unset($_SESSION['captcha']); } else { $tpl = new smarty(); ob_start(); $tpl->display(DESIGN . '/tpl/guestbook/guestbook_add.html'); $content = ob_get_contents(); ob_end_clean(); main_content(GUESTBOOK_ADD, $content, '', 1); } } $conditions = array('LIMIT' => LIMIT_COMMENTS, 'ORDER' => COMMENTS_ORDER, 'SPAM' => SPAM_GUESTBOOK_COMMENTS, 'section' => 'guestbook'); if (isset($_GET['action'])) { switch ($_GET['action']) { case 'add': if (@$_SESSION['rights']['public']['guestbook']['add'] or @$_SESSION['rights']['superadmin']) { guestbook_add(); } else { echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS); } break; case 'comments': if (@$_SESSION['rights']['public']['guestbook']['com_view'] or @$_SESSION['rights']['superadmin']) { gb_once((int) $_GET['id']); $conditions['action'] = 'add'; $conditions['link'] = '?section=guestbook&action=comments&id=' . (int) $_GET['id']; comments_get('gb_com', (int) $_GET['id'], $conditions, 0, 1, 'guestbook'); } else { echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS); } break; case 'addcomment':
switch ($action) { case "challengeimage": outputChallengeImage(); break; default: die("Invalid request."); break; } } else { if (isset($_POST["action"])) { $action = $_POST["action"]; switch ($action) { case "add": // Undo magic_quotes if (get_magic_quotes_gpc()) { $_POST = stripslashes_recursive($_POST); } if (!is_banned($_SERVER['REMOTE_ADDR']) && guestbook_add($_POST)) { include_from_template('added.php'); } else { show_entries_page(); } break; default: show_entries_page(); break; } } else { show_entries_page(); } }