$user['id'], 'type' => $user['type'], 'username' => $username, 'password' => $password, 'hash' => isset($_SESSION['mod']['hash']) ? $_SESSION['mod']['hash'] : mkhash() ); } else return false; } function setCookies() { global $mod; if(!$mod) error('setCookies() was called for a non-moderator!'); // MOD_COOKIE contains username:hash setcookie(MOD_COOKIE, $mod['username'] . ':' . $mod['hash'], time()+COOKIE_EXPIRE, JAIL_COOKIES?ROOT:'/', null, false, true); // Put $mod in the session $_SESSION['mod'] = $mod; // Lock sessions to IP addresses if(MOD_LOCK_IP) $_SESSION['mod']['ip'] = $_SERVER['REMOTE_ADDR']; } function destroyCookies() { // Delete the cookies setcookie(MOD_COOKIE, 'deleted', time()-COOKIE_EXPIRE, JAIL_COOKIES?ROOT:'/', null, false, true); // Unset the session unset($_SESSION['mod']); } if(isset($_COOKIE['mod']) && isset($_SESSION['mod']) && is_array($_SESSION['mod'])) { // Should be username:session hash $cookie = explode(':', $_COOKIE['mod']); if(count($cookie) != 2) { destroyCookies(); error(ERROR_MALFORMED); } // Validate session if( $cookie[0] != $_SESSION['mod']['username'] || $cookie[1] != $_SESSION['mod']['hash']) { // Malformed cookies destroyCookies(); error(ERROR_MALFORMED); } // Open connection sql_open(); // Check username/password if(!login($_SESSION['mod']['username'], $_SESSION['mod']['password'], false)) { destroyCookies(); error(ERROR_INVALIDAFTER); } } // Generates a

element with a list of linked // boards and their subtitles. (without the
opening and ending tags) function ulBoards() { global $mod; $body = ''; // List of boards $boards = listBoards(); foreach($boards as &$b) { $body .= '
• ' . '' . sprintf(BOARD_ABBREVIATION, $b['uri']) . ' - ' . $b['title'] . (isset($b['subtitle']) ? ' — ' . $b['subtitle'] . '' : '') . '
'; } if($mod['type'] >= MOD_NEWBOARD) { $body .= '
• Create new board
'; } return $body; } function form_newBoard() { return '
New board
' . '
' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '
URI:	' . ' (eg. "b"; "mu")' . '
Title:	' . ' (eg. "Random")' . '
Subtitle:	' . ' (optional)' . '
' . '
' . '
'; } // Delete a post (reply or thread) function deletePost($id) { global $board, $sql; // Select post and replies (if thread) in one query $post_res = mysql_query(sprintf( "SELECT `id`,`thread`,`thumb`,`file` FROM `posts_%s` WHERE `id` = '%d' OR `thread` = '%d'", mysql_real_escape_string($board['uri']), $id, $id ), $sql) or error(mysql_error($sql)); if(mysql_num_rows($post_res) < 1) { error(ERROR_INVALIDPOST); } // Delete posts and maybe replies while($post = mysql_fetch_array($post_res)) { if(!$post['thread']) { // Delete thread HTML page @unlink($board['dir'] . DIR_RES . sprintf(FILE_PAGE, $post['id'])); } if($post['thumb']) { // Delete thumbnail @unlink($board['dir'] . DIR_THUMB . $post['thumb']); } if($post['file']) { // Delete file @unlink($board['dir'] . DIR_IMG . $post['file']); } } mysql_query(sprintf( "DELETE FROM `posts_%s` WHERE `id` = '%d' OR `thread` = '%d'", mysql_real_escape_string($board['uri']), $id, $id ), $sql) or error(mysql_error($sql)); } ?>