*/ // Check values if ($groups_id == "") { $wb->print_error($MESSAGE['USERS_NO_GROUP'], $js_back, false); } if (!preg_match('/^[a-z]{1}[a-z0-9_-]{2,}$/i', $username)) { $wb->print_error($MESSAGE['USERS_NAME_INVALID_CHARS'] . ' / ' . $MESSAGE['USERS_USERNAME_TOO_SHORT'], $js_back); } if ($email != "") { if ($wb->validate_email($email) == false) { $wb->print_error($MESSAGE['USERS_INVALID_EMAIL'], $js_back, false); } } else { $wb->print_error($MESSAGE['SIGNUP_NO_EMAIL'], $js_back, false); } $email = $wb->add_slashes($email); $search = array('{SERVER_EMAIL}'); $replace = array(SERVER_EMAIL); // Captcha if (ENABLED_CAPTCHA) { $MESSAGE['MOD_FORM_INCORRECT_CAPTCHA'] = str_replace($search, $replace, $MESSAGE['MOD_FORM_INCORRECT_CAPTCHA']); if (isset($_POST['captcha']) and $_POST['captcha'] != '') { // Check for a mismatch if (!isset($_POST['captcha']) or !isset($_SESSION['captcha']) or $_POST['captcha'] != $_SESSION['captcha']) { $wb->print_error($MESSAGE['MOD_FORM_INCORRECT_CAPTCHA'], $js_back, false); } } else { $wb->print_error($MESSAGE['MOD_FORM_INCORRECT_CAPTCHA'], $js_back, false); } } if (isset($_SESSION['captcha'])) {
$requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']); $page_id = intval(isset(${$requestMethod}['page_id'])) ? ${$requestMethod}['page_id'] : (isset($page_id) ? intval($page_id) : 0); // Get post_id $requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']); $post_id = intval(isset(${$requestMethod}['post_id'])) ? ${$requestMethod}['post_id'] : (isset($post_id) ? intval($post_id) : 0); // Get section id if there is one $requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']); $section_id = intval(isset(${$requestMethod}['section_id'])) ? ${$requestMethod}['section_id'] : (isset($section_id) ? intval($section_id) : 0); // Check if we should show the form or add a comment if (isset($_GET['page_id']) and is_numeric($_GET['page_id']) and isset($_GET['section_id']) and is_numeric($_GET['section_id']) and isset($_GET['post_id']) and is_numeric($_GET['post_id']) and (ENABLED_ASP and isset($_POST['comment_' . date('W')]) and $_POST['comment_' . date('W')] != '' or !ENABLED_ASP and isset($_POST['comment']) and $_POST['comment'] != '')) { if (ENABLED_ASP) { $comment = $_POST['comment_' . date('W')]; } else { $comment = $_POST['comment']; } $firstname = $wb->add_slashes(strip_tags($_POST['firstname'])); $lastname = $wb->add_slashes(strip_tags($_POST['lastname'])); $comment = $wb->add_slashes(strip_tags($comment)); $title = $wb->add_slashes(strip_tags($_POST['title'])); // do not allow droplets in user input! $title = str_replace(array("[[", "]]"), array("[[", "]]"), $title); $comment = str_replace(array("[[", "]]"), array("[[", "]]"), $comment); $firstname = str_replace(array("[[", "]]"), array("[[", "]]"), $firstname); $lastname = str_replace(array("[[", "]]"), array("[[", "]]"), $lastname); $page_id = (int) $_GET['page_id']; $section_id = (int) $_GET['section_id']; $post_id = (int) $_GET['post_id']; // Check captcha $query_settings = $database->query("SELECT use_captcha FROM " . TABLE_PREFIX . "mod_news_settings WHERE section_id = '{$section_id}'"); if (!$query_settings->numRows()) { header("Location: " . WB_URL . PAGES_DIRECTORY . "");
$tablename = $mod_dir; $mpath = WB_PATH . '/modules/' . $mod_dir . '/'; // include module_settings require_once WB_PATH . '/modules/' . $mod_dir . '/defaults/module_settings.default.php'; require_once WB_PATH . '/modules/' . $mod_dir . '/module_settings.php'; require_once WB_PATH . '/modules/' . $mod_dir . '/functions_small.php'; require_once WB_PATH . '/framework/class.wb.php'; $wb = new wb(); // Check if we should show the form or add a comment if (isset($_GET['page_id']) and is_numeric($_GET['page_id']) and isset($_GET['section_id']) and is_numeric($_GET['section_id']) and isset($_GET['topic_id']) and is_numeric($_GET['topic_id']) and (ENABLED_ASP and isset($_POST['c0mment_' . date('W')]) and $_POST['c0mment_' . date('W')] != '' or !ENABLED_ASP and isset($_POST['comment']) and $_POST['comment'] != '')) { if (ENABLED_ASP) { $commentpost = $_POST['c0mment_' . date('W')]; } else { $commentpost = $_POST['comment']; } $comment = $wb->add_slashes(trim(strip_tags($commentpost))); $thename = $wb->add_slashes(trim(strip_tags($_POST['thenome']))); $thesite = $wb->add_slashes(trim(strip_tags($_POST['thesote']))); $themail = $wb->add_slashes(trim(strip_tags($_POST['themoil']))); $page_id = (int) $_GET['page_id']; $section_id = (int) $_GET['section_id']; $topic_id = (int) $_GET['topic_id']; // Check captcha $query_settings = $database->query("SELECT use_captcha,default_link, various_values, commenting FROM " . TABLE_PREFIX . "mod_" . $tablename . "_settings WHERE section_id = '{$section_id}'"); if ($query_settings->numRows() == 0) { exit(header('Location: ' . WB_URL . '/modules/' . $mod_dir . '/nopage.php?err=6')); //exit(header("Location: ".WB_URL.PAGES_DIRECTORY."")); } else { $settings = $query_settings->fetchRow(); //various values $use_commenting_settings = 0;
$requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']); $page_id = intval(isset(${$requestMethod}['page_id'])) ? ${$requestMethod}['page_id'] : (isset($page_id) ? intval($page_id) : 0); // Get post_id $requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']); $post_id = intval(isset(${$requestMethod}['post_id'])) ? ${$requestMethod}['post_id'] : (isset($post_id) ? intval($post_id) : 0); // Get section id if there is one $requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']); $section_id = intval(isset(${$requestMethod}['section_id'])) ? ${$requestMethod}['section_id'] : (isset($section_id) ? intval($section_id) : 0); // Check if we should show the form or add a comment if (isset($_GET['page_id']) and is_numeric($_GET['page_id']) and isset($_GET['section_id']) and is_numeric($_GET['section_id']) and isset($_GET['post_id']) and is_numeric($_GET['post_id']) and (ENABLED_ASP and isset($_POST['comment_' . date('W')]) and $_POST['comment_' . date('W')] != '' or !ENABLED_ASP and isset($_POST['comment']) and $_POST['comment'] != '')) { if (ENABLED_ASP) { $comment = $_POST['comment_' . date('W')]; } else { $comment = $_POST['comment']; } $comment = $wb->add_slashes(strip_tags($comment)); $title = $wb->add_slashes(strip_tags($_POST['title'])); // do not allow droplets in user input! $title = str_replace(array("[[", "]]"), array("[[", "]]"), $title); $comment = str_replace(array("[[", "]]"), array("[[", "]]"), $comment); $page_id = (int) $_GET['page_id']; $section_id = (int) $_GET['section_id']; $post_id = (int) $_GET['post_id']; // Check captcha $query_settings = $database->query("SELECT use_captcha FROM " . TABLE_PREFIX . "mod_news_settings WHERE section_id = '{$section_id}'"); if (!$query_settings->numRows()) { header("Location: " . WB_URL . PAGES_DIRECTORY . ""); exit(0); } else { $settings = $query_settings->fetchRow(); $t = time();