/**
* Zeigt das Formular an, in dem User ihre Einträge machen können
*
* @param $text Vorbelegung für den text
* @param $mail Vorbelegung für die Emailadresse
* @param $page Vorbelegung für die Homepage
*/
function showForm($text = "", $mail = "", $page = "", $fehler = "")
{
global $allgAr;
$tpl = new tpl('gbook.htm');
$ar = array('uname' => $_SESSION['authname'], 'SMILIES' => getsmilies(), 'ANTISPAM' => get_antispam('gbook', 1), 'TXTL' => $allgAr['Gtxtl'], 'TEXT' => $text, 'PAGE' => $page, 'MAIL' => $mail, 'FEHLER' => $fehler);
$tpl->set_ar_out($ar, "formular_eintrag");
if (!isset($_SESSION['klicktime_gbook'])) {
$_SESSION['klicktime_gbook'] = 0;
}
}
$design->footer(1);
}
}
// anzeigen
$design->header();
$tpl = new tpl('selfbp', 1);
$akl = '';
if (isset($_REQUEST['akl'])) {
$akl = $_REQUEST['akl'];
}
// loeschen
if (isset($_REQUEST['del'])) {
$del = $_REQUEST['del'];
$a = substr($del, 0, 1);
$e = substr($del, 1);
if ($e != 'neu') {
unlink('include/contents/selfbp/self' . $a . '/' . $e);
}
}
$text = get_text($akl);
$properties = get_properties($text);
if (!isset($properties['wysiwyg'])) {
$properties['wysiwyg'] = 1;
}
$text = edit_text($text, false);
// $text = rteSafe($text);
$filename = get_filename($akl);
$akl = get_akl($akl);
$view = get_view(isset($properties['view']) ? $properties['view'] : '');
$tpl->set_ar_out(array('akl' => $akl, 'text' => $text, 'filename' => $filename, 'exfilename' => $filename, 'wysiwyg' => $properties['wysiwyg'], 'title' => isset($properties['title']) ? $properties['title'] : '', 'hmenu' => isset($properties['hmenu']) ? $properties['hmenu'] : '', 'view' => $view, 'viewoptions' => isset($properties['viewoptions']) ? $properties['viewoptions'] : '', 'wysiwyg_editor' => $properties['wysiwyg'] == 1 ? '<script type="text/javascript">buttonPath = "include/images/icons/editor/"; imageBrowse = "admin.php?selfbp-imagebrowser"; makeWhizzyWig("bbwy", "all");</script>' : '', 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 0);
$design->footer();
db_query('UPDATE `prefix_rules` SET `text` = "' . $text . '", `titel` = "' . $titel . '", `zahl` = "' . $zahl . '" WHERE `id` = "' . $sid . '"');
}
}
if (!empty($_GET['delete'])) {
$delete = escape($_GET['delete'], 'integer');
db_query('DELETE FROM `prefix_rules` WHERE `id` = "' . $delete . '" LIMIT 1');
}
if (empty($_GET['sid'])) {
$row = array();
$row['sub'] = 'Eintragen';
$row['zahl'] = '';
$row['titel'] = '';
$row['text'] = $row['sid'] = '';
} else {
$abf = 'SELECT `text`,`zahl`,`titel`,`id` as `sid` FROM `prefix_rules` WHERE `id` = "' . escape($_GET['sid'], 'integer') . '"';
$erg = db_query($abf);
$row = db_fetch_assoc($erg);
$row['sub'] = 'Ändern';
}
$clas = '';
$tpl = new tpl('rules', 1);
$row['ANTISPAM'] = get_antispam('adminuser_action', 0, true);
$tpl->set_ar_out($row, 0);
$erg = db_query('SELECT * FROM `prefix_rules` ORDER BY `zahl`');
while ($row = db_fetch_assoc($erg)) {
$clas = $clas == 'Cmite' ? 'Cnorm' : 'Cmite';
$row['class'] = $clas;
$tpl->set_ar_out($row, 1);
}
$tpl->out(2);
$design->footer();
}
if ($row['opt_pm_popup'] == 1) {
$row['opt_pm_popup1'] = 'checked';
$row['opt_pm_popup0'] = '';
} else {
$row['opt_pm_popup1'] = '';
$row['opt_pm_popup0'] = 'checked';
}
$row['avatarbild'] = file_exists($row['avatar']) ? '<img src="' . $row['avatar'] . '" alt=""><br />' : '';
$row['Fabreite'] = $allgAr['Fabreite'];
$row['Fahohe'] = $allgAr['Fahohe'];
$row['Fasize'] = $allgAr['Fasize'];
$row['forum_max_sig'] = $allgAr['forum_max_sig'];
$row['uid'] = $_SESSION['authid'];
$row['forum_usergallery'] = $allgAr['forum_usergallery'];
$row['antispam'] = get_antispam('user_profile_edit', 0, true);
$tpl->set_ar_out($row, 0);
if ($allgAr['forum_avatar_upload']) {
$tpl->out(1);
}
$tpl->set_ar_out($row, 2);
profilefields_change($_SESSION['authid']);
$tpl->out(3);
} else {
$tpl = new tpl('user/login.htm');
$tpl->set_out('WDLINK', 'index.php', 0);
}
} elseif ($csrfCheck) {
# submit
# change poassword
if (!empty($_POST['np1']) and !empty($_POST['np2']) and !empty($_POST['op'])) {
$k = escape($k, 'integer');
$astat = db_result(db_query("SELECT stat FROM prefix_topics WHERE id = " . $k), 0, 0);
$nstat = $astat == 1 ? 0 : 1;
db_query("UPDATE `prefix_topics` SET stat = '" . $nstat . "' WHERE id = " . $k);
}
wd('index.php?forum-showtopics-' . $fid, 'Status geändert', 2);
} elseif (!$csrfCheck || empty($_POST['del']) && empty($_POST['shift'])) {
$limit = $allgAr['Ftanz'];
// Limit
$page = $menu->getA(3) == 'p' ? $menu->getE(3) : 1;
$MPL = db_make_sites($page, "WHERE fid = '{$fid}'", $limit, '?forum-editforum-' . $fid, 'topics');
$anfang = ($page - 1) * $limit;
$q = "SELECT a.id, a.name, a.rep, a.erst, a.hit, a.art, a.stat, b.time, b.erst as last, b.id as pid\r\n FROM prefix_topics a\r\n \tLEFT JOIN prefix_posts b ON a.last_post_id = b.id\r\n \tWHERE a.fid = {$fid}\r\n \tORDER BY a.art DESC, b.time DESC\r\n \tLIMIT " . $anfang . "," . $limit;
$tpl = new tpl('forum/editforum.htm');
$tpl->set('id', $fid);
$tpl->set('antispam', get_antispam('forum_edit_forum', 0, true));
$tpl->set_out('MPL', $MPL, 0);
$erg = db_query($q);
while ($row = db_fetch_assoc($erg)) {
$row['date'] = date('d.m.y - H:i', $row['time']);
$tpl->set_ar_out($row, 1);
}
$tpl->out(2);
} elseif (isset($_POST['del']) and isset($_POST['dely']) and $_POST['dely'] == 'yes' and $csrfCheck) {
$pmin = 0;
$tmin = 0;
foreach ($_POST['in'] as $k => $v) {
$k = escape($k, 'integer');
$erg = db_query("SELECT erstid FROM prefix_posts WHERE tid = " . $k . " AND erstid > 0");
while ($row = db_fetch_object($erg)) {
db_query("UPDATE prefix_user SET posts = posts - 1 WHERE id = " . $row->erstid);
$tpl->set_ar_out(array('class' => $class, 'id' => $row['id'], 'name' => $row['name'], 'url' => $row['url'], 'pos' => $row['pos']), 4);
}
// Tabellenuebergang
$tpl->out(1);
// Aendern oder Einfuegen
if ($aid == 'edit') {
$mid = $menu->get(3);
$erg = db_query('SELECT `pos`, `menu` FROM `prefix_modules` WHERE `id` = ' . $mid);
$row = db_fetch_assoc($erg);
$kat = getKats($row['menu']);
$modul = dblistee($mid, 'SELECT `id`, `name` FROM `prefix_modules` WHERE (`menu` = "" AND (`gshow` = 1 OR `ashow` = 1)) OR `id` = ' . $mid . ' ORDER BY `name` ASC');
$tpl->set_ar_out(array('aname' => 'Eintrag bearbeiten', 'modul' => $modul, 'kat' => $kat, 'pos' => $row['pos'], 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 5);
} else {
$kat = getKats();
$modul = dblistee('', 'SELECT `id`, `name` FROM `prefix_modules` WHERE `menu` = "" AND (`gshow` = 1 OR `ashow` = 1) ORDER BY `name` ASC');
$tpl->set_ar_out(array('aname' => 'Eintrag hinzufügen', 'modul' => $modul, 'kat' => $kat, 'pos' => $row['pos'], 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 5);
}
// Template-Footer
$tpl->out(2);
break;
case 'del':
// Betroffene Modul-ID
$mid = $menu->get(3);
// Aktuelle Position und Menus abfragen
$erg = db_query('SELECT `pos`, `menu` FROM `prefix_modules` WHERE `id` = ' . $mid . ' LIMIT 0, 1');
$row = db_fetch_assoc($erg);
// Postitionen des alten Menues neu speichern und Modul-Kat zuruecksetzen
db_query('UPDATE `prefix_modules` SET `pos` = `pos` -1 WHERE `menu` = "' . $row['menu'] . '" AND `pos` > ' . $row['pos']);
db_query('UPDATE `prefix_modules` SET `menu` = "", `pos` = NULL WHERE `id` = ' . $mid);
wd('admin.php?modules-adminmenu', 'Eintrag gelöscht');
$design->footer(1);
}
if ($menu->getA(3) == 'd' and is_numeric($menu->getE(3)) and has_right(-7, 'gbook')) {
$did = escape($menu->getE(3), 'integer');
db_query("DELETE FROM prefix_koms WHERE uid = " . $id . " AND cat = 'GBOOK' AND id = " . $did);
}
$r = db_fetch_assoc(db_query("SELECT time, name, mail, page, txt as text, id FROM prefix_gbook WHERE id = " . $id));
$r['datum'] = date('d.m.Y', $r['time']);
if ($r['page'] != '') {
$r['page'] = get_homepage($r['page']);
$r['page'] = ' <a href="' . $r['page'] . '" target="_blank"><img src="include/images/icons/page.gif" border="0" alt="Homepage ' . $lang['from'] . ' ' . $r['name'] . '"></a>';
}
if ($r['mail'] != '') {
$r['mail'] = ' <a href="mailto:' . escape_email_to_show($r['mail']) . '"><img src="include/images/icons/mail.gif" border="0" alt="E-Mail ' . $lang['from'] . ' ' . $r['name'] . '"></a>';
}
$tpl = new tpl('gbook.htm');
$r['ANTISPAM'] = get_antispam('gbookkom', 0);
$r['uname'] = $_SESSION['authname'];
$r['text'] = bbcode($r['text']);
$tpl->set_ar_out($r, 4);
$i = 1;
$erg = db_query("SELECT id, name, text FROM prefix_koms WHERE uid = " . $id . " AND cat = 'GBOOK' ORDER BY id DESC");
$anz = db_num_rows($erg) + 1;
while ($r1 = db_fetch_assoc($erg)) {
$r1['zahl'] = $anz - $i;
$r1['text'] = bbcode($r1['text']);
if (has_right(-7, 'gbook')) {
$r1['text'] .= '<a href="index.php?gbook-show-' . $id . '-d' . $r1['id'] . '"><img src="include/images/icons/del.gif" alt="' . $lang['delete'] . '" border="0" title="' . $lang['delete'] . '" /></a>';
}
$tpl->set_ar_out($r1, 5);
$i++;
}
echo '<textarea cols="55" rows="3" name="' . $row['schl'] . '">' . $row['wert'] . '</textarea>';
} elseif ($row['typ'] == 'grecht') {
$grl = dblistee($allgAr[$row['schl']], "SELECT id,name FROM prefix_grundrechte ORDER BY id ASC");
echo '<select name="' . $row['schl'] . '">' . $grl . '</select>';
} elseif ($row['typ'] == 'grecht2') {
$grl = dblistee($allgAr[$row['schl']], "SELECT id,name FROM prefix_grundrechte WHERE id >= -2 ORDER BY id ASC");
echo '<select name="' . $row['schl'] . '">' . $grl . '</select>';
} elseif ($row['typ'] == 'password') {
echo '<input size="50" type="password" name="' . $row['schl'] . '" value="***" />';
}
echo '</td></tr>' . "\n\n";
$ch = $row['kat'];
}
echo '<tr class="Cdark"><td></td><td><input type="submit" value="Absenden" name="submit"></td></tr>';
echo '</table>';
echo get_antispam('admin_allg', 0, true);
echo '</form>';
} elseif ($csrfCheck) {
$abf = 'SELECT * FROM `prefix_config` ORDER BY kat';
$erg = db_query($abf);
while ($row = db_fetch_assoc($erg)) {
if ($row['typ'] == 'password' and $_POST[$row['schl']] == '***') {
continue;
} elseif ($row['typ'] == 'password') {
require_once 'include/includes/class/AzDGCrypt.class.inc.php';
$cr64 = new AzDGCrypt(DBDATE . DBUSER . DBPREF);
$_POST[$row['schl']] = $cr64->crypt($_POST[$row['schl']]);
}
db_query('UPDATE `prefix_config` SET wert = "' . escape($_POST[$row['schl']], 'textarea') . '" WHERE schl = "' . $row['schl'] . '"');
}
wd('admin.php?allg', 'Erfolgreich geändert', 2);
if (isset($_POST['subform']) and chk_antispam('smtpconf', true)) {
if (!empty($_POST['smtp_pass'])) {
require_once 'include/includes/class/AzDGCrypt.class.inc.php';
$cr64 = new AzDGCrypt(DBDATE . DBUSER . DBPREF);
$smtp['smtp_pass'] = $cr64->crypt($_POST['smtp_pass']);
}
unset($_POST['smtp_pass']);
foreach ($keys as $key) {
if (isset($_POST[$key])) {
$smtp[$key] = $_POST[$key];
}
}
if (!isset($_POST['smtp_pop3beforesmtp'])) {
$smtp['smtp_pop3beforesmtp'] = 0;
}
$smtpsql = escape(serialize($smtp), 'textarea');
db_query('UPDATE `prefix_allg` SET `t1` = "' . $smtpsql . '" WHERE `k` = "smtpconf"');
if (mysql_affected_rows() == 0) {
echo '<h2>Es wurden keine Änderungen vorgenommen!</h2>';
} else {
echo '<h2>Änderungen gespeichert</h2>';
}
}
//Formular ausgeben
$tpl = new tpl('smtpconf', 1);
$smtp['smtp'] = $allgAr['mail_smtp'] ? 1 : 0;
$smtp['smtp_selauth'] = arlistee($smtp['smtp_auth'], $authMethods);
$smtp['smtp_pass'] = (isset($smtp['smtp_pass']) and !empty($smtp['smtp_pass'])) ? 1 : 0;
$smtp['antispam'] = get_antispam('smtpconf', 0, true);
$tpl->set_ar_out($smtp, 0);
$design->footer();
if ($menu->getA(3) == 'z') {
$row = db_fetch_object(db_query("SELECT txt,erst FROM prefix_posts WHERE id = " . $menu->getE(3)));
$xtext = '[quote=' . escape_nickname($row->erst) . ']' . "\n" . $row->txt . "\n[/quote]";
}
if ($menu->getA(3) == 'f') {
$r = db_fetch_assoc(db_query("SELECT id,text,title FROM prefix_faqs WHERE id = " . $menu->getE(3)));
$xtext = 'FAQ Artikel: [url=index.php?faqs-s' . $r['id'] . '#FAQ' . $r['id'] . ']' . $r['title'] . '[/url]' . "\n" . unescape($r['text']);
}
if (isset($_POST['priview'])) {
$tpl->set_out('txt', bbcode(unescape($txt)), 0);
}
if (empty($txt)) {
$txt = $xtext;
}
$tpl = new tpl('forum/newpost');
$ar = array('txt' => escape_for_fields(unescape($txt)), 'tid' => $tid, 'name' => $name, 'SMILIES' => getsmilies(), 'antispam' => get_antispam('newpost', 1));
$tpl->set_ar_out($ar, 1);
$erg = db_query('SELECT erst, txt FROM `prefix_posts` WHERE tid = "' . $tid . '" ORDER BY time DESC LIMIT 0,5');
while ($row = db_fetch_assoc($erg)) {
$row['txt'] = bbcode($row['txt']);
$tpl->set_ar_out($row, 2);
}
$tpl->out(3);
} else {
# save post
$_SESSION['klicktime'] = $dppk_time;
$design = new design($title, $hmenu, 1);
$design->header();
if (loggedin()) {
$uid = $_SESSION['authid'];
$erst = escape($_SESSION['authname'], 'string');
# als upcoming war vormerken (kategorie 1)
db_query("INSERT INTO prefix_wars (datime,`status`,gegner,tag,page,mail,icq,wo,tid,`mod`,game,mtyp,land,txt) VALUES ('" . $datum . "','1','" . $clanname . "','" . $clantag . "','" . $clanpage . "','" . $mailaddy . "','" . $icqnumber . "','" . $meetingplace . "','" . $squad . "','" . $xonx . "','" . $game . "','" . $matchtype . "','" . $clancountry . "','" . $message . "')");
# pm an den leader
sendpm($_SESSION['authid'], $row['mod1'], 'Fightus Anfrage', $txt, -1);
# Wenn Co Leader != Leader
if ($row['mod1'] != $row['mod2']) {
sendpm($_SESSION['authid'], $row['mod2'], 'Fightus Anfrage', $txt, -1);
}
if ($row['mod3'] != $row['mod2'] and $row['mod1'] != $row['mod3']) {
sendpm($_SESSION['authid'], $row['mod3'], 'Fightus Anfrage', $txt, -1);
}
# informieren
echo sprintf($lang['leaderofxalert'], $row['name']);
} else {
$clancountry = arlistee($clancountry, get_nationality_array());
$squad = '<option value="0">choose</option>';
$squad .= dblistee($squad, "SELECT id,name FROM prefix_groups WHERE show_fightus = 1 ORDER BY pos");
if (empty($meetingtime)) {
$meetingtime = date('d.m.Y - H:i:s');
}
$tpl = new tpl('fightus.htm');
foreach ($far as $v) {
if ($x > 0 and empty($_POST[$v])) {
echo 'missing: ' . $lang[$v] . '<br />';
}
$tpl->set($v, ${$v});
}
$tpl->set('ANTISPAM', get_antispam('fightus', 120));
$tpl->out(0);
}
$design->footer();
}
$arm = array();
for ($i = 0; $i < 60; $i++) {
$arm[$i] = $i;
}
$ars = array();
for ($i = 0; $i < 24; $i++) {
$ars[$i] = $i;
}
$tpl = new tpl('kalender.htm', 1);
$limit = 30;
// Limit
$page = $menu->getA(1) == 'p' ? $menu->getE(1) : 1;
$MPL = db_make_sites($page, '', $limit, "admin.php?kalender", 'kalender');
$anfang = ($page - 1) * $limit;
$aus = array('AKTION' => $Faktion, 'MPL' => $MPL, 'EID' => $Fid, 'TITLE' => $Ftitle, 'TEXT' => $Ftext, 'stunden' => arliste($Fhours, $ars, $tpl, 'stunden'), 'minuten' => arliste($Fmins, $arm, $tpl, 'minuten'), 'zende' => $Fzende, 'begind' => $Fbegind, 'recht' => dbliste($Frecht, $tpl, 'recht', "SELECT `id`,`name` FROM `prefix_grundrechte` ORDER BY `id` DESC"), 'FSUB' => $Fsub, 'ANTISPAM' => get_antispam('adminuser_action', 0, true));
$tpl->set_ar_out($aus, 0);
if (!isset($_GET['edit'])) {
$tpl->out(1);
} else {
$tpl->out(2);
}
$tpl->out(3);
unset($aus);
// Liste
$result = db_query('SELECT `gid`,`id`,`title`,`time` FROM `prefix_kalender` ORDER BY `time` DESC LIMIT ' . $anfang . ',' . $limit);
while ($row = db_fetch_assoc($result)) {
$aus = array('ID' => $row['id'], 'DATE' => date('d.m.Y', $row['time']), 'TIME' => date('H:i', $row['time']), 'TITLE' => $row['title'], 'GID' => $row['gid']);
$tpl->set_ar_out($aus, 4);
}
$tpl->set_ar_out(array('MPL' => $MPL), 5);
} else {
echo 'antihack';
}
exit;
}
}
$title = $allgAr['title'] . ' :: Shoutbox ' . $lang['archiv'];
$hmenu = 'Shoutbox ' . $lang['archiv'];
$design = new design($title, $hmenu);
$design->header();
$data = array();
$page = $menu->getA(1) == 'p' ? $menu->getE(1) : 1;
$limit = $allgAr['sb_archive_limit'];
$mpl = db_make_sites($page, '', $limit, 'index.php?shoutbox', 'shoutbox');
$erg = db_query('SELECT * FROM `prefix_shoutbox` ORDER BY id DESC LIMIT ' . ($page - 1) * $limit . ', ' . $limit);
while ($row = db_fetch_assoc($erg)) {
$row['textarea'] = BBCode_onlySmileys($row['textarea'], $allgAr['sb_maxwordlength']);
$time = strtotime($row['time']);
if ($time != 0) {
$dateformat = date('d.m.Y') == date('d.m.Y', $time) ? 'H:i' : 'd.m. - H:i';
$row['time'] = date($dateformat, $time);
} else {
$row['time'] = 0;
}
$data[$row['id']] = $row;
}
require_once 'include/includes/class/iSmarty.php';
$smarty = new iSmarty();
$smarty->assign(array('data' => $data, 'lang' => $lang, 'siteadmin' => is_siteadmin(), 'antihack' => get_antispam('shoutboxarchive', 0, true), 'multipages' => $mpl));
$smarty->display('shoutbox.tpl');
$design->footer();
# Support: www.ilch.de
defined('main') or die('no direct access');
if ($forum_rights['mods'] == FALSE) {
$forum_failure[] = 'Keine Berechtigung dieses Forum zu moderiren';
check_forum_failure($forum_failure);
}
$title = $allgAr['title'] . ' :: Forum :: ' . $aktForumRow['kat'] . ' :: ' . $aktForumRow['name'] . ' :: ' . $aktTopicRow['name'] . ' :: Beitrag löschen';
$hmenu = $extented_forum_menu . '<a class="smalfont" href="index.php?forum">Forum</a><b> » </b><a class="smalfont" href="index.php?forum-showcat-' . $aktForumRow['cid'] . '">' . $aktForumRow['kat'] . '</a><b> » </b><a class="smalfont" href="index.php?forum-showtopics-' . $fid . '">' . $aktForumRow['name'] . '</a><b> » </b>';
$hmenu .= '<a class="smalfont" href="index.php?forum-showposts-' . $tid . '">' . $aktTopicRow['name'] . '</a> <b> » </b>Beitrag löschen' . $extented_forum_menu_sufix;
$design = new design($title, $hmenu, 1);
$design->header();
$postid = escape($menu->get(3), 'integer');
$csrfCheck = chk_antispam('forum_del_post', true);
if (empty($_POST['delete']) || !$csrfCheck) {
$tpl = new tpl('forum/del_post');
$tpl->set_ar(array('tid' => $tid, 'get3' => $postid, 'antispam' => get_antispam('forum_del_post', 0, true)));
$tpl->out(0);
} elseif ($csrfCheck) {
$erstid = @db_result(db_query("SELECT erstid FROM `prefix_posts` WHERE id = " . $postid . " LIMIT 1"), 0);
if ($erstid > 0) {
db_query("UPDATE `prefix_user` SET posts = posts - 1 WHERE id = {$erstid}");
}
db_query("DELETE FROM `prefix_posts` WHERE id = " . $postid . " LIMIT 1");
$erg = db_query("SELECT MAX(id) FROM prefix_posts WHERE tid = " . $tid);
$max = db_result($erg, 0);
db_query("UPDATE `prefix_topics` SET last_post_id = " . $max . ", `rep` = `rep` - 1 WHERE id = " . $tid);
db_query("UPDATE `prefix_forums` SET last_post_id = " . $max . ", posts = posts - 1 WHERE id = " . $fid);
$tpl = new tpl('forum/del_post');
$tpl->set_out('tid', $tid, 1);
}
$design->footer();
}
$design = new design('Ilch Admin-Control-Panel :: Captcha', '', 2);
$design->header();
if (@(!(include "include/includes/func/captcha/settings.php"))) {
$imagewidth = 170;
$imageheight = 50;
$fontsize = 24;
$bgintensity = 100;
$bgfonttype = 3;
$scratchamount = 100;
$scratches = 0;
$passphraselenght = 4;
$addagrid = 1;
$addhorizontallines = 0;
$useRandomColors = 1;
$minsize = 20;
$maxsize = 30;
$angle = 45;
}
$tpl = new tpl('captcha', 1);
$useRandomColorsja = $useRandomColors == 1 ? 'checked' : '';
$useRandomColorsno = $useRandomColors == 1 ? '' : 'checked';
$addagridja = $addagrid == 1 ? 'checked' : '';
$addagridno = $addagrid == 1 ? '' : 'checked';
$addhorizontallinesja = $addhorizontallines == 1 ? 'checked' : '';
$addhorizontallinesno = $addhorizontallines == 1 ? '' : 'checked';
$scratchesja = $scratches == 1 ? 'checked' : '';
$scratchesno = $scratches == 1 ? '' : 'checked';
$r = array('imagewidth' => $imagewidth, 'imageheight' => $imageheight, 'fontsize' => $fontsize, 'bgintensity' => $bgintensity, 'bgfonttype' => $bgfonttype, 'scratchamount' => $scratchamount, 'scratches' => $scratches, 'passphraselenght' => $passphraselenght, 'minsize' => $minsize, 'maxsize' => $maxsize, 'angle' => $angle, 'useRandomColorsja' => $useRandomColorsja, 'useRandomColorsno' => $useRandomColorsno, 'addagridja' => $addagridja, 'addagridno' => $addagridno, 'addhorizontallinesja' => $addhorizontallinesja, 'addhorizontallinesno' => $addhorizontallinesno, 'scratchesja' => $scratchesja, 'scratchesno' => $scratchesno, 'ANTISPAM' => get_antispam('adminuser_action', 0, true));
$tpl->set_ar_out($r, 0);
$design->footer();
// kommentar loeschen
$kategorie = news_find_kat($row->news_kat);
$textToShow = bbcode($row->news_text);
$textToShow = str_replace('[PREVIEWENDE]', '', $textToShow);
if (!empty($such)) {
$textToShow = markword($textToShow, $such);
}
$tpl = new tpl('news.htm');
if (loggedin()) {
$uname = $_SESSION['authname'];
$readonly = 'readonly';
} else {
$uname = '';
$readonly = '';
}
$ar = array('TEXT' => $textToShow, 'KATE' => $kategorie, 'NID' => $nid, 'uname' => $uname, 'readonly' => $readonly, 'ANTISPAM' => get_antispam('newskom', 0), 'NAME' => $row->news_title);
$tpl->set_ar_out($ar, 2);
if ($komsOK) {
$tpl->set_ar_out(array('NAME' => $row->news_title, 'NID' => $nid), "koms_on");
$erg1 = db_query("SELECT `text`, `name`, `userid`, `id`, `time` FROM `prefix_koms` WHERE `uid` = " . $nid . " AND `cat` = 'NEWS' ORDER BY `id` DESC");
$anz = db_num_rows($erg1);
if ($anz == 0) {
echo $lang['nocomments'];
} else {
while ($row1 = db_fetch_assoc($erg1)) {
$row1['text'] = bbcode(trim($row1['text']));
if (has_right(-7, 'news')) {
$del = ' <a href="?news-' . $nid . '-d' . $row1['id'] . '"><img src="include/images/icons/del.gif" alt="löschen" border="0" title="löschen" /></a>';
}
$tpl->set_ar_out(array('TEXT' => $row1['text'], 'AVATAR' => get_avatar($row1['userid']), 'NAME' => $row1['name'], 'TIME' => post_date($row1['time'], 1) . $del, 'ZAHL' => $anz), "koms_self");
$anz--;
$tpl->set('page', $page);
$txt = $tpl->get(0);
unset($tpl);
icmail($_POST['email'], 'Admin hat dich angelegt', $txt);
}
$msg = 'Benutzer angelegt <a href="javascript:closeThisWindow()">Fenster schließen</a>';
}
}
$pass = '';
$email = '';
$recht = '';
if (isset($_POST['pass'])) {
$pass = $_POST['pass'];
}
if (isset($_POST['email'])) {
$email = $_POST['email'];
}
if (isset($_POST['recht'])) {
$recht = $_POST['recht'];
} else {
$recht = '-1';
}
$tpl = new tpl('user/new_user', 1);
$tpl->set('msg', $msg);
$tpl->set('pass', $pass);
$tpl->set('email', $email);
$tpl->set('recht', dblistee($recht, "SELECT id,name FROM prefix_grundrechte ORDER BY id ASC"));
$tpl->set('antispam', get_antispam('adminuser_create', 0, true));
$tpl->out(0);
break;
}
$emails = array('bbc', $allgAr['adminMail']);
while ($row = db_fetch_object($erg)) {
if (!in_array($row->email, $emails) and preg_match('/^([a-z0-9])(([-a-z0-9._])*([a-z0-9]))*\\@([a-z0-9])' . '(([a-z0-9-])*([a-z0-9]))+' . '(\\.([a-z0-9])([-a-z0-9_-])?([a-z0-9])+)+$/i', $row->email) == 1) {
$emails[] = $row->email;
$zahler++;
}
}
icmail($emails, $_POST['bet'], $_POST['txt'], '', isset($_POST['html']));
} elseif ($mailopm == 'P') {
$uids = array();
while ($row = db_fetch_object($erg)) {
$uids[] = $row->uid;
$zahler++;
}
sendpm($_SESSION['authid'], $uids, escape($_POST['bet'], 'string'), escape($_POST['txt'], 'string'), -1);
}
if ($mailopm == 'E') {
$eMailorPmsg = 'eMail(s)';
} elseif ($mailopm == 'P') {
$eMailorPmsg = 'Private Nachrichte(n)';
}
wd('admin.php?newsletter', 'Es wurde(n) ' . $zahler . ' ' . $eMailorPmsg . ' verschickt.', 5);
} else {
wd('admin.php?newsletter', 'Für diese Auswahl konnte nichts gefunden werden.', 5);
}
} else {
echo $xajax->printJavascript();
$tpl = new tpl('newsletter', 1);
$tpl->set_out('antispam', get_antispam('newsletter', 0, true), 0);
}
$design->footer();
$class = $class == 'Cmite' ? 'Cnorm' : 'Cmite';
$row['class'] = $class;
$tpl->set_ar_out($row, 4);
}
}
// Tabellenuebergang
$tpl->out(1);
// Aendern oder Einfuegen
if ($aid == 'edit') {
$lid = $menu->get(3);
$erg = db_query('SELECT `task`, `file`, `description` FROM `prefix_loader` WHERE `id` = ' . $lid);
$row = db_fetch_assoc($erg);
$task = getTasks($row['task']);
$tpl->set_ar_out(array('aname' => 'Eintrag bearbeiten', 'task' => $task, 'file' => $row['file'], 'description' => $row['description'], 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 5);
} else {
$task = getTasks('');
$tpl->set_ar_out(array('aname' => 'Eintrag hinzufügen', 'task' => $task, 'file' => '', 'description' => '', 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 5);
}
// Template-Footer
$tpl->out(2);
break;
case 'del':
// Betroffene Task-ID
$lid = $menu->get(3);
// Wert entfernen
db_query('DELETE FROM `prefix_loader` WHERE `id` = ' . $lid);
wd('admin.php?modules-loader', 'Eintrag gelöscht');
$design->footer(1);
break;
}
$design->footer();
<?php
/**
* @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL)
* @copyright (C) 2000-2010 ilch.de
* @version $Id$
*/
defined('main') or die('no direct access');
defined('admin') or die('only admin access');
$design = new design('Ilch Admin-Control-Panel :: Trainzeiten', '', 2);
$design->header();
$tpl = new tpl('trains', 1);
if (!empty($_POST['send']) and chk_antispam('adminuser_action', true)) {
$mon = str_replace('#', '', escape($_POST['mon'], 'textarea'));
$die = str_replace('#', '', escape($_POST['die'], 'textarea'));
$mit = str_replace('#', '', escape($_POST['mit'], 'textarea'));
$don = str_replace('#', '', escape($_POST['don'], 'textarea'));
$fre = str_replace('#', '', escape($_POST['fre'], 'textarea'));
$sam = str_replace('#', '', escape($_POST['sam'], 'textarea'));
$son = str_replace('#', '', escape($_POST['son'], 'textarea'));
$new = $mon . '#' . $die . '#' . $mit . '#' . $don . '#' . $fre . '#' . $sam . '#' . $son;
db_query("UPDATE `prefix_allg` SET `t1` = '" . $new . "' WHERE `k` = 'trainzeiten'");
wd('admin.php?trains', 'Daten erfolgreich geändert', 2);
} else {
$row = db_fetch_object(db_query("SELECT `t1` FROM `prefix_allg` WHERE `k` = 'trainzeiten'"));
$dbe = explode('#', $row->t1);
$ar = array('MON' => $dbe[0], 'DIE' => $dbe[1], 'MIT' => $dbe[2], 'DON' => $dbe[3], 'FRE' => $dbe[4], 'SAM' => $dbe[5], 'SON' => $dbe[6], 'ANTISPAM' => get_antispam('adminuser_action', 0, true));
$tpl->set_ar_out($ar, 0);
}
$design->footer();
db_query("INSERT INTO prefix_koms (name,text,uid,cat) VALUES ('" . $name . "','" . $text . "'," . $row['id'] . ",'GALLERYIMG')");
}
} elseif (isset($_POST['subgalkom']) and !$antispam) {
$insertmsg .= 'Falscher Antispam';
}
# loeschen
if (isset($_GET['delete']) and is_siteadmin()) {
db_query("DELETE FROM prefix_koms WHERE id = " . escape($_GET['delete'], 'integer'));
}
# zeigen
if (!empty($insertmsg)) {
$insertmsg = '<span style="color:red;">' . $insertmsg . '</span><br />';
}
$tpl->set('insertmsg', $insertmsg);
$tpl->set('uname', $_SESSION['authname']);
$tpl->set('antispam', get_antispam('gallery', 0));
$tpl->out(1);
$class = 'Cnorm';
$erg = db_query("SELECT id, name, text FROM prefix_koms WHERE uid = " . $row['id'] . " AND cat = 'GALLERYIMG' ORDER BY id DESC");
while ($r = db_fetch_assoc($erg)) {
$class = $class == 'Cmite' ? 'Cnorm' : 'Cmite';
$r['class'] = $class;
$r['text'] = bbcode($r['text']);
if (is_admin()) {
$r['text'] .= '<a href="index.php?gallery-show-' . $cid . '-p' . $page . '=0&delete=' . $r['id'] . '"><img src="include/images/icons/del.gif" border="0" title="löschen" alt="löschen" /></a>';
}
$tpl->set_ar_out($r, 2);
}
$tpl->out(3);
}
} else {
if (chk_antispam('downloads') and isset($_POST['name']) and isset($_POST['text'])) {
if (loggedin()) {
$name = $_SESSION['authname'];
$userid = $_SESSION['authid'];
} else {
$name = escape($_POST['name'], 'string') . ' (Gast)';
$userid = 0;
}
$text = escape($_POST['text'], 'string');
db_query("INSERT INTO `prefix_koms` (`name`,`userid`,`text`,`time`,`uid`,`cat`) VALUES ('" . $name . "', " . $userid . ", '" . $text . "','" . time() . "', " . $id . ", 'DOWNLOAD')");
}
if ($menu->getA(3) == 'd' and is_numeric($menu->getE(3)) and has_right(-7, 'downloads')) {
$did = escape($menu->getE(3), 'integer');
db_query("DELETE FROM `prefix_koms` WHERE `uid` = " . $id . " AND `cat` = 'DOWNLOAD' AND `id` = " . $did);
}
$r['ANTISPAM'] = get_antispam('downloads', 0);
if (loggedin()) {
$r['uname'] = $_SESSION['authname'];
$r['readonly'] = 'readonly';
} else {
$r['uname'] = '';
$r['readonly'] = '';
}
$r['text'] = bbcode($r['text']);
$tpl->set_ar_out($r, "koms_on");
$erg = db_query("SELECT `id`, `name`, `userid`, `text`, `time` FROM `prefix_koms` WHERE `uid` = " . $id . " AND `cat` = 'DOWNLOAD' ORDER BY `id` DESC");
$anz = db_num_rows($erg);
if ($anz == 0) {
echo $lang['nocomments'];
} else {
while ($r1 = db_fetch_assoc($erg)) {
$mail = '';
$subject = '';
$wer = '';
$text = '';
} else {
echo $lang['emailcouldnotsend'];
}
}
$tpl = new tpl('contact.htm');
$tpl->out(0);
$i = 1;
foreach ($k as $a) {
$e = explode('|', $a);
if ($e[0] == '' or $e[1] == '') {
continue;
}
if ($i == 1) {
$c = 'checked';
} else {
$c = '';
}
$tpl->set_ar_out(array('KEY' => md5($e[0]), 'VAL' => $e[1], 'c' => $c), 1);
$i++;
}
$tpl->set('name', $name);
$tpl->set('mail', $mail);
$tpl->set('subject', $subject);
$tpl->set('text', $text);
$tpl->set('ANTISPAM', get_antispam('contact', 100));
$tpl->out(2);
$design->footer();
$row = db_fetch_object($erg);
$Fsub = 'Ändern';
$Fbez = $row->bez;
$Fmin = $row->min;
if ($row->spez == 1) {
$Fjch = 'checked';
$Fnch = '';
} else {
$Fnch = 'checked';
$Fjch = '';
}
$Frid = $row->id;
$Fakt = 'change';
}
$tpl = new tpl('range', 1);
$ar = array('SUB' => $Fsub, 'BEZ' => $Fbez, 'MIN' => $Fmin, 'JCH' => $Fjch, 'NCH' => $Fnch, 'RID' => $Frid, 'AKT' => $Fakt, 'ANTISPAM' => get_antispam('adminuser_action', 0, true));
$tpl->set_ar_out($ar, 3);
} else {
if (chk_antispam('adminuser_action', true)) {
$_POST['bez'] = escape($_POST['bez'], 'string');
$_POST['min'] = escape($_POST['min'], 'integer');
$_POST['spez'] = escape($_POST['spez'], 'integer');
$_POST['rid'] = escape($_POST['rid'], 'integer');
if (empty($_POST['rid'])) {
if ($_POST['spez'] == 1) {
$_POST['min'] = '0';
}
db_query('INSERT INTO `prefix_ranks` (`bez`,`min`,`spez`) VALUES ( "' . $_POST['bez'] . '","' . $_POST['min'] . '","' . $_POST['spez'] . '" ) ');
wd('admin.php?range', 'Erfolgreich eingetragen', 1);
} else {
if ($_POST['spez'] == 1) {
$_POST['vid'] = $_GET['vid'];
} else {
$_POST['frage'] = '';
$_POST['antw'] = array(1 => '');
$_POST['poll_recht'] = '';
$_POST['vid'] = '';
}
}
$anzFeld = count($_POST['antw']);
if (isset($_POST['add'])) {
$anzFeld++;
$_POST['antw'][] = '';
}
echo '<script src="./include/includes/js/jquery/jquery.validate.js" type="text/javascript"></script><script>$(document).ready(function() { $("#validate").validate({ rules: { frage: { required: true } }, messages: { frage: "Bitte eine Frage angeben!" } }); }); </script><noscript>Bitte JavaScript aktivieren</noscript>';
echo '<form action="admin.php?vote" method="POST" id="validate">';
echo get_antispam('adminuser_action', 0, true);
echo '<input type="hidden" name="vid" value="' . $_POST['vid'] . '" />';
echo '<table width="100%" cellpadding="2" cellspacing="1" border="0" class="border">';
echo '<tr><td width="100" class="Cmite">Frage</td>';
echo '<td width="500" class="Cnorm"><input type="text" size="40" value="' . $_POST['frage'] . '" name="frage"></td></tr>';
echo '<tr><td width="100" class="Cmite">Für</td>';
echo '<td width="500" class="Cnorm"><select name="poll_recht">' . getPollRecht($_POST['poll_recht']) . '</select></td></tr>';
for ($i = 1; $i <= $anzFeld; $i++) {
echo '<tr><td class="Cmite">Antwort ' . $i . '</td><td class="Cnorm">';
echo '<input type="text" value="' . $_POST['antw'][$i] . '" size="40" name="antw[' . $i . ']">';
if ($i == $anzFeld) {
echo ' <input class="sub" type="submit" name="add" value="Antwort hinzufügen">';
}
echo '</td></tr>' . "\n";
}
echo '<tr class="Cdark"><td></td><td><input class="sub" name="sub" type="submit" value="' . $lang['formsub'] . '"></td></tr>';
$nk = implode('#', $k);
db_query("UPDATE `prefix_allg` SET `t1` = '" . $nk . "' WHERE `k` = 'kontakt'");
break;
case 3:
if (chk_antispam('adminuser_action', true)) {
$row = db_fetch_object(db_query("SELECT `t1` FROM `prefix_allg` WHERE `k` = 'kontakt'"));
$nk = $row->t1 . '#' . $_POST['mail'] . '|' . $_POST['name'];
db_query("UPDATE `prefix_allg` SET `t1` = '" . $nk . "' WHERE `k` = 'kontakt'");
break;
}
case 5:
db_query('UPDATE `prefix_allg` SET ' . $feld . ' = "' . $ak . '" WHERE `k` = "kontakt"');
break;
}
$tpl = new tpl('contact', 1);
$tpl->set('ANTISPAM', get_antispam('adminuser_action', 0, true));
$tpl->out(0);
$row = db_fetch_object(db_query("SELECT `t1`,`v2`,`v1` FROM `prefix_allg` WHERE `k` = 'kontakt'"));
$k = explode('#', $row->t1);
$b = explode('#', $row->v2);
$i = 0;
foreach ($k as $a) {
$e = explode('|', $a);
if ($e[0] != '' and $e[1] != '') {
$ar = array('WO' => $i, 'MAIL' => $e[0], 'NAME' => $e[1]);
$tpl->set_ar_out($ar, 1);
}
$i++;
}
$tpl->out(2);
// -----------------------------------------------------------|
$tpl->out(0);
if ($allgAr['joinus_rules'] != 1) {
$tpl->out(1);
} else {
$rules = '<h2>' . $lang['rules'] . '</h2>';
$rerg = db_query('SELECT `zahl`,`titel`,`text` FROM `prefix_rules` ORDER BY `zahl`');
while ($rrow = db_fetch_row($rerg)) {
$rules .= '<table width="100%" border="0" cellpadding="5" cellspacing="1" class="border">';
$rules .= '<tr class="Cmite"><td><b>§' . $rrow[0] . '. ' . $rrow[1] . '</b></td></tr>';
$rules .= '<tr class="Cnorm"><td>' . bbcode($rrow[2]) . '</td></tr>';
$rules .= '</table><br />';
}
$rules .= '<input type="checkbox" name="rules" value="' . $lang['yes'] . '" />' . str_replace(array('<a target="_blank" href="index.php?rules">', '</a>'), '', $lang['rulzreaded']) . '<br />';
$tpl->set_out('RULES', $rules, 2);
}
$tpl->set('ANTISPAM', get_antispam('joinus', 100));
$tpl->out(3);
} else {
// eintragen
$name = $xname;
$userreg = $lang['no'];
if (!loggedin() and $allgAr['forum_regist'] != 0) {
$x = user_regist($name, $mail, genkey(8));
$userreg = $lang['yes'];
}
db_query("INSERT INTO `prefix_usercheck` (`check`,`name`,`datime`,`ak`,`groupid`) VALUES ('" . genkey(8) . "','" . $name . "',NOW(),4," . $squad . ")");
$squad = escape($squad, 'integer');
$abf = "SELECT `mod1`, `mod2`, `mod4`, `name` FROM `prefix_groups` WHERE `id` = " . $squad;
$erg = db_query($abf);
$row = db_fetch_assoc($erg);
$rulz = isset($_POST['rules']) ? $_POST['rules'] : $lang['no'];
if (isset($_POST['Gname'])) {
$xnn = trim(escape_nickname($_POST['Gname']));
}
if ($_SESSION['klicktime'] + 15 > $dppk_time or empty($topic) or empty($txt) or !empty($_POST['priview']) or empty($_POST['Gname']) and !loggedin() or !chk_antispam('newtopic')) {
$design = new design($title, $hmenu, 1);
$design->header($load);
$tpl = new tpl('forum/newtopic');
$name = '';
if (!loggedin()) {
$name = '<tr><td class="Cmite"0><b>' . $lang['name'] . '</b></td>';
$name .= '<td class="Cnorm"><input type="text" value="' . unescape($xnn) . '" maxlength="15" name="Gname"></td></tr>';
}
if (isset($_POST['priview'])) {
$tpl->set_out('txt', bbcode(unescape($txt)), 0);
}
$ar = array('name' => $name, 'txt' => escape_for_fields(unescape($txt)), 'topic' => escape_for_fields(unescape($topic)), 'fid' => $fid, 'SMILIES' => getsmilies(), 'antispam' => get_antispam('newtopic', 1));
$tpl->set_ar_out($ar, 1);
} else {
// save toipc
$_SESSION['klicktime'] = $dppk_time;
$design = new design($title, $hmenu, 0);
$design->header($load);
if (loggedin()) {
$uid = $_SESSION['authid'];
$erst = escape($_SESSION['authname'], 'string');
db_query("UPDATE `prefix_user` SET `posts` = `posts`+1 WHERE `id` = " . $uid);
} else {
$erst = $xnn;
$uid = 0;
}
db_query("INSERT INTO `prefix_topics` (`fid`, `name`, `erst`, `stat`) VALUES ( " . $fid . ", '" . $topic . "', '" . $erst . "', 1 )");
}
# kommentar add
# kommentar loeschen
if ($menu->getA(2) == 'd' and is_numeric($menu->getE(2)) and has_right(-7, 'news')) {
$kommentar_id = escape($menu->getE(2), 'integer');
db_query("DELETE FROM prefix_koms WHERE uid = " . $nid . " AND cat = 'NEWS' AND id = " . $kommentar_id);
}
# kommentar loeschen
$kategorie = news_find_kat($row->news_kat);
$textToShow = bbcode($row->news_text);
$textToShow = str_replace('[PREVIEWENDE]', '', $textToShow);
if (!empty($such)) {
$textToShow = markword($textToShow, $such);
}
$tpl = new tpl('news.htm');
$ar = array('TEXT' => $textToShow, 'KATE' => $kategorie, 'NID' => $nid, 'uname' => $_SESSION['authname'], 'ANTISPAM' => loggedin() ? '' : get_antispam('newskom', 0), 'NAME' => $row->news_title);
$tpl->set_ar_out($ar, 2);
if ($komsOK) {
$tpl->set_ar_out(array('NAME' => $row->news_title, 'NID' => $nid), 3);
}
$erg1 = db_query("SELECT text, name, id FROM `prefix_koms` WHERE uid = " . $nid . " AND cat = 'NEWS' ORDER BY id DESC");
$ergAnz1 = db_num_rows($erg1);
if ($ergAnz1 == 0) {
echo '<b>' . $lang['nocomments'] . '</b>';
} else {
$zahl = $ergAnz1;
while ($row1 = db_fetch_assoc($erg1)) {
$row1['text'] = bbcode(trim($row1['text']));
if (has_right(-7, 'news')) {
$row1['text'] .= '<a href="?news-' . $nid . '-d' . $row1['id'] . '"><img src="include/images/icons/del.gif" alt="löschen" border="0" title="löschen" /></a>';
}
function kalender_listoutput()
{
global $komsOK, $tpl, $eid, $data, $data_id, $gday, $month, $year, $days, $arr_day, $title_liste, $view, $allgAr;
//Listbegin
$tpl->set_ar_out(array('TITLE' => $eid ? $data_id[$eid]['title'] : $title_liste, 'TITLE_ALIGN' => $eid ? '' : ' align="center"'), "listbegin");
//Detail
if ($eid) {
$aus['display'] = 'style="display:none"';
$aus['DETAIL_DATE'] = date('d.m.Y', $data_id[$eid]['time']);
$aus['DETAIL_TIME'] = date('H:i', $data_id[$eid]['time']);
$aus['DETAIL_TEXT'] = BBcode($data_id[$eid]['text']);
$aus['ID'] = $eid;
$viewl = $allgAr['kalender_standard_list'];
if (preg_match('%\\?kalender-v([0|1])%i', $_SERVER['HTTP_REFERER'], $match)) {
$viewl = $match[1];
}
$aus['BACK_LINK'] = 'index.php?kalender-v' . $viewl . '-m' . date('m', $data_id[$eid]['time']) . '-y' . date('Y', $data_id[$eid]['time']);
if (!$komsOK) {
$tpl->set_ar_out($aus, 'detail');
} else {
if ((loggedin() or chk_antispam('kalender_komms')) and $komsOK and !empty($_POST['name']) and !empty($_POST['text'])) {
if (loggedin()) {
$name = $_SESSION['authname'];
$userid = $_SESSION['authid'];
} else {
$name = escape($_POST['name'], 'string') . ' (Gast)';
$userid = 0;
}
$text = escape($_POST['text'], 'string');
db_query("INSERT INTO `prefix_koms` (`name`,`userid`,`text`,`time`,`uid`,`cat`) VALUES ('" . $name . "', " . $userid . ", '" . $text . "','" . time() . "', " . $eid . ", 'KALENDER')");
}
if (loggedin()) {
$aus['uname'] = $_SESSION['authname'];
$aus['readonly'] = 'readonly';
} else {
$aus['uname'] = '';
$aus['readonly'] = '';
}
$aus['ANTISPAM'] = get_antispam('kalenderkom', 0);
$aus['text'] = bbcode($aus['text']);
$tpl->set_ar_out($aus, 'detail');
$tpl->set_ar_out($aus, 'commentstart');
$erg = db_query("SELECT `id`, `name`, `userid`, `text`, `time` FROM `prefix_koms` WHERE `uid` = " . $eid . " AND `cat` = 'KALENDER' ORDER BY `id` DESC");
$anz = db_num_rows($erg);
if ($anz == 0) {
echo 'Keine Kommentare vorhanden';
} else {
while ($r1 = db_fetch_assoc($erg)) {
if (has_right(-7, 'kalender')) {
$del = ' <a href="index.php?kalender-v1-e' . $eid . '-d' . $r1['id'] . '"><img src="include/images/icons/del.gif" alt="löschen" border="0" title="löschen" /></a>';
}
$r1['zahl'] = $anz;
$r1['avatar'] = get_avatar($r1['userid']);
$r1['time'] = post_date($r1['time'], 1) . $del;
$r1['text'] = bbcode($r1['text']);
$tpl->set_ar_out($r1, 'comments');
$anz--;
}
}
}
$tpl->out('commentend');
// Kommentare Ende
} elseif ($view == 0) {
for ($i = 0; $i < $days; $i++) {
$date = mktime(0, 0, 0, $month, $i + 1, $year);
$text = '';
if (isset($data[$date])) {
foreach ($data[$date] as $eventinfo) {
$text .= eventlink($tpl, $view, $eventinfo);
// bbcode anwenden
$eventinfo["text"] = BBCode($eventinfo["text"]);
$tooltips .= $tpl->set_ar_get($eventinfo, "tooltip");
}
}
$aus['LIST_I'] = $i + 1;
$aus['LIST_D'] = $arr_day[date('w', mktime(0, 0, 0, $month, $i + 1, $year))];
$aus['LIST_T'] = $text;
$class = $i % 2 ? 'Cnorm' : 'Cmite';
$aus['LIST_CLASS'] = $i + 1 == date('j') && $month == date('n') && $year == date('Y') ? 'Cdark' : $class;
$tpl->set_ar_out($aus, 'listitem');
unset($aus);
}
showTooltips($tpl, $tooltips);
} elseif ($view == 1) {
// Nur ein Tag
if (isset($data) && !empty($gday)) {
$date = mktime(0, 0, 0, $month, $gday, $year);
$i = 1;
$tooltips = '';
if (isset($data[$date])) {
foreach ($data[$date] as $eventinfo) {
$text = '';
$text .= eventlink($tpl, $view, $eventinfo);
$aus['LIST_I'] = $arr_day[date('w', $date)];
$aus['LIST_D'] = date('H:i', $eventinfo['time']);
$aus['LIST_T'] = $text;
$class = $i % 2 ? 'Cnorm' : 'Cmite';
$aus['LIST_CLASS'] = $i + 1 == date('j') && $month == date('n') && $year == date('Y') ? 'Cdark' : $class;
$tpl->set_ar_out($aus, 'listitem');
unset($aus);
$i++;
// bbcode anwenden
$eventinfo["text"] = BBCode($eventinfo["text"]);
$tooltips .= $tpl->set_ar_get($eventinfo, "tooltip");
}
}
showTooltips($tpl, $tooltips);
// Ganze Liste
} elseif (isset($data)) {
$i = 1;
foreach ($data as $date => $data1) {
$text = '';
foreach ($data1 as $eventinfo) {
$text .= eventlink($tpl, $view, $eventinfo);
}
$aus['LIST_I'] = date('d.m.Y', $date);
$aus['LIST_D'] = $arr_day[date('w', $date)];
$aus['LIST_T'] = $text;
$class = $i % 2 ? 'Cnorm' : 'Cmite';
$aus['LIST_CLASS'] = $i + 1 == date('j') && $month == date('n') && $year == date('Y') ? 'Cdark' : $class;
$tpl->set_ar_out($aus, 'listitem');
unset($aus);
$i++;
// bbcode anwenden
$eventinfo["text"] = BBCode($eventinfo["text"]);
$tooltips .= $tpl->set_ar_get($eventinfo, "tooltip");
}
showTooltips($tpl, $tooltips);
} else {
$aus['LIST_I'] = '-';
$aus['LIST_D'] = '-';
$aus['LIST_T'] = '-';
$aus['LIST_CLASS'] = 'Cnorm';
$tpl->set_ar_out($aus, 'listitem');
unset($aus);
}
}
$tpl->out('listend');
}
