Exemple #1
include "./inc/header.inc.php";
// http://www.securiteam.com/securitynews/5FP0C204KE.html
$login_name = isset($HTTP_POST_VARS['login_name']) ? $HTTP_POST_VARS['login_name'] : '';
if (is_flooding(FLOOD_LOGIN)) {
    message('Fehler', 'IP wegen ' . $config['flood_login_count'] . ' fehlerhafter Loginversuche für ' . $config['flood_login_timeout'] . ' Minuten gesperrt.');
if (!isset($login_cookie)) {
    $login_cookie = 0;
$msg = '';
if (!isset($login_password)) {
    $login_password = '';
$navpath .= "Login";
if (!$login_name) {
    $msg .= "Sie haben vergessen einen Usernamen anzugeben.<br>";
if (!$login_password) {
    $msg .= "Sie haben vergessen ein Passwort anzugeben.<br>";
Exemple #2
include "./inc/header.inc.php";
if (!$config['allowregister']) {
    $navpath .= "User Registrierung &raquo; Fehler";
    message('Registrierung nicht m&ouml;lich!', 'Eine Registrierung ist derzeit leider nicht m&ouml;lich.<br>Bitte versuchen Sie es zu einem sp&auml;teren Zeitpunkt erneut.');
if ($g_user['userid']) {
    $navpath .= 'User Registrierung';
    message('Fehler', 'Sie sind bereits registriert.<br>Eine weitere Registrierung ist deshalb nicht m&ouml;glich.');
if (is_flooding(FLOOD_REGISTER)) {
    message('Fehler', 'IP wegen ' . $config['flood_login_count'] . ' Registrierungen f&uuml;r ' . $config['flood_login_timeout'] . ' Minuten gesperrt.');
if (!isset($accept) || !$accept) {
    $rules = '';
    $TRules = new Template('templates/' . $style['styletemplate'] . '/forumrules.html');
    $navpath .= "User Registrierung";
    message("Forumregeln", $rules, 0, 0);
} else {
    $Tframe = new Template("templates/" . $style['styletemplate'] . "/frame.html");
    $Tregform = new Template("templates/" . $style['styletemplate'] . "/register.html");
    $passwordfield = '';
    $navpath .= "User Registrierung &raquo; Dateneingabe";
    $TPasswordfield = new Template('./templates/' . $style['styletemplate'] . '/register_pwdfield.html');
Exemple #3
             $navpath .= "Private Messages";
             message('Fehler', 'Die Nachricht konnte nicht versendet werden: Die Private Message Box des Empf&auml;ngers ist voll.');
         } else {
             // send msg!
             thwb_query("INSERT INTO " . $pref . "pm (pmfromid, pmtoid, pmtopic, pmtext, pmtime, pmflags, pmfolder)\n                    VALUES ({$g_user['userid']}, {$user['userid']},'" . addslashes($pm['pmtopic']) . "','" . addslashes($pm['pmtext']) . "'," . time() . ", 1, 0);");
             if (($frompmcount < $config['max_privmsg'] || $P->has_permission(P_NOPMLIMIT)) && $pm['pmsaveinoutbox'] == 1) {
                 thwb_query("INSERT INTO " . $pref . "pm (pmtoid, pmfromid, pmtopic, pmtext, pmtime, pmflags, pmfolder)\n                    VALUES ({$g_user['userid']}, {$user['userid']},'" . addslashes($pm['pmtopic']) . "','" . addslashes($pm['pmtext']) . "'," . time() . ",0 , 1);");
             $navpath .= "Private Messages";
             message("Message verschickt", "Ihre Private Message wurde verschickt!<br><a href=\"" . build_link('pm.php') . "\">Private Message Center</a>");
     } elseif ($pm['pmmethod'] == 'email') {
         // SEND PM as E-Mail
         $Pmmail = new Template("templates/mail/pmsg.mail");
         possible_flood(FLOOD_MAIL, $g_user['userid']);
         if (is_flooding(FLOOD_MAIL, $g_user['userid'])) {
             message('Fehler', 'Sie k&ouml;nnen nur ' . $config['flood_mail_count'] . ' E-Mails pro ' . $config['flood_mail_timeout'] . ' Minuten verschicken.');
         $mail_body = "";
         @mail($user['useremail'], "Private Nachricht: " . $pm['pmtopic'], $mail_body, "From: " . $g_user['username'] . " <" . $g_user['useremail'] . ">");
         if ($frompmcount < $config['max_privmsg'] and $pm['pmsaveinoutbox'] == 1) {
             thwb_query("INSERT INTO " . $pref . "pm (pmtoid, pmfromid, pmtopic, pmtext, pmtime, pmflags, pmfolder)\n                VALUES ({$g_user['userid']}, {$user['userid']},'" . addslashes($pm['pmtopic'] . " *E-Mail*") . "','" . addslashes($pm['pmtext']) . "'," . time() . ",0 , 1);");
         $navpath .= "Private Messages";
         message("Message verschickt", "Ihre Private Message wurde als E-Mail verschickt!<br><a href=\"" . build_link('pm.php') . "\">Private Message Center</a>");
 } else {
     $TFrame = new Template("templates/" . $style['styletemplate'] . "/frame.html");
     $TMsg = new Template("templates/" . $style['styletemplate'] . "/newprivmsg.html");
     if ($config['use_email'] == 1) {
Exemple #4
     if ($next_url['scheme'] != $current_url['scheme'] || $next_url['host'] != $current_url['host']) {
 if ($com_captcha && !is_valid_captcha_code($code, $confirm_id, $id, 'comments')) {
     echo $com13;
 } else {
     if (!$name || !$comment) {
         echo $com1;
     } else {
         if ($comlength > 0 && strlen($comment) > $comlength) {
             printf($com14, $comlength);
         } else {
             if (!is_valid_email($email) && $email != '') {
                 echo $com2;
             } elseif (is_flooding()) {
                 echo $com4 . ' ' . $floodtime . ' ' . $com5;
             } else {
                 $news_user = false;
                 $passok = false;
                 $file = file(FNEWS_ROOT_PATH . 'users.php');
                 $passhash = md5($pass);
                 foreach ($file as $value) {
                     $user = get_line_data('users', $value);
                     if ($name == $user['username'] || $name == $user['nickname']) {
                         $news_user = true;
                         if ($passhash == $user['passwordhash']) {
                             $name = $user['nickname'];
                             $passok = true;
                             if (!$email) {