function display() { global $db, $apx, $user, $set; $apx->lang->drop('comments', 'comments'); $page = $this->getpage(array('p')); //Seitenzahlen list($count) = $db->first("SELECT count(id) FROM " . PRE . "_comments WHERE ( module='" . addslashes($this->module) . "' AND mid='" . $this->mid . "' AND active='1' )"); pages($page, $count, $this->set['epp'], 'comp', 'COMMENT'); //Sortierreihenfolge if ($this->set['order'] == 1) { $order = "a.time ASC"; } else { $order = "a.time DESC"; } //Kommentare auslesen $data = $db->fetch("SELECT a.* FROM " . PRE . "_comments AS a WHERE ( module='" . addslashes($this->module) . "' AND a.mid='" . $this->mid . "' AND a.active='1' ) ORDER BY " . $order . " " . getlimit($this->set['epp'], 'comp')); if (!count($data)) { return; } //Nummerierungs-Anfang if ($this->set['epp']) { if ($this->set['order'] == 0) { $entrynumber = $count - ($_REQUEST['comp'] - 1) * $this->set['epp']; } else { $entrynumber = 1 + ($_REQUEST['comp'] - 1) * $this->set['epp']; } } else { if ($this->set['order'] == 0) { $entrynumber = $count; } else { $entrynumber = 1; } } foreach ($data as $res) { ++$i; if ($res['userid'] && !isset($userinfo[$res['userid']])) { $userinfo[$res['userid']] = $user->get_info($res['userid'], 'username,email,pub_hidemail,homepage,avatar,avatar_title,signature,lastactive,pub_invisible,custom1,custom2,custom3,custom4,custom5,custom6,custom7,custom8,custom9,custom10'); } if ($res['userid'] && $userinfo[$res['userid']]) { $tabledata[$i]['USERID'] = $res['userid']; $tabledata[$i]['NAME'] = replace($userinfo[$res['userid']]['username']); $tabledata[$i]['EMAIL'] = replace(iif(!$userinfo[$res['userid']]['pub_hidemail'], $userinfo[$res['userid']]['email'])); $tabledata[$i]['EMAIL_ENCRYPTED'] = replace(iif(!$userinfo[$res['userid']]['pub_hidemail'], cryptMail($userinfo[$res['userid']]['email']))); $tabledata[$i]['HOMEPAGE'] = replace($userinfo[$res['userid']]['homepage']); $tabledata[$i]['AVATAR'] = $user->mkavatar($userinfo[$res['userid']]); $tabledata[$i]['AVATAR_TITLE'] = $user->mkavtitle($userinfo[$res['userid']]); $tabledata[$i]['SIGNATURE'] = $user->mksig($userinfo[$res['userid']]); $tabledata[$i]['ONLINE'] = iif(!$userinfo[$res['userid']]['pub_invisible'] && $userinfo[$res['userid']]['lastactive'] + $set['user']['timeout'] * 60 >= time(), 1, 0); $tabledata[$i]['ISONLINE'] = $tabledata[$i]['ONLINE']; //Custom-Felder for ($ii = 1; $ii <= 10; $ii++) { $tabledata[$i]['CUSTOM' . $ii . '_NAME'] = $set['user']['cusfield_names'][$ii - 1]; $tabledata[$i]['CUSTOM' . $ii] = compatible_hsc($userinfo[$res['userid']]['custom' . $ii]); } } else { $tabledata[$i]['NAME'] = replace($res['username']); $tabledata[$i]['EMAIL'] = replace($res['email']); $tabledata[$i]['EMAIL_ENCRYPTED'] = replace(cryptMail($res['email'])); $tabledata[$i]['HOMEPAGE'] = replace($res['homepage']); } //Text $text = $res['text']; if ($this->set['badwords']) { $text = badwords($text); } $text = replace($text, 1); if ($this->set['breakline']) { $text = wordwrapHTML($text, $this->set['breakline'], "\n"); } if ($this->set['allowsmilies']) { $text = dbsmilies($text); } if ($this->set['allowcode']) { $text = dbcodes($text); } //Titel $title = $res['title']; if ($this->set['breakline']) { $title = wordwrap($title, $this->set['breakline'], "\n", 1); } if ($this->set['badwords']) { $title = badwords($title); } $title = replace($title); $tabledata[$i]['TEXT'] = $text; $tabledata[$i]['TITLE'] = $title; $tabledata[$i]['TIME'] = $res['time']; $tabledata[$i]['NUMBER'] = $entrynumber; //Admin-Links if ($_COOKIE[$set['main']['cookie_pre'] . '_admin_userid'] && $_COOKIE[$set['main']['cookie_pre'] . '_admin_password']) { $tabledata[$i]['EDITLINK'] = HTTPDIR . 'admin/action.php?action=comments.edit&module=' . $this->module . '&mid=' . $this->mid . '&id=' . $res['id'] . '&outer=1'; $tabledata[$i]['DELETELINK'] = HTTPDIR . 'admin/action.php?action=comments.del&module=' . $this->module . '&mid=' . $this->mid . '&id=' . $res['id'] . '&outer=1'; } //Melden $link_report = "javascript:popupwin('misc.php?action=comments_report&id=" . $res['id'] . "&url='+escape(window.location.href),500,300);"; $tabledata[$i]['REPORTLINK'] = $link_report; //Kommentarnummer if ($this->set['order'] == 0) { --$entrynumber; } else { ++$entrynumber; } } return $tabledata; }
} else { $strana = 1; } $limit = "40"; $celkovy_pocet = $rows1; $pocet_stran = ceil($celkovy_pocet / $limit); $pociatok = $strana * $limit - $limit; $result = dbquery("SELECT * FROM bg_comments ORDER BY comment_id DESC LIMIT {$pociatok}, {$limit}"); if ($strana > $pocet_stran) { redirect("/"); } while ($data = dbarray($result)) { $nameexist = $data["comment_type"] == "A" ? articlename($data["comment_pageid"]) : projektname($data["comment_pageid"]); $name = $data["comment_type"] == "A" ? articleurl($data["comment_pageid"], articlename($data["comment_pageid"])) : projekturl($data["comment_pageid"], projektname($data["comment_pageid"]), 0, 0); echo '<tr id="article' . $data["comment_id"] . '" class="' . ($data["comment_delete"] == 1 ? "danger" : ($nameexist == "" ? "warning" : "")) . '"> <td><span class="label label-default">' . $data["comment_id"] . '</span></td> <td>' . ($nameexist == "" ? "Článok alebo projekt neexistuje" : $name) . '</td> <td>' . date("j. n. Y", $data["comment_time"]) . '</td> <td>' . username($data["comment_userid"], 0) . '</td> <td align="right"><a href="?cdel=' . $data["comment_id"] . '" class="label label-danger">Kôš</a> <span class="label label-default articleinf" data-toggle="popover" data-placement="right" data-trigger="hover" data-html="true" data-content="<div style=\'width:160px\'>' . str_replace("\"", "'", bbcode(badwords(smiley($data["comment_text"])))) . '</div>">Obsah</span></td> </tr>'; } echo '</table>'; pagination($rows1, $limit, $pocet_stran, $strana); } else { echo "Žiadní užívatelia.<br/>"; } ?> </div> <?php require "inc/footer.php";
$text = badwords($text); } $text = replace($text, 1); if ($set['user']['guestbook_allowsmilies']) { $text = dbsmilies($text); } if ($set['user']['guestbook_allowcode']) { $text = dbcodes($text); } //Titel $title = $res['title']; if ($set['user']['guestbook_breakline']) { $title = wordwrap($title, $set['user']['guestbook_breakline'], "\n", 1); } if ($set['user']['guestbook_badwords']) { $title = badwords($title); } $title = replace($title); $tabledata[$i]['TEXT'] = $text; $tabledata[$i]['TITLE'] = $title; $tabledata[$i]['TIME'] = $res['time']; $tabledata[$i]['NUMBER'] = $entrynumber--; //Admin-Links if ($set['user']['guestbook_useradmin'] && $_REQUEST['id'] == $user->info['userid']) { $tabledata[$i]['DELETELINK'] = mklink('user.php?action=guestbook&del=' . $res['id'], 'user.php?action=guestbook&del=' . $res['id']); } if ($_REQUEST['id'] == $user->info['userid']) { $tabledata[$i]['IGNORELINK'] = mklink('user.php?action=ignorelist&add=1&username='******'userid']]['username']), 'user,ignorelist.html?add=1&username='******'userid']]['username'])); } } }
function forum_replace($text, $codes = true, $smilies = true) { global $set, $apx, $codecache; //Badwords ersetzen if ($set['forum']['badwords']) { $text = badwords($text); } //Codes ersetzen if ($set['forum']['codes'] && $codes) { //Code und PHP ausschneiden $codecache = array(); $text = preg_replace_callback('#\\[(PHP|CODE|HTML)\\](.*?)\\[/\\1\\]#si', 'save_code', $text); //Restliche Codes ersetzen $text = forum_codes($text); } else { $text = replace($text, true); } //Smilies ersetzen if ($set['forum']['smilies'] && $smilies) { $text = dbsmilies($text); } //Code und PHP einfügen if ($set['forum']['codes'] && $codes) { $text = strtr($text, $codecache); } //Glossar-Links erzeugen if ($apx->is_module('glossar')) { $text = glossar_highlight($text, 'forum'); } return $text; }
<div class="panel panel-default"> <div class="panel-heading">Posledné komentáre</div> <ul class="list-group"> <?php $result = dbquery("SELECT * FROM bg_comments WHERE comment_delete='0' ORDER BY comment_id DESC LIMIT 0,8"); $rows1 = dbrows($result); if ($rows1 >= "1") { while ($data = dbarray($result)) { $type = articleurl($data["comment_pageid"], trimlink(articlename($data["comment_pageid"]), 22), 1, 1); $tname = articlename($data["comment_pageid"]); echo '<li class="list-group-item"> ' . (useravatar($data["comment_userid"]) != "/file/avatars/avatar.png" ? '<img src="' . useravatar($data["comment_userid"]) . '" alt="" class="img-circle pull-left" style="width:40px;margin-right:5px">' : '<img src="' . useravatar($data["comment_userid"]) . '" alt="" class="img-circle pull-left" style="width:40px;margin-right:5px">') . ' <span class="badge">' . timeago($data["comment_time"]) . '</span> ' . username($data["comment_userid"], 1) . ' > <a href="' . $type . '" style="font-size:9px">' . trimlink($tname, 32) . '</a><br> <small>' . trimlink(bbcoderemove(badwords($data["comment_text"])), 100) . '</small><br> </li>'; } } else { echo "Žiadne komentáre k článkom."; } ?> </ul> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading">Najnovšie témy (nezamknuté)</div>
function komentare($clanok, $type = "A", $link = "") { global $userinfo; echo '<div class="komentare" id="komentare">'; if (MEMBER) { if (isset($_GET["komentar"]) && isset($_GET["zmazat"]) && $_GET["zmazat"] != "") { if (!ctype_digit($_GET['zmazat'])) { redirect("/"); } $result66 = dbquery("SELECT * FROM bg_comments WHERE comment_id='" . strip_tags((int) $_GET["zmazat"]) . "' AND comment_type='" . $type . "'"); $rows55 = dbrows($result66); $data8 = dbarray($result66); if ($rows55 == 1) { if (!userperm("5")) { if ($data8["comment_userid"] == $userinfo["user_id"]) { dbquery("UPDATE bg_comments SET comment_delete='1' WHERE comment_id='" . strip_tags((int) $_GET["zmazat"]) . "' AND comment_type='" . $type . "'"); if ($link == "") { redirect("/clanok/" . $_GET["id"] . "/" . strip_tags($_GET["n"]) . "#komentare"); } else { redirect($link); } } else { redirect("/"); } } else { dbquery("UPDATE bg_comments SET comment_delete='1' WHERE comment_id='" . strip_tags((int) $_GET["zmazat"]) . "' AND comment_type='" . $type . "'"); dbquery("UPDATE bg_comments SET comment_delete='1' WHERE comment_type='" . $type . "' AND comment_reply='" . strip_tags((int) $_GET["zmazat"]) . "'"); if ($link == "") { redirect("/clanok/" . $_GET["id"] . "/" . strip_tags($_GET["n"]) . "#komentare"); } else { redirect($link); } } } else { redirect("/"); } } $antispamnum = rand(1, 99); if (isset($_POST["addcomment"]) && $_POST["textarea"] != "") { $text = trim(htmlspecialchars($_POST["textarea"], ENT_QUOTES, "UTF-8")); $reply = isset($_GET["reply"]) ? strip_tags((int) $_GET["reply"]) : "0"; if ($reply != 0) { $resultcom = dbquery("SELECT * FROM bg_comments WHERE comment_id='" . strip_tags((int) $_GET["reply"]) . "' AND comment_type='" . $type . "'"); $rows5com = dbrows($resultcom); if ($rows5com != 1) { if ($link == "") { redirect("/clanok/" . $_GET["id"] . "/" . strip_tags($_GET["n"]) . "#komentare"); } else { redirect($link); } } } if (!dbcount("(comment_id)", "bg_comments", "comment_userid='" . $userinfo["user_id"] . "' AND comment_time > " . strtotime("-30 seconds") . "")) { if ($text != "" and strlen($text) >= 8) { dbquery("INSERT INTO bg_comments(comment_userid, comment_text, comment_time, comment_pageid, comment_type, comment_reply)\n VALUES('" . $userinfo["user_id"] . "','" . $text . "','" . time() . "','" . $clanok . "','" . $type . "','" . $reply . "')"); } } if ($link == "") { redirect("/clanok/" . $_GET["id"] . "/" . strip_tags($_GET["n"]) . "#komentare"); } else { redirect($link); } } if (isset($_GET['reply'])) { if (!ctype_digit($_GET['reply'])) { redirect("/"); } } if (dbcount("(comment_id)", "bg_comments", "comment_userid='" . $userinfo["user_id"] . "' AND comment_time > " . strtotime("-30 seconds") . "")) { echo '<div class="alert alert-danger">O 30 sekúnd môžeš znova komentovať.</div>'; } echo '<div class="list-group komentboxarea ' . (isset($_GET['reply']) ? "showdiv" : "hidediv") . '" id="komreply"> <form name="form" action="#komentare" method="POST"> <div class="list-group-item list-group-item-info">Pridaj komentár</div> <textarea name="textarea" class="list-group-item" maxLength="800" rows="1" placeholder="text komentáru..." style="width:100%;padding:10px;font-size:12px;resize:vertical"></textarea> <div class="list-group-item"> <span class="bbcody"> <a href="javascript:addText(\'textarea\', \'[b]\', \'[/b]\', \'form\');" class="btn btn-default btn-sm" data-toggle="tooltip" data-placement="top" title="[b]tučný[/b]"><i class="fa fa-bold"></i></a> <a href="javascript:addText(\'textarea\', \'[i]\', \'[/i]\', \'form\');" class="btn btn-default btn-sm" data-toggle="tooltip" data-placement="top" title="[i]kurzíva[/i]"><i class="fa fa-italic"></i></a> <a href="javascript:addText(\'textarea\', \'[u]\', \'[/u]\', \'form\');" class="btn btn-default btn-sm" data-toggle="tooltip" data-placement="top" title="[u]podčiarknuté[/u]"><i class="fa fa-underline"></i></a> <a href="javascript:addText(\'textarea\', \'[url]\', \'[/url]\', \'form\');" class="btn btn-default btn-sm" data-toggle="tooltip" data-placement="top" title="[url]odkaz[/url]"><i class="fa fa-link"></i></a> </span> <span class="pull-right"> ' . (isset($_GET["reply"]) ? ' <a href="' . ($link == "" ? "/clanok/" . $_GET["id"] . "/" . strip_tags($_GET["n"]) . "#komentare" : $link) . '" class="btn btn-warning btn-sm">Zrušiť odpoveď</a>' : "") . ' <input name="addcomment" class="btn btn-success btn-sm" value="' . (isset($_GET["reply"]) ? 'Odpovedať na komentár ID #' . strip_tags((int) $_GET["reply"]) . '' : "Pridať komentár") . '" type="submit"> </span> <div class="clearfix"></div> </div> </form> </div> '; } else { echo '<div class="alert alert-info">Pred pridaním komentára sa musíš <a href="/registracia">zaregistrovať</a> alebo prihlásiť.</div>'; } echo ' <div class="page-header"> <h5>Komentáre ' . (!isset($_GET['reply']) ? '<a id="showcommentarea" class="btn btn-success btn-xs pull-right">Pridať komentár</a>' : '') . ' </h5> </div> '; if (isset($_GET["vsetkykomentare"]) && $_GET["vsetkykomentare"] == "zobrazit") { $comlimit = ""; } else { $comlimit = "LIMIT 0,7"; } $result2 = dbquery("SELECT * FROM bg_comments WHERE comment_delete='0' AND comment_pageid='" . $clanok . "' AND comment_type='" . $type . "' AND comment_reply='0' ORDER BY comment_id DESC"); $rows3 = dbrows($result2); if ($rows3 >= 1) { $result3 = dbquery("SELECT * FROM bg_comments WHERE comment_delete='0' AND comment_pageid='" . $clanok . "' AND comment_type='" . $type . "' AND comment_reply='0' ORDER BY comment_id DESC " . $comlimit); while ($data2 = dbarray($result3)) { $resultreply = dbquery("SELECT * FROM bg_comments WHERE comment_delete='0' AND comment_pageid='" . $clanok . "' AND comment_type='" . $type . "' AND comment_reply='" . $data2["comment_id"] . "' ORDER BY comment_id DESC"); // def reply $rowsrep = dbrows($resultreply); // def reply echo ' <div class="media komentar"> <a class="pull-left"> <img class="media-object img-circle" src="' . useravatar($data2["comment_userid"]) . '" alt="' . username($data2["comment_userid"]) . '"> </a> <div class="media-body"> <h4 class="media-heading">' . username($data2["comment_userid"], 1) . ' <span class="time">' . timeago($data2["comment_time"]) . '</span></h4> ' . wordwrap(bbcode(badwords(smiley($data2["comment_text"]))), 100, " ", 1) . ' <div class="clearfix"></div> <div class="buttonsinfo"> '; if (MEMBER) { echo '<a href="?reply=' . $data2["comment_id"] . '#komreply" class="btn btn-default btn-xs"><i class="fa fa-share"></i> Odpovedať</a> '; } if (SADMIN or MEMBER && $data2["comment_userid"] == $userinfo["user_id"]) { echo '<a href="?zmazat=' . $data2["comment_id"] . '&komentar" onclick="return confirm(\'Zmazať komentár užívateľa ' . username($data2["comment_userid"]) . ' ?\');" title="Odstrániť komentár" class="btn btn-default btn-xs"><i class="fa fa-ban"></i> Odstrániť komentár</a>'; } echo $rowsrep >= 3 ? ' <a class="btn btn-default btn-xs sreply" data-comid="' . $data2["comment_id"] . '"><i class="fa fa-level-down"></i> Zobraziť ďaľšie odpovede (' . ($rowsrep - 1) . ')</a>' : ""; echo '</div>'; $schovaj = $rowsrep >= 3 ? 'hidencom kom' . $data2["comment_id"] : ""; if ($rowsrep >= 1) { $i = 0; while ($datareply = dbarray($resultreply)) { echo ' <div class="media komentarreply ' . ($i == 0 ? "" : $schovaj) . '"> <a class="pull-left"> <img class="media-object img-circle" src="' . useravatar($datareply["comment_userid"]) . '" alt="' . username($datareply["comment_userid"]) . '"> </a> <div class="media-body"> <h4 class="media-heading">' . username($datareply["comment_userid"], 1) . ' <span class="time">' . timeago($datareply["comment_time"]) . '</span></h4> ' . wordwrap(bbcode(badwords(smiley($datareply["comment_text"]))), 100, " ", 1) . ' <div class="clearfix"></div> <div class="buttonsinfo"> '; if (SADMIN or MEMBER && $datareply["comment_userid"] == $userinfo["user_id"]) { echo '<a href="?zmazat=' . $datareply["comment_id"] . '&komentar" onclick="return confirm(\'Zmazať komentár užívateľa ' . username($datareply["comment_userid"]) . ' ?\');" title="Odstrániť komentár" class="btn btn-default btn-xs"><i class="fa fa-ban"></i> Odstrániť komentár</a>'; } echo ' </div> </div> </div> '; $i++; } } echo ' </div> </div> '; } if ($rows3 > "7") { if (isset($_GET["vsetkykomentare"]) && $_GET["vsetkykomentare"] == "zobrazit") { echo "<a href='?vsetkykomentare=skryt#komentare' class='buttonf'>Skryť všetky komentáre</a>"; } else { echo "<a href='?vsetkykomentare=zobrazit#komentare' class='buttonf'>Zobraziť všetky komentáre</a>"; } } } else { echo "<p style='padding: 10px;'>Žiadny komentár ešte nebol pridaný. Buďte prvý kto pridá komentár.</p>"; } echo "</div>"; }
/** * format_post * * @text string * @nosmilies string * @com string */ function format_post($text, $nosmilies = 0, $com = 0) { global $data, $smilie; if ($data["html"] == 0 and $com == 0) { $text = htmlspecialchars($text); } $text = nl2br($text); if ($data["smilies"] == 1 or $com == 1) { if ($nosmilies == 0) { if (isset($smilie) and is_array($smilie)) { $text = str_replace(array_keys($smilie), array_values($smilie), $text); } } } if ($data["apbcode"] == 1 or $com == 1) { $text = eregi_replace("([ \r\n])http://([^ ,\r\n]*)", "\\1[url]http://\\2[/url]", $text); $text = eregi_replace("([ \r\n])https://([^ ,\r\n]*)", "\\1[url]https://\\2[/url]", $text); $text = eregi_replace("([ \r\n])ftp://([^ ,\r\n]*)", "\\1[url]ftp://\\2[/url]", $text); $text = eregi_replace("([ \r\n])www\\.([^ ,\r\n]*)", "\\1[url]http://www.\\2[/url]", $text); $text = eregi_replace("^http://([^ ,\r\n]*)", "[url]http://\\1[/url]", $text); $text = eregi_replace("^https://([^ ,\r\n]*)", "[url]https://\\1[/url]", $text); $text = eregi_replace("^ftp://([^ ,\r\n]*)", "[url]ftp://\\1[/url]", $text); $text = eregi_replace("^www\\.([^ ,\r\n]*)", "[url]http://www.\\1[/url]", $text); $text = eregi_replace("(\\[size=)([^]]*)(])", "<font size=\"\\2\">", $text); $text = str_replace("[/size]", "</font>", $text); $text = eregi_replace("(\\[color=)([^]]*)(])", "<font color=\"\\2\">", $text); $text = str_replace("[/color]", "</font>", $text); $text = str_replace("[center]", "<center>", $text); $text = str_replace("[/center]", "</center>", $text); $text = str_replace("[b]", "<b>", $text); $text = str_replace("[/b]", "</b>", $text); $text = str_replace("[i]", "<i>", $text); $text = str_replace("[/i]", "</i>", $text); $text = str_replace("[u]", "<u>", $text); $text = str_replace("[/u]", "</u>", $text); $text = eregi_replace("\\[url\\]www.([^\\[]*)\\[/url\\]", "<a href=\"http://www.\\1\" target=\"_blank\">\\1</a>", $text); $text = eregi_replace("\\[url\\]([^\\[]*)\\[/url\\]", "<a href=\"\\1\" target=\"_blank\">\\1</a>", $text); $text = str_replace("[url=\\"", "[url=\"", $text); $text = str_replace("\\"]", "\"]", $text); $text = eregi_replace("\\[url=\"([^\"]*)\"\\]([^\\[]*)\\[\\/url\\]", "<a href=\"\\1\" target=\"_blank\">\\2</a>", $text); $text = eregi_replace("\\[url=([^\"]*)\\]([^\\[]*)\\[\\/url\\]", "<a href=\"\\1\" target=\"_blank\">\\2</a>", $text); $text = eregi_replace("\\[img\\]([^\"\\[]*)\\[/img\\]", "<img src=\"\\1\" border=\"0\">", $text); $text = str_replace("[list]", "<ul type=\"square\">", $text); $text = str_replace("[/list]", "</ul>", $text); $text = str_replace("[list=1]", "<ol type=\"1\">", $text); $text = str_replace("[list=a]", "<ol type=\"A\">", $text); $text = str_replace("[list=A]", "<ol type=\"A\">", $text); $text = str_replace("[/list=1]", "</ol>", $text); $text = str_replace("[/list=a]", "</ol>", $text); $text = str_replace("[/list=A]", "</ol>", $text); $text = str_replace("[*]", "<li>", $text); $text = str_replace("[quote]", "<blockquote>Zitat:<hr>", $text); $text = str_replace("[/quote]", "<hr></blockquote>", $text); $text = str_replace("[code]", "<blockquote><pre>Code:<hr>", $text); $text = str_replace("[/code]", "<hr></pre></blockquote>", $text); } return badwords($text); }
</div> <div class="tab-pane fade in active" id="comments"> <div class="list-group" style="margin-top:15px;"> '; while ($datap = dbarray($result_comments)) { if ($datap["comment_type"] == "A") { $type = articleurl($datap["comment_pageid"], trimlink(articlename($datap["comment_pageid"]), 22), 1, 1); $name = articlename($datap["comment_pageid"]); } else { if ($datap["comment_type"] == "P") { $type = projekturl($datap["comment_pageid"], trimlink(projektname($datap["comment_pageid"]), 22), 1, 1); $name = projektname($datap["comment_pageid"]); } } echo '<a href="' . $type . '" class="list-group-item">' . $name . '<br/><small>' . trimlink(bbcoderemove(badwords($datap["comment_text"])), 70) . '</small> <span class="badge">' . timeago($datap["comment_time"]) . '</span></a>'; } echo ' </div> </div> <div class="tab-pane fade" id="forum"> <div class="list-group" style="margin-top:15px;"> '; while ($datap = dbarray($result_forumt)) { echo '<a href="/tema/' . $datap["forumt_id"] . '/' . bezd($datap["forumt_name"]) . '" class="list-group-item">' . $datap["forumt_name"] . ' <span class="badge">' . timeago($datap["forumt_time"]) . '</span></a>'; } echo ' </div>
function mkavtitle($info) { global $set; $title = $info['avatar_title']; if (!$title) { return ''; } if ($set['user']['avatar_badwords']) { $title = badwords($title); } return compatible_hsc($title); }
function user_blogs_last($count = 5, $start = 0, $friendsonly = false, $userid = 0, $template = 'lastblogs') { global $set, $db, $apx, $user; $tmpl = new tengine(); $count = (int) $count; $start = (int) $start; $userid = (int) $userid; //Verwendete Variablen auslesen $parse = $apx->tmpl->used_vars('functions/' . $template, 'user'); //Nach Freunde filtern $friendfilter = ''; if ($friendsonly) { $friends = $user->get_buddies(); $friends[] = -1; $friendfilter = " AND userid IN (" . implode(',', $friends) . ") "; } //Nach Benutzer filtern $userfilter = ''; if ($userid) { $userfilter = " AND userid='" . $userid . "'"; } $data = $db->fetch("SELECT * FROM " . PRE . "_user_blog WHERE 1 " . $userfilter . $friendfilter . " ORDER BY time DESC LIMIT " . iif($start, $start . ',') . $count); if (count($data)) { //Benutzer-Infos auslesen $userdata = array(); if (in_template(array('BLOG.USERNAME', 'BLOG.REALNAME', 'BLOG.AVATAR', 'BLOG.AVATER_TITLE'), $parse)) { $userids = get_ids($data, 'userid'); $userdata = $user->get_info_multi($userids, 'username,realname,avatar,avatar_title'); } //Blogs auflisten $tabledata = array(); foreach ($data as $res) { ++$i; $link = mklink('user.php?action=blog&id=' . $res['userid'] . '&blogid=' . $res['id'], 'user,blog,' . $res['userid'] . ',id' . $res['id'] . urlformat($res['title']) . '.html'); //Text $text = ''; if (in_array('BLOG.TEXT', $parse)) { $text = $res['text']; $text = badwords($text); $text = replace($text, 1); $text = dbsmilies($text); $text = dbcodes($text); } $tabledata[$i]['ID'] = $res['id']; $tabledata[$i]['TITLE'] = replace($res['title']); $tabledata[$i]['TEXT'] = $res['text']; $tabledata[$i]['LINK'] = $link; $tabledata[$i]['TIME'] = $res['time']; //Userinfo $userinfo = $userdata[$res['userid']]; $tabledata[$i]['USERID'] = $res['userid']; $tabledata[$i]['USERNAME'] = replace($userinfo['username']); $tabledata[$i]['REALNAME'] = replace($userinfo['realname']); $tabledata[$i]['AVATAR'] = $user->mkavatar($userinfo); $tabledata[$i]['AVATAR_TITLE'] = $user->mkavtitle($userinfo); //Kommentare if ($apx->is_module('comments') && $res['allowcoms']) { require_once BASEDIR . getmodulepath('comments') . 'class.comments.php'; if (!isset($coms)) { $coms = new comments('userblog', $res['id']); } else { $coms->mid = $res['id']; } $link = mklink('user.php?action=blog&id=' . $res['userid'] . '&blogid=' . $res['id'], 'user,blog,' . $res['userid'] . ',id' . $res['id'] . urlformat($res['title']) . '.html'); $tabledata[$i]['COMMENT_COUNT'] = $coms->count(); $tabledata[$i]['COMMENT_LINK'] = $coms->link($link); $tabledata[$i]['DISPLAY_COMMENTS'] = 1; if (in_template(array('BLOG.COMMENT_LAST_USERID', 'BLOG.COMMENT_LAST_NAME', 'BLOG.COMMENT_LAST_TIME'), $parse)) { $tabledata[$i]['COMMENT_LAST_USERID'] = $coms->last_userid(); $tabledata[$i]['COMMENT_LAST_NAME'] = $coms->last_name(); $tabledata[$i]['COMMENT_LAST_TIME'] = $coms->last_time(); } } } } $tmpl->assign('BLOG', $tabledata); //Template ausgeben $tmpl->parse('functions/' . $template, 'user'); }
<div class="list-group-item" style="background:#5cb85c;border-color:#5cb85c;">Téma: ' . htmlspecialchars($_POST["name"]) . '</div> <div class="list-group-item"> <a href="#p0" class="idf">#0</a><strong>' . username($userinfo["user_id"], 1) . '</strong> - ' . $adminprava[$userinfo["user_perm"]] . '<span class="pull-right">' . date("j. n. Y H:i:s", $dataf3["post_time"]) . '</span> </div> <div class="list-group-item"> <div class="row"> <div class="col-md-2 visible-md visible-lg"> ' . (useravatar($userinfo["user_id"]) != "/file/avatars/avatar.png" ? '<img src="' . useravatar($userinfo["user_id"]) . '" alt="avatar" class="img-responsive"/>' : '<img src="' . useravatar($userinfo["user_id"]) . '" alt="avatar" class="img-responsive" />') . ' </div> <div class="col-md-10"> ' . userdetect(smiley(bbcode(badwords(nl2br($_POST["forumnew"]))))) . ' </div> </div> </div> <div class="list-group-item"></div> </div> '; } echo '<div class="list-group"> <form name="form" action="" method="POST"> <div class="list-group-item list-group-item-warning">Vytvoriť novú tému v fóre: ' . forumcat($_GET["forumfid"]) . '</div> <div class="list-group-item"> <input name="name" class="form-control" style="width:100%" value="' . (isset($_POST["name"]) ? $_POST["name"] : "") . '" placeholder="zadajte názov témy..." type="text"> </div> <textarea name="forumnew" class="list-group-item" rows="15" placeholder="" style="width:100%;padding:10px;font-size:12px;resize:vertical">' . (isset($_POST["forumnew"]) ? $_POST["forumnew"] : "") . '</textarea>
if ($show_adrating) { $per = $db[rating] * 10 / 2; echo "<table align=right border=0 cellspacing=4 cellpadding=1 width=\"58\"\n onmouseover=\"window.status='{$ad_rating} {$db['rating']}'; return true;\"\n onmouseout=\"window.status=''; return true;\">\n"; echo " <tr>\n"; echo " <td class=\"ratebarout\">\n"; echo " <img src=\"{$image_dir}/{$adrating_icon}\" align=\"left\" border=\"0\" width=\"{$per}\" height=\"6\"\n alt=\"{$ad_rating} {$db['rating']}\" hspace=\"0\"\n onmouseover=\"window.status='{$ad_rating} {$db['rating']}'; return true;\"\n onmouseout=\"window.status=''; return true;\">\n"; echo " </td>\n"; echo " </tr>\n"; echo "</table>\n"; } if ($show_newicon && dateToTime($db[addate]) > $timestamp - 86400 * $show_newicon) { echo " <img src=\"{$image_dir}/icons/new.gif\" align=\"right\" vspace=\"2\" alt=\"{$ad_new}\"\n onmouseover=\"window.status='{$ad_new}'; return true;\"\n onmouseout=\"window.status=''; return true;\">"; } echo " <a href=\"classified.php?catid={$db['catid']}&subcatid={$db['subcatid']}&adid={$db['id']}\" onmouseover=\"window.status='{$ad_nr} {$db['id']}';\n return true;\" onmouseout=\"window.status=''; return true;\">" . badwords($db[header], $mod) . "</a>\n"; echo " </td><td width=\"1%\" valign=\"top\">\n"; echo " <div class=\"smallleft\">\n"; echo " <img src=\"{$image_dir}/icons/chart.gif\" alt=\"{$ad_stat}\" align=\"left\" hspace=\"2\"\n onmouseover=\"window.status='{$ad_stat}'; return true;\"\n onmouseout=\"window.status=''; return true;\">:{$db['viewed']}/{$db['answered']}</div>\n"; echo " </td></tr></table>\n"; echo " <div class=\"smallleft\">\n"; echo " {$ad_from} {$dbu['username']} {$ad_date} " . dateToStr($db[addate]) . "<br>\n"; if ($dbc[sfield]) { echo " {$ad_location}{$db['location']}<br>\n"; echo " {$iconstring}\n"; echo " {$dbc['sfield']}: " . badwords($db[sfield], $mod) . "\n"; } else { echo " {$iconstring}\n"; echo " {$ad_location}{$db['location']}\n"; } echo " </div>"; echo " </td>\n"; echo " </tr>\n";
} else { $ips = ""; } if ($db['location'] != "none") { $location = "{$gb_location}<br>{$db['location']}<br>"; } else { $location = "<br><br>"; } if ($db['browser'] != "") { $browser = "<img src=\"{$image_dir}/icons/browser.gif\" alt=\"{$db['browser']}\" align=\"left\">"; } else { $browser = ""; } empty($_SESSION['susermod']) ? $_SESSION['susermod'] = "" : ($_SESSION['susermod'] = $_SESSION['susermod']); echo " <tr>\n"; echo " <td class=\"gbtable1\">\n"; echo " <em id=\"red\">" . badwords($db['name'], $_SESSION['susermod']) . "</em><br>\n"; echo " <div class=\"smallleft\">{$location}<br></div>\n"; echo " <br>{$icq} {$http} {$email} {$ips} {$browser}\n"; echo " </td>\n"; echo " <td class=\"gbtable2\"><div class=\"smallleft\">\n"; if ($_SESSION['susermod']) { echo "<a href=\"guestbook_submit.php?delid={$db['id']}\"><img src=\"{$image_dir}/icons/trash.gif\" alt=\"MODERATOR Delete Entry\" border=\"0\" align=\"right\"></a>"; echo "<div class=\"spaceleft\"> </div>\n"; } echo " {$gb_posted} {$when}</div><hr>" . badwords($db['message'], $_SESSION['susermod']) . "</td>\n"; echo " </tr>\n"; } # End of Page reached ################################################################################################# echo "</table>\n";
$_POST['pass'] = htmlspecialchars($_POST['pass']); $_POST['email'] = strtolower(htmlspecialchars($_POST['email'])); $_POST['basis'] = htmlspecialchars($_POST['basis']); $content .= '<center> <font size="+2"><u>O-Wars Rekrutierung</u></font><br /><br /> </center>'; if (!$_POST['agb']) { $error .= "Du musst die AGB bestätigen<br />"; } // hier kommt der badwords check $badbase = badwords($_POST['basis']); if ($badbase) { $badbase = implode('/', $badbase); $error .= '<b>FEHLER:</b> Dein Basisname kann so nicht aktzeptiert werden. (' . $badbase . ')<br />'; } $baduser = badwords($_POST['user']); if ($baduser) { $baduser = implode('/', $baduser); $error .= '<b>FEHLER:</b> Dein Username kann so nicht aktzeptiert werden. (' . $baduser . ')<br />'; } if ($_POST['pass'] and preg_match('/^[0-9,A-Z,a-z]{4,12}$/', $_POST['pass']) == 0) { $error .= "<b>FEHLER:</b> Passwort: Gültige Zeichen: [0-9,A-Z,a-z], Minimum 4, Maximum 12 Zeichen<br />"; } if ($_POST['user'] and preg_match('/^[0-9,A-Z,a-z,\\ ]{1,16}$/', $_POST['user']) == 0) { $error .= "<b>FEHLER:</b> Username: Gültige Zeichen: [0-9,A-Z,a-z, ], Minimum 1, Maximum 16 Zeichen<br />"; } elseif ($_POST['user']) { $select = "SELECT * FROM `user` WHERE `name` = '" . $_POST['user'] . "';"; $result = mysql_query($select); if (@mysql_num_rows($result) != 0) { $error .= '<b>FEHLER:</b> Es gibt bereits einen Spieler mit dem Namen ' . $_POST['user'] . '.<br />'; }
if (!isset($touserid)) { redirect("/"); } if ($touserid == $userinfo["user_id"]) { redirect("/"); } $selmes = dbquery("SELECT * FROM bg_messages WHERE (mes_userid='" . $userinfo["user_id"] . "' AND mes_touserid='" . $touserid . "') OR (mes_userid='" . $touserid . "' AND mes_touserid='" . $userinfo["user_id"] . "') ORDER BY mes_id ASC"); $pocet = dbrows($selmes); if ($pocet >= 1) { while ($data = dbarray($selmes)) { if ($data["mes_userid"] == $userinfo["user_id"]) { $changepull = "pull-left"; } else { $changepull = "pull-left"; } echo ' <div class="media komentar"> <a class="' . $changepull . '"> <img class="media-object img-circle" src="' . (useravatar($data["mes_userid"]) != "/file/avatars/avatar.png" ? useravatar($data["mes_userid"]) : useravatar($data["mes_userid"])) . '" alt="avatar"> </a> <div class="media-body"> <h4 class="media-heading"><a class="profillink" data-target="65">' . username($data["mes_userid"]) . '</a> <span class="time pull-right">' . timeago($data["mes_time"]) . '</span></h4> ' . bbcode(badwords(smiley($data["mes_text"]))) . ' </div> </div> '; } } else { echo "<div style='padding:15px'>Žiadne správy s užívateľom <b>" . username($touserid, 0) . "</b></div>"; } dbquery("UPDATE bg_messages SET mes_read='1' WHERE mes_touserid='" . $userinfo["user_id"] . "' AND mes_userid='" . $touserid . "'");
} elseif (ereg("checkbox", adfield($db[catid], "{$fieldi}")) && $db[$fieldi] == "") { echo "<td><img src=\"{$image_dir}/icons/signno.gif\" border=\"0\" alt=\"{$ad_no}\"\n onmouseover=\"window.status='{$ad_no}'; return true;\"\n onmouseout=\"window.status=''; return true;\"></td>\n"; } elseif (ereg("--url--", adfield($db[catid], "{$fieldi}"))) { if ($db[$fieldi] && $db[$fieldi] != "http://") { if (substr($db[$fieldi], 0, 7) != "http://") { $db[$fieldi] = "http://" . $db[$fieldi]; } echo "<td><div class=smallleft><a href=\"{$db[$fieldi]}\" target=\"_blank\">{$db[$fieldi]}</a></div></td>"; } } else { echo "<td><div class=smallleft>" . badwords($db[$fieldi], $_SESSION[susermod]) . " " . adfieldunit($db[catid], "{$fieldi}") . "</div></td>"; } echo "</tr>"; } } echo "<tr valign=\"top\">\n <td><div class=smallleft>{$ad_text}</div></td>\n <td><div class=smallleft>:</div></td>\n <td><div class=smallleft>" . badwords($db[text], $_SESSION[susermod]) . "</div></td>\n </tr>\n"; echo "</table>"; echo "<hr>\n"; if ($choice == "my") { echo " <div class=\"smallright\">{$ad_nr}{$db['id']}</div>"; echo " <a href=\"classified_my_del.php?adid={$db['id']}\" onClick='enterWindow=window.open(\"classified_my_del.php?" . sidstr() . "adid={$db['id']}\",\"Delete\",\"width=400,height=200,top=100,left=100\"); return false'\n onmouseover=\"window.status='{$admy_delete}'; return true;\"\n onmouseout=\"window.status=''; return true;\">\n <img src=\"{$image_dir}/icons/trash.gif\" border=\"0\" alt=\"{$admy_delete}\" align=\"right\" vspace=\"6\"></a>\n"; echo " <a href=\"classified.php?editadid={$db['id']}\" onmouseover=\"window.status='{$admy_edit}'; return true;\"\n onmouseout=\"window.status=''; return true;\">\n <img src=\"{$image_dir}/icons/reply.gif\" border=\"0\" alt=\"{$admy_edit}\" align=\"right\" vspace=\"6\"></a>\n"; if (!$adeditapproval && $admovecat) { echo " <a href=\"classified_my_move.php?adid={$db['id']}&catid={$db['catid']}\" onClick='enterWindow=window.open(\"classified_my_move.php?" . sidstr() . "adid={$db['id']}&catid={$db['catid']}\",\"Move\",\"width=400,height=200,top=100,left=100\"); return false'\n onmouseover=\"window.status='{$admy_move}'; return true;\"\n onmouseout=\"window.status=''; return true;\">\n <img src=\"{$image_dir}/icons/right2.gif\" border=\"0\" alt=\"{$admy_move}\" align=\"right\" vspace=\"9\" hspace=\"6\"></a>\n"; } } elseif ($choice == "fav") { if ($sales_option && !sales_checkaccess(3, $_SESSION[suserid], $db[catid])) { // check access for user and cat ico_email("", "left"); } else { ico_email("adid={$db['id']}", "left");
} if ($set['user']['pm_allowcode']) { $text = dbcodes($text); } $text = strip_tags($text); $inboxlink = HTTP_HOST . mklink('user.php?action=pms', 'user,pms.html'); $input = array('USERNAME' => $user->info['username'], 'WEBSITE' => $set['main']['websitename'], 'INBOX' => $inboxlink, 'SUBJECT' => $_POST['subject'], 'TEXT' => $text); sendmail($email, 'NEWPM', $input); } message($apx->lang->get('MSG_OK'), mklink('user.php?action=pms&dir=out', 'user,pms,out.html')); } } else { if ($_POST['preview']) { $text = $_POST['text']; if ($set['user']['pm_badwords']) { $text = badwords($text); } $text = replace($text, 1); if ($set['user']['pm_allowsmilies']) { $text = dbsmilies($text); } if ($set['user']['pm_allowcode']) { $text = dbcodes($text); } $apx->tmpl->assign('PREVIEW', $text); $apx->tmpl->assign('USERNAME', compatible_hsc($_POST['touser'])); $apx->tmpl->assign('SUBJECT', compatible_hsc($_POST['subject'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('ADDSIG', intval($_POST['addsig'])); } else { $text = '';
$doublepostuserid = 0; } else { echo ' <div class="row forumpost" id="p' . $dataf3["post_id"] . '"> <div class="col-md-1 visible-md visible-lg"> ' . (useravatar($dataf3["post_userid"]) != "avatar.png" ? '<img src="' . useravatar($dataf3["post_userid"]) . '" alt="avatar" class="img-responsive img-circle" style="max-width:60px;"/>' : '<img src="' . useravatar($dataf3["post_userid"]) . '" alt="avatar" class="img-responsive img-circle" style="max-width:60px;" />') . ' </div> <div class="col-md-11"> <div class="forumpostbody"> <div class="forumposthead ' . ($resultf5["post_id"] == $dataf3["post_id"] ? "" : "OSTATNEPOSTY") . '"> <a href="#p' . $dataf3["post_id"] . '" class="idf">#' . $i . '</a> <strong>' . username($dataf3["post_userid"], 1) . '</strong> — ' . ($permuser >= 2 ? $adminprava[$permuser] : userrank($dataf3["post_userid"], 1)) . '<span class="pull-right time">' . timeago($dataf3["post_time"]) . '</span> </div> ' . userdetect(smiley(bbcode(badwords(nl2br($dataf3["post_text"])), 1))) . ' <div class="forumpostfooter"> ' . ($dataf3["post_edittime"] ? 'Upravil/a ' . username($dataf3["post_edituser"], 1) . ' dňa ' . date("j. n. Y H:i:s", $dataf3["post_edittime"]) . '' : '') . '' . (SADMIN ? " IP: " . $dataf3["post_ip"] : "") . ' </div> '; if ($dataf2["forumt_locked"] == 0) { echo '<span class="postbuttons">'; if (MEMBER && $userinfo["user_id"] == $dataf3["post_userid"] || userperm("5")) { echo '[<a href="?upravit=' . $dataf3["post_id"] . '#upravit">Upraviť</a>] ' . ($resultf5["post_id"] == $dataf3["post_id"] ? '' : '[<a href="?zmazatf=' . $dataf3["post_id"] . '" onclick="return confirm(\'Príspevok už nebude možné vrátiť späť. Prajete ho vymazať?\');">Vymazať</a>]'); } echo '</span>'; } echo ' </div>