$uwd_buildsqlargs2 .= ' AND ';
}
$uwd_buildsqlargs2 .= "user_maingrp <> '{$v}'";
}
//do the query for groups
if ($uwd_buildsqlargs != '') {
$uwd_sqlargs = ' AND (' . $uwd_buildsqlargs . ')';
}
$uwd_sqlgroups = sed_sql_query("SELECT gru_groupid FROM {$db_groups_users} WHERE gru_userid='{$uwd_userid}' " . $uwd_sqlargs . "");
$uwd_sqlnum = sed_sql_numrows($uwd_sqlgroups);
//do the query for main group
if ($uwd_buildsqlargs2 != '') {
$uwd_sqlargs2 = ' AND (' . $uwd_buildsqlargs2 . ')';
}
$uwd_sqlgroups2 = sed_sql_query("SELECT user_maingrp FROM {$db_users} WHERE user_id='{$uwd_userid}' " . $uwd_sqlargs2 . "");
$uwd_sqlnum2 = sed_sql_numrows($uwd_sqlgroups2);
$uwd_setreprievedate = $uwd_sqlnum + $uwd_sqlnum2 > 0 ? TRUE : FALSE;
} else {
//there is no group to exclude
$uwd_setreprievedate = TRUE;
}
if ($uwd_setreprievedate == TRUE) {
//send them a mail to give them a chance to come back
sed_mail($uwd_email, $uwd_title, $uwd_message);
//save the reprieve date in the banexpire field
$sqltmp = sed_sql_query("UPDATE {$db_users} SET " . $uwd_reprieveslot . "='{$uwd_now}' WHERE user_id='{$uwd_userid}'");
$uwd_counter++;
}
}
if ($uwd_counter > 0) {
sed_log("User watchdog plugin sent " . $uwd_counter . " inactivity warning(s)", 'adm');
$error_string .= $row['nletter_active'] == 1 ? $L['plu_email_exists'] . "<br />" : '';
if (empty($error_string)) {
if (isset($row['nletter_active'])) {
$nletter_activation = $cfg['mainurl'] . "/plug.php?e=newsletter&email=" . $nletter_email . "&activate=" . $row['nletter_activation'];
} else {
$sql = sed_sql_query("INSERT INTO sed_newsletter (nletter_email, nletter_date, nletter_activation) values ('{$nletter_email}', '" . $sys['now'] . "', '{$nletter_activation}')");
$nletter_activation = $cfg['mainurl'] . "/plug.php?e=newsletter&email=" . $nletter_email . "&activate=" . $nletter_activation;
}
$nlsubject = $L['plu_amail_subject'];
$nlbody = sprintf($L['plu_amail_body'], $nletter_activation);
sed_mail($nletter_email, $nlsubject, $nlbody);
$plugin_body = "<p style=\"text-align:center;\">" . $L['plu_joined'] . "</p>";
}
} elseif ($a == $L['plu_cancel']) {
$sql = sed_sql_query("SELECT nletter_activation FROM sed_newsletter WHERE nletter_email='{$nletter_email}' LIMIT 1");
$error_string .= sed_sql_numrows($sql) != 1 ? $L['plu_email_cancelfailed'] . "<br />" : '';
if (empty($error_string)) {
$row = sed_sql_fetcharray($sql);
$nletter_cancel = $cfg['mainurl'] . "/plug.php?e=newsletter&email=" . $nletter_email . "&cancel=" . $row['nletter_activation'];
$nlsubject = $L['plu_cmail_subject'];
$nlbody = sprintf($L['plu_cmail_body'], $nletter_cancel);
sed_mail($nletter_email, $nlsubject, $nlbody);
$plugin_body = "<p style=\"text-align:center;\">" . $L['plu_canceled'] . "</p>";
}
}
if (empty($plugin_body)) {
$plugin_body .= $L['plu_intro'];
$plugin_body .= $error_string ? "<p><span style=\"color:red;\">" . $error_string . "</span></p>" : "";
$plugin_body .= "<form name='newsletter' action='plug.php?e=newsletter' method='post'>";
$plugin_body .= "<p>" . $L['plu_email'] . ":<input type=\"text\" name=\"nletter_email\" value=\"\" size=\"36\" maxlength=\"64\">";
$plugin_body .= "<input type='submit' name='a' value='" . $L['plu_join'] . "'>";
if ($remail != "") {
$error_string .= strlen($remail) < 4 || !eregi("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]{2,})+\$", $remail) ? $L['plu_emailnotvalid'] . "<br />" : "";
}
if ($rwebsite != "") {
$error_string .= !eregi("[[:alpha:]]+://", $rwebsite) ? $L['plu_websitenotvalid'] . "<br />" : "";
}
$error_string .= strlen($rtext) < $cfg['plugin']['guestbook']['minchars'] ? $L['plu_entrytooshort'] . "<br>" : "";
$error_string .= strlen($rtext) > $cfg['plugin']['guestbook']['maxchars'] ? $L['plu_entrytoolong'] . "<br>" : "";
if ($cfg['plugin']['guestbook']['multiposting'] == 'No') {
$num = sed_sql_numrows(sed_sql_query("SELECT gb_author FROM {$db_guestbook} WHERE (gb_author='{$ruser}')"));
if ($num > 0) {
$error_string .= $L['plu_nameinuse'] . "<br>";
}
}
if ($usr['id'] == 0) {
$num = sed_sql_numrows(sed_sql_query("SELECT user_name FROM {$db_users} WHERE user_name='{$ruser}'"));
if ($num > 0) {
$error_string .= $L['plu_nameregistered'] . "<br>";
}
}
if ($write == FALSE) {
$error_string .= $L['plu_regonly'] . "<br>";
}
if ($error_string == "") {
$ruser = sed_sql_prep($ruser);
$rtext = sed_sql_prep($rtext);
$rdate = $sys['now_offset'];
$rwebsite = $rwebsite != "http://" ? sed_sql_prep($rwebsite) : '';
$sql = sed_sql_query("INSERT INTO {$db_guestbook} (gb_author, gb_authorid, gb_text, gb_date, gb_email, gb_website) VALUES ('{$ruser}', '" . $usr['id'] . "', '{$rtext}', '" . $rdate . "', '{$remail}', '{$rwebsite}')");
header("Location: plug.php?e=guestbook");
exit;
sed_check_xg();
$sql = sed_sql_query("SELECT page_ownerid, page_cat FROM {$db_pages} WHERE page_id='{$id}' LIMIT 1");
if ($row = sed_sql_fetcharray($sql)) {
$usr['isadmin'] = sed_auth('page', $row['page_cat'], 'A');
$usr['isadmin'] = $row['page_ownerid'] == $usr['id'] ? TRUE : $usr['isadmin'];
sed_block($usr['isadmin']);
$sql = sed_sql_query("UPDATE {$db_pages} SET page_state=1 WHERE page_id='{$id}'");
sed_cache_clear('latestpages');
header("Location: list.php?c=" . $row['page_cat']);
exit;
} else {
sed_die();
}
}
$sql = sed_sql_query("SELECT * FROM {$db_pages} WHERE page_id='{$id}' LIMIT 1");
sed_die(sed_sql_numrows($sql) == 0);
$pag = sed_sql_fetcharray($sql);
$pag['page_date'] = sed_selectbox_date($pag['page_date'] + $usr['timezone'] * 3600, 'long');
$pag['page_begin'] = sed_selectbox_date($pag['page_begin'] + $usr['timezone'] * 3600, 'long', '_beg');
$pag['page_expire'] = sed_selectbox_date($pag['page_expire'] + $usr['timezone'] * 3600, 'long', '_exp');
list($usr['auth_read'], $usr['auth_write'], $usr['isadmin']) = sed_auth('page', $pag['page_cat']);
$usr['isadmin'] = $pag['page_ownerid'] == $usr['id'] ? TRUE : $usr['isadmin'];
sed_block($usr['isadmin']);
$page_form_delete = "<input type=\"radio\" class=\"radio\" name=\"rpagedelete\" value=\"1\" />" . $L['Yes'] . " <input type=\"radio\" class=\"radio\" name=\"rpagedelete\" value=\"0\" checked=\"checked\" />" . $L['No'];
$page_form_categories = sed_selectbox_categories($pag['page_cat'], 'rpagecat');
$page_form_type = "<select name=\"rpagetype\" size=\"1\">";
$selected0 = $pag['page_type'] == 0 ? "selected=\"selected\"" : '';
$selected1 = $pag['page_type'] == 1 ? "selected=\"selected\"" : '';
$selected2 = $pag['page_type'] == 2 && $usr['maingrp'] == 5 ? "selected=\"selected\"" : '';
$page_form_type .= "<option value=\"0\" {$selected0}>" . $L['Default'] . "</option>";
$page_form_type .= "<option value=\"1\" {$selected1}>HTML</option>";
require "plugins/newsletter/lang/newsletter." . $usr['lang'] . ".lang.php";
if ($a == "send" && $write == TRUE) {
$sql = sed_sql_query("SELECT * FROM sed_newsletter WHERE nletter_active='1'");
while ($row = sed_sql_fetcharray($sql)) {
$nletter_email = $row['nletter_email'];
$nletter_activation = $row['nletter_activation'];
$nletter_cancellink = $cfg['mainurl'] . "/plug.php?e=newsletter&email=" . $nletter_email . "&cancel=" . $row['nletter_activation'];
$nlmessage2 = $nlmessage . "" . sprintf($L['plu_newsletter_body'], $nletter_cancellink);
sed_mail($nletter_email, $nltitle, $nlmessage2);
unset($nlmessage2);
}
$plugin_body .= "<p style=\"text-align:center;color:green;\">" . $L['plu_form_sent'] . "</p>";
} elseif ($write == TRUE) {
if ($a == "addorremove") {
$sql = sed_sql_query("SELECT nletter_activation, nletter_active FROM sed_newsletter WHERE nletter_email='" . $nletter_email . "'");
$exist = sed_sql_numrows($sql);
if ($exist > 0) {
$row = sed_sql_fetcharray($sql);
}
if ($b == $L['plu_add']) {
$nletter_activation = md5(microtime());
$ar_error_string .= $row['nletter_active'] == 1 ? $L['plu_email_exists'] . "<br />" : '';
$ar_error_string .= strlen($nletter_email) < 4 || !eregi("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]{2,})+\$", $nletter_email) ? $L['plu_email_invalid'] . "<br />" : '';
if (empty($ar_error_string)) {
$sql = sed_sql_query("INSERT INTO sed_newsletter (nletter_email, nletter_date, nletter_activation, nletter_active) values ('{$nletter_email}', '" . $sys['now_offset'] . "', '{$nletter_activation}', '1')");
$plugin_body .= "<p style=\"text-align:center;\">" . $L['plu_email_added'] . "</p>";
}
} elseif ($b == $L['plu_remove']) {
$ar_error_string .= $exist == 0 ? $L['plu_email_notexists'] . "<br />" : '';
if (empty($ar_error_string)) {
$sql = sed_sql_query("DELETE FROM sed_newsletter WHERE nletter_email='{$nletter_email}'");