intcast($_SESSION['uid']); } else { $statuslogged = "Log in"; $statusloggedurl = "login/"; $statusloggedurl = "../login/"; header("Location: ../"); exit; } // get and set a proper token for our instance. if(!isset($_SESSION['token']) || empty($_SESSION['token']) ) { $csrf = $db->getToken(); $_SESSION['token'] = $csrf; } else { $csrf = $db->clean($_SESSION['token'],'encode'); } if(isset($uid) && $uid != '0') { $db->q("UPDATE timeline SET readit = '1' WHERE toid = '".$db->intcast($uid)."'"); } ?> query("SELECT * FROM profile WHERE id = '".$db->intcast($uid)."'"); $countown = count($selectown); } if(isset($selectown[0]["bodycolor"]) != NULL && isset($selectown[0]["textcolor"]) != NULL) { if(strstr($selectown[0]["bodycolor"],'#') && strstr($selectown[0]["textcolor"],'#')) { $bodycolor = substr($db->clean($selectown[0]["bodycolor"],'encode'),0,7); $textcolor = substr($db->clean($selectown[0]["textcolor"],'encode'),0,7); echo PHP_EOL; echo ""; echo PHP_EOL; } } ?>

Mentions

clean($_SESSION["profile"]["username"],'search')."%"; $stmt = $mysqli->prepare("SELECT * FROM timeline,profile WHERE profile.id = timeline.uid AND timeline.post LIKE ? ORDER BY timeline.tid DESC"); $params = array("s",$searchfor); foreach($params as $key => $value) $search[$key] = &$params[$key]; call_user_func_array(array($stmt, 'bind_param'), $search); $stmt->execute(); $query = $stmt->get_result(); while($row = $query->fetch_array(MYSQLI_ASSOC)) { $timelines[] = $row; } $stmt->close(); for($k=0; $k < count($timelines); $k++) { ?>

@clean($timelines[$k]['username'],'encode');?>

prepareHTML($timelines[$k]['post']);?>

"; include("../resources/PHP/postform.php"); include("../resources/PHP/footer.php"); ?> close(); ?>