=$_FILES['filea']['name'];
$filesz=$_FILES['filea']['size'];
$sz=$filesz/1000;
$sz=$sz."kb";
if($filesz<=5000000) {
$accept = array('jpg','png','gif','jpeg','jar','jad','sis','sisx','nth','zip','rar','7z','apk','prov','swf','mp3','mp4','3gp','flv','avi','amr','wav','pdf');
$extension = substr($file,strrpos($file,'.')+1);
$target="./uswft/";
$targetb="./uswft/";
$rand=rand(1111111111,9999999999);
$target = $target.$name.$rand.".".$extension; 
$targetb=$targetb.$name.$rand."_".$extension;
$target=$target;
$target=mysql_real_escape_string(htmlspecialchars($target));
$targetb=mysql_real_escape_string(htmlspecialchars($targetb));
if(!in_array($extension,$accept)){
 return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Invalid file</div>";
}
else {
if(!move_uploaded_file($_FILES['filea']['tmp_name'], $target)) {

return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Error</div>";


} else 
{
if(!move_uploaded_file($_FILES['filea']['tmp_name'], $targetb)) {} else {}
$acc = array('jpg','gif','png','bmp','ico','do');
$ext= substr($_FILES['fileb']['name'],strrpos($_FILES['fileb']['name'],'.')+1);
$accc = array('prov');
$extt= substr($_FILES['filec']['name'],strrpos($_FILES['filec']['name'],'.')+1);
$rand=rand(11111,99999);
$tb="./swft/{$name}{$rand}.jpg";
$tb=mysql_real_escape_string(htmlspecialchars($tb));
$tc="./swft/{$name}{$rand}.prov";
$tc=mysql_real_escape_string(htmlspecialchars($tc));
if(!move_uploaded_file($_FILES['fileb']['tmp_name'], $tb)) {
$axx="";
} else {
$axx=$tb;
}
if(!move_uploaded_file($_FILES['filec']['tmp_name'], $tc)) {
$bxx="";
} else {
$bxx=$tc;
}
$sx=mysql_query("INSERT INTO dlist(name,link1,link2,text,time,timex,screen,prov,size,dcat,vld,pnlty) VALUES('$name','$target','$targetb','$text','$time','$timex','$axx','$bxx','$sz','$bid','1','1')");
if(!$sx) {
unlink($target);
unlink($tb);
unlink($tc);
} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>File uploaded!</div>";
}
}  }
} else {}
//end


}
}

//
function adddcat($name,$bid,$tbdid) {

$tbdid=(int) $tbdid;
if(uxist($tbdid)=="1" && power($tbdid)=="10") {
$name=mysql_real_escape_string($name);
$namelw=strtolower($name);

$bid=(int) $bid; 
$ckk=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dcat WHERE lower(name)='$namelw' AND cat=$bid"));

if($bid!=0 && strlen($name)>2) {
if($ckk[0]>0) {return "<div class=\"noti\"><img src=\"x.png\" alt=\"x\"/>This forum already created pn this section</div>";} else {
$sql=mysql_query("INSERT INTO dcat(text,cat) VALUES('$name','$bid')");
if(!$sql) {} else {return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Download sub-catagory addedadded!</div>";}
}
}
} else {return false;}
}
function editdcat($name,$bid,$tbdid,$aid) {

$tbdid=(int) $tbdid;
if(uxist($tbdid)=="1" && power($tbdid)=="10") {
$name=mysql_real_escape_string($name);
$namelw=strtolower($name);
$aid=(int) $aid;
$bid=(int) $bid; 
$ckk=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dcat WHERE lower(text)='$namelw' AND cat=$bid AND id!=$aid"));

if($bid!=0 && strlen($name)>2 && dcatxist($aid)=="1") {
if($ckk[0]>0) {return "<div class=\"noti\"><img src=\"x.png\" alt=\"x\"/>This forum already created pn this section</div>";} else {
$sql=mysql_query("UPDATE dcat SET text='$name',cat=$bid WHERE id=$aid");
if(!$sql) {return 'noo';} else {return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Forum edited!</div>";}
}
} else {}
} else {}
}
//cpanel
function cpass($a,$pass) {
$a=(int) $a;
if(preg_match('/[^a-zA-Z0-9]/',$pass)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Password allows a-z,A-Z,0-9</div>";
}
elseif(uvld($a)!="1" && uevld($a)!="1") {return "err usr";}
elseif((!preg_match('/[0-9]/',$pass)) || (!preg_match('/[a-zA-Z]/',$pass))) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>password shoud contain numberic and alphabatic</div>";
}
elseif(preg_match('/\'"`<>&=/si',$pass)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Html codes like [&gt; &lt; ' \" & =] not allowed</div>";
}
elseif(strlen($pass)<5 || strlen($pass)>25) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Password must 6-25</div>";

}

else {
$passmd=md5(strtolower($pass));
$bc=mysql_query("UPDATE tbd_user SET pass='$passmd' WHERE id=$a ");
if(!$bc) {return "err sql";} else {
echo "<br/><div class=\"noti\"><font color=\"red\">Password changed to {$pass}.</font></div><br/>";
$lpi=mysql_fetch_array(mysql_query("SELECT email FROM tbd_user WHERE id=$a"));
$timex=gmdate("d M,Y-l",time()+6*60*60);
$myemail=$lpi[0];
$subject="Password reset.";
$body="Your password changed to {$pass}\n From: ".brwsr($a)." \n On: {$timex}";
$mail=mail($myemail,$subject,$body,"From: admin@trickbd.com");
if(!$mail) {}
else {
}
}
}
}
function cemail($a,$email,$cemail) {
$a=(int) $a;

if(!preg_match('/[a-zA-Z0-9_\-.]+[@]+(yahoo)|(ymail)|(gmail)|(hotmail)|(live)|(rocketmail)|(facebook)|(aol)|(msn)+[.]+(com)|(net)|(info)|(co.uk)/',$email)) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Email format not valid. we support only yahoo,ymail,gmail,hotmail,live,aol</div>";

}
elseif($email!=$cemail) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>Confirm email doesnt match.!!</div>";

}
elseif(emailxist($email)=="1") {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>This email exist.!!</div>";

}

else {
$rand=rand(111111,999999);

$myemail=$email;
$subject="Changing email";
$body="Dear ".utxt($tbdid).", Your confirmation code is ".$rand." \n or click here http://trickbd.com/confirm.php?ok=".$rand." \n if you face any problem just contact with site admin or call: +8801720319101";
$mail=mail($myemail,$subject,$body,"From: admin@trickbd.com");
if(!$mail) {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>There was a problem to send you confirmation code. Please Contact with site admin or call +8801720319101</div>";

} else {
$bc=mysql_query("UPDATE tbd_user SET email='$email' WHERE id=$a ");
if(!$bc) {
return "error";
} else {
$xc="<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>A confirmation code was sent.</div>";
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>Your new Email is : {$email}{$xc}</div>";

}
}

}
}
function stafflog($text,$a) {
$text=mysql_real_escape_string($text);
$a=(int) $a;
$timex=gmdate("h:i a d M,Y-l",time()+6*60*60);
mysql_query("INSERT INTO stafflog(text,timex,byid) VALUES('$text','$timex','$a')");
$sl=mysql_query("SELECT id FROM tbd_user WHERE himzpwr>7");
while($ss=mysql_fetch_array($sl)) {
$sdf=mysql_fetch_array(mysql_query("SELECT stafflog FROM tbd_user WHERE id={$ss[0]}"));
$ssc=$sdf[0]+1;
$ssc=(int) $ssc;
mysql_query("UPDATE tbd_user SET stafflog=$ssc WHERE id={$ss[0]}");
}
}
//last topic id
function lasttpc($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT id FROM tbd_topics ORDER BY id DESC"));
return $gt[0];
}
function lasttpctime($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT time FROM tbd_topics WHERE byid=$a ORDER BY id DESC"));
return $gt[0];
}
//last comment id
function lcmid($a,$b) {
$a=(int) $a;
$b=(int) $b;
$gt=mysql_fetch_array(mysql_query("SELECT id FROM tbd_topiccm WHERE tpc=$b AND byid=$a ORDER BY id DESC"));
return $gt[0];
}
function lcmtxt($a,$b) {
$a=(int) $a;
$b=(int) $b;
$gt=mysql_fetch_array(mysql_query("SELECT text FROM tbd_topiccm WHERE tpc=$b AND byid=$a ORDER BY id DESC"));
return $gt[0];
}
function lcmtime($a) {
$a=(int) $a;

$gt=mysql_fetch_array(mysql_query("SELECT time FROM tbd_topiccm WHERE byid=$a ORDER BY id DESC"));
return $gt[0];
}
//isnoti
function isnoti($a,$b,$c) {
$a=(int) $a;
$c=(int) $c;
$d=$b.$a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE name='$d' AND toid=$c "));
return $xst[0];
}
function unvld($a) {
$a=(int) $a;
$c=(int) $c;
$d=$b.$a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE vld!=1 AND evld=1 "));
return $xst[0];
}
function unevld($a) {
$a=(int) $a;
$c=(int) $c;
$d=$b.$a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE evld!=1 "));
return $xst[0];
}

function untpcvld($a) {
$a=(int) $a;
$c=(int) $_SESSION['tRixbHimz'];
$dep=mysql_fetch_array(mysql_query("SELECT dep FROM tbd_user WHERE id=$c"));

if($a>0) {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE vld=2 AND pnlty=1 AND cat=$a"));

}
elseif($a=="0" && power($c)>8) {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE vld=2 AND pnlty=1 "));

}
else {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE vld=2 AND pnlty=1 AND cat={$dep[0]}"));
}
return $xst[0];
}

function untpcdlt($a) {
$a=(int) $a;
$c=(int) $c;
$d=$b.$a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE pnlty=4 "));
return $xst[0];
}
//
function pnlty($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT pnlty FROM tbd_user WHERE id=$a"));
return $gt[0];
}
function bantime($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT bantime FROM tbd_user WHERE id=$a"));
return $gt[0];
}
//edit profile
function ep($a,$b) {
$a=(int) $a;
$b=(int) $b;
if(uxist($a=="1") || uxist($b)=="1") {
$p1=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p1'])));
$p1=$p1;
$p2=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p2'])));
$p2=$p2;
$p3=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p3'])));
$p3=$p3;
$p4=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p4'])));
$p4=$p4;
$p5=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p5'])));
$p5=$p5;
$p6=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p6'])));
$p6=$p6;
$p7=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p7'])));
$p7=$p7;
$p8=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p8'])));
$p8=$p8;
$p9=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['p9'])));
$p9=$p9;
$rpa=array(">","<","`","sex","order","****",'"',"'","=");
$rpb=array("&gt;","&lt;","","","ord-er","",""","'","=");

$text=mysql_real_escape_string(trim(htmlspecialchars($_REQUEST['text'])));

$text=strip_tags($text);
$p11=mysql_real_escape_string(trim(substr($text,0,240)));
$xi=(strlen($p1)*strlen($p2)*strlen($p3)*strlen($p4)*strlen($p5)*strlen($p6)*strlen($p7)*strlen($p8)*strlen($p9)*strlen($p11));
if($xi=="0") {return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>All fields required</div>";} 
else {
$bm=mysql_query("UPDATE tbd_profile SET fname='$p1',lname='$p2',home='$p3',city='$p4',country='$p5',zip='$p6',bkash='$p7',mob='$p8',fb='$p9',text='$p11' WHERE byid=$a");
if(!$bm) {} else { 
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/>".utxt($a)." {$p1} ' s Profile updated</div>";
}
}
}
}
//lastcom

function cmlast($a) {
$a=(int) $a;
$rby=mysql_fetch_array(mysql_query("SELECT byid FROM tbd_topiccm WHERE tpc=$a ORDER BY id DESC "));
return $rby[0];
}
//countcoms
function comc($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_tpccm WHERE tpc=$a"));
return $xst[0];
}
//credit option

function c($a) {
$a=(int) $a;
$gt=mysql_fetch_array(mysql_query("SELECT credit FROM tbd_user WHERE id=$a"));
return $gt[0];
}
function ac($a,$b) {

$a=(int) $a;
$b=(int) $b;
$c=c($a)+$b;
$c=(int) $c;
if(uxist($a)=="1") {
$gt=mysql_fetch_array(mysql_query("UPDATE tbd_user SET credit=$c WHERE id=$a"));
return "";
} else {return false;}
}
function dc($a,$b) {

$a=(int) $a;
$b=(int) $b;
$c=c($a)-$b;
$c=(int) $c;
if(uxist($a)=="1" && c($a)>$b) {
$gt=mysql_fetch_array(mysql_query("UPDATE tbd_user SET credit=$c WHERE id=$a"));
return "";
} else {return false;}
}
//time
function gtime($xtime) {
$cur_tm = time(); $dif = $cur_tm-$xtime;
   $pds = array('second','minute','hour','day','week','month','year','decade');
   $lngh = array(1,60,3600,86400,604800,2630880,31570560,315705600);
   for($v = sizeof($lngh)-1; ($v >= 0)&&(($no = $dif/$lngh[$v])<=1); $v--); if($v < 0) $v = 0; $_tm = $cur_tm-($dif%$lngh[$v]);

   $no = floor($no); if($no <> 1) $pds[$v] .='s'; $x=sprintf("%d %s ",$no,$pds[$v]);
   if(($rcs == 1)&&($v >= 1)&&(($cur_tm-$_tm) > 0)) $x = time_ago($_tm);
   return "<small>".$x." ago</small>";
}
//online
function online($a,$b) {
$a=(int) $a;
$b=(int) $b;
$bx=time()-$b;
$bx=(int) $bx;
if($a=="1") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE otime>$bx"));
}
elseif($a=="2") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE otime>$bx AND himzpwr>6"));

}
elseif($a=="4") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE himzpwr=4"));

}

elseif($a=="5") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE himzpwr=5"));

}

elseif($a=="6") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE himzpwr>6"));

}

elseif($a=="7") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user"));

}
elseif($a=="7") {
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM follow WHERE "));

$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user"));

}
return $xst[0];
}
function gonline($b) {
$a=(int) $a;
$b=(int) $b;
$bx=time()-$b;
$bx=(int) $bx;

$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM brwsr WHERE time>$bx"));

return $xst[0];

}
function addon($a,$b) {
$time=time();
$a=(int) $a;
$b=$b;
$brws=mysql_real_escape_string(brws($_SERVER["HTTP_USER_AGENT"]));
$ip=mysql_real_escape_string(brws($_SERVER["REMOTE_ADDR"]));
if(uxist($a)=="1") {

mysql_query("UPDATE tbd_user SET otime=$time,oloc='$b',brwsr='$brws',ip='$ip' WHERE id=$a");
}
else {
$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM brwsr WHERE text='$brws' AND byid=$a"));
if($bc[0]=="0") {
mysql_query("INSERT INTO brwsr(text,byid,time) VALUES('$brws','$a','$time')");
}
else {
mysql_query("UPDATE brwsr SET time=$time WHERE byid=$a");

}
}
}
//browser filter
function brws($a) {
$a=htmlspecialchars($a);
$a=mysql_real_escape_string($a);
return $a;
}
//userexist
function uxist($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE id=$a"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
function emailxist($a) {
$a= mysql_real_escape_string($a);
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_user WHERE email='$a'"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
//profile
function p($a,$c,$b) {
$a=(int) $a;
$b=(int) $b;
$c=(int) $c;
$gt=mysql_fetch_array(mysql_query("SELECT fname, lname, home, city, country, zip, bkash, mob, fb, text FROM tbd_profile WHERE byid=$a"));
$gtx=mysql_fetch_array(mysql_query("SELECT email FROM tbd_user WHERE id=$a"));
if($b=="1") {
return $gt[0];
}
elseif($b=="10") {
return $gt[1];
}
elseif($b=="2") {
return $gt[2];
}
elseif($b=="3") {
return $gt[3];
}
elseif($b=="4") {
return $gt[4];
}
elseif($b=="5") {
return $gt[5];
}
elseif($b=="6"  && (power($c)=="10" || $a==$c)) {
return $gt[6];
}
elseif($b=="6"  && (power($c)!="10" || $a!=$c)) {
return "Permission denied!";
}
elseif($b=="7"  && (power($c)=="10" || $a==$c)) {
return $gt[7];
}
elseif($b=="7"  && (power($c)!="10" || $a!=$c)) {
return "Permission denied!";
}
elseif($b=="8") {
return $gt[8];
}
elseif($b=="9"  && (power($c)=="10" || $a==$c)) {
return $gtx[0];
}
elseif($b=="9"  && (power($c)!="10" || $a!=$c)) {
return "Permission denied!";
}
elseif($b=="11") {
return $gt[9];
}
else {return false;}

}
//forum xist
function forumxist($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM forum WHERE id=$a"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
function filexist($a) {
$a=strtolower($a);
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dlist WHERE lower(name)='$a'"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
function filexist2($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dlist WHERE id=$a"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
function filepnlty($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT pnlty FROM dlist WHERE id=$a"));
return $xst[0];
}
function filevld($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT vld FROM dlist WHERE id=$a"));
return $xst[0];
}

function dcatxist($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dcat WHERE id=$a"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
//user
function uvld($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT vld FROM tbd_user WHERE id=$a"));
return $xst[0];
}
function uevld($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT evld FROM tbd_user WHERE id=$a"));
return $xst[0];
}

//frnd
function isfrnd($a,$b) {
$a=(int) $a;
$b=(int) $b;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM follow WHERE (byid=$a AND toid=$b) OR (byid=$b AND toid=$a)" ));
if($xst[0]=="0") {return "2";} else {return "1";}
}
function isreqme($a,$b) {
$a=(int) $a;
$b=(int) $b;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM follow WHERE byid=$b AND toid=$a AND vld=2"));
if($xst[0]!="1") {return "2";} else {return "1";}

}
function allreq($a) {
$a=(int) $a;
$b=(int) $b;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM follow WHERE toid=$a AND vld>1"));
return $xst[0];
}

function tpcxist($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE id=$a"));
if($xst[0]=="1") {return "1";} else {return "2";}
}
function tpcpnlty($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT pnlty FROM tbd_topics WHERE id=$a"));
return $xst[0];
}
function tpcvld($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT vld FROM tbd_topics WHERE id=$a"));
return $xst[0];
}
function tpcbyu($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE byid=$a AND vld=1 "));
return $xst[0];

}
function tpccbyu($a) {
$a=(int) $a;
$xst=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topiccm WHERE byid=$a AND vld=1 "));
return $xst[0];

}
//
function ulink($a) {
$a=(int) $a;

if(uxist($a)=="1") {

$info=mysql_fetch_array(mysql_query("SELECT name FROM tbd_user WHERE id=$a"));

return "<a href=\"profile.php?action=about&aid={$a}\">{$info[0]}</a>".urank($a)."";} else {return "guest";}
}
function smiley($a) {
$sqls = "SELECT fname,lname FROM smiley";
  $smilies = mysql_query($sqls);
  while($smilie=mysql_fetch_array($smilies))
  {
    $scode = $smilie[0];
    $spath = $smilie[1];
    $text = str_replace($scode,"<img src='sm/$spath' alt='$scode'/>",$text);
  }
  return $text;

}
function uirank($a) {
$a=(int) $a;

if(uxist($a)=="1") {
if(power($a)=="4") {return "<img src=\"img/vip.png\"/>";}
elseif(power($a)=="5") {return "<img src=\"img/premium.png\"/>";}
elseif(power($a)=="8") {return "<img src=\"img/moderator.png\"/>";}
elseif(power($a)=="9") {return "<img src=\"img/admin.png\"/>";}
elseif(power($a)=="10") {return "<img src=\"img/president.png\"/>";}
else {}
}
}
function urank($a) {
$a=(int) $a;

if(uxist($a)=="1") {
if(power($a)=="4") {return "(<font color=\"black\">Vip</font>)";}
elseif(power($a)=="5") {return "(<font color=\"green\">Premium</font>)";}
elseif(power($a)=="8") {return "(<font color=\"orange\">Moderator</font>)";}
elseif(power($a)=="9") {return "(<font color=\"blue\">Global Admin</font>)";}
elseif(power($a)=="10") {return "(<font color=\"red\">President</font>)";}
else {return "";}
}
}
function lctime($a) {
$a=(int) $a;
$info=mysql_fetch_array(mysql_query("SELECT time FROM tbd_topiccm WHERE tpc=$a ORDER BY id DESC"));

return $info[0];
}
//
//
function utxt($a) {
$a=(int) $a;

if(uxist($a)=="1") {
$info=mysql_fetch_array(mysql_query("SELECT name FROM tbd_user WHERE id=$a ORDER BY id DESC"));

return $info[0];} else {return "guest";}
}
//
function upsts($text,$tbdid) {
$tbdid=(int) $tbdid;
if(uxist($tbdid)=="1") {
$time=time();
$timex=gmdate("d M,Y-l",time()+6*60*60);

if(adminset("9")=="1") {$vld="2"; $s="Your status awaiting for moderation.";} else {$vld="1";}
if(pnlty($tbdid)=="3") { return "<div class=\"noti\"><img src=\"x.png\" alt=\"x\">You are post banned</div>";} 
elseif(strlen($text)<adminset("7") || strlen($text)>adminset("8") ) { return "<div class=\"noti\"><img src=\"x.png\" alt=\"x\">Invalid lenght. Text must ".adminset('7')."-".adminset('8')."</div>";}
else {
$sql=mysql_query("INSERT INTO status(name,text,time,timex,vld,pnlty,o,view) VALUES('$tbdid','$text','$time','$timex','$vld','1','time','0')");
if(!$sql) {} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\">Thank you ".utxt($tbdid).". your status updated.{$s}</div>";
}
}
} else {return false;}
}
//icon
function giforum($a) {
$a=(int) $a;
/*
if($a=="8") {return "<img src=\"game.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="1") {return "<img src=\"apps.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="2") {return "<img src=\"internet.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="3") {return "<img src=\"mbl.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="4") {return "<img src=\"computer.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="5") {return "<img src=\"script.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="6") {return "<img src=\"rlg.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="7") {return "<img src=\"buy.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="9") {return "<img src=\"other.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="10") {return "<img src=\"help.png\" width=\"25px\" height=\"25px\"/>";}
*/
$fmenu=mysql_fetch_array(mysql_query("SELECT cat FROM fmenu WHERE id=$a"));

return "<img src=\"{$fmebu[0]}\" width=\"25px\" height=\"25px\"/>";

}
//frmcat name
function gnforum($a) {
$a=(int) $a;
/*
if($a=="8") {return "Gaming zone";}
elseif($a=="1") {return "Java Zone";}
elseif($a=="2") {return "Symbian Zone";}
elseif($a=="3") {return "Android Zone";}
elseif($a=="4") {return "Pc Zone";}
elseif($a=="5") {return "Coding Zone";}
elseif($a=="6") {return "Religious Portal";}
elseif($a=="7") {return "Buy & Sell";}
elseif($a=="9") {return "Open Talk";}
elseif($a=="10") {return "Help Desk";}
*/
$fmenu=mysql_fetch_array(mysql_query("SELECT name,text,cat FROM fmenu WHERE id=$a"));

return giforum($fmenu[2])." {$fmenu[0]}<br/><font color=\"gray\"/>{$fmenu[1]}</font>";

}
function fmenu($a,$b) {
$a=(int) $a;
$b=(int) $b;
if(power($b)=="10")  {$e="<a href=\"index.php?action=editfmenu&aid=$a\">E</a>";} else {$e="";}

$fmenu=mysql_fetch_array(mysql_query("SELECT * FROM fmenu WHERE id=$a"));
if($fmenu['vld']!=2 || power($b)=="10"){
return "<div class=\"mainblok\"><table width=\"100%\"><td width=\"30px\"><img src=\"{$fmenu['cat']}\" width=\"25px\" height=\"25px\"/></td><td> <a href=\"forum.php?aid=$a\">{$fmenu['name']}</a><span id=\"a1\"></span><div><span class=\"gray\">{$fmenu['text']}<br/>Forum: ".frmcount($a)." Topic: ".tpccount($a)."</span>{$e}</div></td></table></div>";
} 
else {
return "";
}

}

function dmenu($a,$b) {
$a=(int) $a;
$b=(int) $b;
if(power($b)=="10")  {$e="<a href=\"index.php?action=editdmenu&aid=$a\">E</a>";} else {$e="";}

$dmenu=mysql_fetch_array(mysql_query("SELECT * FROM dmenu WHERE id=$a"));
if($dmenu['vld']!=2 || power($b)=="10"){
return "<div class=\"listx\"><table width=\"100%\"><td width=\"30px\"><img src=\"{$dmenu['cat']}\" width=\"25px\" height=\"25px\"/></td><td> <a href=\"download.php?aid=$a\">{$dmenu['name']}<span id=\"a1\"></a></span><div><span class=\"gray\">{$dmenu['text']}</span>{$e}</div></td></table></div>";
}
else {
return "";
}

}
//icon
function gidcat($a) {
$a=(int) $a;
/*
if($a=="8") {return "<img src=\"game.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="1") {return "<img src=\"mbl.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="2") {return "<img src=\"internet.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="3") {return "<img src=\"computer.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="4") {return "<img src=\"script.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="5") {return "<img src=\"apps.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="6") {return "<img src=\"rlg.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="7") {return "<img src=\"buy.png\" width=\"25px\" height=\"25px\"/>";}
elseif($a=="9") {return "<img src=\"other.png\" width=\"25px\" height=\"25px\"/>";}
*/
$dmenu=mysql_fetch_array(mysql_query("SELECT cat FROM dmenu WHERE id=$a"));

return "<img src=\"{$dmenu[0]}\" width=\"25px\" height=\"25px\"/>";
}
//frmcat name
function gndcat($a) {
$a=(int) $a;
/*
if($a=="1") {return "Mobile software";}
elseif($a=="2") {return "Free internet software";}
elseif($a=="3") {return "Computer software";}
elseif($a=="4") {return "Games";}
elseif($a=="5") {return "utilities";}
elseif($a=="6") {return "Music zone";}
elseif($a=="7") {return "Video portal";}
elseif($a=="8") {return "Wallpaper";}
elseif($a=="9") {return "Themes";}
*/
$dmenu=mysql_fetch_array(mysql_query("SELECT name,text,cat FROM dmenu WHERE id=$a"));

return gidcat($dmenu[2])." {$dmenu[0]}<br/><font color=\"gray\"/>{$dmenu[1]}</font>";

}
function gnfmenu($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT name FROM fmenu WHERE id=$a"));
return $b[0];

}
function gnforum2($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT text FROM forum WHERE id=$a"));
return $b[0];

}
function gndcat2($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT text FROM dcat WHERE id=$a"));
return $b[0];

}
function gntpc($a) {
$a=(int) $a;
if(tpcxist($a)=="1") {
$b=mysql_fetch_array(mysql_query("SELECT name FROM tbd_topics WHERE id=$a"));
return $b[0];
} else { return "{$a} Topic deleted";}

}
function lctpc($a,$b) {
$a=(int) $a;
$b=$b;
if(tpcxist($a)=="1" && $b=="like") {
$l=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tpclike WHERE vld=1 AND toid=$a"));
}
if(tpcxist($a)=="1" && $b=="dislike") {
$l=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tpclike WHERE vld=2 AND toid=$a"));
}
return $l[0];
}
function lctpccm($a,$b) {
$a=(int) $a;
$b=$b;
if($b=="like") {
$l=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tpccmlike WHERE vld=1 AND toid=$a"));
}
if($b=="dislike") {
$l=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tpccmlike WHERE vld=2 AND toid=$a"));
}
return $l[0];
}

function notify($a) {


}
function notifyxit($a,$b,$c) {
$a=(int) $a;
$b= $b;
$d=$b.$a;
$bc=mysql_query("UPDATE notify SET vld=1 WHERE name='$d' AND toid=$c ");
return "";

}
function frmcount($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM forum WHERE cat=$a"));
return $b[0];

}

function msgcount($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM msg WHERE toid=$a AND vld=2"));
return $b[0];

}
function inboxcount($a,$b) {
$a=(int) $a;
$b=(int) $b;

$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM inbox WHERE toid=$a AND byid=$b AND vld=2"));
return $bc[0];

}
function ufilec($a,$b) {
$a=(int) $a;
$b=(int) $b;

$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM dlist WHERE byid=$a AND dcat=$b AND vld=2"));
return $bc[0];

}
function tpccount($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE cat=$a AND vld=1 AND pnlty!=4"));
return $b[0];

}
function ignored($a) {
$a=(int) $a;
$bx=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE pnlty=2"));
return $bx[0];

}
function myignored ($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE pnlty=2 AND byid=$a"));
return $b[0];

}
function myunvld ($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM tbd_topics WHERE pnlty=1 AND vld=2 AND byid=$a"));
return $b[0];

}
function fcat($a) {
$a=(int) $a;
$b=mysql_fetch_array(mysql_query("SELECT cat FROM forum WHERE id=$a"));
return $b[0];
}

//subscribe
function subc($a) {
$a=(int) $a;

$tag="tpc".$a;
if(tpcxist($a)=="1") {
$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE name='$tag'"));

return "<a style=\"color:#EDB431;\" href=\"list.php?action=tpcsub&bid=$a\">{$bc[0]} subscribers</a>";


} else {return "";}
}
function subcx($a) {
$a=(int) $a;

$tag="tpc".$a;

$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE name='$tag'"));
return $bc[0];
}

function subs($a,$b) {
$a=(int) $a;
$b=(int) $b;
$tag="tpc".$b;
if(uxist($a)=="1") {
$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE toid=$a AND name='$tag'"));
if($bc[0]=="0") {
return "<a style=\"color:#EDB431;\" href=\"v.php?action=subs&bid=$b\">Subscribe</a>";
}
else {
return "<a style=\"color:#EDB431;\" href=\"v.php?action=unsubs&bid=$b\">Unsubscribe</a>";

}
} else {return "";}
}

function subadd($a,$b) {
$a=(int) $a;
$b=(int) $b;
$tag="tpc".$b;
if(uxist($a)=="1") {
$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE toid=$a AND name='$tag'"));
if($bc[0]=="0") {
$s=mysql_query("INSERT INTO notify(toid,name) VALUES('$a','$tag')");
if(!$s) {} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/> You are now in this thread.</div>";
}
}
else {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>You can not subscribe to this thread coz you are already subscribed to this.</div>";

}
} 
}
function unsub($a,$b) {
$a=(int) $a;
$b=(int) $b;
$tag="tpc".$b;
if(uxist($a)=="1") {
$bc=mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM notify WHERE toid=$a AND name='$tag'"));
if($bc[0]!="0") {
$s=mysql_query("delete FROM notify WHERE toid=$a AND name='$tag'");
if(!$s) {} else {
return "<div class=\"noti\"><img src=\"ok.png\" alt=\"o\"/> You are now out of this thread.</div>";
}
}
else {
return "<div class=\"alert\"><img src=\"x.png\" alt=\"x\"/>You can not unsubscribe to this thread coz you are not subscribed to this.</div>";

}
} 
}
function pphoto($a) {
$a=(int) $a;
$s=mysql_fetch_array(mysql_query("SELECT pphoto FROM tbd_user WHERE id=$a"));
if(file_get_contents($s[0])==true) {
return $s[0];
}
else {
return "nopphoto.jpg";
}
}

function lastreg($a) {
$a=(int) $a;
$s=mysql_fetch_array(mysql_query("SELECT id FROM tbd_user WHERE vld=1 AND pnlty=1 ORDER BY id DESC"));
RETURN ulink($s[0]);
}
function lastlog($a) {
$a=(int) $a;
$s=mysql_fetch_array(mysql_query("SELECT id FROM tbd_user WHERE vld=1 AND pnlty=1 ORDER BY logtime DESC"));
RETURN ulink($s[0]);
}
function code($txt,$a,$b) {
$a=(int) $a;
$b=(int) $b;
$aid=(int) $_GET['aid'];
$bid=(int) $_GET['bid'];

$rplca=array(
'@\[(?i)tpc=(.*?)\](.*?)\[/(?i)tpc\]@si',
'@\[(?i)img=(.*?)=(.*?)\](.*?)\[/(?i)img\]@si',
'@\[(?i)img\](.*?)\[/(?i)img\]@si',
'@\[(?i)fimg=(.*?)\]@si',
'@\[(?i)b\](.*?)\[/b\]@si',
'@\[(?i)noti\](.*?)\[/noti\]@si',
'@\[(?i)u\](.*?)\[/u\]@si',
'@\[(?i)left\](.*?)\[/left\]@si',
'@\[(?i)right\](.*?)\[/right\]@si',
'@\[(?i)center\](.*?)\[/center\]@si',
'@\[(?i)sub\](.*?)\[/sub\]@si',
'@\[(?i)sup\](.*?)\[/sup\]@si',
'@\[(?i)s\](.*?)\[/s\]@si',
'@\[(?i)c=(.*?)\](.*?)\[/c\]@si',
'@\[(?i)opc=(.*?)\](.*?)\[/opc\]@si',
'@\[(?i)sd=(.*?)\](.*?)\[/sd\]@si',
'@\[(?i)dot=(.*?)\](.*?)\[/dot\]@si',
'@\[(?i)dash=(.*?)\](.*?)\[/dash\]@si',
'@\[(?i)solid=(.*?)\](.*?)\[/solid\]@si',
'@\[(?i)bg=(.*?)\](.*?)\[/bg\]@si',
'@%(.*?) @si',
'@\[(?i)user=(.*?)\](.*?)\[/(?i)user\]@si',
'@\[(?i)q=(.*?)\](.*?)\[/(?i)q\]@si',
'@\[(?i)url=(.*?)\](.*?)\[/(?i)url\]@si',
'@\[br/\]@si',
'@\[m\]@si',
'@\[(?i)f=(.*?)\](.*?)\[(?i)/f\]@si',
'@\[reply\]@i',
'@\[(?i)y\](.*?)\[/y\]@si'
);
$rplcb=array(
"<a href='v.php?bid=$1&ok=n'>$2</a>",
'<a href="imgview.php?img=$3"><img src="$3" style="width:$1px; height:$2px;"/></a>',
'<a href="imgview.php?img=$1"><img src="$1" onmouseover="object.style.maxWidth=\'1000px\'" style="width:140px; height:160px;"/></a>',
'<a href="imgview.php?img=bbimg/$1.jpg"><img onmouseover="object.style.maxWidth=\'1000px\'" src="bbimg/$1.jpg" style="max-width:240px; max-height:320px;"/></a>',
'<b>\\1</b>',
'<a href="notifications.php">\\1</a>',
'<u>\\1</u>',
'<div align="left">\\1</div>',
'<div align="right">\\1</div>',
'<div align="center">\\1</div>',
'<sub>\\1</sub>',
'<sup>\\1</sup>',
'<s>\\1</s>',
'<span style="color:\\1">\\2</span>',
'<span style="opacity:\\1">\\2</span>',
'<span style="text-shadow:2px 2px \\1">\\2</span>',
'<span style="border:1px dotted \\1">\\2</span>',
'<span style="border:1px dashed \\1">\\2</span>',
'<span style="border:1px solid \\1">\\2</span>',
'<span style="background-color:\\1">\\2</span>',
'<a href="search.php?text=\\1">%\\1</a> ',
'<a href="profile.php?aid=\\1">\\2</a>',
'<div class=\"listx\"><font color="#222">\\2</font></div>',
'<a href="$1">$2</a>',
'<br/>',
ulink($b),
'<a href="dv.php?bid=\\1">\\2</a>',
'<form enctype="multipart/form-data" action="v.php?action=comment&bid='.$a.'&ok=ok" method="post"><div class="bly" style="width:50%"><div class="bar4">Quick reply</div>
<input type="text" name="text" value="@'.utxt($b).' "/><br/><input type="submit" value="Reply me"/></form></div>',
'  <div class="my_modal_open" id="my_modal"><div onclick="youtube(\'$1\')" class="youtube" id="$1"><object width="225" height="150">
  <param name="movie" value="http://www.youtube.com/v/$1" />
  <param name="wmode" value="transparent" />
  <embed src="http://www.youtube.com/v/$1"
         type="application/x-shockwave-flash"
         wmode="transparent" width="225" height="150" />
</object><a href="http://ssyoutube.com/watch/?v=$1">3gp</a>|<a href="">Mp3</a></div></div>'
);
return preg_replace($rplca,$rplcb,$txt);
}
function makelink($text) {
$text=" {$text} ";
$text=str_replace(array(' www.',' wap.'),array(' http://www.',' http://wap.'),$text);;
// The Regular Expression filter
$reg_exUrl = "/( http| https)\:\/\/[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,4}(\/\S*)?/si";
$reg_exUrlx = "/( www| wap)\.[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,4}(\/\S*)?/si";
$uu=array($reg_exUrl,$reg_exUrlx);
// The Text you want to filter for urls
$text =$text;

// Check if there is a url in the text
if(preg_match($reg_exUrl, $text, $url)) {
$urlz=str_replace(" ","",$url[0]);
       // make the urls hyper links
	    $tts= preg_replace($uu, "<a href=\"{$urlz}\">{$urlz}</a> ", $text);

}
else {$tts=$text;}


 return $tts;
}
function mention($text,$tag,$tbdid) {
$text=mysql_real_escape_string($text);
/*
preg_match('/@[a-zA-Z0-9]+/',$text,$u);
$ux=strtolower(preg_replace('/[^a-zA-Z0-9\-_]/','',$u[0]);
*/
$us=mysql_query("SELECT name,id FROM tbd_user");
while($usr=mysql_fetch_array($us)) {
$ust="/@".$usr[0]." /";
if(!preg_match(strtolower($ust),strtolower($text)) && $tbdid!=$usr[1]) {}
else {
$text=preg_replace($ust,"[user={$usr[1]}]{$usr[0]}[/user] ",$text);
$tag=$tag;
$tagx=preg_replace('/[^0-9]/','',$tag);
$tagx=(int) $tagx;
$ntxt=utxt($tbdid)." mentioned You in a Topic [tpc={$tagx}][b]".gntpc($tagx)."[/b][/tpc].";
$tpcow=$usr[1];
 

mysql_query("INSERT INTO notify(text,toid,byid,time,vld,name) VALUES('$ntxt','$tpcow','$tbdid','$time','2','$tag')");

}
}
return $text;
}
function brw($a) {
$a=(int) $a;
$br=mysql_real_escape_string(htmlspecialchars($_SERVER['HTTP_USER_AGENT']));
$br=preg_replace('/[^a-zA-z0-9\.\-\/_]/','',$br);
return $br;
}

function brwsr($a) { 
	  $a=(int) $a;
	  $gb=mysql_fetch_array(mysql_query("SELECT brwsr FROM tbd_user WHERE id=$a"));
         $userAgent = strtolower($gb[0]);

         // Identify the browser. Check Opera and Safari first in case of spoof. Let Google Chrome be identified as Safari. 
         if (preg_match('/opera mini/', $userAgent)) { 
		  preg_match("/ mini\/[0-9].[0-9]/",$userAgent,$cx);
             $name = 'Opera '.$cx[0]; 
         } 
         elseif (preg_match('/webkit/', $userAgent)) { 
             $name = 'safari'; 
         } 
          elseif (preg_match('/opera/', $userAgent)) { 
		
             $name = 'Opera'; 
         } 
         elseif (preg_match('/msie/', $userAgent)) { 
             $name = 'msie'; 
         } 
         elseif (preg_match('/mozilla/', $userAgent) && !preg_match('/compatible/', $userAgent)) { 
             $name = 'mozilla'; 
         } 
         else { 
           $a=$userAgent;
		 
		   preg_match("/(.*?)\//",$a,$p);
			
			$name=$p[0];
         } 

         // What version? 
         if (preg_match('/.+(?:rv|it|ra|ie)[\/: ]([\d.]+)/', $userAgent, $matches)) { 
             $version = $matches[1]; 
         } 
         else { 
             $version = 'unknown'; 
         } 

         // Running on what platform? 
         if (preg_match('/linux/', $userAgent)) { 
             $platform = 'linux'; 
         } 
         elseif (preg_match('/macintosh|mac os x/', $userAgent)) { 
             $platform = 'mac'; 
         } 
         elseif (preg_match('/windows nt 5/', $userAgent)) { 
             $platform = 'windows XP'; 
         } 
		  elseif (preg_match('/windows nt 6/', $userAgent)) { 
             $platform = 'windows 7'; 
         }
		  elseif (preg_match('/j2me/', $userAgent)) { 
             $platform = 'Java Platform'; 
         }
		  elseif (preg_match('/series/', $userAgent)) { 
             $platform = 'Symbian Platform'; 
         }
		  elseif (preg_match('/midp/', $userAgent)) { 
             $platform = 'Java Platform'; 
         }
         else { 
             $platform = 'unrecognized'; 
         } 

    
 return '|Â» Browser: '.$name.'<br/>|Â» version: '.$version.'<br/>|Â» OS: '.$platform; 
} 

?>

this is folders at s_functions.php

Code:

Line: 398 = /pix/
Line: 543 = /pix/
Line: 627 = /swft/
Line: 628 = /swftx/
Line: 653 = /swft/
Line: 654 = /swft/
Line: 702 = /swft/
Line: 703 = /swftx/
Line: 728 = /swft/
Line: 729 = /swft/
Line: 778 = /swft/
Line: 779 = /swftx/
Line: 804 = /swft/
Line: 805 = /swft/
Line: 853 = /swft/
Line: 854 = /swftx/
Line: 879 = /swft/
Line: 880 = /swft/
Line: 929 = /swft/
Line: 930 = /swftx/
Line: 955 = /swft/
Line: 956 = /swft/
Line: 1007 = /swft/
Line: 1008 = swftx/
Line: 1033 = /swft/
Line: 1034 = /swft/
Line: 1084 = /uswft/
Line: 1085 = /uswft/
Line: 1109 = /swft/
Line: 1111 = /swft/