OpenVPN_Management_GUI/Modules/Forum/include/viewforum.php

<?php
	// Connect to server and select databse.
	include ($_SERVER["DOCUMENT_ROOT"]."/Config/_dbconfig_.php");
	@$y = mysql_connect($MYSQL_HOST,$MYSQL_USER,$MYSQL_PASS);
	@$x = mysql_select_db($MYSQL_DATABASE);
	if (empty($x)) 
	{ 
	  die ("Keine Verbindung zur Datenbank! [<b><font color=red>FAIL</b></font>]<br>"); 
	} 

	echo "<br />";
	switch($uebergabe2)
	{
		case 1:
			echo "<table align=center><tr><td><b>Topic successfully closed!</b></td></tr></table>";
			break;
		case 2:
			echo "<table align=center><tr><td><b>Topic successfully deleted!</b></td></tr></table>";
			break;
		case 3:
			echo "<table align=center><tr><td><b>Topic successfully reopened!</b></td></tr></table>";
			break;
		default:
			break;
	}	
	
	if($uebergabe3 == "1")
	{
		echo "<table align=center><font color=red><tr><td><b>Admin Mode!</font></b></td></tr></table>";
		$admin = 1;
	}
	
	if(preg_match("/[A-Z  | a-z]+/",$_POST["search"]))
	{
	    $search = mysql_real_escape_string($_POST["search"]);
	}
	else
	{
	    $search = "";
	}
	if(preg_match("/[A-Z  | a-z]+/",$_POST["sort"]))
	{
		$sort = mysql_real_escape_string($_POST["sort"]);
	}
	else
	{
		$sort = "lastupdate";
	}

	echo "<br />
			<table width=\"90%\" align=\"center\">
				<tr>
					<td>
						<form action=\"".$PHP_SELF."\" method=\"post\"> 
							<table align=left>
								<tr>
									<td>
										<b>Sort:
											<select name=\"sort\" size=1>        
												<option "; if($sort=="lastupdate") echo "selected"; echo" value=\"lastupdate\">Last Update</option>
												<option "; if($sort=="id") echo "selected"; echo" value=\"id\">Thread Number</option>  
			   								 	<option "; if($sort=="datetime") echo "selected"; echo" value=\"datetime\">Created</option>  
											</select>
										<input type=\"submit\" value=\"Sort\" /> 
										</b>
									</td>
								</tr>
							</table>
						</form>
					</td>
					<td>
						<form action=\"".$PHP_SELF."\" method=\"post\"> 
							<table align=center>
								<tr>
									<td>
										<b>Search:<input type=\"text\" name=\"search\" size=\"20\" "; if($search !="") echo "value=".$search; echo " />
										<input type=\"submit\" value=\"go!\" /> 
										</b>
									</td>
								</tr>
							</table>
						</form>
					</td>
				</tr>
			</table>
			<br />";

	$tbl_name="forum_question"; // Table name

	$sql="SELECT * FROM $tbl_name WHERE topic LIKE '%".$search."%' ORDER BY ".$sort." DESC";
	// OREDER BY id DESC is order result by descending
	$result=mysql_query($sql);

	echo "<table width=\"90%\" border=\"0\" align=\"center\" cellpadding=\"3\" cellspacing=\"1\" bgcolor=\"#CCCCCC\">
    		<tr>
        		<td width=\"6%\" align=\"center\" bgcolor=\"#E6E6E6\"><strong>#</strong></td>
        		<td width=\"58%\" align=\"center\" bgcolor=\"#E6E6E6\"><strong>Topic</strong></td>
        		<td width=\"15%\" align=\"center\" bgcolor=\"#E6E6E6\"><strong>Views</strong></td>
        		<td width=\"13%\" align=\"center\" bgcolor=\"#E6E6E6\"><strong>Replies</strong></td>
				<td width=\"13%\" align=\"center\" bgcolor=\"#E6E6E6\"><strong>Like</strong></td>
        		<td width=\"13%\" align=\"center\" bgcolor=\"#E6E6E6\"><strong>Date/Time</strong></td>
				<td width=\"13%\" align=\"center\" bgcolor=\"#E6E6E6\"><strong>Last change</strong></td>";
	
	if($admin=="1" && $_SESSION["user_admin"]=="1")
    {
    	echo "<td width=\"10%\" align=\"center\" bgcolor=\"#E6E6E6\"><strong>Delete</strong></td>";
    }
	if($admin=="1" && $_SESSION["user_admin"]=="1")
    {
        echo "<td width=\"10%\" align=\"center\" bgcolor=\"#E6E6E6\"><strong>Close</strong></td>";
    }
	if($admin=="1" && $_SESSION["user_admin"]=="1")
    {
        echo "<td width=\"10%\" align=\"center\" bgcolor=\"#E6E6E6\"><strong>Open</strong></td>";
    }
	echo "</tr>";

	while($rows=mysql_fetch_array($result))
	{
		if (($_SESSION["user_admin"]=="1" && $rows["r_adminonly"] == "1") || 
	    $rows["r_guest"] == "1" || 
	    ($rows["r_adminonly"] == "0" &&(isset ($_SESSION["user_id"])))) 
		{ 
			echo "<tr bgcolor=\"#FFFFFF\">
			    	<td bgcolor=\"#FFFFFF\">".$rows['id']."</td>
			    	<td bgcolor=\"#FFFFFF\">";
		    if($rows['closed']==1)
		        echo "[CLOSED]";
	    
			echo "<a href=\"".$moduleurl."&uebergabe=1&uebergabe2=".$rows['id']."\">".$rows['topic']."</a>
				    </td>
				    <td align=\"center\" bgcolor=\"#FFFFFF\">".$rows['view']."</td>
				    <td align=\"center\" bgcolor=\"#FFFFFF\">".$rows['reply']."</td>
					<td align=\"center\" bgcolor=\"#FFFFFF\">";
					if($rows["like"] > $rows["dislike"])
					{
						echo "<img src=/Modules/Forum/img/likekl.png />";
					}
					if($rows["like"] < $rows["dislike"])
					{
						echo "<img src=/Modules/Forum/img/dislikekl.png />";
					}
					if($rows["like"] == $rows["dislike"])
					{
						echo "<img src=/Modules/Forum/img/undecidedkl.png />";
					}
					echo "</td>
				    <td align=\"center\" bgcolor=\"#FFFFFF\">".$rows['datetime']."</td>
					<td align=\"center\" bgcolor=\"#FFFFFF\">".$rows['lastupdate']."</td>";
			if($admin=="1" && $_SESSION["user_admin"]=="1")
		    {
		        echo "<form action=\"/Modules/Forum/delete_topic.php\" method=post>", 
		              "<input type=hidden name=topicid value=".$rows['id']." size=20 bgcolor=\"#FFFFFF\"><input type=hidden name=path value=".$moduleurl." size=50>
						<td bgcolor=#FA5858>",
		              "<input type=submit value=X>", 
		              "</form></td>";
		    }
			if($admin=="1" && $_SESSION["user_admin"]=="1")
		    {
				if($rows['closed']!=1)
				{
		        	echo "<form action=\"/Modules/Forum/close_topic.php\" method=post>", 
		              "<input type=hidden name=topicid value=".$rows['id']." size=20 bgcolor=\"#FFFFFF\"><input type=hidden name=path value=".$moduleurl." size=50><td>",
		              "<input type=submit value=X>", 
		              "</form></td>";
				}
				else
					echo "<td></td>";
		    }
			if($admin=="1" && $_SESSION["user_admin"]=="1")
		    {
				if($rows['closed']==1)
				{
		        	echo "<form action=\"/Modules/Forum/reopen_topic.php\" method=post>", 
		              "<input type=hidden name=topicid value=".$rows['id']." size=20 bgcolor=\"#FFFFFF\"><input type=hidden name=path value=".$moduleurl." size=50><td>",
		              "<input type=submit value=X>", 
		              "</form></td>";
				}
				else
					echo "<td></td>";
		    }

			echo "</tr>";

			// Exit looping and close connection
		}
	}
	mysql_close();

	echo "<tr>";

	if (isset ($_SESSION["user_admin"])&& $_SESSION["user_admin"]=="1") 
	{ 
		if($admin != 1)
		{
	    	echo "<td colspan=\"3\"align=\"left\" bgcolor=\"#E6E6E6\">
	          <a href=\"".$moduleurl."&uebergabe=0&uebergabe3=1\"><strong>Go Admin!</strong> </a></td>";
		}
		else
		{
			echo "<td colspan=\"4\"align=\"left\" bgcolor=\"#E6E6E6\">
	          <a href=\"".$moduleurl."&uebergabe=0\"><strong>Leave Admin Mode!</strong> </a></td>";
		}
	}
	else
	{
		 echo "<td colspan=\"3\"align=\"left\" bgcolor=\"#E6E6E6\"></td>";
	}
	
	if (isset ($_SESSION["user_id"])) 
	{ 
	    echo "<td colspan=\"6\" align=\"right\" bgcolor=\"#E6E6E6\">
	          <a href=\"".$moduleurl."&uebergabe=2\"><strong>Create New Topic</strong> </a></td>";
	}
	else
	{
		 echo "<td colspan=\"4\"align=\"left\" bgcolor=\"#E6E6E6\"></td>";
	}

	echo "</tr> </table> <br />";
?>