if ($config["usebwordprot"] >= BWORD_POST) {
$post["posttext"] = check_banned($post["posttext"]);
}
if (isset($config['auto_close']) && $config['auto_close'] > 0) {
thwb_query("UPDATE " . $pref . "thread SET threadclosed = '1' WHERE threadtime < '" . (time() - ($config['auto_close'] + 1) * 86400) . "'");
}
if (isset($config['auto_delete']) && $config['auto_delete'] > 0) {
thwb_query("DELETE FROM " . $pref . "thread WHERE threadtime < " . (time() - $config['auto_delete'] * 86400) . "");
}
// neue nachricht posten
thwb_query("INSERT INTO " . $pref . "post (posttime, posttext, userid, threadid, postemailnotify, postsmilies, postcode, postip, postguestname)\n VALUES('{$ctime}',\n '" . addslashes(preparse_code($post['posttext'])) . "',\n '{$g_user['userid']}',\n '{$thread['threadid']}',\n '" . ($post['postemailnotify'] ? 1 : 0) . "',\n '" . ($post['postsmilies'] ? 1 : 0) . "',\n '" . ($post['postcode'] ? 1 : 0) . "',\n '" . addslashes($REMOTE_ADDR) . "',\n '" . $post['postguestname'] . "')");
// Replys um 1 erhöhen in der board datenbank
thwb_query("UPDATE " . $pref . "board SET\n boardlastpost='{$ctime}',\n boardposts=boardposts+1,\n boardlastpostby='" . addslashes($g_user['username']) . "',\n boardthreadtopic='" . addslashes($thread['threadtopic']) . "',\n boardthreadid={$thread['threadid']} WHERE boardid='{$board['boardid']}'");
if ($g_user['userid']) {
// Den postings wert des postenden users erhöhen
thwb_query("UPDATE " . $pref . "user SET userlastpost={$ctime}, userposts=userposts+1 WHERE userid='{$g_user['userid']}'");
}
// Replys um 1 erhöhen in der topic datenbank + time aktualisieren
thwb_query("UPDATE " . $pref . "thread SET threadtime='{$ctime}', threadreplies=threadreplies+1,\n threadlastreplyby='" . addslashes($g_user['username']) . "' WHERE threadid='{$thread['threadid']}'");
// email zeug
if ($config['use_email']) {
$TRegmail = new Template("./templates/mail/newreply.mail");
$r_email = thwb_query("SELECT DISTINCT\n user.useremail as useremail, thread.threadtopic as threadtopic\n FROM\n " . $pref . "post as post, " . $pref . "user as user, " . $pref . "thread as thread\n WHERE\n thread.threadid={$thread['threadid']} AND\n post.threadid={$thread['threadid']} AND\n post.userid=user.userid AND\n post.postemailnotify=1 AND\n user.userid<>{$g_user['userid']}");
while ($email = mysql_fetch_array($r_email)) {
$text = '';
eval($TRegmail->GetTemplate("text"));
@mail($email['useremail'], $config['board_name'] . " - Neue Antwort", $text, "From: {$config['board_admin']}");
}
}
header("Location: " . build_link("showtopic.php?threadid={$thread['threadid']}&time={$time}&pagenum=lastpage#bottom", true));
$i = 1;
}
$imax = $page + PADDING;
if ($imax > $pages) {
$imax = $pages;
}
for ($i; $i <= $imax; $i++) {
if ($i == $page) {
$pagesstring .= ">" . $i . "< ";
} else {
$pagesstring .= "[<a class=\"hefo\" href=\"" . build_link("memberlist.php?orderby={$orderby}&ordertype={$ordertype}&search=" . urlencode($search) . "&char={$char}&page={$i}") . "\">" . $i . "</a>] ";
}
}
// letzte seite
if ($page + PADDING < $pages) {
$pagesstring .= '... [<a class="hefo" href="' . build_link('memberlist.php?orderby=' . $orderby . '&char=' . $char . '&ordertype=' . $ordertype . '&search=' . urlencode($search) . '&page=' . $pages) . '">Letzte Seite</a>]';
}
$MEMBER_ROWS = '';
$r_user = thwb_query("SELECT userid, username, useremail, usericq, userhomepage, userjoin, userposts, userlocation,\n userhideemail, userlastpost FROM " . $pref . "user " . $where . " ORDER BY {$orderby} {$ordertype} LIMIT " . intval($page - 1) * $config['userperpage'] . ", " . $config['userperpage']);
if (!mysql_num_rows($r_user)) {
$MEMBER_ROWS = '<tr bgcolor="' . $style['CellA'] . '">
<td align="center" class="stdfont" colspan="8">Keine User gefunden!</td>
</tr>';
$pages = 1;
$pagesstring = ">1<";
} else {
while ($user = mysql_fetch_array($r_user)) {
$i % 2 == 0 ? $user['bgcolor'] = $style['CellA'] : ($user['bgcolor'] = $style['CellB']);
$user['userjoin'] = form_date($user['userjoin']);
$user['userlastpost'] = form_date($user['userlastpost']);
$user['userlocation'] = chopstring(parse_code($user['userlocation']), 50);
// ===================================================
// Hier kann die maximale Anzahl der Avatar-Bilder pro
// Zeile eingestellt werden, einfach die vorgegebene
// Nummer durch die gewünschte Zahl ersetzen:
$maxpics = 5;
// ===================================================
define('THWB_NOSESSION_PAGE', true);
include "./inc/header.inc.php";
$navpath .= 'Alle Avatare auflisten';
$Tframe = new Template("templates/" . $style['styletemplate'] . "/frame.html");
$Tavatar = new Template("templates/" . $style['styletemplate'] . "/listavatar.html");
if (isset($sortbyname) && $sortbyname) {
$avatar_sort = "{$style['stdfont']}<a href=\"" . build_link("listavatar.php") . "\">Nach Avatar-Nummer sortieren</a>{$style['stdfontend']}";
$orderby = "avatarname";
} else {
$avatar_sort = "{$style['stdfont']}<a href=\"" . build_link("listavatar.php?sortbyname=1") . "\">Nach Namen sortieren</a>{$style['stdfontend']}";
$orderby = "avatarid";
}
$start = $e = 0;
$r_avatar = thwb_query("SELECT avatarid, avatarname, avatarurl FROM " . $pref . "avatar ORDER BY {$orderby}");
$avatar_rows = '';
while ($avatar_data = mysql_fetch_array($r_avatar)) {
$start++;
$avatar_rows .= "<td" . ($e % 2 == 0 ? ' bgcolor="' . $style['CellA'] . '"' : ' bgcolor="' . $style['CellB'] . '"') . "><img src=\"{$avatar_data['avatarurl']}\" border=\"0\"><br><b>" . $style['smallfont'] . "{$avatar_data['avatarid']}. {$avatar_data['avatarname']}</font></b></td>\n";
if ($start == $maxpics) {
$avatar_rows .= "</tr><tr>";
$start = 0;
$e++;
}
}
eval($Tavatar->GetTemplate("CONTENT"));
<?php
/*
ThWboard - PHP/MySQL Bulletin Board System
==============================================
(c) 2000-2004-2002 by
download the latest version:
http://www.thwboard.de
This program is free software; you can
redistribute it and/or modify it under the
terms of the GNU General Public License as
published by the Free Software Foundation;
either version 2 of the License, or (at
your option) any later version.
==============================================
*/
define('THWB_NOSESSION_PAGE', true);
require './inc/header.inc.php';
$a_pages = array('index' => 'Häufig gestellte Fragen', 'format' => 'Formatierung und Smilies', 'page1' => 'Benutzerfunktionen', 'page2' => 'Generelle Boardbenutzung', 'page3' => 'Lesen und Schreiben von Nachrichten');
if (!isset($page) || !file_exists('./templates/' . $style['styletemplate'] . '/faq_' . $page . '.html') || !isset($a_pages[$page])) {
$page = "index";
}
$Tframe = new Template('./templates/' . $style['styletemplate'] . '/frame.html');
$Tfaq = new Template('templates/' . $style['styletemplate'] . '/faq_' . $page . '.html');
$navpath .= '<a class="bglink" href="' . build_link("help.php") . '">FAQ</a> » ' . $a_pages[$page];
eval($Tfaq->GetTemplate("CONTENT"));
eval($Tframe->GetTemplate());
logLine(" CallerID Changed to: {$tmpCallerID}\n");
$query = "UPDATE asterisk_log SET CallerID='" . $tmpCallerID . "', callstate='Dial' WHERE asterisk_id='" . $id . "'";
db_checked_query($query);
}
//
// CLICK TO DIAL OUTBOUND HANDLING - WE ALREADY KNOW THE ASSOCIATED RECORD SO NO NEED TO LOOK IT UP
//
if ($e['Event'] == 'NewAccountCode' && strpos($e['AccountCode'], "LICKTODIAL") != false) {
$id = AMI_getUniqueIdFromEvent($e);
if (findLoggedCallByAsteriskId($id) === FALSE) {
logLine("The AccountCode is" . $e['AccountCode']);
logLine(" Account Code ID is: {$id}\n");
$time = time();
$callerID = stripExtensionFromAccountCode($e['Channel']);
$result = findCallDetailsByClickToDialString($e['AccountCode']);
$beanLink = build_link($result['module'], $result['record']);
$query = "INSERT INTO asterisk_log (asterisk_id, callstate, direction, callerID, channel, timestamp_call, bean_module, bean_id, bean_name, bean_link, user_extension) " . "VALUES('{$id}', 'Connected', 'O', '{$result['number']}', '{$e['Channel']}', FROM_UNIXTIME('{$time}'), '{$result['dbtable']}', '{$result['record']}', '{$result['query']['name']}', '{$beanLink}', '{$callerID}')";
logLine($query);
//. "bean_link='" . $result['query'][''] . "' "
//. "bean_description='" . $result['parent_module'] . "' "
//. "bean_description='" . $result['parent_id'] . "' "
//. "bean_description='" . $result['parent_name'] . "' "
//. "bean_description='" . $result['parent_link'] . "'";
db_checked_query($query);
}
}
// Had to switch to using Dial End commands because when using hangups I couldn't do calls to cell phones properly... (basically there are so many
// hangup events it killed me...
// Queues have the opposite issue... I can't detect the end of a Queue call unfortuntely...
// Queues -- Could not use Dial End, only Hangup would work.
//
* =======================================
*/
$ets_outter->main_title = $config->get('site_name') . ": " . $l['title-art-list'];
$ets_outter->page_title = $l['title-art-list'];
$USESKIN = skin_article_list;
$all = $db->getAllArray("# GETTING ALL ARTICLES\r\n\t\tSELECT a.article_id, a.subject, a.date, u.user_id, u.username\r\n\t\tFROM " . db_articles . " AS a, " . db_users . " AS u\r\n\t\tWHERE a.author_id = u.user_id\r\n\t\tORDER BY a.date DESC;");
$i = 0;
$ets->articles = array();
foreach ($all as $a) {
stripslashes_array($a);
$ets->articles[$i]->subject = $a['subject'];
$ets->articles[$i]->date = date($config->get('art_date_list'), $a['date']);
$ets->articles[$i]->author = $a['username'];
$ets->articles[$i]->url_article = build_link('index.php', array('action' => 'article', 'id' => $a['article_id']));
$ets->articles[$i]->author_url_profile = build_link('profile.php', array('user' => $a['user_id']));
$ets->articles[$i]->author_url_blogs = build_link('blog.php', array('user' => $a['user_id']));
$i++;
}
break;
case 'validate':
/**
* =======================================
* V A L I D A T E U S E R
* =======================================
*/
// validate a users email address.
$ets->page_body = "";
$USESKIN = skin_basic;
if ($user->isLogedIn || !isset($_PATH['code'])) {
$ets->page_body .= $l['validate_failed'];
} else {
<?php
/**
* =======================================
* V I E W
* =======================================
*/
if (!defined('IN_NLB3')) {
echo 'NLB3 Denies Direct Access';
exit;
}
$USESKIN = skin_basic;
$ets_outter->main_title = $config->get('site_name') . ": " . $l['title-usercp'];
$ets_outter->page_title = $l['title-view'];
$name = $user->get('username');
// get number of private blogs
$private = $db->getArray('SELECT COUNT(blog_id) AS c
FROM ' . db_blogs . '
WHERE access=' . access_private . '
AND author_id="' . $user->get('user_id') . '";');
$private = $private['c'];
$body = $l['ucp-view-blogs'];
$body = str_replace("%PUBLIC%", $user->get('blog_count'), $body);
$body = str_replace("%PRIVATE%", $private, $body);
$body = str_replace("%USER%", $user->get('username'), $body);
$body = str_replace("%LINK%", build_link('blog.php', array('user' => $user->id)), $body);
$ets->page_body = $body;
/**
* @return array
* @param int $id
* @param string
* @param string
* @param object nlb_user
* @param string
* @desc Grabs and formats all the comments to blog $id and sets them up for ETS
* @date 02-10-04
*/
function getComments($id, $date_format, $lang_anon, &$user, $lang_edit)
{
// get ones posted by real users
$real = $this->sql->getAllArray('# Grab real comments
SELECT c.comment_id, c.author_id, c.date, c.body, u.username
FROM ' . db_comments . ' AS c, ' . db_users . ' AS u
WHERE c.parent_id = ' . $id . ' AND c.author_id = u.user_id
ORDER BY c.date ASC;');
// get guest posts
$guest = $this->sql->getAllArray('# Grab guest comments
SELECT comment_id, author_id, date, body
FROM ' . db_comments . '
WHERE author_id = -1 AND parent_id = ' . $id . '
ORDER BY date ASC;');
/*
Because I'm using two querys to grab the comments, I have the problem of sorting
the results. I'm throwing all the results together in $grab. Then I go throuh them
and build a new array, with the date of the post as the key. Now I can use ksort()
to sort by key (asc) and the comments will be in the propper order. The key doesn't
matter in the templates, as ETS will just loop through them in order. Probally
costs more memory this way, but the job gets done.
We won't have to bulid $grab if there are only one type of comments, so im trying
to detect if ksort is needed or not below.
*/
if (empty($real) && empty($guest)) {
$all = array();
// no comments
} elseif (empty($real)) {
$all = $guest;
// only guest comments
} elseif (empty($guest)) {
$all = $real;
// only real comments
} else {
// a mix of real and guest comments.
$grab = array_merge($real, $guest);
foreach ($grab as $val) {
$all[$val['date']] = $val;
}
ksort($all);
}
// loop through real, get id nubers to check for avatars
$av_ins = false;
$avatars = array();
if (count($real) != 0) {
$av_ins = '(';
foreach ($real as $r) {
$av_ins .= $r['author_id'] . ', ';
}
$av_ins = substr($av_ins, 0, -2);
$av_ins .= ')';
$r = $this->sql->query('SELECT owner_id, isCustom, file, type
FROM ' . db_avatars . '
WHERE owner_id IN' . $av_ins . ' AND type != 2;');
while ($row = mysql_fetch_assoc($r)) {
if (isset($avatars[$row['owner_id']]) && $avatars[$row['owner_id']]['type'] != 3) {
$avatars[$row['owner_id']] = $row;
}
if (!isset($avatars[$row['owner_id']])) {
$avatars[$row['owner_id']] = $row;
}
}
}
$c = array();
$i = 0;
foreach ($all as $comment) {
$c[$i]->date = date($date_format, $comment['date']);
//$body = stripslashes( $comment['body'] );
$body = $comment['body'];
$body = htmlspecialchars($body);
$body = nl2br($body);
$body = $this->addSmiles($body);
$body = insertBBCode($body);
$c[$i]->body = $body;
if ($comment['author_id'] == -1) {
// a guest post!
$c[$i]->author = $lang_anon;
$c[$i]->guest = true;
} else {
// comment by normal user!
$c[$i]->author = $comment['username'];
$c[$i]->author_url_blog = build_link('blog.php', array('user' => $comment['author_id']));
$c[$i]->author_url_profile = build_link('profile.php', array('user' => $comment['author_id']));
// avatar check
if (isset($avatars[$comment['author_id']])) {
if ($avatars[$comment['author_id']]['isCustom'] == 1) {
$c[$i]->avatar_url = script_path . 'avatars/' . $avatars[$comment['author_id']]['file'];
} else {
$c[$i]->avatar_url = script_path . 'avatars/default/' . $avatars[$comment['author_id']]['file'];
}
$c[$i]->avatar = '<img src="' . $c[$i]->avatar_url . '" />';
}
}
// admin-only link to edit comment?
if ($user->isAllowed('admin')) {
$admin_url = script_path . 'admincp.php?action=edit_comment&id=' . $comment['comment_id'];
$c[$i]->body .= ' [<a href="' . $admin_url . '">' . $lang_edit . '</a>]';
}
$i++;
}
return $c;
}
$a_stats['admin_board_text'] = $a_stats['admin_kategorien_text'] = $a_stats['admin_themen_text'] = $a_stats['admin_views_text'] = $a_stats['admin_beitrag_text'] = '';
}
// create $a_stats['admins']
$r_stats = thwb_query("SELECT userid, username FROM " . $pref . "user WHERE userisadmin = 1 AND usernodelete = 0 ORDER BY username ASC");
$a_stats['admins'] = '';
while ($datarow = mysql_fetch_array($r_stats)) {
$a_stats['admins'] .= '<a href="v_profile.php?userid=' . $datarow['userid'] . '" target="_blank">' . $datarow['username'] . '</a>, ';
}
$a_stats['admins'] = substr($a_stats['admins'], 0, -2);
mysql_free_result($r_stats);
unset($datarow);
// create $a_stats['uradmins']
$r_stats = thwb_query("SELECT userid, username FROM " . $pref . "user WHERE userisadmin = 1 AND usernodelete = 1 ORDER BY username ASC");
$a_stats['uradmins'] = '';
while ($datarow = mysql_fetch_array($r_stats)) {
$a_stats['uradmins'] .= '<a href="' . build_link('v_profile.php?userid=' . $datarow['userid']) . '" target="_blank">' . $datarow['username'] . '</a>, ';
}
$a_stats['uradmins'] = substr($a_stats['uradmins'], 0, -2);
mysql_free_result($r_stats);
unset($datarow);
// create $a_stats['newmember']
$r_stats = thwb_query("SELECT userid, username FROM " . $pref . "user ORDER BY userjoin DESC LIMIT 5");
$a_stats['newmember'] = '';
while ($datarow = mysql_fetch_array($r_stats)) {
$a_stats['newmember'] .= '<a href="' . build_link('v_profile.php?userid=' . $datarow['userid']) . '" target="_blank">' . $datarow['username'] . '</a>, ';
}
$a_stats['newmember'] = substr($a_stats['newmember'], 0, -2);
mysql_free_result($r_stats);
unset($datarow);
eval($t_stats->GetTemplate('stats'));
}
permissions
################################################################################
*/
global $P;
if (isset($board['boardid'])) {
$P = new Permission($g_user['groupids'], $board['boardid']);
requires_permission(P_VIEW);
} else {
$P = new Permission($g_user['groupids']);
}
/*
################################################################################
create navigation path ( forum / board / thread .. )
################################################################################
*/
$navigation[] = "<a class=\"bglink\" href=\"" . build_link("index.php") . "\">{$config['board_name']}</a>";
$navigation = thwb_array_reverse($navigation);
while (list($key, $val) = each($navigation)) {
$navpath .= "{$val} » ";
}
/*
################################################################################
static stuff
################################################################################
*/
$topicicon = array('fullalpha', 'smile', 'wink', 'angry', 'frown', 'biggrin', 'gumble', 'question', 'strange', 'rolleyes', 'oah', 'prefect');
/*
#################################################################################
additional template stuff
#################################################################################
*/
$ets->blog[$i]->avatar = '<img src="' . $av_file . '" />';
}
$i++;
}
// setup tags for next/prev pages.
if ($page > 0) {
$ets->url_page_prev = build_link('friends.php', array('page' => $page - 1, 'user' => $USERID));
}
if ($total > $page_start + $perpage) {
$ets->url_page_next = build_link('friends.php', array('page' => $page + 1, 'user' => $USERID));
}
}
$ets->username = $u->get('username');
$ets->USER_TEMPLATE = serialize(array('type' => 'friends', 'user_id' => $USERID));
$OUTTER = serialize(array('type' => 'outter'));
} else {
if ($user->isLogedIn) {
jsRedirect(script_path . 'friends.php/user/' . $this->id);
} else {
jsRedirect(script_path . 'index.php');
}
}
// debug( $ets ); exit;
// setup some standard tags
$uid_array = array('user' => $USERID);
$ets->url_home = build_link('blog.php', $uid_array);
$ets->url_profile = build_link('profile.php', $uid_array);
$ets->url_friends = build_link('friends.php', $uid_array);
$ets->rss_url = build_link('rss.php', array('id' => $USERID));
$ets->rss_img = '<a href="' . $ets->rss_url . '"><img src="' . script_path . 'xml.gif" border="0" /></a>';
printt($ets, $OUTTER);
/**
* @return ARRAY
* @param ARRAY
* @param OBJECT nlb_user
* @desc Builds main navigation links. nlb_user object must be initialize and working.
* @date 01-08-03
*/
function buildMainNav($l, &$user)
{
$i = 0;
$menu[$i]->text = $l['nav-home'];
$menu[$i]->link = script_path . 'index.php';
$i++;
$menu[$i]->text = $l['nav-members'];
$menu[$i]->link = script_path . 'members.php';
$i++;
$menu[$i]->text = $l['nav-articles'];
$menu[$i]->link = build_link('index.php', array('action' => 'list_articles'));
$i++;
$menu[$i]->text = $l['nav-stats'];
$menu[$i]->link = script_path . 'stats.php';
$i++;
$menu[$i]->text = $l['nav-search'];
$menu[$i]->link = script_path . 'search.php';
$i++;
if ($user->isLogedIn) {
// these show up when user is loged in
$menu[$i]->text = $l['nav-logout'];
$menu[$i]->link = script_path . 'login.php?action=logout';
$i++;
$menu[$i]->text = $l['nav-user'];
$menu[$i]->link = script_path . 'usercp.php';
} else {
// these when is not loged in
$menu[$i]->text = $l['nav-login'];
$menu[$i]->link = script_path . 'login.php';
$i++;
$menu[$i]->text = $l['nav-register'];
$menu[$i]->link = script_path . 'register.php';
}
if ($user->isLogedIn && $user->isAllowed('admin')) {
// when user is an admin
$i++;
$menu[$i]->text = $l['nav-admin'];
$menu[$i]->link = script_path . 'admincp.php';
}
return $menu;
}
}
// setup next/prev links
$total = $db->getArray("SELECT count(*) as c FROM " . db_users . ";");
$total = $total['c'];
if ($page > 0) {
$ets->url_page_prev = build_link('members.php', array('page' => $page - 1, 'sort' => $sort, 'way' => $way));
}
if ($total > $perpage * ($page + 1)) {
$ets->url_page_next = build_link('members.php', array('page' => $page + 1, 'sort' => $sort, 'way' => $way));
}
// build sort links
$i = 0;
foreach ($allowed_sort as $item) {
$ets->sort[$i]->item = $l['mem-sort-' . $item];
$ets->sort[$i]->asc = $l['mem-asc'];
$ets->sort[$i]->desc = $l['mem-desc'];
$ets->sort[$i]->url_asc = build_link('members.php', array('sort' => $item, 'way' => 'asc'));
$ets->sort[$i]->url_desc = build_link('members.php', array('sort' => $item, 'way' => 'desc'));
$i++;
}
$ets_outter->recent_blogs = $b->getRecent($config);
$ets_outter->main_title = $config->get('site_name') . ": " . $l['title-memlist'];
$ets_outter->page_title = $l['title-memlist'];
$ets_outter->sitenav = buildMainNav($l, $user);
$ets_outter->query_count = $db->getquerycount();
$ets_outter->script_path = script_path;
$ets_outter->gen_time = mymicrotime($timer_start, 5);
$ets_outter->welcome[] = $user->getWelcomeTags();
printt($ets_outter, skin_header);
printt($ets, skin_members);
printt($ets_outter, skin_footer);
/**
* @return bool
* @param object nlb_config $config
* @desc Force a user to validate his email address. Returns true if sent, false otherwise
* @date 02-08-04
*/
function validateEmail(&$config)
{
global $l;
$mail = new nlb_mail($this->sql);
if ($mail->Active) {
// make code.
$code = md5(uniqid(rand(), true));
$link = build_link('index.php', array('action' => 'validate', 'code' => $code));
$link = full_url . $link;
$body = $l['validation_email'];
$body = str_replace("%LINK%", $link, $body);
$body = str_replace("%SITE%", $config->get('site_name'), $body);
$body = str_replace("%USER%", $this->get('username'), $body);
$mail->AddAddress($this->get('email'), $this->get('username'));
$mail->Subject = $l['validation_subject'];
$mail->Body = $body;
if (!$mail->Send()) {
// mail was not sent, must set user to valid.
$this->set('valid', 1);
$this->updateDB();
return false;
}
// add record in validation table.
$this->sql->query(' # Add validation row
INSERT INTO `nlb3_validate` ( `validate_id` , `owner_id` , `code` , `date` )
VALUES (
"", "' . $this->id . '", "' . $code . '", "' . time() . '"
);');
$this->set('valid', 0);
$this->updateDB();
return true;
}
// Server is not sending email's, assume user gave a good email.
$this->set('valid', 1);
$this->updateDB();
return false;
}
}
} else {
$replytext = '';
}
if ($config['smilies']) {
$smilies_on_off = "AN";
} else {
$smilies_on_off = "AUS";
}
if ($config['use_email']) {
$notifyavailable = '';
} else {
$notifyavailable = ' (Derzeit nicht verfügbar)';
}
if ($g_user['userid']) {
$replyusername = "******"" . build_link('logout.php?uid=' . $g_user['userid']) . "\">Logout</a> ]{$style['smallfontend']}";
} else {
if ($g_user['userid'] == 0 && $P->has_permission(P_REPLY)) {
$replyusername = '******' . $style['smallfont'] . ' (Minimal ' . $config['min_usernamelength'] . ', maximal ' . $config['max_usernamelength'] . ' Zeichen, keine Sonderzeichen) <b>Das Forum speichert ihre IP-Addresse!</b>' . $style['smallfontend'];
} else {
$replyusername = '';
}
}
$Treply = new Template("./templates/" . $style['styletemplate'] . "/replyform.html");
eval($Treply->GetTemplate("REPLYFORM"));
}
thwb_query("UPDATE " . $pref . "thread SET threadviews=threadviews+1 WHERE threadid='{$thread['threadid']}'");
$JUMP_MENU = jumpmenu($board['boardid']);
$navpath .= 'Threadansicht';
$titleprepend = htmlspecialchars($thread['threadtopic']) . ' - ';
eval($Tpostings->GetTemplate("CONTENT"));
}
$calendar = '<tr>';
for ($i = 1; $i <= $boxcount; $i++) {
$userbday = '';
$events = '';
if ($i < $firstday || $i >= $lastday + $firstday) {
eval($Tcalrow_empty->GetTemplate('calendar'));
} else {
$thisday = $i + 1 - $firstday;
if (isset($a_birthdays[$thisday - 1])) {
$userbday = implode($a_birthdays[$thisday - 1], ',<br>');
$userbday .= '<br>';
}
if (isset($a_events[$thisday - 1])) {
foreach ($a_events[$thisday - 1] as $event) {
$events .= "[ <a href=\"#\" onclick=\"window.open('" . build_link("showevent.php?event={$event['eventid']}") . "','show_event','width=400,height=500,scrollbars=yes,menubar=no,toolbar=no,statusbar=no')\">" . parse_code($event['eventsubject']) . "</a> ]<br>";
}
}
if (!strcmp(date("d.m.Y"), sprintf('%02d.%02d.%04d', $thisday, $month, $year))) {
$style['specialfont'] = "<font color=\"{$style['color_err']}\"><i>";
$style['specialfontend'] = "</i></font>";
} else {
$style['specialfont'] = "";
$style['specialfontend'] = "";
}
eval($Tcalrow->GetTemplate('calendar'));
}
if ($i % 7 == 0) {
$calendar .= "</tr>\n<tr>";
}
}
} elseif ($nav == 'settings') {
?>
<li>
<?php
$class = $this->uri->segment(2) == 'settings' ? 'current' : '';
echo build_link(site_url('admin/settings'), lang('lang_settings'), 'settings', $class);
?>
</li>
<?php
if ($this->users_auth->check_role('can_manage_themes')) {
?>
<li>
<?php
$class = $this->uri->segment(2) == 'themes' ? 'current' : '';
echo build_link(site_url('admin/themes'), lang('lang_theme_settings'), 'themes', $class);
?>
</li>
<?php
}
?>
<?php
$this->events->trigger('admin_tpl/settings');
?>
<?php
}
?>
</ul>
guests: anzahl der gaeste/invisibles
useronline: html code das in das template kommt
*/
$onlinecount = 0;
$guests = 0;
$a_doubleuser = array();
$registered = array();
while ($online = mysql_fetch_array($r_online)) {
if ($online['username']) {
if (!in_array($online['userid'], $a_doubleuser)) {
$a_doubleuser[] = $online['userid'];
$onlinecount++;
if ($online['userinvisible'] && !$P->has_permission(P_CANSEEINVIS)) {
$guests++;
} else {
$registered[] = '<a href="' . build_link('v_profile.php?user[userid]=' . $online['userid']) . '">' . parse_code($online['username']) . '</a>' . ($online['userinvisible'] ? ' (Unsichtbar)' : '');
}
}
} else {
$onlinecount++;
$guests++;
}
}
$maxusers = explode('|', $config['max_useronline']);
if ($onlinecount > $maxusers[0]) {
thwb_query("UPDATE {$pref}" . "registry SET keyvalue='" . $onlinecount . '|' . time() . "' WHERE keyname='max_useronline'");
$maxusers[0] = $onlinecount;
$maxusers[1] = time();
}
$useronline = 'Online Rekord: <b>' . $maxusers[0] . '</b> Benutzer, und zwar am ' . form_date($maxusers[1], 0) . '.<br>';
if ($onlinecount == 1) {
terms of the GNU General Public License as
published by the Free Software Foundation;
either version 2 of the License, or (at
your option) any later version.
==============================================
*/
define('THWB_NOSESSION_PAGE', true);
function format_db_date($string_date)
{
if ($string_date == '') {
$output = "<B>Error :</B> Bad Time String !";
} else {
$output = substr($string_date, 8, 2) . "." . substr($string_date, 5, 2) . "." . substr($string_date, 0, 4);
}
return $output;
}
include "./inc/header.inc.php";
$Tshowevent = new Template("templates/" . $style['styletemplate'] . "/showevent.html");
if (!isset($event['eventtime']) || !isset($event['eventsubject']) || !isset($event['eventtext'])) {
die("denied.");
}
// Searching Event
$r_calendar = mysql_query("SELECT calendar.*, user.username FROM " . $pref . "calendar AS calendar LEFT JOIN " . $pref . "user AS user ON calendar.userid=user.userid WHERE eventid = '" . addslashes($event) . "'");
$calendar = mysql_fetch_array($r_calendar);
if ($calendar['userid'] > 0) {
$calendar['user'] = "******"" . build_link("v_profile.php?user[userid]={$calendar['userid']}") . "\" target=\"_blank\">" . parse_code($calendar['username']) . "</a>{$style['smallfontend']}";
}
$calendar['eventtime'] = format_db_date($calendar['eventtime']);
$calendar['eventsubject'] = parse_code($calendar['eventsubject']);
$calendar['eventtext'] = parse_code($calendar['eventtext'], 1, 1, 1);
eval($Tshowevent->GetTemplate());
FROM ' . db_blogs . '
WHERE author_id=' . $user->id . ' AND access != ' . access_news . '
ORDER BY date DESC
LIMIT ' . $limit . ';');
foreach ($list as $item) {
if (empty($item['subject'])) {
$row->subject = '<i>No Subject</i>';
} else {
$row->subject = stripslashes($item['subject']);
}
if ($item['access'] == access_private) {
$row->subject .= ' <i>(' . $l['access-private'] . ')</i>';
} elseif ($item['access'] == access_friendsonly) {
$row->subject .= ' (' . $l['access-friends'] . ')';
}
$row->date = date($dateformat, $item['date']);
$row->url_edit = script_path . 'usercp.php?action=edit_blog&id=' . $item['id'];
$row->url_delete = script_path . 'usercp.php?action=delete_blog&id=' . $item['id'];
$row->url_view = build_link('blog.php', array('id' => $item['id']));
$ets->list[] = $row;
}
// setup page tags
if ($page > 0) {
$ets->url_page_prev = script_path . 'usercp.php?action=edit_list&page=' . ($page - 1);
}
// next page?
$c = $db->getArray('SELECT count(blog_id) as c FROM ' . db_blogs . ' WHERE author_id = ' . $user->id . ' AND access != ' . access_news . ';');
if ($c['c'] > $page_start + $perpage) {
// there are more pages...
$ets->url_page_next = script_path . 'usercp.php?action=edit_list&page=' . ($page + 1);
}
/**
* verifies session data
*
* returns `guest' in case of authentication failure;
* otherwise a thwb_cookie style string is returned
**/
function verify_session()
{
global $s, $pref, $config, $g_user, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS;
$have_cookie = !empty($HTTP_COOKIE_VARS['thwb_cookie']);
$have_sid_cookie = !empty($HTTP_COOKIE_VARS['thwb_session']);
$have_session = !empty($s);
$g_user['have_cookie'] = false;
if (!$have_cookie && !$have_session) {
return "guest";
}
if ($have_cookie && defined('THWB_NOSESSION_PAGE')) {
// check for existing session id
if (!$have_sid_cookie) {
$r_session = thwb_query("SELECT sessionid FROM " . $pref . "online WHERE userid = '" . addslashes(substr($HTTP_COOKIE_VARS['thwb_cookie'], 32)) . "' AND onlinetime >= '" . (time() - $config['session_timeout'] . "' ORDER BY onlinetime DESC LIMIT 1"));
if (mysql_num_rows($r_session)) {
// got a session id, use it.
$a_session = mysql_fetch_array($r_session);
$s = $a_session['sessionid'];
} else {
// we don't have a session id
// we must make sure that userid exists for new_session() relies on it.
if (empty($g_user['userid'])) {
$g_user['userid'] = substr($HTTP_COOKIE_VARS['thwb_cookie'], 32);
}
// user is using cookies, therefore we store the session id into a cookie, too.
$g_user['have_cookie'] = true;
$s = new_session();
}
} else {
$s = $HTTP_COOKIE_VARS['thwb_session'];
$g_user['have_cookie'] = true;
}
return $HTTP_COOKIE_VARS['thwb_cookie'];
} else {
if ($have_session || $have_sid_cookie) {
if ($have_sid_cookie) {
$s = $HTTP_COOKIE_VARS['thwb_session'];
}
$r_session = thwb_query("SELECT o.userid, o.onlineip, o.onlinetime, u.userpassword FROM " . $pref . "online AS o LEFT OUTER JOIN " . $pref . "user AS u ON o.userid = u.userid WHERE o.sessionid='" . addslashes($s) . "' ORDER BY o.onlinetime DESC LIMIT 1");
if (!mysql_num_rows($r_session)) {
// mismatching session id
return "guest";
}
$a_session = mysql_fetch_array($r_session);
if ($have_cookie) {
if (substr($HTTP_COOKIE_VARS['thwb_cookie'], 32) != $a_session['userid']) {
// session userid doest not match cookie user id
return "guest";
} else {
if (substr($HTTP_COOKIE_VARS['thwb_cookie'], 0, 32) != $a_session['userpassword']) {
// session password does not match cookie password
return "guest";
}
}
}
if (!$have_sid_cookie) {
// check first 24 bytes of ip (to avoid problems with aol and other proxies)
if (substr(dechex(ip2long($a_session['onlineip'])), 0, 6) != substr(dechex(ip2long($HTTP_SERVER_VARS['REMOTE_ADDR'])), 0, 6)) {
message("IP Mismatch", "Diese Session-ID ist an eine andere IP gebunden.<br>Klicken Sie <a href=\"" . build_link("login.php?source=" . $path) . "\">hier</a> um sich einzuloggen.");
}
// check session timeout
if ($a_session['onlinetime'] < time() - $config['session_timeout']) {
// timed out
thwb_query("DELETE FROM " . $pref . "online WHERE sessionid='" . addslashes($s) . "'");
message("Timeout", "Sie wurden automatisch ausgeloggt, weil Ihre Session-ID abgelaufen ist. <br>Bitte <a href=\"" . build_link("login.php?source=" . $path) . "\">loggen</a> Sie sich neu ein.");
}
}
// everything is ok
$g_user['have_cookie'] = $have_sid_cookie;
return $a_session['userpassword'] . $a_session['userid'];
} else {
// fall through
return "guest";
}
}
}
<description>The 10 most recent public blogs by ' . $USER . '</description>
<pubDate>' . date('r', time()) . '</pubDate>
<generator>NewLife Blogger v' . nlb_version . '</generator>';
// now print blog items
while ($blog = mysql_fetch_assoc($blogs)) {
foreach ($blog as $key => $val) {
$val = stripslashes($val);
$val = htmlspecialchars($val);
$blog[$key] = $val;
$body = $blog['body'];
if ($blog['bb'] == 1) {
$body = insertBBCode($body);
$body = htmlSpecialChars($body);
// we can not have HTML inside of a RSS feed.
}
}
$url = build_link('blog.php', array('id' => $blog['blog_id']));
echo '
<item>
<title>' . $blog['subject'] . '</title>
<link>' . full_url . $url . '</link>
<description>' . $body . '</description>
<comments>' . full_url . $url . '</comments>
<pubDate>' . date('r', $blog['date']) . '</pubDate>
</item>
';
}
// print last part
echo '
</channel>
</rss>';
if ($imax > $topic_pages) {
$imax = $topic_pages;
}
for ($i; $i <= $imax; $i++) {
if ($i == $pagenum) {
$pages_nav .= '<b>-' . $i . '-</b> ';
} else {
$pages_nav .= '[<a class="bglink" href="' . build_link('board.php?boardid=' . $board['boardid'] . '&pagenum=' . $i) . '">' . $i . '</a>] ';
}
}
// > >>
if ($pagenum + PADDING < $topic_pages) {
$pages_nav .= '... [<a class="bglink" href="' . build_link('board.php?boardid=' . $board['boardid'] . '&pagenum=' . $topic_pages) . '">Letzte Seite</a>]';
}
if ($g_user['userid'] != 0) {
$options_newthread = '<a href="' . build_link('newtopic.php?boardid=' . $board['boardid']) . '">Neues Topic</a> |';
}
if ($P->has_permission(P_POSTNEW)) {
$canpostnew = 'Ja';
} else {
$canpostnew = 'Nein';
}
if ($P->has_permission(P_REPLY)) {
$canreply = 'Ja';
} else {
$canreply = 'Nein';
}
$JUMP_MENU = jumpmenu($board['boardid']);
$navpath .= 'Themenübersicht';
$titleprepend = $board['boardname'] . ' - ';
eval($TTopics->GetTemplate("CONTENT"));
for (; $i <= 9; $i++) {
$name[$i] = 'n/a';
$value[$i] = 'n/a';
}
mysql_free_result($r_postthreads);
eval($TRow->GetTemplate("stats_top10_row"));
$stats_top10_row .= "<br>";
/** top 10 threads (by views) **/
$data['title'] = 'Top 10 Threads (nach Views)';
$name = array();
$value = array();
$a_viewthreads = array();
$i = 0;
$r_viewthreads = thwb_query("SELECT t.threadviews, t.threadtopic, t.threadid, t.boardid, b.boardname FROM {$pref}" . "thread AS t LEFT OUTER JOIN {$pref}" . "board AS b ON t.boardid = b.boardid ORDER BY threadviews DESC LIMIT 10");
while ($a_viewthreads = mysql_fetch_array($r_viewthreads)) {
$P->set_boardid($a_viewthreads['boardid']);
if (!$P->has_permission(P_VIEW)) {
continue;
}
$name[$i] = '<a href="' . build_link('showtopic.php?threadid=' . $a_viewthreads['threadid']) . '">' . parse_code($a_viewthreads['threadtopic']) . '</a> (Board: <a href="' . build_link('board.php?boardid=' . $a_viewthreads['boardid']) . '">' . $a_viewthreads['boardname'] . '</a>)';
$value[$i] = $a_viewthreads['threadviews'];
$i++;
}
for (; $i <= 9; $i++) {
$name[$i] = 'n/a';
$value[$i] = 'n/a';
}
mysql_free_result($r_viewthreads);
eval($TRow->GetTemplate("stats_top10_row"));
eval($TStats->GetTemplate("stats"));
}
function build_link($site_name, $site_url)
{
$site = $_GET['site'];
if (ereg("{$site}", $site_url)) {
$cssid = " id='currentsite'";
} else {
$cssid = " class='sitenav'";
}
echo "<li><a{$cssid} href='{$site_url}'>{$site_name}</a></li>";
}
?>
<ul class="sitenav">
<?php
build_link("tech corps ohio", "http://techcorpsohio.org");
?>
<li>|</li>
<?php
build_link("student tech corps", "http://studenttechcorps.org/moodle");
?>
<li>|</li>
<?php
build_link("club tech corps", "http://clubtechcorps.org");
?>
<li>|</li>
<?php
build_link("tech corps volunteer", "http://techcorpsvolunteer.org");
?>
</ul>
$page_start = $page * $perpage;
$limit = $page_start . ', ' . $perpage;
// fetch items from db...
$list = $db->getAllArray('
SELECT blog_id as id, subject, date
FROM ' . db_blogs . '
WHERE author_id=' . $user->id . ' AND access = ' . access_news . '
ORDER BY date DESC
LIMIT ' . $limit . ';');
foreach ($list as $item) {
if (empty($item['subject'])) {
$row->subject = $l['no-subject'];
} else {
$row->subject = stripslashes($item['subject']);
}
$row->date = date($dateformat, $item['date']);
$row->url_edit = script_path . 'admincp.php?action=edit_news&id=' . $item['id'];
$row->url_delete = script_path . 'admincp.php?action=delete_news&id=' . $item['id'];
$row->url_view = build_link('index.php', array('action' => 'comment', 'id' => $item['id']));
$ets->list[] = $row;
}
// setup page tags
if ($page > 0) {
$ets->url_page_prev = script_path . 'admincp.php?action=edit_list&page=' . ($page - 1);
}
// next page?
$c = $db->getArray('SELECT count(blog_id) as c FROM ' . db_blogs . ' WHERE author_id = ' . $user->id . ' AND access = ' . access_news . ';');
if ($c['c'] > $page_start + $perpage) {
// there are more pages...
$ets->url_page_next = script_path . 'admincp.php?action=edit_list&page=' . ($page + 1);
}
function href($type, $relative_href)
{
return "href=\"" . build_link($type, $relative_href) . "\"";
//return "href=\"#\" onclick=\"$('#content').load('".build_link($type, $relative_href)." .wrapper, script', function () { $(document).trigger('onload'); }); \"";
//return "href=\"#\" onclick=\"ajax_load('#content', '".build_link($type, $relative_href)."?ajax=true');\"";
}
}
} elseif ($pm['pmmethod'] == 'email') {
// SEND PM as E-Mail
$Pmmail = new Template("templates/mail/pmsg.mail");
possible_flood(FLOOD_MAIL, $g_user['userid']);
if (is_flooding(FLOOD_MAIL, $g_user['userid'])) {
message('Fehler', 'Sie können nur ' . $config['flood_mail_count'] . ' E-Mails pro ' . $config['flood_mail_timeout'] . ' Minuten verschicken.');
}
$mail_body = "";
eval($Pmmail->GetTemplate("mail_body"));
@mail($user['useremail'], "Private Nachricht: " . $pm['pmtopic'], $mail_body, "From: " . $g_user['username'] . " <" . $g_user['useremail'] . ">");
if ($frompmcount < $config['max_privmsg'] and $pm['pmsaveinoutbox'] == 1) {
thwb_query("INSERT INTO " . $pref . "pm (pmtoid, pmfromid, pmtopic, pmtext, pmtime, pmflags, pmfolder)\n VALUES ({$g_user['userid']}, {$user['userid']},'" . addslashes($pm['pmtopic'] . " *E-Mail*") . "','" . addslashes($pm['pmtext']) . "'," . time() . ",0 , 1);");
}
$navpath .= "Private Messages";
message("Message verschickt", "Ihre Private Message wurde als E-Mail verschickt!<br><a href=\"" . build_link('pm.php') . "\">Private Message Center</a>");
}
} else {
$TFrame = new Template("templates/" . $style['styletemplate'] . "/frame.html");
$TMsg = new Template("templates/" . $style['styletemplate'] . "/newprivmsg.html");
if ($config['use_email'] == 1) {
$print_emailradio = "<input type=radio name=pm[pmmethod] value=email> E-Mail";
} else {
$print_emailradio = '';
}
$pm = array();
if (!isset($recipient)) {
$recipient = '';
}
if (!isset($pm['pmtopic'])) {
$pm['pmtopic'] = '';
message("Bestätigung", '
<form name="theform" method="post" action="' . build_link("postops.php") . '">
Möchten Sie diesen Post wirklich löschen?<br><br>
<input type="hidden" name="do_delete" value="1">
<input type="hidden" name="action" value="delete">
<input type="hidden" name="post[postid]" value="' . $post['postid'] . '">
<input class="tbbutton" type="submit" name="Submit" value="Löschen >>">
</form>');
}
} else {
// re-get $post
$post = $HTTP_POST_VARS['post'];
if (!($post['postid'] = intval($post['postid']))) {
exit('nix da');
}
// decrease thread reply count
thwb_query("UPDATE " . $pref . "thread SET threadreplies=threadreplies-1 WHERE threadid={$thread['threadid']}");
// decrease board post count
thwb_query("UPDATE " . $pref . "board SET boardposts=boardposts-1 WHERE boardid={$board['boardid']}");
// remove post
thwb_query("DELETE FROM " . $pref . "post WHERE postid={$post['postid']}");
// display stuff
updatethread($thread['threadid']);
updateboard($board['boardid']);
log_action('delete post');
message("Post wurde gelöscht", "Post wurde gelöscht.<br><a href=\"" . build_link("showtopic.php?thread[threadid]={$thread['threadid']}") . "\">Zurück zum Thread</a>");
}
} else {
message("Fehler", "Sie haben keine Erlaubnis diesen Post zu löschen");
}
}
$per_page = 15;
$page = 0;
if (isset($_GET['page'])) {
$page = $_GET['page'];
}
$page_start = $page * $per_page;
$limit = $page_start . ', ' . $per_page;
//$list = $db->getAllArray( "SELECT blog_id as id, subject, date FROM " . db_blogs . " WHERE author_id='" . $user->id . "' AND access != " . access_news . " ORDER BY date DESC LIMIT 0, 10;" );
$list = $db->getAllArray('SELECT article_id as id, subject, date FROM ' . db_articles . ' WHERE author_id=' . $user->id . ' ORDER BY date DESC LIMIT ' . $limit . ';');
foreach ($list as $item) {
if (empty($item['subject'])) {
$row->subject = '<i>No Subject</i>';
} else {
$row->subject = stripslashes($item['subject']);
}
$row->date = date($dateformat, $item['date']);
$row->url_edit = script_path . 'admincp.php?action=edit_article&id=' . $item['id'];
$row->url_delete = script_path . 'admincp.php?action=delete_article&id=' . $item['id'];
$row->url_view = build_link('index.php', array('action' => 'article', 'id' => $item['id']));
$ets->list[] = $row;
}
// setup page tags
if ($page > 0) {
$ets->url_page_prev = script_path . 'admincp.php?action=list_article&page=' . ($page - 1);
}
// next page?
$c = $db->getArray('SELECT count(article_id) as c FROM ' . db_articles . ' WHERE author_id = ' . $user->id . ';');
if ($c['c'] > $page_start + $per_page) {
// there are more pages...
$ets->url_page_next = script_path . 'admincp.php?action=list_article&page=' . ($page + 1);
}
