$errormsg .= $cs_lang['email_false'] . cs_html_br(1); } include_once 'mods/contact/trashmail.php'; if (cs_trashmail($register['email'])) { $error++; $errormsg .= $cs_lang['email_false'] . cs_html_br(1); } $flood = cs_sql_select(__FILE__, 'users', 'users_register', 0, 'users_register DESC'); $maxtime = $flood['users_register'] + $cs_main['def_flood']; if ($maxtime > cs_time()) { $error++; $diff = $maxtime - cs_time(); $errormsg .= sprintf($cs_lang['flood_on'], $diff) . cs_html_br(1); } if (empty($op_users['def_register']) or $op_users['def_register'] == '2') { if (!cs_captchacheck($_POST['captcha'])) { $error++; $errormsg .= $cs_lang['captcha_false'] . cs_html_br(1); } } isset($_POST['send_mail']) ? $rgsm = $_POST['send_mail'] : ($rgsm = 0); $register['send_mail'] = $rgsm; } else { $register['lang'] = $cs_main['def_lang']; $register['nick'] = ''; $register['password'] = ''; $register['email'] = ''; $register['send_mail'] = 0; $register['newsletter'] = ''; } if (!isset($_POST['submit'])) {
function cs_commments_create($com_fid, $mod, $action, $quote_id, $mod_name, $close = 0, $more = 'id') { $cs_lang = cs_translate('comments'); global $account, $cs_main; settype($com_fid, 'integer'); settype($quote_id, 'integer'); settype($close, 'integer'); $data['head']['mod'] = $mod_name; $data['if']['preview'] = FALSE; $data['if']['guest'] = FALSE; #guest $data['if']['captcha'] = FALSE; #guest $guestnick = ''; $op_comments = cs_sql_option(__FILE__, 'comments'); if (!empty($account['users_id']) or !empty($op_comments['allow_unreg'])) { if (!empty($quote_id)) { $cells = 'users_id, comments_text, comments_time, comments_fid, comments_guestnick'; $cs_com = cs_sql_select(__FILE__, 'comments', $cells, "comments_id = '" . $quote_id . "'"); $com_fid = $cs_com['comments_fid']; if (!empty($cs_com['users_id'])) { $cs_users = cs_sql_select(__FILE__, 'users', 'users_nick', "users_id = '" . $cs_com['users_id'] . "'"); $url = cs_url('users', 'view', 'id=' . $cs_com['users_id']); $text = cs_date('unix', $cs_com['comments_time'], 1) . ' - [url=' . $url . ']'; $text .= $cs_users['users_nick'] . "[/url]:\r\n[quote]" . $cs_com['comments_text'] . '[/quote]'; } else { //if guest $text = cs_date('unix', $cs_com['comments_time'], 1) . ' - '; $text .= $cs_com['comments_guestnick'] . ":\r\n[quote]" . $cs_com['comments_text'] . '[/quote]'; } } elseif (isset($_POST['submit']) or isset($_POST['preview']) or isset($_POST['advanced'])) { $text = $_POST['comments_text']; $find = "comments_mod = '" . cs_sql_escape($mod) . "' AND comments_fid = " . (int) $com_fid; $last_from = cs_sql_select(__FILE__, 'comments', 'users_id, comments_ip', $find, 'comments_id DESC'); $ip = cs_getip(); $error = ''; if (empty($account['users_id'])) { $guestnick = $_POST['comments_guestnick']; if (empty($guestnick)) { $error .= $cs_lang['no_guestnick'] . cs_html_br(1); } else { $op_users = cs_sql_option(__FILE__, 'users'); $nick2 = str_replace(' ', '', $guestnick); $nickchars = strlen($nick2); if ($nickchars < $op_users['min_letters']) { $error .= sprintf($cs_lang['short_guestnick'], $op_users['min_letters']) . cs_html_br(1); } $search_nick = cs_sql_count(__FILE__, 'users', "users_nick = '" . cs_sql_escape($guestnick) . "'"); if (!empty($search_nick)) { $error .= $cs_lang['nick_exists'] . cs_html_br(1); } } if (!cs_captchacheck($_POST['captcha'])) { $error .= $cs_lang['captcha_false'] . cs_html_br(1); } if ($ip == $last_from['comments_ip']) { $error .= $cs_lang['last_own'] . cs_html_br(1); } $where = "comments_ip = '" . cs_sql_escape($ip) . "'"; } else { if ($account['users_id'] == $last_from['users_id']) { $error .= $cs_lang['last_own'] . cs_html_br(1); } $where = "users_id = " . (int) $account['users_id']; } if (empty($text)) { $error .= $cs_lang['no_text'] . cs_html_br(1); } $and_mod = " AND comments_mod = '" . cs_sql_escape($mod) . "'"; $flood = cs_sql_select(__FILE__, 'comments', 'comments_time', $where . $and_mod, 'comments_time DESC'); $maxtime = $flood['comments_time'] + $cs_main['def_flood']; if ($maxtime > cs_time()) { $diff = $maxtime - cs_time(); $error .= sprintf($cs_lang['flood_on'], $diff); } if (!empty($close)) { $error .= $cs_lang['closed'] . cs_html_br(1); } } else { $text = ''; } if (!isset($_POST['submit']) and !isset($_POST['preview'])) { $data['head']['body'] = $cs_lang['body_com_create']; } elseif (!empty($error)) { $data['head']['body'] = $error; } elseif (isset($_POST['preview'])) { $data['head']['body'] = $cs_lang['preview']; } if (isset($_POST['preview']) and empty($error)) { $data['if']['preview'] = true; $userid = $account['users_id']; if (!empty($userid)) { $data['if']['guest_prev'] = FALSE; $data['if']['user_prev'] = TRUE; $select = 'users_nick, users_laston, users_place, users_country, users_active, users_invisible, users_delete'; $cs_user = cs_sql_select(__FILE__, 'users', $select, "users_id = '" . $userid . "'"); $user = cs_secure($cs_user['users_nick']); $url = 'symbols/countries/' . $cs_user['users_country'] . '.png'; $data['prev']['flag'] = cs_html_img($url, 11, 16); $data['prev']['user'] = cs_user($userid, $cs_user['users_nick'], $cs_user['users_active'], $cs_user['users_delete']); $data['prev']['status'] = cs_userstatus($cs_user['users_laston'], $cs_user['users_invisible']); $data['prev']['laston'] = empty($cs_user['users_invisible']) ? '--' : cs_date('unix', $cs_user['users_laston']); $place = empty($cs_user['users_place']) ? '-' : $cs_user['users_place']; $data['prev']['place'] = cs_secure($place); $who = "users_id = " . (int) $userid; $count_com[$userid] = cs_sql_count(__FILE__, 'comments', $who); $data['prev']['posts'] = $count_com[$userid]; } else { $data['if']['guest_prev'] = TRUE; $data['if']['user_prev'] = FALSE; $data['prev']['guestnick'] = cs_secure($guestnick); } $opt = "comments_mod = '" . cs_sql_escape($mod) . "' AND comments_fid = " . (int) $com_fid; $count_com = cs_sql_count(__FILE__, 'comments', $opt); $data['prev']['count_com'] = $count_com + 1; $data['prev']['date'] = cs_date('unix', cs_time(), 1); $data['prev']['text'] = cs_secure($text, 1, 1); } if (!empty($error) or isset($_POST['preview']) or !isset($_POST['submit'])) { $data['com']['form_name'] = $mod . '_com_create'; $data['com']['form_url'] = cs_url($mod, 'com_create'); $data['com']['smileys'] = cs_abcode_smileys('comments_text'); $data['com']['abcode'] = cs_abcode_features('comments_text'); // if guest if (empty($account['users_id'])) { $data['if']['guest'] = TRUE; $data['com']['guestnick'] = $guestnick; if (extension_loaded('gd')) { $data['if']['captcha'] = TRUE; $data['captcha']['img'] = cs_html_img('mods/captcha/generate.php?time=' . cs_time()); } } $data['com']['text'] = $text; $data['com']['fid'] = $com_fid; echo cs_subtemplate(__FILE__, $data, 'comments', 'com_create'); require_once 'mods/comments/functions.php'; $com_where = "comments_mod = '" . cs_sql_escape($mod) . "' AND comments_fid = " . (int) $com_fid; $count = cs_sql_count(__FILE__, 'comments', $com_where); cs_comments_view($com_fid, $mod, 'com_create', $count, false, 5); } elseif (empty($quote_id)) { $opt = "comments_mod = '" . cs_sql_escape($mod) . "' AND comments_fid = " . (int) $com_fid; $count_com = cs_sql_count(__FILE__, 'comments', $opt); $start = floor($count_com / $account['users_limit']) * $account['users_limit']; $user_ip = cs_getip(); $com_cells = array('users_id', 'comments_fid', 'comments_mod', 'comments_ip', 'comments_time', 'comments_text', 'comments_guestnick'); $com_save = array($account['users_id'], $com_fid, $mod, $user_ip, cs_time(), $text, $guestnick); cs_sql_insert(__FILE__, 'comments', $com_cells, $com_save); $more_action = $more . '=' . $com_fid . '&start=' . $start . '#com' . ++$count_com; cs_redirect($cs_lang['create_done'], $mod, $action, $more_action); } } else { cs_redirect('', 'errors', '403'); } }
if (!empty($_POST['sh_text2'])) { $cs_shout['shoutbox_text'] = $_POST['sh_text2']; } $error = ''; if ($cs_shout['shoutbox_name'] == 'Nick' or empty($cs_shout['shoutbox_name'])) { $error .= cs_html_br(1) . '- ' . $cs_lang['no_name']; $cs_shout['shoutbox_name'] = ''; } if (empty($cs_shout['shoutbox_text'])) { $error .= cs_html_br(1) . ' ' . $cs_lang['no_text']; } if (strlen($cs_shout['shoutbox_text']) > $opt['max_text']) { $signs = strlen($cs_shout['shoutbox_text']) - $opt['max_text']; $error .= cs_html_br(1) . '- ' . sprintf($cs_lang['too_long'], $signs); } if (empty($account['users_id']) && !cs_captchacheck($_POST['captcha'], 1)) { $error .= cs_html_br(1) . ' ' . $cs_lang['captcha_false'] . cs_html_br(1); } $cond = 'shoutbox_ip = \'' . cs_sql_escape($cs_shout['shoutbox_ip']) . '\''; $flood = cs_sql_select(__FILE__, 'shoutbox', 'shoutbox_date', $cond, 'shoutbox_date DESC'); $maxtime = $flood['shoutbox_date'] + $cs_main['def_flood']; $time_now = cs_time(); if ($maxtime > $time_now) { $diff = $maxtime - $time_now; $error .= cs_html_br(1) . '- ' . sprintf($cs_lang['flood'], $diff); } $text = cs_sql_escape($cs_shout['shoutbox_text']); $min = $time_now - 600; // 10 min $where = "shoutbox_text = '" . $text . "' AND shoutbox_ip = '" . cs_sql_escape($cs_shout['shoutbox_ip']) . "'"; $where .= " AND shoutbox_date > '" . $min . "'";
<?php // ClanSphere 2010 - www.clansphere.net // $Id$ $cs_lang = cs_translate('users'); $cs_contact = cs_sql_option(__FILE__, 'contact'); $captcha = extension_loaded('gd') ? 1 : 0; $checked = 0; $success = 0; $error = 0; $errormsg = ''; if (isset($_POST['submit'])) { $sendpw['email'] = $_POST['email']; $sendpw['email_send'] = empty($_POST['email_send']) ? 0 : 1; if (empty($sendpw['email_send']) && !cs_captchacheck($_POST['captcha'])) { $error++; $errormsg .= $cs_lang['captcha_false'] . cs_html_br(1); } $search_email = cs_sql_count(__FILE__, 'users', "users_email = '" . cs_sql_escape($sendpw['email']) . "'"); if (empty($search_email)) { $error++; $errormsg .= $cs_lang['email_unknown'] . cs_html_br(1); } if (!empty($sendpw['email_send']) and empty($error)) { $sendpw['key'] = $_POST['key']; $sendpw['new_pwd'] = $_POST['new_pwd']; $pwd2 = str_replace(' ', '', $sendpw['new_pwd']); $pwdchars = strlen($pwd2); if ($pwdchars < 4) { $error++; $errormsg .= $cs_lang['short_pwd'] . cs_html_br(1);