Report abuse 

<?php

	/**
	 *By Red3v0lution
	 *Object-Oriented Content Management System
	 *PHP 5.2.9-1 && MySQL Database 5.1.32
	 *April 21, 2009
	 **/
	 
class forum
{
	//CMS variables
	private $return;
	private $db_name;
	private $table_name;
	private $action;
	private $post;
	private $post_id;
	
	//User variables
	private $username;
	private $access; // Admin == 0, Moderator == 1, User == 2
	private $post_count;
	private $position;	
	
	//Class Methods
	private function checkLogin()
	{
		if ($_SESSION['logged_in'] == 1)
		{
			if ($_SESSION['user_agent'] != $_SERVER['HTTP_USER_AGENT'])
			{
				$this->return = "You trying to hijack someone's session? This session is destroyed.";
				$_SESSION = array();
				session_destroy();
				return 0;
			}
			else
			{
				return 1;
			}
		}
		else
		{
			return 1;
		}
	}

	private function newForum()
	{
		if ($this->access == 0)
		{
			$result = mysql_query("CREATE DATABASE $this->db_name;");
			if ($result)
			{
				return 1;
			}
			else
			{
				$this->return = "Query could not be completed. Database $this->db_name could not be created.";
				return 0;
			}
		}
		else
		{
			$this->return = "You do not have sufficient access to create a new forum.";
			return 0;
		}
	}
	
	private function newTopic()
	{
		if (isset($this->access))
		{
			$result = mysql_query("CREATE TABLE $this->table_name ('id' INT NOT NULL AUTO_INCREMENT PRIMARY KEY, 'username' VARCHAR( 28 ), 'time' TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, 'post' LONGTEXT NOT NULL);");
			if ($result)
			{
				return 1;
			}
			else
			{
				$this->return = "Could not create table $this->table_name.";
				return 0;
			}
		}
		else
		{
			$this->return = "You must be logged in to create a new topic.";
			return 0;
		}
	}
	
	private function newPost()
	{
		if (isset($this->access))
		{
			$result = mysql_query("INSERT INTO $this->table_name ('username', 'post') VALUES ('$this->username', '$this->post');");
			if ($result)
			{
				return 1;
			}
			else
			{
				$this->return = "Could not complete post.";
				return 0;
			}
		}
		else
		{
			$this->return = "You must be logged in to post.";
			return 0;
		}
	}
	
	private function dropForum()
	{
		if ($this->access == 0)
		{
			$result = mysql_query("DROP DATABASE '$this->db_name';");
			if ($result)
			{
				return 1;
			}
			else
			{
				$this->return = "Could not drop database $this->db_name";
				return 0;
			}
		}
		else
		{
			$this->return = "You do not have sufficient access to delete this forum.";
			return 0;
		}
	}
	
	private function deleteTopic()
	{
		if ($this->access <= 1)
		{
			$result = mysql_query("DROP TABLE '$this->table_name';");
			if ($result)
			{
				return 1;
			}
			else
			{
				$this->return = "Could not delete thread $this->table_name";
				return 0;
			}
		}
		else
		{
			$this->return = "You do not have sufficient access to delete this thread.";
			return 0;
		}
	}

	private function deletePost()
	{
		$result = mysql_query("SELECT username FROM $this->table_name WHERE post_id = '$this->post_id' LIMIT 1;");
		if ($this->access <=1 || ($result == $_SESSION['username']))
		{
			$result = mysql_query("DELETE FROM users WHERE post_id = '$this->post_id' LIMIT 1;");
			if ($result)
			{
				return 1;
			}
			else
			{
				$this->return = "Could not delete post.";
				return 0;
			}
		}
		else
		{
			$this->return = "You do not have sufficient access to delete this post.";
			return 0;
		}
	}
	
	private function multiDeletePost()
	{
		unset($this->return);
		foreach ($post_id as $id)
		{
			$result = mysql_query("SELECT username FROM $this->table_name WHERE post_id = '$id' LIMIT 1;");
			if ($this->access <=1 || ($result == $_SESSION['username']))
			{
				$result = mysql_query("DELETE FROM users WHERE post_id = '$this->post_id' LIMIT 1;");
			}
			else
			{
				$this->return .= "You do not have sufficient access to delete this post (id = $id).<br />";
			}
		}
		if (isset($this->return))
		{
			return 0;
		}
		else
		{
			return 1;
		}
	}
	
	private function editPost()
	{
		$result = mysql_query("SELECT username FROM users WHERE post_id = '$this->post_id' LIMIT 1;");
		if ($this->access <= 1 || ($result == $_SESSION['username']))
		{
			$result = mysql_query("UPDATE users SET post = '$this->post' WHERE post_id = '$this->post_id' LIMIT 1;");
			if ($result)
			{
				return 1;
			}
			else
			{
				$this->return = "Could not edit post.";
				return 0;
			}
		}
		else
		{
			$this->return = "You do not have sufficient access to edit this post.";
			return 0;
		}
	}
	
	private function postRank()
	{
		$posts = (int) $_SESSION['posts'];
		if ($posts < 150)
		{
			$this->title = "Newbie";
			return 1;
		}
		elseif ($posts >= 150 && $posts < 300)
		{
			$this->title = "Member";
			return 1;
		}
		elseif ($posts >= 300 && $posts < 450)
		{
			$this->title = "Senior Member";
			return 1;
		}
		elseif ($posts >= 450 && $posts < 600)
		{
			$this->title = "Post Junkie";
			return 1;
		}
		elseif ($posts >= 600 && $posts < 750)
		{
			$this->title = "Chronic Poster";
			return 1;
		}
		else
		{
			$this->title = "I need a life.";
			return 1;
		}
	}
	
	private function substring_between($start, $end, $haystack)
	{
		$substring = stristr($haystack, $start);
		$substring = substr($substring, strlen($start));
		$substring = substr($substring, 0, stripos($substring, $end));
		return $substring;
	}
	
	private function bbcode($input)
	{
		//
		$input = strip_tags($input);
		$bbcode = array(      '[b]' => '<b>',
						     '[/b]' => '</b>',
						      '[u]' => '<u>',
							 '[/u]' => '</u>',
							  '[i]' => '<i>',
							 '[/i]' => '</i>',
						'[marquee]' => '<marquee>',
					   '[/marquee]' => '</marquee>'
						);
		foreach ($bbcode as $bb => $html)
		{
			$input = str_replace($bb, $html, $input);
		}
		return htmlentities($input, ENT_QUOTES);
	}
}
?>