$errormsg .= $cs_lang['email_false'] . cs_html_br(1);
}
include_once 'mods/contact/trashmail.php';
if (cs_trashmail($register['email'])) {
$error++;
$errormsg .= $cs_lang['email_false'] . cs_html_br(1);
}
$flood = cs_sql_select(__FILE__, 'users', 'users_register', 0, 'users_register DESC');
$maxtime = $flood['users_register'] + $cs_main['def_flood'];
if ($maxtime > cs_time()) {
$error++;
$diff = $maxtime - cs_time();
$errormsg .= sprintf($cs_lang['flood_on'], $diff) . cs_html_br(1);
}
if (empty($op_users['def_register']) or $op_users['def_register'] == '2') {
if (!cs_captchacheck($_POST['captcha'])) {
$error++;
$errormsg .= $cs_lang['captcha_false'] . cs_html_br(1);
}
}
isset($_POST['send_mail']) ? $rgsm = $_POST['send_mail'] : ($rgsm = 0);
$register['send_mail'] = $rgsm;
} else {
$register['lang'] = $cs_main['def_lang'];
$register['nick'] = '';
$register['password'] = '';
$register['email'] = '';
$register['send_mail'] = 0;
$register['newsletter'] = '';
}
if (!isset($_POST['submit'])) {
function cs_commments_create($com_fid, $mod, $action, $quote_id, $mod_name, $close = 0, $more = 'id')
{
$cs_lang = cs_translate('comments');
global $account, $cs_main;
settype($com_fid, 'integer');
settype($quote_id, 'integer');
settype($close, 'integer');
$data['head']['mod'] = $mod_name;
$data['if']['preview'] = FALSE;
$data['if']['guest'] = FALSE;
#guest
$data['if']['captcha'] = FALSE;
#guest
$guestnick = '';
$op_comments = cs_sql_option(__FILE__, 'comments');
if (!empty($account['users_id']) or !empty($op_comments['allow_unreg'])) {
if (!empty($quote_id)) {
$cells = 'users_id, comments_text, comments_time, comments_fid, comments_guestnick';
$cs_com = cs_sql_select(__FILE__, 'comments', $cells, "comments_id = '" . $quote_id . "'");
$com_fid = $cs_com['comments_fid'];
if (!empty($cs_com['users_id'])) {
$cs_users = cs_sql_select(__FILE__, 'users', 'users_nick', "users_id = '" . $cs_com['users_id'] . "'");
$url = cs_url('users', 'view', 'id=' . $cs_com['users_id']);
$text = cs_date('unix', $cs_com['comments_time'], 1) . ' - [url=' . $url . ']';
$text .= $cs_users['users_nick'] . "[/url]:\r\n[quote]" . $cs_com['comments_text'] . '[/quote]';
} else {
//if guest
$text = cs_date('unix', $cs_com['comments_time'], 1) . ' - ';
$text .= $cs_com['comments_guestnick'] . ":\r\n[quote]" . $cs_com['comments_text'] . '[/quote]';
}
} elseif (isset($_POST['submit']) or isset($_POST['preview']) or isset($_POST['advanced'])) {
$text = $_POST['comments_text'];
$find = "comments_mod = '" . cs_sql_escape($mod) . "' AND comments_fid = " . (int) $com_fid;
$last_from = cs_sql_select(__FILE__, 'comments', 'users_id, comments_ip', $find, 'comments_id DESC');
$ip = cs_getip();
$error = '';
if (empty($account['users_id'])) {
$guestnick = $_POST['comments_guestnick'];
if (empty($guestnick)) {
$error .= $cs_lang['no_guestnick'] . cs_html_br(1);
} else {
$op_users = cs_sql_option(__FILE__, 'users');
$nick2 = str_replace(' ', '', $guestnick);
$nickchars = strlen($nick2);
if ($nickchars < $op_users['min_letters']) {
$error .= sprintf($cs_lang['short_guestnick'], $op_users['min_letters']) . cs_html_br(1);
}
$search_nick = cs_sql_count(__FILE__, 'users', "users_nick = '" . cs_sql_escape($guestnick) . "'");
if (!empty($search_nick)) {
$error .= $cs_lang['nick_exists'] . cs_html_br(1);
}
}
if (!cs_captchacheck($_POST['captcha'])) {
$error .= $cs_lang['captcha_false'] . cs_html_br(1);
}
if ($ip == $last_from['comments_ip']) {
$error .= $cs_lang['last_own'] . cs_html_br(1);
}
$where = "comments_ip = '" . cs_sql_escape($ip) . "'";
} else {
if ($account['users_id'] == $last_from['users_id']) {
$error .= $cs_lang['last_own'] . cs_html_br(1);
}
$where = "users_id = " . (int) $account['users_id'];
}
if (empty($text)) {
$error .= $cs_lang['no_text'] . cs_html_br(1);
}
$and_mod = " AND comments_mod = '" . cs_sql_escape($mod) . "'";
$flood = cs_sql_select(__FILE__, 'comments', 'comments_time', $where . $and_mod, 'comments_time DESC');
$maxtime = $flood['comments_time'] + $cs_main['def_flood'];
if ($maxtime > cs_time()) {
$diff = $maxtime - cs_time();
$error .= sprintf($cs_lang['flood_on'], $diff);
}
if (!empty($close)) {
$error .= $cs_lang['closed'] . cs_html_br(1);
}
} else {
$text = '';
}
if (!isset($_POST['submit']) and !isset($_POST['preview'])) {
$data['head']['body'] = $cs_lang['body_com_create'];
} elseif (!empty($error)) {
$data['head']['body'] = $error;
} elseif (isset($_POST['preview'])) {
$data['head']['body'] = $cs_lang['preview'];
}
if (isset($_POST['preview']) and empty($error)) {
$data['if']['preview'] = true;
$userid = $account['users_id'];
if (!empty($userid)) {
$data['if']['guest_prev'] = FALSE;
$data['if']['user_prev'] = TRUE;
$select = 'users_nick, users_laston, users_place, users_country, users_active, users_invisible, users_delete';
$cs_user = cs_sql_select(__FILE__, 'users', $select, "users_id = '" . $userid . "'");
$user = cs_secure($cs_user['users_nick']);
$url = 'symbols/countries/' . $cs_user['users_country'] . '.png';
$data['prev']['flag'] = cs_html_img($url, 11, 16);
$data['prev']['user'] = cs_user($userid, $cs_user['users_nick'], $cs_user['users_active'], $cs_user['users_delete']);
$data['prev']['status'] = cs_userstatus($cs_user['users_laston'], $cs_user['users_invisible']);
$data['prev']['laston'] = empty($cs_user['users_invisible']) ? '--' : cs_date('unix', $cs_user['users_laston']);
$place = empty($cs_user['users_place']) ? '-' : $cs_user['users_place'];
$data['prev']['place'] = cs_secure($place);
$who = "users_id = " . (int) $userid;
$count_com[$userid] = cs_sql_count(__FILE__, 'comments', $who);
$data['prev']['posts'] = $count_com[$userid];
} else {
$data['if']['guest_prev'] = TRUE;
$data['if']['user_prev'] = FALSE;
$data['prev']['guestnick'] = cs_secure($guestnick);
}
$opt = "comments_mod = '" . cs_sql_escape($mod) . "' AND comments_fid = " . (int) $com_fid;
$count_com = cs_sql_count(__FILE__, 'comments', $opt);
$data['prev']['count_com'] = $count_com + 1;
$data['prev']['date'] = cs_date('unix', cs_time(), 1);
$data['prev']['text'] = cs_secure($text, 1, 1);
}
if (!empty($error) or isset($_POST['preview']) or !isset($_POST['submit'])) {
$data['com']['form_name'] = $mod . '_com_create';
$data['com']['form_url'] = cs_url($mod, 'com_create');
$data['com']['smileys'] = cs_abcode_smileys('comments_text');
$data['com']['abcode'] = cs_abcode_features('comments_text');
// if guest
if (empty($account['users_id'])) {
$data['if']['guest'] = TRUE;
$data['com']['guestnick'] = $guestnick;
if (extension_loaded('gd')) {
$data['if']['captcha'] = TRUE;
$data['captcha']['img'] = cs_html_img('mods/captcha/generate.php?time=' . cs_time());
}
}
$data['com']['text'] = $text;
$data['com']['fid'] = $com_fid;
echo cs_subtemplate(__FILE__, $data, 'comments', 'com_create');
require_once 'mods/comments/functions.php';
$com_where = "comments_mod = '" . cs_sql_escape($mod) . "' AND comments_fid = " . (int) $com_fid;
$count = cs_sql_count(__FILE__, 'comments', $com_where);
cs_comments_view($com_fid, $mod, 'com_create', $count, false, 5);
} elseif (empty($quote_id)) {
$opt = "comments_mod = '" . cs_sql_escape($mod) . "' AND comments_fid = " . (int) $com_fid;
$count_com = cs_sql_count(__FILE__, 'comments', $opt);
$start = floor($count_com / $account['users_limit']) * $account['users_limit'];
$user_ip = cs_getip();
$com_cells = array('users_id', 'comments_fid', 'comments_mod', 'comments_ip', 'comments_time', 'comments_text', 'comments_guestnick');
$com_save = array($account['users_id'], $com_fid, $mod, $user_ip, cs_time(), $text, $guestnick);
cs_sql_insert(__FILE__, 'comments', $com_cells, $com_save);
$more_action = $more . '=' . $com_fid . '&start=' . $start . '#com' . ++$count_com;
cs_redirect($cs_lang['create_done'], $mod, $action, $more_action);
}
} else {
cs_redirect('', 'errors', '403');
}
}
if (!empty($_POST['sh_text2'])) {
$cs_shout['shoutbox_text'] = $_POST['sh_text2'];
}
$error = '';
if ($cs_shout['shoutbox_name'] == 'Nick' or empty($cs_shout['shoutbox_name'])) {
$error .= cs_html_br(1) . '- ' . $cs_lang['no_name'];
$cs_shout['shoutbox_name'] = '';
}
if (empty($cs_shout['shoutbox_text'])) {
$error .= cs_html_br(1) . ' ' . $cs_lang['no_text'];
}
if (strlen($cs_shout['shoutbox_text']) > $opt['max_text']) {
$signs = strlen($cs_shout['shoutbox_text']) - $opt['max_text'];
$error .= cs_html_br(1) . '- ' . sprintf($cs_lang['too_long'], $signs);
}
if (empty($account['users_id']) && !cs_captchacheck($_POST['captcha'], 1)) {
$error .= cs_html_br(1) . ' ' . $cs_lang['captcha_false'] . cs_html_br(1);
}
$cond = 'shoutbox_ip = \'' . cs_sql_escape($cs_shout['shoutbox_ip']) . '\'';
$flood = cs_sql_select(__FILE__, 'shoutbox', 'shoutbox_date', $cond, 'shoutbox_date DESC');
$maxtime = $flood['shoutbox_date'] + $cs_main['def_flood'];
$time_now = cs_time();
if ($maxtime > $time_now) {
$diff = $maxtime - $time_now;
$error .= cs_html_br(1) . '- ' . sprintf($cs_lang['flood'], $diff);
}
$text = cs_sql_escape($cs_shout['shoutbox_text']);
$min = $time_now - 600;
// 10 min
$where = "shoutbox_text = '" . $text . "' AND shoutbox_ip = '" . cs_sql_escape($cs_shout['shoutbox_ip']) . "'";
$where .= " AND shoutbox_date > '" . $min . "'";
<?php
// ClanSphere 2010 - www.clansphere.net
// $Id$
$cs_lang = cs_translate('users');
$cs_contact = cs_sql_option(__FILE__, 'contact');
$captcha = extension_loaded('gd') ? 1 : 0;
$checked = 0;
$success = 0;
$error = 0;
$errormsg = '';
if (isset($_POST['submit'])) {
$sendpw['email'] = $_POST['email'];
$sendpw['email_send'] = empty($_POST['email_send']) ? 0 : 1;
if (empty($sendpw['email_send']) && !cs_captchacheck($_POST['captcha'])) {
$error++;
$errormsg .= $cs_lang['captcha_false'] . cs_html_br(1);
}
$search_email = cs_sql_count(__FILE__, 'users', "users_email = '" . cs_sql_escape($sendpw['email']) . "'");
if (empty($search_email)) {
$error++;
$errormsg .= $cs_lang['email_unknown'] . cs_html_br(1);
}
if (!empty($sendpw['email_send']) and empty($error)) {
$sendpw['key'] = $_POST['key'];
$sendpw['new_pwd'] = $_POST['new_pwd'];
$pwd2 = str_replace(' ', '', $sendpw['new_pwd']);
$pwdchars = strlen($pwd2);
if ($pwdchars < 4) {
$error++;
$errormsg .= $cs_lang['short_pwd'] . cs_html_br(1);
