} } $db->commit(); #Przekieruj do w±tku header('Location: ' . URL . url('pms/view/' . ($th ? $th : $db->lastInsertId()))); return 1; } catch (Exception $e) { $view->info($e->getMessage()); } } else { #BBCode if (isset($cfg['bbcode'])) { require './lib/bbcode.php'; $preview = emots(BBCode($pm['txt'])); } else { $preview = emots($pm['txt']); } } $url = url('pms/edit/' . $id, 'th=' . $th); } elseif ($id) { $pm = $db->query('SELECT p.*,u.login as `to` FROM ' . PRE . 'pms p LEFT JOIN ' . PRE . 'users u ON p.usr=u.ID WHERE p.ID=' . $id . ' AND p.owner=' . UID)->fetch(2); #Nie istnieje? if (!$pm or !is_numeric($pm['usr'])) { return; } #Dodaj Re: lub Fwd: do tytu³u if (isset($_GET['fwd'])) { if (strpos($pm['topic'], 'Fwd:') === false) { $pm['topic'] = 'Fwd: ' . $pm['topic']; } $url = url('pms/edit');
#Page title $view->title = $bug['name']; #Does not exist if (!$bug) { $view->set404(); return; } #Not approved if ($bug['status'] == 5 && $bug['who'] != UID && !$rights) { header('Location: ' . URL . url('bugs')); return; } #BBCode if (isset($cfg['bbcode'])) { require 'lib/bbcode.php'; $bug['text'] = BBCode($bug['text']); } #Date, author $bug['date'] = genDate($bug['date'], 1); $bug['who'] = $bug['UID'] ? autor($bug['UID']) : $bug['who']; $bug['text'] = nl2br(emots($bug['text'])); $bug['level'] = $lang['L' . $bug['level']]; $bug['status'] = $lang['S' . $bug['status']]; #Rate if ($bug['rate'] == 2) { $bug['mark'] = $bug['pos'] ? $bug['pos'] : $lang['lack']; $bug['marks'] = $bug['neg'] ? $bug['neg'] : 0; $view->css(SKIN_DIR . 'rate.css'); } #Template $view->add('view', array('bug' => &$bug, 'edit' => $rights || $bug['poster'] == UID && isset($cfg['bugsEdit']) ? url('bugs/post/' . $id) : false, 'hands' => $bug['rate'] == 1, 'stars' => $bug['rate'] == 2, 'catURL' => url('bugs/list/' . $bug['cat']), 'mainURL' => url('bugs'), 'canVote' => $bug['rate'] && (UID || isset($cfg['bugsVote'])), 'editStatus' => $rights));
$tab = $ini[$id]['table']; } $in[] = 'SELECT ' . $col . ' FROM ' . PRE . $tab . ' WHERE access=1 AND ID IN(' . join(',', $x) . ')'; } #Sort items of all genre by name $q = $db->query(join(' UNION ALL ', $in) . ' ORDER BY name'); $q->setFetchMode(3); #Prepare item description - strip tags, shorten, etc. foreach ($q as $x) { if ($x[3]) { $x[3] = strip_tags($x[3]); if (isset($x[3][200]) && ($pos = strpos($x[3], ' ', 180))) { $x[3] = substr($x[3], 0, $pos) . '...'; } } $all[] = array('title' => $x[2], 'desc' => empty($x[3]) ? '' : emots($x[3]), 'url' => isset($x[4]) ? $x[4] : url($x[0] . '/' . $x[1])); } #Prepare template $view->title = clean($URL[1]); $view->add('tags', array('item' => &$all, 'tag' => false, 'tags' => url('tags'))); } else { $view->title = $lang['tags']; #Action: show tag cloud $res = $db->query('SELECT tag, num FROM ' . PRE . 'tags GROUP BY tag ORDER BY tag LIMIT 30'); $tag = $res->fetchAll(12); //PDO::FETCH_KEY_PAIR #32 - max font size [px] #12 - min font size [px] if (!$tag) { return; }
$post['ip'] = $_SERVER['REMOTE_ADDR']; $post['uid'] = UID && $post['who'] === $user['login'] ? UID : 0; } $q->execute($post); #Set time lock $_SESSION['postTime'] = $_SERVER['REQUEST_TIME']; #Redirect to guestbook header('Location: ' . URL . url('guestbook')); #Show OK message $view->message($lang['saved']); } catch (PDOException $e) { $view->info($lang['error'] . $e); } } } elseif (!$error) { $preview = nl2br(emots($post['txt'])); if (isset($cfg['bbcode'])) { include './lib/bbcode.php'; $preview = BBCode($preview); } } } elseif ($id) { if (!($post = $db->query('SELECT * FROM ' . PRE . 'guestbook WHERE ID=' . $id)->fetch(2))) { return; } } else { $post = array('who' => UID ? $user['login'] : '', 'mail' => '', 'www' => 'http://', 'gg' => '', 'icq' => '', 'tlen' => '', 'skype' => '', 'jabber' => '', 'txt' => ''); } #Show errors if ($error) { $view->info('<ul><li>' . join('</li><li>', $error) . '</li></ul>');
} $view->info(sprintf($lang['NVAL'], $news['name']), null, 'warning'); } #Full content if ($news['opt'] & 4) { $full = $db->query('SELECT text FROM ' . PRE . 'newstxt WHERE ID=' . $id)->fetchColumn(); } else { $full = ''; } #Page title $view->title = $news['name']; #Emoticons if ($news['opt'] & 2) { $news['txt'] = emots($news['txt']); if ($full) { $full = emots($full); } } #Line breaks if ($news['opt'] & 1) { $news['txt'] = nl2br($news['txt']); if ($full) { $full = nl2br($full); } } #Date, author $news['date'] = genDate($news['date'], true); $news['wrote'] = autor($news['author']); #Assign to template $view->add('news', array('news' => &$news, 'full' => &$full, 'path' => catPath($news['cat']), 'edit' => admit($news['cat'], 'CAT') ? url('edit/5/' . $id, 'ref') : false, 'root' => isset($cfg['allCat']) ? $lang['cats'] : $lang['news'], 'cats' => url(isset($cfg['allCat']) ? 'cats' : 'cats/news'))); #Tags
#Disabled if (!$art['access']) { if (!admit($art['cat'], 'CAT')) { return; } $view->info(sprintf($lang['NVAL'], $art['name']), null, 'warning'); } #Art title $view->title = $art['name']; #Art description - clean [temporary] if ($art['dsc']) { $view->desc = clean($art['dsc']); } #Emots if ($art['opt'] & 2) { $art['text'] = emots($art['text']); } #BR if ($art['opt'] & 1) { $art['text'] = nl2br($art['text']); } #Date, author $art['date'] = genDate($art['date'], true); $art['author'] = autor($art['author']); #Ocena if (isset($cfg['arate']) && $art['catOpt'] & 4) { $view->css(SKIN_DIR . 'rate.css'); $rates = 'vote.php?type=1&id=' . $id; } else { $rates = 0; }
break; case '4': (require './mod/edit/link.php') or $view->set404(); break; case 'gallery': (require './mod/edit/photos.php') or $view->set404(); break; default: if (file_exists('./mod/edit/' . $TYPE . '.php')) { (require './mod/edit/' . $TYPE . '.php') or $view->set404(); } else { return; } } unset($_POST); return 1; } #Tytul $view->title = $lang['mantxt']; #Ostatni komentarz if (admit('CM') && ($c = $db->query('SELECT name,date,text FROM ' . PRE . 'comms ORDER BY ID DESC LIMIT 1')->fetch(3))) { if (isset($cfg['bbcode'])) { require_once './lib/bbcode.php'; $c[2] = BBCode($c[2]); } $last = array('title' => $c[0], 'date' => genDate($c[1], 1), 'text' => emots($c[2]), 'color' => isset($cfg['colorCode'])); } else { $last = array(); } #Wolne strony $view->add('content', array('comment' => &$last, 'page' => admit('P') ? url('editPage', '', 'admin') : null, 'pages' => admit('P') ? url('pages', '', 'admin') : null));
} elseif (UID) { $login = $user['login']; } else { return; } #Query $q = $db->prepare('SELECT * FROM ' . PRE . 'users WHERE login=?'); $q->execute(array($login)); #If does not exist if (!($u = $q->fetch(2))) { return; } #N/A define('NA', $lang['na']); #O sobie $u['about'] = nl2br(emots($u['about'])); #BBCode if (isset($cfg['bbcode']) && $u['about']) { include_once './lib/bbcode.php'; $u['about'] = BBCode($u['about']); } #WWW $u['www'] = $u['www'] && $u['www'] != 'http://' ? $u['www'] : null; #E-mail if ($u['opt'] & 1 && (UID || empty($cfg['hideMail']))) { $u['mail'] = str_replace('@', '@', $u['mail']); $u['mail'] = str_replace('.', '.', $u['mail']); } else { $u['mail'] = null; } #P³eæ
function comments($id, $type = 5, $mayPost = true, $url = '') { global $db, $cfg, $view, $URL; #Page division if ($cfg['commNum']) { #Select page if (isset($_GET['page']) && $_GET['page'] > 1) { $page = $_GET['page']; $st = ($page - 1) * $cfg['commNum']; } else { $page = 1; $st = 0; } if (!$url) { $url = url($URL[0] . '/' . $id); } $total = dbCount('comms WHERE TYPE=' . $type . ' AND CID=' . $id); $CP = $total > $cfg['commNum'] ? pages($page, $total, $cfg['commNum'], $url) : null; } else { $total = null; $CP = null; } $comm = array(); #May edit or delete $mayEdit = admit('CM'); $mayDel = $mayEdit || $type == 10 && $id == UID; $comURL = url('comment/'); $modURL = url('moderate/'); $userURL = url('user/'); #Get from database if ($total !== 0) { $res = $db->query('SELECT c.ID,c.access,c.name,c.author,c.ip,c.date,c.UA,c.text,u.login,u.photo,u.mail FROM ' . PRE . 'comms c LEFT JOIN ' . PRE . 'users u ON c.UID!=0 AND c.UID=u.ID WHERE c.TYPE=' . $type . ' AND c.CID=' . $id . ($mayEdit ? '' : ' AND c.access=1') . ($cfg['commSort'] == 2 ? '' : ' ORDER BY c.ID DESC') . ($total ? ' LIMIT ' . $st . ',' . $cfg['commNum'] : '')); $res->setFetchMode(3); #BBCode if (isset($cfg['bbcode'])) { include_once './lib/bbcode.php'; } foreach ($res as $x) { $comm[] = array('text' => nl2br(emots(isset($cfg['bbcode']) ? BBCode($x[7]) : $x[7])), 'date' => genDate($x[5], 1), 'title' => $x[2], 'user' => $x[8] ? $x[8] : $x[3], 'ip' => $mayEdit ? $x[4] : null, 'edit' => $mayEdit ? $comURL . $x[0] : false, 'del' => $mayDel ? $comURL . $x[0] : false, 'agent' => $x[6], 'accept' => $mayEdit && $x[1] != 1 ? $comURL . $x[0] : false, 'findIP' => $mayEdit ? $modURL . $x[4] : false, 'profile' => $x[8] ? $userURL . urlencode($x[8]) : false, 'photo' => empty($cfg['commPhoto']) ? false : ($x[9] ? $x[9] : ($cfg['commPhoto'] == 2 ? PROTO . 'www.gravatar.com/avatar/' . md5(strtolower($x[10])) . '?d=' . $cfg['gdef'] : false))); } $res = null; } #Prepare template $data['comment'] =& $comm; $data['parts'] =& $CP; #Highlight code $data['color'] = isset($cfg['colorCode']); #May comment if (UID || isset($cfg['commGuest'])) { if (empty($_SESSION['post']) or $_SESSION['post'] < $_SERVER['REQUEST_TIME']) { $data['url'] = $comURL . $id . '/' . $type; $_SESSION['CV'][$type][$id] = true; } else { $data['url'] = null; } $data['mustLogin'] = false; } else { $data['mustLogin'] = true; } #Assign to template $view->add('comments', $data); }
return; } $view->info(sprintf($lang['NVAL'], $page['name']), null, 'warning'); } elseif (!UID) { return; } } #Evaluate PHP first if ($page['opt'] & 16) { ob_start(); eval('?>' . $page['text']); $page['text'] = ob_get_clean(); } #Emoticons if ($page['opt'] & 2) { $page['text'] = emots($page['text']); } #Line breaks if ($page['opt'] & 1) { $page['text'] = nl2br($page['text']); } #Page title, template $view->title = $page['name']; $view->add('page', array('page' => &$page, 'box' => $page['opt'] & 4, 'all' => $edit ? url('pages', '', 'admin') : false, 'edit' => $edit ? url('editPage/' . $id, 'ref', 'admin') : false)); #Keywords if (isset($cfg['tags'])) { include './lib/tags.php'; tags($id, 59); } #Comments if ($page['opt'] & 8) {
$total = dbCount('comms' . $q); $com = array(); #Get comments from database $res = $db->query('SELECT c.*,u.login FROM ' . PRE . 'comms c LEFT JOIN ' . PRE . 'users u ON c.UID!=0 AND c.UID=u.ID ' . $q . ' ORDER BY c.ID DESC LIMIT ' . $st . ',20'); #BBCode support if (isset($cfg['bbcode'])) { include_once './lib/bbcode.php'; } #Get category types $type = parse_ini_file('cfg/types.ini', 1); foreach ($res as $x) { switch ($x['TYPE']) { case '10': $co = 'user'; break; case '59': $co = 'page'; break; case '15': $co = 'poll'; break; case '11': $co = 'group'; break; default: $co = isset($type[$x['TYPE']]) ? $type[$x['TYPE']]['name'] : null; } $com[] = array('text' => nl2br(emots(isset($cfg['bbcode']) ? BBCode($x['text']) : $x['text'])), 'date' => genDate($x['date'], 1), 'url' => url('comment/' . $x['ID']), 'findIP' => url('moderate/' . $x['ip']), 'item' => $co ? url($co . '/' . $x['CID']) : null, 'id' => $x['ID'], 'title' => $x['name'], 'user' => $x['login'] ? $x['login'] : $x['author'], 'ip' => $x['ip'], 'access' => $x['access'], 'profile' => $x['login'] ? url('user/' . urlencode($x['login'])) : null); } #Prepare template $view->add('moderate', array('comment' => $com, 'total' => $total, 'url' => url('moderate'), 'nourl' => url('moderate/hidden'), 'color' => isset($cfg['colorCode']), 'pages' => pages($page, $total, 20, url('moderate'), 1)));
$page = 1; $st = 0; } #Total $total = dbCount('guestbook WHERE lang="' . LANG . '"'); $num = 0; $all = array(); #Get posts $query = $db->prepare('SELECT * FROM ' . PRE . 'guestbook WHERE lang=? ORDER BY ID DESC LIMIT ?,?'); $query->bindValue(1, LANG); $query->bindValue(2, $st, 1); $query->bindValue(3, $cfg['gbNum'], 1); //PARAM_INT $query->execute(); #BBCode if (isset($cfg['bbcode'])) { require './lib/bbcode.php'; } #Posts foreach ($query as $x) { $all[] = array('id' => $x['ID'], 'who' => $x['UID'] ? '<a href="' . url('user/' . urlencode($x['who'])) . '">' . $x['who'] . '</a>' : $x['who'], 'date' => genDate($x['date'], true), 'www' => $x['www'], 'text' => emots(isset($cfg['bbcode']) ? BBCode($x['txt']) : $x['txt']), 'gg' => $x['gg'], 'icq' => $x['icq'], 'tlen' => $x['tlen'], 'skype' => $x['skype'], 'jabber' => $x['jabber'], 'mail' => str_replace('@', '@', $x['mail']), 'ip' => $right ? $x['ip'] : false, 'edit' => $right ? url('guestbook/post/' . $x['ID']) : false); ++$num; } #Pages if ($total > $num) { $pages = pages($page, $total, $cfg['gbNum'], url('guestbook')); } else { $pages = false; } #Template $view->add($cfg['gbSkin'], array('post' => &$all, 'pages' => &$pages, 'intro' => &$cfg['gbIntro'], 'rights' => $right, 'postURL' => ($cfg['gbPost'] == 1 || UID && $cfg['gbPost'] == 2) && stripos($cfg['gbBan'], $_SERVER['REMOTE_ADDR']) === false ? url('guestbook/post') : false));
$rights = admit($d, 'CAT') ? true : false; #Komentarze $comm = $cat['opt'] & 2 && isset($cfg['ncomm']) ? true : false; #URL $userURL = url('user/'); $fullURL = url('news/'); $editURL = url('edit/5/'); #Tu zapisuj: $news = array(); $num = 0; foreach ($res as $n) { #Data, itd. $news[] = array('title' => $n['name'], 'date' => genDate($n['date']), 'wrote' => $n['login'], 'comm' => $n['comm'], 'img' => $n['img'], 'url' => $fullURL . $n['ID'], 'comm_url' => $comm ? $fullURL . $n['ID'] : false, 'full_url' => $n['opt'] & 4 ? $fullURL . $n['ID'] : false, 'edit_url' => $rights ? $editURL . $n['ID'] : false, 'wrote_url' => $userURL . urlencode($n['login'])); #TreϾ - Emoty if ($n['opt'] & 2) { $n['txt'] = emots($n['txt']); } #Zawijanie if ($n['opt'] & 1) { $n['txt'] = nl2br($n['txt']); } #Przypisz treϾ $news[$num++]['text'] = $n['txt']; } #Strony if (isset($cfg['newsPages']) && $cat['num'] > $num) { $pages = pages($page, $cat['num'], $cfg['newsNum'], url($d), 0, '/'); } else { $pages = null; } #Do szablonu
$view->set404(); return; } #BBCode if (isset($cfg['bbcode'])) { include './lib/bbcode.php'; } #Oznaczymy jako przeczytane $read = array(); $th = 0; #Przygotuj posty foreach ($q as $x) { if ($x['th'] == '0') { $th = $x['ID']; } $pm[] = array('topic' => $x['topic'], 'date' => genDate($x['date'], true), 'txt' => nl2br(emots(isset($cfg['bbcode']) ? BBCode($x['txt']) : $x['txt'])), 'fwd' => url('pms/edit/' . $x['ID'], 'fwd'), 'edit' => $x['st'] == 3 ? url('pms/edit/' . $x['ID']) : false, 'reply' => $x['st'] < 3 ? url('pms/edit/' . $x['ID'], 'th=' . $th) : false, 'read' => $x['st'] == 2, 'photo' => $x['photo'], 'id' => $x['ID'], 'who' => $x['login'], 'url' => $x['login'] ? url('user/' . urlencode($x['login'])) : ''); #Dodaj do oznaczenia jako przeczytane if ($x['st'] == 1 && $x['owner'] == UID) { $read[] = $x['ID']; } #Tytu³ strony if ($x['ID'] == $URL[2]) { $view->title = $x['topic']; } } #Brak? if (!$pm) { $view->info($lang['noex']); return 1; } #Przeczytana?