function ip_is_blocked()
{
global $set;
if (!is_array($set['guestbook']['blockip'])) {
$set['guestbook']['blockip'] = array();
}
foreach ($set['guestbook']['blockip'] as $res) {
if ($res['endip'] === false && $res['startip'] == ip2float(get_remoteaddr()) || ip2float(get_remoteaddr()) >= $res['startip'] && ip2float(get_remoteaddr()) <= $res['endip']) {
return true;
}
}
return false;
}
}
if ($captchafailed) {
message($apx->lang->get('MSG_WRONGCODE'), 'javascript:history.back()');
} elseif (!$_POST['send_username'] && !$user->info['userid'] || !$_POST['catid'] || !$_POST['title'] || !$_POST['url'] || !$_POST['text']) {
message('back');
} elseif ($spam + $set['links']['spamprot'] * 60 > time()) {
message($apx->lang->get('MSG_BLOCKSPAM', array('SEC' => $spam + $set['links']['spamprot'] * 60 - time())), 'back');
} else {
if ($user->info['userid']) {
$_POST['userid'] = $user->info['userid'];
$_POST['send_username'] = $_POST['send_email'] = '';
} else {
$_POST['userid'] = 0;
}
$_POST['addtime'] = time();
$_POST['send_ip'] = get_remoteaddr();
$_POST['secid'] = 'all';
$_POST['text'] = strtr(strip_tags($_POST['text']), array("\r\n" => "<br />\r\n", "\n" => "<br />\n"));
//eMail-Benachrichtigung
if ($set['links']['mailonnew']) {
$input = array('URL' => HTTP);
sendmail($set['links']['mailonnew'], 'SENDLINK', $input);
}
//Captcha löschen
if ($set['links']['captcha'] && !$user->info['userid']) {
$captcha->remove();
}
$db->dinsert(PRE . '_links', 'userid,secid,send_username,send_email,send_ip,catid,title,url,text,addtime');
message($apx->lang->get('MSG_OK'), mklink('links.php', 'links.html'));
}
//SCRIPT BEENDEN
function logit($text, $affect = false)
{
global $db, $apx;
$text = strtoupper($text);
if ($affect === false) {
$affect = '';
}
$db->query("INSERT INTO " . PRE . "_log VALUES ('" . date('Y/m/d H:i:s', time() - TIMEDIFF) . "','" . $apx->user->info['userid'] . "','" . get_remoteaddr() . "','" . addslashes('{LOG_' . $text . '}') . "','" . addslashes($affect) . "')");
}
if ($user->info['userid']) {
$username = $user->info['username'];
} else {
$username = $_POST['username'];
setcookie($set['main']['cookie_pre'] . '_forum_username', $_POST['username'], time() + 7 * 24 * 3600);
}
//Links parsen
if ($_POST['transform_links']) {
$_POST['text'] = transform_urls($_POST['text']);
}
$now = time();
$_POST['threadid'] = $threadinfo['threadid'];
$_POST['username'] = $username;
$_POST['userid'] = $user->info['userid'];
$_POST['time'] = $now;
$_POST['ip'] = get_remoteaddr();
//Posting erstellen
$db->dinsert(PRE . '_forum_posts', 'threadid,userid,username,title,text,allowsmilies,allowcodes,allowsig,time,ip,hash');
$pid = $db->insert_id();
//Thema und Forum aktualisieren
thread_update_cache($threadinfo['threadid'], 1);
forum_update_cache($foruminfo['forumid'], 1);
//Postingzahl des Benutzers erhöhen
if ($user->info['userid'] && $foruminfo['countposts']) {
$db->query("UPDATE " . PRE . "_user SET forum_posts=forum_posts+1 WHERE userid='" . $user->info['userid'] . "' LIMIT 1");
}
//Anhänge hinzufügen
if (forum_access_addattachment($foruminfo)) {
$db->query("UPDATE " . PRE . "_forum_attachments SET postid='" . $pid . "' WHERE hash='" . addslashes($_POST['hash']) . "' AND time>'" . (time() - 3600) . "'");
}
//Index aktualisieren
function addcom()
{
global $db, $apx, $user;
$_POST['mid'] = (int) $_POST['mid'];
if (!$_POST['mid']) {
die('missing mID!');
}
//if ( !$apx->is_module($_POST['module']) ) die('invalid MODULE!');
$apx->lang->drop('add', 'comments');
list($spam) = $db->first("SELECT time FROM " . PRE . "_comments WHERE ( module='" . addslashes($_POST['module']) . "' AND ip='" . get_remoteaddr() . "' AND mid='" . $_POST['mid'] . "' ) ORDER BY time DESC");
//Captcha prüfen
if ($this->set['captcha'] && !$user->info['userid']) {
require BASEDIR . 'lib/class.captcha.php';
$captcha = new captcha();
$captchafailed = $captcha->check();
}
if ($user->info['userid']) {
if ($captchafailed) {
message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()');
} elseif ($this->ip_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKIP'), 'back');
} elseif (!$_POST['text'] || $this->set['req_title'] && !$_POST['title']) {
message('back');
} elseif ($this->text_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back');
} elseif ($this->set['maxlen'] && strlen($_POST['text']) > $this->set['maxlen']) {
message($apx->lang->get('MSG_COM_TOOLONG'), 'back');
} elseif ($spam + $this->set['spamprot'] * 60 > time()) {
message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back');
} else {
if ($this->set['mod'] && !$user->is_team_member()) {
$_POST['active'] = 0;
} else {
$_POST['active'] = 1;
}
$_POST['userid'] = $user->info['userid'];
$_POST['username'] = $user->info['username'];
$_POST['time'] = time();
$_POST['ip'] = get_remoteaddr();
$db->dinsert(PRE . '_comments', 'module,mid,userid,username,title,text,time,notify,ip,active');
$comid = $db->insert_id();
//eMail-Benachrichtigung (Admin)
if ($this->set['mailonnew']) {
$text = strip_tags(dbcodes($_POST['text']));
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text);
sendmail($this->set['mailonnew'], 'SENDCOM', $input);
}
//eMail-Benachrichtigung (User)
if ($_POST['active']) {
$data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "' AND c.userid!=" . $user->info['userid'] . "\n\t\t\t\t\t");
if (count($data)) {
foreach ($data as $res) {
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']);
sendmail($res['email'], 'NOTIFYCOM', $input);
}
}
//Notify zurücksetzen
$db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'");
}
//Captcha löschen
if ($this->set['captcha'] && !$user->info['userid']) {
$captcha->remove();
}
message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
}
} elseif ($this->set['pub']) {
if (!checkmail($_POST['email'])) {
if ($this->set['req_email']) {
$emailnotvalid = true;
} else {
$_POST['email'] = '';
}
}
if ($captchafailed) {
message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()');
} elseif ($this->ip_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKIP'), 'back');
} elseif (!$_POST['username'] || !$_POST['text'] || $this->set['req_email'] && !$_POST['email'] || $this->set['req_homepage'] && !$_POST['homepage'] || $this->set['req_title'] && !$_POST['title']) {
message('back');
} elseif ($_POST['notify'] && !$_POST['email']) {
message($apx->lang->get('MSG_COM_MAILNEEDED'), 'back');
} elseif ($this->text_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back');
} elseif ($this->set['entrymaxlen'] && strlen($_POST['text']) > $this->set['entrymaxlen']) {
message($apx->lang->get('MSG_COM_TOOLONG'), 'back');
} elseif ($emailnotvalid) {
message($apx->lang->get('MSG_COM_EMAILNOTVALID'), 'back');
} elseif ($spam + $this->set['spamprot'] * 60 > time()) {
message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back');
} else {
if (substr($_POST['homepage'], 0, 4) == 'www.') {
$_POST['homepage'] = 'http://' . $_POST['homepage'];
}
if ($this->set['mod']) {
$_POST['active'] = 0;
} else {
$_POST['active'] = 1;
}
$_POST['time'] = time();
$_POST['ip'] = get_remoteaddr();
$db->dinsert(PRE . '_comments', 'module,mid,userid,username,email,homepage,title,text,time,notify,ip,active');
//eMail-Benachrichtigung (Admin)
if ($this->set['mailonnew']) {
$text = strip_tags(dbcodes($_POST['text']));
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text);
sendmail($this->set['mailonnew'], 'SENDCOM', $input);
}
//eMail-Benachrichtigung (User)
if ($_POST['active']) {
$data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "'\n\t\t\t\t\t");
if (count($data)) {
foreach ($data as $res) {
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']);
sendmail($res['email'], 'NOTIFYCOM', $input);
}
}
//Notify zurücksetzen
$db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'");
}
//Captcha löschen
if ($this->set['captcha'] && !$user->info['userid']) {
$captcha->remove();
}
message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
}
}
}
function getOwnerId()
{
$ip = implode('.', array_slice(explode('.', get_remoteaddr()), 0, 3));
return md5(getenv('HTTP_USER_AGENT') . $ip);
}
function forum_activity($type, $id)
{
global $apx, $db, $set, $user;
$db->query("\n\t\tDELETE FROM " . PRE . "_forum_activity\n\t\tWHERE userid='" . $user->info['userid'] . "' AND type='" . addslashes($type) . "' AND id='" . intval($id) . "'\n\t");
$db->query("\n\t\tINSERT IGNORE INTO " . PRE . "_forum_activity\n\t\tVALUES ('" . $user->info['userid'] . "', '" . ip2integer(get_remoteaddr()) . "', '" . addslashes($type) . "', '" . intval($id) . "', '" . time() . "', '" . $user->info['pub_invisible'] . "')\n\t");
}
} else {
$db->query("INSERT INTO " . PRE . "_stats_userenv VALUES ('" . $daystamp . "','country','" . addslashes($country) . "',1)");
}
//Besucher zählen
if ($browser != 'SEARCHENGINE' || $set['stats']['countsearchengine']) {
list($stats_exists) = $db->first("SELECT daystamp FROM " . PRE . "_stats WHERE daystamp='" . $daystamp . "' LIMIT 1");
if ($stats_exists) {
$db->query("UPDATE " . PRE . "_stats SET uniques=uniques+1,uniques_" . $hourstamp . "h=uniques_" . $hourstamp . "h+1,hits=hits+1 WHERE daystamp='" . $daystamp . "' LIMIT 1");
} else {
$db->quieterror = true;
$db->query("INSERT INTO " . PRE . "_stats (daystamp,weekstamp,weekday,time,uniques,uniques_" . $hourstamp . "h,hits) VALUES ('" . $daystamp . "','" . $weekstamp . "','" . $weekday . "','" . time() . "',1,1,1)");
$db->quieterror = false;
}
}
//IP-Sperre und Cookie setzen
$db->query("INSERT INTO " . PRE . "_stats_iplog VALUES ('" . ip2integer(get_remoteaddr()) . "','" . time() . "')");
if ($set['stats']['cookie']) {
setcookie($set['main']['cookie_pre'] . '_stats_count', 1, time() + $set['stats']['blockip'] * 3600, '/');
}
} elseif (!(strpos($_SERVER['PHP_SELF'], 'misc.php') !== false && $_REQUEST['action'] == 'counter') && $_SERVER['REQUEST_URI']) {
require_once BASEDIR . getmodulepath('stats') . 'functions.php';
$weekstamp = stats_weekstamp($statsnow);
//User-Info
$browser = stats_browser($_SERVER['HTTP_USER_AGENT']);
if ($browser != 'SEARCHENGINE' || $set['stats']['countsearchengine']) {
if (!isset($stats_exists)) {
list($stats_exists) = $db->first("SELECT daystamp FROM " . PRE . "_stats WHERE daystamp='" . $daystamp . "' LIMIT 1");
}
if ($stats_exists) {
$db->query("UPDATE " . PRE . "_stats SET hits=hits+1 WHERE daystamp='" . $daystamp . "' LIMIT 1");
} else {
//Login versuchen
$res = $forumdb->first("\n\t\t\t\t\tSELECT userid,usergroupid,password,salt\n\t\t\t\t\tFROM " . VBPRE . "user\n\t\t\t\t\tWHERE LOWER(username)='" . addslashes(strtolower($_POST['login_user'])) . "'\n\t\t\t\t\tLIMIT 1\n\t\t\t\t");
//Login fehlgeschlagen
if (!$res['userid'] || $res['password'] != md5(md5($_POST['login_pwd']) . $res['salt'])) {
$forumdb->query("\n\t\t\t\t\t\tINSERT INTO " . VBPRE . "strikes\n\t\t\t\t\t\t(striketime, strikeip, username)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t(" . time() . ", '" . addslashes(get_remoteaddr()) . "', '" . addslashes($_POST['login_user']) . "')\n\t\t\t\t\t");
message($apx->lang->get('MSG_FAIL'), 'javascript:history.back()');
} elseif ($res['usergroupid'] == 3) {
message($apx->lang->get('MSG_NOTACTIVE'), 'javascript:history.back()');
} else {
$pwdcrypt = md5($res['password'] . $set['forum_cookie_salt']);
setcookie($set['forum_cookiename_userid'], $res['userid'], time() + 100 * 24 * 3600, $set['forum_cookie_path'], $set['forum_cookie_domain']);
setcookie($set['forum_cookiename_password'], $pwdcrypt, time() + 100 * 24 * 3600, $set['forum_cookie_path'], $set['forum_cookie_domain']);
$_COOKIE[$set['forum_cookiename_userid']] = $res['userid'];
$_COOKIE[$set['forum_cookiename_password']] = $pwdcrypt;
//Strikes löschen
$forumdb->query("DELETE FROM " . VBPRE . "strikes WHERE strikeip = '" . addslashes(get_remoteaddr()) . "' AND username='******'login_user']) . "'");
//Session erzeugen
if ($set['forum_autologin']) {
$user->createForumSession($res['userid']);
}
//Weiterleitung zur zuletzt besuchten Seite
$filter = array('user.html', 'user,login.html', 'user.php?action=login', 'user.php');
$refforward = true;
foreach ($filter as $url) {
if (strpos($_SERVER['HTTP_REFERER'], $url) !== false) {
$refforward = false;
break;
}
}
if ($refforward && $_SERVER['HTTP_REFERER']) {
$goto = $_SERVER['HTTP_REFERER'];
function update_onlinelist()
{
global $db, $set;
$db->query("DELETE FROM " . PRE . "_user_online WHERE ( time<'" . (time() - $set['user']['timeout'] * 60) . "' OR ip='" . ip2integer(get_remoteaddr()) . "' " . iif($this->info['userid'], " OR userid='" . $this->info['userid'] . "' ") . ")");
$db->query("INSERT IGNORE INTO " . PRE . "_user_online VALUES ('" . $this->info['userid'] . "','" . ip2integer(get_remoteaddr()) . "','" . time() . "','" . $this->info['pub_invisible'] . "','" . addslashes($_SERVER['REQUEST_URI']) . "')");
}
<?php
$apx->lang->drop('getpwd');
headline($apx->lang->get('HEADLINE_GETPWD'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
titlebar($apx->lang->get('HEADLINE_GETPWD'));
//Passwortänderung bestätigen
if ($_REQUEST['verify'] && $_REQUEST['userid']) {
$_REQUEST['userid'] = (int) $_REQUEST['userid'];
$res = $db->first("SELECT userid,username_login,email,salt,lastpwget FROM " . PRE . "_user WHERE userid='" . $_REQUEST['userid'] . "'");
$key = md5($res['userid'] . $res['lastpwget'] . $set['main']['crypt']);
if ($key != $_REQUEST['verify']) {
message($apx->lang->get('MSG_NOTALLOWED'), 'back');
} else {
$newpwd = random_string();
$salt = random_string();
$db->query("UPDATE " . PRE . "_user SET password='******',salt='" . $salt . "',lastpwget='" . time() . "',lastpwget_by='" . get_remoteaddr() . "' WHERE userid='" . $res['userid'] . "' LIMIT 1");
$input['USERNAME'] = replace($res['username_login']);
$input['WEBSITE'] = $set['main']['websitename'];
$input['PWD'] = $newpwd;
sendmail($res['email'], 'GETPWD', $input);
message($apx->lang->get('MSG_OK_PWD'), mklink('user.php', 'user.html'));
}
} elseif ($_POST['send']) {
if (!$_POST['username']) {
message('back');
} else {
$res = $db->first("SELECT userid,username_login,email,salt,lastpwget FROM " . PRE . "_user WHERE username_login='******'username']) . "'");
if (!$res['userid']) {
message($apx->lang->get('MSG_NOMATCH'), 'javascript:history.back()');
} else {
$key = md5($res['userid'] . $res['lastpwget'] . $set['main']['crypt']);
$cset = array();
foreach ($_POST['vote'] as $aid => $true) {
$aid = (int) $aid;
if (!$aid || $aid < 1 || $aid > 20 || $true != '1') {
continue;
}
$cset[] = 'a' . $aid . '_c=a' . $aid . '_c+1';
}
if (count($cset)) {
$db->query("UPDATE " . PRE . "_poll SET " . implode(',', $cset) . " WHERE ( id='" . $_REQUEST['id'] . "' AND ( '" . time() . "' BETWEEN starttime AND endtime ) ) LIMIT 1");
}
} else {
$db->query("UPDATE " . PRE . "_poll SET a" . $_POST['vote'] . "_c=a" . $_POST['vote'] . "_c+1 WHERE ( id='" . $_REQUEST['id'] . "' AND ( '" . time() . "' BETWEEN starttime AND endtime ) ) LIMIT 1");
}
//Block User
$db->query("INSERT INTO " . PRE . "_poll_iplog VALUES ('" . $_REQUEST['id'] . "','" . $user->info['userid'] . "','" . ip2integer(get_remoteaddr()) . "','" . time() . "')");
@setcookie($set['main']['cookie_pre'] . '_voted[' . $_REQUEST['id'] . ']', '1', time() + 100 * 24 * 3600, '/');
message($apx->lang->get('MSG_VOTE'), mklink('poll.php?id=' . $_REQUEST['id'], 'poll,' . $_REQUEST['id'] . '.html'));
require 'lib/_end.php';
}
//////////////////////////////////////////////////////////////////////////////////////////////////////// IMMER AUFRUFEN
//Headline + Titlebar
if ($pollinfo['id'] == $recent) {
headline($apx->lang->get('HEADLINE_RECENT'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
titlebar($apx->lang->get('HEADLINE_RECENT') . ': ' . strip_tags($pollinfo['question']));
} else {
headline($apx->lang->get('HEADLINE_ARCHIVE'), mklink('poll.php', 'poll.html'));
titlebar($apx->lang->get('HEADLINE_ARCHIVE') . ': ' . strip_tags($pollinfo['question']));
}
//KOMMENTARE
if ($_REQUEST['comments'] && $_REQUEST['id']) {
function poll_small($id = false, $template = 'poll')
{
global $set, $db, $apx, $user;
$id = (int) $id;
$tmpl = new tengine();
$apx->lang->drop('poll', 'poll');
$recent = poll_recent();
if (!$id) {
$id = $recent;
}
//Verwendete Variablen auslesen
$parse = $tmpl->used_vars('functions/' . $template, 'poll');
$pollinfo = $db->first("SELECT *,a1_c+a2_c+a3_c+a4_c+a5_c+a6_c+a7_c+a8_c+a9_c+a10_c+a11_c+a12_c+a13_c+a14_c+a15_c+a16_c+a17_c+a18_c+a19_c+a20_c AS total FROM " . PRE . "_poll WHERE ( id='" . $id . "' " . section_filter() . " ) LIMIT 1");
if (!$pollinfo['id']) {
return;
}
if ($user->info['userid']) {
list($ipblock) = $db->first("SELECT ip FROM " . PRE . "_poll_iplog WHERE ( id='" . $id . "' AND userid='" . $user->info['userid'] . "' AND time>" . (time() - 24 * 3600) . " ) LIMIT 1");
} else {
list($ipblock) = $db->first("SELECT ip FROM " . PRE . "_poll_iplog WHERE ( id='" . $id . "' AND ip='" . ip2integer(get_remoteaddr()) . "' AND time>" . (time() - 24 * 3600) . " ) LIMIT 1");
}
//Ergebnisse zeigen
if ($pollinfo['id'] != $recent && !$set['poll']['archvote'] || $_COOKIE[$set['main']['cookie_pre'] . '_voted'][$pollinfo['id']] == '1' || $ipblock || $pollinfo['starttime'] + $pollinfo['days'] * 24 * 3600 <= time()) {
$result = poll_format_result($pollinfo);
foreach ($result as $element) {
++$ri;
$percent = round($element[1] / iif($pollinfo['total'], $pollinfo['total'], 1) * 100, $set['poll']['percentdigits']);
$width = round($percent) . '%';
$resdata[$ri]['ANSWER'] = $element[0];
$resdata[$ri]['VOTES'] = $element[1];
$resdata[$ri]['COLOR'] = $element[2];
$resdata[$ri]['PERCENT'] = $percent . '%';
$resdata[$ri]['WIDTH'] = $width;
}
if ($pollinfo['starttime'] + $pollinfo['days'] * 24 * 3600 <= time()) {
$set_end = 1;
}
if ($_COOKIE[$set['main']['cookie_pre'] . '_voted'][$pollinfo['id']] == '1' || $ipblock) {
$set_voted = 1;
}
$tmpl->assign('TOTALVOTES', $pollinfo['total']);
$tmpl->assign('RESULT', $resdata);
$tmpl->assign('SET_END', $set_end);
$tmpl->assign('SET_VOTED', $set_voted);
} else {
for ($i = 1; $i <= 20; $i++) {
if (!$pollinfo['a' . $i]) {
continue;
}
if ($pollinfo['multiple']) {
$box = '<input type="checkbox" name="vote[' . $i . ']" value="1" />';
} else {
$box = '<input type="radio" name="vote" value="' . $i . '" />';
}
$optdata[$i]['ANSWER'] = $pollinfo['a' . $i];
$optdata[$i]['COLOR'] = $pollinfo['color' . $i];
$optdata[$i]['BOX'] = $box;
}
$postto = mklink('poll.php?id=' . $pollinfo['id'], 'poll,' . $pollinfo['id'] . urlformat($pollinfo['question']) . '.html');
$tmpl->assign('POSTTO', $postto);
$tmpl->assign('OPTION', $optdata);
}
//Link: Ergebnis zeigen
if ($pollinfo['id'] == $recent) {
$resultlink = mklink('poll.php?recent=1&result=1', 'poll,recent.html?result=1');
} else {
$resultlink = mklink('poll.php?id=' . $pollinfo['id'] . '&result=1', 'poll,' . $pollinfo['id'] . urlformat($pollinfo['question']) . '.html?result=1');
}
//Tags
if (in_array('TAG', $parse) || in_array('TAG_IDS', $parse) || in_array('KEYWORDS', $parse)) {
list($tagdata, $tagids, $keywords) = poll_tags($res['id']);
}
//Kommentare
if ($set['poll']['coms'] && $pollinfo['allowcoms'] && $apx->is_module('comments')) {
require_once BASEDIR . getmodulepath('comments') . 'class.comments.php';
$coms = new comments('poll', $id);
$tmpl->assign('COMMENT_LINK', $coms->link($resultlink));
$tmpl->assign('COMMENT_COUNT', $coms->count());
$tmpl->assign('DISPLAY_COMMENTS', 1);
}
//Link zum Poll
$pollink = mklink('poll.php?id=' . $pollinfo['id'], 'poll,' . $pollinfo['id'] . urlformat($pollinfo['question']) . '.html');
//Ausgabe
$tmpl->assign('LINK', $pollink);
$tmpl->assign('LINK_RESULT', $resultlink);
$tmpl->assign('ID', $pollinfo['id']);
$tmpl->assign('QUESTION', $pollinfo['question']);
$tmpl->assign('STARTTIME', $pollinfo['starttime']);
$tmpl->assign('ENDTIME', $pollinfo['starttime'] + $pollinfo['days'] * 24 * 3600);
//Tags
$tmpl->assign('TAG_IDS', $tagids);
$tmpl->assign('TAG', $tagdata);
$tmpl->assign('KEYWORDS', $keywords);
$tmpl->parse('functions/' . $template, 'poll');
}
function addrate()
{
global $db, $apx, $user;
$_POST['mid'] = (int) $_POST['mid'];
if (!$_POST['mid']) {
die('missing mID!');
}
if (!$apx->is_module($_POST['module'])) {
die('invalid MODULE!');
}
$apx->lang->drop('add', 'ratings');
list($spam) = $db->first("SELECT time FROM " . PRE . "_ratings WHERE ( module='" . $_POST['module'] . "' AND ip='" . get_remoteaddr() . "' AND mid='" . intval($_POST['mid']) . "' ) ORDER BY time DESC");
if (!$_POST['mid'] || !$_POST['rating']) {
message('back');
} elseif ($spam + $this->set['block'] * 60 > time()) {
message($apx->lang->get('MSG_RATE_HASVOTED'), 'back');
} else {
$_POST['module'] = $_POST['module'];
$_POST['time'] = time();
$_POST['ip'] = get_remoteaddr();
if (!array_key_exists(intval($_POST['rating']), $this->set['possible'])) {
die('invalid RATING!');
}
$db->dinsert(PRE . '_ratings', 'module,mid,rating,time,ip');
message($apx->lang->get('MSG_RATE_OK'), $_SERVER['REQUEST_URI']);
}
}