$design->header();
$tpl = new tpl('user/regist');
$tpl->set_out('regeln', bbcode($allgAr['allg_regeln']), 0);
$design->footer();
break;
case 2:
$name = '';
$email = '';
if (!empty($_POST['nutz'])) {
$name = escape($_POST['nutz'], 'string');
}
if (!empty($_POST['email'])) {
$email = escape($_POST['email'], 'string');
}
$ch_name = false;
$xname = escape_nickname($name);
if (!empty($name) and $xname == $name and 0 == db_result(db_query("SELECT COUNT(*) FROM `prefix_user` WHERE `name_clean` = BINARY '" . get_lower($name) . "'"), 0)) {
$ch_name = true;
}
$ch_email = false;
$xemail = escape_for_email($email);
if (!empty($email) and $xemail == $email and 0 == db_result(db_query("SELECT COUNT(*) FROM `prefix_user` WHERE `email` = BINARY '" . get_lower($email) . "'"), 0)) {
$ch_email = true;
}
if (empty($name) or empty($email) or $name != $xname or $ch_name == false or $email != $xemail or $ch_email == false) {
$title = $allgAr['title'] . ' :: Users :: Registrieren :: Step 2 von 3';
$hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">User</a><b> » </b><a class="smalfont" href="?user-regist">Registrieren</a><b> » </b>Step 2 von 3' . $extented_forum_menu_sufix;
$header = array('jquery/pstrength-min.1.2.js', 'jquery/pstrength.css', 'jquery/jquery.validate.js', 'forms/regist.js');
$design = new design($title, $hmenu, 1);
$design->header($header);
if (empty($name) or empty($email)) {
$dppk_time = time();
$time = time();
if (!isset($_SESSION['klicktime'])) {
$_SESSION['klicktime'] = 0;
}
$topic = '';
$txt = '';
$xnn = '';
if (isset($_POST['topic'])) {
$topic = trim(escape($_POST['topic'], 'string'));
}
if (isset($_POST['txt'])) {
$txt = trim(escape($_POST['txt'], 'textarea'));
}
if (isset($_POST['Gname'])) {
$xnn = trim(escape_nickname($_POST['Gname']));
}
if ($_SESSION['klicktime'] + 15 > $dppk_time or empty($topic) or empty($txt) or !empty($_POST['priview']) or empty($_POST['Gname']) and !loggedin() or !chk_antispam('newtopic')) {
$design = new design($title, $hmenu, 1);
$design->header($load);
$tpl = new tpl('forum/newtopic');
$name = '';
if (!loggedin()) {
$name = '<tr><td class="Cmite"0><b>' . $lang['name'] . '</b></td>';
$name .= '<td class="Cnorm"><input type="text" value="' . unescape($xnn) . '" maxlength="15" name="Gname"></td></tr>';
}
if (isset($_POST['priview'])) {
$tpl->set_out('txt', bbcode(unescape($txt)), 0);
}
$ar = array('name' => $name, 'txt' => escape_for_fields(unescape($txt)), 'topic' => escape_for_fields(unescape($topic)), 'fid' => $fid, 'SMILIES' => getsmilies(), 'antispam' => get_antispam('newtopic', 1));
$tpl->set_ar_out($ar, 1);
if (strlen($_POST['txt']) > $allgAr['Gtxtl']) {
$fehler .= '· ' . sprintf($lang['gbooktexttolong'], $allgAr['Gtxtl']) . '<br/>';
}
if (trim($_POST['txt']) == '') {
$fehler .= '· ' . $lang['emptymessage'] . '<br/>';
}
if (chk_antispam('gbook') != true) {
$fehler .= '· ' . $lang['incorrectspam'] . '<br/>';
}
//
if ($fehler == '') {
$txt = escape($_POST['txt'], 'textarea');
if ($_SESSION['authid'] == 0) {
$name = escape_nickname($_POST['name'], 'string') . ' (Gast)';
} else {
$name = escape_nickname($_POST['name'], 'string');
}
$mail = escape($_POST['mail'], 'string');
$page = escape($_POST['page'], 'string');
db_query("INSERT INTO `prefix_gbook` (`name`,`mail`,`page`,`time`,`ip`,`txt`) VALUES ('" . $name . "', '" . $mail . "', '" . $page . "', '" . time() . "', '" . getip() . "', '" . $txt . "')");
$_SESSION['klicktime_gbook'] = $dppk_time;
wd('index.php?gbook', $lang['insertsuccessful']);
} else {
showForm($_POST["txt"], $_POST["mail"], $_POST["page"], '<div id="formfehler">' . $fehler . '</div>');
}
} else {
showForm();
break;
}
break;
case 'show':
if (isset($_POST['Gname'])) {
$xnn = trim(escape_nickname($_POST['Gname']));
}
if ($_SESSION['klicktime'] + 15 > $dppk_time or empty($txt) or !empty($_POST['priview']) or empty($_POST['Gname']) and !loggedin() or !chk_antispam('newpost')) {
$design = new design($title, $hmenu, 1);
$design->header();
$name = '';
if (!loggedin()) {
$name = '<tr><td class="Cmite"0><b>' . $lang['name'] . '</b></td>';
$name .= '<td class="Cnorm"><input type="text" value="' . unescape($xnn) . '" maxlength="15" name="Gname"></td></tr>';
}
$tpl = new tpl('forum/newpost');
$xtext = '';
if ($menu->getA(3) == 'z') {
$row = db_fetch_object(db_query("SELECT txt,erst FROM prefix_posts WHERE id = " . $menu->getE(3)));
$xtext = '[quote=' . escape_nickname($row->erst) . ']' . "\n" . $row->txt . "\n[/quote]";
}
if ($menu->getA(3) == 'f') {
$r = db_fetch_assoc(db_query("SELECT id,text,title FROM prefix_faqs WHERE id = " . $menu->getE(3)));
$xtext = 'FAQ Artikel: [url=index.php?faqs-s' . $r['id'] . '#FAQ' . $r['id'] . ']' . $r['title'] . '[/url]' . "\n" . unescape($r['text']);
}
if (isset($_POST['priview'])) {
$tpl->set_out('txt', bbcode(unescape($txt)), 0);
}
if (empty($txt)) {
$txt = $xtext;
}
$tpl = new tpl('forum/newpost');
$ar = array('txt' => escape_for_fields(unescape($txt)), 'tid' => $tid, 'name' => $name, 'SMILIES' => getsmilies(), 'antispam' => get_antispam('newpost', 1));
$tpl->set_ar_out($ar, 1);
$erg = db_query('SELECT erst, txt FROM `prefix_posts` WHERE tid = "' . $tid . '" ORDER BY time DESC LIMIT 0,5');
function user_login_check()
{
if (isset($_POST['user_login_sub']) and isset($_POST['name']) and isset($_POST['pass'])) {
debug('posts vorhanden');
$name = escape_nickname($_POST['name']);
if ($name != $_POST['name'] or strlen($_POST['name']) > 15) {
return false;
}
$erg = db_query("SELECT name,id,recht,pass,llogin FROM prefix_user WHERE name = BINARY '" . $name . "'");
if (db_num_rows($erg) == 1) {
debug('user gefunden');
$row = db_fetch_assoc($erg);
if (user_pw_check($_POST['pass'], $row['pass'], $row['id'])) {
debug('passwort stimmt ... ' . $row['name']);
$_SESSION['authname'] = $row['name'];
$_SESSION['authid'] = $row['id'];
$_SESSION['authright'] = $row['recht'];
$_SESSION['lastlogin'] = $row['llogin'];
$_SESSION['authsess'] = session_und_cookie_name();
db_query("UPDATE prefix_online SET uid = " . $_SESSION['authid'] . " WHERE sid = '" . session_id() . "'");
user_set_cookie($row['id'], $row['pass']);
user_set_grps_and_modules();
return true;
}
}
global $menu;
$menu->set_url(0, 'user');
$menu->set_url(1, 'login');
}
return false;
}
$s .= '<img style="border: 0px; padding: 5px;" src="include/images/smiles/' . $row->url . '" title="' . $row->emo . '"></a>';
$i++;
if ($i % $zeilen == 0 and $i != 0) {
$s .= '<br /><br />';
}
}
$tpl->set_out('smilies', $s, 4);
}
if (!isset($_SESSION['last_shoutbox'])) {
$_SESSION['last_shoutbox'] = '';
}
if (has_right($allgAr['sb_recht'])) {
//Formular
if (!empty($_POST['shoutbox_submit']) and chk_antispam('shoutbox')) {
if ($_SESSION['authid'] == 0) {
$shoutbox_nickname = substr(escape_nickname($_POST['shoutbox_nickname']), 0, 8) . ' (Gast)';
} else {
$shoutbox_nickname = substr($_SESSION['authname'], 0, 15);
}
$shoutbox_textarea = escape($_POST['shoutbox_textarea'], 'textarea');
$shoutbox_textarea = preg_replace("/\\[.?(url|b|i|u|img|code|quote)[^\\]]*?\\]/i", "", $shoutbox_textarea);
$shoutbox_textarea = strip_tags($shoutbox_textarea);
if (!empty($shoutbox_textarea) and $_SESSION['last_shoutbox'] != $shoutbox_textarea) {
$_SESSION['last_shoutbox'] = $shoutbox_textarea;
db_query('INSERT INTO `prefix_shoutbox` (`uid`,`nickname`,`textarea`,`time`) VALUES (' . $_SESSION['authid'] . ', "' . $shoutbox_nickname . '" , "' . $shoutbox_textarea . '", "' . date('Y-m-d H:i:s') . '" ) ');
}
}
$antispam = get_antispam('shoutbox', 0);
if (!empty($antispam)) {
$antispam .= '<br />';
}
