function ip_is_blocked() { global $set; if (!is_array($set['guestbook']['blockip'])) { $set['guestbook']['blockip'] = array(); } foreach ($set['guestbook']['blockip'] as $res) { if ($res['endip'] === false && $res['startip'] == ip2float(get_remoteaddr()) || ip2float(get_remoteaddr()) >= $res['startip'] && ip2float(get_remoteaddr()) <= $res['endip']) { return true; } } return false; }
} if ($captchafailed) { message($apx->lang->get('MSG_WRONGCODE'), 'javascript:history.back()'); } elseif (!$_POST['send_username'] && !$user->info['userid'] || !$_POST['catid'] || !$_POST['title'] || !$_POST['url'] || !$_POST['text']) { message('back'); } elseif ($spam + $set['links']['spamprot'] * 60 > time()) { message($apx->lang->get('MSG_BLOCKSPAM', array('SEC' => $spam + $set['links']['spamprot'] * 60 - time())), 'back'); } else { if ($user->info['userid']) { $_POST['userid'] = $user->info['userid']; $_POST['send_username'] = $_POST['send_email'] = ''; } else { $_POST['userid'] = 0; } $_POST['addtime'] = time(); $_POST['send_ip'] = get_remoteaddr(); $_POST['secid'] = 'all'; $_POST['text'] = strtr(strip_tags($_POST['text']), array("\r\n" => "<br />\r\n", "\n" => "<br />\n")); //eMail-Benachrichtigung if ($set['links']['mailonnew']) { $input = array('URL' => HTTP); sendmail($set['links']['mailonnew'], 'SENDLINK', $input); } //Captcha löschen if ($set['links']['captcha'] && !$user->info['userid']) { $captcha->remove(); } $db->dinsert(PRE . '_links', 'userid,secid,send_username,send_email,send_ip,catid,title,url,text,addtime'); message($apx->lang->get('MSG_OK'), mklink('links.php', 'links.html')); } //SCRIPT BEENDEN
function logit($text, $affect = false) { global $db, $apx; $text = strtoupper($text); if ($affect === false) { $affect = ''; } $db->query("INSERT INTO " . PRE . "_log VALUES ('" . date('Y/m/d H:i:s', time() - TIMEDIFF) . "','" . $apx->user->info['userid'] . "','" . get_remoteaddr() . "','" . addslashes('{LOG_' . $text . '}') . "','" . addslashes($affect) . "')"); }
if ($user->info['userid']) { $username = $user->info['username']; } else { $username = $_POST['username']; setcookie($set['main']['cookie_pre'] . '_forum_username', $_POST['username'], time() + 7 * 24 * 3600); } //Links parsen if ($_POST['transform_links']) { $_POST['text'] = transform_urls($_POST['text']); } $now = time(); $_POST['threadid'] = $threadinfo['threadid']; $_POST['username'] = $username; $_POST['userid'] = $user->info['userid']; $_POST['time'] = $now; $_POST['ip'] = get_remoteaddr(); //Posting erstellen $db->dinsert(PRE . '_forum_posts', 'threadid,userid,username,title,text,allowsmilies,allowcodes,allowsig,time,ip,hash'); $pid = $db->insert_id(); //Thema und Forum aktualisieren thread_update_cache($threadinfo['threadid'], 1); forum_update_cache($foruminfo['forumid'], 1); //Postingzahl des Benutzers erhöhen if ($user->info['userid'] && $foruminfo['countposts']) { $db->query("UPDATE " . PRE . "_user SET forum_posts=forum_posts+1 WHERE userid='" . $user->info['userid'] . "' LIMIT 1"); } //Anhänge hinzufügen if (forum_access_addattachment($foruminfo)) { $db->query("UPDATE " . PRE . "_forum_attachments SET postid='" . $pid . "' WHERE hash='" . addslashes($_POST['hash']) . "' AND time>'" . (time() - 3600) . "'"); } //Index aktualisieren
function addcom() { global $db, $apx, $user; $_POST['mid'] = (int) $_POST['mid']; if (!$_POST['mid']) { die('missing mID!'); } //if ( !$apx->is_module($_POST['module']) ) die('invalid MODULE!'); $apx->lang->drop('add', 'comments'); list($spam) = $db->first("SELECT time FROM " . PRE . "_comments WHERE ( module='" . addslashes($_POST['module']) . "' AND ip='" . get_remoteaddr() . "' AND mid='" . $_POST['mid'] . "' ) ORDER BY time DESC"); //Captcha prüfen if ($this->set['captcha'] && !$user->info['userid']) { require BASEDIR . 'lib/class.captcha.php'; $captcha = new captcha(); $captchafailed = $captcha->check(); } if ($user->info['userid']) { if ($captchafailed) { message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()'); } elseif ($this->ip_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKIP'), 'back'); } elseif (!$_POST['text'] || $this->set['req_title'] && !$_POST['title']) { message('back'); } elseif ($this->text_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back'); } elseif ($this->set['maxlen'] && strlen($_POST['text']) > $this->set['maxlen']) { message($apx->lang->get('MSG_COM_TOOLONG'), 'back'); } elseif ($spam + $this->set['spamprot'] * 60 > time()) { message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back'); } else { if ($this->set['mod'] && !$user->is_team_member()) { $_POST['active'] = 0; } else { $_POST['active'] = 1; } $_POST['userid'] = $user->info['userid']; $_POST['username'] = $user->info['username']; $_POST['time'] = time(); $_POST['ip'] = get_remoteaddr(); $db->dinsert(PRE . '_comments', 'module,mid,userid,username,title,text,time,notify,ip,active'); $comid = $db->insert_id(); //eMail-Benachrichtigung (Admin) if ($this->set['mailonnew']) { $text = strip_tags(dbcodes($_POST['text'])); $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text); sendmail($this->set['mailonnew'], 'SENDCOM', $input); } //eMail-Benachrichtigung (User) if ($_POST['active']) { $data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "' AND c.userid!=" . $user->info['userid'] . "\n\t\t\t\t\t"); if (count($data)) { foreach ($data as $res) { $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']); sendmail($res['email'], 'NOTIFYCOM', $input); } } //Notify zurücksetzen $db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'"); } //Captcha löschen if ($this->set['captcha'] && !$user->info['userid']) { $captcha->remove(); } message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI'])); } } elseif ($this->set['pub']) { if (!checkmail($_POST['email'])) { if ($this->set['req_email']) { $emailnotvalid = true; } else { $_POST['email'] = ''; } } if ($captchafailed) { message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()'); } elseif ($this->ip_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKIP'), 'back'); } elseif (!$_POST['username'] || !$_POST['text'] || $this->set['req_email'] && !$_POST['email'] || $this->set['req_homepage'] && !$_POST['homepage'] || $this->set['req_title'] && !$_POST['title']) { message('back'); } elseif ($_POST['notify'] && !$_POST['email']) { message($apx->lang->get('MSG_COM_MAILNEEDED'), 'back'); } elseif ($this->text_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back'); } elseif ($this->set['entrymaxlen'] && strlen($_POST['text']) > $this->set['entrymaxlen']) { message($apx->lang->get('MSG_COM_TOOLONG'), 'back'); } elseif ($emailnotvalid) { message($apx->lang->get('MSG_COM_EMAILNOTVALID'), 'back'); } elseif ($spam + $this->set['spamprot'] * 60 > time()) { message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back'); } else { if (substr($_POST['homepage'], 0, 4) == 'www.') { $_POST['homepage'] = 'http://' . $_POST['homepage']; } if ($this->set['mod']) { $_POST['active'] = 0; } else { $_POST['active'] = 1; } $_POST['time'] = time(); $_POST['ip'] = get_remoteaddr(); $db->dinsert(PRE . '_comments', 'module,mid,userid,username,email,homepage,title,text,time,notify,ip,active'); //eMail-Benachrichtigung (Admin) if ($this->set['mailonnew']) { $text = strip_tags(dbcodes($_POST['text'])); $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text); sendmail($this->set['mailonnew'], 'SENDCOM', $input); } //eMail-Benachrichtigung (User) if ($_POST['active']) { $data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "'\n\t\t\t\t\t"); if (count($data)) { foreach ($data as $res) { $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']); sendmail($res['email'], 'NOTIFYCOM', $input); } } //Notify zurücksetzen $db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'"); } //Captcha löschen if ($this->set['captcha'] && !$user->info['userid']) { $captcha->remove(); } message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI'])); } } }
function getOwnerId() { $ip = implode('.', array_slice(explode('.', get_remoteaddr()), 0, 3)); return md5(getenv('HTTP_USER_AGENT') . $ip); }
function forum_activity($type, $id) { global $apx, $db, $set, $user; $db->query("\n\t\tDELETE FROM " . PRE . "_forum_activity\n\t\tWHERE userid='" . $user->info['userid'] . "' AND type='" . addslashes($type) . "' AND id='" . intval($id) . "'\n\t"); $db->query("\n\t\tINSERT IGNORE INTO " . PRE . "_forum_activity\n\t\tVALUES ('" . $user->info['userid'] . "', '" . ip2integer(get_remoteaddr()) . "', '" . addslashes($type) . "', '" . intval($id) . "', '" . time() . "', '" . $user->info['pub_invisible'] . "')\n\t"); }
} else { $db->query("INSERT INTO " . PRE . "_stats_userenv VALUES ('" . $daystamp . "','country','" . addslashes($country) . "',1)"); } //Besucher zählen if ($browser != 'SEARCHENGINE' || $set['stats']['countsearchengine']) { list($stats_exists) = $db->first("SELECT daystamp FROM " . PRE . "_stats WHERE daystamp='" . $daystamp . "' LIMIT 1"); if ($stats_exists) { $db->query("UPDATE " . PRE . "_stats SET uniques=uniques+1,uniques_" . $hourstamp . "h=uniques_" . $hourstamp . "h+1,hits=hits+1 WHERE daystamp='" . $daystamp . "' LIMIT 1"); } else { $db->quieterror = true; $db->query("INSERT INTO " . PRE . "_stats (daystamp,weekstamp,weekday,time,uniques,uniques_" . $hourstamp . "h,hits) VALUES ('" . $daystamp . "','" . $weekstamp . "','" . $weekday . "','" . time() . "',1,1,1)"); $db->quieterror = false; } } //IP-Sperre und Cookie setzen $db->query("INSERT INTO " . PRE . "_stats_iplog VALUES ('" . ip2integer(get_remoteaddr()) . "','" . time() . "')"); if ($set['stats']['cookie']) { setcookie($set['main']['cookie_pre'] . '_stats_count', 1, time() + $set['stats']['blockip'] * 3600, '/'); } } elseif (!(strpos($_SERVER['PHP_SELF'], 'misc.php') !== false && $_REQUEST['action'] == 'counter') && $_SERVER['REQUEST_URI']) { require_once BASEDIR . getmodulepath('stats') . 'functions.php'; $weekstamp = stats_weekstamp($statsnow); //User-Info $browser = stats_browser($_SERVER['HTTP_USER_AGENT']); if ($browser != 'SEARCHENGINE' || $set['stats']['countsearchengine']) { if (!isset($stats_exists)) { list($stats_exists) = $db->first("SELECT daystamp FROM " . PRE . "_stats WHERE daystamp='" . $daystamp . "' LIMIT 1"); } if ($stats_exists) { $db->query("UPDATE " . PRE . "_stats SET hits=hits+1 WHERE daystamp='" . $daystamp . "' LIMIT 1"); } else {
//Login versuchen $res = $forumdb->first("\n\t\t\t\t\tSELECT userid,usergroupid,password,salt\n\t\t\t\t\tFROM " . VBPRE . "user\n\t\t\t\t\tWHERE LOWER(username)='" . addslashes(strtolower($_POST['login_user'])) . "'\n\t\t\t\t\tLIMIT 1\n\t\t\t\t"); //Login fehlgeschlagen if (!$res['userid'] || $res['password'] != md5(md5($_POST['login_pwd']) . $res['salt'])) { $forumdb->query("\n\t\t\t\t\t\tINSERT INTO " . VBPRE . "strikes\n\t\t\t\t\t\t(striketime, strikeip, username)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t(" . time() . ", '" . addslashes(get_remoteaddr()) . "', '" . addslashes($_POST['login_user']) . "')\n\t\t\t\t\t"); message($apx->lang->get('MSG_FAIL'), 'javascript:history.back()'); } elseif ($res['usergroupid'] == 3) { message($apx->lang->get('MSG_NOTACTIVE'), 'javascript:history.back()'); } else { $pwdcrypt = md5($res['password'] . $set['forum_cookie_salt']); setcookie($set['forum_cookiename_userid'], $res['userid'], time() + 100 * 24 * 3600, $set['forum_cookie_path'], $set['forum_cookie_domain']); setcookie($set['forum_cookiename_password'], $pwdcrypt, time() + 100 * 24 * 3600, $set['forum_cookie_path'], $set['forum_cookie_domain']); $_COOKIE[$set['forum_cookiename_userid']] = $res['userid']; $_COOKIE[$set['forum_cookiename_password']] = $pwdcrypt; //Strikes löschen $forumdb->query("DELETE FROM " . VBPRE . "strikes WHERE strikeip = '" . addslashes(get_remoteaddr()) . "' AND username='******'login_user']) . "'"); //Session erzeugen if ($set['forum_autologin']) { $user->createForumSession($res['userid']); } //Weiterleitung zur zuletzt besuchten Seite $filter = array('user.html', 'user,login.html', 'user.php?action=login', 'user.php'); $refforward = true; foreach ($filter as $url) { if (strpos($_SERVER['HTTP_REFERER'], $url) !== false) { $refforward = false; break; } } if ($refforward && $_SERVER['HTTP_REFERER']) { $goto = $_SERVER['HTTP_REFERER'];
function update_onlinelist() { global $db, $set; $db->query("DELETE FROM " . PRE . "_user_online WHERE ( time<'" . (time() - $set['user']['timeout'] * 60) . "' OR ip='" . ip2integer(get_remoteaddr()) . "' " . iif($this->info['userid'], " OR userid='" . $this->info['userid'] . "' ") . ")"); $db->query("INSERT IGNORE INTO " . PRE . "_user_online VALUES ('" . $this->info['userid'] . "','" . ip2integer(get_remoteaddr()) . "','" . time() . "','" . $this->info['pub_invisible'] . "','" . addslashes($_SERVER['REQUEST_URI']) . "')"); }
<?php $apx->lang->drop('getpwd'); headline($apx->lang->get('HEADLINE_GETPWD'), str_replace('&', '&', $_SERVER['REQUEST_URI'])); titlebar($apx->lang->get('HEADLINE_GETPWD')); //Passwortänderung bestätigen if ($_REQUEST['verify'] && $_REQUEST['userid']) { $_REQUEST['userid'] = (int) $_REQUEST['userid']; $res = $db->first("SELECT userid,username_login,email,salt,lastpwget FROM " . PRE . "_user WHERE userid='" . $_REQUEST['userid'] . "'"); $key = md5($res['userid'] . $res['lastpwget'] . $set['main']['crypt']); if ($key != $_REQUEST['verify']) { message($apx->lang->get('MSG_NOTALLOWED'), 'back'); } else { $newpwd = random_string(); $salt = random_string(); $db->query("UPDATE " . PRE . "_user SET password='******',salt='" . $salt . "',lastpwget='" . time() . "',lastpwget_by='" . get_remoteaddr() . "' WHERE userid='" . $res['userid'] . "' LIMIT 1"); $input['USERNAME'] = replace($res['username_login']); $input['WEBSITE'] = $set['main']['websitename']; $input['PWD'] = $newpwd; sendmail($res['email'], 'GETPWD', $input); message($apx->lang->get('MSG_OK_PWD'), mklink('user.php', 'user.html')); } } elseif ($_POST['send']) { if (!$_POST['username']) { message('back'); } else { $res = $db->first("SELECT userid,username_login,email,salt,lastpwget FROM " . PRE . "_user WHERE username_login='******'username']) . "'"); if (!$res['userid']) { message($apx->lang->get('MSG_NOMATCH'), 'javascript:history.back()'); } else { $key = md5($res['userid'] . $res['lastpwget'] . $set['main']['crypt']);
$cset = array(); foreach ($_POST['vote'] as $aid => $true) { $aid = (int) $aid; if (!$aid || $aid < 1 || $aid > 20 || $true != '1') { continue; } $cset[] = 'a' . $aid . '_c=a' . $aid . '_c+1'; } if (count($cset)) { $db->query("UPDATE " . PRE . "_poll SET " . implode(',', $cset) . " WHERE ( id='" . $_REQUEST['id'] . "' AND ( '" . time() . "' BETWEEN starttime AND endtime ) ) LIMIT 1"); } } else { $db->query("UPDATE " . PRE . "_poll SET a" . $_POST['vote'] . "_c=a" . $_POST['vote'] . "_c+1 WHERE ( id='" . $_REQUEST['id'] . "' AND ( '" . time() . "' BETWEEN starttime AND endtime ) ) LIMIT 1"); } //Block User $db->query("INSERT INTO " . PRE . "_poll_iplog VALUES ('" . $_REQUEST['id'] . "','" . $user->info['userid'] . "','" . ip2integer(get_remoteaddr()) . "','" . time() . "')"); @setcookie($set['main']['cookie_pre'] . '_voted[' . $_REQUEST['id'] . ']', '1', time() + 100 * 24 * 3600, '/'); message($apx->lang->get('MSG_VOTE'), mklink('poll.php?id=' . $_REQUEST['id'], 'poll,' . $_REQUEST['id'] . '.html')); require 'lib/_end.php'; } //////////////////////////////////////////////////////////////////////////////////////////////////////// IMMER AUFRUFEN //Headline + Titlebar if ($pollinfo['id'] == $recent) { headline($apx->lang->get('HEADLINE_RECENT'), str_replace('&', '&', $_SERVER['REQUEST_URI'])); titlebar($apx->lang->get('HEADLINE_RECENT') . ': ' . strip_tags($pollinfo['question'])); } else { headline($apx->lang->get('HEADLINE_ARCHIVE'), mklink('poll.php', 'poll.html')); titlebar($apx->lang->get('HEADLINE_ARCHIVE') . ': ' . strip_tags($pollinfo['question'])); } //KOMMENTARE if ($_REQUEST['comments'] && $_REQUEST['id']) {
function poll_small($id = false, $template = 'poll') { global $set, $db, $apx, $user; $id = (int) $id; $tmpl = new tengine(); $apx->lang->drop('poll', 'poll'); $recent = poll_recent(); if (!$id) { $id = $recent; } //Verwendete Variablen auslesen $parse = $tmpl->used_vars('functions/' . $template, 'poll'); $pollinfo = $db->first("SELECT *,a1_c+a2_c+a3_c+a4_c+a5_c+a6_c+a7_c+a8_c+a9_c+a10_c+a11_c+a12_c+a13_c+a14_c+a15_c+a16_c+a17_c+a18_c+a19_c+a20_c AS total FROM " . PRE . "_poll WHERE ( id='" . $id . "' " . section_filter() . " ) LIMIT 1"); if (!$pollinfo['id']) { return; } if ($user->info['userid']) { list($ipblock) = $db->first("SELECT ip FROM " . PRE . "_poll_iplog WHERE ( id='" . $id . "' AND userid='" . $user->info['userid'] . "' AND time>" . (time() - 24 * 3600) . " ) LIMIT 1"); } else { list($ipblock) = $db->first("SELECT ip FROM " . PRE . "_poll_iplog WHERE ( id='" . $id . "' AND ip='" . ip2integer(get_remoteaddr()) . "' AND time>" . (time() - 24 * 3600) . " ) LIMIT 1"); } //Ergebnisse zeigen if ($pollinfo['id'] != $recent && !$set['poll']['archvote'] || $_COOKIE[$set['main']['cookie_pre'] . '_voted'][$pollinfo['id']] == '1' || $ipblock || $pollinfo['starttime'] + $pollinfo['days'] * 24 * 3600 <= time()) { $result = poll_format_result($pollinfo); foreach ($result as $element) { ++$ri; $percent = round($element[1] / iif($pollinfo['total'], $pollinfo['total'], 1) * 100, $set['poll']['percentdigits']); $width = round($percent) . '%'; $resdata[$ri]['ANSWER'] = $element[0]; $resdata[$ri]['VOTES'] = $element[1]; $resdata[$ri]['COLOR'] = $element[2]; $resdata[$ri]['PERCENT'] = $percent . '%'; $resdata[$ri]['WIDTH'] = $width; } if ($pollinfo['starttime'] + $pollinfo['days'] * 24 * 3600 <= time()) { $set_end = 1; } if ($_COOKIE[$set['main']['cookie_pre'] . '_voted'][$pollinfo['id']] == '1' || $ipblock) { $set_voted = 1; } $tmpl->assign('TOTALVOTES', $pollinfo['total']); $tmpl->assign('RESULT', $resdata); $tmpl->assign('SET_END', $set_end); $tmpl->assign('SET_VOTED', $set_voted); } else { for ($i = 1; $i <= 20; $i++) { if (!$pollinfo['a' . $i]) { continue; } if ($pollinfo['multiple']) { $box = '<input type="checkbox" name="vote[' . $i . ']" value="1" />'; } else { $box = '<input type="radio" name="vote" value="' . $i . '" />'; } $optdata[$i]['ANSWER'] = $pollinfo['a' . $i]; $optdata[$i]['COLOR'] = $pollinfo['color' . $i]; $optdata[$i]['BOX'] = $box; } $postto = mklink('poll.php?id=' . $pollinfo['id'], 'poll,' . $pollinfo['id'] . urlformat($pollinfo['question']) . '.html'); $tmpl->assign('POSTTO', $postto); $tmpl->assign('OPTION', $optdata); } //Link: Ergebnis zeigen if ($pollinfo['id'] == $recent) { $resultlink = mklink('poll.php?recent=1&result=1', 'poll,recent.html?result=1'); } else { $resultlink = mklink('poll.php?id=' . $pollinfo['id'] . '&result=1', 'poll,' . $pollinfo['id'] . urlformat($pollinfo['question']) . '.html?result=1'); } //Tags if (in_array('TAG', $parse) || in_array('TAG_IDS', $parse) || in_array('KEYWORDS', $parse)) { list($tagdata, $tagids, $keywords) = poll_tags($res['id']); } //Kommentare if ($set['poll']['coms'] && $pollinfo['allowcoms'] && $apx->is_module('comments')) { require_once BASEDIR . getmodulepath('comments') . 'class.comments.php'; $coms = new comments('poll', $id); $tmpl->assign('COMMENT_LINK', $coms->link($resultlink)); $tmpl->assign('COMMENT_COUNT', $coms->count()); $tmpl->assign('DISPLAY_COMMENTS', 1); } //Link zum Poll $pollink = mklink('poll.php?id=' . $pollinfo['id'], 'poll,' . $pollinfo['id'] . urlformat($pollinfo['question']) . '.html'); //Ausgabe $tmpl->assign('LINK', $pollink); $tmpl->assign('LINK_RESULT', $resultlink); $tmpl->assign('ID', $pollinfo['id']); $tmpl->assign('QUESTION', $pollinfo['question']); $tmpl->assign('STARTTIME', $pollinfo['starttime']); $tmpl->assign('ENDTIME', $pollinfo['starttime'] + $pollinfo['days'] * 24 * 3600); //Tags $tmpl->assign('TAG_IDS', $tagids); $tmpl->assign('TAG', $tagdata); $tmpl->assign('KEYWORDS', $keywords); $tmpl->parse('functions/' . $template, 'poll'); }
function addrate() { global $db, $apx, $user; $_POST['mid'] = (int) $_POST['mid']; if (!$_POST['mid']) { die('missing mID!'); } if (!$apx->is_module($_POST['module'])) { die('invalid MODULE!'); } $apx->lang->drop('add', 'ratings'); list($spam) = $db->first("SELECT time FROM " . PRE . "_ratings WHERE ( module='" . $_POST['module'] . "' AND ip='" . get_remoteaddr() . "' AND mid='" . intval($_POST['mid']) . "' ) ORDER BY time DESC"); if (!$_POST['mid'] || !$_POST['rating']) { message('back'); } elseif ($spam + $this->set['block'] * 60 > time()) { message($apx->lang->get('MSG_RATE_HASVOTED'), 'back'); } else { $_POST['module'] = $_POST['module']; $_POST['time'] = time(); $_POST['ip'] = get_remoteaddr(); if (!array_key_exists(intval($_POST['rating']), $this->set['possible'])) { die('invalid RATING!'); } $db->dinsert(PRE . '_ratings', 'module,mid,rating,time,ip'); message($apx->lang->get('MSG_RATE_OK'), $_SERVER['REQUEST_URI']); } }