Sql-database Error

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:
267:
268:
269:
270:
271:
272:
273:
274:
275:
276:
277:
278:
279:
280:
281:
282:
283:
284:
285:
286:
287:
288:
289:
290:
291:
292:
293:
294:
295:
296:
297:
298:
299:
300:
301:
302:
303:
304:
305:
306:
307:
308:
309:
310:

<?php
##############################
// Megashoutbox Version 1.3
##############################
require('./global.php');
require('./acp/lib/class_parse.php');
require('./acp/lib/xy_megashoutbox.conf.php');
$lang->load('XY_MEGASHOUTBOX');

if($xy_megaboxon=="1"){

$parse= new  parse($docensor,75,$board['allowsmilies'],$board['allowbbcode'],$wbbuserdata['showimages'],$_GET['hilight'],$usecode);

$timestamp=time();


// ###################################################
// #               function swear                    #
// ###################################################
function swear($comment){
    global $db,$swears;
    if($swears){
        while(list($orig,$rplace) = each($swears)){
            $comment = str_replace($orig,$rplace,$comment);
        }
        reset($swears);
    }
    return $comment;
}


             if($_POST['shouts'] == "kill"){
            if($wbbuserdata['xy_can_shout_kill'] || $wbbuserdata['xy_can_shoutbox_admin']) $result = $db->query("TRUNCATE TABLE `bb".$n."_xy_shoutbox`");
           echo "<meta http-equiv=\"refresh\" content=\"0;URL=xy_megashoutbox.php?page_shout=chat{$SID_ARG_2ND}\" />";
           exit();
}
  if($_GET['single']=="kill"){
            if($wbbuserdata['xy_can_shout_kill'] || $wbbuserdata['xy_can_shoutbox_admin']) $result = $db->query("DELETE FROM `bb".$n."_xy_shoutbox` WHERE `id`='".intval($_GET['shoutid'])."'");
           echo "<meta http-equiv=\"refresh\" content=\"0;URL=xy_megashoutbox.php?page_shout=chat{$SID_ARG_2ND}\" />";
           exit();
  }

//##########################
//#  ban users from index  #
//##########################

    if(substr($_REQUEST['message'],0,4)=="/ban"){
      if($wbbuserdata['xy_can_shoutbox_admin'] OR $wbbuserdata['xy_can_ban_shoutuser']){
      $comment=trim(substr($_REQUEST['message'],4,strlen($_REQUEST['message'])));
      @$db->query("DELETE FROM bb".$n."_xy_shoutbox WHERE `comment` LIKE ('/ban%')");
      $reason=strchr($comment,":");
      $comment = substr($comment,0,strlen($comment)-strlen($reason));
      $reason = substr($reason,1);
      $banuser_exist=$db->query("SELECT `userid`, `username` FROM bb".$n."_users WHERE `username` = '".mysql_real_escape_string($comment)."'");
      if(mysql_num_rows($banuser_exist)!=0) {
      while($ban = $db->fetch_array($banuser_exist)){
      $banid=$ban['userid'];
      $banned_user=$ban['username'];
      $unbanable = explode(",",$xy_megaboxunbanable);
      if(!in_array($banid,$unbanable)){
      $errororo=$db->query("INSERT IGNORE INTO bb".$n."_xy_shoutbox_ban SET `userid`='".intval($banid)."', `why`='".mysql_real_escape_string($reason)."', `date`='".intval($timestamp)."', `banned_by`='".mysql_real_escape_string($wbbuserdata['username'])."'");
      $comment= $lang->get("LANG_XY_MEGASHOUTBOX_MESSAGE_ADD_BANNEDUSER", array('$banned_user' => $banned_user));
      }
      else $comment = $lang->get("LANG_XY_MEGASHOUTBOX_MESSAGE_UNBANABLE");
      eval("\$shoutbit .= \"".$tpl->get('xy_shoutbox_message')."\";");
      }
      }
      else {
      $comment=$lang->get("LANG_XY_MEGASHOUTBOX_MESSAGE_USERNOTEXIST", array('$comment' => $comment)); ;
      eval("\$shoutbit .= \"".$tpl->get('xy_shoutbox_message')."\";");
      }
      }
    else {
    $comment=$lang->items['LANG_XY_MEGASHOUTBOX_MESSAGE_NOBANRIGHTS'];
    eval("\$shoutbit .= \"".$tpl->get('xy_shoutbox_message')."\";");
    }
    $refresh= "<meta http-equiv=\"refresh\" content=\"3;URL=xy_megashoutbox.php?page_shout=chat{$SID_ARG_2ND}\" />";
    eval("\$tpl->output(\"".$tpl->get('xy_shoutbox_chat')."\");");
    exit();
    }

#############################
#       unban users         #
#############################

  if(substr($_REQUEST['message'],0,6)=="/unban"){
    if($wbbuserdata['xy_can_ban_shoutuser'] OR $wbbuserdata['xy_can_shoutbox_admin']){
    $comment=trim(substr($_REQUEST['message'],6,strlen($_REQUEST['message'])));
    @$db->query("DELETE FROM bb".$n."_xy_shoutbox WHERE `comment` LIKE ('/unban%')");
    $banuser_exist=$db->query("SELECT userid, `username` FROM bb".$n."_users WHERE `username` = '".mysql_real_escape_string($comment)."'");
      if(mysql_num_rows($banuser_exist)!=0) {
      while($ban = $db->fetch_array($banuser_exist)){
      $banid=$ban['userid'];
      $banned_user=$ban['username'];
      $errororo=$db->query("DELETE FROM bb".$n."_xy_shoutbox_ban WHERE `userid`='$banid'");
      $comment="User <b>".$banned_user."</b> von Bannliste entfernt";
      eval ("\$comment = \"$comment\";");
        }
      }
      else {
      $comment="Username existiert nicht";
      }
    eval("\$shoutbit .= \"".$tpl->get('xy_shoutbox_message')."\";");
    }
  else {
    $comment='Dududu das darfst du nicht!';
    eval("\$shoutbit .= \"".$tpl->get('xy_shoutbox_message')."\";");
    }
  $refresh= "<meta http-equiv=\"refresh\" content=\"3;URL=xy_megashoutbox.php?page_shout=chat{$SID_ARG_2ND}\" />";
  eval("\$tpl->output(\"".$tpl->get('xy_shoutbox_chat')."\");");
  exit();
  }

//###############################
//#  Special shoutbox-commands  #
//###############################

$tablerow=0;
if($_REQUEST['action']=="special") {
    $result=$db->query("SELECT * FROM bb".$n."_xy_shoutbox_commands  ORDER BY `command`ASC");
    while($sp=$db->fetch_array($result)){
    if($tablerow%2) $tablecolor="tablea";
    else $tablecolor="tableb";
    $command=$sp['command'];
    $describ=$sp['describ'];
    $use=str_replace("\n","<br />",$sp['use']);
    eval("\$commandbit .= \"".$tpl->get('xy_shoutbox_commandbit')."\";");
    $tablerow++;
    }
     eval("\$tpl->output(\"".$tpl->get('xy_shoutbox_special')."\");");

     exit();
    }

//########################
//# edit shouts on index #
//########################

if($_REQUEST['action']=="popup") {
    if($_REQUEST['edit']=="single") {
    if($wbbuserdata['xy_can_edit_ownshout'] && !$wbbuserdata['xy_can_shout_kill'] || !$wbbuserdata['xy_can_shoutbox_admin'] || !$wbbuserdata['xy_can_edit_shouts']) {
    $comment = htmlspecialchars($_POST['comment'], ENT_NOQUOTES);
    $db->query("UPDATE bb".$n."_xy_shoutbox SET `comment`= '".addslashes($comment)."' WHERE `id`='".intval($_POST[shoutid])."' AND `name`='".mysql_real_escape_string($wbbuserdata['username'])."'");
    }
    elseif($wbbuserdata['xy_can_shout_kill'] || $wbbuserdata['xy_can_shoutbox_admin'] || $wbbuserdata['xy_can_edit_shouts']){
    $comment = htmlspecialchars($_POST['comment'], ENT_NOQUOTES);
    $db->query("UPDATE bb".$n."_xy_shoutbox SET `comment`= '".addslashes($comment)."' WHERE `id`='".intval($_POST[shoutid])."'");
    }
      }

   if($wbbuserdata['xy_can_shout_kill'] || $wbbuserdata['xy_can_shoutbox_admin'] || $wbbuserdata['xy_can_edit_shouts'] || $wbbuserdata['xy_can_edit_ownshout'])
   $pop = $db->query_first("SELECT `comment`, `id` FROM bb".$n."_xy_shoutbox  WHERE `id`='".intval($_REQUEST[shoutid])."' ");
   $popcomment=htmlspecialchars($pop['comment'],ENT_QUOTES);
   $popcomment=stripslashes($pop['comment']);
   $popshoutid=$pop['id'];

     eval("\$tpl->output(\"".$tpl->get('xy_shoutedit_popup')."\");");

     exit();

     }

if($_REQUEST['page_shout'] == "chat"){

    $reload=$xy_megaboxreload;
    $anzahl=$xy_numberofshouts;
    if($xy_shoutorder=="ASC") $selfscroll=$anzahl*150;
    else $selfscroll=0;

    if($_REQUEST['setting'] == "save" && $wbbuserdata['userid'] != "0" || $_REQUEST['setting'] == "save" && $wbbuserdata['userid'] == "0" && $xy_megaboxguests_canshout=="1"){
      $message=trim($_REQUEST['message']);
      if($wbbuserdata['userid'] == "0" && $xy_megaboxforguests=="0"){
      $comment=$lang->items['LANG_XY_MEGASHOUTBOX_MESSAGE_NOBANRIGHTS'];
      eval("\$shoutbit .= \"".$tpl->get('xy_shoutbox_message')."\";");
      $refresh= "<meta http-equiv=\"refresh\" content=\"3;URL=xy_megashoutbox.php?page_shout=chat{$SID_ARG_2ND}\" />";
      eval("\$tpl->output(\"".$tpl->get('xy_shoutbox_chat')."\");");
      exit();
      }

        $result=$db->query("SELECT userid FROM bb".$n."_xy_shoutbox_ban WHERE userid='".addslashes($wbbuserdata['userid'])."'");
        if(mysql_num_rows($result)){
            echo $css."<center><span class=\"normalfont\">".$lang->items['LANG_XY_MEGASHOUTBOX_UBANNED']."</span></center>";
            echo "<meta http-equiv=\"refresh\" content=\"4;URL=xy_megashoutbox.php?page_shout=chat{$SID_ARG_2ND}\" />";

            exit();
        }

        if(trim($message."") == ""){
           echo "<meta http-equiv=\"refresh\" content=\"0;URL=xy_megashoutbox.php?page_shout=chat{$SID_ARG_2ND}\" />";
           exit();
        }

//####################
//#  Floodcontrol  ###
//####################
     if($xy_megaboxflood > "0") {
       $xy_flood=$timestamp-$xy_megaboxflood;
       }
       else {
       $xy_flood=$timestamp;
       }

      if(substr($message,0,1)=="/" && !$wbbuserdata['xy_can_shoutbox_admin'] && substr($message,0,1)=="/" && !$wbbuserdata['xy_can_use_megaboxcommands']) {
      $res=$db->query("SELECT * FROM bb".$n."_xy_shoutbox_commands");
        while($comm=$db->fetch_array($res)){
          if($comm['command']==substr($message,0,$comm['commandcount'])){
          $message=substr($message,$comm['commandcount'],strlen($message));
          }
        }
      }
        $result = $db->query("SELECT id FROM bb".$n."_xy_shoutbox WHERE `date`>'".$xy_flood."' AND name='".addslashes($wbbuserdata['username'])."' AND comment='".addslashes($message)."'");
        if(!mysql_fetch_row($result)){
            if(!$wbbuserdata['userid']) $shoutername=$lang->items['LANG_XY_MEGASHOUTBOX_GUEST'].strrchr($REMOTE_ADDR,".");
            else $shoutername=$wbbuserdata['username'];
            $message=addslashes(htmlspecialchars($message, ENT_NOQUOTES));
            $result = $db->query("INSERT INTO bb".$n."_xy_shoutbox SET `name`='".addslashes($shoutername)."',`comment`='".addslashes($message)."',`date`='".time()."'");
            $identifiant = $db->insert_id() ;
            $db->query("DELETE FROM bb".$n."_xy_shoutbox WHERE id<='".($identifiant-$xy_shoutsindb)."'");
            echo "<meta http-equiv=\"refresh\" content=\"0;URL=xy_megashoutbox.php?page_shout=chat{$SID_ARG_2ND}\" />";
        }else{
            echo "<meta http-equiv=\"refresh\" content=\"0;URL=xy_megashoutbox.php?page_shout=chat{$SID_ARG_2ND}\" />";
        }
    }
    elseif($_REQUEST['setting'] == "save" && $wbbuserdata['userid'] == "0" && $xy_megaboxguests_canshout=="0"){
      $comment=$lang->items['LANG_XY_MEGASHOUTBOX_MESSAGE_NOGUESTSHOUTS'];
      eval("\$shoutbit .= \"".$tpl->get('xy_shoutbox_message')."\";");
      $refresh= "<meta http-equiv=\"refresh\" content=\"3;URL=xy_megashoutbox.php?page_shout=chat{$SID_ARG_2ND}\" />";
      eval("\$tpl->output(\"".$tpl->get('xy_shoutbox_chat')."\");");
      exit();
    }
    else{

        $result= $db->query("SELECT `orig`,`rplace` FROM bb".$n."_xy_shoutbox_swears");
        while($row = mysql_fetch_assoc($result)){
            $swears[$row["orig"]] = $row["rplace"];
        }
        unset($id);
        $sid = $db->query("SELECT id FROM bb".$n."_xy_shoutbox  ORDER BY `id` DESC LIMIT $anzahl");
        while ($row = $db->fetch_array($sid)) {
        $id.=",".$row['id'];
        }
        if($id){
           $id=trim($id,",");
        }
        else $id=1;

        $result = $db->query("SELECT s.*,u.userid FROM bb".$n."_xy_shoutbox s LEFT JOIN bb".$n."_users u ON(s.name=u.username) WHERE s.id IN($id) ORDER BY s.id $xy_shoutorder ");
         if($reload){
            $refresh = "<meta http-equiv=\"refresh\" content=\"$reload;URL=xy_megashoutbox.php?page_shout=chat{$SID_ARG_2ND}\" />";
        }
        if(!mysql_num_rows($result)){
        $shoutbit=$lang->items['LANG_XY_MEGASHOUTBOX_NOMESSAGE'] ;
        }else{
            $colorswitch=0;

            while($get = mysql_fetch_assoc($result)){

                $colorswitch++;
                if($colorswitch%2)$colorirc = "sboxfirstrow";
                else $colorirc = "sboxsecondrow";
                $name = $get['name'];
                if($xy_megaboxdaychr=="0") $xy_megaboxdaychr="20";
                $date = substr(getday(date("w",$get['date'])),0,$xy_megaboxdaychr) ." | ". formatdate($wbbuserdata['timeformat'],$get['date']);
                $comment = stripslashes(str_replace("\n","<br />",$get['comment']));
                $shoutuid= $get['userid'];
                $shoutid = $get['id'];

                                $comment=$parse->doparse($comment,1,1,1,1);
                                $comment=$parse->parseCache($comment);
                                $comment=str_replace(" /br","<br />",$comment);
                                $comment=swear($comment);

//#########  megashoutboxcommands output ###############
      $res=$db->query("SELECT * FROM bb".$n."_xy_shoutbox_commands");
      while($comm=$db->fetch_array($res)){
        if($comm['command']==substr(trim($comment),0,$comm['commandcount'])){
        $comment=sprintf(stripslashes($comm['r_command']),substr($comment,$comm['commandcount'],strlen($comment)));
        }
      }
     eval("\$shoutbit .= \"".$tpl->get('xy_shoutbox_bit')."\";");

      }
  }
  eval("\$tpl->output(\"".$tpl->get('xy_shoutbox_chat')."\");");
}


// ###################################################
// #                   frameset                      #
// ###################################################

}
else{
    if($xy_megaboxon=="1"){
      if($wbbuserdata['userid'] && $xy_megaboxforguests=="0" OR $xy_megaboxforguests=="1"){
      $lang->load("POSTINGS,XY_MEGASHOUTBOX");
      $bbcode_smilies = getclickysmilies($smilie_table_cols,$smilie_table_rows);
      if($xy_smiliepos=='left') $mboxsmiliesleft="<td class=\"tablea\" style=\"width:3%;text-align:center;\">$bbcode_smilies</td>";
      else $mboxsmiliesright="<td class=\"tablea\" style=\"width:3%;text-align:center;\">$bbcode_smilies</td>";
      eval ("\$mbox_specialmenu = \"".$tpl->get("xy_mbox_specialmenu")."\";");
      eval("\$tpl->output(\"".$tpl->get('xy_shoutbox_frame')."\");");
      }
    }
}
}
else echo $lang->items['LANG_XY_MEGASHOUTBOX_OFFMESSAGE'];

?>

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:

<?php
// ************************************************************************************//
// * WoltLab Burning Board 2
// ************************************************************************************//
// * Copyright (c) 2001-2004 WoltLab GmbH
// * Web           http://www.woltlab.de/
// * License       http://www.woltlab.de/products/burning_board/license_en.php
// *               http://www.woltlab.de/products/burning_board/license.php
// ************************************************************************************//
// * WoltLab Burning Board 2 is NOT free software.
// * You may not redistribute this package or any of it's files.
// ************************************************************************************//
// * $Date: 2005-04-12 17:42:44 +0200 (Tue, 12 Apr 2005) $
// * $Author: Burntime $
// * $Rev: 1590 $
// ************************************************************************************//


mt_srand(intval(wbb_substr(microtime(), 2, 8)));
if (mt_rand(1, 100) == 50) {
    $db->unbuffered_query("DELETE FROM bb".$n."_adminsessions WHERE userid=0 AND lastactivity<".(time() - $adminsession_timeout), 1);
    $db->unbuffered_query("DELETE FROM bb".$n."_sessions WHERE lastactivity<".(time() - $sessiontimeout), 1);
    $db->unbuffered_query("DELETE FROM bb".$n."_searchs WHERE searchtime<".(time() - 86400 * 7), 1);
}
if (mt_rand(1, 10000) == 5000) {
    // clear postcache
    $threadIDs = '';
    $result = $db->query("SELECT threadid FROM bb".$n."_threads WHERE important <> 0 OR lastposttime > '".(time() - 86400 * $postcache_daysprune)."'");
    while ($row = $db->fetch_array($result)) {
        $threadIDs .= "," . $row['threadid'];
    }
    
    $db->query("DELETE FROM bb".$n."_postcache WHERE threadid NOT IN (0".$threadIDs.")");
}

$REMOTE_ADDR = getIpAddress();
$HTTP_USER_AGENT = wbb_substr($_SERVER['HTTP_USER_AGENT'], 0, 100);
$REQUEST_URI = $_SERVER['REQUEST_URI'];
if (!$REQUEST_URI) {
    if ($_SERVER['PATH_INFO']) $REQUEST_URI = $_SERVER['PATH_INFO'];
    else $REQUEST_URI = $_SERVER['PHP_SELF'];
    if ($_SERVER['QUERY_STRING']) $REQUEST_URI .= "?".$_SERVER['QUERY_STRING'];
}
$REQUEST_URI = wbb_substr(basename($REQUEST_URI), 0, 250);
if (!strstr($REQUEST_URI, ".")) $REQUEST_URI = "index.php";

unset($wbbuserdata);
unset($session);
unset($wbb_userid);
unset($styleid);
unset($langid);
if (isset($_COOKIE[$cookieprefix.'userid'])) $wbb_userid = intval($_COOKIE[$cookieprefix.'userid']);

if (isset($_REQUEST['styleid'])) $styleid = intval($_REQUEST['styleid']);
if (isset($_REQUEST['langid'])) $langid = intval($_REQUEST['langid']);

if (isset($_GET['sid'])) $sid = $_GET['sid'];
elseif (isset($_POST['sid'])) $sid = $_POST['sid'];
else $sid = '';

if (!$sid && isset($_COOKIE[$cookieprefix.'cookiehash'])) $sid = $_COOKIE[$cookieprefix.'cookiehash'];
if ($sid && isset($_COOKIE[$cookieprefix.'cookiehash']) && $_COOKIE[$cookieprefix.'cookiehash'] && $sid != $_COOKIE[$cookieprefix.'cookiehash']) $falsecookiehash = 1;

if ($allowloginencryption == 1) {
    // generate authentificationcode
    unset($authentificationcode);
    $need = needNewAuthentificationcode();
    if ($need == 0 || $need == 1) $authentificationcode = makeAuthentificationcode();
}

$createsession = 0;
if ($sid) {
    $session = $db->query_first("SELECT * FROM bb".$n."_sessions WHERE sessionhash = '".addslashes($sid)."' AND ipaddress = '".addslashes($REMOTE_ADDR)."' AND useragent = '".addslashes($HTTP_USER_AGENT)."'");
    if ($session['sessionhash']) {
        $wbb_userid = $session['userid'];
        $session['lastactivity'] = time();
        if (!isset($styleid)) $styleid = $session['styleid'];
        if (!isset($langid)) $langid = $session['langid'];
    }
    else $createsession = 1;
}
else $createsession = 1;

if ($createsession == 1 || $session['userid'] == 0) {
    if (isset($_COOKIE[$cookieprefix.'userid']) && isset($_COOKIE[$cookieprefix.'userpassword'])) { /* maybe member */
        $wbbuserdata = getwbbuserdata(intval($_COOKIE[$cookieprefix.'userid']), "userid", 1);
        if ($_COOKIE[$cookieprefix.'userpassword'] == $wbbuserdata['password']) { /* member */
            $session = array();
            $session['sessionhash'] = md5(uniqid(microtime()));
            $session['userid'] = intval($_COOKIE[$cookieprefix.'userid']);
            $wbb_userid = $session['userid'];
            $session['ipaddress'] = $REMOTE_ADDR;
            $session['useragent'] = $HTTP_USER_AGENT;
            $session['lastactivity'] = time();
            $session['request_uri'] = $REQUEST_URI;
            if (isset($styleid)) $session['styleid'] = $styleid;
            else $session['styleid'] = $wbbuserdata['styleid'];
            if (isset($langid)) $session['langid'] = $langid;
            else $session['langid'] = $wbbuserdata['langid'];
            $db->unbuffered_query("DELETE FROM bb".$n."_sessions WHERE userid = '$session[userid]'", 1);
            $db->unbuffered_query("INSERT INTO bb".$n."_sessions (sessionhash,userid,ipaddress,useragent,lastactivity,request_uri,styleid,langid,authentificationcode) VALUES ('$session[sessionhash]','$session[userid]','".addslashes($session['ipaddress'])."','".addslashes($session['useragent'])."','$session[lastactivity]','".addslashes($session['request_uri'])."','$session[styleid]','$session[langid]','".((isset($authentificationcode)) ? ($authentificationcode) : (""))."')", 1);
            bbcookie("cookiehash", $session['sessionhash'], 0);
        }
        else {
            if ($createsession == 1) $guestsession = 1;
            unset($wbb_userid);
            unset($wbbuserdata);
            bbcookie("userid", "", 1);
            bbcookie("userpassword", "", 1);
        } 
    }
    elseif ($createsession == 1) {
        unset($wbb_userid);
        $guestsession = 1;
    }
    if (isset($guestsession)) { /* guest */
        $db->unbuffered_query("DELETE FROM bb".$n."_sessions WHERE userid='0' AND ipaddress = '".addslashes($REMOTE_ADDR)."' AND useragent = '".addslashes($HTTP_USER_AGENT)."'", 1);
        
        $session['sessionhash'] = md5(uniqid(microtime()));
        $session['userid'] = 0;
        $session['ipaddress'] = $REMOTE_ADDR;
        $session['useragent'] = $HTTP_USER_AGENT;
        $session['lastactivity'] = time();
        $session['request_uri'] = $REQUEST_URI;
        if (isset($styleid)) $session['styleid'] = $styleid;
        else $session['styleid'] = 0;
        if (isset($langid)) $session['langid'] = $langid;
        else {
            if (isset($_SERVER["HTTP_ACCEPT_LANGUAGE"]) && $_SERVER["HTTP_ACCEPT_LANGUAGE"] != '') {
                $acceptLanguages = preg_split('%[,;]%', addslashes(preg_replace('%([a-z]{1,8})-[a-z]{1,8}%i', '$1', $_SERVER['HTTP_ACCEPT_LANGUAGE'])));
                $languages = array();
                $result = $db->query("SELECT languagepackid, languagecode FROM bb".$n."_languagepacks WHERE languagecode IN ('".implode("','", $acceptLanguages)."')");
                while ($row = $db->fetch_array($result)) $languages[$row['languagecode']] = $row['languagepackid'];
                foreach ($acceptLanguages as $acceptLanguage) {
                    if (isset($languages[$acceptLanguage])) {
                        $langid = $session['langid'] = $languages[$acceptLanguage];
                        break;
                    }    
                }
                if (!isset($langid)) $session['langid'] = 0;
            }
            else $session['langid'] = 0;
        }
        $db->unbuffered_query("INSERT INTO bb".$n."_sessions (sessionhash,userid,ipaddress,useragent,lastactivity,request_uri,styleid,langid,authentificationcode) VALUES ('$session[sessionhash]','0','".addslashes($session['ipaddress'])."','".addslashes($session['useragent'])."','$session[lastactivity]','".addslashes($session['request_uri'])."','$session[styleid]','$session[langid]','".((isset($authentificationcode)) ? ($authentificationcode) : (""))."')", 1);
        
        bbcookie("cookiehash", $session['sessionhash'], 0);
    }
}

if (!isset($wbbuserdata)) {
    if (isset($wbb_userid) && $wbb_userid != 0) {
        /** read $wbbuserdata using the function getwbbuserdata() (@see functions.php) **/
        $wbbuserdata = getwbbuserdata($wbb_userid, "userid", 1);
    }
    
    else {
        if (!isset($_COOKIE[$cookieprefix.'lastvisit'])) bbcookie("lastvisit", time(), 0);
        /**read $wbbuserdata using the function getwbbuserdata() - search for grouptype .. (@see functions.php) **/
        $wbbuserdata = getwbbuserdata(1, "grouptype", 1);
        $wbbuserdata['userid'] = 0;
        $wbbuserdata['username'] = "guest"; //default guestname
        if (!isset($_COOKIE[$cookieprefix.'lastvisit'])) $wbbuserdata['lastvisit'] = time();
        else $wbbuserdata['lastvisit'] = intval($_COOKIE[$cookieprefix.'lastvisit']);
        $wbbuserdata['lastactivity'] = time();
        $wbbuserdata['showsignatures'] = $default_register_showsignatures;
        $wbbuserdata['showavatars'] = $default_register_showavatars;
        $wbbuserdata['showimages'] = $default_register_showimages;
        $wbbuserdata['timezoneoffset'] = $default_timezoneoffset;
        $wbbuserdata['usecookies'] = $default_register_usecookies;
        $wbbuserdata['threadview'] = $default_register_threadview;
        $wbbuserdata['startweek'] = $default_startweek;
        $wbbuserdata['styleid'] = 0;
        $wbbuserdata['pmpopup'] = 0;
        $wbbuserdata['buddylist'] = "";
        $wbbuserdata['ignorelist'] = "";
        $wbbuserdata['umaxposts'] = 0;
        $wbbuserdata['daysprune'] = 0;
        
        if ($wbbuserdata['lastactivity'] < time() - $sessiontimeout) {
            bbcookie("lastvisit", $wbbuserdata['lastactivity'], 0);
            $wbbuserdata['lastvisit'] = $wbbuserdata['lastactivity'];
        }
    } 
}
$sid = $session['sessionhash'];
unset($session['sessionhash']);
$session['hash'] = $sid;


if (isset($falsecookiehash)) {
    bbcookie("cookiehash", $session['hash'], 0);
}

if (isset($_COOKIE[$cookieprefix.'cookiehash']) && !isset($falsecookiehash)) {
    $SID_ARG_1ST = '';
    $SID_ARG_2ND = '';
    $SID_ARG_2ND_UN = '';
    $session['hash'] = '';
}
else {
    $SID_ARG_1ST = "?sid=$sid";
    $SID_ARG_2ND = "&amp;sid=$sid";
    $SID_ARG_2ND_UN = "&sid=$sid";
}

if (isset($styleid)) $wbbuserdata['styleid'] = $styleid;
if (isset($langid)) $wbbuserdata['langid'] = $langid;
if (!isset($wbbuserdata['dateformat']) || !$wbbuserdata['dateformat']) $wbbuserdata['dateformat'] = $dateformat;
if (!isset($wbbuserdata['timeformat']) || !$wbbuserdata['timeformat']) $wbbuserdata['timeformat'] = $timeformat;

if ($wbbuserdata['userid'] != 0) {
    $pmpopup_reset = (($wbbuserdata['pmpopup'] == 2 && (!isset($_POST) || count($_POST) == 0) && $filename != "attachment.php" && $filename != "attachmentedit.php" && $filename != "logout.php" && $filename != "markread.php" && $filename != "misc.php" && $filename != "modcp.php" && $filename != "polledit.php" && $filename != "register.php" && $filename != "search.php" && ($filename != "thread.php" || !isset($_REQUEST['goto'])) && $filename != "threadrating.php" && $filename != "usercp.php") ? (", pmpopup=1") : (""));
    
    if ($wbbuserdata['lastactivity'] < time() - $sessiontimeout) {
        if ($offline != 1 || $wbbuserdata['can_view_off_board'] != 0) {
            $db->unbuffered_query("UPDATE bb".$n."_users SET lastvisit=lastactivity, lastactivity = '".time()."', langid='$wbbuserdata[langid]'".$pmpopup_reset." WHERE userid = '$wbbuserdata[userid]'", 1);
            $wbbuserdata['lastvisit'] = $wbbuserdata['lastactivity'];
            $wbbuserdata['lastactivity'] = time();
        }
        checkPosts4AI();
        sessionupdate();
    }
    else {
        $db->unbuffered_query("UPDATE bb".$n."_users SET lastactivity = '".time()."', langid='$wbbuserdata[langid]'".$pmpopup_reset." WHERE userid = '$wbbuserdata[userid]'", 1);
        $wbbuserdata['lastactivity'] = time();
    }
}

if (isset($authentificationcode)) $session['authentificationcode'] = $authentificationcode;
?>

1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:

-- phpMyAdmin SQL Dump
-- version 2.9.1.1-Debian-8
-- http://www.phpmyadmin.net
-- 
-- Host: localhost
-- Erstellungszeit: 05. April 2009 um 23:11
-- Server Version: 5.0.32
-- PHP-Version: 5.2.0-8+etch13
-- 
-- Datenbank: `usr_web57_1`
-- 

-- --------------------------------------------------------

-- 
-- Tabellenstruktur für Tabelle `bb1_sessions`
-- 

CREATE TABLE `bb1_sessions` (
  `sessionhash` varchar(32) NOT NULL default '',
  `userid` int(11) unsigned NOT NULL default '0',
  `ipaddress` varchar(16) NOT NULL default '',
  `useragent` varchar(100) NOT NULL default '',
  `lastactivity` int(11) unsigned NOT NULL default '0',
  `request_uri` varchar(250) NOT NULL default '',
  `styleid` int(11) unsigned NOT NULL default '0',
  `langid` int(11) NOT NULL default '0',
  `boardid` int(11) unsigned NOT NULL default '0',
  `threadid` int(11) unsigned NOT NULL default '0',
  `authentificationcode` varchar(32) NOT NULL default '',
  `wap` int(7) NOT NULL default '0',
  PRIMARY KEY  (`sessionhash`),
  KEY `userid` (`userid`),
  KEY `boardid` (`boardid`)
) ENGINE=MEMORY DEFAULT CHARSET=latin1;

-- 
-- Daten für Tabelle `bb1_sessions`
-- 

INSERT INTO `bb1_sessions` (`sessionhash`, `userid`, `ipaddress`, `useragent`, `lastactivity`, `request_uri`, `styleid`, `langid`, `boardid`, `threadid`, `authentificationcode`, `wap`) VALUES 
('c3b8b270c4be4c7c806178a9d7016b1b', 0, '66.249.65.240', 'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)', 1238965813, 'jgs_portal_box.php?id=19&sid=', 0, 0, 0, 0, '', 0),
('db3ca16df199b9825ad4c91809ffd859', 0, '83.77.117.69', 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; O', 1238963110, 'xy_megashoutbox.php?page_shout=chat', 0, 0, 0, 0, '', 0),
('4ce7dbad1be1bae42b7db291316b5ecf', 0, '88.78.44.188', 'Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8', 1238963104, 'xy_megashoutbox.php?page_shout=chat', 0, 0, 0, 0, '', 0),
('dd85922fc392f257365cfbb1423d7d5a', 0, '85.178.67.58', 'Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; en-US; rv:1.9.0.8) Gecko/2009032608 Firefox/3.0.8', 1238963034, 'logout.php?u=255', 0, 0, 0, 0, '', 0),
('946dede4028048fa23b7a8c43e458cc2', 0, '217.85.213.49', 'Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8', 1238962928, 'Sendeplan.php', 0, 0, 0, 0, '', 0),
('2d96eab8dc652528186469c8232d3696', 0, '93.214.179.107', 'Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x 4.90)', 1238962853, 'print.php?threadid=485&page=1&sid=', 0, 0, 27, 485, '', 0),
('2c311737160ae46c96c32581aa1e62a1', 65, '84.138.207.246', 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB5; SLCC1; .NET CLR 2.0.50727; Media Center PC ', 1238962825, 'Sendeplan.php', 0, 0, 0, 0, '', 0),
('c2de23e89ec60645a426dd14affed11b', 1530, '91.41.232.249', 'Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8', 1238963110, 'jgs_portal.php?sid=', 0, 0, 0, 0, '', 0),
('c65ef0fd2ad1b67401322af778a390ec', 452, '87.162.124.208', 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET ', 1238962459, 'xy_megashoutbox.php?page_shout=chat&setting=&comment=&sid=', 0, 0, 0, 0, '', 0),
('2df66bbcc0b7738c75a6d8dfd107ceda', 199, '80.135.137.75', 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET ', 1238963376, 'chat.php?action=chat', 0, 0, 0, 0, '', 0),
('a625002addd67c18c8cd55ea707aacd2', 0, '65.55.209.199', 'msnbot/1.1 (+http://search.msn.com/msnbot.htm)', 1238965589, 'jgs_treffen.php?action=ansicht&view_id=25', 0, 0, 0, 0, '', 0),
('5ed02ffe80aa30b3181fa54d1bcfa1ed', 0, '80.187.100.148', 'Mozilla/5.0 (iPhone; U; CPU iPhone OS 2_2_1 like Mac OS X; de-de) AppleWebKit/525.18.1 (KHTML, like ', 1238964995, 'print.php?threadid=1967&page=1&sid=', 0, 0, 7, 1967, '', 0),
('75fd5e6285ad4bf05ba6770a06503ee9', 0, '118.173.82.116', 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Netscape/8.0.4', 1238965637, 'register.php?sid=', 0, 0, 0, 0, '', 0),
('f51829fd263a5fd9f97ff2476b46fe86', 0, '80.226.15.87', 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3', 1238965776, 'xy_megashoutbox.php?page_shout=chat', 0, 0, 0, 0, '', 0),
('32af357f83f3493ca6e731dff3fcfb33', 0, '89.245.200.153', 'Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8', 1238964835, 'xy_megashoutbox.php?page_shout=chat', 0, 0, 0, 0, '', 0),
('edc6a68ef0a1bc455b7f64320dded4dc', 0, '91.3.248.197', 'Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8 (.NET CLR 3.', 1238965620, 'portal.php', 0, 0, 0, 0, '', 0),
('f324dd16e28a805100370e60dad6a944', 0, '72.30.87.114', 'Mozilla/5.0 (compatible; Yahoo! Slurp/3.0; http://help.yahoo.com/help/us/ysearch/slurp)', 1238965846, 'jgs_galerie.php?sid=', 0, 0, 0, 0, '', 0),
('f9c2856d18351b50a38b74934e771c30', 0, '79.210.54.224', 'Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.3 (de) (TL-FF)', 1238964488, 'jgs_portal.php?sid=', 0, 0, 0, 0, '', 0),
('d98ca6d22663e021eb425f18d681a72b', 0, '67.195.37.165', 'Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)', 1238965603, 'werbung.php?id=21', 0, 0, 0, 0, '', 0),
('e22f70f875295ed72e6e653005e87603', 0, '67.195.37.165', 'Mozilla/5.0 (compatible; Yahoo! Slurp/3.0; http://help.yahoo.com/help/us/ysearch/slurp)', 1238964361, '', 0, 0, 0, 0, '', 0),
('13cb6582329e486b4185f9401b2f29d9', 22, '78.50.206.167', 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; WBP/1.7.17)', 1238964522, 'xy_megashoutbox.php?page_shout=chat', 0, 0, 0, 0, '', 0),
('d3cfb023bd139326874aecc67e7258b8', 0, '94.220.225.40', 'Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8', 1238963819, 'Sendeplan.php', 0, 0, 0, 0, '', 0);

1:

ALTER TABE bb1_sessions DROP wap;