Example #1
0
function user_assign_visitors($object, $id, &$tmpl)
{
    global $apx, $set, $db, $user;
    $userdata = array();
    $data = $db->fetch("SELECT u.userid,u.username,u.groupid,u.realname,u.gender,u.city,u.plz,u.country,u.city,u.lastactive,u.pub_invisible,u.avatar,u.avatar_title,u.custom1,u.custom2,u.custom3,u.custom4,u.custom5,u.custom6,u.custom7,u.custom8,u.custom9,u.custom10 FROM " . PRE . "_user_visits AS v LEFT JOIN " . PRE . "_user AS u USING(userid) WHERE v.object='" . addslashes($object) . "' AND v.id='" . intval($id) . "' AND v.time>='" . (time() - 24 * 3600) . "' ORDER BY u.username ASC");
    if (count($data)) {
        foreach ($data as $res) {
            ++$i;
            $userdata[$i]['ID'] = $res['userid'];
            $userdata[$i]['USERID'] = $res['userid'];
            $userdata[$i]['USERNAME'] = replace($res['username']);
            $userdata[$i]['GROUPID'] = $res['groupid'];
            $userdata[$i]['ONLINE'] = iif(!$res['pub_invisible'] && $res['lastactive'] + $set['user']['timeout'] * 60 >= time(), 1, 0);
            $userdata[$i]['REALNAME'] = replace($res['realname']);
            $userdata[$i]['GENDER'] = $res['gender'];
            $userdata[$i]['CITY'] = replace($res['city']);
            $userdata[$i]['PLZ'] = replace($res['plz']);
            $userdata[$i]['COUNTRY'] = $res['country'];
            $userdata[$i]['LASTACTIVE'] = $res['lastactive'];
            $userdata[$i]['AVATAR'] = $user->mkavatar($res);
            $userdata[$i]['AVATAR_TITLE'] = $user->mkavtitle($res);
            //Custom-Felder
            for ($ii = 1; $ii <= 10; $ii++) {
                $tabledata[$i]['CUSTOM' . $ii . '_NAME'] = $set['user']['cusfield_names'][$ii - 1];
                $tabledata[$i]['CUSTOM' . $ii] = compatible_hsc($res['custom' . $ii]);
            }
        }
    }
    $tmpl->assign('VISITOR', $userdata);
}
Example #2
0
function mediamanager_inline($insert = '', $id = false)
{
    global $set, $db, $apx;
    //Felder, in die eingefügt werden darf
    if (!$insert) {
        echo 'missing fields!';
        return;
    }
    //Umgebungsvariablen
    $module = $apx->module();
    $id = (int) $id;
    $status = (int) $_POST['inline_status'];
    //Hash-Wert ermitteln
    if (!$id && $_POST['inline_hash']) {
        $hash = compatible_hsc($_POST['inline_hash']);
    } elseif (!$id) {
        $hash = compatible_hsc(md5(microtime()));
    }
    //Button-Beschriftungen
    $apx->lang->dropaction('mediamanager', 'inline');
    $lang_open = $apx->lang->get('INLINE_OPEN');
    $lang_close = $apx->lang->get('INLINE_CLOSE');
    //Iframe anzeigen, oder nicht anzeigen...
    if ($status) {
        $hide_button = 'display:none;';
    } else {
        $hide_iframe = 'display:none;';
    }
    echo <<<CODE
<div id="inline_button" style="{$hide_button}"><input type="button" name="inline_open" value="{$lang_open}" onclick="open_inline();" class="button" /></div>
<div id="inline_iframe" style="{$hide_iframe}">
<div style="padding-bottom:3px;"><input type="button" name="inline_open" value="{$lang_close}" onclick="close_inline();" class="button" /></div>
<iframe src="action.php?action=mediamanager.inline&amp;module={$module}&amp;mid={$id}&amp;hash={$hash}&amp;fields={$insert}" width="98%" height="250" name="inline" frameborder="0" style="width:98%;height:250px;">Sorry, your browser does not support frames!</iframe>
</div>
<script language="JavaScript" type="text/javascript">
<!--

//Inlinescreens öffnen
function open_inline() {
\tgetobject('inline_button').style.display='none';
\tgetobject('inline_iframe').style.display='';
\tgetobject('inline_status').value=1;
}

//Inlinescreens schließen
function close_inline() {
\tgetobject('inline_button').style.display='';
\tgetobject('inline_iframe').style.display='none';
\tgetobject('inline_status').value=0;
}

//-->
</script>
<input type="hidden" name="inline_hash" value="{$hash}" />
<input type="hidden" name="inline_status" id="inline_status" value="{$status}" />
CODE;
}
Example #3
0
function createTeamData($res, $parse)
{
    global $apx, $db, $set, $user;
    $userdata = array();
    if ($res['birthday']) {
        $bd = explode('-', $res['birthday']);
        $birthday = intval($bd[0]) . '. ' . getcalmonth($bd[1]) . iif($bd[2], ' ' . $bd[2]);
        if ($bd[2]) {
            $age = date('Y') - $bd[2];
            if (intval(sprintf('%02d%02d', $bd[1], $bd[0])) > intval(date('md'))) {
                $age -= 1;
            }
        }
    }
    $userdata['ID'] = $res['userid'];
    $userdata['USERID'] = $res['userid'];
    $userdata['NAME'] = replace($res['username']);
    $userdata['USERNAME'] = replace($res['username']);
    $userdata['GROUPID'] = $res['groupid'];
    $userdata['EMAIL'] = replace(iif(!$res['pub_hidemail'], $res['email']));
    $userdata['EMAIL_ENCRYPTED'] = replace(iif(!$res['pub_hidemail'], cryptMail($res['email'])));
    $userdata['ONLINE'] = iif(!$res['pub_invisible'] && $res['lastactive'] + $set['user']['timeout'] * 60 >= time(), 1, 0);
    $userdata['ISONLINE'] = $userdata['ONLINE'];
    $userdata['REALNAME'] = replace($res['realname']);
    $userdata['GENDER'] = $res['gender'];
    $userdata['CITY'] = replace($res['city']);
    $userdata['PLZ'] = replace($res['plz']);
    $userdata['COUNTRY'] = $res['country'];
    $userdata['REGTIME'] = $res['reg_time'];
    $userdata['REGDAYS'] = floor((time() - $res['reg_time']) / (24 * 3600));
    $userdata['LASTACTIVE'] = $res['lastactive'];
    $userdata['AVATAR'] = $user->mkavatar($res);
    $userdata['AVATAR_TITLE'] = $user->mkavtitle($res);
    $userdata['BIRTHDAY'] = $birthday;
    $userdata['AGE'] = $age;
    if (in_array($varname . '.ISBUDDY', $parse)) {
        $userdata['ISBUDDY'] = $user->is_buddy($res['userid']);
    }
    //Custom-Felder
    for ($ii = 1; $ii <= 10; $ii++) {
        $userdata['CUSTOM' . $ii . '_NAME'] = $set['user']['cusfield_names'][$ii - 1];
        $userdata['CUSTOM' . $ii] = compatible_hsc($res['custom' . $ii]);
    }
    //Interaktions-Links
    if ($user->info['userid']) {
        $userdata['LINK_SENDPM'] = mklink('user.php?action=newpm&amp;touser='******'userid'], 'user,newpm,' . $res['userid'] . '.html');
        $userdata['LINK_SENDEMAIL'] = mklink('user.php?action=newmail&amp;touser='******'userid'], 'user,newmail,' . $res['userid'] . '.html');
        if (in_array($varname . '.LINK_BUDDY', $parse) && !$user->is_buddy($res['userid'])) {
            $userdata['LINK_BUDDY'] = mklink('user.php?action=addbuddy&amp;id=' . $res['userid'], 'user,addbuddy,' . $res['userid'] . '.html');
        }
    }
    return $userdata;
}
Example #4
0
 function get_subtree($dir)
 {
     $dirs = readout_dir($dir);
     $numdirs = count($dirs);
     $dirdata = array();
     $i = 0;
     foreach ($dirs as $dirname) {
         ++$i;
         $dirdata[] = array('NAME' => compatible_hsc($dirname), 'PATH' => iif($dir, $dir . '/') . $dirname, 'LAST' => $i == $numdirs);
     }
     return $dirdata;
 }
Example #5
0
function glossar_highlight($text, $module = false, $ignore = false)
{
    global $apx, $db, $set;
    static $highlights;
    $ignore = (int) $ignore;
    if (!$set['glossar']['highlight'] || !$text) {
        return $text;
    }
    $apx->lang->drop('highlights', 'glossar');
    $classname_word = 'glossar_highlight';
    $classname_title = 'glossar_info_title';
    $classname_text = 'glossar_info_text';
    $classname_readmore = 'glossar_info_readmore';
    //Daten auslesen
    if (!isset($highlights)) {
        $highlights = array();
        $data = $db->fetch("SELECT id,title,spelling,text FROM " . PRE . "_glossar WHERE starttime!=0" . iif($ignore, " AND id!='" . $ignore . "'"));
        if (count($data)) {
            foreach ($data as $res) {
                $words = array();
                if ($res['spelling']) {
                    $words = explode(',', strtolower($res['spelling']));
                }
                $words[] = strtolower($res['title']);
                $words = array_unique(array_map('trim', $words));
                $link = mklink('glossar.php?id=' . $res['id'], 'glossar,id' . $res['id'] . urlformat($res['title']) . '.html');
                $content = '<div class="' . $classname_title . '"><a href="' . $link . '">' . $res['title'] . '</a></div><div class="' . $classname_text . '">' . shorttext($res['text'], 200) . '</div><div class="' . $classname_readmore . '"><a href="' . $link . '">' . $apx->lang->get('READMORE') . '</a></div>';
                $content = strtr(compatible_hsc($content), array("\n" => ' ', "\r" => '', '\'' => '\\\'', '\\' => '\\\\'));
                $highlights[] = array('words' => $words, 'content' => $content);
            }
        }
    }
    //Text nach Highlights durchsuchen
    $lowertext = strtolower($text);
    foreach ($highlights as $element) {
        $words = $element['words'];
        foreach ($words as $wkey => $word) {
            if (strpos($lowertext, strtolower($word)) === false) {
                unset($words[$wkey]);
            }
        }
        if (!count($words)) {
            continue;
        }
        $words = array_map('preg_quote', $words);
        $searchfor = implode('|', $words);
        $hover = 'Tip(\'' . $element['content'] . '\')';
        $text = preg_replace('#((<[^>]*)|($|[\\s<>,.:;_!-])(' . $searchfor . ')([\\s<>,.:;_!-]|$))#ie', '"\\2"=="\\1" ? glossar_stripslashes("\\1") : glossar_stripslashes("\\3")."<span class=\\"' . $classname_word . '\\" onmouseover=\\"' . strtr($hover, array('\\' => '\\\\')) . '\\">".glossar_stripslashes("\\4")."</span>".glossar_stripslashes("\\5")', $text);
        //$text=preg_replace('#((<[^>]*)|('.$searchfor.'))#ie', '"\2"=="\1" ? glossar_stripslashes("\1") : "<span class=\"'.$classname_word.'\" onmouseover=\"'.$hover.'\">".glossar_stripslashes("\3")."</span>"', $text);
    }
    return $text;
}
Example #6
0
function misc_comments_report()
{
    global $apx, $db, $set, $user;
    $_REQUEST['id'] = (int) $_REQUEST['id'];
    if (!$_REQUEST['id']) {
        die('missing ContentID!');
    }
    $apx->lang->drop('report', 'comments');
    $apx->tmpl->loaddesign('blank');
    headline($apx->lang->get('HEADLINE_REPORT'), str_replace('&', '&amp;', $_SERVER['REQUEST_URI']));
    titlebar($apx->lang->get('HEADLINE_REPORT'));
    //Absenden
    if ($_POST['send']) {
        //Kommentar auslesen
        list($commenttext) = $db->first("SELECT text FROM " . PRE . "_comments WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
        if (!$_POST['text']) {
            message('back');
        } elseif (!$commenttext) {
            message('invalid comment-ID!');
        } else {
            //eMail senden
            if ($set['comments']['reportmail']) {
                $input['URL'] = $_POST['url'];
                $input['REASON'] = $_POST['text'];
                $input['TEXT'] = $commenttext;
                sendmail($set['comments']['reportmail'], 'REPORT', $input);
            }
            message($apx->lang->get('MSG_OK'));
        }
    } else {
        $apx->tmpl->assign('POSTTO', HTTPDIR . 'misc.php?action=comments_report');
        $apx->tmpl->assign('URL', compatible_hsc($_REQUEST['url']));
        $apx->tmpl->assign('ID', $_REQUEST['id']);
        $apx->tmpl->parse('report', 'comments');
    }
}
Example #7
0
        message($apx->lang->get('MSG_MAILNOTVALID'), 'back');
    } else {
        $goto = HTTP . $set['forum']['directory'] . '/' . mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html');
        mail($_POST['toemail'], $_POST['subject'], $_POST['text'], 'From: ' . $_POST['username'] . '<' . $_POST['email'] . '>');
        message($apx->lang->get('MSG_OK'), $goto);
    }
} else {
    $url = HTTP . $set['forum']['directory'] . '/' . mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html');
    //Captcha erstellen
    if ($set['main']['tellcaptcha'] && !$user->info['userid']) {
        require BASEDIR . 'lib/class.captcha.php';
        $captcha = new captcha();
        $captchacode = $captcha->generate();
    }
    $apx->tmpl->assign('POSTTO', $_SERVER['REQUEST_URI']);
    $apx->tmpl->assign('TITLE', trim(compatible_hsc(strip_tags(forum_get_prefix($threadinfo['prefix']) . ' ') . $threadinfo['title'])));
    $apx->tmpl->assign('TEXT', compatible_hsc($apx->lang->get('MAIL_TELL_TEXT', array('URL' => $url))));
    $apx->tmpl->assign('CAPTCHA', $captchacode);
    $apx->tmpl->parse('tell');
}
////////////////////////////////////////////////////////////////////////////////////////////////////////
$threadpath = array(array('TITLE' => trim(compatible_hsc(strip_tags(forum_get_prefix($threadinfo['prefix']) . ' ') . $threadinfo['title'])), 'LINK' => mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html')));
$apx->tmpl->assign('PATH', array_merge(forum_path($foruminfo, 1), $threadpath));
$apx->tmpl->assign('PATHEND', $apx->lang->get('HEADLINE_TELL'));
titlebar($apx->lang->get('HEADLINE_TELL'));
////////////////////////////////////////////////////////////////////////////////////////////////////////
require 'lib/_end.php';
///////////////////////////////////////////////////////////////////////////
require '../lib/_end.php';
//////////////////////////////////////////////////////// SCRIPT BEENDEN ///
////////////////////////////////////////////////////////////////////////////////////////////////////////
Example #8
0
 function disable()
 {
     global $set, $db, $apx;
     $_REQUEST['id'] = (int) $_REQUEST['id'];
     if (!$_REQUEST['id']) {
         die('missing ID!');
     }
     if ($_POST['send']) {
         if (!checkToken()) {
             printInvalidToken();
         } else {
             $db->query("UPDATE " . PRE . "_poll SET starttime='0',endtime='0' WHERE ( id='" . $_REQUEST['id'] . "' ) LIMIT 1");
             logit('POLL_DISABLE', 'ID #' . $_REQUEST['id']);
             printJSReload();
         }
     } else {
         list($title) = $db->first("SELECT question FROM " . PRE . "_poll WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
         $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title))));
         tmessageOverlay('disable', array('ID' => $_REQUEST['id']));
     }
 }
Example #9
0
 function group()
 {
     global $set, $db, $apx, $html;
     $_REQUEST['id'] = (int) $_REQUEST['id'];
     $data = $set['banner']['groups'];
     //Kategorie löschen
     if ($_REQUEST['do'] == 'del' && isset($data[$_REQUEST['id']])) {
         list($count) = $db->first("SELECT count(*) FROM " . PRE . "_banner WHERE " . PRE . "_banner.group='" . $id . "'");
         if (!$count) {
             if (isset($_POST['id'])) {
                 if (!checkToken()) {
                     infoInvalidToken();
                 } else {
                     unset($data[$_REQUEST['id']]);
                     $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='banner' AND varname='groups' LIMIT 1");
                     logit('BANNER_CATDEL', $_REQUEST['id']);
                     printJSReload();
                 }
             } else {
                 $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($data[$_REQUEST['id']]))));
                 tmessageOverlay('catdel', array('ID' => $_REQUEST['id']));
             }
             return;
         }
     } elseif ($_REQUEST['do'] == 'edit' && isset($data[$_REQUEST['id']])) {
         if (isset($_POST['title'])) {
             if (!checkToken()) {
                 infoInvalidToken();
             } elseif (!$_POST['title']) {
                 infoNotComplete();
             } else {
                 $data[$_REQUEST['id']] = $_POST['title'];
                 $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='banner' AND varname='groups' LIMIT 1");
                 logit('BANNER_CATEDIT', $_REQUEST['id']);
                 printJSRedirect('action.php?action=banner.group');
                 return;
             }
         } else {
             $_POST['title'] = $data[$_REQUEST['id']];
             $apx->tmpl->assign('TITLE', $_POST['title']);
             $apx->tmpl->assign('ACTION', 'edit');
             $apx->tmpl->assign('ID', $_REQUEST['id']);
             $apx->tmpl->parse('catadd_catedit');
         }
     } elseif ($_REQUEST['do'] == 'add') {
         if ($_POST['send']) {
             if (!checkToken()) {
                 printInvalidToken();
             } elseif (!$_POST['title']) {
                 infoNotComplete();
             } else {
                 if (!count($data)) {
                     $data[1] = $_POST['title'];
                 } else {
                     $data[] = $_POST['title'];
                 }
                 $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='banner' AND varname='groups' LIMIT 1");
                 logit('BANNER_CATADD', array_key_max($data));
                 printJSRedirect('action.php?action=banner.group');
                 return;
             }
         }
     } else {
         $apx->tmpl->assign('ACTION', 'add');
         $apx->tmpl->parse('catadd_catedit');
     }
     $col[] = array('ID', 1, 'align="center"');
     $col[] = array('COL_TITLE', 80, 'class="title"');
     $col[] = array('COL_BANNERS', 20, 'align="center"');
     //AUSGABE
     asort($data);
     foreach ($data as $id => $res) {
         ++$i;
         list($count) = $db->first("SELECT count(*) FROM " . PRE . "_banner WHERE " . PRE . "_banner.group='" . $id . "'");
         $tabledata[$i]['COL1'] = $id;
         $tabledata[$i]['COL2'] = $res;
         $tabledata[$i]['COL3'] = $count;
         $tabledata[$i]['OPTIONS'] .= optionHTML('edit.gif', 'banner.group', 'do=edit&id=' . $id, $apx->lang->get('CORE_EDIT'));
         if (!$count) {
             $tabledata[$i]['OPTIONS'] .= optionHTMLOverlay('del.gif', 'banner.group', 'do=del&id=' . $id, $apx->lang->get('CORE_DEL'));
         } else {
             $tabledata[$i]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />';
         }
     }
     $apx->tmpl->assign('TABLE', $tabledata);
     $html->table($col);
 }
Example #10
0
function calendar_print($data, $template)
{
    global $set, $db, $apx, $user;
    $tmpl = new tengine();
    $parse = $tmpl->used_vars($template, 'calendar');
    //Kategorie-Info
    $catids = get_ids($data, 'catid');
    $catdata = array();
    if (count($catids)) {
        $catdata = $db->fetch_index("SELECT * FROM " . PRE . "_calendar_cat WHERE id IN (" . implode(',', $catids) . ")", 'id');
    }
    //Termine auflisten
    if (count($data)) {
        foreach ($data as $res) {
            ++$i;
            $event = array();
            //Kategorie-Info
            $catinfo = $catdata[$res['catid']];
            //Link zum Termin
            $link = mklink('events.php?id=' . $res['id'], 'events,id' . $res['id'] . urlformat($res['title']) . '.html');
            //Aufmacher
            $picture = $picture_popup = '';
            if (in_template(array('EVENT.PICTURE', 'EVENT.PICTURE_POPUP', 'EVENT.PICTURE_POPUPPATH'), $parse)) {
                list($picture, $picture_popup, $picture_popuppath) = calendar_pic($res['picture']);
            }
            //Start berechnen
            $startday = $starttime = $endday = $endtime = 0;
            if (in_template(array('EVENT.STARTDAY', 'EVENT.STARTTIME'), $parse)) {
                $startday = calendar_stamp2time($res['startday']);
                if ($res['starttime'] != -1) {
                    $time_comp = calendar_explode_stamp($res['startday']);
                    $tmpstamp = sprintf('%04d', $res['starttime']);
                    $time_comp['hour'] = substr($tmpstamp, 0, 2);
                    $time_comp['minute'] = substr($tmpstamp, 2, 2);
                    $starttime = mktime($time_comp['hour'], $time_comp['minute'], 0, $time_comp['month'], $time_comp['day'], $time_comp['year']) + TIMEDIFF;
                }
            }
            //Ende berechnen (falls nötig)
            if (in_template(array('EVENT.ENDDAY', 'EVENT.ENDTIME'), $parse)) {
                if ($res['endday'] != $res['startday'] || $res['endtime'] != -1) {
                    $endday = calendar_stamp2time($res['endday']);
                    if ($res['endtime'] != -1) {
                        $time_comp = calendar_explode_stamp($res['endday']);
                        $tmpstamp = sprintf('%04d', $res['endtime']);
                        $time_comp['hour'] = substr($tmpstamp, 0, 2);
                        $time_comp['minute'] = substr($tmpstamp, 2, 2);
                        $endtime = mktime($time_comp['hour'], $time_comp['minute'], 0, $time_comp['month'], $time_comp['day'], $time_comp['year']) + TIMEDIFF;
                    }
                }
            }
            //Username + eMail
            if ($res['userid']) {
                $username = $res['username'];
                $email = iif(!$res['pub_hidemail'], $res['email']);
            } else {
                $username = $res['send_username'];
                $email = $res['send_email'];
            }
            //Text
            $eventtext = '';
            if (in_array('EVENT.TEXT', $parse)) {
                $eventtext = mediamanager_inline($res['text']);
                if ($apx->is_module('glossar')) {
                    $eventtext = glossar_highlight($eventtext);
                }
            }
            //Datehead
            if ($laststamp != $res['startday']) {
                $event['DATEHEAD'] = $startday;
            }
            //Tags
            if (in_array('EVENT.TAG', $parse) || in_array('EVENT.TAG_IDS', $parse) || in_array('EVENT.KEYWORDS', $parse)) {
                list($tagdata, $tagids, $keywords) = calendar_tags($res['id']);
            }
            $event['ID'] = $res['id'];
            $event['TITLE'] = $res['title'];
            $event['TEXT'] = $eventtext;
            $event['LINK'] = $link;
            $event['LOCATION'] = compatible_hsc($res['location']);
            $event['LOCATION_LINK'] = compatible_hsc($res['location_link']);
            $event['PRIORITY'] = $res['priority'];
            $event['RESTRICTED'] = $res['restricted'];
            $event['PRIVATE'] = $res['private'];
            $event['HITS'] = $res['hits'];
            $event['RELATED'] = calendar_links($res['links']);
            $event['PICTURE'] = $picture;
            $event['PICTURE_POPUP'] = $picture_popup;
            $event['PICTURE_POPUPPATH'] = $picture_popuppath;
            $event['STARTDAY'] = $startday;
            $event['STARTTIME'] = $starttime;
            $event['ENDDAY'] = $endday;
            $event['ENDTIME'] = $endtime;
            $event['USERID'] = $res['userid'];
            $event['USERNAME'] = replace($username);
            $event['EMAIL'] = replace($email);
            $event['EMAIL_ENCRYPTED'] = replace(cryptMail($email));
            $event['CATID'] = $res['catid'];
            $event['CATTITLE'] = $catinfo['title'];
            $event['CATICON'] = $catinfo['icon'];
            //Tags
            $event['TAG'] = $tagdata;
            $event['TAG_IDS'] = $tagids;
            $event['KEYWORDS'] = $keywords;
            //Galerie
            if ($apx->is_module('gallery') && $res['galid'] && !$res['private'] && in_template(array('EVENT.GALLERY_ID', 'EVENT.GALLERY_TITLE', 'EVENT.GALLERY_LINK'), $parse)) {
                $galinfo = gallery_info($res['galid']);
                $event['GALLERY_ID'] = $galinfo['id'];
                $event['GALLERY_TITLE'] = $galinfo['title'];
                $event['GALLERY_LINK'] = mklink('gallery.php?id=' . $galinfo['id'], 'gallery,list' . $galinfo['id'] . ',1' . urlformat($galinfo['title']) . '.html');
            }
            //Kommentare
            if ($apx->is_module('comments') && $set['calendar']['coms'] && $res['allowcoms']) {
                require_once BASEDIR . getmodulepath('comments') . 'class.comments.php';
                if (!isset($coms)) {
                    $coms = new comments('calendar', $res['id']);
                } else {
                    $coms->mid = $res['id'];
                }
                $link = mklink('events.php?id=' . $res['id'], 'events,id' . $res['id'] . urlformat($res['title']) . '.html');
                $event['COMMENT_COUNT'] = $coms->count();
                $event['COMMENT_LINK'] = $coms->link($link);
                $event['DISPLAY_COMMENTS'] = 1;
                if (in_template(array('EVENT.COMMENT_LAST_USERID', 'EVENT.COMMENT_LAST_NAME', 'EVENT.COMMENT_LAST_TIME'), $parse)) {
                    $event['COMMENT_LAST_USERID'] = $coms->last_userid();
                    $event['COMMENT_LAST_NAME'] = $coms->last_name();
                    $event['COMMENT_LAST_TIME'] = $coms->last_time();
                }
            }
            $eventdata[$i] = $event;
            $laststamp = $res['startday'];
        }
    }
    $tmpl->assign('EVENT', $eventdata);
    $tmpl->parse($template, 'calendar');
}
Example #11
0
 function group()
 {
     global $set, $db, $apx, $html;
     $_REQUEST['id'] = (int) $_REQUEST['id'];
     $data = $set['content']['groups'];
     //Kategorie löschen
     if ($_REQUEST['do'] == 'del' && isset($data[$_REQUEST['id']])) {
         list($count) = $db->first("SELECT count(*) FROM " . PRE . "_content WHERE catid='" . $_REQUEST['id'] . "'");
         if (!$count) {
             if (isset($_POST['id'])) {
                 if (!checkToken()) {
                     infoInvalidToken();
                 } else {
                     unset($data[$_REQUEST['id']]);
                     $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='content' AND varname='groups' LIMIT 1");
                     logit('CONTENT_CATDEL', $_REQUEST['id']);
                     printJSReload();
                 }
             } else {
                 $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($data[$_REQUEST['id']]))));
                 tmessageOverlay('catdel', array('ID' => $_REQUEST['id']));
             }
         }
         return;
     }
     //Kategorie leeren
     if ($_REQUEST['do'] == 'clean' && isset($data[$_REQUEST['id']])) {
         if ($_POST['id'] && $_POST['moveto']) {
             if (!checkToken()) {
                 infoInvalidToken();
             } else {
                 $db->query("UPDATE " . PRE . "_content SET catid='" . intval($_POST['moveto']) . "' WHERE catid='" . $_REQUEST['id'] . "'");
                 logit('CONTENT_CATCLEAN', "ID #" . $_REQUEST['id']);
                 //Kategorie löschen
                 if ($_POST['delcat']) {
                     unset($data[$_REQUEST['id']]);
                     $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='content' AND varname='groups' LIMIT 1");
                     logit('CONTENT_CATDEL', $_REQUEST['id']);
                 }
                 printJSReload();
                 return;
             }
         } else {
             //Kategorien auflisten
             $catlist = '';
             $data = $set['content']['groups'];
             if (count($data)) {
                 foreach ($data as $id => $title) {
                     if ($id == $_REQUEST['id']) {
                         continue;
                     }
                     $catlist .= '<option value="' . $id . '"' . iif($_REQUEST['catid'] == $id, ' selected="selected"') . '>' . replace($title) . '</option>';
                 }
             }
             $apx->tmpl->assign('ID', $_REQUEST['id']);
             $apx->tmpl->assign('TITLE', compatible_hsc($data[$_REQUEST['id']]));
             $apx->tmpl->assign('DELCAT', (int) $_POST['delcat']);
             $apx->tmpl->assign('CATLIST', $catlist);
             tmessageOverlay('catclean');
         }
         return;
     } elseif ($_REQUEST['do'] == 'edit' && isset($data[$_REQUEST['id']])) {
         if (isset($_POST['title'])) {
             if (!checkToken()) {
                 infoInvalidToken();
             } elseif (!$_POST['title']) {
                 info('back');
             } else {
                 $data[$_REQUEST['id']] = $_POST['title'];
                 $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='content' AND varname='groups' LIMIT 1");
                 logit('CONTENT_CATEDIT', $_REQUEST['id']);
                 printJSRedirect('action.php?action=content.group');
                 return;
             }
         } else {
             $_POST['title'] = $data[$_REQUEST['id']];
             $apx->tmpl->assign('TITLE', $_POST['title']);
             $apx->tmpl->assign('ACTION', 'edit');
             $apx->tmpl->assign('ID', $_REQUEST['id']);
             $apx->tmpl->parse('catadd_catedit');
         }
     } elseif ($_REQUEST['do'] == 'add') {
         if ($_POST['send']) {
             if (!checkToken()) {
                 printInvalidToken();
             } elseif (!$_POST['title']) {
                 info('back');
             } else {
                 if (!count($data)) {
                     $data[1] = $_POST['title'];
                 } else {
                     $data[] = $_POST['title'];
                 }
                 $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='content' AND varname='groups' LIMIT 1");
                 logit('CONTENT_CATADD', array_key_max($data));
                 printJSRedirect('action.php?action=content.group');
                 return;
             }
         }
     } else {
         $apx->tmpl->assign('ACTION', 'add');
         $apx->tmpl->parse('catadd_catedit');
     }
     $col[] = array('ID', 1, 'align="center"');
     $col[] = array('COL_TITLE', 80, 'class="title"');
     $col[] = array('COL_CONTENTS', 20, 'align="center"');
     //AUSGABE
     asort($data);
     foreach ($data as $id => $res) {
         ++$i;
         list($count) = $db->first("SELECT count(*) FROM " . PRE . "_content WHERE catid='" . $id . "'");
         $tabledata[$i]['COL1'] = $id;
         $tabledata[$i]['COL2'] = $res;
         $tabledata[$i]['COL3'] = $count;
         $tabledata[$i]['OPTIONS'] .= optionHTML('edit.gif', 'content.group', 'do=edit&id=' . $id, $apx->lang->get('CORE_EDIT'));
         if (!$count) {
             $tabledata[$i]['OPTIONS'] .= optionHTMLOverlay('del.gif', 'content.group', 'do=del&id=' . $id, $apx->lang->get('CORE_DEL'));
         } else {
             $tabledata[$i]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />';
         }
         if ($count) {
             $tabledata[$i]['OPTIONS'] .= optionHTMLOverlay('clean.gif', 'content.group', 'do=clean&id=' . $id, $apx->lang->get('CLEAN'));
         } else {
             $tabledata[$i]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />';
         }
     }
     $apx->tmpl->assign('TABLE', $tabledata);
     $html->table($col);
 }
Example #12
0
                $tabledata[$i]['CUSTOM' . $ii . '_NAME'] = $set['user']['cusfield_names'][$ii - 1];
                $tabledata[$i]['CUSTOM' . $ii] = compatible_hsc($res['custom' . $ii]);
            }
            //Forumbeiträge
            if ($apx->is_module('forum')) {
                $tabledata[$i]['FORUMPOSTS'] = $res['forum_posts'];
            }
            $tabledata[$i]['LINK_BUDDY'] = iif($user->info['userid'] && !$user->is_buddy($res['userid']), mklink('user.php?action=addbuddy&amp;id=' . $res['userid'], 'user,addbuddy,' . $res['userid'] . '.html'));
            $tabledata[$i]['LINK_SENDPM'] = iif($user->info['userid'], mklink('user.php?action=newpm&amp;touser='******'userid'], 'user,newpm,' . $res['userid'] . '.html'));
            $tabledata[$i]['LINK_SENDEMAIL'] = iif($user->info['userid'] || $set['user']['sendmail_guests'], mklink('user.php?action=newmail&amp;touser='******'userid'], 'user,newmail,' . $res['userid'] . '.html'));
        }
    }
    //Sortieren nach...
    ordervars($orderdef, mklink('user.php?action=search&amp;searchid=' . $_REQUEST['searchid'], 'user,search.html?searchid=' . $_REQUEST['searchid']));
    $apx->tmpl->assign('USER', $tabledata);
} else {
    $_POST['gender'] = 0;
    $_POST['distance'] = 25;
}
//Formular erzeugen
$apx->tmpl->assign('ITEM', compatible_hsc($_POST['item']));
$apx->tmpl->assign('AGE_MIN', intval($_POST['age_min']));
$apx->tmpl->assign('AGE_MAX', intval($_POST['age_max']));
$apx->tmpl->assign('GENDER', intval($_POST['gender']));
$apx->tmpl->assign('CITY', compatible_hsc($_POST['city']));
$apx->tmpl->assign('PLZ', compatible_hsc($_POST['plz']));
$apx->tmpl->assign('DISTANCE', intval($_POST['distance']));
$apx->tmpl->assign('ONLINE', intval($_POST['online']));
$postto = mklink('user.php?action=search', 'user,search.html');
$apx->tmpl->assign('POSTTO', $postto);
$apx->tmpl->parse('search');
Example #13
0
    } elseif ($user->info['userid'] && $touser == $user->info['userid']) {
        message($apx->lang->get('MSG_SELF'), 'javascript:history.back()');
    } else {
        if ($user->info['userid']) {
            $sender = $user->info['username'] . '<' . $user->info['email'] . '>';
        } else {
            $sender = $_POST['name'] . '<' . $_POST['email'] . '>';
        }
        mail($email, $_POST['subject'], $_POST['text'], 'From: ' . $sender);
        if ($user->info['userid']) {
            message($apx->lang->get('MSG_OK'), mklink('user.php', 'user.html'));
        } else {
            message($apx->lang->get('MSG_OK'), mklink('index.php', 'index.html'));
        }
    }
} else {
    if ($_REQUEST['touser']) {
        list($username) = $db->first("SELECT username FROM " . PRE . "_user WHERE userid='" . intval($_REQUEST['touser']) . "' LIMIT 1");
        $apx->tmpl->assign('USERNAME', compatible_hsc($username));
    }
    $postto = mklink('user.php?action=newmail', 'user,newmail.html');
    //Captcha erstellen
    if (!$user->info['userid']) {
        require BASEDIR . 'lib/class.captcha.php';
        $captcha = new captcha();
        $captchacode = $captcha->generate();
    }
    $apx->tmpl->assign('CAPTCHA', $captchacode);
    $apx->tmpl->assign('POSTTO', $postto);
    $apx->tmpl->parse('newmail');
}
Example #14
0
            $inlist[] = $res['postid'];
        }
    }
    //Alle IDs, die nicht aufgelistet wurden
    $notinlist = array_diff($_POST['post'], $inlist);
    foreach ($notinlist as $id) {
        $seldata[]['ID'] = $id;
    }
    $apx->tmpl->assign('FORUM', $forumdata);
    $apx->tmpl->assign('POST', $postdata);
    $apx->tmpl->assign('SELPOST', $seldata);
    $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
    $apx->tmpl->assign('ICON', $_POST['icon']);
    $apx->tmpl->assign('ICONLIST', $icondata);
    $apx->tmpl->assign('STICKY_TYPE', compatible_hsc($_POST['sticky_type']));
    $apx->tmpl->assign('STICKY_TEXT', compatible_hsc($_POST['sticky_text']));
    $apx->tmpl->assign('ANNOUNCE', forum_access_announce($foruminfo));
    $apx->tmpl->assign('ID', $threadinfo['threadid']);
    $apx->tmpl->assign('P', $_REQUEST['p']);
    $apx->tmpl->assign('PREVIOUS', iif($_REQUEST['p'] > 1, 1, 0));
    $apx->tmpl->assign('NEXT', iif($_REQUEST['p'] < $pages, 1, 0));
    $apx->tmpl->parse('split');
    ////////////////////////////////////////////
    $threadpath = array(array('TITLE' => replace($threadinfo['title']), 'LINK' => mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html')));
    $apx->tmpl->assign('PATH', array_merge(forum_path($foruminfo, 1), $threadpath));
    $apx->tmpl->assign('PATHEND', $apx->lang->get('SPLITTHREAD'));
    titlebar($apx->lang->get('SPLITTHREAD'));
} elseif ($_REQUEST['action'] == 'ipstats') {
    $apx->lang->drop('ipstats');
    $_REQUEST['id'] = (int) $_REQUEST['id'];
    if (!$_REQUEST['id']) {
Example #15
0
 function cfg()
 {
     global $set, $db, $apx;
     if ($_POST['send'] == 1) {
         $invalid = array();
         if ($_POST['ffmpeg'] && !$this->validateExecPath('ffmpeg', $_POST['ffmpeg'])) {
             $invalid[] = 'FFmpeg';
         }
         if ($_POST['flvtool2'] && !$this->validateExecPath('flvtool2', $_POST['flvtool2'])) {
             $invalid[] = 'FLVTool2';
         }
         if ($_POST['mencoder'] && !$this->validateExecPath('mencoder', $_POST['mencoder'])) {
             $invalid[] = 'MEncoder';
         }
         if (!$_POST['ffmpeg'] || !$_POST['flvtool2']) {
             info($apx->lang->get('CORE_BACK'));
         } elseif ($invalid) {
             info($apx->lang->get('INFO_INVALID') . implode(', ', $invalid));
         } else {
             $db->query("UPDATE " . PRE . "_config SET value='" . addslashes($_POST['ffmpeg']) . "' WHERE module='videos' AND varname='ffmpeg' LIMIT 1");
             $db->query("UPDATE " . PRE . "_config SET value='" . addslashes($_POST['flvtool2']) . "' WHERE module='videos' AND varname='flvtool2' LIMIT 1");
             $db->query("UPDATE " . PRE . "_config SET value='" . addslashes($_POST['mencoder']) . "' WHERE module='videos' AND varname='mencoder' LIMIT 1");
             logit('VIDEOS_CFG');
             printJSRedirect('action.php?action=videos.cfg');
         }
     } else {
         if (!function_exists('exec')) {
             message($apx->lang->get('MSG_EXEC_DISABLED'));
             return;
         }
         $apx->tmpl->assign('FFMPEG', compatible_hsc($set['videos']['ffmpeg']));
         $apx->tmpl->assign('FLVTOOL2', compatible_hsc($set['videos']['flvtool2']));
         $apx->tmpl->assign('MENCODER', compatible_hsc($set['videos']['mencoder']));
         $apx->tmpl->parse('cfg');
     }
 }
Example #16
0
        $apx->tmpl->assign('PREVIEW', $text);
        $apx->tmpl->assign('USERNAME', compatible_hsc($_POST['touser']));
        $apx->tmpl->assign('SUBJECT', compatible_hsc($_POST['subject']));
        $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
        $apx->tmpl->assign('ADDSIG', intval($_POST['addsig']));
    } else {
        $text = '';
        if ($_REQUEST['answer']) {
            $res = $db->first("SELECT a.subject,a.text,b.userid,b.username,c.username AS username2 FROM " . PRE . "_user_pms AS a LEFT JOIN " . PRE . "_user AS b ON a.fromuser=b.userid LEFT JOIN " . PRE . "_user AS c ON a.touser=c.userid WHERE ( a.id='" . $_REQUEST['answer'] . "' AND ( a.touser='******'userid'] . "' OR a.fromuser='******'userid'] . "' ) )");
            if ($res['userid'] == $user->info['userid']) {
                $username = compatible_hsc($res['username2']);
                $subject = compatible_hsc($res['subject']);
                $text = '[QUOTE]' . compatible_hsc($res['text']) . "[/QUOTE]\n";
            } else {
                $username = compatible_hsc($res['username']);
                $subject = iif($res['subject'] && substr($res['subject'], 0, 4) != 'Re: ', 'Re: ') . compatible_hsc($res['subject']);
                $text = '[QUOTE]' . compatible_hsc($res['text']) . "[/QUOTE]\n";
            }
        } elseif ($_REQUEST['touser']) {
            list($username) = $db->first("SELECT username FROM " . PRE . "_user WHERE userid='" . $_REQUEST['touser'] . "' LIMIT 1");
            $username = compatible_hsc($username);
        }
        $apx->tmpl->assign('USERNAME', replace($username));
        $apx->tmpl->assign('SUBJECT', $subject);
        $apx->tmpl->assign('TEXT', $text);
        $apx->tmpl->assign('ADDSIG', 1);
    }
    $postto = mklink('user.php?action=newpm', 'user,newpm.html');
    $apx->tmpl->assign('POSTTO', $postto);
    $apx->tmpl->parse('newpm');
}
Example #17
0
 function sendpm()
 {
     global $set, $db, $apx;
     //Senden durchführen
     if ($_REQUEST['doit']) {
         $this->sendpm_exec();
         return;
     }
     //Gruppen selected
     if (!is_array($_POST['groupid']) || $_POST['groupid'][0] == 'all') {
         $_POST['groupid'] = array('all');
     }
     //Daten speichern
     if ($_POST['send']) {
         if (!checkToken()) {
             infoInvalidToken();
         } elseif (!$_POST['subject'] || !$_POST['text'] || !count($_POST['groupid'])) {
             infoNotComplete();
         } else {
             $groups = array();
             if ($_POST['groupid'][0] != 'all') {
                 $groups = array_map('intval', $_POST['groupid']);
             }
             $data = array('subject' => $_POST['subject'], 'text' => $_POST['text'], 'groups' => $groups);
             $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='user' AND varname='sendpm_data' LIMIT 1");
             //die('action.php?action=user.sendpm&doit=1');
             printJSRedirect('action.php?action=user.sendpm&doit=1&sectoken=' . $apx->session->get('sectoken'));
         }
     } else {
         //Sektionen auflisten
         $grouplist = '<option value="all"' . iif($_POST['groupid'][0] == 'all', 'selected="selected"') . ' style="font-weight:bold;">' . $apx->lang->get('ALL') . '</option>';
         $data = $db->fetch("SELECT groupid,name FROM " . PRE . "_user_groups ORDER BY name ASC");
         if (count($data)) {
             foreach ($data as $res) {
                 $grouplist .= '<option value="' . $res['groupid'] . '"' . iif(in_array($res['groupid'], $_POST['groupid']), ' selected="selected"') . '>' . replace($res['name']) . '</option>';
             }
         }
         $apx->tmpl->assign('GROUP', $grouplist);
         $apx->tmpl->assign('SUBJECT', compatible_hsc($_POST['subject']));
         $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
         $apx->tmpl->parse('sendpm');
     }
 }
Example #18
0
 function del()
 {
     global $set, $db, $apx;
     $_REQUEST['id'] = (int) $_REQUEST['id'];
     if (!$_REQUEST['id']) {
         die('missing ID!');
     }
     if ($_POST['send'] == 1) {
         if (!checkToken()) {
             infoInvalidToken();
         } else {
             list($image) = $db->first("SELECT image FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
             require BASEDIR . 'lib/class.mediamanager.php';
             $mm = new mediamanager();
             $mm->deletefile($image);
             $db->query("DELETE FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
             logit('AFFILIATES_DEL', 'ID #' . $_REQUEST['id']);
             printJSRedirect(get_index('affiliates.show'));
         }
     } else {
         list($title) = $db->first("SELECT title FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
         $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title))));
         tmessageOverlay('del', array('ID' => $_REQUEST['id']));
     }
 }
Example #19
0
 function del()
 {
     global $set, $db, $apx;
     $_REQUEST['id'] = (int) $_REQUEST['id'];
     if (!$_REQUEST['id']) {
         die('missing ID!');
     }
     if ($_POST['send'] == 1) {
         if (!checkToken()) {
             printInvalidToken();
         } else {
             $db->query("DELETE FROM " . PRE . "_contact WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
             logit('CONTACT_DEL', 'ID #' . $_REQUEST['id']);
             printJSRedirect(get_index('contact.show'));
         }
     } else {
         list($title) = $db->first("SELECT title FROM " . PRE . "_contact WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
         $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title))));
         tmessageOverlay('deltitle', array('ID' => $_REQUEST['id']), '/');
     }
 }
Example #20
0
 function display()
 {
     global $db, $apx, $user, $set;
     $apx->lang->drop('comments', 'comments');
     $page = $this->getpage(array('p'));
     //Seitenzahlen
     list($count) = $db->first("SELECT count(id) FROM " . PRE . "_comments WHERE ( module='" . addslashes($this->module) . "' AND mid='" . $this->mid . "' AND active='1' )");
     pages($page, $count, $this->set['epp'], 'comp', 'COMMENT');
     //Sortierreihenfolge
     if ($this->set['order'] == 1) {
         $order = "a.time ASC";
     } else {
         $order = "a.time DESC";
     }
     //Kommentare auslesen
     $data = $db->fetch("SELECT a.* FROM " . PRE . "_comments AS a WHERE ( module='" . addslashes($this->module) . "' AND a.mid='" . $this->mid . "' AND a.active='1' ) ORDER BY " . $order . " " . getlimit($this->set['epp'], 'comp'));
     if (!count($data)) {
         return;
     }
     //Nummerierungs-Anfang
     if ($this->set['epp']) {
         if ($this->set['order'] == 0) {
             $entrynumber = $count - ($_REQUEST['comp'] - 1) * $this->set['epp'];
         } else {
             $entrynumber = 1 + ($_REQUEST['comp'] - 1) * $this->set['epp'];
         }
     } else {
         if ($this->set['order'] == 0) {
             $entrynumber = $count;
         } else {
             $entrynumber = 1;
         }
     }
     foreach ($data as $res) {
         ++$i;
         if ($res['userid'] && !isset($userinfo[$res['userid']])) {
             $userinfo[$res['userid']] = $user->get_info($res['userid'], 'username,email,pub_hidemail,homepage,avatar,avatar_title,signature,lastactive,pub_invisible,custom1,custom2,custom3,custom4,custom5,custom6,custom7,custom8,custom9,custom10');
         }
         if ($res['userid'] && $userinfo[$res['userid']]) {
             $tabledata[$i]['USERID'] = $res['userid'];
             $tabledata[$i]['NAME'] = replace($userinfo[$res['userid']]['username']);
             $tabledata[$i]['EMAIL'] = replace(iif(!$userinfo[$res['userid']]['pub_hidemail'], $userinfo[$res['userid']]['email']));
             $tabledata[$i]['EMAIL_ENCRYPTED'] = replace(iif(!$userinfo[$res['userid']]['pub_hidemail'], cryptMail($userinfo[$res['userid']]['email'])));
             $tabledata[$i]['HOMEPAGE'] = replace($userinfo[$res['userid']]['homepage']);
             $tabledata[$i]['AVATAR'] = $user->mkavatar($userinfo[$res['userid']]);
             $tabledata[$i]['AVATAR_TITLE'] = $user->mkavtitle($userinfo[$res['userid']]);
             $tabledata[$i]['SIGNATURE'] = $user->mksig($userinfo[$res['userid']]);
             $tabledata[$i]['ONLINE'] = iif(!$userinfo[$res['userid']]['pub_invisible'] && $userinfo[$res['userid']]['lastactive'] + $set['user']['timeout'] * 60 >= time(), 1, 0);
             $tabledata[$i]['ISONLINE'] = $tabledata[$i]['ONLINE'];
             //Custom-Felder
             for ($ii = 1; $ii <= 10; $ii++) {
                 $tabledata[$i]['CUSTOM' . $ii . '_NAME'] = $set['user']['cusfield_names'][$ii - 1];
                 $tabledata[$i]['CUSTOM' . $ii] = compatible_hsc($userinfo[$res['userid']]['custom' . $ii]);
             }
         } else {
             $tabledata[$i]['NAME'] = replace($res['username']);
             $tabledata[$i]['EMAIL'] = replace($res['email']);
             $tabledata[$i]['EMAIL_ENCRYPTED'] = replace(cryptMail($res['email']));
             $tabledata[$i]['HOMEPAGE'] = replace($res['homepage']);
         }
         //Text
         $text = $res['text'];
         if ($this->set['badwords']) {
             $text = badwords($text);
         }
         $text = replace($text, 1);
         if ($this->set['breakline']) {
             $text = wordwrapHTML($text, $this->set['breakline'], "\n");
         }
         if ($this->set['allowsmilies']) {
             $text = dbsmilies($text);
         }
         if ($this->set['allowcode']) {
             $text = dbcodes($text);
         }
         //Titel
         $title = $res['title'];
         if ($this->set['breakline']) {
             $title = wordwrap($title, $this->set['breakline'], "\n", 1);
         }
         if ($this->set['badwords']) {
             $title = badwords($title);
         }
         $title = replace($title);
         $tabledata[$i]['TEXT'] = $text;
         $tabledata[$i]['TITLE'] = $title;
         $tabledata[$i]['TIME'] = $res['time'];
         $tabledata[$i]['NUMBER'] = $entrynumber;
         //Admin-Links
         if ($_COOKIE[$set['main']['cookie_pre'] . '_admin_userid'] && $_COOKIE[$set['main']['cookie_pre'] . '_admin_password']) {
             $tabledata[$i]['EDITLINK'] = HTTPDIR . 'admin/action.php?action=comments.edit&amp;module=' . $this->module . '&amp;mid=' . $this->mid . '&amp;id=' . $res['id'] . '&amp;outer=1';
             $tabledata[$i]['DELETELINK'] = HTTPDIR . 'admin/action.php?action=comments.del&amp;module=' . $this->module . '&amp;mid=' . $this->mid . '&amp;id=' . $res['id'] . '&amp;outer=1';
         }
         //Melden
         $link_report = "javascript:popupwin('misc.php?action=comments_report&amp;id=" . $res['id'] . "&amp;url='+escape(window.location.href),500,300);";
         $tabledata[$i]['REPORTLINK'] = $link_report;
         //Kommentarnummer
         if ($this->set['order'] == 0) {
             --$entrynumber;
         } else {
             ++$entrynumber;
         }
     }
     return $tabledata;
 }
Example #21
0
 function systems_del()
 {
     global $set, $db, $apx;
     $_REQUEST['id'] = (int) $_REQUEST['id'];
     if (!$_REQUEST['id']) {
         die('missing ID!');
     }
     if ($_POST['send'] == 1) {
         if (!checkToken()) {
             printInvalidToken();
         } else {
             $db->query("DELETE FROM " . PRE . "_products_groups WHERE grouptype='system' AND id='" . $_REQUEST['id'] . "'");
             logit('PRODUCTS_SYSTEMS_DEL', 'ID #' . $_REQUEST['id']);
             printJSRedirect(get_index('products.systems'));
         }
     } else {
         list($title) = $db->first("SELECT title FROM " . PRE . "_products_groups WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
         $apx->tmpl->assign('MESSAGE', $apx->lang->get('DEL_TEXT', array('TITLE' => compatible_hsc($title))));
         tmessageOverlay('sysdel', array('ID' => $_REQUEST['id']));
     }
 }
Example #22
0
    $apx->tmpl->assign('INTERESTS', compatible_hsc($user->info['interests']));
    $apx->tmpl->assign('WORK', compatible_hsc($user->info['work']));
    $apx->tmpl->assign('GENDER', (int) $user->info['gender']);
    $apx->tmpl->assign('BD_DAY', (int) $bd['bd_day']);
    $apx->tmpl->assign('BD_MONTH', (int) $bd['bd_month']);
    $apx->tmpl->assign('BD_YEAR', (int) $bd['bd_year']);
    $apx->tmpl->assign('AGECONFIRMED', (int) $user->info['ageconfirmed']);
    $apx->tmpl->assign('INVISIBLE', (int) $user->info['pub_invisible']);
    $apx->tmpl->assign('HIDEMAIL', (int) $user->info['pub_hidemail']);
    $apx->tmpl->assign('POPPM', (int) $user->info['pub_poppm']);
    $apx->tmpl->assign('MAILPM', (int) $user->info['pub_mailpm']);
    $apx->tmpl->assign('SHOWBUDDIES', (int) $user->info['pub_showbuddies']);
    $apx->tmpl->assign('USEGB', (int) $user->info['pub_usegb']);
    $apx->tmpl->assign('GBMAIL', (int) $user->info['pub_gbmail']);
    $apx->tmpl->assign('PROFILEFORFRIENDS', (int) $user->info['pub_profileforfriends']);
    $apx->tmpl->assign('AUTOSUBSCRIBE', (int) $user->info['forum_autosubscribe']);
    $apx->tmpl->assign('LANG', $langdata);
    $apx->tmpl->assign('THEME', $themedata);
    $apx->tmpl->assign('PWDLENGTH', $set['user']['pwdminlen']);
    //Alte Platzhalter zwecks Abwärtskompatiblität
    $apx->tmpl->assign('LANGLIST', $langlist);
    $apx->tmpl->assign('THEMELIST', $themelist);
    //Custom-Felder
    for ($i = 1; $i <= 10; $i++) {
        $apx->tmpl->assign('CUSTOM' . $i . '_NAME', $set['user']['cusfield_names'][$i - 1]);
        $apx->tmpl->assign('CUSTOM' . $i, compatible_hsc($user->info['custom' . $i]));
    }
    $postto = mklink('user.php?action=myprofile', 'user,myprofile.html');
    $apx->tmpl->assign('POSTTO', $postto);
    $apx->tmpl->parse('myprofile');
}
Example #23
0
 function filetypes_del()
 {
     global $set, $apx, $db;
     if (!$_REQUEST['id']) {
         die('missing ID!');
     }
     if ($_POST['send']) {
         if (!checkToken()) {
             printInvalidToken();
         } else {
             $db->query("DELETE FROM " . PRE . "_forum_filetypes WHERE ext='" . addslashes(strtolower($_REQUEST['id'])) . "'");
             logit('FORUM_FILETYPEDEL', $_REQUEST['id']);
             printJSRedirect('action.php?action=forum.filetypes');
         }
     } else {
         $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($_REQUEST['id']))));
         tmessageOverlay('filetypedel', array('ID' => $_REQUEST['id']));
     }
 }
Example #24
0
        }
    } else {
        //Vorschau
        if ($_POST['preview']) {
            $text = $_POST['text'];
            $text = badwords($text);
            $text = replace($text, 1);
            $text = dbsmilies($text);
            $text = dbcodes($text);
            $apx->tmpl->assign('PREVIEW', $text);
        } else {
            list($_POST['title'], $_POST['text'], $_POST['allowcoms']) = $db->first("SELECT title,text,allowcoms FROM " . PRE . "_user_blog WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
        }
        $apx->tmpl->assign('ID', $_REQUEST['id']);
        $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
        $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
        $apx->tmpl->assign('ALLOWCOMS', intval($_POST['allowcoms']));
        $apx->tmpl->assign('POSTTO', mklink('user.php?action=myblog', 'user,myblog.html'));
        $apx->tmpl->parse('myblog_addedit');
    }
    require 'lib/_end.php';
} elseif ($_REQUEST['do'] == 'del') {
    $_REQUEST['id'] = (int) $_REQUEST['id'];
    if (!$_REQUEST['id']) {
        die('missing ID!');
    }
    if ($_POST['send']) {
        $db->query("DELETE FROM " . PRE . "_user_blog WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
        message($apx->lang->get('MSG_DEL_OK'), mklink('user.php?action=myblog', 'user,myblog.html'));
    } else {
        tmessage('delblog', array('ID' => $_REQUEST['id']));
Example #25
0
            $data = $db->fetch("SELECT ignored FROM " . PRE . "_user_ignore WHERE userid='" . $user->info['userid'] . "'");
            $existing = get_ids($data, 'ignored');
            if (!$userid) {
                message($apx->lang->get('MSG_NOMATCH'), 'back');
            } elseif (in_array($userid, $existing)) {
                message($apx->lang->get('MSG_EXISTS'), 'back');
            } elseif ($userid == $user->info['userid']) {
                message($apx->lang->get('MSG_NOTSELF'), 'back');
            } else {
                $db->query("INSERT INTO " . PRE . "_user_ignore (userid,ignored,reason) VALUES ('" . $user->info['userid'] . "','" . $userid . "','" . addslashes($_POST['reason']) . "')");
                $goto = mklink('user.php?action=ignorelist', 'user,ignorelist.html');
                message($apx->lang->get('MSG_ADD_OK'), $goto);
            }
        }
    } else {
        tmessage('addignore', array('USERNAME' => compatible_hsc($_REQUEST['username'])));
    }
} elseif ($_REQUEST['del']) {
    if ($_POST['del']) {
        $db->query("DELETE FROM " . PRE . "_user_ignore WHERE userid='" . $user->info['userid'] . "' AND ignored='" . intval($_POST['del']) . "' LIMIT 1");
        $goto = mklink('user.php?action=ignorelist', 'user,ignorelist.html');
        message($apx->lang->get('MSG_DEL_OK'), $goto);
    } else {
        tmessage('delignore', array('ID' => $_REQUEST['del']));
    }
} else {
    //Ignorierte Benutzer auslesen
    $data = $db->fetch("SELECT u.userid,u.username,i.reason FROM " . PRE . "_user_ignore AS i LEFT JOIN " . PRE . "_user AS u ON i.ignored=u.userid WHERE i.userid='" . $user->info['userid'] . "' ORDER BY u.username ASC");
    if (count($data)) {
        foreach ($data as $res) {
            ++$i;
Example #26
0
        $statusSmileyPath = $smiley['file'];
        break;
    }
}
$apx->tmpl->assign('USERID', $res['userid']);
$apx->tmpl->assign('USERNAME', replace($res['username']));
$apx->tmpl->assign('GROUP', replace($groupname));
$apx->tmpl->assign('REGDATE', $res['reg_time']);
$apx->tmpl->assign('REGDAYS', floor((time() - $res['reg_time']) / (24 * 3600)));
$apx->tmpl->assign('LASTACTIVE', (int) $res['lastactive']);
$apx->tmpl->assign('IS_ONLINE', iif(!$res['pub_invisible'] && $res['lastactive'] + $set['user']['timeout'] * 60 >= time(), 1, 0));
$apx->tmpl->assign('EMAIL', replace($res['email']));
$apx->tmpl->assign('EMAIL_ENCRYPTED', cryptMail($res['email']));
$apx->tmpl->assign('HIDEMAIL', $res['pub_hidemail']);
$apx->tmpl->assign('STATUS', replace($res['status']));
$apx->tmpl->assign('STATUS_SMILEY', compatible_hsc($statusSmileyPath));
$apx->tmpl->assign('STATUS_SMILEY_CODE', replace($res['status_smiley']));
$apx->tmpl->assign('HOMEPAGE', replace($res['homepage']));
$apx->tmpl->assign('ICQ', replace($res['icq']));
$apx->tmpl->assign('AIM', replace($res['aim']));
$apx->tmpl->assign('YIM', replace($res['yim']));
$apx->tmpl->assign('MSN', replace($res['msn']));
$apx->tmpl->assign('SKYPE', replace($res['skype']));
$apx->tmpl->assign('REALNAME', replace($res['realname']));
$apx->tmpl->assign('CITY', replace($res['city']));
$apx->tmpl->assign('PLZ', replace($res['plz']));
$apx->tmpl->assign('COUNTRY', replace($res['country']));
$apx->tmpl->assign('INTERESTS', replace($res['interests']));
$apx->tmpl->assign('WORK', replace($res['work']));
$apx->tmpl->assign('GENDER', (int) $res['gender']);
$apx->tmpl->assign('BIRTHDAY', $birthday);
Example #27
0
                    require 'lib/_end.php';
                }
                $db->query("UPDATE " . PRE . "_user SET avatar='" . addslashes($newfile) . "',avatar_title='" . addslashes($_POST['avatar_title']) . "' WHERE userid='" . $user->info['userid'] . "' LIMIT 1");
                if ($user->info['avatar']) {
                    $mm->deletefile('user/' . $user->info['avatar']);
                }
                message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html'));
            }
        }
    } elseif ($_POST['delav']) {
        require BASEDIR . 'lib/class.mediamanager.php';
        $mm = new mediamanager();
        $mm->deletefile('user/' . $user->info['avatar']);
        $db->query("UPDATE " . PRE . "_user SET avatar='',avatar_title='' WHERE userid='" . $user->info['userid'] . "' LIMIT 1");
        message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html'));
    } else {
        $db->query("UPDATE " . PRE . "_user SET avatar_title='" . addslashes($_POST['avatar_title']) . "' WHERE userid='" . $user->info['userid'] . "' LIMIT 1");
        message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html'));
    }
} else {
    if ($user->info['avatar']) {
        $apx->tmpl->assign('CURRENT_AVATAR', $user->mkavatar($user->info));
        $apx->tmpl->assign('CURRENT_TITLE', $user->mkavtitle($user->info));
    }
    $apx->tmpl->assign('MAX_DIMENSIONS', $set['user']['avatar_maxdim']);
    $apx->tmpl->assign('MAX_FILESIZE', user_getsize($set['user']['avatar_maxsize'], 0));
    $postto = mklink('user.php?action=avatar', 'user,avatar.html');
    $apx->tmpl->assign('POSTTO', $postto);
    $apx->tmpl->assign('AVATAR_TITLE', compatible_hsc($user->info['avatar_title']));
    $apx->tmpl->parse('avatar');
}
Example #28
0
//Die letzten 10 Beiträge
$data = $db->fetch("SELECT postid,userid,username,text,time,allowcodes,allowsmilies FROM " . PRE . "_forum_posts WHERE ( del=0 AND threadid='" . $threadinfo['threadid'] . "' ) ORDER BY time DESC LIMIT 10");
if (count($data)) {
    foreach ($data as $res) {
        ++$i;
        //Text
        $text = forum_replace($res['text'], $res['allowcodes'], $res['allowsmilies']);
        $postdata[$i]['ID'] = $res['postid'];
        $postdata[$i]['USERID'] = $res['userid'];
        $postdata[$i]['USERNAME'] = replace($res['username']);
        $postdata[$i]['TEXT'] = $text;
        $postdata[$i]['TIME'] = $res['time'];
    }
}
$apx->tmpl->assign('POST', $postdata);
$apx->tmpl->assign('ATTACH', forum_access_addattachment($foruminfo));
$apx->tmpl->assign('ID', $threadinfo['threadid']);
$apx->tmpl->assign('HASH', $_POST['hash']);
$apx->tmpl->parse('newpost');
////////////////////////////////////////////////////////////////////////////////////////////////////////
$threadpath = array(array('TITLE' => trim(compatible_hsc(strip_tags(forum_get_prefix($threadinfo['prefix']) . ' ') . $threadinfo['title'])), 'LINK' => mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html')));
$apx->tmpl->assign_static('STYLESHEET', compatible_hsc($foruminfo['stylesheet']));
$apx->tmpl->assign('PATH', array_merge(forum_path($foruminfo, 1), $threadpath));
$apx->tmpl->assign('PATHEND', $apx->lang->get('HEADLINE_NEWPOST'));
titlebar($apx->lang->get('HEADLINE_NEWPOST'));
////////////////////////////////////////////////////////////////////////////////////////////////////////
require 'lib/_end.php';
///////////////////////////////////////////////////////////////////////////
require '../lib/_end.php';
//////////////////////////////////////////////////////// SCRIPT BEENDEN ///
////////////////////////////////////////////////////////////////////////////////////////////////////////
Example #29
0
 function blockcontent()
 {
     global $set, $db, $apx, $html;
     $_REQUEST['key'] = (int) $_REQUEST['key'];
     //IP löschen
     if ($_REQUEST['do'] == 'del') {
         if ($_POST['send']) {
             if (!checkToken()) {
                 printInvalidToken();
             } else {
                 unset($set['guestbook']['blockstring'][$_REQUEST['id']]);
                 $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($set['guestbook']['blockstring'])) . "' WHERE module='guestbook' AND varname='blockstring' LIMIT 1");
                 printJSRedirect('action.php?action=guestbook.blockcontent');
             }
         } else {
             $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_DEL', array('TITLE' => compatible_hsc($set['guestbook']['blockstring'][$_REQUEST['id']]))));
             tmessageOverlay('contentdel', array('ID' => $_REQUEST['id']));
         }
         return;
     } elseif ($_REQUEST['do'] == 'add') {
         if (!checkToken()) {
             printInvalidToken();
         } elseif (!$_POST['string']) {
             infoNotComplete();
         } else {
             $set['guestbook']['blockstring'][] = $_POST['string'];
             $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($set['guestbook']['blockstring'])) . "' WHERE module='guestbook' AND varname='blockstring' LIMIT 1");
             printJSRedirect('action.php?action=guestbook.blockcontent');
         }
         return;
     }
     quicklink_index('guestbook.show');
     quicklink_out();
     //AUFLISTUNG BEGINNT
     $strings = $set['guestbook']['blockstring'];
     if (!is_array($strings)) {
         $strings = array();
     }
     $strings = array_sort($strings, 0, 'asc');
     $col[] = array('TITLE_GUESTBOOK_BLOCKCONTENT', 100, 'class="title"');
     foreach ($strings as $i => $res) {
         $tabledata[$i]['COL1'] = $res;
         $tabledata[$i]['OPTIONS'] = optionHTMLOverlay('del.gif', 'guestbook.blockcontent', 'do=del&id=' . $i, $apx->lang->get('CORE_DEL'));
     }
     $apx->tmpl->assign('TABLE', $tabledata);
     $html->table($col);
     $apx->tmpl->parse('blockcontent');
 }
Example #30
0
function optionHTMLOverlay($icon, $actionid, $params, $title = false)
{
    static $modules;
    global $reg, $apx;
    if (!$title) {
        $title = $apx->lang->get('TITLE_' . strtoupper($apx->module()) . '_' . strtoupper($apx->action()));
    }
    return '<a href="javascript:MessageOverlayManager.createLayer(\'action.php?action=' . $actionid . '&amp;' . compatible_hsc($params) . '\');" title="' . $title . '"><img src="design/' . $icon . '" alt="' . $title . '" /></a>';
}