function makeDateRange($start = '', $end = '', $field = '') { $st = maketime($start . '-01'); $et = maketime($end . '-01'); $start = date('Y-m-d', mktime(0, 0, 0, date('n', $st), 1, date('Y', $st))); $end = date('Y-m-d', mktime(0, 0, 0, date('n', $et) + 1, 0, date('Y', $et))); return $field == '' ? array('start' => $start, 'end' => $end) : "({$field} >= '{$start}' AND {$field} <= '{$end}')"; }
function announce_edit() { global $set, $apx, $db; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } $apx->lang->dropaction('forum', 'announce_edit'); //Forum-Liste if (!is_array($_POST['forumid']) || $_POST['forumid'][0] == 'all') { $_POST['forumid'] = array('all'); } //Absenden if ($_POST['send']) { if (!checkToken()) { infoInvalidToken(); } elseif (!count($_POST['forumid']) || !$_POST['title'] || !$_POST['text']) { infoNotComplete(); } else { //Veröffentlichung $_POST['starttime'] = maketime(1); if ($_POST['starttime']) { $_POST['endtime'] = maketime(2); if (!$_POST['endtime'] || $_POST['endtime'] < $_POST['starttime']) { $_POST['endtime'] = 3000000000; } } //Ankündigung erstellen $db->dupdate(PRE . '_forum_announcements', 'title,text,starttime,endtime', "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); //Foren eintragen $db->query("DELETE FROM " . PRE . "_forum_anndisplay WHERE id='" . $_REQUEST['id'] . "'"); if ($_POST['forumid'][0] == 'all') { $db->query("\n\t\t\t\t\tINSERT IGNORE INTO " . PRE . "_forum_anndisplay\n\t\t\t\t\tVALUES ('" . $_REQUEST['id'] . "', '0')\n\t\t\t\t"); } else { foreach ($_POST['forumid'] as $fid) { $fid = (int) $fid; if (!$fid) { continue; } $db->query("\n\t\t\t\t\t\tINSERT IGNORE INTO " . PRE . "_forum_anndisplay\n\t\t\t\t\t\tVALUES ('" . $_REQUEST['id'] . "', '" . $fid . "')\n\t\t\t\t\t"); } } logit('FORUM_ANNOUNCEADD', 'ID #' . $nid); printJSRedirect('action.php?action=forum.announce'); } } else { $_POST = $db->first("SELECT title,text,starttime,endtime FROM " . PRE . "_forum_announcements WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); //Forum-Ids auslesen $data = $db->fetch("SELECT forumid FROM " . PRE . "_forum_anndisplay WHERE id='" . $_REQUEST['id'] . "'"); $_POST['forumid'] = array(); foreach ($data as $res) { if ($res['forumid'] == 0) { $_POST['forumid'] = array('all'); break; } else { $_POST['forumid'][] = $res['forumid']; } } //Veröffentlichung if ($_POST['starttime']) { maketimepost(1, $_POST['starttime']); if ($_POST['endtime'] < 2147483647) { maketimepost(2, $_POST['endtime']); } } //Foren auslesen $data = $this->cat->getTree(array('iscat', 'title', 'posts', 'threads')); $forumlist = '<option value="all" style="font-weight:bold;"' . iif(in_array('all', $_POST['forumid']), ' selected="selected"') . '>' . $apx->lang->get('ALLFORUMS') . '</option>'; if (count($data)) { foreach ($data as $res) { $space = str_repeat(' ', $res['level'] - 1); if ($res['iscat']) { $style = ' style="background:#EAEAEA"'; } else { $style = ''; } $forumlist .= '<option value="' . $res['forumid'] . '"' . $style . '' . iif(in_array($res['forumid'], $_POST['forumid']), ' selected="selected"') . '>' . $space . replace($res['title']) . '</option>'; } } $apx->tmpl->assign('FORUMLIST', $forumlist); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('STARTTIME', choosetime(1, 1, maketime(1))); $apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2))); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->parse('announceadd_announceedit'); } }
function enable() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { $starttime = maketime(1); $endtime = maketime(2); if (!$endtime || $endtime <= $starttime) { $endtime = 3000000000; } if (!checkToken()) { return printInvalidToken(); } elseif ($starttime) { $db->query("UPDATE " . PRE . "_banner SET starttime='" . $starttime . "',endtime='" . $endtime . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('BANNER_ENABLE', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('banner.show')); return; } } list($title) = $db->first("SELECT partner FROM " . PRE . "_banner WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('TITLE', compatible_hsc($title)); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('STARTTIME', choosetime(1, 0, time())); $apx->tmpl->assign('ENDTIME', choosetime(2, 1)); tmessageOverlay('enable'); }
function isodate($v) { return empty($v) || strpos(' ' . $v, '0000-00-00') > 0 ? '' : date('Y-m-d', maketime($v)); }
function enable() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { $starttime = maketime(1); $endtime = maketime(2); if (!$endtime || $endtime <= $starttime) { $endtime = 3000000000; } $db->query("UPDATE " . PRE . "_poll SET starttime='" . $starttime . "',endtime='" . $endtime . "' WHERE ( id='" . $_REQUEST['id'] . "' ) LIMIT 1"); logit('POLL_ENABLE', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('poll.show')); } else { list($title) = $db->first("SELECT question FROM " . PRE . "_poll WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('TITLE', compatible_hsc($title)); $apx->tmpl->assign('STARTTIME', choosetime(1, 0, time())); $apx->tmpl->assign('ENDTIME', choosetime(2, 1)); tmessageOverlay('enable', $input); } }
## Добавление сообщения ## ############################################################################################ case 'add': $uid = !empty($_GET['uid']) ? check($_GET['uid']) : 0; $msg = isset($_POST['msg']) ? check($_POST['msg']) : ''; if (is_user()) { $topics = DB::run()->queryFetch("SELECT `topics`.*, `forums`.`forums_parent` FROM `topics` LEFT JOIN `forums` ON `topics`.`topics_forums_id`=`forums`.`forums_id` WHERE `topics`.`topics_id`=? LIMIT 1;", array($tid)); $validation = new Validation(); $validation->addRule('equal', array($uid, $_SESSION['token']), 'Неверный идентификатор сессии, повторите действие!')->addRule('not_empty', $topics, 'Выбранная вами тема не существует, возможно она была удалена!')->addRule('empty', $topics['topics_closed'], 'Запрещено писать в закрытую тему!')->addRule('equal', array(is_quarantine($log), true), 'Карантин! Вы не можете писать в течении ' . round($config['karantin'] / 3600) . ' часов!')->addRule('equal', array(is_flood($log), true), 'Антифлуд! Разрешается отправлять сообщения раз в ' . flood_period() . ' сек!')->addRule('string', $msg, 'Слишком длинное или короткое сообщение!', true, 5, $config['forumtextlength']); // Проверка сообщения на схожесть $post = DB::run()->queryFetch("SELECT * FROM `posts` WHERE `posts_topics_id`=? ORDER BY `posts_id` DESC LIMIT 1;", array($tid)); $validation->addRule('not_equal', array($msg, $post['posts_text']), 'Ваше сообщение повторяет предыдущий пост!'); if ($validation->run()) { $msg = antimat($msg); if ($log == $post['posts_user'] && $post['posts_time'] + 600 > SITETIME && utf_strlen($msg) + utf_strlen($post['posts_text']) <= $config['forumtextlength']) { $newpost = $post['posts_text'] . "\n\n" . '[i][size=1]Добавлено через ' . maketime(SITETIME - $post['posts_time']) . ' сек.[/size][/i]' . "\n" . $msg; DB::run()->query("UPDATE `posts` SET `posts_text`=? WHERE `posts_id`=? LIMIT 1;", array($newpost, $post['posts_id'])); $lastid = $post['posts_id']; } else { DB::run()->query("INSERT INTO `posts` (`posts_topics_id`, `posts_forums_id`, `posts_user`, `posts_text`, `posts_time`, `posts_ip`, `posts_brow`) VALUES (?, ?, ?, ?, ?, ?, ?);", array($tid, $topics['topics_forums_id'], $log, $msg, SITETIME, $ip, $brow)); $lastid = DB::run()->lastInsertId(); DB::run()->query("UPDATE `users` SET `users_allforum`=`users_allforum`+1, `users_point`=`users_point`+1, `users_money`=`users_money`+5 WHERE `users_login`=? LIMIT 1;", array($log)); DB::run()->query("UPDATE `topics` SET `topics_posts`=`topics_posts`+1, `topics_last_user`=?, `topics_last_time`=? WHERE `topics_id`=?;", array($log, SITETIME, $tid)); DB::run()->query("UPDATE `forums` SET `forums_posts`=`forums_posts`+1, `forums_last_id`=?, `forums_last_themes`=?, `forums_last_user`=?, `forums_last_time`=? WHERE `forums_id`=?;", array($tid, $topics['topics_title'], $log, SITETIME, $topics['topics_forums_id'])); // Обновление родительского форума if ($topics['forums_parent'] > 0) { DB::run()->query("UPDATE `forums` SET `forums_last_id`=?, `forums_last_themes`=?, `forums_last_user`=?, `forums_last_time`=? WHERE `forums_id`=?;", array($tid, $topics['topics_title'], $log, SITETIME, $topics['forums_parent'])); } } // -- Загрузка файла -- // if (!empty($_FILES['file']['name']) && !empty($lastid)) {
$config['servername'] = preg_replace('#wap\\.#', '', $config['servername'], 1); } //---------------------- Установка сессионных переменных -----------------------// if (empty($_SESSION['counton'])) { $_SESSION['counton'] = 0; } if (empty($_SESSION['currs'])) { $_SESSION['currs'] = SITETIME; } if (empty($_SESSION['token'])) { $_SESSION['token'] = generate_password(6); } if (empty($_SESSION['protect'])) { $_SESSION['protect'] = mt_rand(1000, 9999); } $_SESSION['timeon'] = maketime(SITETIME - $_SESSION['currs']); ob_start('ob_processing'); ############################################################################################ ## Авторизация ## ############################################################################################ if (isset($_SESSION['log']) && isset($_SESSION['par']) && preg_match('|^[a-z0-9\\-]+$|i', $_SESSION['log'])) { if (file_exists(DATADIR . 'profil/' . $_SESSION['log'] . '.prof')) { $userprof = file_get_contents(DATADIR . 'profil/' . $_SESSION['log'] . '.prof'); $udata = explode(':||:', $userprof); if ($udata[0] == $_SESSION['log'] && $udata[1] == md5(md5($_SESSION['par'])) && !empty($udata[25])) { $log = $_SESSION['log']; $config['themes'] = check($udata[20]); # Скин/тема по умолчанию $config['bookpost'] = (int) $udata[21]; # Вывод сообщений в гостевой $config['postnews'] = (int) $udata[22];
function enable() { global $set, $db, $apx; //Mehrere if (is_array($_REQUEST['multiid'])) { if (!checkToken()) { printInvalidToken(); } else { $cache = array_map('intval', $_REQUEST['multiid']); if (!count($cache)) { header("HTTP/1.1 301 Moved Permanently"); header('Location: ' . get_index('videos.show')); return; } $data = $db->fetch("SELECT id FROM " . PRE . "_videos WHERE ( id IN (" . implode(',', $cache) . ") " . iif(!$apx->user->has_spright('videos.enable'), " AND userid='" . $apx->user->info['userid'] . "'") . " )"); $cache = array(); if (!is_array($data) || !count($data)) { header("HTTP/1.1 301 Moved Permanently"); header('Location: ' . get_index('videos.show')); return; } foreach ($data as $res) { $cache[] = $res['id']; } if (!count($cache)) { header("HTTP/1.1 301 Moved Permanently"); header('Location: ' . get_index('videos.show')); return; } $db->query("UPDATE " . PRE . "_videos SET starttime='" . time() . "',endtime='3000000000' WHERE id IN (" . implode(',', $cache) . ")"); foreach ($cache as $id) { logit('VIDEOS_ENABLE', 'ID #' . $id); } header("HTTP/1.1 301 Moved Permanently"); header('Location: ' . get_index('videos.show')); } } else { $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { $starttime = maketime(1); $endtime = maketime(2); if (!$endtime || $endtime <= $starttime) { $endtime = 3000000000; } $db->query("UPDATE " . PRE . "_videos SET starttime='" . $starttime . "',endtime='" . $endtime . "' WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('videos.enable'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1"); logit('VIDEOS_ENABLE', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('videos.show')); } else { list($title) = $db->first("SELECT title FROM " . PRE . "_videos WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('TITLE', compatible_hsc($title)); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('STARTTIME', choosetime(1, 0, time())); $apx->tmpl->assign('ENDTIME', choosetime(2, 1)); tmessageOverlay('enable'); } } }
function enable() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { printInvalidToken(); } else { $starttime = maketime(1); $endtime = maketime(2); if (!$endtime || $endtime <= $starttime) { $endtime = 3000000000; } $db->query("UPDATE " . PRE . "_news SET starttime='" . $starttime . "',endtime='" . $endtime . "' WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('news.enable'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1"); logit('NEWS_ENABLE', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('news.show')); } } else { list($title, $subtitle) = $db->first("SELECT title, subtitle FROM " . PRE . "_news WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('TITLE', compatible_hsc($title . ($subtitle ? ' - ' . $subtitle : ''))); $apx->tmpl->assign('STARTTIME', choosetime(1, 0, time())); $apx->tmpl->assign('ENDTIME', choosetime(2, 1)); tmessageOverlay('enable'); } }
function enable() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { printInvalidToken(); } else { $starttime = maketime(1); $endtime = maketime(2); if (!$endtime || $endtime <= $starttime) { $endtime = 3000000000; } $db->query("UPDATE " . PRE . "_calendar_events SET active='" . time() . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('CALENDAR_ENABLE', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('calendar.show')); } } else { list($title) = $db->first("SELECT title FROM " . PRE . "_calendar_events WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title)))); tmessageOverlay('enable', array('ID' => $_REQUEST['id'])); } }
function enable() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { printInvalidToken(); } else { $starttime = maketime(1); $endtime = maketime(2); if (!$endtime || $endtime <= $starttime) { $endtime = 3000000000; } //Elternknoten ebenfalls aktivieren $path = $this->cat->getPathTo(array('starttime'), $_REQUEST['id']); foreach ($path as $res) { if (!$res['starttime']) { $db->query("UPDATE " . PRE . "_gallery SET starttime='" . $starttime . "',endtime='" . $endtime . "' WHERE id='" . $res['id'] . "' LIMIT 1"); logit('GALLERY_ENABLE', 'ID #' . $res['id']); } } printJSRedirect(get_index('gallery.show')); } } else { list($title) = $db->first("SELECT title FROM " . PRE . "_gallery WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('TITLE', compatible_hsc($title)); $apx->tmpl->assign('STARTTIME', choosetime(1, 0, time())); $apx->tmpl->assign('ENDTIME', choosetime(2, 1)); tmessageOverlay('enable'); } }