function cleanupPOSTandGET()
{
// remove possible unsecure PHP replacement tags in GET and POST vars
if (isset($_POST) && count($_POST)) {
foreach ($_POST as $key => $value) {
if (!is_array($_POST[$key])) {
$_POST[$key] = remove_unsecure_rptags($value);
}
}
}
if (isset($_GET) && count($_GET)) {
foreach ($_GET as $key => $value) {
$_GET[$key] = remove_unsecure_rptags($value);
}
}
}
$CNT_TMP .= getContentPartTopLink($crow["acontent_top"]);
// Space after
if ($crow["acontent_after"]) {
if (!empty($template_default["article"]["div_spacer"])) {
$CNT_TMP .= '<div style="margin-bottom:' . $crow["acontent_after"] . 'px;" class="' . $template_default['classes']['spaceholder-cp-after'] . '"></div>';
} else {
$CNT_TMP .= '<br class="' . $template_default['classes']['spaceholder-cp-after'] . '" />' . spacer(1, $crow["acontent_after"]);
}
}
// Maybe content part ID should b used inside templates or for something different
$CNT_TMP = str_replace(array('[%CPID%]', '{CPID}'), $crow["acontent_id"], $CNT_TMP);
// trigger content part functions
$CNT_TMP = trigger_cp($CNT_TMP, $crow);
//check if PHP replacent tags are allowed for content
if (empty($phpwcms["allow_cntPHP_rt"])) {
$CNT_TMP = remove_unsecure_rptags($CNT_TMP);
}
// wrap tab
if (!empty($crow['acontent_tab'])) {
$crow['acontent_tab'] = explode('_', $crow['acontent_tab'], 2);
$crow['acontent_tab']['num'] = explode('|', $crow['acontent_tab'][0]);
$crow['acontent_tab']['type'] = empty($crow['acontent_tab']['num'][1]) ? 1 : $crow['acontent_tab']['num'][1];
$crow['acontent_tab']['num'] = intval($crow['acontent_tab']['num'][0]);
if ($crow['acontent_tab']['type'] == 2) {
$crow['acontent_tab']['title'] = empty($crow['acontent_tab'][1]) ? i18n_substitute_text_token($content['cptab_types'][2]['title']) : $crow['acontent_tab'][1];
$crow['acontent_tab']['type'] = 2;
} elseif (isset($template_default['attributes']['cpgroup_custom'][$crow['acontent_tab']['type']])) {
$crow['acontent_tab']['title'] = empty($crow['acontent_tab'][1]) ? $template_default['attributes']['cpgroup_custom'][$crow['acontent_tab']['type']]['title'] : $crow['acontent_tab'][1];
$content['cptab_types'][$crow['acontent_tab']['type']] = array('id' => $crow['acontent_tab']['type'], 'item' => $crow['acontent_tab']['type'], 'title' => $template_default['attributes']['cpgroup_custom'][$crow['acontent_tab']['type']]['title']);
} else {
$crow['acontent_tab']['title'] = empty($crow['acontent_tab'][1]) ? i18n_substitute_text_token($content['cptab_types'][1]['title']) : $crow['acontent_tab'][1];
$guestbook['nav'] = get_tmpl_section('NAV', $guestbook['template']);
$guestbook['entry'] = get_tmpl_section('GUESTBOOK_ENTRY', $guestbook['template']);
$guestbook['list'] = get_tmpl_section('GUESTBOOK', $guestbook['template']);
$guestbook['ban'] = trim(get_tmpl_section('BAN', $guestbook['template']) . ' ' . $guestbook['banned']);
$guestbook['replace'] = strip_tags(trim(get_tmpl_section('BAN_REPLACE', $guestbook['template'])));
$guestbook['ban_ip'] = trim(get_tmpl_section('BAN_IP', $guestbook['template']));
$guestbook['comment'] = trim(get_tmpl_section('COMMENT', $guestbook['template']));
$guestbook['comment'] = explode('|', $guestbook['comment']);
$guestbook['comment'][0] = trim($guestbook['comment'][0]);
$guestbook['comment'][1] = trim($guestbook['comment'][1]);
// processiong post values
if (isset($_POST['guestbook_send'])) {
$guestbook['post']['email'] = clean_slweg(remove_unsecure_rptags($_POST['guestbook_email']));
$guestbook['post']['name'] = clean_slweg(remove_unsecure_rptags($_POST['guestbook_name']));
$guestbook['post']['url'] = clean_slweg(remove_unsecure_rptags($_POST['guestbook_url']));
$guestbook['post']['msg'] = clean_slweg(remove_unsecure_rptags($_POST['guestbook_msg']));
$guestbook['post']['msg'] = preg_replace('/\\[c\\](.*?)\\[\\/c\\]/is', "\$1", $guestbook['post']['msg']);
$guestbook['post']['show'] = intval($_POST['guestbook_show']);
if ($guestbook['post']['show'] > 2) {
$guestbook['post']['show'] = 0;
}
// email error
if (!is_valid_email($guestbook['post']['email'])) {
$guestbook['error']['email'] = 'Proof the email address: it is empty or false.';
}
// name error
if (empty($guestbook['post']['name'])) {
$guestbook['error']['name'] = 'Don't forget to insert your name.';
}
// banned stuff
$guestbook['ban_count'] = 0;
case 'newsletter':
/*
* Newsletter
*/
$form_newletter_setting = array();
$form_newletter_setting['double_optin'] = 0;
$form_value = array();
if ($POST_DO && ($cnt_form["fields"][$key]['required'] || isset($_POST[$POST_name]))) {
if (isset($_POST[$POST_name]) && is_array($_POST[$POST_name])) {
$POST_val[$POST_name] = array_map('combined_POST_cleaning', $_POST[$POST_name]);
$POST_val[$POST_name] = array_diff($POST_val[$POST_name], array(''));
if (!count($POST_val[$POST_name])) {
$POST_val[$POST_name] = false;
}
} else {
$POST_val[$POST_name] = isset($_POST[$POST_name]) ? remove_unsecure_rptags(clean_slweg($_POST[$POST_name])) : false;
}
if ($cnt_form["fields"][$key]['required'] && ($POST_val[$POST_name] === false || $POST_val[$POST_name] == '')) {
$POST_ERR[$key] = $cnt_form["fields"][$key]['error'];
$cnt_form["fields"][$key]['class'] = getFieldErrorClass($value['class'], $cnt_form["error_class"]);
} else {
$cnt_form["fields"][$key]['value'] = str_replace(' checked', '', $cnt_form["fields"][$key]['value']);
}
if (isset($POST_val[$POST_name])) {
$form_newletter_setting['selection'] = $POST_val[$POST_name];
} else {
$form_newletter_setting['selection'] = false;
}
}
// prepare default settings for newsletter field
$form_value_default = convertStringToArray($cnt_form["fields"][$key]['value'], "\n", 'UNIQUE', false);
function clean_search_text($string = '')
{
$string = strip_tags($string);
$string = strip_bbcode($string);
$string = clean_replacement_tags($string);
$string = remove_unsecure_rptags($string);
$string = str_replace(' ', ' ', $string);
$string = preg_replace('/\\s+/', ' ', $string);
$string = cleanUpSpecialHtmlEntities($string);
return $string;
}
require_once PHPWCMS_ROOT . '/include/inc_front/img.func.inc.php';
//ecard
$CNT_TMP .= headline($crow["acontent_title"], $crow["acontent_subtitle"], $template_default["article"]);
$ecard = unserialize($crow["acontent_form"]);
$ecard["send_err"] = 0;
$ecard["send_success"] = 0;
$ecard["selected"] = '';
// check if e-card was posted
if (isset($_POST['ecard_chooser'])) {
$ecard["chooser"] = isset($_POST['ecard_chooser']) ? intval($_POST['ecard_chooser']) : 0;
$ecard["selected"] = $ecard["chooser"];
$ecard["sender_name"] = clean_slweg(remove_unsecure_rptags($_POST["ecard_sender_name"]));
$ecard["sender_email"] = clean_slweg(remove_unsecure_rptags($_POST["ecard_sender_email"]));
$ecard["recipient_name"] = clean_slweg(remove_unsecure_rptags($_POST["ecard_recipient_name"]));
$ecard["recipient_email"] = clean_slweg(remove_unsecure_rptags($_POST["ecard_recipient_email"]));
$ecard["sender_msg"] = clean_slweg(remove_unsecure_rptags($_POST["ecard_sender_msg"]));
if (!is_valid_email($ecard["sender_email"]) || !is_valid_email($ecard["recipient_email"])) {
$ecard["send_err"] = 1;
} else {
//send message
require_once PHPWCMS_ROOT . '/include/inc_ext/phpmailer/PHPMailerAutoload.php';
$ecard["capt"] = explode("\n", $ecard["caption"]);
$thumb_image = get_cached_image(array("target_ext" => $ecard['images'][$ecard["chooser"]][3], "image_name" => $ecard['images'][$ecard["chooser"]][2] . '.' . $ecard['images'][$ecard["chooser"]][3], "max_width" => $ecard['images'][$ecard["chooser"]][4], "max_height" => $ecard['images'][$ecard["chooser"]][5], "thumb_name" => md5($ecard['images'][$ecard["chooser"]][2] . $ecard['images'][$ecard["chooser"]][4] . $ecard['images'][$ecard["chooser"]][5] . $phpwcms["sharpen_level"] . $phpwcms['colorspace'])));
$list_img_temp = '<img src="' . PHPWCMS_IMAGES . $thumb_image[0] . '" ' . $thumb_image[3] . ' alt="' . html_specialchars($ecard['images'][$ecard["chooser"]][1]) . '" />';
$ecard["send"] = str_replace('###ECARD_TITLE###', html_specialchars(chop($ecard["capt"][$ecard["chooser"]])), $ecard["send"]);
$ecard["send"] = str_replace('###ECARD_IMAGE###', $list_img_temp, $ecard["send"]);
$ecard["send"] = str_replace('###RECIPIENT_NAME###', $ecard["recipient_name"] ? html_specialchars($ecard["recipient_name"]) : html_specialchars($ecard["recipient_email"]), $ecard["send"]);
$ecard["send"] = str_replace('###RECIPIENT_EMAIL###', html_specialchars($ecard["recipient_email"]), $ecard["send"]);
$ecard["send"] = str_replace('###SENDER_MESSAGE###', nl2br(html_specialchars($ecard["sender_msg"])), $ecard["send"]);
$ecard["send"] = str_replace('###ECARD_SUBJECT###', html_specialchars($ecard["subject"]), $ecard["send"]);
$ecard["mailer"] = new PHPMailer();
require_once PHPWCMS_ROOT . '/include/inc_lib/dbcon.inc.php';
require_once PHPWCMS_ROOT . '/include/inc_lib/general.inc.php';
checkLogin();
require_once PHPWCMS_ROOT . '/include/inc_lib/backend.functions.inc.php';
if (isset($_GET['del']) && intval($_GET['del'])) {
$sql = "UPDATE " . DB_PREPEND . "phpwcms_guestbook SET guestbook_trashed=9 WHERE guestbook_cid=";
$sql .= intval($_GET['cid']) . " AND guestbook_id=" . intval($_GET['del']) . " LIMIT 1;";
_dbQuery($sql, 'UPDATE');
}
if (isset($_GET['edit']) && intval($_GET['edit'])) {
$gberror = '';
if (isset($_POST['gbsubmit'])) {
$gbemail = clean_slweg(remove_unsecure_rptags($_POST['gbemail']));
$gbname = clean_slweg(remove_unsecure_rptags($_POST['gbname']));
$gburl = clean_slweg(remove_unsecure_rptags($_POST['gburl']));
$gbmsg = clean_slweg(remove_unsecure_rptags($_POST['gbmsg']));
$gbshow = intval($_POST['gbshow']);
if ($gbshow > 2) {
$gbshow = 0;
}
$gbid = intval($_POST['gbid']);
$gbcid = intval($_POST['gbcid']);
if (!$gbemail || !$gbname) {
$gberror = 'Old values recovered - no changes made';
}
if (!$gberror) {
$sql = "UPDATE " . DB_PREPEND . "phpwcms_guestbook SET ";
$sql .= "guestbook_msg=" . _dbEscape($gbmsg) . ", ";
$sql .= "guestbook_name=" . _dbEscape($gbname) . ", ";
$sql .= "guestbook_email=" . _dbEscape($gbemail) . ", ";
$sql .= "guestbook_url=" . _dbEscape($gburl) . ", ";
function combined_POST_cleaning($val)
{
$val = clean_slweg($val);
$val = remove_unsecure_rptags($val);
return $val;
}
function showSelectedContent($param = '', $cpsql = null, $listmode = false)
{
global $template_default;
global $db;
global $content;
global $block;
global $phpwcms;
global $aktion;
$topcount = 999999;
$template = '';
$param = is_array($param) && isset($param[1]) ? $param[1] : $param;
$type = null;
$mode = null;
$related_type = 'OR';
$where = '';
$not = array();
if ($cpsql === null) {
if ($cp = explode(',', $param)) {
$mode = strtoupper(trim($cp[0]));
$type = substr($mode, 0, 2);
if ($type === 'AS') {
$mode = explode('|', $cp[0]);
if (isset($mode[1])) {
$mode[1] = trim($mode[1]);
if (is_numeric($mode[1])) {
$topcount = intval($mode[1]);
} elseif (empty($mode[2]) && strlen($mode[1]) > 4 && ($mode[1] == 'default' || is_file(PHPWCMS_TEMPLATE . 'inc_cntpart/articlesummary/list/' . $mode[1]))) {
$template = $mode[1];
}
}
if (isset($mode[2])) {
$mode[2] = trim($mode[2]);
if (is_numeric($mode[2])) {
$topcount = intval($mode[2]);
} elseif (strlen($mode[2]) > 4 && ($mode[2] == 'default' || is_file(PHPWCMS_TEMPLATE . 'inc_cntpart/articlesummary/list/' . $mode[2]))) {
$template = $mode[2];
}
}
$mode = strtoupper(trim($mode[0]));
if (isset($cp[1])) {
// now check if
$cp[1] = trim($cp[1]);
if (!is_numeric($cp[1])) {
$cp[1] = explode('|', $cp[1], 2);
// Check for OR or AND
if (isset($cp[1][1])) {
$related_type = strtoupper(trim($cp[1][1]));
if ($related_type !== 'AND' && $related_type !== 'OR') {
$related_type = 'OR';
}
}
$cp[1] = trim($cp[1][0]);
switch ($cp[1]) {
case 'random':
$where = 'RANDOM';
break;
case 'related':
if (isset($cp[2])) {
unset($cp[0], $cp[1]);
$related = array();
foreach ($cp as $value) {
$related[] = "article_keyword LIKE " . _dbEscape(strtoupper(trim($value)), true, '%', '%');
}
if (count($related)) {
$where = '(' . implode(' ' . $related_type . ' ', $related) . ')';
}
}
break;
case 'new':
default:
$where = 'NEW';
break;
}
$not[] = $aktion[1];
$cp = array();
}
}
}
if (count($cp)) {
unset($cp[0]);
foreach ($cp as $key => $value) {
$value = intval($value);
if (!$value) {
unset($cp[$key]);
} else {
$cp[$key] = $value;
}
}
if (!count($cp)) {
return '';
}
}
} else {
// oh no ID given, end function
return '';
}
} elseif (is_string($cpsql)) {
// Otherwise custom SQL
// and fallback to CPC mode
$type = 'CP';
$mode = 'CPC';
$cp = array(0);
}
$CNT_TMP = '';
// Article Mode
if ($type === 'AS') {
if (substr($mode, -1) == 'P') {
$mode = substr($mode, 0, -1);
$priorize = 'article_priorize DESC, ';
} else {
$priorize = '';
}
switch ($mode) {
case 'ASL':
$sort = $priorize . 'article_begin ASC';
break;
// sorted by livedate ascending
// sorted by livedate ascending
case 'ASLD':
$sort = $priorize . 'article_begin DESC';
break;
// sorted by livedate descending
// sorted by livedate descending
case 'ASK':
$sort = $priorize . 'article_end ASC';
break;
// sorted by killdate ascending
// sorted by killdate ascending
case 'ASKD':
$sort = $priorize . 'article_end DESC';
break;
// sorted by killdate descending
// sorted by killdate descending
case 'ASC':
$sort = $priorize . 'article_tstamp ASC';
break;
// sorted by change date ascending
// sorted by change date ascending
case 'ASCD':
$sort = $priorize . 'article_tspamp DESC';
break;
// sorted by change date descending
// sorted by change date descending
case 'AST':
$sort = $priorize . 'article_keyword ASC';
break;
// sorted by keyword ascending
// sorted by keyword ascending
case 'ASTD':
$sort = $priorize . 'article_keyword DESC';
break;
// sorted by keyword descending
// sorted by keyword descending
case 'ASR':
$sort = 'RAND()';
break;
// random sort
// random sort
default:
$sort = '';
}
$CNT_TMP = list_articles_summary(get_article_data($cp, $topcount, $sort, $where, $not), $topcount, $template);
// Content Part mode CP, CPA, CPAD, CPS, CPAS, CPASD
} elseif ($type === 'CP') {
$sort = $mode == 'CPAD' || $mode == 'CPASD' ? ' DESC' : '';
//means ASCENDING
foreach ($cp as $value) {
if ($mode == 'CP') {
// content part listing
$sql = "SELECT * FROM " . DB_PREPEND . "phpwcms_articlecontent ";
$sql .= "INNER JOIN " . DB_PREPEND . "phpwcms_article ON ";
$sql .= DB_PREPEND . "phpwcms_article.article_id=" . DB_PREPEND . "phpwcms_articlecontent.acontent_aid ";
$sql .= "WHERE acontent_id=" . $value . " AND acontent_visible=1 ";
$sql .= "AND acontent_block NOT IN ('CPSET', 'SYSTEM') ";
if (!FEUSER_LOGIN_STATUS) {
$sql .= 'AND acontent_granted=0 ';
}
$sql .= "AND acontent_trash=0 AND " . DB_PREPEND . "phpwcms_article.article_deleted=0 ";
if (!PREVIEW_MODE) {
$sql .= ' AND ' . DB_PREPEND . "phpwcms_article.article_begin < NOW() AND " . DB_PREPEND . "phpwcms_article.article_end > NOW() ";
}
$sql .= "LIMIT 1";
} elseif ($mode == 'CPS') {
$sql = "SELECT * FROM " . DB_PREPEND . "phpwcms_articlecontent ";
$sql .= "INNER JOIN " . DB_PREPEND . "phpwcms_article ON ";
$sql .= DB_PREPEND . "phpwcms_article.article_id=" . DB_PREPEND . "phpwcms_articlecontent.acontent_aid ";
$sql .= "WHERE acontent_id=" . $value . " AND acontent_visible=1 ";
$sql .= "AND acontent_block='SYSTEM' ";
if (!FEUSER_LOGIN_STATUS) {
$sql .= 'AND acontent_granted=0 ';
}
$sql .= "AND acontent_trash=0 AND " . DB_PREPEND . "phpwcms_article.article_deleted=0 ";
if (!PREVIEW_MODE) {
$sql .= ' AND ' . DB_PREPEND . "phpwcms_article.article_begin < NOW() AND " . DB_PREPEND . "phpwcms_article.article_end > NOW() ";
}
$sql .= "LIMIT 1";
} elseif ($mode == 'CPC') {
$sql = $cpsql;
} else {
// content parts based on article ID
$sql = "SELECT * FROM " . DB_PREPEND . "phpwcms_articlecontent ";
$sql .= "WHERE acontent_aid=" . $value . " AND acontent_visible=1 AND acontent_trash=0 ";
if ($mode == 'CPAS' || $mode == 'CPASD') {
$sql .= "AND acontent_block='SYSTEM' ";
} else {
$sql .= "AND acontent_block NOT IN ('CPSET', 'SYSTEM') ";
}
if (!FEUSER_LOGIN_STATUS) {
$sql .= 'AND acontent_granted=0 ';
}
$sql .= "ORDER BY acontent_sorting" . $sort . ", acontent_id";
}
if (!empty($sql) && ($cresult = mysql_query($sql, $db))) {
while ($crow = mysql_fetch_assoc($cresult)) {
if ($crow["acontent_type"] == 30 && !isset($phpwcms['modules'][$crow["acontent_module"]])) {
continue;
}
if ($crow["acontent_type"] == 24) {
// first retrieve alias ID information and settings
$crow = getContentPartAlias($crow);
if ($crow === false) {
continue;
}
}
// Set listmode setting, allows fallback listmode content part template
// for content parts which supports it (ToDo extend it)
$crow['acontent_template_listmode'] = $listmode;
$space = getContentPartSpacer($crow["acontent_before"], $crow["acontent_after"]);
// Space before
$CNT_TMP .= $space['before'];
// set frontend edit link
$CNT_TMP .= getFrontendEditLink('CP', $crow['acontent_aid'], $crow['acontent_id']);
// include content part code section
if ($crow["acontent_type"] != 30) {
include PHPWCMS_ROOT . '/include/inc_front/content/cnt' . $crow["acontent_type"] . '.article.inc.php';
} elseif ($crow["acontent_type"] == 30 && file_exists($phpwcms['modules'][$crow["acontent_module"]]['path'] . 'inc/cnt.article.php')) {
$CNT_TMP .= getFrontendEditLink('module', $phpwcms['modules'][$crow["acontent_module"]]['name'], $crow['acontent_aid']);
// now try to include module content part code
include $phpwcms['modules'][$crow["acontent_module"]]['path'] . 'inc/cnt.article.php';
}
//check if top link should be shown
$CNT_TMP .= getContentPartTopLink($crow["acontent_top"]);
//Maybe content part ID should b used inside templates or for something different
$CNT_TMP = str_replace(array('[%CPID%]', '{CPID}'), $crow["acontent_id"], $CNT_TMP);
// trigger content part functions
$CNT_TMP = trigger_cp($CNT_TMP, $crow);
// Space after
$CNT_TMP .= $space['after'];
}
mysql_free_result($cresult);
}
}
}
if (empty($phpwcms["allow_cntPHP_rt"]) || empty($phpwcms['enable_inline_php'])) {
$CNT_TMP = remove_unsecure_rptags($CNT_TMP);
}
return trim($CNT_TMP);
}
$temp_mailtext .= '{NEWSLETTER_DELETE}' . "\n\n\n";
$temp_mailtext .= 'Best Regards' . "\n";
$temp_mailtext .= $phpwcms['SMTP_FROM_NAME'] . "\n";
$temp_mailtext .= $phpwcms["admin_email"] . "\n\n";
$temp_mailtext .= "--\nIP: {IP}, Date: {DATE:d-m-Y, H:i:s}\n";
if (!$content["newsletter"]["change_text"]) {
$content["newsletter"]["change_text"] = $temp_mailtext;
}
if (!$content["newsletter"]["reg_text"]) {
$content["newsletter"]["reg_text"] = $temp_mailtext;
}
}
if (isset($_POST["newsletter_send"]) && intval($_POST["newsletter_send"])) {
unset($content["newsletter"]["email_subscription"]);
$content["newsletter"]["email_address"] = clean_slweg(remove_unsecure_rptags($_POST["newsletter_email"]), 250);
$content["newsletter"]["email_name"] = clean_slweg(remove_unsecure_rptags($_POST["newsletter_name"]), 250);
$content["newsletter"]["email_subscription"] = isset($_POST["email_subscription"]) && is_array($_POST["email_subscription"]) ? $_POST["email_subscription"] : array(0 => 0);
if (empty($content["newsletter"]["url1"])) {
$content["newsletter"]["url1"] = '';
}
if (empty($content["newsletter"]["url2"])) {
$content["newsletter"]["url2"] = '';
}
if (is_valid_email($content["newsletter"]["email_address"])) {
//Success
$content["newsletter"]["success"] = 1;
$content["newsletter"]["reffering_key"] = "";
$check_sql = "SELECT * FROM " . DB_PREPEND . "phpwcms_address WHERE address_email=" . _dbEscape($content["newsletter"]["email_address"]) . " LIMIT 1";
if ($check_result = mysql_query($check_sql, $db)) {
if ($check_row = mysql_fetch_array($check_result, MYSQL_ASSOC)) {
$content["newsletter"]["reffering_key"] = $check_row["address_key"];
$alink_sql .= ' ORDER BY ' . $ao[2];
if ($result = mysql_query($alink_sql, $db) or die("error while getting link article list: " . $alink_sql)) {
$alinkmenu['count'] = 0;
while ($row = mysql_fetch_row($result)) {
$tempRowSpan = '';
$row[3] = preg_replace('/<br[^>]*?>$/i', '', $row[3]);
$row['article_id'] = $row[0];
$row['article_alias'] = $row[4];
$row['article_title'] = html_specialchars($row[1]);
$alinkmenu['count']++;
$row['article_menutitle'] = empty($alinkmenu["titleasnumber"]) ? html_specialchars(empty($row[5]) ? $row[1] : $row[5]) : $alinkmenu['count'];
if ($alinkmenu['headertext'] && !empty($row[3])) {
$alinkmenu['sum'] = $row[3];
if (!empty($alinkmenu['maxchar'])) {
$alinkmenu['sum'] = clean_replacement_tags($alinkmenu['sum']);
$alinkmenu['sum'] = remove_unsecure_rptags($alinkmenu['sum']);
$alinkmenu['sum'] = preg_replace('/\\s/i', ' ', $alinkmenu['sum']);
$alinkmenu['sum'] = preg_replace('/\\s{2,}/i', ' ', $alinkmenu['sum']);
$alinkmenu['sum'] = trim(decode_entities($alinkmenu['sum']));
$alinkmenu['sum'] = wordwrap($alinkmenu['sum'], $alinkmenu['maxchar'], "\n");
list($alinkmenu['sum']) = explode("\n", $alinkmenu['sum']);
$alinkmenu['sum'] = trim($alinkmenu['sum']);
$alinkmenu['sum'] = html_specialchars($alinkmenu['sum']);
if (!empty($alinkmenu['morelink'])) {
$alinkmenu['sum'] .= '<a href="index.php?' . setGetArticleAid($row) . '" title="' . $row['article_title'] . '">';
$alinkmenu['sum'] .= $alinkmenu['morelink'];
$alinkmenu['sum'] .= '</a>';
}
}
} else {
$alinkmenu['sum'] = false;
