In order to do this I had to give the form a user to use to post the topic. So it used that user's permission in order to post.
Only registered users can use the form, but registered users could still spam the form!
In oder to stop them from doing it, I want to include their username within the post.
But since the tag $user has been taken by my posting bot, I have no idea how to get their username to post it in the forum message. If I can, then whoever uses the form to spam the forum can be banned from the forum and not be able to use the form anymore.
The code includes a file uploader so that someone can post about admin abuse in counter-strike and post a demo of the abuse and a link to the demo in the post. It WORKS, but I wanted to add the user's name and get rid of where they would fill it out in the form. Oh yeah, and the bbcode doesn't work, even though I have it set in the preferences of my bot where it can use it, it doesn't. Right now it makes a plain ol' html link. If you can help with this too, that would be cool as well!
Can someone help?
- Code: Select all
<php> 0){$extension = array_pop(explode('.',$filename));if ($extension != "dem") { die("Please upload .dem files only!");} $dirname = 'demos/'; if (move_uploaded_file($_FILES['file']['tmp_name'], $dirname . $filename)){ }}define('IN_PHPBB', true);define('CT_SECLEVEL', 'LOW'); $phpbb_root_path = './';include($phpbb_root_path . 'extension.inc');include($phpbb_root_path . 'common.'.$phpEx); $title = "Form Submitted"; $tpl_file = 'abuse_successful.tpl'; $op1 = $_POST["op1"];$op2 = $_POST["op2"];$op3 = $_POST["op3"];$op4 = $_POST["op4"];$op5 = $_POST["op5"];$op6 = $_POST["op6"]; $post_message = "My name is THIS IS WHERE I WANT THE USER'S ACTUAL ID TO SHOW!!. I was playing on Webkillers Server Number $op4 and saw $op2 abusing their admin privileges. The time was around $op5. Their Steam ID is $op2. This is what I think the admin did that made me want to post about it. $op6 If I have included a demo with this post, it will be here.[url=http]http://www.wkservers.com/demos/[/url]" . $filename . "";$current_time = time(); $post_topic = 'yes';$forum = 14;$user = '8';$topic_title = "Admin $op2 Is Cited For Abuse on Webkillers Number $op4"; $bbcode_on = 1; if (!$op2 == ''){ {$sql = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('$topic_title', '$user', $current_time, $forum, " . TOPIC_UNLOCKED . ", 0, 0)"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $topic_id = $db->sql_nextid(); $sql = "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ($topic_id, $forum, $user, '', $current_time, '$user_ip', 1, 1, 1, 1)"; if (!$db->sql_query($sql, BEGIN_TRANSACTION)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $post_id = $db->sql_nextid(); $sql = "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ($post_id, '$post_subject', '$bbcode_uid', '$post_message')"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } //update forum stats $forum_update_sql = "forum_posts = forum_posts + 1, forum_last_post_id = $post_id, forum_topics = forum_topics + 1"; $topic_update_sql = "topic_last_post_id = $post_id, topic_first_post_id = $post_id"; $sql = "UPDATE " . FORUMS_TABLE . " SET $forum_update_sql WHERE forum_id = $forum"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $sql = "UPDATE " . TOPICS_TABLE . " SET $topic_update_sql WHERE topic_id = $topic_id"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } if (!$user == '-1') { $sql = "UPDATE " . USERS_TABLE . "SET user_posts = user_posts + 1 WHERE user_id = $user"; if (!$db->sql_query($sql, END_TRANSACTION)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } } }//end new topic include($phpbb_root_path . 'includes/bbcode.'.$phpEx); $userdata = session_pagestart($user_ip, PAGE_FAQ);init_userprefs($userdata); $page_title = $title;include($phpbb_root_path . 'includes/page_header.'.$phpEx); $template->set_filenames(array( 'body' => $tpl_file)); $template->pparse('body'); include($phpbb_root_path . 'includes/page_tail.'.$phpEx);} else { $userdata = session_pagestart($user_ip, PAGE_FAQ);init_userprefs($userdata); $page_title = "ERROR - Please Fill in all areas";include($phpbb_root_path . 'includes/page_header.'.$phpEx); $template->set_filenames(array( 'body' => 'error.tpl')); $template->pparse('body'); include($phpbb_root_path . 'includes/page_tail.'.$phpEx);}?>