well as most ppl on here already know ive been dealing with the lavalair script for almost 6-7 years now and know it back to front.
im recoding mobilezonez script from scratch making it secure.
the problem i am facing at the moment is in my viewtopics code i can get the file to display on topic replies pointing to its php page for downloading.
But For some reason i cant get it to work for attachments that was created with the actual topic if anyone can help id be greatly appreciating your input.
my demo site is up and running but not fully complete m-zonez
::::: please note ther is no problem with the topic creation data going to the database ive tried numurous ways to show but it is doing my head in
here is the code i am having trouble with
And here is the download2.php page if u need to see its function
im recoding mobilezonez script from scratch making it secure.
the problem i am facing at the moment is in my viewtopics code i can get the file to display on topic replies pointing to its php page for downloading.
But For some reason i cant get it to work for attachments that was created with the actual topic if anyone can help id be greatly appreciating your input.
my demo site is up and running but not fully complete m-zonez
::::: please note ther is no problem with the topic creation data going to the database ive tried numurous ways to show but it is doing my head in
here is the code i am having trouble with
PHP Code:
else if($mzonez=="viewtpc")
{
$tid = $_GET["tid"];
$go = $_GET["go"];
addonline(getuid_sid($sid),"Viewing Forum Topic","index.php?mzonez=viewtpc&tid=$tid&is=awsum");
$tfid = mysql_fetch_array(mysql_query("SELECT fid FROM ibwf_topics WHERE id='".$tid."'"));
if(!canaccess(getuid_sid($sid), $tfid[0]))
{
echo "<head>";
echo "<title>View Topic</title>";
echo "</head>";
echo "<body>";
pagehead();
navstart("www.m-zonez.net");
echo "<div class=\"error\"><img src=\"images/no.jpg\" alt=\"-\"/>";
echo "<b><strong>Error! You Don't Have A Permission To View The Contents Of This Forum</strong></b><br/>";
echo "</div>";
echo "<p align=\"center\">";
echo "<br/><br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
pagefoot();
echo "</body>";
echo "</html>";
exit();
}
$tinfo = mysql_fetch_array(mysql_query("SELECT name, text, authorid, crdate, views, fid, pollid from ibwf_topics WHERE id='".$tid."'"));
$tnm = htmlspecialchars($tinfo[0]);
echo "<head>";
echo "<title>View Topic</title>";
echo "</head>";
echo "<body>";
pagehead();
navstart("www.m-zonez.net");
echo "<p align=\"center\">";
$num_pages = getnumpages($tid);
if($page==""||$page<1)$page=1;
if($go!="")$page=getpage_go($go,$tid);
$posts_per_page = 10;
if($page>$num_pages)$page=$num_pages;
$limit_start = $posts_per_page *($page-1);
$lastlink = "<a href=\"forums.php?mzonez=$mzonez&tid=$tid&go=last\">Last Page</a>";
$firstlink = "<a href=\"forums.php?mzonez=$mzonez&tid=$tid&page=1\">First Page</a> ";
$golink = "";
if($page>1)
{
$golink = $firstlink;
}
if($page<$num_pages)
{
$golink .= $lastlink;
}
if($golink !="")
{
echo "<br/>$golink";
}
echo "</p>";
echo "<p align=\"center\">";
$vws = $tinfo[4]+1;
$rpls = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_posts WHERE tid='".$tid."'"));
echo "Replies: $rpls[0] - Views: $vws<br/>";
///fm here
if($page==1)
{
$posts_per_page=4;
mysql_query("UPDATE ibwf_topics SET views='".$vws."' WHERE id='".$tid."'");
$ttext = mysql_fetch_array(mysql_query("SELECT authorid, text, crdate, pollid, filename, filesize, dcount FROM ibwf_topics WHERE id='".$tid."'"));
$unick = getnick_uid($ttext[0]);
$age = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE uid='".$ttext[0]."'"));
$location1 = mysql_fetch_array(mysql_query("SELECT location FROM ibwf_users WHERE id='".$ttext[0]."'"));
$nopl = mysql_fetch_array(mysql_query("SELECT sex, birthday, location FROM ibwf_users WHERE id='".$ttext[0]."'"));
$uage = getage($nopl[1]);
if($nopl[0]=='M')
{
$usex = "Male";
}else if($nopl[0]=='F'){
$usex = "Female";
}else{
$usex = "Argh! No Profile!";
}
$nopl[2] = htmlspecialchars($nopl[2]);
$avlink = getavatar($ttext[0]);
if($avlink=="")
{
$foto = "<br/><img src=\"thumb.php?image=nopics.gif&w=50&h=50&type=jpg\" alt=\"avatars\"/>";
}else{
$foto = "<br/><img src=\"thumb.php?image=$avlink&w=50&h=50&type=jpg\" alt=\"avatars\"/>";
}
if(isonline($ttext[0]))
{
$iml = "<img src=\"images/online.jpg\" alt=\"+\"/>";
}else{
$iml = "<img src=\"images/ofline.jpg\" alt=\"-\"/>";
}
$status = getstatus($ttext[0]);
$cname = cname($uid);
if(($cname == "000000")||($cname == ""))
{
$fonto = "";
$fontc = "";
}else{
$fonto = "<font color=\"$cname\">";
$fontc = "</font>";
}
$usl = "<a href=\"forums.php?mzonez=viewuser&who=$ttext[0]\">$fonto $unick $fontc</a>";
$topt = "<a href=\"forums.php?mzonez=tpcopt&tid=$tid\">*</a>";
if($go==$tid)
{
$fli = "<img src=\"images/flag.gif\" alt=\"!\"/>";
}else{
$fli ="";
}
if(isadmin($ttext[0]))
{$usl = "<a href=\"home.php?mzonez=viewuser&who=$ttext[0]\"><font color='#FFFF66'>$unick</font></a>";}
else if(isvip($ttext[0]))
{$usl = "<a href=\"home.php?mzonez=viewuser&who=$ttext[0]\"><font color='lightgreen'>$unick</font></a>";}
else if(ismod($ttext[0]))
{$usl = "<a href=\"home.php?mzonez=viewuser&who=$ttext[0]\"><font color='blue'>$unick</font></a>";}
else if(isbanned($ttext[0]))
{$usl = "<a href=\"home.php?mzonez=viewuser&who=$ttext[0]\"><strike>$unick</strike></a>";}
else
{
$usl = "$iml<a href=\"home.php?action=viewuser&who=$ttext[0]\">$unick</a>";}
$pst = parsemsg($ttext[1],$sid);
//echo "$unick: $fli$pst $topt<br/>";
$dtot = date("d-m-y - H:i:s",$ttext[2]);
$cname = cname($uid);
if(($cname == "000000")||($cname == ""))
{
$fonto = "";
$fontc = "";
}else{
$fonto = "<font color=\"$cname\">";
$fontc = "</font>";
}
if($ttext[0]=="")
{
$attach1 = "Attachment:No";
}
else
{
$attach1 = "Attachment: <a href=\"down2.php?id=$ttext[0]\">[ Download ]</a> - $ttext[17] Views!"; /// here is the bug
}
echo "<br/>";
echo "<table>";
echo "<tbody>";
echo "<tr> ";
echo "<td>";
echo "$foto<br/><small>$fonto$usl$fontc</small>";
echo "<td> ";
echo "$iml $fonto$usl$fontc $status";
//echo "";
echo "<br>Posted:
$fonto $pst $fontc $topt <br/>";
echo "$attach1";
echo "<br>Date:$dtot <br/>";
echo "</td> ";
echo "</tr> ";
echo "</tbody>";
echo "</table>";
//echo "$tid <a href=\"down2.php?tid=$tid\">[ Attachment: $post[6] ]</a><br/>";
echo "<div class=\"hr\"></div> ";
if($ttext[3]>0)
{
echo "<a href=\"home.php?mzonez=viewtpl&who=$tid\">POLL</a><br/>";
}
}
/*
Avatar Not Showing After 5 replies
*/
if($page>1)
{
$limit_start--;
}
$sql = "SELECT id, text, uid, dtpost, quote, filename, filesize, dcount FROM ibwf_posts WHERE tid='".$tid."' ORDER BY dtpost LIMIT $limit_start, $posts_per_page";
$posts = mysql_query($sql);
while($post = mysql_fetch_array($posts))
{
$unick = getnick_uid($post[2]);
if(isonline($post[2]))
{
$iml = "<img src=\"images/online.jpg\" alt=\"+\"/>";
}else{
$iml = "<img src=\"images/ofline.jpg\" alt=\"-\"/>";
}
$cname = cname($uid);
if(($cname == "000000")||($cname == ""))
{
$fonto = "";
$fontc = "";
}else{
$fonto = "<font color=\"$cname\">";
$fontc = "</font>";
}
$usl = "<a href=\"home.php?mzonez=viewuser&who=$post[2]\">$fonto$unick$fontc</a>";
$pst = parsemsg($post[1], $sid);
if($go==$post[0])
{
$fli = "<img src=\"../images/flag.gif\" alt=\"!\"/>";
}else{
$fli ="";
}
/*
==================================================
Display Code For Attachment Post Reply
==================================================
*/
if($post[5]=="")
{
$attach = "Attachment:No";
}
else
{
$attach = "Attachment: <a href=\"down2.php?tid=$post[0]\">[ Download ]</a> - $post[7] Views!";
}
/*
==========================================
End Of Display Code
==========================================
*/
$cname = cname($uid);
if(($cname == "000000")||($cname == ""))
{
$fonto = "";
$fontc = "";
}else{
$fonto = "<font color=\"$cname\">";
$fontc = "</font>";
}
echo "<table>";
echo "<tbody>";
echo "<tr> ";
echo "<td>";
echo "$foto<br/><small>$fonto$usl$fontc</small>";
echo "<td> ";
echo "$iml $fonto$usl$fontc $status";
//echo "<br/><a href=\"down2.php?tid=$post[0]\">[ Attachment: $post[6] ]</a><br/>";
echo "<br>Posted:
$fonto $pst $fontc $topt <br />";
echo " $attach";
echo "<br />Date:$dtot <br/>";
echo "</td> ";
echo "</tr> ";
echo "</tbody>";
echo "</table>";
echo "<div class=\"hr\"></div> ";
// echo "$usl: $fli $pst $topt<br/>";
//$dtot = date("d-m-y - H:i:s",$post[3]);
//echo $dtot;
echo "<br/>";
}
///to here
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"forums.php?mzonez=viewtpc&page=$ppage&tid=$tid&is=awsum\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"forums.php?mzonez=viewtpc&page=$npage&tid=$tid&is=awsum\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"index.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"mzonez\" value=\"$mzonez\"/>";
$rets .= "<input type=\"hidden\" name=\"tid\" value=\"$tid\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"Submit\" value=\"Go To Page\" Name=\"Submit\"/></form>";
echo $rets;
}
echo "<br/>";
echo "</p>";
echo "<div class=\"hr\"></div> ";
echo "Fast Reply<br/>";
$qut = $_GET["qut"];
echo "<p align=\"center\">";
echo "<form action=\"forums.php?mzonez=reppost&tid=$tid\" method=\"post\">";
echo "Text:<br/><textarea id=\"inputText\" name=\"reptxt\"></textarea><br/>";
echo "<input type=\"hidden\" name=\"tid\" value=\"$tid\"/>";
echo "<input type=\"hidden\" name=\"qut\" value=\"$qut\"/>";
echo "<input type=\"submit\" value=\"Reply\"/>";
echo "</form>";
echo "<a href=\"forums.php?mzonez=postatt&tid=$tid\">Reply with attachment</a><br/><a href=\"forums.php?mzonez=bookk&tid=$tid\">Bookmark This Topic</a>";
echo "<center>Current user says thanks for this topic<br/>";
$query = mysql_query("SELECT uid FROM ibwf_thankss WHERE tid='".$tid."'");
while ($links = mysql_fetch_array($query))
{
$link = "<a href=\"home.php?action=viewuser&who=$links[0]\">".getnick_uid($links[0])."</a>";
echo "$link,";
}
$fid = $_GET["fid"];
$view = $_GET["view"];
$fnm = getfname($fid);
$fnm=htmlspecialchars($fnm);
$notc = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics"));
$nops = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_posts"));
echo "<i>We currently have <b>$notc[0]</b> topics created and <b>$nops[0]</b> posting in our database.<br/></i>";
$cid = ($_GET["cid"]);
$cinfo = mysql_fetch_array(mysql_query("SELECT name from ibwf_fcats WHERE id='".$cid."'"));
//addonline(getuid_sid($sid),"Viewing Forums Category - $cinfo[0]","index.php");
$cinfo = mysql_fetch_array(mysql_query("SELECT name from ibwf_fcats WHERE id='".$cid."'"));
$var3 = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_online WHERE place='Viewing Forum Topic'"));
echo "<i>$var3[0] User(s) Currently Browsing Here</i><br/>";
echo "Members Browsing This Topic<br/>";
$query = mysql_query("SELECT userid FROM ibwf_online WHERE place='Viewing Forum Topic'");
while ($links = mysql_fetch_array($query))
{
$link = "<a href=\"home.php?action=viewuser&who=$links[0]\">".getnick_uid($links[0])."</a>";
echo "$link,";
}
echo "<br/>";
$fid = mysql_fetch_array(mysql_query("SELECT cid FROM ibwf_forums WHERE id='".$fid."'"));
if($fid[0]>0)
{
$cinfo = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_forums WHERE id='".$fid[0]."'"));
$cname = htmlspecialchars($cinfo[0]);
}else{
$fid = mysql_fetch_array(mysql_query("SELECT cid FROM ibwf_forums WHERE id='".$fid."'"));
$cinfo = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_forums WHERE id='".$fid[0]."'"));
$cname = htmlspecialchars($cinfo[0]);
}
$fid = $_GET["fid"];
$view = $_GET["view"];
$fnm = getfname($fid);
$fnm=htmlspecialchars($fnm);
$nick = getnick_sid($sid);
navstart("Back To Where? $nick");
echo "<a href=\"home.php?mzonez=main\"><img src=\"images/home.gif\" alt=\"*\"/>Home</a><br/>";
echo "<a href=\"forums.php?mzonez=viewcat&fid=$fid[0]\">Forums Menu</a>";
$fid = $_GET["fid"];
$view = $_GET["view"];
$fnm = getfname($fid);
$fnm=htmlspecialchars($fnm);
echo "»<a href=\"forums.php?mzonez=viewfrm&fid=$fid[0]\">$cname</a>»<small>$tnm</small><br/>";
echo "Page loaded in ";
$load = microtime();
print (number_format($load,2));
echo " seconds<br/></center>";
pagefoot();
echo "</body>";
}
And here is the download2.php page if u need to see its function
PHP Code:
<?php
$dbname = "lava";
$dbhost = "localhost";
$dbuser = "";
$dbpass = "";
//////////////////////////////////////////
$conms = mysql_connect($dbhost,$dbuser,$dbpass);
$condb = mysql_select_db($dbname);
$id = $_GET['id'];
$mzonez = $_GET["mzonez"];
$sid = $_SESSION['sid'];
$tid = $_GET["tid"];
$go = $_GET["go"];
$dnt = mysql_fetch_array(mysql_query("SELECT filename, dcount FROM ibwf_posts WHERE id='".$tid."'"));
$hit = $dnt[1] + 1;
mysql_query("UPDATE ibwf_posts SET dcount='".$hit."' WHERE id='".$tid."'");
header("Location:fattach/$dnt[0]");
?>
Comment