function Update_msg($idtopic, $idmsg, $contents, $user_id_msg, $history = true) { global $Sql, $User, $Group, $CONFIG_FORUM; $edit_mark = !$User->check_auth($CONFIG_FORUM['auth'], EDIT_MARK_FORUM) ? ", timestamp_edit = '" . time() . "', user_id_edit = '" . $User->get_attribute('user_id') . "'" : ''; $Sql->query_inject("UPDATE " . PREFIX . "forum_msg SET contents = '" . strparse($contents) . "'" . $edit_mark . " WHERE id = '" . $idmsg . "'", __LINE__, __FILE__); $nbr_msg_before = $Sql->query("SELECT COUNT(*) FROM " . PREFIX . "forum_msg WHERE idtopic = '" . $idtopic . "' AND id < '" . $idmsg . "'", __LINE__, __FILE__); $msg_page = ceil(($nbr_msg_before + 1) / $CONFIG_FORUM['pagination_msg']); $msg_page_rewrite = $msg_page > 1 ? '-' . $msg_page : ''; $msg_page = $msg_page > 1 ? '&pt=' . $msg_page : ''; if ($User->get_attribute('user_id') != $user_id_msg && $history) { forum_history_collector(H_EDIT_MSG, $user_id_msg, 'topic' . url('.php?id=' . $idtopic . $msg_page, '-' . $idtopic . $msg_page_rewrite . '.php', '&') . '#m' . $idmsg); } return $nbr_msg_before; }
function send($pm_to, $pm_idconvers, $pm_contents, $pm_from, $pm_status, $check_pm_before_send = true) { global $Sql; if ($check_pm_before_send) { $info_convers = $Sql->query_array(DB_TABLE_PM_TOPIC . " ", "last_user_id", "user_view_pm", "WHERE id = '" . $pm_idconvers . "'", __LINE__, __FILE__); if ($info_convers['last_user_id'] != $pm_from && $info_convers['user_view_pm'] > 0) { $Sql->query_inject("UPDATE " . DB_TABLE_MEMBER . " SET user_pm = user_pm - '" . $info_convers['user_view_pm'] . "' WHERE user_id = '" . $pm_from . "'", __LINE__, __FILE__); $Sql->query_inject("UPDATE " . DB_TABLE_PM_TOPIC . " SET user_view_pm = 0 WHERE id = '" . $pm_idconvers . "'", __LINE__, __FILE__); } } $Sql->query_inject("INSERT INTO " . DB_TABLE_PM_MSG . " (idconvers, user_id, contents, timestamp, view_status) VALUES('" . $pm_idconvers . "', '" . $pm_from . "', '" . strparse($pm_contents) . "', '" . time() . "', 0)", __LINE__, __FILE__); $this->pm_msg_id = $Sql->insert_id("SELECT MAX(id) FROM " . PREFIX . "pm_msg"); $Sql->query_inject("UPDATE " . DB_TABLE_PM_TOPIC . " SET user_view_pm = user_view_pm + 1, nbr_msg = nbr_msg + 1, last_user_id = '" . $pm_from . "', last_msg_id = '" . $this->pm_msg_id . "', last_timestamp = '" . time() . "' WHERE id = '" . $pm_idconvers . "'", __LINE__, __FILE__); $Sql->query_inject("UPDATE " . DB_TABLE_MEMBER . " SET user_pm = user_pm + 1 WHERE user_id = '" . $pm_to . "'", __LINE__, __FILE__); }
function send_bbcode($mail_object, $message, $email_test = '') { global $_NEWSLETTER_CONFIG, $LANG, $Sql; $error_mailing_list = array(); $message = stripslashes(strparse($message)); $message = ContentSecondParser::export_html_text($message); $mail_contents = '<html> <head><title>' . $mail_object . '</title></head><body>'; $mail_contents .= $message; if ($email_test == '') { $nbr = $Sql->count_table('newsletter', __LINE__, __FILE__); $Sql->query_inject("INSERT INTO " . PREFIX . "newsletter_arch (title,message,timestamp,type,nbr) VALUES('" . addslashes($mail_object) . "', '" . addslashes($message) . "', '" . time() . "', 'bbcode', '" . $nbr . "')", __LINE__, __FILE__); $mailing_list = array(); $result = $Sql->query_while("SELECT id, mail \n\t\t\tFROM " . PREFIX . "newsletter \n\t\t\tORDER BY id", __LINE__, __FILE__); while ($row = $Sql->fetch_assoc($result)) { $mailing_list[] = array($row['id'], $row['mail']); } $Sql->query_close($result); $mail_sender = new Mail(); $mail_sender->set_sender($_NEWSLETTER_CONFIG['sender_mail']); $mail_sender->set_mime(MIME_FORMAT_HTML); $mail_sender->set_object($mail_object); foreach ($mailing_list as $array_mail) { $mail_sender->set_recipients($array_mail[1]); $mail_contents_end = '<br /><br /><a href="' . HOST . DIR . '/newsletter/newsletter.php?id=' . $array_mail[0] . '">' . $LANG['newsletter_unscubscribe_text'] . '</a></body></html>'; $mail_sender->set_content($mail_contents . $mail_contents_end); if (!$mail_sender->send()) { $error_mailing_list[] = $array_mail[1]; } } return $error_mailing_list; } else { $mail_sender = new Mail(); $mail_sender->set_sender($_NEWSLETTER_CONFIG['sender_mail']); $mail_sender->set_mime(MIME_FORMAT_HTML); $mail_sender->set_recipients($email_test); $mail_sender->set_content($mail_contents . '</body></html>'); $mail_sender->set_object($mail_object); $mail_sender->send(); return true; } }
$Errorh->handler($LANG['require_cat_create'], E_USER_WARNING); } $Template->pparse('admin_web_management2'); } elseif (!empty($_POST['previs']) && !empty($id_post)) { $Template->set_filenames(array('admin_web_management' => 'web/admin_web_management2.tpl')); $row = $Sql->query_array(PREFIX . 'web', '*', "WHERE id = '" . $id . "'", __LINE__, __FILE__); $title = retrieve(POST, 'name', '', TSTRING_UNCHANGE); $contents = retrieve(POST, 'contents', '', TSTRING_UNCHANGE); $url = retrieve(POST, 'url', '', TSTRING_UNCHANGE); $idcat = retrieve(POST, 'idcat', 0); $compt = retrieve(POST, 'compt', 0); $aprob = retrieve(POST, 'aprob', 0); $aprob_enable = $aprob == 1 ? 'checked="checked"' : ''; $aprob_disable = $aprob == 0 ? 'checked="checked"' : ''; $cat = $Sql->query("SELECT name FROM " . PREFIX . "web_cat WHERE id = '" . $idcat . "'", __LINE__, __FILE__); $Template->assign_block_vars('web', array('NAME' => $title, 'CONTENTS' => second_parse(stripslashes(strparse($contents))), 'URL' => $url, 'IDCAT' => $idcat, 'CAT' => $cat, 'COMPT' => $compt, 'DATE' => gmdate_format('date_format_short'), 'MODULE_DATA_PATH' => $Template->get_module_data_path('web'), 'L_DESC' => $LANG['description'], 'L_DATE' => $LANG['date'], 'L_COM' => $LANG['com'], 'L_VIEWS' => $LANG['views'], 'L_NOTE' => $LANG['note'], 'L_CATEGORY' => $LANG['categorie'])); $Template->assign_vars(array('MODULE_DATA_PATH' => $Template->get_module_data_path('web'), 'THEME' => get_utheme(), 'LANG' => get_ulang(), 'IDWEB' => $id_post, 'TITLE' => $title, 'KERNEL_EDITOR' => display_editor(), 'NAME' => $title, 'CONTENTS' => $contents, 'URL' => $url, 'IDWEB' => $row['id'], 'IDCAT' => $idcat, 'COMPT' => $compt, 'APROB_ENABLED' => $aprob_enable, 'APROB_DISABLED' => $aprob_disable, 'L_NOTE' => $LANG['note'], 'L_REQUIRE_NAME' => $LANG['require_title'], 'L_REQUIRE_URL' => $LANG['require_url'], 'L_REQUIRE_CAT' => $LANG['require_cat'], 'L_WEB_ADD' => $LANG['web_add'], 'L_WEB_MANAGEMENT' => $LANG['web_management'], 'L_WEB_CAT' => $LANG['cat_management'], 'L_WEB_CONFIG' => $LANG['web_config'], 'L_REQUIRE' => $LANG['require'], 'L_CATEGORY' => $LANG['categorie'], 'L_TITLE' => $LANG['title'], 'L_URL_LINK' => $LANG['url'], 'L_VIEWS' => $LANG['views'], 'L_DESC' => $LANG['description'], 'L_APROB' => $LANG['aprob'], 'L_YES' => $LANG['yes'], 'L_NO' => $LANG['no'], 'L_UPDATE' => $LANG['update'], 'L_PREVIEW' => $LANG['preview'], 'L_RESET' => $LANG['reset'])); $i = 0; $result = $Sql->query_while("SELECT id, name \n\tFROM " . PREFIX . "web_cat", __LINE__, __FILE__); while ($row = $Sql->fetch_assoc($result)) { $selected = $row['id'] == $idcat ? ' selected="selected"' : ''; $Template->assign_block_vars('select', array('CAT' => '<option value="' . $row['id'] . '"' . $selected . '>' . $row['name'] . '</option>')); $i++; } $Sql->query_close($result); if ($i == 0) { $Errorh->handler($LANG['require_cat_create'], E_USER_WARNING); } $Template->pparse('admin_web_management'); } elseif (!empty($_POST['valid']) && !empty($id_post)) { $title = retrieve(POST, 'name', '');
<?php require_once '../admin/admin_begin.php'; define('TITLE', $LANG['administration']); require_once '../admin/admin_header.php'; if (!empty($_POST['msg_mbr'])) { $config_member['activ_register'] = retrieve(POST, 'activ_register', 0); $config_member['msg_mbr'] = stripslashes(strparse(retrieve(POST, 'contents', '', TSTRING_AS_RECEIVED))); $config_member['msg_register'] = $CONFIG_USER['msg_register']; $config_member['activ_mbr'] = retrieve(POST, 'activ_mbr', 0); $config_member['verif_code'] = isset($_POST['verif_code']) && @extension_loaded('gd') ? numeric($_POST['verif_code']) : 0; $config_member['verif_code_difficulty'] = retrieve(POST, 'verif_code_difficulty', 2); $config_member['delay_unactiv_max'] = retrieve(POST, 'delay_unactiv_max', 0); $config_member['force_theme'] = retrieve(POST, 'force_theme', 0); $config_member['activ_up_avatar'] = retrieve(POST, 'activ_up_avatar', 0); $config_member['width_max'] = retrieve(POST, 'width_max', 120); $config_member['height_max'] = retrieve(POST, 'height_max', 120); $config_member['weight_max'] = retrieve(POST, 'weight_max', 20); $config_member['activ_avatar'] = retrieve(POST, 'activ_avatar', 0); $config_member['avatar_url'] = retrieve(POST, 'avatar_url', ''); $Sql->query_inject("UPDATE " . DB_TABLE_CONFIGS . " SET value = '" . addslashes(serialize($config_member)) . "' WHERE name = 'member'", __LINE__, __FILE__); ###### Régénération du cache $CONFIG_USER ####### $Cache->Generate_file('member'); redirect(HOST . SCRIPT); } else { $Template->set_filenames(array('admin_members_config' => 'admin/admin_members_config.tpl')); #####################Activation du mail par le membre pour s'inscrire################## $array = array(0 => $LANG['no_activ_mbr'], 1 => $LANG['mail'], 2 => $LANG['admin']); $activ_mode_option = ''; foreach ($array as $key => $value) { $selected = $CONFIG_USER['activ_mbr'] == $key ? 'selected="selected"' : '';
$img_array = array(); $dh = @opendir($rep); while (!is_bool($lang = readdir($dh))) { if (preg_match('`\\.(gif|png|jpg|jpeg|tiff)+$`i', $lang)) { $img_array[] = $lang; } } closedir($dh); foreach ($img_array as $key => $img_path) { $selected = $img_path == $icon ? ' selected="selected"' : ''; $image_list .= '<option value="' . $img_path . '"' . ($img_direct_path ? '' : $selected) . '>' . $img_path . '</option>'; } } $Template->assign_block_vars('articles', array('IDARTICLES' => $id_post, 'TITLE' => $title, 'CATEGORIES' => $categories, 'IMG_PATH' => $img_direct_path ? $icon : '', 'IMG_ICON' => !empty($icon) ? '<img src="' . $icon . '" alt="" class="valign_middle" />' : '', 'IMG_LIST' => $image_list, 'CONTENTS' => $contents_preview, 'USER_ID' => $user_id, 'CURRENT_DATE' => $current_date, 'START' => !empty($start) && $visible == 2 ? $start : '', 'END' => !empty($end) && $visible == 2 ? $end : '', 'HOUR' => $hour, 'MIN' => $min, 'DAY_RELEASE_S' => !empty($start_timestamp) ? gmdate_format('d', $start_timestamp) : '', 'MONTH_RELEASE_S' => !empty($start_timestamp) ? gmdate_format('m', $start_timestamp) : '', 'YEAR_RELEASE_S' => !empty($start_timestamp) ? gmdate_format('Y', $start_timestamp) : '', 'DAY_RELEASE_E' => !empty($end_timestamp) ? gmdate_format('d', $end_timestamp) : '', 'MONTH_RELEASE_E' => !empty($end_timestamp) ? gmdate_format('m', $end_timestamp) : '', 'YEAR_RELEASE_E' => !empty($end_timestamp) ? gmdate_format('Y', $end_timestamp) : '', 'DAY_DATE' => !empty($current_date_timestamp) ? gmdate_format('d', $current_date_timestamp) : '', 'MONTH_DATE' => !empty($current_date_timestamp) ? gmdate_format('m', $current_date_timestamp) : '', 'YEAR_DATE' => !empty($current_date_timestamp) ? gmdate_format('Y', $current_date_timestamp) : '', 'VISIBLE_WAITING' => $visible == 2 ? 'checked="checked"' : '', 'VISIBLE_ENABLED' => $visible == 1 ? 'checked="checked"' : '', 'VISIBLE_UNAPROB' => $visible == 0 ? 'checked="checked"' : '')); $pseudo = $Sql->query("SELECT login FROM " . DB_TABLE_MEMBER . " WHERE user_id = '" . $user_id . "'", __LINE__, __FILE__); $Template->assign_block_vars('articles.preview', array('USER_ID' => $user_id, 'TITLE' => $title, 'CONTENTS' => second_parse(stripslashes(strparse($contents))), 'PSEUDO' => $pseudo, 'DATE' => gmdate_format('date_format_short'))); $Template->assign_vars(array('KERNEL_EDITOR' => display_editor(), 'L_REQUIRE_TITLE' => $LANG['require_title'], 'L_REQUIRE_TEXT' => $LANG['require_text'], 'L_REQUIRE_CAT' => $LANG['require_cat'], 'L_ARTICLES_MANAGEMENT' => $LANG['articles_management'], 'L_ARTICLES_ADD' => $LANG['articles_add'], 'L_ARTICLES_CAT' => $LANG['cat_management'], 'L_ARTICLES_CONFIG' => $LANG['articles_config'], 'L_ARTICLES_CAT_ADD' => $LANG['articles_cats_add'], 'L_PREVIEW' => $LANG['preview'], 'L_COM' => $LANG['com'], 'L_WRITTEN_BY' => $LANG['written_by'], 'L_ON' => $LANG['on'], 'L_EDIT_ARTICLE' => $LANG['edit_article'], 'L_REQUIRE' => $LANG['require'], 'L_PAGE_PROMPT' => $LANG['page_prompt'], 'L_CATEGORY' => $LANG['category'], 'L_TITLE' => $LANG['title'], 'L_ARTICLE_ICON' => $LANG['article_icon'], 'L_OR_DIRECT_PATH' => $LANG['or_direct_path'], 'L_VIEWS' => $LANG['views'], 'L_YES' => $LANG['yes'], 'L_NO' => $LANG['no'], 'L_ARTICLES_DATE' => $LANG['articles_date'], 'L_RELEASE_DATE' => $LANG['release_date'], 'L_IMMEDIATE' => $LANG['immediate'], 'L_UNAPROB' => $LANG['unaprob'], 'L_UNTIL' => $LANG['until'], 'L_TEXT' => $LANG['content'], 'L_EXPLAIN_PAGE' => $LANG['explain_page'], 'L_UPDATE' => $LANG['update'], 'L_RESET' => $LANG['reset'])); $Template->pparse('admin_articles_management'); } elseif (!empty($_POST['valid']) && !empty($id_post)) { $title = retrieve(POST, 'title', ''); $icon = retrieve(POST, 'icon', ''); $icon_path = retrieve(POST, 'icon_path', ''); $contents = retrieve(POST, 'contents', '', TSTRING_PARSE); $idcat = retrieve(POST, 'idcat', 0); $current_date = retrieve(POST, 'current_date', '', TSTRING_UNCHANGE); $start = retrieve(POST, 'start', '', TSTRING_UNCHANGE); $end = retrieve(POST, 'end', '', TSTRING_UNCHANGE); $hour = retrieve(POST, 'hour', '', TSTRING_UNCHANGE); $min = retrieve(POST, 'min', '', TSTRING_UNCHANGE); $get_visible = retrieve(POST, 'visible', 0); if (!empty($icon_path)) {
load_module_lang('forum'); define('TITLE', $LANG['administration']); require_once '../admin/admin_header.php'; require_once '../forum/forum_begin.php'; $idcat = retrieve(GET, 'idcat', 0); $class = retrieve(GET, 'id', 0); if (!empty($_POST['add'])) { $Cache->load('forum'); $parent_category = retrieve(POST, 'category', 0); $name = retrieve(POST, 'name', ''); $url = retrieve(POST, 'url', ''); $type = retrieve(POST, 'type', ''); $aprob = retrieve(POST, 'aprob', 0); $status = retrieve(POST, 'status', 0); $subname = retrieve(POST, 'desc', '', TSTRING_UNCHANGE); $subname = strparse($subname, array(4 => 'title', 5 => 'style', 8 => 'quote', 9 => 'hide', 10 => 'list', 15 => 'align', 16 => 'float', 19 => 'indent', 20 => 'pre', 21 => 'table', 22 => 'swf', 23 => 'movie', 24 => 'sound', 25 => 'code', 26 => 'math', 27 => 'anchor', 28 => 'acronym', 29 => 'block', 30 => 'fieldset', 31 => 'mail', 32 => 'line', 33 => 'wikipedia', 34 => 'html')); if ($type == 1) { $url = ''; $parent_category = 0; } elseif ($type == 2) { $url = ''; } else { $status = 1; } $array_auth_all = Authorizations::build_auth_array_from_form(READ_CAT_FORUM, WRITE_CAT_FORUM, EDIT_CAT_FORUM); if (!empty($name)) { if (isset($CAT_FORUM[$parent_category])) { $list_parent_cats = ''; $result = $Sql->query_while("SELECT id\n\t\t\tFROM " . PREFIX . "forum_cats\n\t\t\tWHERE id_left <= '" . $CAT_FORUM[$parent_category]['id_left'] . "' AND id_right >= '" . $CAT_FORUM[$parent_category]['id_right'] . "'", __LINE__, __FILE__); while ($row = $Sql->fetch_assoc($result)) { $list_parent_cats .= $row['id'] . ', ';
function shoutbox_mini($position, $block) { global $Cache, $LANG, $User, $CONFIG_SHOUTBOX, $nbr_members, $last_member_id, $last_member_login, $Sql; if (strpos(SCRIPT, '/shoutbox/shoutbox.php') === false) { load_module_lang('shoutbox'); $Cache->load('shoutbox'); ###########################Insertion############################## $shoutbox = retrieve(POST, 'shoutbox', false); if ($shoutbox) { if ($User->get_attribute('user_readonly') > time()) { $Errorh->handler('e_readonly', E_USER_REDIRECT); } $shout_pseudo = substr(retrieve(POST, 'shout_pseudo', $LANG['guest']), 0, 25); $shout_contents = retrieve(POST, 'shout_contents', '', TSTRING_UNCHANGE); if (!empty($shout_pseudo) && !empty($shout_contents)) { if ($User->check_level($CONFIG_SHOUTBOX['shoutbox_auth'])) { $check_time = $User->get_attribute('user_id') !== -1 && $CONFIG['anti_flood'] == 1 ? $Sql->query("SELECT MAX(timestamp) as timestamp FROM " . PREFIX . "shoutbox WHERE user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__) : ''; if (!empty($check_time) && !$User->check_max_value(AUTH_FLOOD)) { if ($check_time >= time() - $CONFIG['delay_flood']) { redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=flood', '', '&')); } } $shout_contents = strparse($shout_contents, $CONFIG_SHOUTBOX['shoutbox_forbidden_tags']); if (!check_nbr_links($shout_pseudo, 0)) { redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=lp_flood', '', '&')); } if (!check_nbr_links($shout_contents, $CONFIG_SHOUTBOX['shoutbox_max_link'])) { redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=l_flood', '', '&')); } $Sql->query_inject("INSERT INTO " . PREFIX . "shoutbox (login, user_id, level, contents, timestamp) VALUES ('" . $shout_pseudo . "', '" . $User->get_attribute('user_id') . "', '" . $User->get_attribute('level') . "', '" . $shout_contents . "', '" . time() . "')", __LINE__, __FILE__); redirect(HOST . url(SCRIPT . '?' . QUERY_STRING, '', '&')); } else { redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=auth', '', '&')); } } } ###########################Affichage############################## $tpl = new Template('shoutbox/shoutbox_mini.tpl'); import('core/menu_service'); MenuService::assign_positions_conditions($tpl, $block); if ($User->get_attribute('user_id') !== -1) { $tpl->assign_vars(array('SHOUTBOX_PSEUDO' => $User->get_attribute('login'), 'C_HIDDEN_SHOUT' => true)); } else { $tpl->assign_vars(array('SHOUTBOX_PSEUDO' => $LANG['guest'], 'C_VISIBLE_SHOUT' => true)); } $refresh_delay = empty($CONFIG_SHOUTBOX['shoutbox_refresh_delay']) ? 60 : $CONFIG_SHOUTBOX['shoutbox_refresh_delay']; $tpl->assign_vars(array('SID' => SID, 'SHOUT_REFRESH_DELAY' => (int) max($refresh_delay, 0), 'L_ALERT_TEXT' => $LANG['require_text'], 'L_ALERT_UNAUTH_POST' => $LANG['e_unauthorized'], 'L_ALERT_FLOOD' => $LANG['e_flood'], 'L_ALERT_LINK_FLOOD' => sprintf($LANG['e_l_flood'], $CONFIG_SHOUTBOX['shoutbox_max_link']), 'L_ALERT_LINK_PSEUDO' => $LANG['e_link_pseudo'], 'L_ALERT_INCOMPLETE' => $LANG['e_incomplete'], 'L_ALERT_READONLY' => $LANG['e_readonly'], 'L_DELETE_MSG' => $LANG['alert_delete_msg'], 'L_SHOUTBOX' => $LANG['title_shoutbox'], 'L_MESSAGE' => $LANG['message'], 'L_PSEUDO' => $LANG['pseudo'], 'L_SUBMIT' => $LANG['submit'], 'L_REFRESH' => $LANG['refresh'], 'L_ARCHIVES' => $LANG['archives'])); $array_class = array('member', 'modo', 'admin'); $result = $Sql->query_while("SELECT id, login, user_id, level, contents\n \tFROM " . PREFIX . "shoutbox\n \tORDER BY timestamp DESC\n \t" . $Sql->limit(0, 25), __LINE__, __FILE__); while ($row = $Sql->fetch_assoc($result)) { $row['user_id'] = (int) $row['user_id']; if ($User->check_level(MODO_LEVEL) || $row['user_id'] === $User->get_attribute('user_id') && $User->get_attribute('user_id') !== -1) { $del_message = '<script type="text/javascript"><!-- document.write(\'<a href="javascript:Confirm_del_shout(' . $row['id'] . ');" title="' . $LANG['delete'] . '"><img src="' . TPL_PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/delete_mini.png" alt="" /></a>\'); --></script><ins><noscript><p><a href="' . TPL_PATH_TO_ROOT . '/shoutbox/shoutbox' . url('.php?del=true&id=' . $row['id']) . '"><img src="' . TPL_PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/delete_mini.png" alt="" /></a></p></noscript></ins>'; } else { $del_message = ''; } if ($row['user_id'] !== -1) { $row['login'] = $del_message . ' <a style="font-size:10px;" class="' . $array_class[$row['level']] . '" href="' . TPL_PATH_TO_ROOT . '/member/member' . url('.php?id=' . $row['user_id'], '-' . $row['user_id'] . '.php') . '">' . (!empty($row['login']) ? wordwrap_html($row['login'], 16) : $LANG['guest']) . '</a>'; } else { $row['login'] = $del_message . ' <span class="text_small" style="font-style: italic;">' . (!empty($row['login']) ? wordwrap_html($row['login'], 16) : $LANG['guest']) . '</span>'; } $tpl->assign_block_vars('shout', array('IDMSG' => $row['id'], 'PSEUDO' => $row['login'], 'CONTENTS' => ucfirst(second_parse($row['contents'])))); } $Sql->query_close($result); return $tpl->parse(TEMPLATE_STRING_MODE); } return ''; }
redirect(HOST . SCRIPT . SID2 . '#m' . $previous_id); } elseif ($edit) { $Template->set_filenames(array('guestbook' => 'guestbook/guestbook.tpl')); if ($row['user_id'] !== -1) { $Template->assign_vars(array('C_HIDDEN_GUESTBOOK' => true, 'PSEUDO' => $row['login'])); } else { $Template->assign_vars(array('C_VISIBLE_GUESTBOOK' => true, 'PSEUDO' => $row['login'])); } $Template->assign_vars(array('UPDATE' => url('?update=1&id=' . $id_get . '&token=' . $Session->get_token()), 'CONTENTS' => unparse($row['contents']), 'KERNEL_EDITOR' => display_editor('guestbook_contents', $CONFIG_GUESTBOOK['guestbook_forbidden_tags']), 'DATE' => gmdate_format('date_format_short', $row['timestamp']), 'THEME' => get_utheme(), 'DISPLAY_FORBIDDEN_TAGS' => !empty($forbidden_tags) ? '[' . str_replace(', ', '], [', $forbidden_tags) . ']' : '', 'L_FORBIDDEN_TAGS' => !empty($forbidden_tags) ? $LANG['forbidden_tags'] : '', 'L_ALERT_TEXT' => $LANG['require_text'], 'L_UPDATE_MSG' => $LANG['update_msg'], 'L_REQUIRE' => $LANG['require'], 'L_MESSAGE' => $LANG['message'], 'L_PSEUDO' => $LANG['pseudo'], 'L_SUBMIT' => $LANG['update'], 'L_PREVIEW' => $LANG['preview'], 'L_RESET' => $LANG['reset'])); $Template->pparse('guestbook'); } elseif ($update) { $Session->csrf_get_protect(); $guestbook_contents = retrieve(POST, 'guestbook_contents', '', TSTRING_UNCHANGE); $guestbook_pseudo = retrieve(POST, 'guestbook_pseudo', $LANG['guest']); if (!empty($guestbook_contents) && !empty($guestbook_pseudo)) { $guestbook_contents = strparse($guestbook_contents, $CONFIG_GUESTBOOK['guestbook_forbidden_tags']); if (!check_nbr_links($guestbook_contents, $CONFIG_GUESTBOOK['guestbook_max_link'])) { redirect(HOST . SCRIPT . url('?error=l_flood', '', '&') . '#errorh'); } $Sql->query_inject("UPDATE " . PREFIX . "guestbook SET contents = '" . $guestbook_contents . "', login = '******' WHERE id = '" . $id_get . "'", __LINE__, __FILE__); $Cache->Generate_module_file('guestbook'); redirect(HOST . SCRIPT . SID2 . '#m' . $id_get); } else { $Errorh->handler('e_incomplete', E_USER_REDIRECT); } } else { redirect(HOST . SCRIPT . SID2); } } else { redirect(HOST . SCRIPT . SID2); }
if ($User->get_attribute('user_readonly') > time()) { echo -6; exit; } $shout_pseudo = !empty($_POST['pseudo']) ? strprotect(utf8_decode($_POST['pseudo'])) : $LANG['guest']; $shout_contents = !empty($_POST['contents']) ? trim(utf8_decode($_POST['contents'])) : ''; if (!empty($shout_pseudo) && !empty($shout_contents)) { if ($User->check_level($CONFIG_SHOUTBOX['shoutbox_auth'])) { $check_time = $User->get_attribute('user_id') !== -1 && $CONFIG['anti_flood'] == 1 ? $Sql->query("SELECT MAX(timestamp) as timestamp FROM " . PREFIX . "shoutbox WHERE user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__) : ''; if (!empty($check_time) && !$User->check_max_value(AUTH_FLOOD)) { if ($check_time >= time() - $CONFIG['delay_flood']) { echo -2; exit; } } $shout_contents = strparse($shout_contents, $CONFIG_SHOUTBOX['shoutbox_forbidden_tags']); if (!check_nbr_links($shout_pseudo, 0)) { echo -3; exit; } if (!check_nbr_links($shout_contents, $CONFIG_SHOUTBOX['shoutbox_max_link'])) { echo -4; exit; } $Sql->query_inject("INSERT INTO " . PREFIX . "shoutbox (login, user_id, level, contents, timestamp) VALUES('" . $shout_pseudo . "', '" . $User->get_attribute('user_id') . "', '" . $User->get_attribute('level') . "', '" . $shout_contents . "', '" . time() . "')", __LINE__, __FILE__); $last_msg_id = $Sql->insert_id("SELECT MAX(id) FROM " . PREFIX . "shoutbox"); $array_class = array('member', 'modo', 'admin'); if ($User->get_attribute('user_id') !== -1) { $shout_pseudo = '<a href="javascript:Confirm_del_shout(' . $last_msg_id . ');" title="' . $LANG['delete'] . '"><img src="../templates/' . get_utheme() . '/images/delete_mini.png" alt="" /></a> <a style="font-size:10px;" class="' . $array_class[$User->get_attribute('level')] . '" href="../member/member' . url('.php?id=' . $User->get_attribute('user_id'), '-' . $User->get_attribute('user_id') . '.php') . '">' . (!empty($shout_pseudo) ? wordwrap_html($shout_pseudo, 16) : $LANG['guest']) . '</a>'; } else { $shout_pseudo = '<span class="text_small" style="font-style: italic;">' . (!empty($shout_pseudo) ? wordwrap_html($shout_pseudo, 16) : $LANG['guest']) . '</span>';
function retrieve($var_type, $var_name, $default_value, $force_type = NULL, $flags = 0) { $var = null; switch ($var_type) { case GET: if (isset($_GET[$var_name])) { $var = $_GET[$var_name]; } break; case POST: if (isset($_POST[$var_name])) { $var = $_POST[$var_name]; } break; case REQUEST: if (isset($_REQUEST[$var_name])) { $var = $_REQUEST[$var_name]; } break; case COOKIE: if (isset($_COOKIE[$var_name])) { $var = $_COOKIE[$var_name]; } break; case FILES: if (isset($_FILES[$var_name])) { $var = $_FILES[$var_name]; } break; default: break; } if ($var === null || $flags & USE_DEFAULT_IF_EMPTY != 0 && empty($var)) { return $default_value; } $force_type = !isset($force_type) ? gettype($default_value) : $force_type; switch ($force_type) { case TINTEGER: return (int) $var; case TSTRING: return strprotect($var); case TSTRING_UNCHANGE: if (MAGIC_QUOTES) { $var = trim(stripslashes($var)); } else { $var = trim($var); } return (string) $var; case TSTRING_PARSE: return strparse($var); case TBOOL: return (bool) $var; case TUNSIGNED_INT: $var = (int) $var; return $var > 0 ? $var : max(0, $default_value); case TUNSIGNED_DOUBLE: $var = (double) $var; return $var > 0.0 ? $var : max(0.0, $default_value); case TSTRING_HTML: return strprotect($var, HTML_NO_PROTECT); case TSTRING_AS_RECEIVED: return (string) $var; case TARRAY: return (array) $var; case TDOUBLE: return (double) $var; case TNONE: return $var; default: return $default_value; } }
if ($file_size > 1) { $size_tpl = $file_size . ' ' . $LANG['unit_megabytes']; } elseif ($file_size > 0) { $size_tpl = $file_size * 1024 . ' ' . $LANG['unit_kilobytes']; } else { $size_tpl = $DOWNLOAD_LANG['unknown_size']; } $creation_calendar = new MiniCalendar('creation'); $creation_calendar->set_date($file_creation_date); $release_calendar = new MiniCalendar('release_date'); $release_calendar->set_date($file_release_date); if ($file_visibility < 0 || $file_visibility > 2) { $file_visibility = 0; } $Template->assign_vars(array('C_DISPLAY_DOWNLOAD' => true, 'C_IMG' => !empty($file_image), 'C_EDIT_AUTH' => false, 'MODULE_DATA_PATH' => $Template->get_module_data_path('download'), 'NAME' => stripslashes($file_title), 'CONTENTS' => second_parse(stripslashes(strparse($file_contents))), 'CREATION_DATE' => $file_creation_date->format(DATE_FORMAT_SHORT), 'RELEASE_DATE' => $file_release_date->get_timestamp() > 0 ? $file_release_date->format(DATE_FORMAT_SHORT) : $DOWNLOAD_LANG['unknown_date'], 'SIZE' => $size_tpl, 'COUNT' => $file_hits, 'THEME' => get_utheme(), 'HITS' => sprintf($DOWNLOAD_LANG['n_times'], (int) $file_hits), 'NUM_NOTES' => sprintf($DOWNLOAD_LANG['num_notes'], 0), 'U_IMG' => $file_image, 'IMAGE_ALT' => str_replace('"', '\\"', $file_title), 'LANG' => get_ulang(), 'CONTRIBUTION_COUNTERPART' => $contribution_counterpart_source, 'CONTRIBUTION_COUNTERPART_PREVIEW' => second_parse(stripslashes($contribution_counterpart)), 'FORCE_DOWNLOAD_SELECTED' => $file_download_method == 'force_download' ? ' selected="selected"' : '', 'REDIRECTION_SELECTED' => $file_download_method != 'force_download' ? ' selected="selected"' : '', 'L_DATE' => $LANG['date'], 'L_SIZE' => $LANG['size'], 'L_DOWNLOAD' => $DOWNLOAD_LANG['download'], 'L_DOWNLOAD_FILE' => $DOWNLOAD_LANG['download_file'], 'L_FILE_INFOS' => $DOWNLOAD_LANG['file_infos'], 'L_INSERTION_DATE' => $DOWNLOAD_LANG['insertion_date'], 'L_RELEASE_DATE' => $DOWNLOAD_LANG['release_date'], 'L_DOWNLOADED' => $DOWNLOAD_LANG['downloaded'], 'L_NOTE' => $LANG['note'], 'APPROVED' => ' checked="checked"', 'U_DOWNLOAD_FILE' => url('count.php?id=' . $edit_file_id, 'file-' . $edit_file_id . '+' . url_encode_rewrite($file_title) . '.php'))); $Template->assign_vars(array('C_CONTRIBUTION' => !$auth_write, 'TITLE' => stripslashes($file_title), 'COUNT' => $file_hits, 'DESCRIPTION' => htmlspecialchars(stripslashes($file_contents), ENT_COMPAT, 'ISO-8859-1'), 'SHORT_DESCRIPTION' => htmlspecialchars(stripslashes($file_short_contents), ENT_COMPAT, 'ISO-8859-1'), 'FILE_IMAGE' => $file_image, 'URL' => $file_url, 'SIZE_FORM' => $file_size, 'DATE' => $file_creation_date->format(DATE_FORMAT_SHORT, TIMEZONE_AUTO), 'CATEGORIES_TREE' => $auth_write ? $download_categories->build_select_form($file_cat_id, 'idcat', 'idcat', 0, DOWNLOAD_WRITE_CAT_AUTH_BIT, $CONFIG_DOWNLOAD['global_auth'], IGNORE_AND_CONTINUE_BROWSING_IF_A_CATEGORY_DOES_NOT_MATCH) : $download_categories->build_select_form($file_cat_id, 'idcat', 'idcat', 0, DOWNLOAD_CONTRIBUTION_CAT_AUTH_BIT, $CONFIG_DOWNLOAD['global_auth'], IGNORE_AND_CONTINUE_BROWSING_IF_A_CATEGORY_DOES_NOT_MATCH), 'SHORT_DESCRIPTION_PREVIEW' => second_parse(stripslashes(strparse($file_short_contents))), 'VISIBLE_WAITING' => $file_visibility == 2 ? ' checked="checked"' : '', 'VISIBLE_ENABLED' => $file_visibility == 1 ? ' checked="checked"' : '', 'VISIBLE_HIDDEN' => $file_visibility == 0 ? ' checked="checked"' : '', 'APPROVED' => $file_approved ? ' checked="checked"' : '', 'DATE_CALENDAR_CREATION' => $creation_calendar->display(), 'DATE_CALENDAR_RELEASE' => $release_calendar->display(), 'BOOL_IGNORE_RELEASE_DATE' => $ignore_release_date ? 'true' : 'false', 'STYLE_FIELD_RELEASE_DATE' => $ignore_release_date ? 'none' : 'block', 'IGNORE_RELEASE_DATE_CHECKED' => $ignore_release_date ? ' checked="checked"' : '', 'BEGINING_CALENDAR' => $begining_calendar->display(), 'END_CALENDAR' => $end_calendar->display())); } else { $file_creation_date = new Date(DATE_NOW, TIMEZONE_AUTO); $file_release_date = new Date(DATE_NOW, TIMEZONE_AUTO); $creation_calendar = new MiniCalendar('creation'); $creation_calendar->set_date($file_creation_date); $release_calendar = new MiniCalendar('release_date'); $ignore_release_date = false; if (!$ignore_release_date) { $release_calendar->set_date($file_release_date); } $begining_calendar = new MiniCalendar('begining_date'); $end_calendar = new MiniCalendar('end_date'); $end_calendar->set_style('margin-left:150px;'); $begining_calendar->set_date(new Date(DATE_NOW, TIMEZONE_AUTO)); $end_calendar->set_date(new Date(DATE_NOW, TIMEZONE_AUTO));
$Template->assign_vars(array('C_FORUM_POST_TYPE' => true, 'CHECKED_NORMAL' => $type == 0 ? 'checked="ckecked"' : '', 'CHECKED_POSTIT' => $type == 1 ? 'checked="ckecked"' : '', 'CHECKED_ANNONCE' => $type == 2 ? 'checked="ckecked"' : '', 'L_TYPE' => '* ' . $LANG['type'], 'L_DEFAULT' => $LANG['default'], 'L_POST_IT' => $LANG['forum_postit'], 'L_ANOUNCE' => $LANG['forum_announce'])); } $nbr_poll_field = 0; for ($i = 0; $i < 20; $i++) { $answer = retrieve(POST, 'a' . $i, ''); if (!empty($anwser)) { $Template->assign_block_vars('answers_poll', array('ID' => $i, 'ANSWER' => stripslashes($anwser))); $nbr_poll_field++; } } for ($i = $nbr_poll_field; $i < 5; $i++) { $Template->assign_block_vars('answers_poll', array('ID' => $i, 'ANSWER' => '')); $nbr_poll_field++; } $poll_type = retrieve(POST, 'poll_type', 0); $Template->assign_vars(array('THEME' => get_utheme(), 'LANG' => get_ulang(), 'FORUM_NAME' => $CONFIG_FORUM['forum_name'], 'SID' => SID, 'MODULE_DATA_PATH' => $Template->get_module_data_path('forum'), 'TITLE' => $title, 'DESC' => $subtitle, 'CONTENTS' => $contents, 'KERNEL_EDITOR' => display_editor(), 'POLL_QUESTION' => $question, 'IDTOPIC' => 0, 'SELECTED_SIMPLE' => 'checked="ckecked"', 'NO_DISPLAY_POLL' => !empty($question) ? 'false' : 'true', 'NBR_POLL_FIELD' => $nbr_poll_field, 'SELECTED_SIMPLE' => $poll_type == 0 ? 'checked="ckecked"' : '', 'SELECTED_MULTIPLE' => $poll_type == 1 ? 'checked="ckecked"' : '', 'DATE' => $LANG['on'] . ' ' . gmdate_format('date_format'), 'CONTENTS_PREVIEW' => second_parse(stripslashes(strparse($contents))), 'C_FORUM_PREVIEW_MSG' => true, 'C_DELETE_POLL' => $is_modo ? true : false, 'C_ADD_POLL_FIELD' => $nbr_poll_field <= 19 ? true : false, 'U_ACTION' => 'post.php' . url('?update=1&new=msg&id=' . $id_get . '&idt=' . $idt_get . '&idm=' . $id_m . '&token=' . $Session->get_token()), 'U_FORUM_CAT' => '<a href="forum' . url('.php?id=' . $id_get, '-' . $id_get . '.php') . '">' . $CAT_FORUM[$id_get]['name'] . '</a>', 'U_TITLE_T' => '<a href="topic' . url('.php?id=' . $idt_get, '-' . $idt_get . '.php') . '">' . $title . '</a>', 'L_ACTION' => $LANG['forum_edit_subject'], 'L_REQUIRE' => $LANG['require'], 'L_REQUIRE_TEXT' => $LANG['require_text'], 'L_REQUIRE_TITLE' => $LANG['require_title'], 'L_REQUIRE_TITLE_POLL' => $LANG['require_title_poll'], 'L_FORUM_INDEX' => $LANG['forum_index'], 'L_TITLE' => $LANG['title'], 'L_DESC' => $LANG['description'], 'L_MESSAGE' => $LANG['message'], 'L_SUBMIT' => $LANG['update'], 'L_PREVIEW' => $LANG['preview'], 'L_RESET' => $LANG['reset'], 'L_POLL' => $LANG['poll'], 'L_OPEN_MENU_POLL' => $LANG['open_menu_poll'], 'L_QUESTION' => $LANG['question'], 'L_POLL_TYPE' => $LANG['poll_type'], 'L_ANSWERS' => $LANG['answers'], 'L_SINGLE' => $LANG['simple_answer'], 'L_MULTIPLE' => $LANG['multiple_answer'], 'L_DELETE_POLL' => $LANG['delete_poll'])); $Template->pparse('forum_post'); } else { $Template->set_filenames(array('forum_post' => 'forum/forum_post.tpl', 'forum_top' => 'forum/forum_top.tpl', 'forum_bottom' => 'forum/forum_bottom.tpl')); $contents = $Sql->query("SELECT contents FROM " . PREFIX . "forum_msg WHERE id = '" . $id_first . "'", __LINE__, __FILE__); $get_error_e = retrieve(GET, 'errore', ''); if ($get_error_e == 'incomplete_t') { $Errorh->handler($LANG['e_incomplete'], E_USER_NOTICE); } if ($is_modo) { $Template->assign_vars(array('C_FORUM_POST_TYPE' => true, 'CHECKED_NORMAL' => $topic['type'] == '0' ? 'checked="ckecked"' : '', 'CHECKED_POSTIT' => $topic['type'] == '1' ? 'checked="ckecked"' : '', 'CHECKED_ANNONCE' => $topic['type'] == '2' ? 'checked="ckecked"' : '', 'L_TYPE' => '* ' . $LANG['type'], 'L_DEFAULT' => $LANG['default'], 'L_POST_IT' => $LANG['forum_postit'], 'L_ANOUNCE' => $LANG['forum_announce'])); } $poll = $Sql->query_array(PREFIX . 'forum_poll', 'question', 'answers', 'votes', 'type', "WHERE idtopic = '" . $idt_get . "'", __LINE__, __FILE__); $array_answer = explode('|', $poll['answers']); $array_votes = explode('|', $poll['votes']); $module_data_path = $Template->get_module_data_path('forum');
$Sql->query_inject("UPDATE " . DB_TABLE_PM_MSG . " SET contents = '" . $contents . "', timestamp = '" . time() . "' WHERE id = '" . $pm_edit . "'", __LINE__, __FILE__); } else { $Errorh->handler('e_auth', E_USER_REDIRECT); } } else { $Errorh->handler('e_incomplete', E_USER_REDIRECT); } redirect(HOST . DIR . '/member/pm' . url('.php?id=' . $pm['idconvers'], '-0-' . $pm['idconvers'] . '.php', '&') . '#m' . $pm_edit); } else { $Template->set_filenames(array('pm' => 'member/pm.tpl')); $Template->assign_vars(array('LANG' => get_ulang(), 'THEME' => get_utheme(), 'KERNEL_EDITOR' => display_editor(), 'L_REQUIRE_MESSAGE' => $LANG['require_text'], 'L_REQUIRE' => $LANG['require'], 'L_EDIT' => $LANG['edit'], 'L_PRIVATE_MESSAGE' => $LANG['private_message'], 'L_MESSAGE' => $LANG['message'], 'L_SUBMIT' => $LANG['update'], 'L_PREVIEW' => $LANG['preview'], 'L_RESET' => $LANG['reset'])); $contents = retrieve(POST, 'contents', '', TSTRING_UNCHANGE); $title = retrieve(POST, 'title', '', TSTRING_UNCHANGE); $Template->assign_block_vars('edit_pm', array('CONTENTS' => (!empty($_POST['prw_convers']) xor !empty($_POST['prw'])) ? $contents : unparse($pm['contents']), 'U_ACTION_EDIT' => url('.php?edit=' . $pm_edit . '&token=' . $Session->get_token()), 'U_PM_BOX' => '<a href="pm.php' . SID . '">' . $LANG['pm_box'] . '</a>', 'U_USER_VIEW' => '<a href="' . url('member.php?id=' . $User->get_attribute('user_id') . '&view=1', 'member-' . $User->get_attribute('user_id') . '.php?view=1') . '">' . $LANG['member_area'] . '</a>')); if (!empty($_POST['prw_convers']) xor !empty($_POST['prw'])) { $Template->assign_block_vars('edit_pm.show_pm', array('DATE' => gmdate_format('date_format'), 'CONTENTS' => second_parse(stripslashes(strparse($_POST['contents']))))); } if ($id_first == $pm_edit) { $Template->assign_vars(array('SUBMIT_NAME' => 'convers', 'L_TITLE' => $LANG['title'])); $Template->assign_block_vars('edit_pm.title', array('TITLE' => (!empty($_POST['prw_convers']) xor !empty($_POST['prw'])) ? $title : $convers['title'])); } else { $Template->assign_vars(array('SUBMIT_NAME' => 'edit_pm')); } $Template->pparse('pm'); } } else { $Errorh->handler('e_pm_noedit', E_USER_REDIRECT); } } else { $Errorh->handler('e_auth', E_USER_REDIRECT); }
if ($news_size > 1) { $size_tpl = $news_size . ' ' . $LANG['unit_megabytes']; } elseif ($news_size > 0) { $size_tpl = $news_size * 1024 . ' ' . $LANG['unit_kilobytes']; } else { $size_tpl = $NEWS_LANG['unknown_size']; } $creation_calendar = new MiniCalendar('creation'); $creation_calendar->set_date($news_creation_date); $release_calendar = new MiniCalendar('release_date'); $release_calendar->set_date($news_release_date); if ($news_visibility < 0 || $news_visibility > 2) { $news_visibility = 0; } $Template->assign_vars(array('C_DISPLAY_NEWS' => true, 'C_IMG' => !empty($news_image), 'C_EDIT_AUTH' => false, 'MODULE_DATA_PATH' => $Template->get_module_data_path('news'), 'NAME' => stripslashes($news_title), 'CONTENTS' => second_parse(stripslashes(strparse($news_contents))), 'CREATION_DATE' => $news_creation_date->format(DATE_FORMAT_SHORT), 'RELEASE_DATE' => $news_release_date->get_timestamp() > 0 ? $news_release_date->format(DATE_FORMAT_SHORT) : $NEWS_LANG['unknown_date'], 'SIZE' => $size_tpl, 'COUNT' => $news_hits, 'THEME' => get_utheme(), 'HITS' => sprintf($NEWS_LANG['n_times'], (int) $news_hits), 'NUM_NOTES' => sprintf($NEWS_LANG['num_notes'], 0), 'U_IMG' => $news_image, 'IMAGE_ALT' => str_replace('"', '\\"', $news_title), 'LANG' => get_ulang(), 'L_DATE' => $LANG['date'], 'L_SIZE' => $LANG['size'], 'L_NEWS' => $NEWS_LANG['news'], 'L_NEWS_FILE' => $NEWS_LANG['news_news'], 'L_FILE_INFOS' => $NEWS_LANG['news_infos'], 'L_INSERTION_DATE' => $NEWS_LANG['insertion_date'], 'L_RELEASE_DATE' => $NEWS_LANG['release_date'], 'L_NEWSED' => $NEWS_LANG['newsed'], 'L_NOTE' => $LANG['note'], 'U_NEWS_FILE' => url('count.php?id=' . $edit_news_id, 'news-' . $edit_news_id . '+' . url_encode_rewrite($news_title) . '.php'))); $Template->assign_vars(array('TITLE' => stripslashes($news_title), 'COUNT' => $news_hits, 'DESCRIPTION' => $news_contents, 'SHORT_DESCRIPTION' => $news_short_contents, 'FILE_IMAGE' => $news_image, 'URL' => $news_url, 'SIZE_FORM' => $news_size, 'DATE' => $news_creation_date->format(DATE_FORMAT_SHORT, TIMEZONE_AUTO), 'CATEGORIES_TREE' => $news_categories->build_select_form($news_cat_id, 'idcat', 'idcat', 0, WRITE_CAT_NEWS, $CONFIG_NEWS['global_auth'], IGNORE_AND_CONTINUE_BROWSING_IF_A_CATEGORY_DOES_NOT_MATCH), 'SHORT_DESCRIPTION_PREVIEW' => second_parse(stripslashes(strparse($news_short_contents))), 'VISIBLE_WAITING' => $news_visibility == 2 ? ' checked="checked"' : '', 'VISIBLE_ENABLED' => $news_visibility == 1 ? ' checked="checked"' : '', 'VISIBLE_UNAPROVED' => $news_visibility == 0 ? ' checked="checked"' : '', 'DATE_CALENDAR_CREATION' => $creation_calendar->display(), 'DATE_CALENDAR_RELEASE' => $release_calendar->display(), 'BOOL_IGNORE_RELEASE_DATE' => $ignore_release_date ? 'true' : 'false', 'STYLE_FIELD_RELEASE_DATE' => $ignore_release_date ? 'none' : 'block', 'IGNORE_RELEASE_DATE_CHECKED' => $ignore_release_date ? ' checked="checked"' : '', 'BEGINING_CALENDAR' => $begining_calendar->display(), 'END_CALENDAR' => $end_calendar->display())); } else { $news_creation_date = new Date(DATE_NOW, TIMEZONE_AUTO); $news_release_date = new Date(DATE_NOW, TIMEZONE_AUTO); $creation_calendar = new MiniCalendar('creation'); $creation_calendar->set_date($news_creation_date); $release_calendar = new MiniCalendar('release_date'); $ignore_release_date = false; if (!$ignore_release_date) { $release_calendar->set_date($news_release_date); } $begining_calendar = new MiniCalendar('begining_date'); $end_calendar = new MiniCalendar('end_date'); $end_calendar->set_style('margin-left:150px;'); $begining_calendar->set_date(new Date(DATE_NOW, TIMEZONE_AUTO)); $end_calendar->set_date(new Date(DATE_NOW, TIMEZONE_AUTO));
$media_categories->recount_media_per_cat($media['idcat']); if ($media['approved']) { import('events/contribution'); import('events/contribution_service'); $corresponding_contributions = ContributionService::find_by_criteria('media', $media['idedit']); if (count($corresponding_contributions) > 0) { $media_contribution = $corresponding_contributions[0]; $media_contribution->set_status(EVENT_STATUS_PROCESSED); ContributionService::save_contribution($media_contribution); } } import('content/syndication/feed'); Feed::clear_cache('media'); redirect_confirm('media' . url('.php?id=' . $media['idedit']), $MEDIA_LANG['edit_success'], TIME_REDIRECT); } elseif (!$media['idedit'] && (($auth_write = $User->check_auth($auth_cat, MEDIA_AUTH_WRITE)) || $User->check_auth($auth_cat, MEDIA_AUTH_CONTRIBUTION))) { $Sql->query_inject("INSERT INTO " . PREFIX . "media (idcat, iduser, timestamp, name, contents, url, mime_type, infos, width, height, users_note) VALUES ('" . $media['idcat'] . "', '" . $User->Get_attribute('user_id') . "', '" . time() . "', '" . $media['name'] . "', '" . strparse($media['contents']) . "', '" . $media['url'] . "', '" . $media['mime_type'] . "', " . "'" . ($User->check_auth($auth_cat, MEDIA_AUTH_WRITE) ? MEDIA_STATUS_APROBED : 0) . "', '" . $media['width'] . "', '" . $media['height'] . "', '')", __LINE__, __FILE__); $new_id_media = $Sql->insert_id("SELECT MAX(id) FROM " . PREFIX . "media"); $media_categories->recount_media_per_cat($media['idcat']); import('content/syndication/feed'); Feed::clear_cache('media'); if (!$auth_write) { import('events/contribution'); import('events/contribution_service'); $media_contribution = new Contribution(); $media_contribution->set_id_in_module($new_id_media); $media_contribution->set_description(stripslashes($media['counterpart'])); $media_contribution->set_entitled(stripslashes(sprintf($MEDIA_LANG['contribution_entitled'], $media['name']))); $media_contribution->set_fixing_url('/media/media_action.php?edit=' . $new_id_media); $media_contribution->set_poster_id($User->get_attribute('user_id')); $media_contribution->set_module('media'); $media_contribution->set_auth(Authorizations::capture_and_shift_bit_auth(Authorizations::merge_auth($MEDIA_CATS[0]['auth'], $media_categories->compute_heritated_auth($media['idcat'], MEDIA_AUTH_WRITE, AUTH_CHILD_PRIORITY), MEDIA_AUTH_WRITE, AUTH_CHILD_PRIORITY), MEDIA_AUTH_WRITE, CONTRIBUTION_AUTH_BIT));
redirect(HOST . DIR . '/member/register' . url('.php?error=incomplete') . '#errorh'); } if (is_numeric($row['regex']) && $row['regex'] >= 1 && $row['regex'] <= 5) { $array_regex = array(1 => '`^[0-9]+$`', 2 => '`^[a-z]+$`', 3 => '`^[a-z0-9]+$`', 4 => '`^[a-z0-9._-]+@(?:[a-z0-9_-]{2,}\\.)+[a-z]{2,4}$`i', 5 => '`^http(s)?://[a-z0-9._/-]+\\.[-[:alnum:]]+\\.[a-zA-Z]{2,4}(.*)$`i'); $row['regex'] = $array_regex[$row['regex']]; } $valid_field = true; if (!empty($row['regex']) && $row['field'] <= 2) { if (@preg_match($row['regex'], $field)) { $valid_field = true; } else { $valid_field = false; } } if ($row['field'] == 2) { $field = strparse($field); } elseif ($row['field'] == 4) { $array_field = is_array($field) ? $field : array(); $field = ''; foreach ($array_field as $value) { $field .= strprotect($value) . '|'; } } elseif ($row['field'] == 6) { $field = ''; $i = 0; $array_possible_values = explode('|', $row['possible_values']); foreach ($array_possible_values as $value) { $field .= !empty($_POST[$row['field_name'] . '_' . $i]) ? addslashes($_POST[$row['field_name'] . '_' . $i]) . '|' : ''; $i++; } if ($row['required'] && empty($field)) {
} if ($end_timestamp > time() && $end_timestamp > $start_timestamp) { $visible = 2; } else { $end = ''; } } elseif ($get_visible == 1) { $start = ''; $end = ''; } else { $visible = 0; $start = ''; $end = ''; } $pseudo = $Sql->query("SELECT login FROM " . DB_TABLE_MEMBER . " WHERE user_id = " . $User->get_attribute('user_id'), __LINE__, __FILE__); $Template->assign_vars(array('C_ARTICLES_PREVIEW' => true, 'TITLE_PRW' => $title, 'DATE_PRW' => gmdate_format('date_format_short'), 'CONTENTS_PRW' => second_parse(stripslashes(strparse($contents))), 'PSEUDO_PRW' => $pseudo)); $i = 0; $categories = '<option value="0" %s>' . $LANG['root'] . '</option>'; $result = $Sql->query_while("SELECT id, level, name \n\tFROM " . PREFIX . "articles_cats\n\tORDER BY id_left", __LINE__, __FILE__); while ($row = $Sql->fetch_assoc($result)) { $margin = $row['level'] > 0 ? str_repeat('--------', $row['level']) : '--'; $selected = $row['id'] == $idcat ? 'selected="selected"' : ''; $categories .= '<option value="' . $row['id'] . '" ' . $selected . '>' . $margin . ' ' . $row['name'] . '</option>'; $i++; } $Sql->query_close($result); $img_direct_path = strpos($icon, '/') !== false; $image_list = '<option value=""' . ($img_direct_path ? ' selected="selected"' : '') . '>--</option>'; import('io/filesystem/folder'); $image_list = '<option value="">--</option>'; $image_folder_path = new Folder('./');
function pages_parse($contents) { $contents = strparse($contents); $contents = preg_replace('`\\[link=([a-z0-9+#-]+)\\](.+)\\[/link\\]`isU', '<a href="/pages/$1">$2</a>', $contents); return (string) $contents; }
function display($integrated_in_environment = INTEGRATED_IN_ENVIRONMENT, $Template = false, $page_path_to_root = '') { global $Cache, $User, $Errorh, $Sql, $LANG, $CONFIG, $CONFIG_USER, $CONFIG_COM, $_array_rank, $_array_groups_auth, $Session; if ($integrated_in_environment) { $idcom_get = retrieve(GET, 'com', 0); $idcom_post = retrieve(POST, 'idcom', 0); $idcom = $idcom_post > 0 ? $idcom_post : $idcom_get; $this->set_arg($idcom); } $vars_simple = sprintf($this->vars, 0); $delcom = retrieve(GET, 'delcom', 0); $editcom = retrieve(GET, 'editcom', 0); $updatecom = retrieve(GET, 'updatecom', false); $path_redirect = $this->path . sprintf(str_replace('&', '&', $this->vars), 0) . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : ''); if (!is_object($Template) || strtolower(get_class($Template)) != 'template') { $Template = new Template('framework/content/com.tpl'); } if ($this->is_loaded()) { $Cache->load('com'); import('util/captcha'); $captcha = new Captcha(); $captcha->set_difficulty($CONFIG_COM['com_verif_code_difficulty']); ###########################Insertion############################## if (retrieve(POST, 'valid_com', false) && !$updatecom) { if ($User->get_attribute('user_readonly') > time()) { $Errorh->handler('e_auth', E_USER_REDIRECT); } $login = retrieve(POST, 'login', ''); $contents = retrieve(POST, 'contents', '', TSTRING_UNCHANGE); if (!empty($login) && !empty($contents)) { if ($this->lock_com >= 1 && !$User->check_level(MODO_LEVEL)) { redirect($path_redirect); } if ($User->check_level($CONFIG_COM['com_auth'])) { $check_time = $User->get_attribute('user_id') !== -1 && $CONFIG['anti_flood'] == 1 ? $Sql->query("SELECT MAX(timestamp) as timestamp FROM " . DB_TABLE_COM . " WHERE user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__) : ''; if (!empty($check_time) && !$User->check_max_value(AUTH_FLOOD)) { if ($check_time >= time() - $CONFIG['delay_flood']) { redirect($path_redirect . '&errorh=flood#errorh'); } } if ($CONFIG_COM['com_verif_code'] && !$captcha->is_valid()) { redirect($path_redirect . '&errorh=verif#errorh'); } $contents = strparse($contents, $CONFIG_COM['forbidden_tags']); if (!check_nbr_links($login, 0)) { redirect($path_redirect . '&errorh=l_pseudo#errorh'); } if (!check_nbr_links($contents, $CONFIG_COM['max_link'])) { redirect($path_redirect . '&errorh=l_flood#errorh'); } $last_idcom = $this->add($contents, $login); redirect($path_redirect . '#m' . $last_idcom); } else { redirect($path_redirect . '&errorh=auth#errorh'); } } else { redirect($path_redirect . '&errorh=incomplete#errorh'); } } elseif ($updatecom || $delcom > 0 || $editcom > 0) { if ($User->get_attribute('user_readonly') > time()) { $Errorh->handler('e_auth', E_USER_REDIRECT); } $row = $Sql->query_array(DB_TABLE_COM, '*', "WHERE idcom = '" . $this->idcom . "' AND idprov = '" . $this->idprov . "' AND script = '" . $this->script . "'", __LINE__, __FILE__); $row['user_id'] = (int) $row['user_id']; if ($this->idcom != 0 && ($User->check_level(MODO_LEVEL) || $row['user_id'] === $User->get_attribute('user_id') && $User->get_attribute('user_id') !== -1)) { if ($delcom > 0) { $Session->csrf_get_protect(); $lastid_com = $this->del(); $lastid_com = !empty($lastid_com) ? '#m' . $lastid_com : ''; redirect($path_redirect . $lastid_com); } elseif ($editcom > 0) { $Template->assign_vars(array('CURRENT_PAGE_COM' => $integrated_in_environment, 'POPUP_PAGE_COM' => !$integrated_in_environment, 'AUTH_POST_COM' => true)); if ($row['user_id'] !== -1) { $Template->assign_vars(array('C_HIDDEN_COM' => true, 'LOGIN' => $User->get_attribute('login'))); } else { $Template->assign_vars(array('C_VISIBLE_COM' => true, 'LOGIN' => $row['login'])); } $Template->assign_vars(array('IDPROV' => $row['idprov'], 'IDCOM' => $row['idcom'], 'SCRIPT' => $this->script, 'CONTENTS' => unparse($row['contents']), 'DATE' => gmdate_format('date_format', $row['timestamp']), 'THEME' => get_utheme(), 'KERNEL_EDITOR' => display_editor($this->script . 'contents', $CONFIG_COM['forbidden_tags']), 'L_LANGUAGE' => substr(get_ulang(), 0, 2), 'L_EDIT_COMMENT' => $LANG['edit_comment'], 'L_REQUIRE_LOGIN' => $LANG['require_pseudo'], 'L_REQUIRE_TEXT' => $LANG['require_text'], 'L_DELETE_MESSAGE' => $LANG['alert_delete_msg'], 'L_LOGIN' => $LANG['pseudo'], 'L_MESSAGE' => $LANG['message'], 'L_RESET' => $LANG['reset'], 'L_PREVIEW' => $LANG['preview'], 'L_PREVIEW' => $LANG['preview'], 'L_SUBMIT' => $LANG['update'], 'U_ACTION' => $this->path . sprintf($this->vars, $this->idcom) . '&token=' . $Session->get_token() . '&updatecom=1' . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : ''))); } elseif ($updatecom) { $contents = retrieve(POST, 'contents', '', TSTRING_UNCHANGE); $login = retrieve(POST, 'login', ''); if (!empty($contents) && !empty($login)) { $contents = strparse($contents, $CONFIG_COM['forbidden_tags']); if (!check_nbr_links($contents, $CONFIG_COM['max_link'])) { redirect($path_redirect . '&errorh=l_flood#errorh'); } $this->update($contents, $login); redirect($path_redirect . '#m' . $this->idcom); } else { redirect($path_redirect . '&errorh=incomplete#errorh'); } } else { redirect($path_redirect . '&errorh=incomplete#errorh'); } } else { $Errorh->handler('e_auth', E_USER_REDIRECT); } } elseif (isset($_GET['lock']) && $User->check_level(MODO_LEVEL)) { $Session->csrf_get_protect(); if ($User->check_level(MODO_LEVEL)) { $lock = retrieve(GET, 'lock', 0); $this->lock($lock); } redirect($path_redirect . '#anchor_' . $this->script); } else { ###########################Affichage############################## $get_quote = retrieve(GET, 'quote', 0); $contents = ''; if ($get_quote > 0) { $info_com = $Sql->query_array(DB_TABLE_COM, 'login', 'contents', "WHERE script = '" . $this->script . "' AND idprov = '" . $this->idprov . "' AND idcom = '" . $get_quote . "'", __LINE__, __FILE__); $contents = '[quote=' . $info_com['login'] . ']' . $info_com['contents'] . '[/quote]'; } import('util/pagination'); $pagination = new Pagination(); $Template->assign_vars(array('ERROR_HANDLER' => '', 'CURRENT_PAGE_COM' => $integrated_in_environment, 'POPUP_PAGE_COM' => !$integrated_in_environment)); if ($User->check_level(MODO_LEVEL)) { $Template->assign_vars(array('COM_LOCK' => true, 'IMG' => $this->lock_com >= 1 ? 'unlock' : 'lock', 'L_LOCK' => $this->lock_com >= 1 ? $LANG['unlock'] : $LANG['lock'], 'U_LOCK' => $this->path . ($this->lock_com >= 1 ? $vars_simple . '&lock=0&token=' . $Session->get_token() : $vars_simple . '&lock=1&token=' . $Session->get_token()) . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : ''))); } $get_error = !empty($_GET['errorh']) ? trim($_GET['errorh']) : ''; $errno = E_USER_NOTICE; switch ($get_error) { case 'auth': $errstr = $LANG['e_unauthorized']; $errno = E_USER_WARNING; break; case 'verif': $errstr = $LANG['e_incorrect_verif_code']; $errno = E_USER_WARNING; break; case 'l_flood': $errstr = sprintf($LANG['e_l_flood'], $CONFIG_COM['max_link']); break; case 'l_pseudo': $errstr = $LANG['e_link_pseudo']; break; case 'flood': $errstr = $LANG['e_flood']; break; case 'incomplete': $errstr = $LANG['e_incomplete']; break; default: $errstr = ''; } $Errorh->set_template($Template); if (!empty($errstr)) { $Template->assign_vars(array('ERROR_HANDLER' => $Errorh->display($errstr, E_USER_NOTICE))); } if (!$this->lock_com || $User->check_level(MODO_LEVEL)) { if ($captcha->is_available() && $CONFIG_COM['com_verif_code']) { $Template->assign_vars(array('C_VERIF_CODE' => true, 'VERIF_CODE' => $captcha->display_form(), 'L_REQUIRE_VERIF_CODE' => $captcha->js_require())); } if ($User->check_level($CONFIG_COM['com_auth'])) { $Template->assign_vars(array('AUTH_POST_COM' => true)); } else { $Template->assign_vars(array('ERROR_HANDLER' => $Errorh->display($LANG['e_unauthorized'], E_USER_NOTICE))); } if ($User->get_attribute('user_id') !== -1) { $Template->assign_vars(array('C_HIDDEN_COM' => true, 'LOGIN' => $User->get_attribute('login'))); } else { $Template->assign_vars(array('C_VISIBLE_COM' => true, 'LOGIN' => $LANG['guest'])); } } else { $Template->assign_vars(array('ERROR_HANDLER' => $Errorh->display($LANG['com_locked'], E_USER_NOTICE))); } $get_pos = strpos($_SERVER['QUERY_STRING'], '&pc'); if ($get_pos) { $get_page = substr($_SERVER['QUERY_STRING'], 0, $get_pos) . '&pc'; } else { $get_page = $_SERVER['QUERY_STRING'] . '&pc'; } $is_modo = $User->check_level(MODO_LEVEL); $Template->assign_vars(array('C_COM_DISPLAY' => $this->get_attribute('nbr_com') > 0 ? true : false, 'C_IS_MODERATOR' => $is_modo, 'PAGINATION_COM' => $pagination->display($this->path . $vars_simple . '&pc=%d#anchor_' . $this->script, $this->nbr_com, 'pc', $CONFIG_COM['com_max'], 3), 'LANG' => get_ulang(), 'IDCOM' => '', 'IDPROV' => $this->idprov, 'SCRIPT' => $this->script, 'PATH' => SCRIPT, 'UPDATE' => $integrated_in_environment == true ? SID : '', 'VAR' => $vars_simple, 'KERNEL_EDITOR' => display_editor($this->script . 'contents', $CONFIG_COM['forbidden_tags']), 'C_BBCODE_TINYMCE_MODE' => $User->get_attribute('user_editor') == 'tinymce', 'L_XML_LANGUAGE' => $LANG['xml_lang'], 'L_TITLE' => $CONFIG['com_popup'] == 0 || $integrated_in_environment === true ? $LANG['title_com'] : '', 'THEME' => get_utheme(), 'CONTENTS' => unparse($contents), 'L_REQUIRE_LOGIN' => $LANG['require_pseudo'], 'L_REQUIRE_TEXT' => $LANG['require_text'], 'L_VERIF_CODE' => $LANG['verif_code'], 'L_DELETE_MESSAGE' => $LANG['alert_delete_msg'], 'L_ADD_COMMENT' => $LANG['add_comment'], 'L_PUNISHMENT_MANAGEMENT' => $LANG['punishment_management'], 'L_WARNING_MANAGEMENT' => $LANG['warning_management'], 'L_LOGIN' => $LANG['pseudo'], 'L_MESSAGE' => $LANG['message'], 'L_QUOTE' => $LANG['quote'], 'L_RESET' => $LANG['reset'], 'L_PREVIEW' => $LANG['preview'], 'L_SUBMIT' => $LANG['submit'], 'U_ACTION' => $this->path . sprintf($this->vars, $this->idcom) . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '') . '&token=' . $Session->get_token())); $array_ranks = array(-1 => $LANG['guest'], 0 => $LANG['member'], 1 => $LANG['modo'], 2 => $LANG['admin']); $Cache->load('ranks'); $j = 0; $result = $Sql->query_while("SELECT c.idprov, c.idcom, c.login, c.timestamp, m.user_id, m.login as mlogin, m.level, m.user_mail, m.user_show_mail, m.timestamp AS registered, m.user_avatar, m.user_msg, m.user_local, m.user_web, m.user_sex, m.user_msn, m.user_yahoo, m.user_sign, m.user_warning, m.user_ban, m.user_groups, s.user_id AS connect, c.contents\n\t\t\t\tFROM " . DB_TABLE_COM . " c\n\t\t\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = c.user_id\n\t\t\t\tLEFT JOIN " . DB_TABLE_SESSIONS . " s ON s.user_id = c.user_id AND s.session_time > '" . (time() - $CONFIG['site_session_invit']) . "'\n\t\t\t\tWHERE c.script = '" . $this->script . "' AND c.idprov = '" . $this->idprov . "'\n\t\t\t\tGROUP BY c.idcom\n\t\t\t\tORDER BY c.timestamp DESC\n\t\t\t\t" . $Sql->limit($pagination->get_first_msg($CONFIG_COM['com_max'], 'pc'), $CONFIG_COM['com_max']), __LINE__, __FILE__); while ($row = $Sql->fetch_assoc($result)) { list($edit, $del) = array(false, false); $is_guest = empty($row['user_id']); if ($is_modo || $row['user_id'] == $User->get_attribute('user_id') && $User->get_attribute('user_id') !== -1) { list($edit, $del) = array(true, true); } if (!$is_guest) { $com_pseudo = '<a class="msg_link_pseudo" href="' . PATH_TO_ROOT . '/member/member' . url('.php?id=' . $row['user_id'], '-' . $row['user_id'] . '.php') . '" title="' . $row['mlogin'] . '"><span style="font-weight: bold;">' . wordwrap_html($row['mlogin'], 13) . '</span></a>'; } else { $com_pseudo = '<span style="font-style:italic;">' . (!empty($row['login']) ? wordwrap_html($row['login'], 13) : $LANG['guest']) . '</span>'; } $user_rank = $row['level'] === '0' ? $LANG['member'] : $LANG['guest']; $user_group = $user_rank; $user_rank_icon = ''; if ($row['level'] === '2') { $user_rank = $_array_rank[-2][0]; $user_group = $user_rank; $user_rank_icon = $_array_rank[-2][1]; } elseif ($row['level'] === '1') { $user_rank = $_array_rank[-1][0]; $user_group = $user_rank; $user_rank_icon = $_array_rank[-1][1]; } else { foreach ($_array_rank as $msg => $ranks_info) { if ($msg >= 0 && $msg <= $row['user_msg']) { $user_rank = $ranks_info[0]; $user_rank_icon = $ranks_info[1]; break; } } } $user_assoc_img = !empty($user_rank_icon) ? '<img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/ranks/' . $user_rank_icon . '" alt="" />' : ''; if (!empty($row['user_groups']) && $_array_groups_auth) { $user_groups = ''; $array_user_groups = explode('|', $row['user_groups']); foreach ($_array_groups_auth as $idgroup => $array_group_info) { if (is_numeric(array_search($idgroup, $array_user_groups))) { $user_groups .= !empty($array_group_info['img']) ? '<img src="' . PATH_TO_ROOT . '/images/group/' . $array_group_info['img'] . '" alt="' . $array_group_info['name'] . '" title="' . $array_group_info['name'] . '"/><br />' : $LANG['group'] . ': ' . $array_group_info['name']; } } } else { $user_groups = $LANG['group'] . ': ' . $user_group; } $user_online = !empty($row['connect']) ? 'online' : 'offline'; if (empty($row['user_avatar'])) { $user_avatar = $CONFIG_USER['activ_avatar'] == '1' && !empty($CONFIG_USER['avatar_url']) ? '<img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . $CONFIG_USER['avatar_url'] . '" alt="" />' : ''; } else { $user_avatar = '<img src="' . $row['user_avatar'] . '" alt="" />'; } $user_sex = ''; if ($row['user_sex'] == 1) { $user_sex = $LANG['sex'] . ': <img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/man.png" alt="" /><br />'; } elseif ($row['user_sex'] == 2) { $user_sex = $LANG['sex'] . ': <img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/woman.png" alt="" /><br />'; } $user_msg = $row['user_msg'] > 1 ? $LANG['message_s'] . ': ' . $row['user_msg'] : $LANG['message'] . ': ' . $row['user_msg']; if (!empty($row['user_local'])) { $user_local = $LANG['place'] . ': ' . $row['user_local']; $user_local = $user_local > 15 ? substr_html($user_local, 0, 15) . '...<br />' : $user_local . '<br />'; } else { $user_local = ''; } $contents = ucfirst(second_parse($row['contents'])); if (!$integrated_in_environment && !empty($page_path_to_root)) { $contents = str_replace('"' . $page_path_to_root . '/', '"' . PATH_TO_ROOT . '/', $contents); } $Template->assign_block_vars('com_list', array('ID' => $row['idcom'], 'CONTENTS' => $contents, 'DATE' => $LANG['on'] . ': ' . gmdate_format('date_format', $row['timestamp']), 'CLASS_COLOR' => $j % 2 == 0 ? '' : 2, 'USER_ONLINE' => '<img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . $user_online . '.png" alt="" class="valign_middle" />', 'USER_PSEUDO' => $com_pseudo, 'USER_RANK' => $row['user_warning'] < '100' || time() - $row['user_ban'] < 0 ? $user_rank : $LANG['banned'], 'USER_IMG_ASSOC' => $user_assoc_img, 'USER_AVATAR' => $user_avatar, 'USER_GROUP' => $user_groups, 'USER_DATE' => !$is_guest ? $LANG['registered_on'] . ': ' . gmdate_format('date_format_short', $row['registered']) : '', 'USER_SEX' => $user_sex, 'USER_MSG' => !$is_guest ? $user_msg : '', 'USER_LOCAL' => $user_local, 'USER_MAIL' => !empty($row['user_mail']) && $row['user_show_mail'] == '1' ? '<a href="mailto:' . $row['user_mail'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/email.png" alt="' . $row['user_mail'] . '" title="' . $row['user_mail'] . '" /></a>' : '', 'USER_MSN' => !empty($row['user_msn']) ? '<a href="mailto:' . $row['user_msn'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/msn.png" alt="' . $row['user_msn'] . '" title="' . $row['user_msn'] . '" /></a>' : '', 'USER_YAHOO' => !empty($row['user_yahoo']) ? '<a href="mailto:' . $row['user_yahoo'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/yahoo.png" alt="' . $row['user_yahoo'] . '" title="' . $row['user_yahoo'] . '" /></a>' : '', 'USER_SIGN' => !empty($row['user_sign']) ? '____________________<br />' . second_parse($row['user_sign']) : '', 'USER_WEB' => !empty($row['user_web']) ? '<a href="' . $row['user_web'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/user_web.png" alt="' . $row['user_web'] . '" title="' . $row['user_yahoo'] . '" /></a>' : '', 'USER_WARNING' => !empty($row['user_warning']) ? $row['user_warning'] : '0', 'C_COM_MSG_EDIT' => $del, 'C_COM_MSG_DEL' => $edit, 'U_COM_EDIT' => $this->path . sprintf($this->vars, $row['idcom']) . '&editcom=1' . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '') . '#anchor_' . $this->script, 'U_COM_DEL' => $this->path . sprintf($this->vars, $row['idcom']) . '&token=' . $Session->get_token() . '&delcom=1' . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '') . '#anchor_' . $this->script, 'U_COM_WARNING' => $is_modo && !$is_guest ? PATH_TO_ROOT . '/member/moderation_panel' . url('.php?action=warning&id=' . $row['user_id'] . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '')) . '" title="' . $LANG['warning_management'] : '', 'U_COM_PUNISHEMENT' => $is_modo && !$is_guest ? PATH_TO_ROOT . '/member/moderation_panel' . url('.php?action=punish&id=' . $row['user_id'] . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '')) . '" title="' . $LANG['punishment_management'] : '', 'U_USER_PM' => !$is_guest ? '<a href="' . PATH_TO_ROOT . '/member/pm' . url('.php?pm=' . $row['user_id'], '-' . $row['user_id'] . '.php') . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/pm.png" alt="" /></a>' : '', 'U_ANCHOR' => $this->path . $vars_simple . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '') . '#m' . $row['idcom'], 'U_QUOTE' => $this->path . sprintf($this->vars, $row['idcom']) . '&quote=' . $row['idcom'] . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '') . '#anchor_' . $this->script)); $j++; } $Sql->query_close($result); } return $Template->parse(TEMPLATE_STRING_MODE); } else { return 'error : class Comments loaded uncorrectly'; } }
$checked_normal = $type == 0 ? 'checked="ckecked"' : ''; $checked_postit = $type == 1 ? 'checked="ckecked"' : ''; $checked_annonce = $type == 2 ? 'checked="ckecked"' : ''; $nbr_poll_field = 0; for ($i = 0; $i < 20; $i++) { $answer = retrieve(POST, 'a' . $i, '', TSTRING_UNCHANGE); if (!empty($answer)) { $Template->assign_block_vars('answers_poll', array('ID' => $i, 'ANSWER' => $answer)); $nbr_poll_field++; } elseif ($i <= 5) { $Template->assign_block_vars('answers_poll', array('ID' => $i, 'ANSWER' => '')); $nbr_poll_field++; } } $poll_type = retrieve(POST, 'poll_type', 0); $Template->assign_vars(array('TITLE' => $title, 'DESC' => $subtitle, 'CONTENTS' => $contents, 'QUESTION' => $question, 'IDM' => $id_post_msg, 'DATE' => $LANG['on'] . ' ' . gmdate_format('date_format'), 'CONTENTS_PREVIEW' => second_parse(stripslashes(strparse($contents))), 'CHECKED_NORMAL' => $checked_normal, 'CHECKED_POSTIT' => $checked_postit, 'CHECKED_ANNONCE' => $checked_annonce, 'SELECTED_SIMPLE' => $poll_type == 0 ? 'checked="ckecked"' : '', 'SELECTED_MULTIPLE' => $poll_type == 1 ? 'checked="ckecked"' : '', 'NO_DISPLAY_POLL' => !empty($question) ? 'false' : 'true', 'NBR_POLL_FIELD' => $nbr_poll_field, 'C_FORUM_PREVIEW_MSG' => true, 'C_ADD_POLL_FIELD' => $nbr_poll_field <= 18 ? true : false, 'C_FORUM_POST_TYPE' => true, 'L_PREVIEW' => $LANG['preview'], 'L_TYPE' => '* ' . $LANG['type'], 'L_DEFAULT' => $LANG['default'], 'L_POST_IT' => $LANG['forum_postit'], 'L_ANOUNCE' => $LANG['forum_announce'])); } list($users_list, $total_admin, $total_modo, $total_member, $total_visit, $total_online) = forum_list_user_online("AND s.session_script LIKE '/forum/%'"); $Template->assign_vars(array('TOTAL_ONLINE' => $total_online, 'USERS_ONLINE' => $total_online - $total_visit == 0 ? '<em>' . $LANG['no_member_online'] . '</em>' : $users_list, 'ADMIN' => $total_admin, 'MODO' => $total_modo, 'MEMBER' => $total_member, 'GUEST' => $total_visit, 'L_USER' => $total_online > 1 ? $LANG['user_s'] : $LANG['user'], 'L_ADMIN' => $total_admin > 1 ? $LANG['admin_s'] : $LANG['admin'], 'L_MODO' => $total_modo > 1 ? $LANG['modo_s'] : $LANG['modo'], 'L_MEMBER' => $total_member > 1 ? $LANG['member_s'] : $LANG['member'], 'L_GUEST' => $total_visit > 1 ? $LANG['guest_s'] : $LANG['guest'], 'L_AND' => $LANG['and'], 'L_ONLINE' => strtolower($LANG['online']))); $Template->pparse('forum_move'); } elseif (!empty($id_post_msg) && !empty($post_topic)) { $msg = $Sql->query_array(PREFIX . 'forum_msg', 'idtopic', 'user_id', 'timestamp', 'contents', "WHERE id = '" . $id_post_msg . "'", __LINE__, __FILE__); $topic = $Sql->query_array(PREFIX . 'forum_topics', 'idcat', 'title', 'last_user_id', 'last_msg_id', 'last_timestamp', "WHERE id = '" . $msg['idtopic'] . "'", __LINE__, __FILE__); $to = retrieve(POST, 'to', 0); if (!$User->check_auth($CAT_FORUM[$topic['idcat']]['auth'], EDIT_CAT_FORUM)) { $Errorh->handler('e_auth', E_USER_REDIRECT); } $id_first = $Sql->query("SELECT MIN(id) FROM " . PREFIX . "forum_msg WHERE idtopic = '" . $msg['idtopic'] . "'", __LINE__, __FILE__); if ($id_first == $id_post_msg) { $Errorh->handler('e_unable_cut_forum', E_USER_REDIRECT); }
function set_content($content) { $this->content = strparse($content, array(), DO_NOT_ADD_SLASHES); }