if (isset($_POST['Gname'])) {
$xnn = trim(escape_nickname($_POST['Gname']));
}
if ($_SESSION['klicktime'] + 15 > $dppk_time or empty($topic) or empty($txt) or !empty($_POST['priview']) or empty($_POST['Gname']) and !loggedin() or !chk_antispam('newtopic')) {
$design = new design($title, $hmenu, 1);
$design->header($load);
$tpl = new tpl('forum/newtopic');
$name = '';
if (!loggedin()) {
$name = '<tr><td class="Cmite"0><b>' . $lang['name'] . '</b></td>';
$name .= '<td class="Cnorm"><input type="text" value="' . unescape($xnn) . '" maxlength="15" name="Gname"></td></tr>';
}
if (isset($_POST['priview'])) {
$tpl->set_out('txt', bbcode(unescape($txt)), 0);
}
$ar = array('name' => $name, 'txt' => escape_for_fields(unescape($txt)), 'topic' => escape_for_fields(unescape($topic)), 'fid' => $fid, 'SMILIES' => getsmilies(), 'antispam' => get_antispam('newtopic', 1));
$tpl->set_ar_out($ar, 1);
} else {
// save toipc
$_SESSION['klicktime'] = $dppk_time;
$design = new design($title, $hmenu, 0);
$design->header($load);
if (loggedin()) {
$uid = $_SESSION['authid'];
$erst = escape($_SESSION['authname'], 'string');
db_query("UPDATE `prefix_user` SET `posts` = `posts`+1 WHERE `id` = " . $uid);
} else {
$erst = $xnn;
$uid = 0;
}
db_query("INSERT INTO `prefix_topics` (`fid`, `name`, `erst`, `stat`) VALUES ( " . $fid . ", '" . $topic . "', '" . $erst . "', 1 )");
if ($menu->getA(3) == 'z') {
$row = db_fetch_object(db_query("SELECT txt,erst FROM prefix_posts WHERE id = " . $menu->getE(3)));
$xtext = '[quote=' . escape_nickname($row->erst) . ']' . "\n" . $row->txt . "\n[/quote]";
}
if ($menu->getA(3) == 'f') {
$r = db_fetch_assoc(db_query("SELECT id,text,title FROM prefix_faqs WHERE id = " . $menu->getE(3)));
$xtext = 'FAQ Artikel: [url=index.php?faqs-s' . $r['id'] . '#FAQ' . $r['id'] . ']' . $r['title'] . '[/url]' . "\n" . unescape($r['text']);
}
if (isset($_POST['priview'])) {
$tpl->set_out('txt', bbcode(unescape($txt)), 0);
}
if (empty($txt)) {
$txt = $xtext;
}
$tpl = new tpl('forum/newpost');
$ar = array('txt' => escape_for_fields(unescape($txt)), 'tid' => $tid, 'name' => $name, 'SMILIES' => getsmilies(), 'antispam' => get_antispam('newpost', 1));
$tpl->set_ar_out($ar, 1);
$erg = db_query('SELECT erst, txt FROM `prefix_posts` WHERE tid = "' . $tid . '" ORDER BY time DESC LIMIT 0,5');
while ($row = db_fetch_assoc($erg)) {
$row['txt'] = bbcode($row['txt']);
$tpl->set_ar_out($row, 2);
}
$tpl->out(3);
} else {
# save post
$_SESSION['klicktime'] = $dppk_time;
$design = new design($title, $hmenu, 1);
$design->header();
if (loggedin()) {
$uid = $_SESSION['authid'];
$erst = escape($_SESSION['authname'], 'string');
$autor = '';
if (isset($_GET['autor'])) {
$autor = escape($_GET['autor'], 'string');
}
$tpl->set('autor', $autor);
if (isset($_GET['in'])) {
for ($i = 1; $i <= 3; $i++) {
if ($_GET['in'] == $i) {
$tpl->set('checked' . $i, 'checked="checked"');
}
}
} else {
$tpl->set('checked1', 'checked="checked"');
}
if ($such != 'augt' and $such != 'aeit' and $such != 'aubt') {
$tpl->set('search', escape_for_fields($such), 0);
}
if (isset($_GET['days'])) {
$days = $_GET['days'] == 0 ? 360 : intval($_GET['days']);
} else {
$days = 360;
}
$days_ar = array(360 => 'alle Beiträge (1 Jahr)', 1 => '1 Tag', 7 => '7 Tage', 14 => '2 Wochen', 30 => '1 Monat', 90 => '3 Monate', 180 => '6 Monate');
$tpl->set('days', arlistee($days, $days_ar));
$tpl->out(0);
if (!empty($such) or !empty($autor)) {
$page = 1;
if (isset($_GET['page'])) {
$page = str_replace('-p', '', $_GET['page']);
}
$limit = 25;
if (!isset($_SESSION['klicktime'])) {
$_SESSION['klicktime'] = 0;
}
$txt = '';
if (isset($_POST['txt'])) {
$txt = trim(escape($_POST['txt'], 'textarea'));
}
if ($_SESSION['klicktime'] > $dppk_time - 15 or empty($txt) or !empty($_POST['priview'])) {
$tpl = new tpl('forum/postedit');
if (isset($_POST['priview'])) {
$tpl->set_out('txt', bbcode(unescape($txt)), 0);
}
if (empty($txt)) {
$txt = $row->txt;
}
$ar = array('tid' => $tid, 'oid' => $oid, 'txt' => isset($_POST['priview']) ? escape_for_fields(unescape($txt)) : escape_for_fields($txt), 'SMILIES' => getsmilies());
$tpl->set_ar_out($ar, 1);
$erg = db_query('SELECT `erst`, `txt` FROM `prefix_posts` WHERE `tid` = "' . $tid . '" ORDER BY `time` DESC LIMIT 0,5');
while ($row = db_fetch_assoc($erg)) {
$row['txt'] = bbcode($row['txt']);
$tpl->set_ar_out($row, 2);
}
$tpl->out(3);
} else {
$s = preg_quote($lang['postlastchangedby']);
if (preg_match("/.*" . $s . " ([^\\ ])* am \\d\\d\\.\\d\\d\\.\\d\\d\\d\\d - \\d\\d:\\d\\d:\\d\\d\$/", $txt)) {
$txt = preg_replace("/" . $s . " ([^\\ ])* am \\d\\d\\.\\d\\d\\.\\d\\d\\d\\d - \\d\\d:\\d\\d:\\d\\d\$/", $lang['postlastchangedby'] . ' ' . $_SESSION['authname'] . ' am ' . date("d.m.Y - H:i:s"), $txt);
} else {
$txt .= "\n\n\n" . $lang['postlastchangedby'] . ' ' . $_SESSION['authname'] . ' am ' . date("d.m.Y - H:i:s");
}
db_query("UPDATE `prefix_posts` SET `txt` = '" . $txt . "' WHERE `id` = " . $oid);
