$ausgaben["inaccessible"] = "";
}
// +++
// unzugaengliche #(marken) sichtbar machen
// wohin schicken
# header("Location: ".$cfg["menued"]["basis"]."/?.html");
// +++
// page basics
#$fixed_entry = str_replace(" ", "", $HTTP_POST_VARS["entry"]);
$fixed_entry = preg_replace("/[^A-Za-z_\\-\\.0-9]+/", "", $HTTP_POST_VARS["entry"]);
// PREG:^[a-z_.-0-9]+$
if ($environment["parameter"][3] == "verify" && ($HTTP_POST_VARS["send"] != "" || $HTTP_POST_VARS["add"] != "" || $HTTP_POST_VARS["delete"] != "")) {
// form eigaben prüfen
form_errors($form_options, $HTTP_POST_VARS);
// black-list-test
black_list($environment["parameter"][2], $_POST["entry"]);
// lang tabellen aenderungen
if ($ausgaben["form_error"] == "") {
$header_link = $cfg["menued"]["basis"] . "/edit," . $environment["parameter"][1] . ".html";
#?referer=".$ausgaben["form_referer"]);
if ($HTTP_POST_VARS["add"] && $HTTP_POST_VARS["new_lang"] != "") {
$sql = "SELECT label\n FROM " . $cfg["menued"]["db"]["lang"]["entries"] . "\n WHERE mid = " . $environment["parameter"][1] . "\n AND lang = '" . $HTTP_POST_VARS["new_lang"] . "'";
if ($debugging["sql_enable"]) {
$debugging["ausgabe"] .= "sql: " . $sql . $debugging["char"];
}
$result = $db->query($sql);
if (!$result) {
$ausgaben["form_error"] .= $db->error("#(error_result)<br />");
}
$num_rows = $db->num_rows($result);
if ($num_rows >= 1) {
}
// +++
// unzugaengliche #(marken) sichtbar machen
// wohin schicken
# header("Location: ".$cfg["menued"]["basis"]."/?.html");
// +++
// page basics
#$fixed_entry = str_replace(" ", "", $_POST["entry"]);
$fixed_entry = preg_replace("/[^A-Za-z_\\-\\.0-9]+/", "", $_POST["entry"]);
// PREG:^[a-z_.-0-9]+$
if ($environment["parameter"][3] == "verify" && ($_POST["send"] != "" || $_POST["image"] || $_POST["add"])) {
// form eigaben prüfen
form_errors($form_options, $_POST);
$error = $ausgaben["form_error"];
// black-list-test
black_list($_POST["refid"], $_POST["entry"]);
if ($ausgaben["form_error"] == "") {
// gibt es einen solchen entry bereits?
if ($fixed_entry != "") {
$sql = "SELECT entry\n FROM " . $cfg["menued"]["db"]["menu"]["entries"] . "\n WHERE refid = '" . $_POST["refid"] . "'\n AND entry = '" . $fixed_entry . "'";
$result = $db->query($sql);
$test = $db->fetch_array($result, 1);
if ($test["entry"] == $fixed_entry) {
$ausgaben["form_error"] .= "#(error_dupe)";
}
$error = "dupe";
}
// entry hinzufuegen
$kick = array("PHPSESSID", "send", "cancel", "image", "image_x", "image_y", "add_x", "add_y", "add", "form_referer", "lang", "label", "extend", "exturl", "new_lang", "entry", "wizard");
foreach ($_POST as $name => $value) {
if (!in_array($name, $kick)) {
if ($ir['donatordays'] == 0) {
die("This feature is for donators only.");
}
print "<h3>Black List</h3>";
switch ($_GET['action']) {
case "add":
add_enemy();
break;
case "remove":
remove_enemy();
break;
case "ccomment":
change_comment();
break;
default:
black_list();
break;
}
function black_list()
{
global $ir, $c, $userid;
print "<a href='blacklist.php?action=add'>> Add an Enemy</a><br />\nThese are the people on your black list. ";
$q_y = mysql_query("SELECT * FROM blacklist WHERE bl_ADDED={$userid}", $c);
print mysql_num_rows($q_y) . " people have added you to their list.<br />Most hated: [";
$q2r = mysql_query("SELECT u.username,count( * ) as cnt,bl.bl_ADDED FROM blacklist bl LEFT JOIN users u on bl.bl_ADDED=u.userid GROUP BY bl.bl_ADDED ORDER BY cnt DESC LIMIT 5", $c) or die(mysql_error());
$r = 0;
while ($r2r = mysql_fetch_array($q2r)) {
$r++;
if ($r > 1) {
print " | ";
}
