function user_assign_visitors($object, $id, &$tmpl)
{
global $apx, $set, $db, $user;
$userdata = array();
$data = $db->fetch("SELECT u.userid,u.username,u.groupid,u.realname,u.gender,u.city,u.plz,u.country,u.city,u.lastactive,u.pub_invisible,u.avatar,u.avatar_title,u.custom1,u.custom2,u.custom3,u.custom4,u.custom5,u.custom6,u.custom7,u.custom8,u.custom9,u.custom10 FROM " . PRE . "_user_visits AS v LEFT JOIN " . PRE . "_user AS u USING(userid) WHERE v.object='" . addslashes($object) . "' AND v.id='" . intval($id) . "' AND v.time>='" . (time() - 24 * 3600) . "' ORDER BY u.username ASC");
if (count($data)) {
foreach ($data as $res) {
++$i;
$userdata[$i]['ID'] = $res['userid'];
$userdata[$i]['USERID'] = $res['userid'];
$userdata[$i]['USERNAME'] = replace($res['username']);
$userdata[$i]['GROUPID'] = $res['groupid'];
$userdata[$i]['ONLINE'] = iif(!$res['pub_invisible'] && $res['lastactive'] + $set['user']['timeout'] * 60 >= time(), 1, 0);
$userdata[$i]['REALNAME'] = replace($res['realname']);
$userdata[$i]['GENDER'] = $res['gender'];
$userdata[$i]['CITY'] = replace($res['city']);
$userdata[$i]['PLZ'] = replace($res['plz']);
$userdata[$i]['COUNTRY'] = $res['country'];
$userdata[$i]['LASTACTIVE'] = $res['lastactive'];
$userdata[$i]['AVATAR'] = $user->mkavatar($res);
$userdata[$i]['AVATAR_TITLE'] = $user->mkavtitle($res);
//Custom-Felder
for ($ii = 1; $ii <= 10; $ii++) {
$tabledata[$i]['CUSTOM' . $ii . '_NAME'] = $set['user']['cusfield_names'][$ii - 1];
$tabledata[$i]['CUSTOM' . $ii] = compatible_hsc($res['custom' . $ii]);
}
}
}
$tmpl->assign('VISITOR', $userdata);
}
function mediamanager_inline($insert = '', $id = false)
{
global $set, $db, $apx;
//Felder, in die eingefügt werden darf
if (!$insert) {
echo 'missing fields!';
return;
}
//Umgebungsvariablen
$module = $apx->module();
$id = (int) $id;
$status = (int) $_POST['inline_status'];
//Hash-Wert ermitteln
if (!$id && $_POST['inline_hash']) {
$hash = compatible_hsc($_POST['inline_hash']);
} elseif (!$id) {
$hash = compatible_hsc(md5(microtime()));
}
//Button-Beschriftungen
$apx->lang->dropaction('mediamanager', 'inline');
$lang_open = $apx->lang->get('INLINE_OPEN');
$lang_close = $apx->lang->get('INLINE_CLOSE');
//Iframe anzeigen, oder nicht anzeigen...
if ($status) {
$hide_button = 'display:none;';
} else {
$hide_iframe = 'display:none;';
}
echo <<<CODE
<div id="inline_button" style="{$hide_button}"><input type="button" name="inline_open" value="{$lang_open}" onclick="open_inline();" class="button" /></div>
<div id="inline_iframe" style="{$hide_iframe}">
<div style="padding-bottom:3px;"><input type="button" name="inline_open" value="{$lang_close}" onclick="close_inline();" class="button" /></div>
<iframe src="action.php?action=mediamanager.inline&module={$module}&mid={$id}&hash={$hash}&fields={$insert}" width="98%" height="250" name="inline" frameborder="0" style="width:98%;height:250px;">Sorry, your browser does not support frames!</iframe>
</div>
<script language="JavaScript" type="text/javascript">
<!--
//Inlinescreens öffnen
function open_inline() {
\tgetobject('inline_button').style.display='none';
\tgetobject('inline_iframe').style.display='';
\tgetobject('inline_status').value=1;
}
//Inlinescreens schließen
function close_inline() {
\tgetobject('inline_button').style.display='';
\tgetobject('inline_iframe').style.display='none';
\tgetobject('inline_status').value=0;
}
//-->
</script>
<input type="hidden" name="inline_hash" value="{$hash}" />
<input type="hidden" name="inline_status" id="inline_status" value="{$status}" />
CODE;
}
function createTeamData($res, $parse)
{
global $apx, $db, $set, $user;
$userdata = array();
if ($res['birthday']) {
$bd = explode('-', $res['birthday']);
$birthday = intval($bd[0]) . '. ' . getcalmonth($bd[1]) . iif($bd[2], ' ' . $bd[2]);
if ($bd[2]) {
$age = date('Y') - $bd[2];
if (intval(sprintf('%02d%02d', $bd[1], $bd[0])) > intval(date('md'))) {
$age -= 1;
}
}
}
$userdata['ID'] = $res['userid'];
$userdata['USERID'] = $res['userid'];
$userdata['NAME'] = replace($res['username']);
$userdata['USERNAME'] = replace($res['username']);
$userdata['GROUPID'] = $res['groupid'];
$userdata['EMAIL'] = replace(iif(!$res['pub_hidemail'], $res['email']));
$userdata['EMAIL_ENCRYPTED'] = replace(iif(!$res['pub_hidemail'], cryptMail($res['email'])));
$userdata['ONLINE'] = iif(!$res['pub_invisible'] && $res['lastactive'] + $set['user']['timeout'] * 60 >= time(), 1, 0);
$userdata['ISONLINE'] = $userdata['ONLINE'];
$userdata['REALNAME'] = replace($res['realname']);
$userdata['GENDER'] = $res['gender'];
$userdata['CITY'] = replace($res['city']);
$userdata['PLZ'] = replace($res['plz']);
$userdata['COUNTRY'] = $res['country'];
$userdata['REGTIME'] = $res['reg_time'];
$userdata['REGDAYS'] = floor((time() - $res['reg_time']) / (24 * 3600));
$userdata['LASTACTIVE'] = $res['lastactive'];
$userdata['AVATAR'] = $user->mkavatar($res);
$userdata['AVATAR_TITLE'] = $user->mkavtitle($res);
$userdata['BIRTHDAY'] = $birthday;
$userdata['AGE'] = $age;
if (in_array($varname . '.ISBUDDY', $parse)) {
$userdata['ISBUDDY'] = $user->is_buddy($res['userid']);
}
//Custom-Felder
for ($ii = 1; $ii <= 10; $ii++) {
$userdata['CUSTOM' . $ii . '_NAME'] = $set['user']['cusfield_names'][$ii - 1];
$userdata['CUSTOM' . $ii] = compatible_hsc($res['custom' . $ii]);
}
//Interaktions-Links
if ($user->info['userid']) {
$userdata['LINK_SENDPM'] = mklink('user.php?action=newpm&touser='******'userid'], 'user,newpm,' . $res['userid'] . '.html');
$userdata['LINK_SENDEMAIL'] = mklink('user.php?action=newmail&touser='******'userid'], 'user,newmail,' . $res['userid'] . '.html');
if (in_array($varname . '.LINK_BUDDY', $parse) && !$user->is_buddy($res['userid'])) {
$userdata['LINK_BUDDY'] = mklink('user.php?action=addbuddy&id=' . $res['userid'], 'user,addbuddy,' . $res['userid'] . '.html');
}
}
return $userdata;
}
function get_subtree($dir)
{
$dirs = readout_dir($dir);
$numdirs = count($dirs);
$dirdata = array();
$i = 0;
foreach ($dirs as $dirname) {
++$i;
$dirdata[] = array('NAME' => compatible_hsc($dirname), 'PATH' => iif($dir, $dir . '/') . $dirname, 'LAST' => $i == $numdirs);
}
return $dirdata;
}
function glossar_highlight($text, $module = false, $ignore = false)
{
global $apx, $db, $set;
static $highlights;
$ignore = (int) $ignore;
if (!$set['glossar']['highlight'] || !$text) {
return $text;
}
$apx->lang->drop('highlights', 'glossar');
$classname_word = 'glossar_highlight';
$classname_title = 'glossar_info_title';
$classname_text = 'glossar_info_text';
$classname_readmore = 'glossar_info_readmore';
//Daten auslesen
if (!isset($highlights)) {
$highlights = array();
$data = $db->fetch("SELECT id,title,spelling,text FROM " . PRE . "_glossar WHERE starttime!=0" . iif($ignore, " AND id!='" . $ignore . "'"));
if (count($data)) {
foreach ($data as $res) {
$words = array();
if ($res['spelling']) {
$words = explode(',', strtolower($res['spelling']));
}
$words[] = strtolower($res['title']);
$words = array_unique(array_map('trim', $words));
$link = mklink('glossar.php?id=' . $res['id'], 'glossar,id' . $res['id'] . urlformat($res['title']) . '.html');
$content = '<div class="' . $classname_title . '"><a href="' . $link . '">' . $res['title'] . '</a></div><div class="' . $classname_text . '">' . shorttext($res['text'], 200) . '</div><div class="' . $classname_readmore . '"><a href="' . $link . '">' . $apx->lang->get('READMORE') . '</a></div>';
$content = strtr(compatible_hsc($content), array("\n" => ' ', "\r" => '', '\'' => '\\\'', '\\' => '\\\\'));
$highlights[] = array('words' => $words, 'content' => $content);
}
}
}
//Text nach Highlights durchsuchen
$lowertext = strtolower($text);
foreach ($highlights as $element) {
$words = $element['words'];
foreach ($words as $wkey => $word) {
if (strpos($lowertext, strtolower($word)) === false) {
unset($words[$wkey]);
}
}
if (!count($words)) {
continue;
}
$words = array_map('preg_quote', $words);
$searchfor = implode('|', $words);
$hover = 'Tip(\'' . $element['content'] . '\')';
$text = preg_replace('#((<[^>]*)|($|[\\s<>,.:;_!-])(' . $searchfor . ')([\\s<>,.:;_!-]|$))#ie', '"\\2"=="\\1" ? glossar_stripslashes("\\1") : glossar_stripslashes("\\3")."<span class=\\"' . $classname_word . '\\" onmouseover=\\"' . strtr($hover, array('\\' => '\\\\')) . '\\">".glossar_stripslashes("\\4")."</span>".glossar_stripslashes("\\5")', $text);
//$text=preg_replace('#((<[^>]*)|('.$searchfor.'))#ie', '"\2"=="\1" ? glossar_stripslashes("\1") : "<span class=\"'.$classname_word.'\" onmouseover=\"'.$hover.'\">".glossar_stripslashes("\3")."</span>"', $text);
}
return $text;
}
function misc_comments_report()
{
global $apx, $db, $set, $user;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ContentID!');
}
$apx->lang->drop('report', 'comments');
$apx->tmpl->loaddesign('blank');
headline($apx->lang->get('HEADLINE_REPORT'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
titlebar($apx->lang->get('HEADLINE_REPORT'));
//Absenden
if ($_POST['send']) {
//Kommentar auslesen
list($commenttext) = $db->first("SELECT text FROM " . PRE . "_comments WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
if (!$_POST['text']) {
message('back');
} elseif (!$commenttext) {
message('invalid comment-ID!');
} else {
//eMail senden
if ($set['comments']['reportmail']) {
$input['URL'] = $_POST['url'];
$input['REASON'] = $_POST['text'];
$input['TEXT'] = $commenttext;
sendmail($set['comments']['reportmail'], 'REPORT', $input);
}
message($apx->lang->get('MSG_OK'));
}
} else {
$apx->tmpl->assign('POSTTO', HTTPDIR . 'misc.php?action=comments_report');
$apx->tmpl->assign('URL', compatible_hsc($_REQUEST['url']));
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->parse('report', 'comments');
}
}
message($apx->lang->get('MSG_MAILNOTVALID'), 'back');
} else {
$goto = HTTP . $set['forum']['directory'] . '/' . mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html');
mail($_POST['toemail'], $_POST['subject'], $_POST['text'], 'From: ' . $_POST['username'] . '<' . $_POST['email'] . '>');
message($apx->lang->get('MSG_OK'), $goto);
}
} else {
$url = HTTP . $set['forum']['directory'] . '/' . mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html');
//Captcha erstellen
if ($set['main']['tellcaptcha'] && !$user->info['userid']) {
require BASEDIR . 'lib/class.captcha.php';
$captcha = new captcha();
$captchacode = $captcha->generate();
}
$apx->tmpl->assign('POSTTO', $_SERVER['REQUEST_URI']);
$apx->tmpl->assign('TITLE', trim(compatible_hsc(strip_tags(forum_get_prefix($threadinfo['prefix']) . ' ') . $threadinfo['title'])));
$apx->tmpl->assign('TEXT', compatible_hsc($apx->lang->get('MAIL_TELL_TEXT', array('URL' => $url))));
$apx->tmpl->assign('CAPTCHA', $captchacode);
$apx->tmpl->parse('tell');
}
////////////////////////////////////////////////////////////////////////////////////////////////////////
$threadpath = array(array('TITLE' => trim(compatible_hsc(strip_tags(forum_get_prefix($threadinfo['prefix']) . ' ') . $threadinfo['title'])), 'LINK' => mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html')));
$apx->tmpl->assign('PATH', array_merge(forum_path($foruminfo, 1), $threadpath));
$apx->tmpl->assign('PATHEND', $apx->lang->get('HEADLINE_TELL'));
titlebar($apx->lang->get('HEADLINE_TELL'));
////////////////////////////////////////////////////////////////////////////////////////////////////////
require 'lib/_end.php';
///////////////////////////////////////////////////////////////////////////
require '../lib/_end.php';
//////////////////////////////////////////////////////// SCRIPT BEENDEN ///
////////////////////////////////////////////////////////////////////////////////////////////////////////
function disable()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send']) {
if (!checkToken()) {
printInvalidToken();
} else {
$db->query("UPDATE " . PRE . "_poll SET starttime='0',endtime='0' WHERE ( id='" . $_REQUEST['id'] . "' ) LIMIT 1");
logit('POLL_DISABLE', 'ID #' . $_REQUEST['id']);
printJSReload();
}
} else {
list($title) = $db->first("SELECT question FROM " . PRE . "_poll WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title))));
tmessageOverlay('disable', array('ID' => $_REQUEST['id']));
}
}
function group()
{
global $set, $db, $apx, $html;
$_REQUEST['id'] = (int) $_REQUEST['id'];
$data = $set['banner']['groups'];
//Kategorie löschen
if ($_REQUEST['do'] == 'del' && isset($data[$_REQUEST['id']])) {
list($count) = $db->first("SELECT count(*) FROM " . PRE . "_banner WHERE " . PRE . "_banner.group='" . $id . "'");
if (!$count) {
if (isset($_POST['id'])) {
if (!checkToken()) {
infoInvalidToken();
} else {
unset($data[$_REQUEST['id']]);
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='banner' AND varname='groups' LIMIT 1");
logit('BANNER_CATDEL', $_REQUEST['id']);
printJSReload();
}
} else {
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($data[$_REQUEST['id']]))));
tmessageOverlay('catdel', array('ID' => $_REQUEST['id']));
}
return;
}
} elseif ($_REQUEST['do'] == 'edit' && isset($data[$_REQUEST['id']])) {
if (isset($_POST['title'])) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['title']) {
infoNotComplete();
} else {
$data[$_REQUEST['id']] = $_POST['title'];
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='banner' AND varname='groups' LIMIT 1");
logit('BANNER_CATEDIT', $_REQUEST['id']);
printJSRedirect('action.php?action=banner.group');
return;
}
} else {
$_POST['title'] = $data[$_REQUEST['id']];
$apx->tmpl->assign('TITLE', $_POST['title']);
$apx->tmpl->assign('ACTION', 'edit');
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->parse('catadd_catedit');
}
} elseif ($_REQUEST['do'] == 'add') {
if ($_POST['send']) {
if (!checkToken()) {
printInvalidToken();
} elseif (!$_POST['title']) {
infoNotComplete();
} else {
if (!count($data)) {
$data[1] = $_POST['title'];
} else {
$data[] = $_POST['title'];
}
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='banner' AND varname='groups' LIMIT 1");
logit('BANNER_CATADD', array_key_max($data));
printJSRedirect('action.php?action=banner.group');
return;
}
}
} else {
$apx->tmpl->assign('ACTION', 'add');
$apx->tmpl->parse('catadd_catedit');
}
$col[] = array('ID', 1, 'align="center"');
$col[] = array('COL_TITLE', 80, 'class="title"');
$col[] = array('COL_BANNERS', 20, 'align="center"');
//AUSGABE
asort($data);
foreach ($data as $id => $res) {
++$i;
list($count) = $db->first("SELECT count(*) FROM " . PRE . "_banner WHERE " . PRE . "_banner.group='" . $id . "'");
$tabledata[$i]['COL1'] = $id;
$tabledata[$i]['COL2'] = $res;
$tabledata[$i]['COL3'] = $count;
$tabledata[$i]['OPTIONS'] .= optionHTML('edit.gif', 'banner.group', 'do=edit&id=' . $id, $apx->lang->get('CORE_EDIT'));
if (!$count) {
$tabledata[$i]['OPTIONS'] .= optionHTMLOverlay('del.gif', 'banner.group', 'do=del&id=' . $id, $apx->lang->get('CORE_DEL'));
} else {
$tabledata[$i]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />';
}
}
$apx->tmpl->assign('TABLE', $tabledata);
$html->table($col);
}
function calendar_print($data, $template)
{
global $set, $db, $apx, $user;
$tmpl = new tengine();
$parse = $tmpl->used_vars($template, 'calendar');
//Kategorie-Info
$catids = get_ids($data, 'catid');
$catdata = array();
if (count($catids)) {
$catdata = $db->fetch_index("SELECT * FROM " . PRE . "_calendar_cat WHERE id IN (" . implode(',', $catids) . ")", 'id');
}
//Termine auflisten
if (count($data)) {
foreach ($data as $res) {
++$i;
$event = array();
//Kategorie-Info
$catinfo = $catdata[$res['catid']];
//Link zum Termin
$link = mklink('events.php?id=' . $res['id'], 'events,id' . $res['id'] . urlformat($res['title']) . '.html');
//Aufmacher
$picture = $picture_popup = '';
if (in_template(array('EVENT.PICTURE', 'EVENT.PICTURE_POPUP', 'EVENT.PICTURE_POPUPPATH'), $parse)) {
list($picture, $picture_popup, $picture_popuppath) = calendar_pic($res['picture']);
}
//Start berechnen
$startday = $starttime = $endday = $endtime = 0;
if (in_template(array('EVENT.STARTDAY', 'EVENT.STARTTIME'), $parse)) {
$startday = calendar_stamp2time($res['startday']);
if ($res['starttime'] != -1) {
$time_comp = calendar_explode_stamp($res['startday']);
$tmpstamp = sprintf('%04d', $res['starttime']);
$time_comp['hour'] = substr($tmpstamp, 0, 2);
$time_comp['minute'] = substr($tmpstamp, 2, 2);
$starttime = mktime($time_comp['hour'], $time_comp['minute'], 0, $time_comp['month'], $time_comp['day'], $time_comp['year']) + TIMEDIFF;
}
}
//Ende berechnen (falls nötig)
if (in_template(array('EVENT.ENDDAY', 'EVENT.ENDTIME'), $parse)) {
if ($res['endday'] != $res['startday'] || $res['endtime'] != -1) {
$endday = calendar_stamp2time($res['endday']);
if ($res['endtime'] != -1) {
$time_comp = calendar_explode_stamp($res['endday']);
$tmpstamp = sprintf('%04d', $res['endtime']);
$time_comp['hour'] = substr($tmpstamp, 0, 2);
$time_comp['minute'] = substr($tmpstamp, 2, 2);
$endtime = mktime($time_comp['hour'], $time_comp['minute'], 0, $time_comp['month'], $time_comp['day'], $time_comp['year']) + TIMEDIFF;
}
}
}
//Username + eMail
if ($res['userid']) {
$username = $res['username'];
$email = iif(!$res['pub_hidemail'], $res['email']);
} else {
$username = $res['send_username'];
$email = $res['send_email'];
}
//Text
$eventtext = '';
if (in_array('EVENT.TEXT', $parse)) {
$eventtext = mediamanager_inline($res['text']);
if ($apx->is_module('glossar')) {
$eventtext = glossar_highlight($eventtext);
}
}
//Datehead
if ($laststamp != $res['startday']) {
$event['DATEHEAD'] = $startday;
}
//Tags
if (in_array('EVENT.TAG', $parse) || in_array('EVENT.TAG_IDS', $parse) || in_array('EVENT.KEYWORDS', $parse)) {
list($tagdata, $tagids, $keywords) = calendar_tags($res['id']);
}
$event['ID'] = $res['id'];
$event['TITLE'] = $res['title'];
$event['TEXT'] = $eventtext;
$event['LINK'] = $link;
$event['LOCATION'] = compatible_hsc($res['location']);
$event['LOCATION_LINK'] = compatible_hsc($res['location_link']);
$event['PRIORITY'] = $res['priority'];
$event['RESTRICTED'] = $res['restricted'];
$event['PRIVATE'] = $res['private'];
$event['HITS'] = $res['hits'];
$event['RELATED'] = calendar_links($res['links']);
$event['PICTURE'] = $picture;
$event['PICTURE_POPUP'] = $picture_popup;
$event['PICTURE_POPUPPATH'] = $picture_popuppath;
$event['STARTDAY'] = $startday;
$event['STARTTIME'] = $starttime;
$event['ENDDAY'] = $endday;
$event['ENDTIME'] = $endtime;
$event['USERID'] = $res['userid'];
$event['USERNAME'] = replace($username);
$event['EMAIL'] = replace($email);
$event['EMAIL_ENCRYPTED'] = replace(cryptMail($email));
$event['CATID'] = $res['catid'];
$event['CATTITLE'] = $catinfo['title'];
$event['CATICON'] = $catinfo['icon'];
//Tags
$event['TAG'] = $tagdata;
$event['TAG_IDS'] = $tagids;
$event['KEYWORDS'] = $keywords;
//Galerie
if ($apx->is_module('gallery') && $res['galid'] && !$res['private'] && in_template(array('EVENT.GALLERY_ID', 'EVENT.GALLERY_TITLE', 'EVENT.GALLERY_LINK'), $parse)) {
$galinfo = gallery_info($res['galid']);
$event['GALLERY_ID'] = $galinfo['id'];
$event['GALLERY_TITLE'] = $galinfo['title'];
$event['GALLERY_LINK'] = mklink('gallery.php?id=' . $galinfo['id'], 'gallery,list' . $galinfo['id'] . ',1' . urlformat($galinfo['title']) . '.html');
}
//Kommentare
if ($apx->is_module('comments') && $set['calendar']['coms'] && $res['allowcoms']) {
require_once BASEDIR . getmodulepath('comments') . 'class.comments.php';
if (!isset($coms)) {
$coms = new comments('calendar', $res['id']);
} else {
$coms->mid = $res['id'];
}
$link = mklink('events.php?id=' . $res['id'], 'events,id' . $res['id'] . urlformat($res['title']) . '.html');
$event['COMMENT_COUNT'] = $coms->count();
$event['COMMENT_LINK'] = $coms->link($link);
$event['DISPLAY_COMMENTS'] = 1;
if (in_template(array('EVENT.COMMENT_LAST_USERID', 'EVENT.COMMENT_LAST_NAME', 'EVENT.COMMENT_LAST_TIME'), $parse)) {
$event['COMMENT_LAST_USERID'] = $coms->last_userid();
$event['COMMENT_LAST_NAME'] = $coms->last_name();
$event['COMMENT_LAST_TIME'] = $coms->last_time();
}
}
$eventdata[$i] = $event;
$laststamp = $res['startday'];
}
}
$tmpl->assign('EVENT', $eventdata);
$tmpl->parse($template, 'calendar');
}
function group()
{
global $set, $db, $apx, $html;
$_REQUEST['id'] = (int) $_REQUEST['id'];
$data = $set['content']['groups'];
//Kategorie löschen
if ($_REQUEST['do'] == 'del' && isset($data[$_REQUEST['id']])) {
list($count) = $db->first("SELECT count(*) FROM " . PRE . "_content WHERE catid='" . $_REQUEST['id'] . "'");
if (!$count) {
if (isset($_POST['id'])) {
if (!checkToken()) {
infoInvalidToken();
} else {
unset($data[$_REQUEST['id']]);
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='content' AND varname='groups' LIMIT 1");
logit('CONTENT_CATDEL', $_REQUEST['id']);
printJSReload();
}
} else {
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($data[$_REQUEST['id']]))));
tmessageOverlay('catdel', array('ID' => $_REQUEST['id']));
}
}
return;
}
//Kategorie leeren
if ($_REQUEST['do'] == 'clean' && isset($data[$_REQUEST['id']])) {
if ($_POST['id'] && $_POST['moveto']) {
if (!checkToken()) {
infoInvalidToken();
} else {
$db->query("UPDATE " . PRE . "_content SET catid='" . intval($_POST['moveto']) . "' WHERE catid='" . $_REQUEST['id'] . "'");
logit('CONTENT_CATCLEAN', "ID #" . $_REQUEST['id']);
//Kategorie löschen
if ($_POST['delcat']) {
unset($data[$_REQUEST['id']]);
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='content' AND varname='groups' LIMIT 1");
logit('CONTENT_CATDEL', $_REQUEST['id']);
}
printJSReload();
return;
}
} else {
//Kategorien auflisten
$catlist = '';
$data = $set['content']['groups'];
if (count($data)) {
foreach ($data as $id => $title) {
if ($id == $_REQUEST['id']) {
continue;
}
$catlist .= '<option value="' . $id . '"' . iif($_REQUEST['catid'] == $id, ' selected="selected"') . '>' . replace($title) . '</option>';
}
}
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('TITLE', compatible_hsc($data[$_REQUEST['id']]));
$apx->tmpl->assign('DELCAT', (int) $_POST['delcat']);
$apx->tmpl->assign('CATLIST', $catlist);
tmessageOverlay('catclean');
}
return;
} elseif ($_REQUEST['do'] == 'edit' && isset($data[$_REQUEST['id']])) {
if (isset($_POST['title'])) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['title']) {
info('back');
} else {
$data[$_REQUEST['id']] = $_POST['title'];
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='content' AND varname='groups' LIMIT 1");
logit('CONTENT_CATEDIT', $_REQUEST['id']);
printJSRedirect('action.php?action=content.group');
return;
}
} else {
$_POST['title'] = $data[$_REQUEST['id']];
$apx->tmpl->assign('TITLE', $_POST['title']);
$apx->tmpl->assign('ACTION', 'edit');
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->parse('catadd_catedit');
}
} elseif ($_REQUEST['do'] == 'add') {
if ($_POST['send']) {
if (!checkToken()) {
printInvalidToken();
} elseif (!$_POST['title']) {
info('back');
} else {
if (!count($data)) {
$data[1] = $_POST['title'];
} else {
$data[] = $_POST['title'];
}
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='content' AND varname='groups' LIMIT 1");
logit('CONTENT_CATADD', array_key_max($data));
printJSRedirect('action.php?action=content.group');
return;
}
}
} else {
$apx->tmpl->assign('ACTION', 'add');
$apx->tmpl->parse('catadd_catedit');
}
$col[] = array('ID', 1, 'align="center"');
$col[] = array('COL_TITLE', 80, 'class="title"');
$col[] = array('COL_CONTENTS', 20, 'align="center"');
//AUSGABE
asort($data);
foreach ($data as $id => $res) {
++$i;
list($count) = $db->first("SELECT count(*) FROM " . PRE . "_content WHERE catid='" . $id . "'");
$tabledata[$i]['COL1'] = $id;
$tabledata[$i]['COL2'] = $res;
$tabledata[$i]['COL3'] = $count;
$tabledata[$i]['OPTIONS'] .= optionHTML('edit.gif', 'content.group', 'do=edit&id=' . $id, $apx->lang->get('CORE_EDIT'));
if (!$count) {
$tabledata[$i]['OPTIONS'] .= optionHTMLOverlay('del.gif', 'content.group', 'do=del&id=' . $id, $apx->lang->get('CORE_DEL'));
} else {
$tabledata[$i]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />';
}
if ($count) {
$tabledata[$i]['OPTIONS'] .= optionHTMLOverlay('clean.gif', 'content.group', 'do=clean&id=' . $id, $apx->lang->get('CLEAN'));
} else {
$tabledata[$i]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />';
}
}
$apx->tmpl->assign('TABLE', $tabledata);
$html->table($col);
}
$tabledata[$i]['CUSTOM' . $ii . '_NAME'] = $set['user']['cusfield_names'][$ii - 1];
$tabledata[$i]['CUSTOM' . $ii] = compatible_hsc($res['custom' . $ii]);
}
//Forumbeiträge
if ($apx->is_module('forum')) {
$tabledata[$i]['FORUMPOSTS'] = $res['forum_posts'];
}
$tabledata[$i]['LINK_BUDDY'] = iif($user->info['userid'] && !$user->is_buddy($res['userid']), mklink('user.php?action=addbuddy&id=' . $res['userid'], 'user,addbuddy,' . $res['userid'] . '.html'));
$tabledata[$i]['LINK_SENDPM'] = iif($user->info['userid'], mklink('user.php?action=newpm&touser='******'userid'], 'user,newpm,' . $res['userid'] . '.html'));
$tabledata[$i]['LINK_SENDEMAIL'] = iif($user->info['userid'] || $set['user']['sendmail_guests'], mklink('user.php?action=newmail&touser='******'userid'], 'user,newmail,' . $res['userid'] . '.html'));
}
}
//Sortieren nach...
ordervars($orderdef, mklink('user.php?action=search&searchid=' . $_REQUEST['searchid'], 'user,search.html?searchid=' . $_REQUEST['searchid']));
$apx->tmpl->assign('USER', $tabledata);
} else {
$_POST['gender'] = 0;
$_POST['distance'] = 25;
}
//Formular erzeugen
$apx->tmpl->assign('ITEM', compatible_hsc($_POST['item']));
$apx->tmpl->assign('AGE_MIN', intval($_POST['age_min']));
$apx->tmpl->assign('AGE_MAX', intval($_POST['age_max']));
$apx->tmpl->assign('GENDER', intval($_POST['gender']));
$apx->tmpl->assign('CITY', compatible_hsc($_POST['city']));
$apx->tmpl->assign('PLZ', compatible_hsc($_POST['plz']));
$apx->tmpl->assign('DISTANCE', intval($_POST['distance']));
$apx->tmpl->assign('ONLINE', intval($_POST['online']));
$postto = mklink('user.php?action=search', 'user,search.html');
$apx->tmpl->assign('POSTTO', $postto);
$apx->tmpl->parse('search');
} elseif ($user->info['userid'] && $touser == $user->info['userid']) {
message($apx->lang->get('MSG_SELF'), 'javascript:history.back()');
} else {
if ($user->info['userid']) {
$sender = $user->info['username'] . '<' . $user->info['email'] . '>';
} else {
$sender = $_POST['name'] . '<' . $_POST['email'] . '>';
}
mail($email, $_POST['subject'], $_POST['text'], 'From: ' . $sender);
if ($user->info['userid']) {
message($apx->lang->get('MSG_OK'), mklink('user.php', 'user.html'));
} else {
message($apx->lang->get('MSG_OK'), mklink('index.php', 'index.html'));
}
}
} else {
if ($_REQUEST['touser']) {
list($username) = $db->first("SELECT username FROM " . PRE . "_user WHERE userid='" . intval($_REQUEST['touser']) . "' LIMIT 1");
$apx->tmpl->assign('USERNAME', compatible_hsc($username));
}
$postto = mklink('user.php?action=newmail', 'user,newmail.html');
//Captcha erstellen
if (!$user->info['userid']) {
require BASEDIR . 'lib/class.captcha.php';
$captcha = new captcha();
$captchacode = $captcha->generate();
}
$apx->tmpl->assign('CAPTCHA', $captchacode);
$apx->tmpl->assign('POSTTO', $postto);
$apx->tmpl->parse('newmail');
}
$inlist[] = $res['postid'];
}
}
//Alle IDs, die nicht aufgelistet wurden
$notinlist = array_diff($_POST['post'], $inlist);
foreach ($notinlist as $id) {
$seldata[]['ID'] = $id;
}
$apx->tmpl->assign('FORUM', $forumdata);
$apx->tmpl->assign('POST', $postdata);
$apx->tmpl->assign('SELPOST', $seldata);
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('ICON', $_POST['icon']);
$apx->tmpl->assign('ICONLIST', $icondata);
$apx->tmpl->assign('STICKY_TYPE', compatible_hsc($_POST['sticky_type']));
$apx->tmpl->assign('STICKY_TEXT', compatible_hsc($_POST['sticky_text']));
$apx->tmpl->assign('ANNOUNCE', forum_access_announce($foruminfo));
$apx->tmpl->assign('ID', $threadinfo['threadid']);
$apx->tmpl->assign('P', $_REQUEST['p']);
$apx->tmpl->assign('PREVIOUS', iif($_REQUEST['p'] > 1, 1, 0));
$apx->tmpl->assign('NEXT', iif($_REQUEST['p'] < $pages, 1, 0));
$apx->tmpl->parse('split');
////////////////////////////////////////////
$threadpath = array(array('TITLE' => replace($threadinfo['title']), 'LINK' => mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html')));
$apx->tmpl->assign('PATH', array_merge(forum_path($foruminfo, 1), $threadpath));
$apx->tmpl->assign('PATHEND', $apx->lang->get('SPLITTHREAD'));
titlebar($apx->lang->get('SPLITTHREAD'));
} elseif ($_REQUEST['action'] == 'ipstats') {
$apx->lang->drop('ipstats');
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
function cfg()
{
global $set, $db, $apx;
if ($_POST['send'] == 1) {
$invalid = array();
if ($_POST['ffmpeg'] && !$this->validateExecPath('ffmpeg', $_POST['ffmpeg'])) {
$invalid[] = 'FFmpeg';
}
if ($_POST['flvtool2'] && !$this->validateExecPath('flvtool2', $_POST['flvtool2'])) {
$invalid[] = 'FLVTool2';
}
if ($_POST['mencoder'] && !$this->validateExecPath('mencoder', $_POST['mencoder'])) {
$invalid[] = 'MEncoder';
}
if (!$_POST['ffmpeg'] || !$_POST['flvtool2']) {
info($apx->lang->get('CORE_BACK'));
} elseif ($invalid) {
info($apx->lang->get('INFO_INVALID') . implode(', ', $invalid));
} else {
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes($_POST['ffmpeg']) . "' WHERE module='videos' AND varname='ffmpeg' LIMIT 1");
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes($_POST['flvtool2']) . "' WHERE module='videos' AND varname='flvtool2' LIMIT 1");
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes($_POST['mencoder']) . "' WHERE module='videos' AND varname='mencoder' LIMIT 1");
logit('VIDEOS_CFG');
printJSRedirect('action.php?action=videos.cfg');
}
} else {
if (!function_exists('exec')) {
message($apx->lang->get('MSG_EXEC_DISABLED'));
return;
}
$apx->tmpl->assign('FFMPEG', compatible_hsc($set['videos']['ffmpeg']));
$apx->tmpl->assign('FLVTOOL2', compatible_hsc($set['videos']['flvtool2']));
$apx->tmpl->assign('MENCODER', compatible_hsc($set['videos']['mencoder']));
$apx->tmpl->parse('cfg');
}
}
$apx->tmpl->assign('PREVIEW', $text);
$apx->tmpl->assign('USERNAME', compatible_hsc($_POST['touser']));
$apx->tmpl->assign('SUBJECT', compatible_hsc($_POST['subject']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('ADDSIG', intval($_POST['addsig']));
} else {
$text = '';
if ($_REQUEST['answer']) {
$res = $db->first("SELECT a.subject,a.text,b.userid,b.username,c.username AS username2 FROM " . PRE . "_user_pms AS a LEFT JOIN " . PRE . "_user AS b ON a.fromuser=b.userid LEFT JOIN " . PRE . "_user AS c ON a.touser=c.userid WHERE ( a.id='" . $_REQUEST['answer'] . "' AND ( a.touser='******'userid'] . "' OR a.fromuser='******'userid'] . "' ) )");
if ($res['userid'] == $user->info['userid']) {
$username = compatible_hsc($res['username2']);
$subject = compatible_hsc($res['subject']);
$text = '[QUOTE]' . compatible_hsc($res['text']) . "[/QUOTE]\n";
} else {
$username = compatible_hsc($res['username']);
$subject = iif($res['subject'] && substr($res['subject'], 0, 4) != 'Re: ', 'Re: ') . compatible_hsc($res['subject']);
$text = '[QUOTE]' . compatible_hsc($res['text']) . "[/QUOTE]\n";
}
} elseif ($_REQUEST['touser']) {
list($username) = $db->first("SELECT username FROM " . PRE . "_user WHERE userid='" . $_REQUEST['touser'] . "' LIMIT 1");
$username = compatible_hsc($username);
}
$apx->tmpl->assign('USERNAME', replace($username));
$apx->tmpl->assign('SUBJECT', $subject);
$apx->tmpl->assign('TEXT', $text);
$apx->tmpl->assign('ADDSIG', 1);
}
$postto = mklink('user.php?action=newpm', 'user,newpm.html');
$apx->tmpl->assign('POSTTO', $postto);
$apx->tmpl->parse('newpm');
}
function sendpm()
{
global $set, $db, $apx;
//Senden durchführen
if ($_REQUEST['doit']) {
$this->sendpm_exec();
return;
}
//Gruppen selected
if (!is_array($_POST['groupid']) || $_POST['groupid'][0] == 'all') {
$_POST['groupid'] = array('all');
}
//Daten speichern
if ($_POST['send']) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['subject'] || !$_POST['text'] || !count($_POST['groupid'])) {
infoNotComplete();
} else {
$groups = array();
if ($_POST['groupid'][0] != 'all') {
$groups = array_map('intval', $_POST['groupid']);
}
$data = array('subject' => $_POST['subject'], 'text' => $_POST['text'], 'groups' => $groups);
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='user' AND varname='sendpm_data' LIMIT 1");
//die('action.php?action=user.sendpm&doit=1');
printJSRedirect('action.php?action=user.sendpm&doit=1§oken=' . $apx->session->get('sectoken'));
}
} else {
//Sektionen auflisten
$grouplist = '<option value="all"' . iif($_POST['groupid'][0] == 'all', 'selected="selected"') . ' style="font-weight:bold;">' . $apx->lang->get('ALL') . '</option>';
$data = $db->fetch("SELECT groupid,name FROM " . PRE . "_user_groups ORDER BY name ASC");
if (count($data)) {
foreach ($data as $res) {
$grouplist .= '<option value="' . $res['groupid'] . '"' . iif(in_array($res['groupid'], $_POST['groupid']), ' selected="selected"') . '>' . replace($res['name']) . '</option>';
}
}
$apx->tmpl->assign('GROUP', $grouplist);
$apx->tmpl->assign('SUBJECT', compatible_hsc($_POST['subject']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->parse('sendpm');
}
}
function del()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
infoInvalidToken();
} else {
list($image) = $db->first("SELECT image FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$mm->deletefile($image);
$db->query("DELETE FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
logit('AFFILIATES_DEL', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('affiliates.show'));
}
} else {
list($title) = $db->first("SELECT title FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title))));
tmessageOverlay('del', array('ID' => $_REQUEST['id']));
}
}
function del()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
printInvalidToken();
} else {
$db->query("DELETE FROM " . PRE . "_contact WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
logit('CONTACT_DEL', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('contact.show'));
}
} else {
list($title) = $db->first("SELECT title FROM " . PRE . "_contact WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title))));
tmessageOverlay('deltitle', array('ID' => $_REQUEST['id']), '/');
}
}
function display()
{
global $db, $apx, $user, $set;
$apx->lang->drop('comments', 'comments');
$page = $this->getpage(array('p'));
//Seitenzahlen
list($count) = $db->first("SELECT count(id) FROM " . PRE . "_comments WHERE ( module='" . addslashes($this->module) . "' AND mid='" . $this->mid . "' AND active='1' )");
pages($page, $count, $this->set['epp'], 'comp', 'COMMENT');
//Sortierreihenfolge
if ($this->set['order'] == 1) {
$order = "a.time ASC";
} else {
$order = "a.time DESC";
}
//Kommentare auslesen
$data = $db->fetch("SELECT a.* FROM " . PRE . "_comments AS a WHERE ( module='" . addslashes($this->module) . "' AND a.mid='" . $this->mid . "' AND a.active='1' ) ORDER BY " . $order . " " . getlimit($this->set['epp'], 'comp'));
if (!count($data)) {
return;
}
//Nummerierungs-Anfang
if ($this->set['epp']) {
if ($this->set['order'] == 0) {
$entrynumber = $count - ($_REQUEST['comp'] - 1) * $this->set['epp'];
} else {
$entrynumber = 1 + ($_REQUEST['comp'] - 1) * $this->set['epp'];
}
} else {
if ($this->set['order'] == 0) {
$entrynumber = $count;
} else {
$entrynumber = 1;
}
}
foreach ($data as $res) {
++$i;
if ($res['userid'] && !isset($userinfo[$res['userid']])) {
$userinfo[$res['userid']] = $user->get_info($res['userid'], 'username,email,pub_hidemail,homepage,avatar,avatar_title,signature,lastactive,pub_invisible,custom1,custom2,custom3,custom4,custom5,custom6,custom7,custom8,custom9,custom10');
}
if ($res['userid'] && $userinfo[$res['userid']]) {
$tabledata[$i]['USERID'] = $res['userid'];
$tabledata[$i]['NAME'] = replace($userinfo[$res['userid']]['username']);
$tabledata[$i]['EMAIL'] = replace(iif(!$userinfo[$res['userid']]['pub_hidemail'], $userinfo[$res['userid']]['email']));
$tabledata[$i]['EMAIL_ENCRYPTED'] = replace(iif(!$userinfo[$res['userid']]['pub_hidemail'], cryptMail($userinfo[$res['userid']]['email'])));
$tabledata[$i]['HOMEPAGE'] = replace($userinfo[$res['userid']]['homepage']);
$tabledata[$i]['AVATAR'] = $user->mkavatar($userinfo[$res['userid']]);
$tabledata[$i]['AVATAR_TITLE'] = $user->mkavtitle($userinfo[$res['userid']]);
$tabledata[$i]['SIGNATURE'] = $user->mksig($userinfo[$res['userid']]);
$tabledata[$i]['ONLINE'] = iif(!$userinfo[$res['userid']]['pub_invisible'] && $userinfo[$res['userid']]['lastactive'] + $set['user']['timeout'] * 60 >= time(), 1, 0);
$tabledata[$i]['ISONLINE'] = $tabledata[$i]['ONLINE'];
//Custom-Felder
for ($ii = 1; $ii <= 10; $ii++) {
$tabledata[$i]['CUSTOM' . $ii . '_NAME'] = $set['user']['cusfield_names'][$ii - 1];
$tabledata[$i]['CUSTOM' . $ii] = compatible_hsc($userinfo[$res['userid']]['custom' . $ii]);
}
} else {
$tabledata[$i]['NAME'] = replace($res['username']);
$tabledata[$i]['EMAIL'] = replace($res['email']);
$tabledata[$i]['EMAIL_ENCRYPTED'] = replace(cryptMail($res['email']));
$tabledata[$i]['HOMEPAGE'] = replace($res['homepage']);
}
//Text
$text = $res['text'];
if ($this->set['badwords']) {
$text = badwords($text);
}
$text = replace($text, 1);
if ($this->set['breakline']) {
$text = wordwrapHTML($text, $this->set['breakline'], "\n");
}
if ($this->set['allowsmilies']) {
$text = dbsmilies($text);
}
if ($this->set['allowcode']) {
$text = dbcodes($text);
}
//Titel
$title = $res['title'];
if ($this->set['breakline']) {
$title = wordwrap($title, $this->set['breakline'], "\n", 1);
}
if ($this->set['badwords']) {
$title = badwords($title);
}
$title = replace($title);
$tabledata[$i]['TEXT'] = $text;
$tabledata[$i]['TITLE'] = $title;
$tabledata[$i]['TIME'] = $res['time'];
$tabledata[$i]['NUMBER'] = $entrynumber;
//Admin-Links
if ($_COOKIE[$set['main']['cookie_pre'] . '_admin_userid'] && $_COOKIE[$set['main']['cookie_pre'] . '_admin_password']) {
$tabledata[$i]['EDITLINK'] = HTTPDIR . 'admin/action.php?action=comments.edit&module=' . $this->module . '&mid=' . $this->mid . '&id=' . $res['id'] . '&outer=1';
$tabledata[$i]['DELETELINK'] = HTTPDIR . 'admin/action.php?action=comments.del&module=' . $this->module . '&mid=' . $this->mid . '&id=' . $res['id'] . '&outer=1';
}
//Melden
$link_report = "javascript:popupwin('misc.php?action=comments_report&id=" . $res['id'] . "&url='+escape(window.location.href),500,300);";
$tabledata[$i]['REPORTLINK'] = $link_report;
//Kommentarnummer
if ($this->set['order'] == 0) {
--$entrynumber;
} else {
++$entrynumber;
}
}
return $tabledata;
}
function systems_del()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
printInvalidToken();
} else {
$db->query("DELETE FROM " . PRE . "_products_groups WHERE grouptype='system' AND id='" . $_REQUEST['id'] . "'");
logit('PRODUCTS_SYSTEMS_DEL', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('products.systems'));
}
} else {
list($title) = $db->first("SELECT title FROM " . PRE . "_products_groups WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('MESSAGE', $apx->lang->get('DEL_TEXT', array('TITLE' => compatible_hsc($title))));
tmessageOverlay('sysdel', array('ID' => $_REQUEST['id']));
}
}
$apx->tmpl->assign('INTERESTS', compatible_hsc($user->info['interests']));
$apx->tmpl->assign('WORK', compatible_hsc($user->info['work']));
$apx->tmpl->assign('GENDER', (int) $user->info['gender']);
$apx->tmpl->assign('BD_DAY', (int) $bd['bd_day']);
$apx->tmpl->assign('BD_MONTH', (int) $bd['bd_month']);
$apx->tmpl->assign('BD_YEAR', (int) $bd['bd_year']);
$apx->tmpl->assign('AGECONFIRMED', (int) $user->info['ageconfirmed']);
$apx->tmpl->assign('INVISIBLE', (int) $user->info['pub_invisible']);
$apx->tmpl->assign('HIDEMAIL', (int) $user->info['pub_hidemail']);
$apx->tmpl->assign('POPPM', (int) $user->info['pub_poppm']);
$apx->tmpl->assign('MAILPM', (int) $user->info['pub_mailpm']);
$apx->tmpl->assign('SHOWBUDDIES', (int) $user->info['pub_showbuddies']);
$apx->tmpl->assign('USEGB', (int) $user->info['pub_usegb']);
$apx->tmpl->assign('GBMAIL', (int) $user->info['pub_gbmail']);
$apx->tmpl->assign('PROFILEFORFRIENDS', (int) $user->info['pub_profileforfriends']);
$apx->tmpl->assign('AUTOSUBSCRIBE', (int) $user->info['forum_autosubscribe']);
$apx->tmpl->assign('LANG', $langdata);
$apx->tmpl->assign('THEME', $themedata);
$apx->tmpl->assign('PWDLENGTH', $set['user']['pwdminlen']);
//Alte Platzhalter zwecks Abwärtskompatiblität
$apx->tmpl->assign('LANGLIST', $langlist);
$apx->tmpl->assign('THEMELIST', $themelist);
//Custom-Felder
for ($i = 1; $i <= 10; $i++) {
$apx->tmpl->assign('CUSTOM' . $i . '_NAME', $set['user']['cusfield_names'][$i - 1]);
$apx->tmpl->assign('CUSTOM' . $i, compatible_hsc($user->info['custom' . $i]));
}
$postto = mklink('user.php?action=myprofile', 'user,myprofile.html');
$apx->tmpl->assign('POSTTO', $postto);
$apx->tmpl->parse('myprofile');
}
function filetypes_del()
{
global $set, $apx, $db;
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send']) {
if (!checkToken()) {
printInvalidToken();
} else {
$db->query("DELETE FROM " . PRE . "_forum_filetypes WHERE ext='" . addslashes(strtolower($_REQUEST['id'])) . "'");
logit('FORUM_FILETYPEDEL', $_REQUEST['id']);
printJSRedirect('action.php?action=forum.filetypes');
}
} else {
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($_REQUEST['id']))));
tmessageOverlay('filetypedel', array('ID' => $_REQUEST['id']));
}
}
}
} else {
//Vorschau
if ($_POST['preview']) {
$text = $_POST['text'];
$text = badwords($text);
$text = replace($text, 1);
$text = dbsmilies($text);
$text = dbcodes($text);
$apx->tmpl->assign('PREVIEW', $text);
} else {
list($_POST['title'], $_POST['text'], $_POST['allowcoms']) = $db->first("SELECT title,text,allowcoms FROM " . PRE . "_user_blog WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
}
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('ALLOWCOMS', intval($_POST['allowcoms']));
$apx->tmpl->assign('POSTTO', mklink('user.php?action=myblog', 'user,myblog.html'));
$apx->tmpl->parse('myblog_addedit');
}
require 'lib/_end.php';
} elseif ($_REQUEST['do'] == 'del') {
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send']) {
$db->query("DELETE FROM " . PRE . "_user_blog WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
message($apx->lang->get('MSG_DEL_OK'), mklink('user.php?action=myblog', 'user,myblog.html'));
} else {
tmessage('delblog', array('ID' => $_REQUEST['id']));
$data = $db->fetch("SELECT ignored FROM " . PRE . "_user_ignore WHERE userid='" . $user->info['userid'] . "'");
$existing = get_ids($data, 'ignored');
if (!$userid) {
message($apx->lang->get('MSG_NOMATCH'), 'back');
} elseif (in_array($userid, $existing)) {
message($apx->lang->get('MSG_EXISTS'), 'back');
} elseif ($userid == $user->info['userid']) {
message($apx->lang->get('MSG_NOTSELF'), 'back');
} else {
$db->query("INSERT INTO " . PRE . "_user_ignore (userid,ignored,reason) VALUES ('" . $user->info['userid'] . "','" . $userid . "','" . addslashes($_POST['reason']) . "')");
$goto = mklink('user.php?action=ignorelist', 'user,ignorelist.html');
message($apx->lang->get('MSG_ADD_OK'), $goto);
}
}
} else {
tmessage('addignore', array('USERNAME' => compatible_hsc($_REQUEST['username'])));
}
} elseif ($_REQUEST['del']) {
if ($_POST['del']) {
$db->query("DELETE FROM " . PRE . "_user_ignore WHERE userid='" . $user->info['userid'] . "' AND ignored='" . intval($_POST['del']) . "' LIMIT 1");
$goto = mklink('user.php?action=ignorelist', 'user,ignorelist.html');
message($apx->lang->get('MSG_DEL_OK'), $goto);
} else {
tmessage('delignore', array('ID' => $_REQUEST['del']));
}
} else {
//Ignorierte Benutzer auslesen
$data = $db->fetch("SELECT u.userid,u.username,i.reason FROM " . PRE . "_user_ignore AS i LEFT JOIN " . PRE . "_user AS u ON i.ignored=u.userid WHERE i.userid='" . $user->info['userid'] . "' ORDER BY u.username ASC");
if (count($data)) {
foreach ($data as $res) {
++$i;
$statusSmileyPath = $smiley['file'];
break;
}
}
$apx->tmpl->assign('USERID', $res['userid']);
$apx->tmpl->assign('USERNAME', replace($res['username']));
$apx->tmpl->assign('GROUP', replace($groupname));
$apx->tmpl->assign('REGDATE', $res['reg_time']);
$apx->tmpl->assign('REGDAYS', floor((time() - $res['reg_time']) / (24 * 3600)));
$apx->tmpl->assign('LASTACTIVE', (int) $res['lastactive']);
$apx->tmpl->assign('IS_ONLINE', iif(!$res['pub_invisible'] && $res['lastactive'] + $set['user']['timeout'] * 60 >= time(), 1, 0));
$apx->tmpl->assign('EMAIL', replace($res['email']));
$apx->tmpl->assign('EMAIL_ENCRYPTED', cryptMail($res['email']));
$apx->tmpl->assign('HIDEMAIL', $res['pub_hidemail']);
$apx->tmpl->assign('STATUS', replace($res['status']));
$apx->tmpl->assign('STATUS_SMILEY', compatible_hsc($statusSmileyPath));
$apx->tmpl->assign('STATUS_SMILEY_CODE', replace($res['status_smiley']));
$apx->tmpl->assign('HOMEPAGE', replace($res['homepage']));
$apx->tmpl->assign('ICQ', replace($res['icq']));
$apx->tmpl->assign('AIM', replace($res['aim']));
$apx->tmpl->assign('YIM', replace($res['yim']));
$apx->tmpl->assign('MSN', replace($res['msn']));
$apx->tmpl->assign('SKYPE', replace($res['skype']));
$apx->tmpl->assign('REALNAME', replace($res['realname']));
$apx->tmpl->assign('CITY', replace($res['city']));
$apx->tmpl->assign('PLZ', replace($res['plz']));
$apx->tmpl->assign('COUNTRY', replace($res['country']));
$apx->tmpl->assign('INTERESTS', replace($res['interests']));
$apx->tmpl->assign('WORK', replace($res['work']));
$apx->tmpl->assign('GENDER', (int) $res['gender']);
$apx->tmpl->assign('BIRTHDAY', $birthday);
require 'lib/_end.php';
}
$db->query("UPDATE " . PRE . "_user SET avatar='" . addslashes($newfile) . "',avatar_title='" . addslashes($_POST['avatar_title']) . "' WHERE userid='" . $user->info['userid'] . "' LIMIT 1");
if ($user->info['avatar']) {
$mm->deletefile('user/' . $user->info['avatar']);
}
message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html'));
}
}
} elseif ($_POST['delav']) {
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$mm->deletefile('user/' . $user->info['avatar']);
$db->query("UPDATE " . PRE . "_user SET avatar='',avatar_title='' WHERE userid='" . $user->info['userid'] . "' LIMIT 1");
message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html'));
} else {
$db->query("UPDATE " . PRE . "_user SET avatar_title='" . addslashes($_POST['avatar_title']) . "' WHERE userid='" . $user->info['userid'] . "' LIMIT 1");
message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html'));
}
} else {
if ($user->info['avatar']) {
$apx->tmpl->assign('CURRENT_AVATAR', $user->mkavatar($user->info));
$apx->tmpl->assign('CURRENT_TITLE', $user->mkavtitle($user->info));
}
$apx->tmpl->assign('MAX_DIMENSIONS', $set['user']['avatar_maxdim']);
$apx->tmpl->assign('MAX_FILESIZE', user_getsize($set['user']['avatar_maxsize'], 0));
$postto = mklink('user.php?action=avatar', 'user,avatar.html');
$apx->tmpl->assign('POSTTO', $postto);
$apx->tmpl->assign('AVATAR_TITLE', compatible_hsc($user->info['avatar_title']));
$apx->tmpl->parse('avatar');
}
//Die letzten 10 Beiträge
$data = $db->fetch("SELECT postid,userid,username,text,time,allowcodes,allowsmilies FROM " . PRE . "_forum_posts WHERE ( del=0 AND threadid='" . $threadinfo['threadid'] . "' ) ORDER BY time DESC LIMIT 10");
if (count($data)) {
foreach ($data as $res) {
++$i;
//Text
$text = forum_replace($res['text'], $res['allowcodes'], $res['allowsmilies']);
$postdata[$i]['ID'] = $res['postid'];
$postdata[$i]['USERID'] = $res['userid'];
$postdata[$i]['USERNAME'] = replace($res['username']);
$postdata[$i]['TEXT'] = $text;
$postdata[$i]['TIME'] = $res['time'];
}
}
$apx->tmpl->assign('POST', $postdata);
$apx->tmpl->assign('ATTACH', forum_access_addattachment($foruminfo));
$apx->tmpl->assign('ID', $threadinfo['threadid']);
$apx->tmpl->assign('HASH', $_POST['hash']);
$apx->tmpl->parse('newpost');
////////////////////////////////////////////////////////////////////////////////////////////////////////
$threadpath = array(array('TITLE' => trim(compatible_hsc(strip_tags(forum_get_prefix($threadinfo['prefix']) . ' ') . $threadinfo['title'])), 'LINK' => mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html')));
$apx->tmpl->assign_static('STYLESHEET', compatible_hsc($foruminfo['stylesheet']));
$apx->tmpl->assign('PATH', array_merge(forum_path($foruminfo, 1), $threadpath));
$apx->tmpl->assign('PATHEND', $apx->lang->get('HEADLINE_NEWPOST'));
titlebar($apx->lang->get('HEADLINE_NEWPOST'));
////////////////////////////////////////////////////////////////////////////////////////////////////////
require 'lib/_end.php';
///////////////////////////////////////////////////////////////////////////
require '../lib/_end.php';
//////////////////////////////////////////////////////// SCRIPT BEENDEN ///
////////////////////////////////////////////////////////////////////////////////////////////////////////
function blockcontent()
{
global $set, $db, $apx, $html;
$_REQUEST['key'] = (int) $_REQUEST['key'];
//IP löschen
if ($_REQUEST['do'] == 'del') {
if ($_POST['send']) {
if (!checkToken()) {
printInvalidToken();
} else {
unset($set['guestbook']['blockstring'][$_REQUEST['id']]);
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($set['guestbook']['blockstring'])) . "' WHERE module='guestbook' AND varname='blockstring' LIMIT 1");
printJSRedirect('action.php?action=guestbook.blockcontent');
}
} else {
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_DEL', array('TITLE' => compatible_hsc($set['guestbook']['blockstring'][$_REQUEST['id']]))));
tmessageOverlay('contentdel', array('ID' => $_REQUEST['id']));
}
return;
} elseif ($_REQUEST['do'] == 'add') {
if (!checkToken()) {
printInvalidToken();
} elseif (!$_POST['string']) {
infoNotComplete();
} else {
$set['guestbook']['blockstring'][] = $_POST['string'];
$db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($set['guestbook']['blockstring'])) . "' WHERE module='guestbook' AND varname='blockstring' LIMIT 1");
printJSRedirect('action.php?action=guestbook.blockcontent');
}
return;
}
quicklink_index('guestbook.show');
quicklink_out();
//AUFLISTUNG BEGINNT
$strings = $set['guestbook']['blockstring'];
if (!is_array($strings)) {
$strings = array();
}
$strings = array_sort($strings, 0, 'asc');
$col[] = array('TITLE_GUESTBOOK_BLOCKCONTENT', 100, 'class="title"');
foreach ($strings as $i => $res) {
$tabledata[$i]['COL1'] = $res;
$tabledata[$i]['OPTIONS'] = optionHTMLOverlay('del.gif', 'guestbook.blockcontent', 'do=del&id=' . $i, $apx->lang->get('CORE_DEL'));
}
$apx->tmpl->assign('TABLE', $tabledata);
$html->table($col);
$apx->tmpl->parse('blockcontent');
}
function optionHTMLOverlay($icon, $actionid, $params, $title = false)
{
static $modules;
global $reg, $apx;
if (!$title) {
$title = $apx->lang->get('TITLE_' . strtoupper($apx->module()) . '_' . strtoupper($apx->action()));
}
return '<a href="javascript:MessageOverlayManager.createLayer(\'action.php?action=' . $actionid . '&' . compatible_hsc($params) . '\');" title="' . $title . '"><img src="design/' . $icon . '" alt="' . $title . '" /></a>';
}