Example #1
0
        unset($_SESSION['captcha']);
    } else {
        $tpl = new smarty();
        ob_start();
        $tpl->display(DESIGN . '/tpl/guestbook/guestbook_add.html');
        $content = ob_get_contents();
        ob_end_clean();
        main_content(GUESTBOOK_ADD, $content, '', 1);
    }
}
$conditions = array('LIMIT' => LIMIT_COMMENTS, 'ORDER' => COMMENTS_ORDER, 'SPAM' => SPAM_GUESTBOOK_COMMENTS, 'section' => 'guestbook');
if (isset($_GET['action'])) {
    switch ($_GET['action']) {
        case 'add':
            if (@$_SESSION['rights']['public']['guestbook']['add'] or @$_SESSION['rights']['superadmin']) {
                guestbook_add();
            } else {
                echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
            }
            break;
        case 'comments':
            if (@$_SESSION['rights']['public']['guestbook']['com_view'] or @$_SESSION['rights']['superadmin']) {
                gb_once((int) $_GET['id']);
                $conditions['action'] = 'add';
                $conditions['link'] = '?section=guestbook&action=comments&id=' . (int) $_GET['id'];
                comments_get('gb_com', (int) $_GET['id'], $conditions, 0, 1, 'guestbook');
            } else {
                echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
            }
            break;
        case 'addcomment':
Example #2
0
    switch ($action) {
        case "challengeimage":
            outputChallengeImage();
            break;
        default:
            die("Invalid request.");
            break;
    }
} else {
    if (isset($_POST["action"])) {
        $action = $_POST["action"];
        switch ($action) {
            case "add":
                // Undo magic_quotes
                if (get_magic_quotes_gpc()) {
                    $_POST = stripslashes_recursive($_POST);
                }
                if (!is_banned($_SERVER['REMOTE_ADDR']) && guestbook_add($_POST)) {
                    include_from_template('added.php');
                } else {
                    show_entries_page();
                }
                break;
            default:
                show_entries_page();
                break;
        }
    } else {
        show_entries_page();
    }
}