index.php 60 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639
  1. <?php
  2. // SSB - Simple Social Board
  3. // (C) Chris Dorman, 2012 - 2020
  4. // License: CC-BY-NC-SA version 3.0
  5. // http://github.com/Pentium44/SSB
  6. //// For development debug.
  7. //error_reporting(E_ALL);
  8. //ini_set('display_errors', 1);
  9. session_start();
  10. include "config.php";
  11. include "functions.php";
  12. include "bbcode.php";
  13. $loginCheck = checkLogin();
  14. // check if flatfile database location is populated
  15. if(!file_exists("ssb_db"))
  16. {
  17. mkdir("ssb_db", 0777);
  18. }
  19. if(!file_exists("ssb_db/users"))
  20. {
  21. mkdir("ssb_db/users", 0777);
  22. }
  23. if(!file_exists("ssb_db/posts"))
  24. {
  25. mkdir("ssb_db/posts", 0777);
  26. }
  27. if(!file_exists("ssb_db/uploads"))
  28. {
  29. mkdir("ssb_db/uploads", 0777);
  30. }
  31. if(!file_exists("ssb_db/friends"))
  32. {
  33. mkdir("ssb_db/friends", 0777);
  34. }
  35. $username = $_SESSION['ssb-user'];
  36. //$_SESSION['ssb-topic'] = $ssbtopic;
  37. ?>
  38. <!DOCTYPE html>
  39. <html lang="en-us">
  40. <head>
  41. <title><?php echo htmlentities(stripslashes($ssbtitle)); ?></title>
  42. <?php
  43. if($_GET['do']!="post" && $_GET['do']!="reply" && $_GET['do']!="react" && $_GET['do']!="avatarupload" && $_GET['do']!="delpost") {
  44. echo '<meta http-equiv="content-type" content="text/html; charset=utf-8">';
  45. }
  46. ?>
  47. <meta name="viewport" content="width=device-width, initial-scale=.55, shrink-to-fit=yes"><meta name="description" content="<?php echo htmlentities($ssbtitle) . " - " . $desc; ?>">
  48. <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css">
  49. <link rel="stylesheet" type="text/css" href="style.css">
  50. </head>
  51. <body <?php if($_GET['do']=="privmsg") { echo "onload=\"UpdateTimer();\""; } ?>>
  52. <div class="maincontain">
  53. <div id="navbar" style="width: 99%;">
  54. <?php if(isset($_SESSION['ssb-user']) && isset($_SESSION['ssb-pass'])) { ?>
  55. <div class="dropdown">
  56. <button class="dropbtn"><i class="fa-solid fa-user-group"></i> Account &amp; Posting</button>
  57. <div class="dropdown-content">
  58. <a href="?forms=post" title="Post on your feed!">Make a Post</a>
  59. <a href="index.php">User Feed</a>
  60. <a href="?do=friends">Friends</a>
  61. </div>
  62. </div>
  63. <div class="dropdown" style="float: right;">
  64. <button class="dropbtn"><i class="fa-solid fa-gears"></i> Settings Menu</button>
  65. <div class="dropdown-content" style="right: 0;">
  66. <a href="?userfeed=<?php echo $username; ?>" title="Your profile!">Your Profile</a>
  67. <a href="?do=userctrl">User Panel</a>
  68. <a href="?do=about">About</a>
  69. <a href="?do=logout">Logout</a>
  70. </div>
  71. </div>
  72. <!--<a style="width:50px;" href="?do=users" title="Public users!"></a>-->
  73. <?php } else { ?>
  74. <a href="?forms=login"><i class="fa-solid fa-left-from-bracket"></i></a>
  75. <a href="?do=about"><i class="fa-solid fa-circle-info"></i></a><br />
  76. <?php } ?>
  77. </div>
  78. <!--<div class="title"><?php echo $ssbtitle; ?></div>-->
  79. <?php
  80. if(($loginCheck == true) && $_GET['do']!="avatarlocation" && $_GET['do']!="reply" && $_GET['do']!="post" && $_GET['do']!="react" && $_GET['do']!="delpost") {
  81. // PM notifications
  82. $notifications = "ssb_db/friends/" . $username . ".notifications";
  83. $handle = fopen($notifications, "r");
  84. echo "<table class='notifications'><tr><td>Notifications: <a class='button' onclick=\"userClrNotifications();\">Clear</a></td></tr>";
  85. if ($handle) {
  86. while (($line = fgets($handle)) !== false) {
  87. echo "<tr><td><i class='fa fa-exclamation' aria-hidden='true'></i> " . $line . "</td></tr>";
  88. }
  89. fclose($handle);
  90. } else {
  91. echo "<tr><td>No notifications</td></tr>";
  92. }
  93. echo "</table></td><td class='contain'>";
  94. } else {
  95. echo "</td><td class='contain'>";
  96. }
  97. ?>
  98. <?php
  99. if(isset($_GET['forms']))
  100. {
  101. $forms = $_GET['forms'];
  102. $id = $_GET['pid'];
  103. if($forms=="register") {
  104. registerForm();
  105. }
  106. else if($forms=="login") {
  107. loginForm();
  108. }
  109. else if($forms=="friendreq") {
  110. if($loginCheck == true) {
  111. friendReqForm();
  112. } else {
  113. loginForm();
  114. }
  115. }
  116. else if($forms=="changepass") {
  117. if($loginCheck == true) {
  118. changePassForm();
  119. } else {
  120. loginForm();
  121. }
  122. }
  123. else if($forms=="deleteacct") {
  124. if($loginCheck == true) {
  125. deleteAcctForm();
  126. } else {
  127. loginForm();
  128. }
  129. }
  130. else if($forms=="avatarupload") {
  131. if($loginCheck == true) {
  132. uploadAvatarForm();
  133. } else {
  134. loginForm();
  135. }
  136. }
  137. else if($forms=="post") {
  138. if($loginCheck == true) {
  139. postForm();
  140. } else {
  141. loginForm();
  142. }
  143. }
  144. else if($forms=="clean") {
  145. if($loginCheck == true) {
  146. cleanForm();
  147. } else {
  148. loginForm();
  149. }
  150. }
  151. else {
  152. echo "ERROR: Unknown form-name<br>";
  153. }
  154. }
  155. else if(isset($_GET['notify']))
  156. {
  157. $notify = $_GET['notify'];
  158. if($notify=="1") { echo "Error: User not found"; }
  159. else if($notify=="2") { echo "Error: Incorrect password provided"; }
  160. else if($notify=="3") { echo "Error: Please fill out all the text boxes"; }
  161. else if($notify=="4") { echo "Error: The provided passwords did not match"; }
  162. else if($notify=="5") { echo "Error: Special characters cannot be used in your username"; }
  163. else if($notify=="6") { echo "Error: This username is already in use"; }
  164. else if($notify=="7") { echo "Error: Current password incorrect!"; }
  165. else if($notify=="8") { echo "Success! Current password changed!"; }
  166. else { echo "Error: unknown error... this is quite unusual..."; }
  167. }
  168. else if(isset($_GET['userfeed']))
  169. {
  170. $userid = $_GET['userfeed'];
  171. // Make sure we're friends or is my account.
  172. include "ssb_db/users/" . $userid . ".php";
  173. if ($accttype == "private") {
  174. if ($loginCheck == true) {
  175. $friendcount = file_get_contents("ssb_db/friends/" . $username . ".count");
  176. include "ssb_db/friends/" . $username . ".php";
  177. for($x = 1; $x <= $friendcount; $x++)
  178. {
  179. // If private, and user is following. Allow
  180. if($userid == ${"friend" . $x}) {
  181. echo "<table><tr><td>";
  182. echo "<div class='avatar' style=\"background-image: url('index.php?do=avatarlocation&user=" . $userid . "');\" title='User Avatar'></div><br />";
  183. // DONE
  184. echo "</td><td>";
  185. echo "<h3>User information</h3>";
  186. echo "Username: " . $userid . "@" . $domain . "<br />";
  187. echo "Full name: " . $user_fullname . "<br />";
  188. echo "<h3>User posts</h3>";
  189. echo "</td></tr></table>";
  190. }
  191. }
  192. // Check if viewing your own profile
  193. if($userid == $username)
  194. {
  195. echo "<table><tr><td>";
  196. // Get user avatar if set
  197. echo "<div class='avatar' style=\"background-image: url('index.php?do=avatarlocation&user=" . $userid . "');\" title='User Avatar'></div><br />";
  198. // DONE
  199. echo "</td><td>";
  200. echo "<h3>User information</h3>";
  201. echo "Username: " . $userid . "@" . $domain . "<br />";
  202. echo "Full name: " . $user_fullname . "<br />";
  203. echo "<h3>User posts</h3>";
  204. echo "</td></tr></table>";
  205. }
  206. // Lets generate the users feed now.
  207. foreach(array_reverse(glob("ssb_db/posts/post_" . $userid . "_" . "*.php")) as $postfile) {
  208. //echo $postfile;
  209. unset($shared); // Keep clean variables
  210. include $postfile;
  211. for($x = 1; $x <= $friendcount; $x++)
  212. {
  213. if($postowner == ${"friend" . $x}) {
  214. echo "<div class='post'><table><tr><td><div class='avatar_small' style=\"background-image: url('index.php?do=avatarlocation&user=$postowner');\" title='User Avatar'></div></td><td><h3>$postowner<span class='date'>$postdate &nbsp;&nbsp;";
  215. if(file_exists("ssb_db/posts/$postid.reactcount")) {
  216. $reacts = file_get_contents("ssb_db/posts/$postid.reactcount");
  217. echo "<div class='reacts'><i class='fa fa-heart' style='color: red;'></i> $reacts <div class='react-list'>";
  218. // Pull up users who reacted, and generate dropdown list.
  219. $reactlist = fopen("ssb_db/posts/$postid.reacted", "r");
  220. if($reactlist) {
  221. while (($reactor = fgets($reactlist)) !== false) {
  222. echo "<b>$reactor</b>";
  223. }
  224. fclose($reactlist);
  225. }
  226. echo "</div></div>";
  227. }
  228. if(isset($shared) && $shared == "1")
  229. {
  230. echo "<br />Originally posted by $origowner";
  231. }
  232. echo "</span></h3></td></tr></table>";
  233. echo "" . bbcode_format($postcontent) . "";
  234. // Footer
  235. echo "<div class='post-footer'>";
  236. echo "<a style='padding-top: 6px;' onclick=\"userReact('" . $postowner . "','" . $postid . "');\" class='button'><i class='fa fa-heart'></i>&nbsp;React</a>";
  237. echo "<a style='padding-top: 6px;' href='index.php?view=$postid&user=$postowner' class='button'><i class='fa fa-comment'></i>&nbsp;Comment</a>";
  238. echo "<a style='padding-top: 6px;' href='index.php?do=share&pid=$postid&user=$postowner' class='button'><i class='fa fa-share'></i>&nbsp;Share</a>";
  239. echo "<br />"; // line break
  240. if(file_exists("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count")) {
  241. $postcount = file_get_contents("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count");
  242. // If there's a reply, show them.
  243. if($postcount == 0) {
  244. echo "no replies";
  245. } else if($postcount == 1) {
  246. echo "$postcount reply";
  247. } else if ($postcount > 0) {
  248. echo "$postcount replies";
  249. }
  250. }
  251. echo " &bull; ";
  252. // Show reaction count in footer as well.
  253. if(file_exists("ssb_db/posts/" . $postid . ".reactcount")) {
  254. $reactcount = file_get_contents("ssb_db/posts/" . $postid . ".reactcount");
  255. if($reactcount == 1) {
  256. echo "$reactcount reaction";
  257. } else if ($reactcount > 0) {
  258. echo "$reactcount reactions";
  259. }
  260. } else {
  261. echo "no reactions";
  262. }
  263. echo "</div></div><br />\n";
  264. }
  265. }
  266. if($postowner == $username)
  267. {
  268. echo "<div class='post'><table><tr><td><div class='avatar_small' style=\"background-image: url('index.php?do=avatarlocation&user=$postowner');\" title='User Avatar'></div></td><td><h3>$postowner<span class='date'>$postdate &nbsp;&nbsp;";
  269. if(file_exists("ssb_db/posts/$postid.reactcount")) {
  270. $reacts = file_get_contents("ssb_db/posts/$postid.reactcount");
  271. echo "<div class='reacts'><i class='fa fa-heart' style='color: red;'></i> $reacts <div class='react-list'>";
  272. // Pull up users who reacted, and generate dropdown list.
  273. $reactlist = fopen("ssb_db/posts/$postid.reacted", "r");
  274. if($reactlist) {
  275. while (($reactor = fgets($reactlist)) !== false) {
  276. echo "<b>$reactor</b>";
  277. }
  278. fclose($reactlist);
  279. }
  280. echo "</div></div>";
  281. }
  282. if(isset($shared) && $shared == "1")
  283. {
  284. echo "<br />Originally posted by $origowner";
  285. }
  286. echo "</span></h3></td></tr></table>";
  287. echo "" . bbcode_format($postcontent) . "";
  288. // Footer
  289. echo "<div class='post-footer'>";
  290. echo "<a style='padding-top: 6px;' onclick=\"userReact('" . $postowner . "','" . $postid . "');\" class='button'><i class='fa fa-heart'></i>&nbsp;React</a>";
  291. echo "<a style='padding-top: 6px;' href='index.php?view=$postid&user=$postowner' class='button'><i class='fa fa-comment'></i>&nbsp;Comment</a>";
  292. echo "<a style='padding-top: 6px;' href='index.php?do=delpost&user=$username&pid=$postid' class='button'><i class='fa fa-trash-can'></i>&nbsp;Delete</a>";
  293. echo "<br />"; // line break
  294. if(file_exists("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count")) {
  295. $postcount = file_get_contents("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count");
  296. // If there's a reply, show them.
  297. if($postcount == 0) {
  298. echo "no replies";
  299. } else if($postcount == 1) {
  300. echo "$postcount reply";
  301. } else if ($postcount > 0) {
  302. echo "$postcount replies";
  303. }
  304. }
  305. echo " &bull; ";
  306. // Show reaction count in footer as well.
  307. if(file_exists("ssb_db/posts/" . $postid . ".reactcount")) {
  308. $reactcount = file_get_contents("ssb_db/posts/" . $postid . ".reactcount");
  309. if($reactcount == 1) {
  310. echo "$reactcount reaction";
  311. } else if ($reactcount > 0) {
  312. echo "$reactcount reactions";
  313. }
  314. } else {
  315. echo "no reactions";
  316. }
  317. echo "</div></div><br />\n";
  318. }
  319. }
  320. echo "<!-- Gen done...-->";
  321. }
  322. }
  323. else
  324. {
  325. echo "<h3>User information</h3>";
  326. echo "<table><tr><td>";
  327. echo "<div class='avatar' style=\"background-image: url('index.php?do=avatarlocation&user=$userid');\" title='User Avatar'></div>";
  328. // DONE
  329. echo "</td><td>";
  330. // If not friend, allow to send friend request from right here!
  331. $friend = 0;
  332. $friendcount = file_get_contents("ssb_db/friends/" . $username . ".count");
  333. include "ssb_db/friends/" . $username . ".php";
  334. for($x = 1; $x <= $friendcount; $x++)
  335. {
  336. // If private, and user is following. Allow
  337. if($userid == ${"friend" . $x}) {
  338. $friend = 1;
  339. }
  340. }
  341. if($friend!=1) {
  342. echo "<a class='button' href='index.php?do=sendfr&user=$userid'>Send friend request</a><br /><br />";
  343. }
  344. echo "Username: " . $userid . "@" . $domain . "<br />";
  345. echo "Full name: " . $user_fullname;
  346. echo "</td></tr></table>";
  347. foreach(array_reverse(glob("ssb_db/posts/post_" . $userid . "_" . "*.php")) as $postfile) {
  348. include $postfile;
  349. unset($shared);
  350. echo "<div class='post'><table><tr><td><div class='avatar_small' style=\"background-image: url('index.php?do=avatarlocation&user=$postowner');\" title='User Avatar'></div></td><td><h3>$postowner<span class='date'>$postdate &nbsp;&nbsp;";
  351. if(file_exists("ssb_db/posts/$postid.reactcount")) {
  352. $reacts = file_get_contents("ssb_db/posts/$postid.reactcount");
  353. echo "<div class='reacts'><i class='fa fa-heart' style='color: red;'></i> $reacts <div class='react-list'>";
  354. // Pull up users who reacted, and generate dropdown list.
  355. $reactlist = fopen("ssb_db/posts/$postid.reacted", "r");
  356. if($reactlist) {
  357. while (($reactor = fgets($reactlist)) !== false) {
  358. echo "<b>$reactor</b>";
  359. }
  360. fclose($reactlist);
  361. }
  362. echo "</div></div>";
  363. }
  364. if(isset($shared) && $shared == "1")
  365. {
  366. echo "<br />Originally posted by $origowner";
  367. }
  368. echo "</span></h3></td></tr></table>";
  369. echo "" . bbcode_format($postcontent) . "";
  370. // Footer
  371. echo "<div class='post-footer'>";
  372. echo "<a style='padding-top: 6px;' onclick=\"userReact('" . $postowner . "','" . $postid . "');\" class='button'><i class='fa fa-heart'></i>&nbsp;React</a>";
  373. echo "<a style='padding-top: 6px;' href='index.php?view=$postid&user=$postowner' class='button'><i class='fa fa-comment'></i>&nbsp;Comment</a>";
  374. echo "<a style='padding-top: 6px;' href='index.php?do=share&pid=$postid&user=$postowner' class='button'><i class='fa fa-share'></i>&nbsp;Share</a>";
  375. echo "<br />"; // line break
  376. if(file_exists("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count")) {
  377. $postcount = file_get_contents("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count");
  378. // If there's a reply, show them.
  379. if($postcount == 0) {
  380. echo "no replies";
  381. } else if($postcount == 1) {
  382. echo "$postcount reply";
  383. } else if ($postcount > 0) {
  384. echo "$postcount replies";
  385. }
  386. }
  387. echo " &bull; ";
  388. // Show reaction count in footer as well.
  389. if(file_exists("ssb_db/posts/" . $postid . ".reactcount")) {
  390. $reactcount = file_get_contents("ssb_db/posts/" . $postid . ".reactcount");
  391. if($reactcount == 1) {
  392. echo "$reactcount reaction";
  393. } else if ($reactcount > 0) {
  394. echo "$reactcount reactions";
  395. }
  396. } else {
  397. echo "no reactions";
  398. }
  399. echo "</div></div><br />\n";
  400. }
  401. echo "<!-- Gen done...-->";
  402. }
  403. }
  404. else if(isset($_GET['view']) && isset($_GET['user']))
  405. {
  406. $puser = $_GET['user'];
  407. $id = $_GET['view'];
  408. $postc = file_get_contents("ssb_db/posts/reply_" . $puser . "_" . $id . ".count");
  409. include "ssb_db/posts/post_" . $puser . "_" . $id . ".php";
  410. echo "<div class='post'><table><tr><td><div class='avatar_small' style=\"background-image: url('index.php?do=avatarlocation&user=$postowner');\" title='User Avatar'></div></td><td><h3>$postowner<span class='date'>$postdate &nbsp;&nbsp;";
  411. if(file_exists("ssb_db/posts/$postid.reactcount")) {
  412. $reacts = file_get_contents("ssb_db/posts/$postid.reactcount");
  413. echo "<div class='reacts'><i class='fa fa-heart' style='color: red;'></i> $reacts <div class='react-list'>";
  414. // Pull up users who reacted, and generate dropdown list.
  415. $reactlist = fopen("ssb_db/posts/$postid.reacted", "r");
  416. if($reactlist) {
  417. while (($reactor = fgets($reactlist)) !== false) {
  418. echo "<b>$reactor</b>";
  419. }
  420. fclose($reactlist);
  421. }
  422. echo "</div></div>";
  423. }
  424. if(isset($shared) && $shared == "1")
  425. {
  426. echo "<br />Originally posted by $origowner";
  427. }
  428. echo "</span></h3></td></tr></table>";
  429. echo "" . bbcode_format($postcontent) . "";
  430. // Footer
  431. echo "<a style='padding-top: 6px;' onclick=\"userReact('" . $postowner . "','" . $postid . "');\" class='button'><i class='fa fa-heart'></i>&nbsp;React</a>";
  432. echo "<a style='padding-top: 6px;' href='index.php?do=share&pid=$postid&user=$postowner' class='button'><i class='fa fa-share'></i>&nbsp;Share</a>";
  433. echo "</div><br />\n";
  434. for($x = 1; $x <= $postc; $x++) {
  435. $reply_content = ${"reply" . $x};
  436. $reply_user = ${"reply" . $x . "_user"};
  437. $reply_date = ${"reply" . $x . "_date"};
  438. echo "<div class='reply'>";
  439. echo "<table><tr><td><div class='avatar_small' style='background-image: url(\"index.php?do=avatarlocation&user=$reply_user\");' title='User Avatar'></div></td><td><h4>$reply_user <a onclick=\"userTag('$reply_user');\"><i class='fa fa-tag'></i></a> <span class=\"date\">$reply_date</span></h4></td></tr></table>";
  440. echo "<div class='reply_content'>" . bbcode_format($reply_content) . "</div>";
  441. echo "</div>\n";
  442. }
  443. echo "<br />";
  444. if ($loginCheck != true) {
  445. echo "Login to reply...";
  446. } else {
  447. $friendcount = file_get_contents("ssb_db/friends/" . $username . ".count");
  448. include "ssb_db/friends/" . $username . ".php";
  449. for($x = 1; $x <= $friendcount; $x++)
  450. {
  451. if($puser == ${"friend" . $x}) {
  452. $z = "1";
  453. replyForm($id, $puser);
  454. }
  455. }
  456. // Its you dummy
  457. if($puser == $username) {
  458. $z = "1";
  459. replyForm($id, $puser);
  460. }
  461. if(!isset($z))
  462. {
  463. echo "Not following! Follow to reply...<br />";
  464. }
  465. }
  466. }
  467. else if(isset($_GET['do']))
  468. {
  469. $do = $_GET['do'];
  470. if($do=="post")
  471. {
  472. if ($loginCheck != true) { loginForm(); } else {
  473. $date = date("YmdHis"); // timestamp in year, month, date, hour, minute, and second.
  474. $titledate = date("m-d-Y h:i:sa"); // time stamp for people to read xD
  475. if(isset($_FILES["file"]["name"]) && isset($username)) {
  476. $uploaded = array(); // empty array for upload file names
  477. $uploaded_name = array(); // empty array for upload names
  478. // File selected, upload!
  479. for($i=0; $i<count($_FILES["file"]["name"]); $i++)
  480. {
  481. $allowedExts = array("gif", "jpeg", "jpg", "png", "bmp", "ico", "GIF", "JPEG", "JPG", "PNG", "BMP", "ICO", "mp4", "MP4");
  482. $temp = explode(".", $_FILES["file"]["name"][$i]);
  483. $extension = end($temp);
  484. if ((($_FILES["file"]["type"][$i] == "image/gif")
  485. || ($_FILES["file"]["type"][$i] == "image/x-gif")
  486. || ($_FILES["file"]["type"][$i] == "image/jpeg")
  487. || ($_FILES["file"]["type"][$i] == "image/x-jpeg")
  488. || ($_FILES["file"]["type"][$i] == "image/x-jpg")
  489. || ($_FILES["file"]["type"][$i] == "image/jpg")
  490. || ($_FILES["file"]["type"][$i] == "image/pjpeg")
  491. || ($_FILES["file"]["type"][$i] == "image/x-png")
  492. || ($_FILES["file"]["type"][$i] == "image/bmp")
  493. || ($_FILES["file"]["type"][$i] == "image/x-icon")
  494. || ($_FILES["file"]["type"][$i] == "application/octet-stream")
  495. || ($_FILES["file"]["type"][$i] == "video/mp4")
  496. // || ($_FILES["file"]["type"][$i] == "video/ogg")
  497. // || ($_FILES["file"]["type"][$i] == "video/webm")
  498. // || ($_FILES["file"]["type"][$i] == "video/x-flv")
  499. // || ($_FILES["file"]["type"][$i] == "video/mp4v-es")
  500. || ($_FILES["file"]["type"][$i] == "image/png")
  501. || ($_FILES["file"]["type"][$i] == ""))
  502. && ($_FILES["file"]["size"][$i] < $user_max_upload)
  503. && in_array($extension, $allowedExts))
  504. {
  505. if ($_FILES["file"]["error"][$i] > 0)
  506. {
  507. echo $_FILES["file"]["name"][$i] . " - Return Code: " . $_FILES["file"]["error"][$i] . "<br />";
  508. }
  509. else
  510. {
  511. if(file_exists("ssb_db/uploads/" . $_FILES["file"]["name"][$i]))
  512. {
  513. echo "Error: " . $_FILES["file"]["name"][$i] . " exists.<br />";
  514. }
  515. else
  516. {
  517. $randstring = getRandString("32");
  518. move_uploaded_file($_FILES["file"]["tmp_name"][$i],
  519. "ssb_db/uploads/" . $randstring . "." . $extension);
  520. array_push($uploaded, $randstring . "." . $extension);
  521. array_push($uploaded_name, pathinfo($_FILES["file"]["name"][$i], PATHINFO_FILENAME));
  522. echo "Success: " . $_FILES["file"]["name"][$i] . " (" . tomb($_FILES["file"]["size"][$i]) . ") uploaded...<br />";
  523. //rename("ssb_db/uploads/" . $FILES["file"]["name"][$i], "ssb_db/uploads/" . $username . "_" . $date . $extension);
  524. }
  525. }
  526. }
  527. else
  528. {
  529. // Check if there was actually an issue
  530. if($_FILES["file"]["size"] == "0") {
  531. echo "Error: " . $_FILES["file"]["name"][$i] . " is too large, or is a invalid filetype";
  532. }
  533. }
  534. } // end of for loop
  535. $srchcont = stripslashes(htmlentities($_POST['body']));
  536. $srchcont .= " "; // doesn't find tag if there's not a fucking whitespace
  537. $checkForUserTag = searchForUserTag($srchcont);
  538. $taggedUser = substr($checkForUserTag, 1, -1);
  539. if(file_exists("ssb_db/users/" . $taggedUser . ".name")) {
  540. if($taggedUser!=$postowner) {
  541. $tagged_notifications = file_get_contents("ssb_db/friends/" . $taggedUser . ".notifications");
  542. file_put_contents("ssb_db/friends/" . $taggedUser . ".notifications", "<b>$username</b> <a href='index.php?view=$date&user=$username'>tagged you in a post</a>\n" . $tagged_notifications);
  543. }
  544. }
  545. $body = nl2br(htmlentities(stripcslashes($_POST['body'])));
  546. //$username = stripcslashes(htmlentities($username));
  547. include "ssb_db/users/" . $username . ".php";
  548. $post_file = "ssb_db/posts/post_" . $username . "_" . $date . ".php";
  549. $post_attachments = "<br />";
  550. $post_string = "<?php\n\$postowner = \"" . $username . "\";\$postid=\"" . $date . "\";\$postdate=\"" . $titledate . "\";\$postcontent = \"" . $body . "<br />";
  551. $attachments = array();
  552. $fileCount = 0;
  553. foreach($uploaded as &$upload)
  554. {
  555. if(file_exists("ssb_db/uploads/" . $upload)) {
  556. $ext = pathinfo("ssb_db/uploads/ . $upload", PATHINFO_EXTENSION);
  557. if($ext == "mp4" || $ext == "MP4") {
  558. array_push($attachments, "<div class='attachment'>" . $uploaded_name[$fileCount] . "<video width='560' height='315' controls><source src='ssb_db/uploads/$upload' type='video/mp4'>HTML5 video not supported :(</video></div>");
  559. }
  560. else
  561. {
  562. array_push($attachments, "<div class='attachment'><a href='ssb_db/uploads/" . $upload . "'><img src='ssb_db/uploads/" . $upload . "'></a></div>");
  563. }
  564. }
  565. $fileCount++; // Add it up
  566. }
  567. foreach($attachments as &$attachvar)
  568. {
  569. $post_attachments .= $attachvar;
  570. }
  571. $post_string_end = "\";\n?>\n";
  572. file_put_contents($post_file, $post_string . $post_attachments . $post_string_end);
  573. file_put_contents("ssb_db/posts/" . $date . ".post", "post_" . $username . "_" . $date . ".php");
  574. file_put_contents("ssb_db/posts/reply_" . $username . "_" . $date . ".count", "0");
  575. echo "Post processed... if redirection fails, <a href=\"?view=$date&user=$username\">Click Here</a><br />";
  576. header("Location: index.php?view=$date&user=$username");
  577. }
  578. else
  579. {
  580. echo "ERROR: Missing post data! Select an image to upload or let us know whats up!<br />";
  581. }
  582. }
  583. }
  584. if($do=="avatarupload")
  585. {
  586. if(isset($_FILES["file"]["name"]) && ($loginCheck == true)) {
  587. $date = date("YmdHis"); // timestamp in year, month, date, hour, minute, and second.
  588. for($i=0; $i<count($_FILES["file"]["name"]); $i++)
  589. {
  590. $allowedExts = array("gif", "jpeg", "jpg", "png", "bmp", "ico", "png");
  591. $temp = explode(".", $_FILES["file"]["name"][$i]);
  592. $extension = end($temp);
  593. if ((($_FILES["file"]["type"][$i] == "image/gif")
  594. || ($_FILES["file"]["type"][$i] == "image/x-gif")
  595. || ($_FILES["file"]["type"][$i] == "image/jpeg")
  596. || ($_FILES["file"]["type"][$i] == "image/x-jpeg")
  597. || ($_FILES["file"]["type"][$i] == "image/x-jpg")
  598. || ($_FILES["file"]["type"][$i] == "image/jpg")
  599. || ($_FILES["file"]["type"][$i] == "image/pjpeg")
  600. || ($_FILES["file"]["type"][$i] == "image/x-png")
  601. || ($_FILES["file"]["type"][$i] == "image/bmp")
  602. || ($_FILES["file"]["type"][$i] == "image/x-icon")
  603. || ($_FILES["file"]["type"][$i] == "image/png")
  604. || ($_FILES["file"]["type"][$i] == ""))
  605. && ($_FILES["file"]["size"][$i] < $user_max_upload)
  606. && in_array($extension, $allowedExts))
  607. {
  608. if ($_FILES["file"]["error"][$i] > 0)
  609. {
  610. echo $_FILES["file"]["name"][$i] . " - Return Code: " . $_FILES["file"]["error"][$i] . "<br>";
  611. }
  612. else
  613. {
  614. if(file_exists("ssb_db/uploads/" . $_FILES["file"]["name"][$i]))
  615. {
  616. echo "Error: " . $_FILES["file"]["name"][$i] . " exists.<br>";
  617. }
  618. else
  619. {
  620. move_uploaded_file($_FILES["file"]["tmp_name"][$i],
  621. "ssb_db/uploads/" . $username . "_" . $date . "." . $extension);
  622. $oldcontent = file_get_contents("ssb_db/users/" . $username . ".php");
  623. file_put_contents("ssb_db/users/" . $username . ".php", $oldcontent . "<?php \$user_avatar = \"" . $username . "_" . $date . "." . $extension . "\"; ?>\n");
  624. echo "Avatar uploaded and set! <a href='index.php'>Redirecting</a> in 3 seconds...";
  625. header("refresh: 3;url=index.php");
  626. }
  627. }
  628. } else {
  629. echo "Error: " . $_FILES["file"]["name"][$i] . " is too large, or is a invalid filetype";
  630. }
  631. }
  632. }
  633. }
  634. if($do=="reply")
  635. {
  636. if ($loginCheck != true) { loginForm(); } else {
  637. if(!isset($_GET['pid']) or !file_exists("ssb_db/posts/" . $_GET['pid'] . ".post")) { echo "ERROR: Post ID is not set, or invalid"; } else {
  638. if(isset($_POST['reply']) && isset($username) && $_POST['body']!="")
  639. {
  640. $pid = $_GET['pid'];
  641. $post_file_name = file_get_contents("ssb_db/posts/$pid.post");
  642. include "ssb_db/posts/" . $post_file_name;
  643. $srchcont = stripslashes(htmlentities($_POST['body']));
  644. $srchcont .= " ";
  645. $checkForUserTag = searchForUserTag($srchcont);
  646. $taggedUser = substr($checkForUserTag, 1, -1);
  647. if(file_exists("ssb_db/users/" . $taggedUser . ".name")) {
  648. if($taggedUser!=$postowner) {
  649. $tagged_notifications = file_get_contents("ssb_db/friends/" . $taggedUser . ".notifications");
  650. file_put_contents("ssb_db/friends/" . $taggedUser . ".notifications", "<b>$username</b> <a href='index.php?view=$pid&user=$postowner'>tagged you in a comment</a>\n" . $tagged_notifications);
  651. }
  652. }
  653. $replydate = date("m-d-Y h:i:sa"); // time stamp for people to read xD
  654. $body = nl2br(htmlentities(stripcslashes($_POST['body'])));
  655. //$username = stripcslashes(htmlentities($username));
  656. $old_content = file_get_contents("ssb_db/posts/" . $post_file_name);
  657. $reply_count = file_get_contents("ssb_db/posts/reply_" . $postowner . "_" . $pid . ".count");
  658. $reply_count = $reply_count+1;
  659. $post_string = "<?php \n\$reply" . $reply_count . " = \"" . $body . "\";\$reply" . $reply_count . "_user = \"" . $username . "\"; \$reply" . $reply_count . "_date = \"" . $replydate . "\";\n?>\n";
  660. file_put_contents("ssb_db/posts/" . $post_file_name, $old_content . $post_string);
  661. file_put_contents("ssb_db/posts/reply_" . $postowner . "_" . $pid . ".count", $reply_count);
  662. if($username!=$postowner) {
  663. $owner_notifications = file_get_contents("ssb_db/friends/" . $postowner . ".notifications");
  664. file_put_contents("ssb_db/friends/" . $postowner . ".notifications", "<b>$username</b> <a href='index.php?view=$pid&user=$postowner'>replied to your post</a>\n" . $owner_notifications);
  665. }
  666. echo "If you're seeing this; redirection failed: <a href=\"?view=$pid&user=$postowner\">Click Here</a><br>";
  667. header("Location:index.php?view=$pid&user=$postowner");
  668. }
  669. else
  670. {
  671. echo "ERROR: Missing form data<br>";
  672. }
  673. }
  674. }
  675. }
  676. if($do=="delpost")
  677. {
  678. if ($loginCheck != true) { loginForm(); } else {
  679. if(isset($_GET['user']) && $_GET['user']!="" && isset($_GET['pid']) && $_GET['pid']!="") {
  680. if(file_exists("ssb_db/posts/post_" . stripslashes($_GET['user']) . "_" . stripslashes($_GET['pid']) . ".php") && $username == stripslashes($_GET['user'])) {
  681. $postuser = $_GET['user'];
  682. $pid = $_GET['pid'];
  683. unlink("ssb_db/posts/" . $pid . ".post");
  684. unlink("ssb_db/posts/post_" . $postuser . "_" . $pid . ".php");
  685. unlink("ssb_db/posts/reply_" . $postuser . "_" . $pid . ".count");
  686. flush();
  687. header("refresh: 0;url=index.php");
  688. exit;
  689. } else { echo "ERROR: post doesn't exist or YOU ARE NOT THE OWNER OF SAID POST... THIS incident has been recorded!"; file_put_contents("ssb_db/log.txt", "Post deletion error: IP <" . $_SERVER['REMOTE_ADDR'] . "> post not found or not users post: post_" . $postuser . "_" . $pid . ".php\n"); }
  690. } else { echo "ERROR: USER and PID variables not set!"; }
  691. }
  692. }
  693. if($do=="share")
  694. {
  695. if ($loginCheck != true) { loginForm(); } else {
  696. if(isset($_GET['user']) && $_GET['user']!="" && isset($_GET['pid']) && $_GET['pid']!="") {
  697. if(file_exists("ssb_db/posts/post_" . stripslashes($_GET['user']) . "_" . stripslashes($_GET['pid']) . ".php")) {
  698. $postuser = stripslashes($_GET['user']);
  699. $pid = stripslashes($_GET['pid']);
  700. $date = date("YmdHis"); // timestamp in year, month, date, hour, minute, and second.
  701. $titledate = date("m-d-Y h:i:sa"); // time stamp for people to read xD
  702. include("ssb_db/friends/" . $username . ".php");
  703. include("ssb_db/posts/post_" . $postuser . "_" . $pid . ".php");
  704. if($accttype == "public") {
  705. $post_file = "ssb_db/posts/post_" . $username . "_" . $date . ".php";
  706. $post_attachments = "<br />";
  707. $post_string = "<?php\n\$postowner = \"" . $username . "\";\$postid=\"" . $date . "\";\$postdate=\"" . $titledate . "\";\$shared = \"1\";\$origowner = \"" . $postowner . "\";\$postcontent = \"" . $postcontent;
  708. $post_string_end = "\";\n?>\n";
  709. $notification = file_get_contents("ssb_db/friends/" . $postuser . ".notifications");
  710. file_put_contents("ssb_db/friends/" . $postuser . ".notifications", "<b>$username</b> <a href='index.php?view=$date&user=$username'>shared your post</a>\n" . $notification);
  711. file_put_contents($post_file, $post_string . $post_attachments . $post_string_end);
  712. file_put_contents("ssb_db/posts/" . $date . ".post", "post_" . $username . "_" . $date . ".php");
  713. file_put_contents("ssb_db/posts/reply_" . $username . "_" . $date . ".count", "0");
  714. flush();
  715. header("refresh: 0;url=index.php");
  716. exit;
  717. } else {
  718. $friendcount = file_get_contents("ssb_db/friends/" . $username . ".count");
  719. for($x = 1; $x <= $friendcount; $x++)
  720. {
  721. if($postowner == ${"friend" . $x}) {
  722. $foundfriend = 1;
  723. $post_file = "ssb_db/posts/post_" . $username . "_" . $date . ".php";
  724. $post_attachments = "<br />";
  725. $post_string = "<?php\n\$postowner = \"" . $username . "\";\$postid=\"" . $date . "\";\$postdate=\"" . $titledate . "\";\$shared = \"1\";\$origowner = \"" . $postowner . "\";\$postcontent = \"" . $postcontent;
  726. $post_string_end = "\";\n?>\n";
  727. $notification = file_get_contents("ssb_db/friends/" . $postuser . ".notifications");
  728. file_put_contents("ssb_db/friends/" . $postuser . ".notifications", "<b>$username</b> <a href='index.php?view=$date&user=$username'>shared your post</a>\n" . $notification);
  729. file_put_contents($post_file, $post_string . $post_attachments . $post_string_end);
  730. file_put_contents("ssb_db/posts/" . $date . ".post", "post_" . $username . "_" . $date . ".php");
  731. file_put_contents("ssb_db/posts/reply_" . $username . "_" . $date . ".count", "0");
  732. flush();
  733. header("refresh: 0;url=index.php");
  734. exit;
  735. }
  736. }
  737. }
  738. } else { echo "ERROR: post doesn't exist or YOU ARE NOT THE OWNER OF SAID POST... THIS incident has been recorded!"; file_put_contents("ssb_db/log.txt", "Post deletion error: IP <" . $_SERVER['REMOTE_ADDR'] . "> post not found or not users post: post_" . $postuser . "_" . $pid . ".php\n"); }
  739. } else { echo "ERROR: USER and PID variables not set!"; }
  740. }
  741. }
  742. if($do=="react")
  743. {
  744. if ($loginCheck != true) { loginForm(); } else {
  745. if(isset($_GET['user']) && $_GET['user']!="" && isset($_GET['pid']) && $_GET['pid']!="") {
  746. if(file_exists("ssb_db/posts/post_" . stripslashes($_GET['user']) . "_" . stripslashes($_GET['pid']) . ".php")) {
  747. $postuser = $_GET['user'];
  748. $pid = $_GET['pid'];
  749. $handle = fopen("ssb_db/posts/$pid.reacted", "r");
  750. if ($handle) {
  751. while (($line = fgets($handle)) !== false) {
  752. $line = str_replace(array("\n", "\r"), '', $line);
  753. if($line == $username) {
  754. echo "You've already reacted to this post... <a href='index.php?view=$pid&user=$postuser'>redirecting</a>";
  755. header("refresh: 3;url=index.php?view=$pid&user=$postuser");
  756. exit;
  757. }
  758. }
  759. fclose($handle);
  760. } else {
  761. echo "<!-- Haven't reacted, continuing -->";
  762. }
  763. if(file_exists("ssb_db/posts/$pid.reacted")) {
  764. $reactedPrev = file_get_contents("ssb_db/posts/$pid.reacted");
  765. file_put_contents("ssb_db/posts/$pid.reacted", $reactedPrev . $username . "\n"); // You reacted
  766. } else {
  767. file_put_contents("ssb_db/posts/$pid.reacted", $username . "\n"); // First react
  768. }
  769. if(file_exists("ssb_db/posts/$pid.reactcount")) {
  770. $reactCount = file_get_contents("ssb_db/posts/$pid.reactcount");
  771. $reactCurrent = $reactCount + 1;
  772. file_put_contents("ssb_db/posts/$pid.reactcount", $reactCurrent); // You reacted
  773. } else {
  774. file_put_contents("ssb_db/posts/$pid.reactcount", "1"); // First react
  775. }
  776. // Don't send yourself a notification, you know you liked your own post ;)
  777. if($postuser != $username) {
  778. $owner_notifications = file_get_contents("ssb_db/friends/" . $postuser . ".notifications");
  779. file_put_contents("ssb_db/friends/" . $postuser . ".notifications", "<b>$username</b> loved your <a href='index.php?view=$pid&user=$postuser'>post</a>\n" . $owner_notifications);
  780. }
  781. echo "Reacted! <a href='index.php'>Redirecting</a> in 1 second...";
  782. header("Location:index.php");
  783. exit;
  784. } else { echo "ERROR: post doesn't exist..."; }
  785. } else { echo "ERROR: USER and PID variables not set!"; }
  786. }
  787. }
  788. if($do=="clrnote")
  789. {
  790. if ($loginCheck != true) { loginForm(); } else {
  791. unlink("ssb_db/friends/" . $username . ".notifications");
  792. header("Location: index.php");
  793. exit;
  794. }
  795. }
  796. if($do=="clrpending")
  797. {
  798. if ($loginCheck != true) { loginForm(); } else {
  799. unlink("ssb_db/friends/" . $username . ".pending");
  800. header("Location: index.php?do=friends");
  801. exit;
  802. }
  803. }
  804. // Server admin can just delete ssb_db
  805. /*if($do=="clean")
  806. {
  807. if($_POST['password']!="" && $_POST['password']==$pw)
  808. {
  809. $db_content = glob("ssb_db/" . '*', GLOB_MARK);
  810. foreach($db_content as $file)
  811. {
  812. unlink($file);
  813. }
  814. rmdir("ssb_db");
  815. echo "Database Cleaned<br>";
  816. }
  817. else
  818. {
  819. echo "ERROR: Wrong Password<br>";
  820. }
  821. }*/
  822. // grab session values and send friend request functions.
  823. if($do=="sendfr") {
  824. if ($loginCheck != true) { loginForm(); } else {
  825. if(isset($_POST['user']) || isset($_GET['user'])) {
  826. //check if user exists first lol
  827. if(isset($_POST['user'])) {
  828. $givenUser = htmlentities(stripcslashes($_POST['user']));
  829. } else {
  830. $givenUser = htmlentities(stripcslashes($_GET['user']));
  831. }
  832. //check if user exists first lol
  833. if(file_exists("ssb_db/users/" . $givenUser . ".php")) {
  834. include "ssb_db/users/" . $givenUser . ".php";
  835. if($accttype == "private") {
  836. sendFriendRequest($_SESSION['ssb-user'], $givenUser);
  837. echo "Follow request sent to " . $givenUser . " <a href='?do=friends'>redirecting</a> in 3 seconds";
  838. header("refresh: 3;url=?do=friends");
  839. } else if($accttype == "public") {
  840. acceptPublicFriendRequest($username, $givenUser);
  841. header("Location: ?do=friends");
  842. } else {
  843. echo "ERROR: Issues parsing account type...";
  844. }
  845. } else {
  846. echo "Error: Provided username does not exist in the database!";
  847. }
  848. } else {
  849. echo "Error: users not set in GET value...";
  850. }
  851. }
  852. }
  853. if($do=="accfr")
  854. {
  855. if ($loginCheck != true) { loginForm(); } else {
  856. if(isset($_GET['user']) && isset($_GET['friend'])) {
  857. acceptFriendRequest(stripslashes($_GET['user']), stripslashes($_GET['friend']));
  858. echo "Accepted friend request from " . htmlentities(stripslashes($_GET['friend'])) . " <a href='?do=friends'>redirecting</a> in 3 seconds";
  859. header("refresh: 3;url=?do=friends");
  860. } else {
  861. echo "Error: users not set in GET &amp; SESSION value...";
  862. }
  863. }
  864. }
  865. if($do=="userctrl")
  866. {
  867. if ($loginCheck != true) { loginForm(); } else {
  868. // Beginning of user control panel
  869. echo "<h3>User control panel</h3>";
  870. echo "<a class='button' href='?forms=changepass'>Change password</a><br />";
  871. echo "<a class='button' href='?forms=avatarupload'>Upload avatar</a><br />";
  872. }
  873. }
  874. if($do=="changepass")
  875. {
  876. if ($loginCheck != true) { loginForm(); } else {
  877. // Beginning password change
  878. // inputs
  879. $oldPassInput = htmlentities(stripslashes($_POST['oldpass']));
  880. $newPassInput = htmlentities(stripslashes($_POST['password']));
  881. $passwordAgainInput = htmlentities(stripslashes($_POST['password_again']));
  882. include "ssb_db/users/" . $username . ".php";
  883. if(sha1(md5($oldPassInput)) == $user_password) {
  884. if($newPassInput == $passwordAgainInput) {
  885. $oldcontent = file_get_contents("ssb_db/users/" . $username . ".php");
  886. $passString = "<?php \$user_password = \"" . sha1(md5($newPassInput)) . "\"; ?>\n";
  887. file_put_contents("ssb_db/users/" . $username . ".php", $oldcontent . $passString);
  888. echo "Password changed, <a href='index.php'>redirecting</a> in 3 seconds";
  889. $_SESSION['ssb-user'] = null;
  890. $_SESSION['ssb-pass'] = null;
  891. header("refresh: 3;url=index.php");
  892. }
  893. } else { echo "ERROR: password incorrect! IP recorded for constant monitoring of possible bots!"; file_put_contents("ssb_db/log.txt", "PASS MISMATCH: IP <" . $_SERVER['REMOTE_ADDR'] . "> Cookie spoofing detected from remote client!!!\n"); }
  894. }
  895. }
  896. if($do=="privmsg")
  897. {
  898. if ($loginCheck != true) { loginForm(); } else {
  899. //check if friend is set
  900. if(!isset($_GET['friend'])) { echo "ERROR: No username defined!"; exit(1); } else {
  901. // set friend username
  902. $friendNick = htmlentities(stripslashes($_GET['friend']));
  903. $friendcount = file_get_contents("ssb_db/friends/" . $username . ".count");
  904. include "ssb_db/friends/" . $username . ".php";
  905. for($x = 1; $x <= $friendcount; $x++)
  906. {
  907. if($friendNick == ${"friend" . $x}) {
  908. ?>
  909. <script language="javascript" type="text/javascript">
  910. <!--
  911. var httpObject = null;
  912. var link = "";
  913. var timerID = 0;
  914. var friendNick = "<?php echo $friendNick; ?>";
  915. var nickName = "<?php echo $_SESSION['ssb-user']; ?>";
  916. var userColor = "<?php echo $_SESSION['ssb-color'];; ?>";
  917. // Change the value of the outputText field
  918. function setHtml() {
  919. if(ajaxVar.readyState == 4){
  920. var response = ajaxVar.responseText;
  921. var msgBox = document.getElementById("msgs");
  922. msgBox.innerHTML += response;
  923. msgBox.scrollTop = msgBox.scrollHeight;
  924. }
  925. }
  926. // Change the value of the outputText field
  927. function setAll() {
  928. if(ajaxVar.readyState == 4){
  929. var response = ajaxVar.responseText;
  930. var msgBox = document.getElementById("msgs");
  931. msgBox.innerHTML = response;
  932. msgBox.scrollTop = msgBox.scrollHeight;
  933. }
  934. }
  935. // Implement business logic
  936. function serverWrite() {
  937. ajaxVar = getHTTPObject();
  938. if (ajaxVar != null) {
  939. link = "chatserver.php?nick="+nickName+"&friend="+friendNick+"&msg="+document.getElementById('msg').value;
  940. ajaxVar.open("GET", link , true);
  941. ajaxVar.onreadystatechange = setHtml;
  942. ajaxVar.send(null);
  943. }
  944. }
  945. function getInput() {
  946. // Send the server function the input
  947. var userInput = document.getElementById('msg');
  948. serverWrite(userInput.value);
  949. // Clean out the input values
  950. var msgBar = document.getElementById("msg");
  951. msgBar.value = "";
  952. msgBar.focus();
  953. }
  954. // Implement business logic
  955. function serverReload() {
  956. ajaxVar = getHTTPObject();
  957. //var randomnumber=Math.floor(Math.random()*10000);
  958. if (ajaxVar != null) {
  959. link = "chatserver.php?get=<?php echo $friendNick; ?>";
  960. ajaxVar.open("GET", link , true);
  961. ajaxVar.onreadystatechange = setAll;
  962. ajaxVar.send(null);
  963. }
  964. }
  965. function UpdateTimer() {
  966. serverReload();
  967. setTimeout(UpdateTimer, 1000);
  968. }
  969. function keypressed(e) {
  970. if(e.keyCode=='13'){
  971. getInput();
  972. }
  973. }
  974. //-->
  975. </script>
  976. <div class="replycontain">
  977. <?php
  978. // Header
  979. include "ssb_db/users/" . $friendNick . ".php";
  980. echo "<h3><a href='?userfeed=" . $friendNick . "'>" . $friendNick . ": " . $user_fullname . "</a></h3>";
  981. ?>
  982. <div id="msgs">
  983. <?php
  984. echo "<div class=\"msgbox\">";
  985. echo "</div>";
  986. ?>
  987. </div>
  988. <div id="msgbox" onkeyup="keypressed(event);">
  989. <button onclick="javascript:wrapBBCode('i');">Italic</button>
  990. <button onclick="javascript:wrapBBCode('u');">Underline</button>
  991. <button onclick="javascript:wrapBBCode('b');">Bold</button>
  992. <button onclick="javascript:wrapBBCode('img');">Image</button>
  993. <button onclick="javascript:wrapBBCode('url');">URL</button><br />
  994. <textarea style="width: 98%;" name="msg" id="msg"></textarea>
  995. <button style="width: 50px;" onclick="getInput();">Send</button>
  996. </div>
  997. </div>
  998. <?php
  999. } // Check friend end
  1000. } // Check loop end
  1001. } // GET friend set end
  1002. } // session check end
  1003. } // function end
  1004. if($do=="msghist")
  1005. {
  1006. if ($loginCheck != true) { loginForm(); } else {
  1007. //check if friend is set
  1008. if(!isset($_GET['friend'])) { echo "ERROR: No username defined!"; exit(1); } else {
  1009. // set friend username
  1010. $friendNick = htmlentities(stripslashes($_GET['friend']));
  1011. $friendcount = file_get_contents("ssb_db/friends/" . $username . ".count");
  1012. include "ssb_db/friends/" . $username . ".php";
  1013. for($x = 1; $x <= $friendcount; $x++)
  1014. {
  1015. if($friendNick == ${"friend" . $x}) {
  1016. ?>
  1017. <script language="javascript" type="text/javascript">
  1018. <!--
  1019. var httpObject = null;
  1020. var link = "chatserver.php?get=<?php echo $friendNick; ?>";
  1021. var timerID = 0;
  1022. var friendNick = "<?php echo $friendNick; ?>";
  1023. var nickName = "<?php echo $_SESSION['ssb-user']; ?>";
  1024. var userColor = "<?php echo $_SESSION['ssb-color'];; ?>";
  1025. // Change the value of the outputText field
  1026. function setAll() {
  1027. if(ajaxVar.readyState == 4){
  1028. var response = ajaxVar.responseText;
  1029. var msgBox = document.getElementById("msgs");
  1030. msgBox.innerHTML = response;
  1031. msgBox.scrollTop = msgBox.scrollHeight;
  1032. }
  1033. }
  1034. function serverLoad() {
  1035. ajaxVar = getHTTPObject();
  1036. //var randomnumber=Math.floor(Math.random()*10000);
  1037. if (ajaxVar != null) {
  1038. ajaxVar.open("GET", link , true);
  1039. ajaxVar.onreadystatechange = setAll;
  1040. ajaxVar.send(null);
  1041. }
  1042. }
  1043. window.addEventListener('load', function () {
  1044. serverLoad();
  1045. });
  1046. //-->
  1047. </script>
  1048. <div class="replycontain">
  1049. <?php
  1050. // Header
  1051. include "ssb_db/users/" . $friendNick . ".php";
  1052. echo "<h3><a href='?userfeed=" . $friendNick . "'>" . $friendNick . ": Message history</a></h3>";
  1053. ?>
  1054. <div id="msgs">
  1055. <?php
  1056. echo "<div class=\"msgbox\" style=\"overflow-y: scroll;\">";
  1057. echo "</div>";
  1058. ?>
  1059. </div>
  1060. </div>
  1061. <?php
  1062. } // Check friend end
  1063. } // Check loop end
  1064. } // GET friend set end
  1065. } // session check end
  1066. } // function end
  1067. // Push user avatar to specific avatar image location
  1068. if($do=="avatarlocation")
  1069. {
  1070. if(isset($_GET['user'])) {
  1071. $user = htmlentities(stripslashes($_GET['user']));
  1072. include "ssb_db/users/" . $user . ".php";
  1073. if(file_exists("ssb_db/uploads/" . $user_avatar)) {
  1074. echo "Direct to: ssb_db/uploads/" . $user_avatar;
  1075. header("Location: ssb_db/uploads/" . $user_avatar . "");
  1076. exit;
  1077. } else {
  1078. echo "Direct to: data/defaultprofile.png";
  1079. header("Location: data/defaultprofile.png");
  1080. exit;
  1081. }
  1082. } else {
  1083. echo "User is NOT set!";
  1084. }
  1085. }
  1086. if($do=="about")
  1087. {
  1088. echo "<h2>About</h2>";
  1089. echo "<div class='dllink'><a class='button' href='download/secure-space-v1.1.apk'>Download for Android!</a></div>";
  1090. echo "<p>" . $desc;
  1091. echo "<br /><br />";
  1092. echo "$ssbtitle statistics: ";
  1093. getUserCount();
  1094. echo "; ";
  1095. getPostCount();
  1096. echo "; ";
  1097. getUploadFileCount();
  1098. echo "</p>";
  1099. }
  1100. if($do=="users")
  1101. {
  1102. if ($loginCheck != true) { loginForm(); } else {
  1103. echo "<h2>Community</h2>";
  1104. foreach(array_reverse(glob("ssb_db/users/"."*.name")) as $userfile) {
  1105. $userhandle = file_get_contents($userfile);
  1106. include "ssb_db/users/" . $userhandle . ".php";
  1107. if($accttype == "public") {
  1108. echo "<table class='friendslist'><tr><td><div class='avatar_small' style=\"background-image: url('index.php?do=avatarlocation&user=$userhandle');\" title='User Avatar'></td>";
  1109. echo "<td><a class='button' href='index.php?userfeed=$userhandle'>$userhandle</a> ~ $user_fullname</td>";
  1110. echo "</td></tr></table>";
  1111. }
  1112. }
  1113. }
  1114. }
  1115. if($do=="friends")
  1116. {
  1117. if ($loginCheck != true) { loginForm(); } else {
  1118. // Friends panel
  1119. echo "<h3>Friends</h3><a href='?do=users' class='button'>Public users</a> <a class='button' href='?forms=friendreq'>Send friend request</a>";
  1120. // Friends list if you have any.
  1121. echo "<br />";
  1122. $friendc = file_get_contents("ssb_db/friends/" . $username . ".count");
  1123. if($friendc == "0")
  1124. {
  1125. echo "<b style='color:red;'>We're sorry... no friends found on your user account...</b>";
  1126. }
  1127. else
  1128. {
  1129. $friendcount = file_get_contents("ssb_db/friends/" . $username . ".count");
  1130. include "ssb_db/friends/" . $username . ".php";
  1131. echo "<table class='friendslist'>";
  1132. for($x = 1; $x <= $friendcount; $x++)
  1133. {
  1134. if(isset(${"friend" . $x}) && file_exists("ssb_db/users/" . ${"friend" . $x} . ".php")) {
  1135. echo "<tr><td><div class='avatar_small' style=\"background-image: url('index.php?do=avatarlocation&user=" . ${"friend" . $x} . "');\" title='User Avatar'></div></td><td><a class='button' href='index.php?userfeed=" . ${"friend" . $x} . "'>" . ${"friend" . $x} . "</a></td><td><a class='button' href='?do=privmsg&friend=" . ${"friend" . $x} . "'>Private message</a>&nbsp;&nbsp;<a href='?do=msghist&friend=" . ${"friend" . $x} . "' class='button'>Message history</a></td></tr>";
  1136. }
  1137. }
  1138. echo "</table>";
  1139. }
  1140. }
  1141. }
  1142. if($do=="login")
  1143. {
  1144. $username = $_POST['username'];
  1145. if(file_exists("ssb_db/users/$username.php")) {
  1146. include_once("ssb_db/users/$username.php");
  1147. if($user_password==sha1(md5($_POST['password']))) {
  1148. $pass = $user_password;
  1149. $user = $username;
  1150. $color = $user_color;
  1151. $_SESSION['ssb-user'] = $user;
  1152. $_SESSION['ssb-pass'] = $pass;
  1153. $_SESSION['ssb-color'] = $color;
  1154. header("Location: index.php");
  1155. } else {
  1156. echo "Wrong password!";
  1157. }
  1158. } else {
  1159. echo "User $username not found!";
  1160. }
  1161. }
  1162. if($do=="logout")
  1163. {
  1164. $_SESSION['ssb-user'] = null;
  1165. $_SESSION['ssb-pass'] = null;
  1166. header("Location: index.php?forms=login");
  1167. }
  1168. if($do=="register")
  1169. {
  1170. if($_POST['username']!="" && $_POST['password']!="" && $_POST['password-again']!="" && $_POST['fullname']!="" && isset($_POST['acct'])) {
  1171. if($_POST['password']==$_POST['password-again']) {
  1172. if(!preg_match('/[^a-z0-9]/i', $_POST['username'])) {
  1173. if(!file_exists("ssb_db/users/" . $_POST['username'] . ".php")) {
  1174. $colors = array("0000ff", "9900cc", "0080ff", "008000", "ededed");
  1175. $acct = $_POST['acct'];
  1176. file_put_contents("ssb_db/users/" . stripslashes(htmlentities($_POST['username'])) . ".php", "<?php\n\$accttype = \"" . $acct . "\";\n\$user_password = \"" . sha1(md5($_POST['password'])) . "\";\n \$user_color = \"" . $colors[array_rand($colors)] . "\"; \$user_fullname = \"" . stripslashes(htmlentities($_POST['fullname'])) . "\"; \$user_avatar = \"../../data/defaultprofile.png\"; \n?>");
  1177. file_put_contents("ssb_db/users/" . stripslashes(htmlentities($_POST['username'])) . ".name", stripslashes(htmlentities($_POST['username'])));
  1178. file_put_contents("ssb_db/users/" . stripslashes(htmlentities($_POST['username'])) . ".postnumber", "0");
  1179. file_put_contents("ssb_db/friends/" . stripslashes(htmlentities($_POST['username'])) . ".count", "0");
  1180. file_put_contents("ssb_db/friends/" . stripslashes(htmlentities($_POST['username'])) . ".php", "<?php ?>\n");
  1181. header("Location: index.php");
  1182. } else {
  1183. header("Location: index.php?notify=6");
  1184. }
  1185. } else {
  1186. header("Location: index.php?notify=5");
  1187. }
  1188. } else {
  1189. header("Location: index.php?notify=4");
  1190. }
  1191. } else {
  1192. header("Location: index.php?notify=3");
  1193. }
  1194. echo "<b>ERROR!</b>: Something weird just happened... please try registering again!!!...";
  1195. //header("Location: index.php");
  1196. }
  1197. }
  1198. else if ($loginCheck != true)
  1199. {
  1200. loginForm();
  1201. }
  1202. else
  1203. {
  1204. // Watch feed, lets generate pages while we're at it
  1205. $pagecall = $_GET['page'];
  1206. $postcount = 1;
  1207. if(isset($pagecall) && $pagecall!="")
  1208. {
  1209. if($pagecall == "1")
  1210. {
  1211. $poststart = $postcount;
  1212. }
  1213. else
  1214. {
  1215. $poststart = ($pagecall - 1) * 15; // 15 posts per page
  1216. }
  1217. }
  1218. else
  1219. {
  1220. $poststart = $postcount;
  1221. }
  1222. // Lets actually generate some feed now.
  1223. foreach(array_reverse(glob("ssb_db/posts/*.post")) as $postfile) {
  1224. unset($shared); // make sure its not being carried over after loop.
  1225. $postphp = file_get_contents($postfile);
  1226. include "ssb_db/posts/$postphp";
  1227. $friendcount = file_get_contents("ssb_db/friends/" . $username . ".count");
  1228. include "ssb_db/friends/" . $username . ".php";
  1229. for($x = 1; $x <= $friendcount; $x++)
  1230. {
  1231. if($postowner == ${"friend" . $x}) {
  1232. // Found a post, post count goes up!
  1233. $postcount++;
  1234. if($poststart == "1" && $postcount < ($poststart + 15)) {
  1235. echo "<div class='post'><table><tr><td><div class='avatar_small' style=\"background-image: url('index.php?do=avatarlocation&user=$postowner');\" title='User Avatar'></div></td><td><h3>$postowner<span class='date'>$postdate &nbsp;&nbsp;";
  1236. if(file_exists("ssb_db/posts/$postid.reactcount")) {
  1237. $reacts = file_get_contents("ssb_db/posts/$postid.reactcount");
  1238. echo "<div class='reacts'><i class='fa fa-heart' style='color: red;'></i> $reacts <div class='react-list'>";
  1239. // Pull up users who reacted, and generate dropdown list.
  1240. $reactlist = fopen("ssb_db/posts/$postid.reacted", "r");
  1241. if($reactlist) {
  1242. while (($reactor = fgets($reactlist)) !== false) {
  1243. echo "<b>$reactor</b>";
  1244. }
  1245. fclose($reactlist);
  1246. }
  1247. echo "</div></div>";
  1248. }
  1249. if(isset($shared) && $shared == "1")
  1250. {
  1251. echo "<br />Originally posted by $origowner";
  1252. }
  1253. echo "</span></h3></td></tr></table>";
  1254. echo "" . bbcode_format($postcontent) . "";
  1255. // Footer
  1256. echo "<div class='post-footer'>";
  1257. echo "<a style='padding-top: 6px;' onclick=\"userReact('" . $postowner . "','" . $postid . "');\" class='button'><i class='fa fa-heart'></i>&nbsp;React</a>";
  1258. echo "<a style='padding-top: 6px;' href='index.php?view=$postid&user=$postowner' class='button'><i class='fa fa-comment'></i>&nbsp;Comment</a>";
  1259. echo "<a style='padding-top: 6px;' href='index.php?do=share&pid=$postid&user=$postowner' class='button'><i class='fa fa-share'></i>&nbsp;Share</a>";
  1260. echo "<br />"; // line break
  1261. if(file_exists("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count")) {
  1262. $pcount = file_get_contents("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count");
  1263. // If there's a reply, show them.
  1264. if($pcount == 0) {
  1265. echo "no replies";
  1266. } else if($pcount == 1) {
  1267. echo "$pcount reply";
  1268. } else if ($pcount > 0) {
  1269. echo "$pcount replies";
  1270. }
  1271. }
  1272. echo " &bull; ";
  1273. // Show reaction count in footer as well.
  1274. if(file_exists("ssb_db/posts/" . $postid . ".reactcount")) {
  1275. $reactcount = file_get_contents("ssb_db/posts/" . $postid . ".reactcount");
  1276. if($reactcount == 1) {
  1277. echo "$reactcount reaction";
  1278. } else if ($reactcount > 0) {
  1279. echo "$reactcount reactions";
  1280. }
  1281. } else {
  1282. echo "no reactions";
  1283. }
  1284. echo "</div></div><br />\n";
  1285. }
  1286. if($poststart > "1" && $postcount > $poststart && $postcount < ($poststart + 15)) {
  1287. echo "<div class='post'><table><tr><td><div class='avatar_small' style=\"background-image: url('index.php?do=avatarlocation&user=$postowner');\" title='User Avatar'></div></td><td><h3>$postowner<span class='date'>$postdate &nbsp;&nbsp;";
  1288. if(file_exists("ssb_db/posts/$postid.reactcount")) {
  1289. $reacts = file_get_contents("ssb_db/posts/$postid.reactcount");
  1290. echo "<div class='reacts'><i class='fa fa-heart' style='color: red;'></i> $reacts <div class='react-list'>";
  1291. // Pull up users who reacted, and generate dropdown list.
  1292. $reactlist = fopen("ssb_db/posts/$postid.reacted", "r");
  1293. if($reactlist) {
  1294. while (($reactor = fgets($reactlist)) !== false) {
  1295. echo "<b>$reactor</b>";
  1296. }
  1297. fclose($reactlist);
  1298. }
  1299. echo "</div></div>";
  1300. }
  1301. if(isset($shared) && $shared == "1")
  1302. {
  1303. echo "<br />Originally posted by $origowner";
  1304. }
  1305. echo "</span></h3></td></tr></table>";
  1306. echo "" . bbcode_format($postcontent) . "";
  1307. // Footer
  1308. echo "<div class='post-footer'>";
  1309. echo "<a style='padding-top: 6px;' onclick=\"userReact('" . $postowner . "','" . $postid . "');\" class='button'><i class='fa fa-heart'></i>&nbsp;React</a>";
  1310. echo "<a style='padding-top: 6px;' href='index.php?view=$postid&user=$postowner' class='button'><i class='fa fa-comment'></i>&nbsp;Comment</a>";
  1311. echo "<a style='padding-top: 6px;' href='index.php?do=share&pid=$postid&user=$postowner' class='button'><i class='fa fa-share'></i>&nbsp;Share</a>";
  1312. echo "<br />"; // line break
  1313. if(file_exists("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count")) {
  1314. $pcount = file_get_contents("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count");
  1315. // If there's a reply, show them.
  1316. if($pcount == 0) {
  1317. echo "no replies";
  1318. } else if($pcount == 1) {
  1319. echo "$pcount reply";
  1320. } else if ($pcount > 0) {
  1321. echo "$pcount replies";
  1322. }
  1323. }
  1324. echo " &bull; ";
  1325. // Show reaction count in footer as well.
  1326. if(file_exists("ssb_db/posts/" . $postid . ".reactcount")) {
  1327. $reactcount = file_get_contents("ssb_db/posts/" . $postid . ".reactcount");
  1328. if($reactcount == 1) {
  1329. echo "$reactcount reaction";
  1330. } else if ($reactcount > 0) {
  1331. echo "$reactcount reactions";
  1332. }
  1333. } else {
  1334. echo "no reactions";
  1335. }
  1336. echo "</div></div><br />\n";
  1337. }
  1338. }
  1339. }
  1340. if($postowner == $username)
  1341. {
  1342. // Found a post, post count goes up!
  1343. $postcount++;
  1344. if($poststart == "1" && $postcount < ($poststart + 15)) {
  1345. echo "<div class='post'><table><tr><td><div class='avatar_small' style=\"background-image: url('index.php?do=avatarlocation&user=$postowner');\" title='User Avatar'></div></td><td><h3>$postowner<span class='date'>$postdate &nbsp;&nbsp;";
  1346. if(file_exists("ssb_db/posts/$postid.reactcount")) {
  1347. $reacts = file_get_contents("ssb_db/posts/$postid.reactcount");
  1348. echo "<div class='reacts'><i class='fa fa-heart' style='color: red;'></i> $reacts <div class='react-list'>";
  1349. // Pull up users who reacted, and generate dropdown list.
  1350. $reactlist = fopen("ssb_db/posts/$postid.reacted", "r");
  1351. if($reactlist) {
  1352. while (($reactor = fgets($reactlist)) !== false) {
  1353. echo "<b>$reactor</b>";
  1354. }
  1355. fclose($reactlist);
  1356. }
  1357. echo "</div></div>";
  1358. }
  1359. if(isset($shared) && $shared == "1")
  1360. {
  1361. echo "<br />Originally posted by $origowner";
  1362. }
  1363. echo "</span></h3></td></tr></table>";
  1364. echo "" . bbcode_format($postcontent) . "";
  1365. // Footer
  1366. echo "<div class='post-footer'>";
  1367. echo "<a style='padding-top: 6px;' onclick=\"userReact('" . $postowner . "','" . $postid . "');\" class='button'><i class='fa fa-heart'></i>&nbsp;React</a>";
  1368. echo "<a style='padding-top: 6px;' href='index.php?view=$postid&user=$postowner' class='button'><i class='fa fa-comment'></i>&nbsp;Comment</a>";
  1369. echo "<a style='padding-top: 6px;' href='index.php?do=delpost&user=$username&pid=$postid' class='button'><i class='fa fa-trash-can'></i>&nbsp;Delete</a>";
  1370. echo "<br />"; // line break
  1371. if(file_exists("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count")) {
  1372. $pcount = file_get_contents("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count");
  1373. // If there's a reply, show them.
  1374. if($pcount == 0) {
  1375. echo "no replies";
  1376. } else if($pcount == 1) {
  1377. echo "$pcount reply";
  1378. } else if ($pcount > 0) {
  1379. echo "$pcount replies";
  1380. }
  1381. }
  1382. echo " &bull; ";
  1383. // Show reaction count in footer as well.
  1384. if(file_exists("ssb_db/posts/" . $postid . ".reactcount")) {
  1385. $reactcount = file_get_contents("ssb_db/posts/" . $postid . ".reactcount");
  1386. if($reactcount == 1) {
  1387. echo "$reactcount reaction";
  1388. } else if ($reactcount > 0) {
  1389. echo "$reactcount reactions";
  1390. }
  1391. } else {
  1392. echo "no reactions";
  1393. }
  1394. echo "</div></div><br />\n";
  1395. }
  1396. if($poststart > "1" && $postcount > $poststart && $postcount < ($poststart + 15)) {
  1397. echo "<div class='post'><table><tr><td><div class='avatar_small' style=\"background-image: url('index.php?do=avatarlocation&user=$postowner');\" title='User Avatar'></div></td><td><h3>$postowner<span class='date'>$postdate &nbsp;&nbsp;";
  1398. if(file_exists("ssb_db/posts/$postid.reactcount")) {
  1399. $reacts = file_get_contents("ssb_db/posts/$postid.reactcount");
  1400. echo "<div class='reacts'><i class='fa fa-heart' style='color: red;'></i> $reacts <div class='react-list'>";
  1401. // Pull up users who reacted, and generate dropdown list.
  1402. $reactlist = fopen("ssb_db/posts/$postid.reacted", "r");
  1403. if($reactlist) {
  1404. while (($reactor = fgets($reactlist)) !== false) {
  1405. echo "<b>$reactor</b>";
  1406. }
  1407. fclose($reactlist);
  1408. }
  1409. echo "</div></div>";
  1410. }
  1411. echo "</span></h3></td></tr></table>";
  1412. echo "" . bbcode_format($postcontent) . "";
  1413. // Footer
  1414. echo "<div class='post-footer'>";
  1415. echo "<a style='padding-top: 6px;' onclick=\"userReact('" . $postowner . "','" . $postid . "');\" class='button'><i class='fa fa-heart'></i>&nbsp;React</a>";
  1416. echo "<a style='padding-top: 6px;' href='index.php?view=$postid&user=$postowner' class='button'><i class='fa fa-comment'></i>&nbsp;Comment</a>";
  1417. echo "<a style='padding-top: 6px;' href='index.php?do=delpost&user=$username&pid=$postid' class='button'><i class='fa fa-trash-can'></i>&nbsp;Delete</a>";
  1418. echo "<br />"; // line break
  1419. if(file_exists("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count")) {
  1420. $pcount = file_get_contents("ssb_db/posts/reply_" . $postowner . "_" . $postid . ".count");
  1421. // If there's a reply, show them.
  1422. if($pcount == 0) {
  1423. echo "no replies";
  1424. } else if($pcount == 1) {
  1425. echo "$pcount reply";
  1426. } else if ($pcount > 0) {
  1427. echo "$pcount replies";
  1428. }
  1429. }
  1430. echo " &bull; ";
  1431. // Show reaction count in footer as well.
  1432. if(file_exists("ssb_db/posts/" . $postid . ".reactcount")) {
  1433. $reactcount = file_get_contents("ssb_db/posts/" . $postid . ".reactcount");
  1434. if($reactcount == 1) {
  1435. echo "$reactcount reaction";
  1436. } else if ($reactcount > 0) {
  1437. echo "$reactcount reactions";
  1438. }
  1439. } else {
  1440. echo "no reactions";
  1441. }
  1442. echo "</div></div><br />\n";
  1443. }
  1444. }
  1445. }
  1446. // Page button generation
  1447. echo "<div class='page-controls'>";
  1448. if($poststart > "1") {
  1449. $prevpage = $poststart / 15;
  1450. echo "<a href='index.php?page=$prevpage'><i class='fa fa-arrow-left'></i> &nbsp; Prev page</a>";
  1451. }
  1452. echo "&nbsp;&nbsp;&nbsp;";
  1453. if($poststart == "1" && $postcount > ($poststart + 15)) {
  1454. echo "<a href='index.php?page=2'>Next page &nbsp; <i class='fa fa-arrow-right'></i></a>";
  1455. }
  1456. if($poststart > "1" && $postcount > ($poststart + 15)) {
  1457. $nextpage = ($poststart / 15) + 2;
  1458. echo "<a href='index.php?page=$nextpage'>Next page &nbsp; <i class='fa fa-arrow-right'></i></a>";
  1459. }
  1460. echo "</div>";
  1461. }
  1462. ?>
  1463. </td></tr></table>
  1464. <div id="footer">Powered By SSB <?php echo $version; ?></div>
  1465. </div>
  1466. <!-- functions -->
  1467. <script type="text/javascript" src="data/main.js"></script>
  1468. </body>
  1469. </html>