function fvote($id, $ajax = false) { global $db, $balken_vote_menu, $prev; if (!permission("votes")) { $intern = ' AND intern = 0'; } $qry = db("SELECT * FROM " . $db['votes'] . " WHERE id = '" . $id . "' " . $intern . ""); $get = _fetch($qry); if (_rows($qry)) { $qryv = db("SELECT * FROM " . $db['vote_results'] . " WHERE vid = '" . $get['id'] . "' ORDER BY id ASC"); while ($getv = _fetch($qryv)) { $stimmen = sum($db['vote_results'], " WHERE vid = '" . $get['id'] . "'", "stimmen"); if ($stimmen != 0) { if (ipcheck("vid_" . $get['id']) || isset($_COOKIE[$prev . "vid_" . $get['id']]) || $get['closed'] == 1) { $percent = round($getv['stimmen'] / $stimmen * 100, 1); $rawpercent = round($getv['stimmen'] / $stimmen * 100, 0); $balken = show(_votes_balken, array("width" => $rawpercent)); $votebutton = ""; $results .= show("forum/vote_results", array("answer" => re($getv['sel']), "percent" => $percent, "stimmen" => $getv['stimmen'], "balken" => $balken)); } else { $votebutton = '<input id="contentSubmitFVote" type="submit" value="' . _button_value_vote . '" class="voteSubmit" />'; $results .= show("forum/vote_vote", array("id" => $getv['id'], "answer" => re($getv['sel']))); } } else { $votebutton = '<input id="contentSubmitFVote" type="submit" value="' . _button_value_vote . '" class="voteSubmit" />'; $results .= show("forum/vote_vote", array("id" => $getv['id'], "answer" => re($getv['sel']))); } } $qryf = db("SELECT id,kid FROM " . $db['f_threads'] . " WHERE vote = '" . $get['id'] . "'"); $getf = _fetch($qryf); $vote = show("forum/vote", array("titel" => re($get['titel']), "vid" => $get['id'], "fid" => $getf['id'], "kid" => $getf['kid'], "umfrage" => _forum_vote, "results" => $results, "votebutton" => $votebutton, "stimmen" => $stimmen)); } return empty($vote) ? '' : ($ajax ? $vote : '<div id="navFVote">' . $vote . '</div>'); }
function vote($ajax = false) { global $db, $balken_vote_menu, $prev; $qry = db("SELECT * FROM " . $db['votes'] . " WHERE menu = '1' AND forum = 0"); $get = _fetch($qry); if (_rows($qry)) { $qryv = db("SELECT * FROM " . $db['vote_results'] . " WHERE vid = '" . $get['id'] . "' ORDER BY what"); while ($getv = _fetch($qryv)) { $stimmen = sum($db['vote_results'], " WHERE vid = '" . $get['id'] . "'", "stimmen"); if ($stimmen != 0) { if (ipcheck("vid_" . $get['id']) || isset($_COOKIE[$prev . "vid_" . $get['id']]) || $get['closed'] == 1) { $percent = round($getv['stimmen'] / $stimmen * 100, 1); $rawpercent = round($getv['stimmen'] / $stimmen * 100, 0); $balken = show(_votes_balken, array("width" => $rawpercent)); $votebutton = ""; $results .= show("menu/vote_results", array("answer" => re($getv['sel']), "percent" => $percent, "stimmen" => $getv['stimmen'], "balken" => $balken)); } else { $votebutton = '<input id="contentSubmitVote" type="submit" value="' . _button_value_vote . '" class="voteSubmit" />'; $results .= show("menu/vote_vote", array("id" => $getv['id'], "answer" => re($getv['sel']))); } } else { $votebutton = '<input id="contentSubmitVote" type="submit" value="' . _button_value_vote . '" class="voteSubmit" />'; $results .= show("menu/vote_vote", array("id" => $getv['id'], "answer" => re($getv['sel']))); } } $vote = show("menu/vote", array("titel" => re($get['titel']), "vid" => $get['id'], "results" => $results, "votebutton" => $votebutton, "stimmen" => $stimmen)); } return empty($vote) ? '<center style="margin:2px 0">' . _vote_menu_no_vote . '</center>' : ($ajax ? $vote : '<div id="navVote">' . $vote . '</div>'); }
} else { $gbtitel = show(_gb_titel, array("postid" => $i, "nick" => autor($get['reg']), "edit" => $edit, "delete" => $delete, "uhr" => _uhr, "comment" => $comment, "public" => $public, "id" => $get['reg'], "email" => $gbemail, "datum" => date("d.m.Y", $get['datum']), "zeit" => date("H:i", $get['datum']), "hp" => $gbhp)); } if ($chkMe == "4") { $posted_ip = $get['ip']; } else { $posted_ip = _logged; } $show .= show($dir . "/gb_show", array("gbtitel" => $gbtitel, "nachricht" => bbcode($get['nachricht']), "editby" => bbcode($get['editby']), "ip" => $posted_ip)); $i--; } } else { $show = show(_no_entrys_yet, array("colspan" => "2")); } $seiten = nav($entrys, $maxgb, "?action=nav"); if (!ipcheck("gb", $flood_gb)) { if (isset($userid)) { $form = show("page/editor_regged", array("nick" => autor($userid), "von" => _autor)); } else { $form = show("page/editor_notregged", array("nickhead" => _nick, "emailhead" => _email, "hphead" => _hp, "postemail" => "")); } $entry = show($dir . "/add", array("titel" => _eintragen_titel, "nickhead" => _nick, "bbcodehead" => _bbcode, "add_head" => _gb_add_head, "emailhead" => _email, "what" => _button_value_add, "security" => _register_confirm, "lang" => $language, "ed" => "", "reg" => "", "whaturl" => "addgb", "hphead" => _hp, "preview" => _preview, "b1" => $u_b1, "b2" => $u_b2, "id" => $_GET['id'], "form" => $form, "posthp" => "", "postnick" => "", "posteintrag" => "", "ip" => _iplog_info, "error" => "", "eintraghead" => _eintrag)); } else { $entry = ""; $b1 = "<!--"; $b2 = "-->"; } $index = show($dir . "/gb", array("gbhead" => _gb_head, "show" => $show, "add" => $add, "entry" => $entry, "b1" => $b1, "b2" => $b2, "addgb" => $addgb, "seiten" => $seiten)); break; case 'do': if ($_GET['what'] == "addgb") {
$www = data($getgb['reg'], "hp"); $hp = empty($www) ? '' : show(_hpicon_forum, array("hp" => $www)); $email = '<br />' . show(_emailicon_forum, array("email" => eMailAddr(data($getgb['reg'], "email")))); $onoff = onlinecheck($getgb['reg']); $nick = autor($getgb['reg']); } $titel = show(_eintrag_titel, array("postid" => $i, "datum" => date("d.m.Y", $getgb['datum']), "zeit" => date("H:i", $getgb['datum']) . _uhr, "edit" => $edit, "delete" => $delete)); if ($chkMe == 4) { $posted_ip = $getgb['ip']; } else { $posted_ip = _logged; } $membergb .= show("page/comments_show", array("titel" => $titel, "comment" => bbcode($getgb['nachricht']), "nick" => $nick, "hp" => $hp, "editby" => bbcode($getgb['editby']), "email" => $email, "avatar" => useravatar($getgb['reg']), "onoff" => $onoff, "rank" => getrank($getgb['reg']), "ip" => $posted_ip)); $i--; } if (!ipcheck("mgbid(" . $_GET['id'] . ")", $flood_membergb)) { if (isset($userid)) { $form = show("page/editor_regged", array("nick" => autor($userid), "von" => _autor)); } else { $form = show("page/editor_notregged", array("nickhead" => _nick, "emailhead" => _email, "hphead" => _hp, "postemail" => "")); } $add = show($dir . "/usergb_add", array("titel" => _eintragen_titel, "nickhead" => _nick, "bbcodehead" => _bbcode, "emailhead" => _email, "hphead" => _hp, "form" => $form, "security" => _register_confirm, "preview" => _preview, "ed" => "&uid=" . $_GET['id'], "whaturl" => "add", "reg" => "", "b1" => $u_b1, "b2" => $u_b2, "id" => $_GET['id'], "postemail" => $postemail, "add_head" => _gb_add_head, "what" => _button_value_add, "lang" => $language, "ip" => _iplog_info, "posthp" => $posthp, "postnick" => $postnick, "posteintrag" => "", "error" => "", "eintraghead" => _eintrag)); } else { $add = ""; } $seiten = nav($entrys, $maxusergb, "?action=user&id=" . $_GET['id'] . "&show=gb"); $show = show($dir . "/profil_gb", array("gbhead" => _membergb, "show" => $membergb, "seiten" => $seiten, "entry" => $add)); } else { $qrycustom = db("SELECT * FROM " . $db['profile'] . "\n\t \t \t\t WHERE kid = '1' AND shown = '1'\n ORDER BY id ASC"); while ($getcustom = _fetch($qrycustom)) { $qrycontent = db("SELECT " . $getcustom['feldname'] . " FROM " . $db['users'] . "\n\t \t\t WHERE id = '" . intval($_GET['id']) . "'\n\t\t\t\t\t LIMIT 1");
## INCLUDES ## include basePath . "/inc/config.php"; include basePath . "/inc/bbcode.php"; ## SETTINGS ## $time_start = generatetime(); lang($language); $dir = "shout"; ## SECTIONS ## if (!isset($_GET['action'])) { $action = ""; } else { $action = $_GET['action']; } switch ($action) { default: if (!ipcheck("shout", $flood_shout)) { if (($_POST['protect'] != 'nospam' || empty($_SESSION['sec_shout']) || $_POST['spam'] != $_SESSION['sec_shout'] || empty($_POST['spam'])) && !isset($userid)) { $index = error(_error_invalid_regcode, 1); } elseif (!isset($userid) && (empty($_POST['name']) || trim($_POST['name']) == '') || $_POST['name'] == "Nick") { $index = error(_empty_nick, 1); } elseif (!isset($userid) && empty($_POST['email']) || $_POST['email'] == "E-Mail") { $index = error(_empty_email, 1); } elseif (!isset($userid) && !check_email($_POST['email'])) { $index = error(_error_invalid_email, 1); } elseif (empty($_POST['eintrag'])) { $index = error(_error_empty_shout, 1); } elseif (settings('reg_shout') == 1 && $chkMe == 'unlogged') { $index = error(_error_unregistered, 1); } else { if (!isset($userid)) { $reg = $_POST['email'];
$form = show("page/editor_regged", array("nick" => autor($userid), "von" => _autor)); } else { $form = show("page/editor_notregged", array("nickhead" => _nick, "emailhead" => _email, "hphead" => _hp)); } if (!ipcheck("artid(" . $_GET['id'] . ")", $flood_newscom)) { $add = show("page/comments_add", array("titel" => _artikel_comments_write_head, "bbcodehead" => _bbcode, "form" => $form, "show" => "none", "b1" => $u_b1, "b2" => $u_b2, "what" => _button_value_add, "ip" => _iplog_info, "sec" => $dir, "security" => _register_confirm, "preview" => _preview, "action" => '?action=show&do=add&id=' . $_GET['id'], "prevurl" => '../artikel/?action=compreview&id=' . $_GET['id'], "lang" => $language, "id" => $_GET['id'], "postemail" => "", "posthp" => "", "postnick" => "", "posteintrag" => "", "error" => "", "eintraghead" => _eintrag)); } else { $add = ""; } } $seiten = nav($entrys, $maxcomments, "?action=show&id=" . $_GET['id'] . ""); $showmore = show($dir . "/comments", array("head" => _comments_head, "show" => $comments, "seiten" => $seiten, "icq" => "", "add" => $add)); $index = show($dir . "/show_more", array("titel" => re($get['titel']), "id" => $get['id'], "comments" => "", "display" => "inline", "nautor" => _autor, "kat" => re($getkat['katimg']), "dir" => $designpath, "ndatum" => _datum, "showmore" => $showmore, "icq" => "", "text" => bbcode($get['text']), "datum" => date("j.m.y H:i", intval($get['datum'])) . _uhr, "links" => $links, "autor" => autor($get['autor']))); } if ($_GET['do'] == "add") { if (!ipcheck("artid(" . $_GET['id'] . ")", $flood_artikelcom)) { if (isset($userid)) { $toCheck = empty($_POST['comment']); } else { $toCheck = empty($_POST['nick']) || empty($_POST['email']) || empty($_POST['comment']) || !check_email($_POST['email']) || $_POST['secure'] != $_SESSION['sec_' . $dir] || empty($_SESSION['sec_' . $dir]); } if ($toCheck) { if (isset($userid)) { if (empty($_POST['eintrag'])) { $error = _empty_eintrag; } $form = show("page/editor_regged", array("nick" => autor($userid), "von" => _autor)); } else { if ($_POST['secure'] != $_SESSION['sec_' . $dir] || empty($_SESSION['sec_' . $dir])) { $error = _error_invalid_regcode; } elseif (empty($_POST['nick'])) {
$add = show("page/comments_add", array("titel" => _news_comments_write_head, "bbcodehead" => _bbcode, "form" => $form, "show" => "none", "what" => _button_value_add, "ip" => _iplog_info, "preview" => _preview, "sec" => $dir, "b1" => $u_b1, "b2" => $u_b2, "security" => _register_confirm, "action" => '?action=show&do=add&id=' . $_GET['id'], "prevurl" => '../news/?action=compreview&id=' . $_GET['id'], "lang" => $language, "id" => $_GET['id'], "postemail" => "", "posthp" => "", "postnick" => "", "posteintrag" => "", "error" => "", "eintraghead" => _eintrag)); } else { $add = ""; } } $seiten = nav($entrys, $maxcomments, "?action=show&id=" . $_GET['id'] . ""); $showmore = show($dir . "/comments", array("head" => _comments_head, "show" => $comments, "seiten" => $seiten, "add" => $add)); if ($get['intern'] == "1") { $intern = _votes_intern; } else { $intern = ""; } $title = re($get['titel']) . ' - ' . $title; $index = show($dir . "/news_show", array("titel" => re($get['titel']), "kat" => re($getkat['katimg']), "id" => $get['id'], "comments" => "", "dp" => "compact", "nautor" => _autor, "dir" => $designpath, "ndatum" => _datum, "rel" => $rel, "sticky" => "", "intern" => $intern, "ncomments" => "", "showmore" => $showmore, "klapp" => $klapp, "more" => bbcode($get['klapptext']), "viewed" => "", "text" => bbcode($get['text']), "datum" => date("j.m.y H:i", empty($get['datum']) ? time() : $get['datum']) . _uhr, "links" => $links, "autor" => autor($get['autor']))); if ($_GET['do'] == "add") { if (!ipcheck("ncid(" . $_GET['id'] . ")", $flood_newscom)) { if (isset($userid)) { $toCheck = empty($_POST['comment']); } else { $toCheck = empty($_POST['nick']) || empty($_POST['email']) || empty($_POST['comment']) || !check_email($_POST['email']) || $_POST['secure'] != $_SESSION['sec_' . $dir] || empty($_SESSION['sec_' . $dir]); } if ($toCheck) { if (isset($userid)) { if (empty($_POST['eintrag'])) { $error = _empty_eintrag; } $form = show("page/editor_regged", array("nick" => autor($userid), "von" => _autor)); } else { if ($_POST['secure'] != $_SESSION['sec_' . $dir] || empty($_SESSION['sec_' . $dir])) { $error = _error_invalid_regcode; } elseif (empty($_POST['nick'])) {
$comments = show($dir . "/comments", array("head" => _cw_comments_head, "show" => $comments, "seiten" => $seiten, "add" => $add)); $logo_squad = '_defaultlogo.jpg'; $logo_gegner = '_defaultlogo.jpg'; foreach ($picformat as $end) { if (file_exists(basePath . '/inc/images/clanwars/' . $get['cid'] . '_logo.' . $end)) { $logo_gegner = $get['cid'] . '_logo.' . $end; } if (file_exists(basePath . '/inc/images/squads/' . $get['squad_id'] . '_logo.' . $end)) { $logo_squad = $get['squad_id'] . '_logo.' . $end; } } $logos = $logo_squad == '_defaultlogo.jpg' && $logo_gegner == '_defaultlogo.jpg'; $pagetitle = re($get['name']) . ' vs. ' . re($clans['gegner']) . ' - ' . $pagetitle; $index = show($dir . "/details", array("head" => _cw_head_details, "result_head" => _cw_head_results, "lineup_head" => _cw_head_lineup, "admin_head" => _cw_head_admin, "gametype_head" => _cw_head_gametype, "squad_head" => _cw_head_squad, "flagge" => $flagge, "br1" => $logos ? '<!--' : '', "br2" => $logos ? '-->' : '', "logo_squad" => $logo_squad, "logo_gegner" => $logo_gegner, "squad" => $show, "squad_name" => re($get['name']), "gametype" => re($get['gametype']), "lineup" => preg_replace("#\\,#", "<br />", re($get['lineup'])), "glineup" => preg_replace("#\\,#", "<br />", re($get['glineup'])), "match_admins" => re($get['matchadmins']), "datum" => _datum, "gegner" => _cw_head_gegner, "xonx" => _cw_head_xonx, "liga" => _cw_head_liga, "maps" => _cw_maps, "server" => _server, "result" => _cw_head_result, "players" => $players, "edit" => $editcw, "comments" => $comments, "bericht" => _cw_bericht, "serverpwd" => $serverpwd, "cw_datum" => date("d.m.Y H:i", $get['datum']) . _uhr, "cw_gegner" => $gegner, "cw_xonx" => re($get['xonx']), "cw_liga" => re($get['liga']), "cw_maps" => re($get['maps']), "cw_server" => $server, "cw_result" => $result, "cw_bericht" => $bericht, "screenshots" => $screens)); if ($_GET['do'] == "add") { if (!ipcheck("cwid(" . $_GET['id'] . ")", $flood_cwcom)) { if (isset($userid)) { $toCheck = empty($_POST['comment']); } else { $toCheck = empty($_POST['nick']) || empty($_POST['email']) || empty($_POST['comment']) || !check_email($_POST['email']) || $_POST['secure'] != $_SESSION['sec_' . $dir] || empty($_SESSION['sec_' . $dir]); } if ($toCheck) { if (isset($userid)) { if (empty($_POST['comment'])) { $error = _empty_eintrag; } $form = show("page/editor_regged", array("nick" => autor($userid), "von" => _autor)); } else { if ($_POST['secure'] != $_SESSION['sec_' . $dir] || empty($_SESSION['sec_' . $dir])) { $error = _error_invalid_regcode; } elseif (empty($_POST['nick'])) {
set_cookie($prev . "vid_" . $_GET['id'], $cookie); } } if ($_GET['ajax'] == 1) { header("Content-type: text/html; charset=utf-8"); include basePath . '/inc/menu-functions/vote.php'; echo '<table class="navContent" cellspacing="0">' . vote(1) . '</table>'; exit; } if ($_GET['what'] == "fvote") { if (empty($_POST['vote'])) { $index = error(_vote_no_answer); } else { $qry = db("SELECT * FROM " . $db['votes'] . "\n WHERE id = '" . intval($_GET['id']) . "'"); $get = _fetch($qry); if (ipcheck("vid_" . $_GET['id'])) { $index = error(_error_voted_again, 1); } elseif ($get['closed'] == 1) { $index = error(_error_vote_closed, 1); } else { if (isset($userid)) { $time = $userid; $update = db("UPDATE " . $db['userstats'] . "\n SET `votes` = votes+1\n WHERE user = '******'"); } else { $time = "0"; } $qry = db("UPDATE " . $db['vote_results'] . "\n SET `stimmen` = stimmen+1\n WHERE id = '" . intval($_POST['vote']) . "'"); $vid = "vid_" . $_GET['id'] . ""; $ins = db("INSERT INTO " . $db['ipcheck'] . "\n SET `ip` = '" . $userip . "',\n `what` = '" . $vid . "',\n `time` = '" . time() . "'"); $vid2 = "vid(" . $_GET['id'] . ")"; $ins2 = db("INSERT INTO " . $db['ipcheck'] . "\n SET `ip` = '" . $userip . "',\n `what` = '" . $vid2 . "',\n `time` = '" . time() . "'");
if ($entrys == "0") { $pagenr = "1"; } else { $pagenr = ceil($entrys / $maxfposts); } $lpost = show(_forum_add_lastpost, array("id" => $entrys + 1, "tid" => $getp['sid'], "page" => $pagenr)); $index = info(_forum_editpost_successful, $lpost); } } else { $index = error(_error_wrong_permissions, 1); } } elseif ($_GET['do'] == "add") { if (settings("reg_forum") == "1" && $chkMe == "unlogged") { $index = error(_error_unregistered, 1); } else { if (!ipcheck("fid(" . $_GET['kid'] . ")", $flood_forum)) { $check = db("SELECT s2.id,s1.intern FROM " . $db['f_kats'] . " AS s1\n LEFT JOIN " . $db['f_skats'] . " AS s2\n ON s2.sid = s1.id\n WHERE s2.id = '" . intval($_GET['kid']) . "'"); $checks = _fetch($check); if (forumcheck($_GET['id'], "closed")) { $index = error(_error_forum_closed, 1); } elseif ($checks['intern'] == 1 && !permission("intforum") && !fintern($checks['id'])) { $index = error(_error_no_access, 1); } else { if (isset($userid)) { $postnick = data($userid, "nick"); $postemail = data($userid, "email"); } else { $postnick = ""; $postemail = ""; } if ($_GET['zitat']) {