echo "<a href='?pg=news&comment={$nID}&page={$a}'>{$a}</a> "; $a++; $nPages++; } } if ($_GET['page'] < $nPages) { echo "<a class='pageblue' href='?pg=news&comment={$nID}&page=" . ($_GET['page'] + 1) . "'>></a>"; } if (isset($_SESSION['username'])) { if (!isset($_POST['submit'])) { echo " \r\n\t\t\t\t\t<br/>\r\n\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t<textarea id = 'commentTextBox' name='commentText' rows='5' cols='100'>Type your message here</textarea><br/>\r\n\t\t\t\t\t\t\t<input type='submit' name='submit' value='Submit'>\r\n\t\t\t\t\t\t</form>\r\n\t\t\t\t<script>CKEDITOR.replace( 'commentText' );</script>\r\n\t\t\t\t\t "; } else { //$cleanText = misc::applyAttributesToText($_POST['commentText']); $cleanText = stripslashes(security::toHTML($_POST['commentText'])); if (strlen($cleanText) < $core->aConfig['minNewsCommentLen'] || strlen($cleanText) > $core->aConfig['maxNewsCommentLen']) { echo "<br/>Your message is too short or too long. It has to be at least <b>" . $core->aConfig['minNewsCommentLen'] . "</b> \r\n\t\t\t\t\tsymbols long, your one is just <b>" . strlen($cleanText) . "</b> symbols long. Max length is " . $core->aConfig['maxNewsCommentLen'] . ".<br/>"; misc::back(); } else { $datetime = misc::getDateTime(); core::$sql->exec("insert into srcms_newscomments(newsID, author, text, time) values('{$nID}','{$_SESSION['username']}', '{$cleanText}', '{$datetime}')"); echo "<br/><br/><b>Your comment has been successfully added</b>"; misc::redirect("?pg=news&comment={$nID}", 1); } } } else { echo "<br/><br/>You must be logged in to post comments"; } } else { echo "<br/>You can't comment news article that doesn't exist."; } }
return; } switch ($_GET['act']) { case 'news': if (!isset($_GET['subact'])) { echo "<a href='?pg=admin&act=news&subact=add'><b>Add</b></a><br/>\r\n\t\t\t\t <a href='?pg=admin&act=news&subact=del'><b>Delete</b></a><br/>\r\n\t\t\t\t <a href='?pg=admin&act=news&subact=edit'><b>Edit</b></a><br/>"; } else { switch ($_GET['subact']) { case 'add': if (!isset($_POST['submit']) && !isset($_POST['title'])) { echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t<td>Title</td><td><input type='text' name='title'></td><tr/>\r\n\t\t\t\t\t\t\t\t\t<td>Text</td><td><textarea id = 'textBox' name='textBox' rows='5' cols='100'>Type your message here</textarea></td><tr/>\r\n\t\t\t\t\t\t\t\t\t<td></td><td><input type='submit' name='submit' value='Add'></td>\r\n\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t </table><br/>\r\n\t\t\t\t\t\t\t \r\n\t\t\t\t\t\t\t <script>CKEDITOR.replace( 'textBox' );</script>\r\n\t\t\t\t\t\t\t \r\n\t\t\t\t\t\t\t "; } else { $szTitle = security::toHTML($_POST['title']); //$szText = misc::applyAttributesToText($_POST['textBox']); $szText = stripslashes(security::toHTML($_POST['textBox'])); core::$sql->exec("insert into srcms_news(title,content,author,time) values('{$szTitle}','{$szText}','{$_SESSION['username']}','" . misc::getDateTime() . "')"); echo "News article added.<br/>"; misc::redirect('?pg=admin&act=news', 1); } break; case 'del': if (isset($_GET['id'])) { $nID = (int) $_GET['id']; if (core::$sql->numRows("select * from srcms_news where id='{$nID}'") > 0) { core::$sql->exec("delete from srcms_news where id='{$nID}'"); core::$sql->exec("delete from srcms_newscomments where newsID='{$nID}'"); echo "Article deleted.<br/>"; misc::redirect('?pg=admin&act=news&subact=del', 1); break; } else { echo "You can't delete article that does not exist<br/>";
public static function sendWebPrivMsg($to, $from, $title, $text) { global $core; $msgTitle = security::toHTML($title); $msgText = security::toHTML($text); $senderJID = user::accountJIDbyUsername($from); $receiverJID = user::accountJIDbyUsername($to); if ($senderJID != $receiverJID) { if (core::$sql->numRows("select * from srcms_privatemessages where receiver='{$receiverJID}'") >= $core->aConfig['maxPrivMsg']) { echo "Receiver inbox is full.<br/>"; } else { if (strlen($msgTitle) < $core->aConfig['minPrivMsgTitleLen'] || strlen($msgTitle) > $core->aConfig['maxPrivMsgTitleLen'] || strlen($msgText) < $core->aConfig['minPrivMsgBodyLen'] || strlen($msgText) > $core->aConfig['maxPrivMsgBodyLen']) { echo "Message text, or title is too long or too short. Minimum title length is " . $core->aConfig['minPrivMsgTitleLen'] . " and " . $core->aConfig['maxPrivMsgTitleLen'] . "symbols\r\n\t\t\t\t\t\t\t\tmaximum. Message content minimum length is " . $core->aConfig['minPrivMsgBodyLen'] . " and " . $core->aConfig['maxPrivMsgBodyLen'] . " symbols maximum.<br/>"; misc::back(); } else { $datetime = misc::getDateTime(); core::$sql->exec("insert into srcms_privatemessages(sender,receiver, title, msg, viewed, time) values('{$senderJID}', '{$receiverJID}', '{$msgTitle}', '{$msgText}', '0', '{$datetime}')"); echo "<br/>Message sent.<br/>"; misc::redirect("?pg=ucp&act=mailbox", 2); } } } else { echo "You can't send message to yourself.<br/>"; misc::back(); } }