function shoutbox_mini($position, $block)
{
global $Cache, $LANG, $User, $CONFIG_SHOUTBOX, $nbr_members, $last_member_id, $last_member_login, $Sql;
if (strpos(SCRIPT, '/shoutbox/shoutbox.php') === false) {
load_module_lang('shoutbox');
$Cache->load('shoutbox');
###########################Insertion##############################
$shoutbox = retrieve(POST, 'shoutbox', false);
if ($shoutbox) {
if ($User->get_attribute('user_readonly') > time()) {
$Errorh->handler('e_readonly', E_USER_REDIRECT);
}
$shout_pseudo = substr(retrieve(POST, 'shout_pseudo', $LANG['guest']), 0, 25);
$shout_contents = retrieve(POST, 'shout_contents', '', TSTRING_UNCHANGE);
if (!empty($shout_pseudo) && !empty($shout_contents)) {
if ($User->check_level($CONFIG_SHOUTBOX['shoutbox_auth'])) {
$check_time = $User->get_attribute('user_id') !== -1 && $CONFIG['anti_flood'] == 1 ? $Sql->query("SELECT MAX(timestamp) as timestamp FROM " . PREFIX . "shoutbox WHERE user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__) : '';
if (!empty($check_time) && !$User->check_max_value(AUTH_FLOOD)) {
if ($check_time >= time() - $CONFIG['delay_flood']) {
redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=flood', '', '&'));
}
}
$shout_contents = strparse($shout_contents, $CONFIG_SHOUTBOX['shoutbox_forbidden_tags']);
if (!check_nbr_links($shout_pseudo, 0)) {
redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=lp_flood', '', '&'));
}
if (!check_nbr_links($shout_contents, $CONFIG_SHOUTBOX['shoutbox_max_link'])) {
redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=l_flood', '', '&'));
}
$Sql->query_inject("INSERT INTO " . PREFIX . "shoutbox (login, user_id, level, contents, timestamp) VALUES ('" . $shout_pseudo . "', '" . $User->get_attribute('user_id') . "', '" . $User->get_attribute('level') . "', '" . $shout_contents . "', '" . time() . "')", __LINE__, __FILE__);
redirect(HOST . url(SCRIPT . '?' . QUERY_STRING, '', '&'));
} else {
redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=auth', '', '&'));
}
}
}
###########################Affichage##############################
$tpl = new Template('shoutbox/shoutbox_mini.tpl');
import('core/menu_service');
MenuService::assign_positions_conditions($tpl, $block);
if ($User->get_attribute('user_id') !== -1) {
$tpl->assign_vars(array('SHOUTBOX_PSEUDO' => $User->get_attribute('login'), 'C_HIDDEN_SHOUT' => true));
} else {
$tpl->assign_vars(array('SHOUTBOX_PSEUDO' => $LANG['guest'], 'C_VISIBLE_SHOUT' => true));
}
$refresh_delay = empty($CONFIG_SHOUTBOX['shoutbox_refresh_delay']) ? 60 : $CONFIG_SHOUTBOX['shoutbox_refresh_delay'];
$tpl->assign_vars(array('SID' => SID, 'SHOUT_REFRESH_DELAY' => (int) max($refresh_delay, 0), 'L_ALERT_TEXT' => $LANG['require_text'], 'L_ALERT_UNAUTH_POST' => $LANG['e_unauthorized'], 'L_ALERT_FLOOD' => $LANG['e_flood'], 'L_ALERT_LINK_FLOOD' => sprintf($LANG['e_l_flood'], $CONFIG_SHOUTBOX['shoutbox_max_link']), 'L_ALERT_LINK_PSEUDO' => $LANG['e_link_pseudo'], 'L_ALERT_INCOMPLETE' => $LANG['e_incomplete'], 'L_ALERT_READONLY' => $LANG['e_readonly'], 'L_DELETE_MSG' => $LANG['alert_delete_msg'], 'L_SHOUTBOX' => $LANG['title_shoutbox'], 'L_MESSAGE' => $LANG['message'], 'L_PSEUDO' => $LANG['pseudo'], 'L_SUBMIT' => $LANG['submit'], 'L_REFRESH' => $LANG['refresh'], 'L_ARCHIVES' => $LANG['archives']));
$array_class = array('member', 'modo', 'admin');
$result = $Sql->query_while("SELECT id, login, user_id, level, contents\n \tFROM " . PREFIX . "shoutbox\n \tORDER BY timestamp DESC\n \t" . $Sql->limit(0, 25), __LINE__, __FILE__);
while ($row = $Sql->fetch_assoc($result)) {
$row['user_id'] = (int) $row['user_id'];
if ($User->check_level(MODO_LEVEL) || $row['user_id'] === $User->get_attribute('user_id') && $User->get_attribute('user_id') !== -1) {
$del_message = '<script type="text/javascript"><!--
document.write(\'<a href="javascript:Confirm_del_shout(' . $row['id'] . ');" title="' . $LANG['delete'] . '"><img src="' . TPL_PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/delete_mini.png" alt="" /></a>\');
--></script><ins><noscript><p><a href="' . TPL_PATH_TO_ROOT . '/shoutbox/shoutbox' . url('.php?del=true&id=' . $row['id']) . '"><img src="' . TPL_PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/delete_mini.png" alt="" /></a></p></noscript></ins>';
} else {
$del_message = '';
}
if ($row['user_id'] !== -1) {
$row['login'] = $del_message . ' <a style="font-size:10px;" class="' . $array_class[$row['level']] . '" href="' . TPL_PATH_TO_ROOT . '/member/member' . url('.php?id=' . $row['user_id'], '-' . $row['user_id'] . '.php') . '">' . (!empty($row['login']) ? wordwrap_html($row['login'], 16) : $LANG['guest']) . '</a>';
} else {
$row['login'] = $del_message . ' <span class="text_small" style="font-style: italic;">' . (!empty($row['login']) ? wordwrap_html($row['login'], 16) : $LANG['guest']) . '</span>';
}
$tpl->assign_block_vars('shout', array('IDMSG' => $row['id'], 'PSEUDO' => $row['login'], 'CONTENTS' => ucfirst(second_parse($row['contents']))));
}
$Sql->query_close($result);
return $tpl->parse(TEMPLATE_STRING_MODE);
}
return '';
}
} elseif ($edit) {
$Template->set_filenames(array('guestbook' => 'guestbook/guestbook.tpl'));
if ($row['user_id'] !== -1) {
$Template->assign_vars(array('C_HIDDEN_GUESTBOOK' => true, 'PSEUDO' => $row['login']));
} else {
$Template->assign_vars(array('C_VISIBLE_GUESTBOOK' => true, 'PSEUDO' => $row['login']));
}
$Template->assign_vars(array('UPDATE' => url('?update=1&id=' . $id_get . '&token=' . $Session->get_token()), 'CONTENTS' => unparse($row['contents']), 'KERNEL_EDITOR' => display_editor('guestbook_contents', $CONFIG_GUESTBOOK['guestbook_forbidden_tags']), 'DATE' => gmdate_format('date_format_short', $row['timestamp']), 'THEME' => get_utheme(), 'DISPLAY_FORBIDDEN_TAGS' => !empty($forbidden_tags) ? '[' . str_replace(', ', '], [', $forbidden_tags) . ']' : '', 'L_FORBIDDEN_TAGS' => !empty($forbidden_tags) ? $LANG['forbidden_tags'] : '', 'L_ALERT_TEXT' => $LANG['require_text'], 'L_UPDATE_MSG' => $LANG['update_msg'], 'L_REQUIRE' => $LANG['require'], 'L_MESSAGE' => $LANG['message'], 'L_PSEUDO' => $LANG['pseudo'], 'L_SUBMIT' => $LANG['update'], 'L_PREVIEW' => $LANG['preview'], 'L_RESET' => $LANG['reset']));
$Template->pparse('guestbook');
} elseif ($update) {
$Session->csrf_get_protect();
$guestbook_contents = retrieve(POST, 'guestbook_contents', '', TSTRING_UNCHANGE);
$guestbook_pseudo = retrieve(POST, 'guestbook_pseudo', $LANG['guest']);
if (!empty($guestbook_contents) && !empty($guestbook_pseudo)) {
$guestbook_contents = strparse($guestbook_contents, $CONFIG_GUESTBOOK['guestbook_forbidden_tags']);
if (!check_nbr_links($guestbook_contents, $CONFIG_GUESTBOOK['guestbook_max_link'])) {
redirect(HOST . SCRIPT . url('?error=l_flood', '', '&') . '#errorh');
}
$Sql->query_inject("UPDATE " . PREFIX . "guestbook SET contents = '" . $guestbook_contents . "', login = '******' WHERE id = '" . $id_get . "'", __LINE__, __FILE__);
$Cache->Generate_module_file('guestbook');
redirect(HOST . SCRIPT . SID2 . '#m' . $id_get);
} else {
$Errorh->handler('e_incomplete', E_USER_REDIRECT);
}
} else {
redirect(HOST . SCRIPT . SID2);
}
} else {
redirect(HOST . SCRIPT . SID2);
}
} else {
function display($integrated_in_environment = INTEGRATED_IN_ENVIRONMENT, $Template = false, $page_path_to_root = '')
{
global $Cache, $User, $Errorh, $Sql, $LANG, $CONFIG, $CONFIG_USER, $CONFIG_COM, $_array_rank, $_array_groups_auth, $Session;
if ($integrated_in_environment) {
$idcom_get = retrieve(GET, 'com', 0);
$idcom_post = retrieve(POST, 'idcom', 0);
$idcom = $idcom_post > 0 ? $idcom_post : $idcom_get;
$this->set_arg($idcom);
}
$vars_simple = sprintf($this->vars, 0);
$delcom = retrieve(GET, 'delcom', 0);
$editcom = retrieve(GET, 'editcom', 0);
$updatecom = retrieve(GET, 'updatecom', false);
$path_redirect = $this->path . sprintf(str_replace('&', '&', $this->vars), 0) . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '');
if (!is_object($Template) || strtolower(get_class($Template)) != 'template') {
$Template = new Template('framework/content/com.tpl');
}
if ($this->is_loaded()) {
$Cache->load('com');
import('util/captcha');
$captcha = new Captcha();
$captcha->set_difficulty($CONFIG_COM['com_verif_code_difficulty']);
###########################Insertion##############################
if (retrieve(POST, 'valid_com', false) && !$updatecom) {
if ($User->get_attribute('user_readonly') > time()) {
$Errorh->handler('e_auth', E_USER_REDIRECT);
}
$login = retrieve(POST, 'login', '');
$contents = retrieve(POST, 'contents', '', TSTRING_UNCHANGE);
if (!empty($login) && !empty($contents)) {
if ($this->lock_com >= 1 && !$User->check_level(MODO_LEVEL)) {
redirect($path_redirect);
}
if ($User->check_level($CONFIG_COM['com_auth'])) {
$check_time = $User->get_attribute('user_id') !== -1 && $CONFIG['anti_flood'] == 1 ? $Sql->query("SELECT MAX(timestamp) as timestamp FROM " . DB_TABLE_COM . " WHERE user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__) : '';
if (!empty($check_time) && !$User->check_max_value(AUTH_FLOOD)) {
if ($check_time >= time() - $CONFIG['delay_flood']) {
redirect($path_redirect . '&errorh=flood#errorh');
}
}
if ($CONFIG_COM['com_verif_code'] && !$captcha->is_valid()) {
redirect($path_redirect . '&errorh=verif#errorh');
}
$contents = strparse($contents, $CONFIG_COM['forbidden_tags']);
if (!check_nbr_links($login, 0)) {
redirect($path_redirect . '&errorh=l_pseudo#errorh');
}
if (!check_nbr_links($contents, $CONFIG_COM['max_link'])) {
redirect($path_redirect . '&errorh=l_flood#errorh');
}
$last_idcom = $this->add($contents, $login);
redirect($path_redirect . '#m' . $last_idcom);
} else {
redirect($path_redirect . '&errorh=auth#errorh');
}
} else {
redirect($path_redirect . '&errorh=incomplete#errorh');
}
} elseif ($updatecom || $delcom > 0 || $editcom > 0) {
if ($User->get_attribute('user_readonly') > time()) {
$Errorh->handler('e_auth', E_USER_REDIRECT);
}
$row = $Sql->query_array(DB_TABLE_COM, '*', "WHERE idcom = '" . $this->idcom . "' AND idprov = '" . $this->idprov . "' AND script = '" . $this->script . "'", __LINE__, __FILE__);
$row['user_id'] = (int) $row['user_id'];
if ($this->idcom != 0 && ($User->check_level(MODO_LEVEL) || $row['user_id'] === $User->get_attribute('user_id') && $User->get_attribute('user_id') !== -1)) {
if ($delcom > 0) {
$Session->csrf_get_protect();
$lastid_com = $this->del();
$lastid_com = !empty($lastid_com) ? '#m' . $lastid_com : '';
redirect($path_redirect . $lastid_com);
} elseif ($editcom > 0) {
$Template->assign_vars(array('CURRENT_PAGE_COM' => $integrated_in_environment, 'POPUP_PAGE_COM' => !$integrated_in_environment, 'AUTH_POST_COM' => true));
if ($row['user_id'] !== -1) {
$Template->assign_vars(array('C_HIDDEN_COM' => true, 'LOGIN' => $User->get_attribute('login')));
} else {
$Template->assign_vars(array('C_VISIBLE_COM' => true, 'LOGIN' => $row['login']));
}
$Template->assign_vars(array('IDPROV' => $row['idprov'], 'IDCOM' => $row['idcom'], 'SCRIPT' => $this->script, 'CONTENTS' => unparse($row['contents']), 'DATE' => gmdate_format('date_format', $row['timestamp']), 'THEME' => get_utheme(), 'KERNEL_EDITOR' => display_editor($this->script . 'contents', $CONFIG_COM['forbidden_tags']), 'L_LANGUAGE' => substr(get_ulang(), 0, 2), 'L_EDIT_COMMENT' => $LANG['edit_comment'], 'L_REQUIRE_LOGIN' => $LANG['require_pseudo'], 'L_REQUIRE_TEXT' => $LANG['require_text'], 'L_DELETE_MESSAGE' => $LANG['alert_delete_msg'], 'L_LOGIN' => $LANG['pseudo'], 'L_MESSAGE' => $LANG['message'], 'L_RESET' => $LANG['reset'], 'L_PREVIEW' => $LANG['preview'], 'L_PREVIEW' => $LANG['preview'], 'L_SUBMIT' => $LANG['update'], 'U_ACTION' => $this->path . sprintf($this->vars, $this->idcom) . '&token=' . $Session->get_token() . '&updatecom=1' . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '')));
} elseif ($updatecom) {
$contents = retrieve(POST, 'contents', '', TSTRING_UNCHANGE);
$login = retrieve(POST, 'login', '');
if (!empty($contents) && !empty($login)) {
$contents = strparse($contents, $CONFIG_COM['forbidden_tags']);
if (!check_nbr_links($contents, $CONFIG_COM['max_link'])) {
redirect($path_redirect . '&errorh=l_flood#errorh');
}
$this->update($contents, $login);
redirect($path_redirect . '#m' . $this->idcom);
} else {
redirect($path_redirect . '&errorh=incomplete#errorh');
}
} else {
redirect($path_redirect . '&errorh=incomplete#errorh');
}
} else {
$Errorh->handler('e_auth', E_USER_REDIRECT);
}
} elseif (isset($_GET['lock']) && $User->check_level(MODO_LEVEL)) {
$Session->csrf_get_protect();
if ($User->check_level(MODO_LEVEL)) {
$lock = retrieve(GET, 'lock', 0);
$this->lock($lock);
}
redirect($path_redirect . '#anchor_' . $this->script);
} else {
###########################Affichage##############################
$get_quote = retrieve(GET, 'quote', 0);
$contents = '';
if ($get_quote > 0) {
$info_com = $Sql->query_array(DB_TABLE_COM, 'login', 'contents', "WHERE script = '" . $this->script . "' AND idprov = '" . $this->idprov . "' AND idcom = '" . $get_quote . "'", __LINE__, __FILE__);
$contents = '[quote=' . $info_com['login'] . ']' . $info_com['contents'] . '[/quote]';
}
import('util/pagination');
$pagination = new Pagination();
$Template->assign_vars(array('ERROR_HANDLER' => '', 'CURRENT_PAGE_COM' => $integrated_in_environment, 'POPUP_PAGE_COM' => !$integrated_in_environment));
if ($User->check_level(MODO_LEVEL)) {
$Template->assign_vars(array('COM_LOCK' => true, 'IMG' => $this->lock_com >= 1 ? 'unlock' : 'lock', 'L_LOCK' => $this->lock_com >= 1 ? $LANG['unlock'] : $LANG['lock'], 'U_LOCK' => $this->path . ($this->lock_com >= 1 ? $vars_simple . '&lock=0&token=' . $Session->get_token() : $vars_simple . '&lock=1&token=' . $Session->get_token()) . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '')));
}
$get_error = !empty($_GET['errorh']) ? trim($_GET['errorh']) : '';
$errno = E_USER_NOTICE;
switch ($get_error) {
case 'auth':
$errstr = $LANG['e_unauthorized'];
$errno = E_USER_WARNING;
break;
case 'verif':
$errstr = $LANG['e_incorrect_verif_code'];
$errno = E_USER_WARNING;
break;
case 'l_flood':
$errstr = sprintf($LANG['e_l_flood'], $CONFIG_COM['max_link']);
break;
case 'l_pseudo':
$errstr = $LANG['e_link_pseudo'];
break;
case 'flood':
$errstr = $LANG['e_flood'];
break;
case 'incomplete':
$errstr = $LANG['e_incomplete'];
break;
default:
$errstr = '';
}
$Errorh->set_template($Template);
if (!empty($errstr)) {
$Template->assign_vars(array('ERROR_HANDLER' => $Errorh->display($errstr, E_USER_NOTICE)));
}
if (!$this->lock_com || $User->check_level(MODO_LEVEL)) {
if ($captcha->is_available() && $CONFIG_COM['com_verif_code']) {
$Template->assign_vars(array('C_VERIF_CODE' => true, 'VERIF_CODE' => $captcha->display_form(), 'L_REQUIRE_VERIF_CODE' => $captcha->js_require()));
}
if ($User->check_level($CONFIG_COM['com_auth'])) {
$Template->assign_vars(array('AUTH_POST_COM' => true));
} else {
$Template->assign_vars(array('ERROR_HANDLER' => $Errorh->display($LANG['e_unauthorized'], E_USER_NOTICE)));
}
if ($User->get_attribute('user_id') !== -1) {
$Template->assign_vars(array('C_HIDDEN_COM' => true, 'LOGIN' => $User->get_attribute('login')));
} else {
$Template->assign_vars(array('C_VISIBLE_COM' => true, 'LOGIN' => $LANG['guest']));
}
} else {
$Template->assign_vars(array('ERROR_HANDLER' => $Errorh->display($LANG['com_locked'], E_USER_NOTICE)));
}
$get_pos = strpos($_SERVER['QUERY_STRING'], '&pc');
if ($get_pos) {
$get_page = substr($_SERVER['QUERY_STRING'], 0, $get_pos) . '&pc';
} else {
$get_page = $_SERVER['QUERY_STRING'] . '&pc';
}
$is_modo = $User->check_level(MODO_LEVEL);
$Template->assign_vars(array('C_COM_DISPLAY' => $this->get_attribute('nbr_com') > 0 ? true : false, 'C_IS_MODERATOR' => $is_modo, 'PAGINATION_COM' => $pagination->display($this->path . $vars_simple . '&pc=%d#anchor_' . $this->script, $this->nbr_com, 'pc', $CONFIG_COM['com_max'], 3), 'LANG' => get_ulang(), 'IDCOM' => '', 'IDPROV' => $this->idprov, 'SCRIPT' => $this->script, 'PATH' => SCRIPT, 'UPDATE' => $integrated_in_environment == true ? SID : '', 'VAR' => $vars_simple, 'KERNEL_EDITOR' => display_editor($this->script . 'contents', $CONFIG_COM['forbidden_tags']), 'C_BBCODE_TINYMCE_MODE' => $User->get_attribute('user_editor') == 'tinymce', 'L_XML_LANGUAGE' => $LANG['xml_lang'], 'L_TITLE' => $CONFIG['com_popup'] == 0 || $integrated_in_environment === true ? $LANG['title_com'] : '', 'THEME' => get_utheme(), 'CONTENTS' => unparse($contents), 'L_REQUIRE_LOGIN' => $LANG['require_pseudo'], 'L_REQUIRE_TEXT' => $LANG['require_text'], 'L_VERIF_CODE' => $LANG['verif_code'], 'L_DELETE_MESSAGE' => $LANG['alert_delete_msg'], 'L_ADD_COMMENT' => $LANG['add_comment'], 'L_PUNISHMENT_MANAGEMENT' => $LANG['punishment_management'], 'L_WARNING_MANAGEMENT' => $LANG['warning_management'], 'L_LOGIN' => $LANG['pseudo'], 'L_MESSAGE' => $LANG['message'], 'L_QUOTE' => $LANG['quote'], 'L_RESET' => $LANG['reset'], 'L_PREVIEW' => $LANG['preview'], 'L_SUBMIT' => $LANG['submit'], 'U_ACTION' => $this->path . sprintf($this->vars, $this->idcom) . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '') . '&token=' . $Session->get_token()));
$array_ranks = array(-1 => $LANG['guest'], 0 => $LANG['member'], 1 => $LANG['modo'], 2 => $LANG['admin']);
$Cache->load('ranks');
$j = 0;
$result = $Sql->query_while("SELECT c.idprov, c.idcom, c.login, c.timestamp, m.user_id, m.login as mlogin, m.level, m.user_mail, m.user_show_mail, m.timestamp AS registered, m.user_avatar, m.user_msg, m.user_local, m.user_web, m.user_sex, m.user_msn, m.user_yahoo, m.user_sign, m.user_warning, m.user_ban, m.user_groups, s.user_id AS connect, c.contents\n\t\t\t\tFROM " . DB_TABLE_COM . " c\n\t\t\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = c.user_id\n\t\t\t\tLEFT JOIN " . DB_TABLE_SESSIONS . " s ON s.user_id = c.user_id AND s.session_time > '" . (time() - $CONFIG['site_session_invit']) . "'\n\t\t\t\tWHERE c.script = '" . $this->script . "' AND c.idprov = '" . $this->idprov . "'\n\t\t\t\tGROUP BY c.idcom\n\t\t\t\tORDER BY c.timestamp DESC\n\t\t\t\t" . $Sql->limit($pagination->get_first_msg($CONFIG_COM['com_max'], 'pc'), $CONFIG_COM['com_max']), __LINE__, __FILE__);
while ($row = $Sql->fetch_assoc($result)) {
list($edit, $del) = array(false, false);
$is_guest = empty($row['user_id']);
if ($is_modo || $row['user_id'] == $User->get_attribute('user_id') && $User->get_attribute('user_id') !== -1) {
list($edit, $del) = array(true, true);
}
if (!$is_guest) {
$com_pseudo = '<a class="msg_link_pseudo" href="' . PATH_TO_ROOT . '/member/member' . url('.php?id=' . $row['user_id'], '-' . $row['user_id'] . '.php') . '" title="' . $row['mlogin'] . '"><span style="font-weight: bold;">' . wordwrap_html($row['mlogin'], 13) . '</span></a>';
} else {
$com_pseudo = '<span style="font-style:italic;">' . (!empty($row['login']) ? wordwrap_html($row['login'], 13) : $LANG['guest']) . '</span>';
}
$user_rank = $row['level'] === '0' ? $LANG['member'] : $LANG['guest'];
$user_group = $user_rank;
$user_rank_icon = '';
if ($row['level'] === '2') {
$user_rank = $_array_rank[-2][0];
$user_group = $user_rank;
$user_rank_icon = $_array_rank[-2][1];
} elseif ($row['level'] === '1') {
$user_rank = $_array_rank[-1][0];
$user_group = $user_rank;
$user_rank_icon = $_array_rank[-1][1];
} else {
foreach ($_array_rank as $msg => $ranks_info) {
if ($msg >= 0 && $msg <= $row['user_msg']) {
$user_rank = $ranks_info[0];
$user_rank_icon = $ranks_info[1];
break;
}
}
}
$user_assoc_img = !empty($user_rank_icon) ? '<img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/ranks/' . $user_rank_icon . '" alt="" />' : '';
if (!empty($row['user_groups']) && $_array_groups_auth) {
$user_groups = '';
$array_user_groups = explode('|', $row['user_groups']);
foreach ($_array_groups_auth as $idgroup => $array_group_info) {
if (is_numeric(array_search($idgroup, $array_user_groups))) {
$user_groups .= !empty($array_group_info['img']) ? '<img src="' . PATH_TO_ROOT . '/images/group/' . $array_group_info['img'] . '" alt="' . $array_group_info['name'] . '" title="' . $array_group_info['name'] . '"/><br />' : $LANG['group'] . ': ' . $array_group_info['name'];
}
}
} else {
$user_groups = $LANG['group'] . ': ' . $user_group;
}
$user_online = !empty($row['connect']) ? 'online' : 'offline';
if (empty($row['user_avatar'])) {
$user_avatar = $CONFIG_USER['activ_avatar'] == '1' && !empty($CONFIG_USER['avatar_url']) ? '<img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . $CONFIG_USER['avatar_url'] . '" alt="" />' : '';
} else {
$user_avatar = '<img src="' . $row['user_avatar'] . '" alt="" />';
}
$user_sex = '';
if ($row['user_sex'] == 1) {
$user_sex = $LANG['sex'] . ': <img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/man.png" alt="" /><br />';
} elseif ($row['user_sex'] == 2) {
$user_sex = $LANG['sex'] . ': <img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/woman.png" alt="" /><br />';
}
$user_msg = $row['user_msg'] > 1 ? $LANG['message_s'] . ': ' . $row['user_msg'] : $LANG['message'] . ': ' . $row['user_msg'];
if (!empty($row['user_local'])) {
$user_local = $LANG['place'] . ': ' . $row['user_local'];
$user_local = $user_local > 15 ? substr_html($user_local, 0, 15) . '...<br />' : $user_local . '<br />';
} else {
$user_local = '';
}
$contents = ucfirst(second_parse($row['contents']));
if (!$integrated_in_environment && !empty($page_path_to_root)) {
$contents = str_replace('"' . $page_path_to_root . '/', '"' . PATH_TO_ROOT . '/', $contents);
}
$Template->assign_block_vars('com_list', array('ID' => $row['idcom'], 'CONTENTS' => $contents, 'DATE' => $LANG['on'] . ': ' . gmdate_format('date_format', $row['timestamp']), 'CLASS_COLOR' => $j % 2 == 0 ? '' : 2, 'USER_ONLINE' => '<img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . $user_online . '.png" alt="" class="valign_middle" />', 'USER_PSEUDO' => $com_pseudo, 'USER_RANK' => $row['user_warning'] < '100' || time() - $row['user_ban'] < 0 ? $user_rank : $LANG['banned'], 'USER_IMG_ASSOC' => $user_assoc_img, 'USER_AVATAR' => $user_avatar, 'USER_GROUP' => $user_groups, 'USER_DATE' => !$is_guest ? $LANG['registered_on'] . ': ' . gmdate_format('date_format_short', $row['registered']) : '', 'USER_SEX' => $user_sex, 'USER_MSG' => !$is_guest ? $user_msg : '', 'USER_LOCAL' => $user_local, 'USER_MAIL' => !empty($row['user_mail']) && $row['user_show_mail'] == '1' ? '<a href="mailto:' . $row['user_mail'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/email.png" alt="' . $row['user_mail'] . '" title="' . $row['user_mail'] . '" /></a>' : '', 'USER_MSN' => !empty($row['user_msn']) ? '<a href="mailto:' . $row['user_msn'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/msn.png" alt="' . $row['user_msn'] . '" title="' . $row['user_msn'] . '" /></a>' : '', 'USER_YAHOO' => !empty($row['user_yahoo']) ? '<a href="mailto:' . $row['user_yahoo'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/yahoo.png" alt="' . $row['user_yahoo'] . '" title="' . $row['user_yahoo'] . '" /></a>' : '', 'USER_SIGN' => !empty($row['user_sign']) ? '____________________<br />' . second_parse($row['user_sign']) : '', 'USER_WEB' => !empty($row['user_web']) ? '<a href="' . $row['user_web'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/user_web.png" alt="' . $row['user_web'] . '" title="' . $row['user_yahoo'] . '" /></a>' : '', 'USER_WARNING' => !empty($row['user_warning']) ? $row['user_warning'] : '0', 'C_COM_MSG_EDIT' => $del, 'C_COM_MSG_DEL' => $edit, 'U_COM_EDIT' => $this->path . sprintf($this->vars, $row['idcom']) . '&editcom=1' . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '') . '#anchor_' . $this->script, 'U_COM_DEL' => $this->path . sprintf($this->vars, $row['idcom']) . '&token=' . $Session->get_token() . '&delcom=1' . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '') . '#anchor_' . $this->script, 'U_COM_WARNING' => $is_modo && !$is_guest ? PATH_TO_ROOT . '/member/moderation_panel' . url('.php?action=warning&id=' . $row['user_id'] . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '')) . '" title="' . $LANG['warning_management'] : '', 'U_COM_PUNISHEMENT' => $is_modo && !$is_guest ? PATH_TO_ROOT . '/member/moderation_panel' . url('.php?action=punish&id=' . $row['user_id'] . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '')) . '" title="' . $LANG['punishment_management'] : '', 'U_USER_PM' => !$is_guest ? '<a href="' . PATH_TO_ROOT . '/member/pm' . url('.php?pm=' . $row['user_id'], '-' . $row['user_id'] . '.php') . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/pm.png" alt="" /></a>' : '', 'U_ANCHOR' => $this->path . $vars_simple . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '') . '#m' . $row['idcom'], 'U_QUOTE' => $this->path . sprintf($this->vars, $row['idcom']) . '&quote=' . $row['idcom'] . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '') . '#anchor_' . $this->script));
$j++;
}
$Sql->query_close($result);
}
return $Template->parse(TEMPLATE_STRING_MODE);
} else {
return 'error : class Comments loaded uncorrectly';
}
}
$shout_contents = !empty($_POST['contents']) ? trim(utf8_decode($_POST['contents'])) : '';
if (!empty($shout_pseudo) && !empty($shout_contents)) {
if ($User->check_level($CONFIG_SHOUTBOX['shoutbox_auth'])) {
$check_time = $User->get_attribute('user_id') !== -1 && $CONFIG['anti_flood'] == 1 ? $Sql->query("SELECT MAX(timestamp) as timestamp FROM " . PREFIX . "shoutbox WHERE user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__) : '';
if (!empty($check_time) && !$User->check_max_value(AUTH_FLOOD)) {
if ($check_time >= time() - $CONFIG['delay_flood']) {
echo -2;
exit;
}
}
$shout_contents = strparse($shout_contents, $CONFIG_SHOUTBOX['shoutbox_forbidden_tags']);
if (!check_nbr_links($shout_pseudo, 0)) {
echo -3;
exit;
}
if (!check_nbr_links($shout_contents, $CONFIG_SHOUTBOX['shoutbox_max_link'])) {
echo -4;
exit;
}
$Sql->query_inject("INSERT INTO " . PREFIX . "shoutbox (login, user_id, level, contents, timestamp) VALUES('" . $shout_pseudo . "', '" . $User->get_attribute('user_id') . "', '" . $User->get_attribute('level') . "', '" . $shout_contents . "', '" . time() . "')", __LINE__, __FILE__);
$last_msg_id = $Sql->insert_id("SELECT MAX(id) FROM " . PREFIX . "shoutbox");
$array_class = array('member', 'modo', 'admin');
if ($User->get_attribute('user_id') !== -1) {
$shout_pseudo = '<a href="javascript:Confirm_del_shout(' . $last_msg_id . ');" title="' . $LANG['delete'] . '"><img src="../templates/' . get_utheme() . '/images/delete_mini.png" alt="" /></a> <a style="font-size:10px;" class="' . $array_class[$User->get_attribute('level')] . '" href="../member/member' . url('.php?id=' . $User->get_attribute('user_id'), '-' . $User->get_attribute('user_id') . '.php') . '">' . (!empty($shout_pseudo) ? wordwrap_html($shout_pseudo, 16) : $LANG['guest']) . '</a>';
} else {
$shout_pseudo = '<span class="text_small" style="font-style: italic;">' . (!empty($shout_pseudo) ? wordwrap_html($shout_pseudo, 16) : $LANG['guest']) . '</span>';
}
$test = second_parse($test);
echo "array_shout[0] = '" . $shout_pseudo . "';";
echo "array_shout[1] = '" . addslashes(second_parse(str_replace(array("\n", "\r"), array('', ''), ucfirst(stripslashes($shout_contents))))) . "';";
echo "array_shout[2] = '" . $last_msg_id . "';";
