From 97553456cec86d5a6f0afe952886953bff3153ae Mon Sep 17 00:00:00 2001
From: SilicaAndPina <earsyum@gmail.com>
Date: Sat, 10 Jul 2021 04:18:49 +1200
Subject: [PATCH] add fourms stuff

---
 WebInterface/master-site/common.php     | 51 +++++++++++++++++++++----
 WebInterface/master-site/web/forums.php | 49 ++++++++++++++++++++++--
 2 files changed, 90 insertions(+), 10 deletions(-)

diff --git a/WebInterface/master-site/common.php b/WebInterface/master-site/common.php
index d293e2f..119e180 100755
--- a/WebInterface/master-site/common.php
+++ b/WebInterface/master-site/common.php
@@ -62,15 +62,15 @@ function count_topics(string $fourm)
 {
 	include('config.php');
 	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
-	$stmt = $connect->prepare("SELECT COUNT(*) FROM FourmThread WHERE UPPER(Fourm)=?"); 
-	$stmt->bind_param("s", strtoupper($fourm));
+	$stmt = $connect->prepare("SELECT COUNT(*) FROM FourmThread WHERE Fourm=?"); 
+	$stmt->bind_param("s", $fourm);
 	$stmt->execute();
 	$result = $stmt->get_result();
 	$count = intval($result->fetch_row()[0]);
 	return $count;
 }
 
-function count_replies(string $thread)
+function count_replies(int $thread)
 {
 	include('config.php');
 	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
@@ -149,7 +149,7 @@ function create_fourm_thread(string $title, string $fourm)
 	return $thread_id;
 }
 
-function create_fourm_reply(int $thread_id, string $username, string $contents, string $fourm)
+function create_fourm_reply(int $thread_id, string $username, string $contents, string $fourm, bool $madeByAdmin)
 {
 	include('config.php');
 	
@@ -161,14 +161,51 @@ function create_fourm_reply(int $thread_id, string $username, string $contents,
 		$reply_id = 0;
 	$curTime = time();
 
-	$stmt = $connect->prepare("INSERT INTO FourmReply VALUES(?,?,?,?,?,?)"); 
-	$stmt->bind_param("iisssi", $reply_id, $thread_id, $username, $contents, $fourm, $curTime);
+	if($madeByAdmin)
+		$admin = "YES";
+	else
+		$admin = "NO";
+
+	$stmt = $connect->prepare("INSERT INTO FourmReply VALUES(?,?,?,?,?,?,?)"); 
+	$stmt->bind_param("iisssis", $reply_id, $thread_id, $username, $contents, $fourm, $curTime, $admin);
 	$stmt->execute();
 	
 	return $reply_id;
 }
 
 
+function get_fourm_thread($threadId)
+{
+	include('config.php');
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("SELECT * FROM FourmThread WHERE ThreadId=?"); 
+	$stmt->bind_param("i", $threadId);
+	$stmt->execute();
+	$result = $stmt->get_result();
+	$row = $result->fetch_row();
+	return ['id' => $row[0], 'title' => $row[1], 'fourm' => $row[2], 'creation_time' => $row[3], 'locked' => ($row[4] === "YES")];;
+}
+
+function get_fourm_replies($threadId)
+{
+	include('config.php');
+	$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
+	$stmt = $connect->prepare("SELECT * FROM FourmReply WHERE ThreadId=?"); 
+	$stmt->bind_param("i", $threadId);
+	$stmt->execute();
+	$result = $stmt->get_result();
+	$replies = [];
+		
+
+	while ($row = $result->fetch_row()) {
+		$arr = [ ['reply_id' => $row[0], 'thread_id' => $row[1], 'author' => $row[2], 'contents' => $row[3], 'fourm' => $row[4], 'creation_time' => $row[5], 'admin' => ($row[6] === "YES")] ];
+		$replies = array_merge($replies, $arr);
+	}
+	
+	return $replies;
+}
+
+
 function get_fourm_threads($fourm)
 {
 	include('config.php');
@@ -336,7 +373,7 @@ function populate_db()
 	mysqli_query($connect, "CREATE TABLE IF NOT EXISTS Users(Id INT, Username TEXT(16),Email TEXT(128),Country TEXT(128),SecurityQuestion Text(128),SecurityAnswerHash TEXT(128),Age INT,PassHash TEXT(128), Salt TEXT(128),Gender TEXT(16), Admin TEXT(3), Moderator TEXT(3))");
 	mysqli_query($connect, "CREATE TABLE IF NOT EXISTS LastOn(Id INT, ServerId TEXT(1028))");
 	mysqli_query($connect, "CREATE TABLE IF NOT EXISTS FourmThread(ThreadId INT, Title TEXT(100), Fourm TEXT(10), CreationTime INT, Locked TEXT(3))");
-	mysqli_query($connect, "CREATE TABLE IF NOT EXISTS FourmReply(ReplyId INT, ThreadId INT, CreatedBy TEXT(1028), Contents TEXT(65565), Fourm TEXT(10), CreationTime INT)");
+	mysqli_query($connect, "CREATE TABLE IF NOT EXISTS FourmReply(ReplyId INT, ThreadId INT, CreatedBy TEXT(1028), Contents TEXT(65565), Fourm TEXT(10), CreationTime INT, MadeByAdmin TEXT(3))");
 }
 
 function startsWith( $haystack, $needle ) {
diff --git a/WebInterface/master-site/web/forums.php b/WebInterface/master-site/web/forums.php
index 9413ed7..95de95f 100755
--- a/WebInterface/master-site/web/forums.php
+++ b/WebInterface/master-site/web/forums.php
@@ -18,8 +18,21 @@ include("header.php");
 		$subject = substr($subject, 0, 100);
 		$text = substr($text, 0, 65565);
 		
-		$thread = create_fourm_thread($subject, $forum);
-		create_fourm_reply($thread, $_SESSION['USERNAME'], $text, $forum);
+		if(!isset($_POST['VIEWID'])){
+			$thread = create_fourm_thread($subject, $forum);
+			create_fourm_reply($thread, $_SESSION['USERNAME'], $text, $forum, $_SESSION['ADMIN']);
+		}
+		else
+		{
+			$threadId = $_POST['VIEWID'];
+			if(count_replies($threadId) <= 0)
+			{
+				echo('<HR>Forum thread not found!?');
+				exit();
+			}
+			
+			create_fourm_reply($threadId, $_SESSION['USERNAME'], $text, $forum, $_SESSION['ADMIN']);
+		}
 	}
 	
 	ex:
@@ -36,7 +49,37 @@ if(!is_logged_in()){
 }
 ?>
 <TABLE WIDTH=100%><TR><TD class=forumlist><A HREF="?FORUM=SUPPORT">SUPPORT</A><BR>(<?php echo(count_topics("SUPPORT")); ?> topics)</TD><TD class=forumlist><A HREF="?FORUM=BUGS">BUGS</A><BR>(<?php echo(count_topics("BUGS")); ?> topics)</TD><TD class=forumlist><A HREF="?FORUM=GENERAL">GENERAL</A><BR>(<?php echo(count_topics("GENERAL")); ?> topics)</TD><TD class=forumlist><A HREF="?FORUM=HORSES">HORSES</A><BR>(<?php echo(count_topics("HORSES")); ?> topics)</TD><TD class=forumlist><A HREF="?FORUM=GAME">GAME</A><BR>(<?php echo(count_topics("GAME")); ?> topics)</TD></TABLE><?php 
-if(isset($_GET['FORUM'])){
+if(isset($_GET['FORUM']) && isset($_GET['VIEWID'])){
+	$forum = strtoupper($_GET['FORUM']);
+	$threadId = $_GET['VIEWID'];
+	if(!($forum === "SUPPORT" || $forum === "BUGS" || $forum === "GENERAL" || $forum === "HORSES" || $forum === "GAME" || $forum === "MOD"))
+	{
+		echo('Unknown Forum');
+		exit();
+	}	
+	if(count_replies($threadId) <= 0)
+	{
+		echo('<HR>Forum thread not found!?');
+		exit();
+	}
+	
+	$thread = get_fourm_thread($threadId);
+	echo('<HR><B>VIEWING '.htmlspecialchars($forum).' FORUM THREAD: <FONT SIZE=+1>'.htmlspecialchars($thread['title']).'</FONT></B><BR><TABLE WIDTH=100%>');
+	
+	$replies = get_fourm_replies($threadId);
+	for($i = 0; $i < count($replies); $i++)
+	{
+		if($replies[$i]['admin'])
+			echo('<TR><TD class=adminforumpost>');
+		else
+			echo('<TR><TD class=forumpost>');
+		
+		echo('<FORUMSUBJECT>REPLY:</FORUMSUBJECT> <FORUMUSER>(by '.htmlspecialchars($replies[$i]['author']).')</FORUMUSER> <FORUMDATE>'.date("M j g:ia", $replies[$i]['creation_time']).'</FORUMDATE><BR><FORUMTEXT>'.htmlspecialchars($replies[$i]['contents']).'</FORUMTEXT></TD></TR>');		
+	}
+	
+	echo("</TABLE><HR><FORM METHOD=POST>Add a reply to this topic:<BR><TABLE><TR><TD><TEXTAREA NAME=TEXT ROWS=4 COLS=60></TEXTAREA></TD><TD><INPUT TYPE=SUBMIT VALUE='ADD REPLY'></TD></TR></TABLE><BR><INPUT TYPE=HIDDEN NAME=SUBJECT VALUE='NOT NEEDED'><INPUT TYPE=HIDDEN NAME=FORUM VALUE='".htmlspecialchars($forum, ENT_QUOTES)."'><INPUT TYPE=HIDDEN NAME=VIEWID VALUE='".htmlspecialchars($threadId, ENT_QUOTES)."'></FORM>[ <A HREF='?FORUM=".htmlspecialchars($forum, ENT_QUOTES)."'>GO BACK TO ".htmlspecialchars($forum)." FORUM</A> ]<BR>");
+}
+if(isset($_GET['FORUM']) && !isset($_GET['VIEWID'])){
 	$forum = strtoupper($_GET['FORUM']);
 	if(!($forum === "SUPPORT" || $forum === "BUGS" || $forum === "GENERAL" || $forum === "HORSES" || $forum === "GAME" || $forum === "MOD"))
 	{