Lavalair Mods...

Collapse
This is a sticky topic.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #91
    thinking about above post ... migfht be better having a file:
    antiinjection.php
    PHP Code:
    <?php
    if(isset($_REQUEST)){foreach($_REQUEST as $key=>$value){$_REQUEST[$key]=mysql_real_escape_string(htmlspecialchars($value));}} 
    if(isset(
    $_SERVER)){foreach($_SERVER as $key=>$value){$_SERVER[$key]=mysql_real_escape_string(htmlspecialchars($value));}}
    if(isset(
    $_SESSION)){foreach($_SESSION as $key=>$value){$_SESSION[$key]=mysql_real_escape_string(htmlspecialchars($value));}}
    ?>
    then just using:
    PHP Code:
    include 'antiinjection.php'
    at the top of every page

    Comment


      #92
      yeah you could just add:
      PHP Code:
      if(isset($_GET)){foreach($_GET as $key=>$value){$_GET[$key]=addslashes(htmlspecialchars($value));}} 
      if(isset(
      $_POST)){foreach($_POST as $key=>$value){$_POST[$key]=addslashes(htmlspecialchars($value));}}    
      if(isset(
      $_SERVER)){foreach($_SERVER as $key=>$value){$_SERVER[$key]=addslashes(htmlspecialchars($value));}}  
      if(isset(
      $_SESSION)){foreach($_SESSION as $key=>$value){$_SESSION[$key]=addslashes(htmlspecialchars($value));}} 
      to your config.php
      Last edited by something else; 21.08.10, 02:10.

      Comment


        #93
        Originally posted by something else View Post
        thinking about above post ... migfht be better having a file:
        antiinjection.php
        PHP Code:
        <?php
        if(isset($_REQUEST)){foreach($_REQUEST as $key=>$value){$_REQUEST[$key]=mysql_real_escape_string(htmlspecialchars($value));}} 
        if(isset(
        $_SERVER)){foreach($_SERVER as $key=>$value){$_SERVER[$key]=mysql_real_escape_string(htmlspecialchars($value));}}
        if(isset(
        $_SESSION)){foreach($_SESSION as $key=>$value){$_SESSION[$key]=mysql_real_escape_string(htmlspecialchars($value));}}
        ?>
        then just using:
        PHP Code:
        include 'antiinjection.php'
        at the top of every page
        I you do that, some value will not work. like intejer, numeric value..bla bla bla

        Comment


          #94
          Originally posted by riderz
          dont work when i add that in confic it show error msges saying no password
          Code:
          for user '..........'@'localhost' (using password: NO) in /home/............./public_html/config.php on line 16
          Place it below your database connection :P

          Comment


            #95
            Code:
            ///////////////////////////////del one persons messages
            else if($action=="delonemsg")
            {
              $who = $_GET["who"];
              $user = getnick_uid($who);
              echo "<head>";
              echo "<title>Owner Tools</title>";
              echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
              echo "</head>";
              echo "<body>";
              echo "<p align=\"center\">";
              $uid = getuid_sid($sid);
              $perm = mysql_fetch_array(mysql_query("SELECT perm FROM ibwf_users WHERE id='".$uid."'"));
              $trgtperm = mysql_fetch_array(mysql_query("SELECT perm FROM ibwf_users WHERE name='".$user."'"));
            
              if($trgtperm>$perm){ 
              echo "<b><img src=\"../images/notok.gif\" alt=\"x\"/><br/>Error!!!<br/>permission Denied...</b><br/>";
              echo "<br/>U Cannot Delete $user<br/>";
              echo "<a href=\"index.php?action=main&amp;sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
              echo "</p>";
              }else{
            
              echo "<br/>";
            $res = mysql_query("DELETE FROM ibwf_private WHERE byuid='".$who."'");
              $res = mysql_query("DELETE FROM ibwf_popups WHERE byuid='".$who."'");
            
             if($res)
              {
              echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Users messages deleted successfully";
            mysql_query("INSERT INTO ibwf_mlog SET action='users pms ', details='<b>".getnick_uid(getuid_sid($sid))."</b> $user messages deleted', actdt='".time()."'");
              }else{
              echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Error deleting UGroup";
              }
             
              echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&amp;sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
              }
              echo "</p></body>";
            }
            usage
            Code:
            echo "<a href=\"yourtools.php?action=delonemsg&amp;sid=$sid&amp;who=$who\">Delete All Users Messages</a><br/>";
            lets say someone spams your site and no one catches them doing it for ages. they will of spammed alot of users. this can delete just that users sent messages no one elses .the only other way of clesring one persons messages is to delete the user .
            Last edited by nclemale36; 11.05.11, 11:21. Reason: seen subzeros subsequent post.
            Wapchat4u


            Topsites4u

            Comment


              #96
              user avatar function... safe and easy...
              ////////////////////////////////////////////getavatar///////////////
              function useravat($uid)
              {
              $avat = mysql_fetch_array(mysql_query("SELECT avatar FROM fun_users WHERE id='".$uid."'"));

              $avatar = "<img src=\"phpThumb/phpThumb.php?iar=1&w=40&src=$avat[0]\">";
              return $avatar;

              }
              /////////////////////////////////////////////////////////
              to use:
              echo useravat($who); or $uid or whatever...
              C3 Themes: http://c3themes.wen.ru/index.html
              Find Files: http://mystarter.tk/?goto=X-search

              Comment


                #97
                @nclemale36

                Code:
                @mysql_query("TRUNCATE TABLE `chat4u_UserPms`");
                This will clean users inbox at one hit ....

                Also note it will delete all and keeps the sql

                But your way it only deletes some but not all best idea for busy site's over 1 MILL users will use this
                Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
                Visit: WapMasterz Coming Back Soon!
                _______
                SCRIPTS FOR SALE BY SUBZERO
                Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
                FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
                _______
                Info & Tips
                php.net
                w3schools.com

                Comment


                  #98
                  Sql/Xss injection protection + registration flood protection.


                  captcha.php
                  PHP Code:
                  <?
                  session_start();
                  header('content-type: image/jpeg');
                  $text = rand(10000,99999);
                  $_SESSION["vercode"] = $text;

                  $height = 25;
                  $width = 65;

                  $image_p = imagecreate($width, $height);
                  $black = imagecolorallocate($image_p, 0, 0, 0);
                  $white = imagecolorallocate($image_p, 255, 255, 255);
                  $font_size = 14; 
                  imagestring($image_p, $font_size, 5, 5, $text, $white);
                  imagejpeg($image_p, null, 80);
                  ?>
                  register-form.php
                  PHP Code:
                  <?php
                      session_start
                  ();
                  ?>
                  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
                  <html xmlns="http://www.w3.org/1999/xhtml">
                  <head>
                  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
                  <title>Registration Form</title>
                  <link href="style.css" rel="stylesheet" type="text/css" />
                  </head>
                  <body>
                  <?php
                      
                  if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >) {
                          echo 
                  '<p align=\"center"\>';
                          echo 
                  '<ul class="err">';
                          foreach(
                  $_SESSION['ERRMSG_ARR'] as $msg) {
                              echo 
                  '<li>',$msg,'</li>'
                          }
                          echo 
                  '</ul>';
                          echo 
                  '</p>';
                          unset(
                  $_SESSION['ERRMSG_ARR']);
                      }
                  ?>
                  <form id="loginForm" name="loginForm" method="post" action="register-exec.php">
                    <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">
                      <tr>
                        <th>Email Address</th>
                        <td><input name="email" type="text" class="textfield" id="fname" /></td>
                      </tr>
                       <tr>
                        <th width="124">User ID</th>
                        <td width="168"><input name="login" type="text" class="textfield" id="login" /></td>
                      </tr>
                      <tr>
                        <th>Password</th>
                        <td><input name="password" type="password" class="textfield" id="password" /></td>
                      </tr>
                      <tr>
                        <th>Confirm Password </th>
                        <td><input name="cpassword" type="password" class="textfield" id="cpassword" /></td>
                      </tr>
                      <tr>
                      <tr>
                        <th>Human Test</th>
                       <td><img src="captcha.php"><input type="text" name="vercode" /><br>   </td>  </tr>
                      <tr>
                        <td>&nbsp;</td>
                        <td><input type="submit" name="Submit" value="Register" /></td>
                      </tr>
                    </table>
                  </form>
                  </body>
                  </html>

                  register-exec.php
                  PHP Code:
                  <?php
                      
                  //Start session
                      
                  session_start();

                      
                  //Include database connection details
                      
                  require_once('config.php');
                      
                      
                  //Array to store validation errors
                      
                  $errmsg_arr = array();
                      
                      
                  //Validation error flag
                      
                  $errflag false;
                      
                      
                  //Connect to mysql server
                      
                  $link mysql_connect(DB_HOSTDB_USERDB_PASSWORD);
                      if(!
                  $link) {
                          die(
                  'Failed to connect to server: ' mysql_error());
                      }
                      
                      
                  //Select database
                      
                  $db mysql_select_db(DB_DATABASE);
                      if(!
                  $db) {
                          die(
                  "Unable to select database");
                      }
                      
                      
                  //Function to sanitize values received from the form. Prevents SQL/XSS injection
                  function clean($str) {
                          
                  $str = @trim($str);
                          if(
                  get_magic_quotes_gpc()) {
                              
                  $str=htmlspecialchars($str);                       
                              
                  $str=stripslashes(trim($str));
                              
                  $search=array("\\","\0","\n","\r","\x1a","'",'"');
                              
                  $replace=array("\\\\","\\0","\\n","\\r","\Z","\'",'\"');
                              
                  $str str_replace($search,$replace,$str);
                          }
                          return 
                  mysql_real_escape_string($str);
                      }
                      
                      
                  //Sanitize the POST values
                      
                  $email clean($_POST['email']);
                      
                  $login clean($_POST['login']);
                      
                  $password clean($_POST['password']);
                      
                  $cpassword clean($_POST['cpassword']);

                      
                  //Input Validations
                      
                  if ($_POST["vercode"] != $_SESSION["vercode"] OR $_SESSION["vercode"]=='')  { 
                       
                  $errmsg_arr[] = 'Failed Human Test.';
                          
                  $errflag true;

                      if(
                  $email == '') {
                          
                  $errmsg_arr[] = 'Email Add is missing';
                          
                  $errflag true;
                      }
                      
                      if(
                  $login == '') {
                          
                  $errmsg_arr[] = 'Login ID missing';
                          
                  $errflag true;
                      }
                      if(
                  $password == '') {
                          
                  $errmsg_arr[] = 'Password missing';
                          
                  $errflag true;
                      }
                      if(
                  $cpassword == '') {
                          
                  $errmsg_arr[] = 'Confirm password missing';
                          
                  $errflag true;
                      }
                      if( 
                  strcmp($password$cpassword) != ) {
                          
                  $errmsg_arr[] = 'Passwords do not match';
                          
                  $errflag true;
                      }
                      
                      
                  //Check for duplicate login ID
                      
                  if($login != '') {
                          
                  $qry "SELECT * FROM ibwf_users WHERE name='$login'";
                          
                  $result mysql_query($qry);
                          if(
                  $result) {
                              if(
                  mysql_num_rows($result) > 0) {
                                  
                  $errmsg_arr[] = 'Login ID already in use';
                                  
                  $errflag true;
                              }
                              @
                  mysql_free_result($result);
                          }
                          else {
                              die(
                  "Query failed");
                          }
                      }
                      
                      
                  //If there are input validations, redirect back to the registration form
                      
                  if($errflag) {
                          
                  $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
                          
                  session_write_close();
                          
                  header("location: register-form.php");
                          exit();
                      }

                      
                  //Create INSERT query
                      
                  $qry "INSERT INTO ibwf_users(email, validated, name, pass) VALUES('$email','1','$login','".md5($_POST['password'])."')";
                      
                  $result = @mysql_query($qry);
                      
                      
                  //Check whether the query was successful or not
                      
                  if($result) {
                          
                  header("location: register-success.php");
                          exit();
                      }else {
                          die(
                  "Query failed");
                      }
                  ?>
                  register-success.php
                  PHP Code:
                  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
                  <
                  html xmlns="http://www.w3.org/1999/xhtml">
                  <
                  head>
                  <
                  meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
                  <
                  title>Registration Successful</title>
                  <
                  link href="style.css" rel="stylesheet" type="text/css" />
                  </
                  head>
                  <
                  body>
                  <
                  h1>Registration Successful</h1>
                  <
                  p><a href="index.php">Click here</ato login to your account.</p>
                  </
                  body>
                  </
                  html
                  to scan more input value u can use this function
                  PHP Code:
                  function clean($str) {
                          
                  $str = @trim($str);
                          if(
                  get_magic_quotes_gpc()) {
                              
                  $str=htmlspecialchars($str);                       
                              
                  $str=stripslashes(trim($str));
                              
                  $search=array("\\","\0","\n","\r","\x1a","'",'"');
                              
                  $replace=array("\\\\","\\0","\\n","\\r","\Z","\'",'\"');
                              
                  $str str_replace($search,$replace,$str);
                          }
                          return 
                  mysql_real_escape_string($str);
                      } 
                  use as
                  PHP Code:
                  $email clean($_POST['email']); 
                  sigpic

                  Comment


                    #99
                    Originally posted by shakil420
                    yeah thanx bro....is it possible.....suppose if any user change his browser then his session automatically dropped??? like in opera ----> 420.com/index.php?action=main&sid=420420420420 then when he tried to paste the link with others opera/mozilla browsers like in mozilla -----> 420.com/index.php?action=main&sid=420420420420

                    then it shows "hei 420 site sid proteced lol"

                    if u know the code trhen post pls
                    PHP Code:
                    $bro mysql_fetch_array(mysql_query("SELECT browserm FROM ibwf_users WHERE id='".$uid."'"));
                    $brws $_SERVER['HTTP_USER_AGENT'];
                    if(
                    $bro[0]!=$brws){
                    echo 
                    "hei 420 site sid proteced lol";
                    exit;

                    Comment


                      I need some advice or help:

                      how to speed up the function that displays number of topics, number of posts and the last post (nick and time) of the subforum on my web extension of lava (trying to make it phpBB like)?

                      I am using this code:

                      PHP Code:
                      $forums mysql_query("SELECT id, name FROM ibwf_forums WHERE cid='".$cid."' AND clubid='0' ORDER BY position, id, name");

                          while(
                      $forum mysql_fetch_array($forums))
                          {
                            if(
                      canaccess(getuid_sid($sid), $forum[0]))
                            {
                            
                      $notp mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE fid='".$forum[0]."'"));
                            
                      $nops mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_posts a INNER JOIN ibwf_topics b ON a.tid = b.id WHERE b.fid='".$forum[0]."'"));
                            
                      $iml "<img src=\"images/1.gif\" alt=\"*\"/> ";

                            
                      $lpt mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_topics WHERE fid='".$forum[0]."' ORDER BY lastpost DESC LIMIT 0,1"));
                            
                      $nops0 mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_posts WHERE tid='".$lpt[0]."'"));
                            if(
                      $nops0[0]==0)
                            {
                            
                      $pinfo mysql_fetch_array(mysql_query("SELECT authorid FROM ibwf_topics WHERE id='".$lpt[0]."' LIMIT 0,1"));
                            }
                            else
                            {
                            
                      $pinfo mysql_fetch_array(mysql_query("SELECT uid FROM ibwf_posts WHERE tid='".$lpt[0]."' ORDER BY dtpost DESC LIMIT 0,1"));
                            }
                            
                      $tlnm htmlspecialchars($lpt[1]);
                            
                      $tlnick getnick_uid($pinfo[0]);
                            
                      $tpclnk "<a href=\"index.php?action=viewtpc&amp;sid=$sid&amp;tid=$lpt[0]&amp;go=last\">$tlnm</a>";
                            
                      $vulnk "<a href=\"index.php?action=viewuser&amp;sid=$sid&amp;who=$pinfo[0]\">$tlnick</a>";
                            
                          echo 
                      "<tr>
                          <td valign=\"middle\" width=\"25\">&nbsp;
                      $iml</td>
                          <td align=\"left\" width=\"200\" class=\"sjena\">&nbsp;<a href=\"index.php?action=viewfrm&amp;sid=
                      $sid&amp;fid=$forum[0]\">$forum[1]</a></td>
                          <td width=\"50\" align=\"center\" class=\"sjena\">
                      $notp[0]</td>
                          <td width=\"60\" align=\"center\" class=\"sjena\">
                      $nops[0]</td>
                          <td align=\"right\" class=\"style12\">
                      $tpclnk&nbsp;<br/>od: $vulnk&nbsp;</td>
                          </tr><tr><td colspan=\"5\"><hr></td></tr>"
                      ;
                          }
                          } 
                      and preview how slow it is can be seen here: MERAK.mobi

                      Comment


                        @ thank u for the post something else bro ///
                        PHP Code:
                        if($bro[0]!=$brws
                        in the code (!= ) what it means?? not equal?? when i use the code it always show hei 420 site sid proteced lol though i use same browser.... reply soon thank u

                        Comment


                          yes it means not equal

                          oh the original script explodes browser name try:

                          PHP Code:
                          $bro mysql_fetch_array(mysql_query("SELECT browserm FROM ibwf_users WHERE id='".$uid."'")); 
                          $brws $_SERVER['HTTP_USER_AGENT']; 
                          $brws explode(" "$brws);
                          if(
                          $bro[0]!=$brws[0]){ 
                          echo 
                          "hei 420 site sid proteced lol"
                          exit; 

                          Added after 32 minutes:

                          Originally posted by kafa View Post
                          I need some advice or help:

                          how to speed up the function that displays number of topics, number of posts and the last post (nick and time) of the subforum on my web extension of lava (trying to make it phpBB like)?
                          Try This I havent Tested it:
                          PHP Code:
                          $forums mysql_query("SELECT id, name FROM ibwf_forums WHERE cid='".$cid."' AND clubid='0' ORDER BY position, id, name");
                              while(
                          $forum mysql_fetch_array($forums))
                              {
                                if(
                          canaccess(getuid_sid($sid), $forum[0]))
                                {
                                
                          $notp mysql_fetch_array(mysql_query("SELECT COUNT(*), id, name FROM ibwf_topics WHERE fid='".$forum[0]."'"));
                                
                          $nops mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE tid='".$notp[1]."'"));
                                if(
                          $nops[0]==0)
                                {
                                
                          $pinfo mysql_fetch_array(mysql_query("SELECT authorid FROM ibwf_topics WHERE id='".$notp[1]."'"));
                                }else{
                                
                          $pinfo mysql_fetch_array(mysql_query("SELECT uid FROM ibwf_posts WHERE tid='".$notp[1]."'"));
                                }
                              echo 
                          "<tr>
                              <td valign=\"middle\" width=\"25\">&nbsp;<img src=\"images/1.gif\" alt=\"*\"/></td>
                              <td align=\"left\" width=\"200\" class=\"sjena\">&nbsp;<a href=\"index.php?action=viewfrm&amp;sid=
                          $sid&amp;fid=$forum[0]\">$forum[1]</a></td>
                              <td width=\"50\" align=\"center\" class=\"sjena\">
                          $notp[0]</td>
                              <td width=\"60\" align=\"center\" class=\"sjena\">
                          $nops[0]</td>
                              <td align=\"right\" class=\"style12\">
                              <a href=\"index.php?action=viewtpc&amp;sid=
                          $sid&amp;tid=$lpt[1]&amp;go=last\">".htmlspecialchars($notp[2])."</a> &nbsp;<br/>
                              od: <a href=\"index.php?action=viewuser&amp;sid=
                          $sid&amp;who=$pinfo[0]\">".getnick_uid($pinfo[0])."</a> &nbsp;</td>
                              </tr><tr><td colspan=\"5\"><hr></td></tr>"
                          ;
                              }
                              } 
                          Last edited by something else; 22.08.10, 17:44.

                          Comment


                            Originally posted by something else View Post
                            Try This I havent Tested it:
                            PHP Code:
                                  $notp mysql_fetch_array(mysql_query("SELECT COUNT(*), id, name FROM ibwf_topics WHERE fid='".$forum[0]."'"));
                                  
                            $nops mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE tid='".$notp[1]."'")); 
                            It does'nt work cus of this part: SELECT COUNT(*), id, name FROM ibwf_topics returns => mysql_fetch_array(): supplied argument is not a valid MySQL result resource

                            Comment


                              COUNT(*), id, name <-- Wrong!
                              COUNT('id','name') <-- Right
                              Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
                              Visit: WapMasterz Coming Back Soon!
                              _______
                              SCRIPTS FOR SALE BY SUBZERO
                              Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
                              FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
                              _______
                              Info & Tips
                              php.net
                              w3schools.com

                              Comment


                                oops:
                                PHP Code:
                                $forums mysql_query("SELECT id, name FROM ibwf_forums WHERE cid='".$cid."' AND clubid='0' ORDER BY position, id, name"); 
                                    while(
                                $forum mysql_fetch_array($forums)) 
                                    { 
                                      if(
                                canaccess(getuid_sid($sid), $forum[0])) 
                                      { 
                                      
                                $notp mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE fid='".$forum[0]."'")); 
                                      
                                $tpi mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_topics WHERE fid='".$forum[0]."'")); 
                                      
                                $nops mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE tid='".$tpi0]."'")); 
                                      if(
                                $nops[0]==0
                                      { 
                                      
                                $pinfo mysql_fetch_array(mysql_query("SELECT authorid FROM ibwf_topics WHERE id='".$tpi[0]."'")); 
                                      }else{ 
                                      
                                $pinfo mysql_fetch_array(mysql_query("SELECT uid FROM ibwf_posts WHERE tid='".$tpi[0]."'")); 
                                      } 
                                    echo 
                                "<tr> 
                                    <td valign=\"middle\" width=\"25\">&nbsp;<img src=\"images/1.gif\" alt=\"*\"/></td> 
                                    <td align=\"left\" width=\"200\" class=\"sjena\">&nbsp;<a href=\"index.php?action=viewfrm&amp;sid=
                                $sid&amp;fid=$forum[0]\">$forum[1]</a></td> 
                                    <td width=\"50\" align=\"center\" class=\"sjena\">
                                $notp[0]</td> 
                                    <td width=\"60\" align=\"center\" class=\"sjena\">
                                $nops[0]</td> 
                                    <td align=\"right\" class=\"style12\"> 
                                    <a href=\"index.php?action=viewtpc&amp;sid=
                                $sid&amp;tid=$lpt[1]&amp;go=last\">".htmlspecialchars($tpi[1])."</a> &nbsp;<br/> 
                                    od: <a href=\"index.php?action=viewuser&amp;sid=
                                $sid&amp;who=$pinfo[0]\">".getnick_uid($pinfo[0])."</a> &nbsp;</td> 

                                Comment

                                Working...
                                X