private function check_captcha($captext, $captime)
{
$captext = trim($captext, ' ');
if ($captext != '') {
$cap = new Captcha();
if ($cap->check_captcha($captext, $captime) == 0) {
return 0;
//$this->error['captext'] = sprintf ( "%sСимволи введені невірно<br />", $this->error['captext'] );
} else {
return 1;
}
}
}
# Code based on WebSPELL Clanpackage (Michael Gruber - webspell.at), #
# Far Development by Development Team - webspell.org #
# #
# visit webspell.org #
# #
##########################################################################
*/
$_language->read_module('about');
if (!ispageadmin($userID) or mb_substr(basename($_SERVER['REQUEST_URI']), 0, 15) != "admincenter.php") {
die($_language->module['access_denied']);
}
echo '<h1>¤ ' . $_language->module['about'] . '</h1>';
if (isset($_POST['submit']) != "") {
$about = $_POST['message'];
$CAPCLASS = new Captcha();
if ($CAPCLASS->check_captcha(0, $_POST['captcha_hash'])) {
if (mysql_num_rows(safe_query("SELECT * FROM " . PREFIX . "about"))) {
safe_query("UPDATE " . PREFIX . "about SET about='" . $about . "'");
} else {
safe_query("INSERT INTO " . PREFIX . "about (about) values( '" . $about . "') ");
}
redirect("admincenter.php?site=about", "", 0);
} else {
echo $_language->module['transaction_invalid'];
}
} else {
$ergebnis = safe_query("SELECT * FROM " . PREFIX . "about");
$ds = mysql_fetch_array($ergebnis);
$CAPCLASS = new Captcha();
$CAPCLASS->create_transaction();
$hash = $CAPCLASS->get_hash();
$action = '';
}
if ($action == "quicksearch" or (isset($_GET['forum']) or isset($_GET['news']) or isset($_GET['articles']) or isset($_GET['faq'])) and $action == "") {
$getstring = '';
foreach ($_GET as $key => $val) {
$getstring .= '&' . $key . '=' . stripslashes($val);
}
header("Location: index.php?site=search&action=search" . $getstring);
} elseif ($action == "search" and ($userID or isset($_GET['captcha']))) {
$_language->read_module('search');
$run = 0;
if ($userID) {
$run = 1;
} else {
$CAPCLASS = new Captcha();
if ($CAPCLASS->check_captcha($_GET['captcha'], $_GET['captcha_hash'])) {
$run = 1;
}
}
if ($run) {
eval("\$title_search = \"" . gettemplate("title_search") . "\";");
echo $title_search;
$text = str_replace(array('%', '*'), array('\\%', '%'), $_GET['text']);
if (!isset($_GET['r']) or $_GET['r'] < 1 or $_GET['r'] > 100) {
$results = 50;
} else {
$results = (int) $_GET['r'];
}
isset($_GET['page']) ? $page = (int) $_GET['page'] : ($page = 1);
isset($_GET['am']) ? $am = (int) $_GET['am'] : ($am = 0);
isset($_GET['ad']) ? $ad = (int) $_GET['ad'] : ($ad = 0);
$error[] = $_language->module['forgot_messenger'];
}
if (!mb_strlen(trim($age))) {
$error[] = $_language->module['forgot_age'];
}
if (!mb_strlen(trim($city))) {
$error[] = $_language->module['forgot_city'];
}
if (!mb_strlen(trim($clanhistory))) {
$error[] = $_language->module['forgot_history'];
}
if ($userID) {
$run = 1;
} else {
$CAPCLASS = new Captcha();
if (!$CAPCLASS->check_captcha($_POST['captcha'], $_POST['captcha_hash'])) {
$error[] = $_language->module['wrong_security_code'];
} else {
$run = 1;
}
}
if (!count($error) and $run) {
$ergebnis = safe_query("SELECT userID FROM " . PREFIX . "squads_members WHERE joinmember='1' AND squadID='" . $squad . "'");
while ($ds = mysql_fetch_array($ergebnis)) {
$touser[] = $ds['userID'];
}
if ($touser[0] != "") {
$tmp_lang = new Language();
foreach ($touser as $id) {
$tmp_lang->set_language(getuserlanguage($id));
$tmp_lang->read_module('joinus');
$data = mysql_fetch_array($result);
mysql_free_result($result);
if (trim($data['list']) != '') {
$not_accepted_words = explode(',', trim($data['list']));
foreach ($not_accepted_words as $not_accepted_word) {
if ($not_accepted_word != '' && (preg_match("/" . $not_accepted_word . "/i", $sender_email) || preg_match("/" . $not_accepted_word . "/i", $subject) || preg_match("/" . $not_accepted_word . "/i", $text))) {
$errors[] = 'error_not_accepted_word';
break;
}
}
}
}
// CAPTCHA check:
if (empty($errors) && empty($_SESSION[$settings['session_prefix'] . 'user_id']) && $settings['captcha_email'] > 0) {
if ($settings['captcha_email'] == 2) {
if (empty($_SESSION['captcha_session']) || empty($_POST['captcha_code']) || $captcha->check_captcha($_SESSION['captcha_session'], $_POST['captcha_code']) != true) {
$errors[] = 'captcha_check_failed';
}
} else {
if (empty($_SESSION['captcha_session']) || empty($_POST['captcha_code']) || $captcha->check_math_captcha($_SESSION['captcha_session'][2], $_POST['captcha_code']) != true) {
$errors[] = 'captcha_check_failed';
}
}
unset($_SESSION['captcha_session']);
}
// Akismet spam check:
if (empty($errors) && $settings['akismet_key'] != '' && $settings['akismet_mail_check'] == 1 && empty($_SESSION[$settings['session_prefix'] . 'user_id'])) {
require 'modules/akismet/akismet.class.php';
$mail_parts = explode("@", $sender_email);
$sender_name = $mail_parts[0];
$check_mail['author'] = $mail_parts[0];
