Another small update

.htaccess

@@ -1,11 +1,5 @@
- <FilesMatch "settings.php">
-    Order Deny,Allow
-    Deny from all
-    Satisfy All
- </FilesMatch>
-
- <FilesMatch "settingsbak.php">
-    Order Deny,Allow
-    Deny from all
-    Satisfy All
- </FilesMatch>
+#RewriteEngine on
+#RewriteBase   /idb/
+#RewriteRule   ^idb-(admin|calendar|category|event|forum|index|member|messenger|profile|rss|search|subcategory|subforum|topic)(.*)$    $1.php$2
+#RewriteRule   ^intdb-(admin|calendar|category|event|forum|index|member|messenger|profile|rss|search|subcategory|subforum|topic)(.*)$    $1.php$2
+#RewriteRule   ^view-(admin|calendar|category|event|forum|index|member|messenger|profile|rss|search|subcategory|subforum|topic)(.*)$    $1.php$2

LICENSE

@@ -40,5 +40,4 @@ or implied, of <copyright holder>.
 created by Jcink; its usage is not governed under the terms of this 
 license agreement. Information regarding its usage can be found on 
 textfileBB's Web site at https://launchpad.net/tfbb
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
--
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

TOS

@@ -18,5 +18,4 @@ threatening, invasive of a person's privacy, or
 otherwise violative of any law. You agree not to post 
 any copyrighted material unless the copyright is owned 
 by you or by this BB.
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
--
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

inc/admin/main.php

@@ -366,7 +366,7 @@ function rsq($string) {
 function add_prefix($tarray) {
 global $TablePreFix;
 return $TablePreFix.$tarray; }
-$TableChCk = array("categories", "catpermissions", "events", "forums", "groups", "members", "mempermissions", "messenger", "permissions", "polls", "posts", "restrictedwords", "sessions", "smileys", "topics", "wordfilter");
+$TableChCk = array("categories", "catpermissions", "events", "forums", "groups", "levels", "members", "mempermissions", "messenger", "permissions", "polls", "posts", "restrictedwords", "sessions", "smileys", "themes", "topics", "wordfilter");
 $TableChCk = array_map("add_prefix",$TableChCk);
 $tcount = count($TableChCk); $ti = 0;
 $TblOptimized = 0;

inc/admin/members.php

@@ -226,7 +226,6 @@
 sql_query($dmquery,$SQLStat);
 $dmquery = sql_pre_query("DELETE FROM \"".$Settings['sqltable']."mempermissions\" WHERE \"id\"=%i", array($_POST['id']));
 sql_query($dmquery,$SQLStat); 
-
 $dmgquery = sql_pre_query("UPDATE \"".$Settings['sqltable']."events\" SET \"GuestName\"='%s',\"UserID\"=-1 WHERE \"UserID\"=%i", array($DMemName,$_POST['id']));
 sql_query($dmgquery,$SQLStat);
 $dmgquery = sql_pre_query("UPDATE \"".$Settings['sqltable']."messenger\" SET \"GuestName\"='%s',\"SenderID\"=-1 WHERE \"SenderID\"=%i", array($DMemName,$_POST['id']));
@@ -357,6 +356,11 @@
 $gresult=sql_query($gquery,$SQLStat);
 $EditMem['Group']=sql_result($gresult,0,"Name");
 sql_free_result($gresult);
+$EditMem['LevelID']=sql_result($result,0,"LevelID");
+$lquery = sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."levels\" WHERE \"id\"=%i LIMIT 1", array($EditMem['LevelID']));
+$lresult=sql_query($lquery,$SQLStat);
+$EditMem['Level']=sql_result($lresult,0,"Name");
+sql_free_result($lresult);
 $EditMem['Validated']=sql_result($result,0,"Validated");
 $EditMem['HiddenMember']=sql_result($result,0,"HiddenMember");
 $EditMem['WarnLevel']=sql_result($result,0,"WarnLevel");
@@ -432,7 +436,6 @@
 $fulliplist = $fulliplist." <a onclick=\"window.open(this.href);return false;\" href=\"".sprintf($IPCheckURL,$MemIPList[$fullisti])."\">".$MemIPList[$fullisti]."</a>";
 ++$fullisti; }
 ?>
-
 <div class="TableMenuBorder">
 <?php if($ThemeSet['TableStyle']=="div") { ?>
 <div class="TableMenuRow1">
@@ -493,6 +496,29 @@
 <?php ++$getgrpidi; }
 sql_free_result($getgrpidr); ?>
 	</select></td>
+<?php /*}*/ ?>
+</tr><tr style="text-align: left;">
+	<td style="width: 50%;"><label class="TextBoxLabel" for="lid">New Level for Member:</label></td>
+	<td style="width: 50%;"><select size="1" class="TextBox" name="lid" id="lid">
+<?php 
+$getlevidq = sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."levels\" WHERE (\"Name\"<>'%s' AND \"id\"<>%i)", array("Guest",-1));
+$getlevidr=sql_query($getlevidq,$SQLStat);
+$getlevidnum=sql_num_rows($getlevidr);
+$getlevidi = 0;
+if($getlevidnum<1) { ?>
+	<option value="0">None</option>
+<?php }
+while ($getlevidi < $getlevidnum) {
+$getlevidID=sql_result($getlevidr,$getlevidi,"id");
+$getlevidName=sql_result($getlevidr,$getlevidi,"Name");
+$LIDselected = null;
+if($getlevidID==$EditMem['LevelID']) { 
+	$LIDselected = " selected=\"selected\""; }
+?>
+<option value="<?php echo $getlevidID; ?>"<?php echo $LIDselected; ?>><?php echo $getlevidName; ?></option>
+<?php ++$getlevidi; }
+sql_free_result($getlevidr); ?>
+	</select></td>
 <?php } ?>
 </tr><tr style="text-align: left;">
 	<td style="width: 50%;"><label class="TextBoxLabel" for="MemHidden">Hidden Member:</label></td>
@@ -735,15 +761,15 @@
 if($_POST['MemName']==$DMemName||$username_check>=1) {
 if($_POST['id']!=1) {
 if(!is_numeric($_POST['MemPermID'])) { $_POST['MemPermID'] = "0"; }
-$dmquery = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"GroupID\"=%i,\"HiddenMember\"='%s',\"WarnLevel\"=%i,\"BanTime\"=%i,\"PostCount\"=%i,\"Karma\"=%i WHERE \"id\"=%i", array($_POST['gid'],$_POST['MemHidden'],$_POST['MemWarnLevel'],$_POST['MemBanTime'],$_POST['MemPostCount'],$_POST['MemKarma'],$_POST['id'])); 
+$dmquery = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"GroupID\"=%i,\"LevelID\"=%i,\"HiddenMember\"='%s',\"WarnLevel\"=%i,\"BanTime\"=%i,\"PostCount\"=%i,\"Karma\"=%i WHERE \"id\"=%i", array($_POST['gid'],$_POST['lid'],$_POST['MemHidden'],$_POST['MemWarnLevel'],$_POST['MemBanTime'],$_POST['MemPostCount'],$_POST['MemKarma'],$_POST['id'])); 
 $dpmquery = sql_pre_query("UPDATE \"".$Settings['sqltable']."mempermissions\" SET \"PermissionID\"=%i,\"CanViewBoard\"='%s',\"CanViewOffLine\"='%s',\"CanEditProfile\"='%s',\"CanAddEvents\"='%s',\"CanPM\"='%s',\"CanSearch\"='%s',\"CanDoHTML\"='%s',\"CanUseBBags\"='%s',\"CanViewIPAddress\"='%s',\"CanViewUserAgent\"='%s',\"FloodControl\"=%i,\"SearchFlood\"=%i,\"HasModCP\"='%s',\"HasAdminCP\"='%s',\"ViewDBInfo\"='%s' WHERE \"id\"=%i", array($_POST['MemPermID'],$_POST['CanViewBoard'],$_POST['CanViewOffLine'],$_POST['CanEditProfile'],$_POST['CanAddEvents'],$_POST['CanPM'],$_POST['CanSearch'],$_POST['CanDoHTML'],$_POST['CanUseBBags'],$_POST['CanViewIPAddress'],$_POST['CanViewUserAgent'],$_POST['FloodControl'],$_POST['SearchFlood'],$_POST['HasModCP'],$_POST['HasAdminCP'],$_POST['ViewDBInfo'],$_POST['id'])); }
 if($_POST['id']==1) {
 $dmquery = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"HiddenMember\"='%s',\"WarnLevel\"=%i,\"BanTime\"=%i,\"PostCount\"=%i,\"Karma\"=%i WHERE \"id\"=%i", array($_POST['MemHidden'],$_POST['MemWarnLevel'],$_POST['MemBanTime'],$_POST['MemPostCount'],$_POST['MemKarma'],$_POST['id'])); 
 $dpmquery = sql_pre_query("UPDATE \"".$Settings['sqltable']."mempermissions\" SET \"CanDoHTML\"='%s',\"CanUseBBags\"='%s',\"FloodControl\"=%i,\"SearchFlood\"=%i WHERE \"id\"=%i", array($_POST['CanDoHTML'],$_POST['CanUseBBags'],$_POST['FloodControl'],$_POST['SearchFlood'],$_POST['id'])); } }
 if($_POST['MemName']!=$DMemName&&$username_check<1) {
 if($_POST['id']!=1) {
 if(!is_numeric($_POST['MemPermID'])) { $_POST['MemPermID'] = "0"; }
-$dmquery = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"Name\"='%s',\"GroupID\"=%i,\"HiddenMember\"='%s',\"WarnLevel\"=%i,\"BanTime\"=%i,\"PostCount\"=%i,\"Karma\"=%i WHERE \"id\"=%i", array($_POST['MemName'],$_POST['gid'],$_POST['MemHidden'],$_POST['MemWarnLevel'],$_POST['MemBanTime'],$_POST['MemPostCount'],$_POST['MemKarma'],$_POST['id'])); 
+$dmquery = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"Name\"='%s',\"GroupID\"=%i,\"LevelID\"=%i,\"HiddenMember\"='%s',\"WarnLevel\"=%i,\"BanTime\"=%i,\"PostCount\"=%i,\"Karma\"=%i WHERE \"id\"=%i", array($_POST['MemName'],$_POST['gid'],$_POST['lid'],$_POST['MemHidden'],$_POST['MemWarnLevel'],$_POST['MemBanTime'],$_POST['MemPostCount'],$_POST['MemKarma'],$_POST['id'])); 
 $dpmquery = sql_pre_query("UPDATE \"".$Settings['sqltable']."mempermissions\" SET \"PermissionID\"=%i,\"CanViewBoard\"='%s',\"CanViewOffLine\"='%s',\"CanEditProfile\"='%s',\"CanAddEvents\"='%s',\"CanPM\"='%s',\"CanSearch\"='%s',\"CanDoHTML\"='%s',\"CanUseBBags\"='%s',\"CanViewIPAddress\"='%s',\"CanViewUserAgent\"='%s',\"FloodControl\"=%i,\"SearchFlood\"=%i,\"HasModCP\"='%s',\"HasAdminCP\"='%s',\"ViewDBInfo\"='%s' WHERE \"id\"=%i", array($_POST['MemPermID'],$_POST['CanViewBoard'],$_POST['CanViewOffLine'],$_POST['CanEditProfile'],$_POST['CanAddEvents'],$_POST['CanPM'],$_POST['CanSearch'],$_POST['CanDoHTML'],$_POST['CanUseBBags'],$_POST['CanViewIPAddress'],$_POST['CanViewUserAgent'],$_POST['FloodControl'],$_POST['SearchFlood'],$_POST['HasModCP'],$_POST['HasAdminCP'],$_POST['ViewDBInfo'],$_POST['id'])); } 
 if($_POST['id']==1) {
 $dmquery = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"Name\"='%s',\"HiddenMember\"='%s',\"WarnLevel\"=%i,\"BanTime\"=%i,\"PostCount\"=%i,\"Karma\"=%i WHERE \"id\"=%i", array($_POST['MemName'],$_POST['MemHidden'],$_POST['MemWarnLevel'],$_POST['MemBanTime'],$_POST['MemPostCount'],$_POST['MemKarma'],$_POST['id'])); 

inc/admin/sqldumper/mysql.php

@@ -92,7 +92,7 @@ function GetAllRows($table) { $rene_j = 0; $trowout = null;
 function add_prefix($tarray) {
 global $TablePreFix;
 return $TablePreFix.$tarray; }
-$TableChCk = array("categories", "catpermissions", "events", "forums", "groups", "members", "mempermissions", "messenger", "permissions", "polls", "posts", "restrictedwords", "sessions", "smileys", "themes", "topics", "wordfilter");
+$TableChCk = array("categories", "catpermissions", "events", "forums", "groups", "levels", "members", "mempermissions", "messenger", "permissions", "polls", "posts", "restrictedwords", "sessions", "smileys", "themes", "topics", "wordfilter");
 $TableChCk = array_map("add_prefix",$TableChCk);
 if(!isset($_GET['outtype'])||$_GET['outtype']=="UTF-8") {
 header("Content-Type: text/plain; charset=UTF-8"); }

inc/admin/sqldumper/pgsql.php

@@ -92,7 +92,7 @@ function GetAllRows($table) { $rene_j = 0; $trowout = null;
 function add_prefix($tarray) {
 global $TablePreFix;
 return $TablePreFix.$tarray; }
-$TableChCk = array("categories", "catpermissions", "events", "forums", "groups", "members", "mempermissions", "messenger", "permissions", "polls", "posts", "restrictedwords", "sessions", "smileys", "themes", "topics", "wordfilter");
+$TableChCk = array("categories", "catpermissions", "events", "forums", "groups", "levels", "members", "mempermissions", "messenger", "permissions", "polls", "posts", "restrictedwords", "sessions", "smileys", "themes", "topics", "wordfilter");
 $TableChCk = array_map("add_prefix",$TableChCk);
 if(!isset($_GET['outtype'])||$_GET['outtype']=="UTF-8") {
 header("Content-Type: text/plain; charset=UTF-8"); }

inc/admin/sqldumper/sqlite.php

@@ -92,7 +92,7 @@ function GetAllRows($table) { $rene_j = 0; $trowout = null;
 function add_prefix($tarray) {
 global $TablePreFix;
 return $TablePreFix.$tarray; }
-$TableChCk = array("categories", "catpermissions", "events", "forums", "groups", "members", "mempermissions", "messenger", "permissions", "polls", "posts", "restrictedwords", "sessions", "smileys", "themes", "topics", "wordfilter");
+$TableChCk = array("categories", "catpermissions", "events", "forums", "groups", "levels", "members", "mempermissions", "messenger", "permissions", "polls", "posts", "restrictedwords", "sessions", "smileys", "themes", "topics", "wordfilter");
 $TableChCk = array_map("add_prefix",$TableChCk);
 if(!isset($_GET['outtype'])||$_GET['outtype']=="UTF-8") {
 header("Content-Type: text/plain; charset=UTF-8"); }

inc/filename.php

@@ -79,13 +79,13 @@
 $prexqstrjs['javascript'] = null; $exqstrjs['javascript'] = null;
 $exfilerss['forum'] = 'forum'; 
 $prexqstrrss['forum'] = null; $exqstrrss['forum'] = null;
-$exfilerss['subforum'] = "subforum";
+$exfilerss['subforum'] = 'subforum';
 $prexqstrrss['subforum'] = null; $exqstrrss['subforum'] = null;
-$exfilerss['subcategory'] = "subcategory";
+$exfilerss['subcategory'] = 'subcategory';
 $prexqstrrss['subcategory'] = null; $exqstrrss['subcategory'] = null;
 $exfilerss['redirect'] = 'forum';
 $prexqstrrss['redirect'] = null; $exqstrrss['redirect'] = null;
-$exfilerss['topic'] = "topic";
+$exfilerss['topic'] = 'topic';
 $prexqstrrss['topic'] = null; $exqstrrss['topic'] = null;
 $exfilerss['category'] = 'category';
 $prexqstrrss['category'] = null; $exqstrrss['category'] = null;

inc/fonts/.htaccess

@@ -0,0 +1,32 @@
+Order Deny,Allow
+Deny from all
+
+ <Files "*">
+    Order Deny,Allow
+    Deny from all
+    Satisfy All
+ </Files>
+
+<FilesMatch "^Vera\.ttf$">
+    Order Allow,Deny
+    Allow from all
+    Satisfy All
+</FilesMatch>
+
+<FilesMatch "^VeraBd\.ttf$">
+    Order Allow,Deny
+    Allow from all
+    Satisfy All
+</FilesMatch>
+
+<FilesMatch "^VeraBI\.ttf$">
+    Order Allow,Deny
+    Allow from all
+    Satisfy All
+</FilesMatch>
+
+<FilesMatch "^VeraIt\.ttf$">
+    Order Allow,Deny
+    Allow from all
+    Satisfy All
+</FilesMatch>

inc/groupsetup.php

@@ -41,6 +41,8 @@
 $ChkUsrName=sql_result($resultchkusr,0,"Name");
 $ChkUsrGroup=sql_result($resultchkusr,0,"GroupID");
 $ChkUsrGroupID=$ChkUsrGroup;
+$ChkUsrLevel=sql_result($resultchkusr,0,"LevelID");
+$ChkUsrLevelID=$ChkUsrLevel;
 $ChkUsrPass=sql_result($resultchkusr,0,"UserPassword");
 $ChkUsrTimeZone=sql_result($resultchkusr,0,"TimeZone");
 $ChkUsrDateFormat=sql_result($resultchkusr,0,"DateFormat");
@@ -117,6 +119,25 @@
 $gidresult=sql_query($gidquery,$SQLStat);
 $_SESSION['UserGroupID']=sql_result($gidresult,0,"id"); 
 sql_free_result($gidresult); }
+if($_SESSION['UserID']!=0&&$_SESSION['UserID']!=null) {
+$levquery = sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."levels\" WHERE \"id\"=%i LIMIT 1", array($ChkUsrLevelID));
+$levresult=sql_query($levquery,$SQLStat);
+$levnum=sql_num_rows($levresult);
+if($levnum<=0) { $GruError = true; sql_free_result($levresult);
+header("Content-Type: text/plain; charset=".$Settings['charset']); $urlstatus = 503;
+ob_clean(); echo "Sorry could not find level data in database.\nContact the board admin about error."; 
+gzip_page($Settings['use_gzip'],$GZipEncode['Type']); session_write_close(); die(); } }
+if($levnum>=1) {
+$LevelInfo['ID']=sql_result($levresult,0,"id");
+if(!is_numeric($LevelInfo['ID'])) { $GruError = true; }
+$LevelInfo['Name']=sql_result($levresult,0,"Name");
+$LevelInfo['PromoteTo']=sql_result($levresult,0,"PromoteTo");
+$LevelInfo['PromotePosts']=sql_result($levresult,0,"PromotePosts");
+if(!is_numeric($LevelInfo['PromotePosts'])) { 
+	$LevelInfo['PromotePosts'] = 0; $LevelInfo['PromoteTo'] = 0; }
+$LevelInfo['PromoteKarma']=sql_result($levresult,0,"PromoteKarma");
+if(!is_numeric($LevelInfo['PromoteKarma'])) { 
+	$LevelInfo['PromoteKarma'] = 0; $LevelInfo['PromoteTo'] = 0; } }
 // Member Group Setup
 if(!isset($_SESSION['UserGroup'])) { $_SESSION['UserGroup'] = null; }
 if($_SESSION['UserGroup']==null) { 
@@ -270,6 +291,20 @@
 	$querykarmaup = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"Karma\"=%i,\"KarmaUpdate\"=%i WHERE \"id\"=%i", array($MyKarmaCount,$NewKarmaUpdate,$_SESSION['UserID']));
 	sql_query($querykarmaup,$SQLStat); }
 	$Settings['KarmaBoostDays'] = $Settings['OldKarmaBoostDays'];
+if($LevelInfo['PromoteTo']!=0&&$MyPostCountChk>=$LevelInfo['PromotePosts']) {
+	$sql_level_check = sql_query(sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."levels\" WHERE \"id\"=%i LIMIT 1", array($LevelInfo['PromoteTo'])),$SQLStat);
+	$level_check = sql_num_rows($sql_level_check);
+	sql_free_result($sql_level_check);
+	if($level_check > 0) {
+	$queryupgrade = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"LevelID\"=%i WHERE \"id\"=%i", array($LevelInfo['PromoteTo'],$_SESSION['UserID']));
+	sql_query($queryupgrade,$SQLStat); } }
+if($LevelInfo['PromotePosts']==0&&$LevelInfo['PromoteTo']!=0&&$MyKarmaCount>=$LevelInfo['PromoteKarma']) {
+	$sql_level_check = sql_query(sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."levels\" WHERE \"id\"=%i LIMIT 1", array($LevelInfo['PromoteTo'])),$SQLStat);
+	$level_check = sql_num_rows($sql_level_check);
+	sql_free_result($sql_level_check);
+	if($level_check > 0) {
+	$queryupgrade = sql_pre_query("UPDATE \"".$Settings['sqltable']."members\" SET \"LevelID\"=%i WHERE \"id\"=%i", array($LevelInfo['PromoteTo'],$_SESSION['UserID']));
+	sql_query($queryupgrade,$SQLStat); } }
 if($GroupInfo['PromoteTo']!=0&&$MyPostCountChk>=$GroupInfo['PromotePosts']) {
 	$sql_group_check = sql_query(sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."groups\" WHERE \"id\"=%i LIMIT 1", array($GroupInfo['PromoteTo'])),$SQLStat);
 	$group_check = sql_num_rows($sql_group_check);
@@ -321,10 +356,10 @@
 	$GroupInfo['ViewDBInfo'] = "no"; } }
 if($GruError==true) {
 header("Content-Type: text/plain; charset=".$Settings['charset']); 
-sql_free_result($gruresult); sql_free_result($mempreresult); $urlstatus = 503;
+sql_free_result($gruresult); sql_free_result($levresult); sql_free_result($mempreresult); $urlstatus = 503;
 ob_clean(); echo "Sorry could not load all group data in database.\nContact the board admin about error."; 
 gzip_page($Settings['use_gzip'],$GZipEncode['Type']); session_write_close(); die(); } }
-sql_free_result($gruresult);
+sql_free_result($gruresult); sql_free_result($levresult);
 if($GroupInfo['CanViewBoard']=="no") { 
 header("Content-Type: text/plain; charset=".$Settings['charset']); 
 ob_clean(); echo "Sorry you can not view the board."; $urlstatus = 503;