function misc_videofile()
{
global $set, $db, $apx, $user;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($set['videos']['regonly'] && !$user->info['userid']) {
die('video only for registered users!');
}
$apx->lang->drop('detail', 'videos');
//Secure Check
$res = $db->first("SELECT id,title,file,regonly,`limit`,password,source FROM " . PRE . "_videos WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$user->is_team_member(), "AND ( '" . time() . "' BETWEEN starttime AND endtime )") . " " . section_filter() . " ) LIMIT 1");
if (!$res['id']) {
die('file not found!');
}
if ($res['regonly'] && !$user->info['userid']) {
die('video only for registered users!');
}
if (videos_limit_is_reached($res['id'], $res['limit'])) {
message($apx->lang->get('MSG_LIMITREACHED'), 'back');
}
if ($res['password'] && $_POST['password'] != $res['password']) {
tmessage('pwdrequired', array('ID' => $_REQUEST['id'], 'SECHASH' => $_REQUEST['sechash']), 'videos');
}
$checkhash = md5($_SERVER['HTTP_HOST'] . $res['file'] . date('Y/m/d', time() - TIMEDIFF));
if ($checkhash != $_REQUEST['sechash']) {
header("HTTP/1.1 301 Moved Permanently");
header('location:' . str_replace('&', '&', mklink('videos.php?id=' . $_REQUEST['id'], 'videos,id' . $_REQUEST['id'] . urlformat($res['title']) . '.html')));
exit;
}
//Datei downloadbar?
if (!in_array($res['source'], array('apexx', 'external'))) {
header("HTTP/1.1 404 Not Found");
exit;
}
//Statistik
$thefsize = videos_filesize($res);
videos_insert_stats($res['id'], $thefsize, $res['source'] == 'apexx');
//Datei senden
if ($res['source'] == 'external') {
header("HTTP/1.1 301 Moved Permanently");
header('location:' . $res['file']);
exit;
} else {
header("HTTP/1.1 301 Moved Permanently");
header('location:' . HTTPDIR . getpath('uploads') . $res['file']);
exit;
}
}
function check_forum_password($forum)
{
global $set;
$forumid = $forum['password_fromid'] ? $forum['password_fromid'] : $forum['forumid'];
if (!$forum['password']) {
return true;
}
if ($_COOKIE[$set['main']['cookie_pre'] . '_forum_password_' . $forumid] == $forum['password']) {
return true;
}
if (isset($_POST['password']) && $_POST['password'] == $forum['password']) {
setcookie($set['main']['cookie_pre'] . '_forum_password_' . $forumid, $_POST['password'], time() + 100 * 24 * 3600);
return true;
} else {
tmessage('forumpwd');
}
}
<?php
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
$apx->lang->drop('delpm');
if ($_POST['send']) {
$db->query("UPDATE " . PRE . "_user_pms SET del_to='1' WHERE ( id='" . $_REQUEST['id'] . "' AND touser='******'userid'] . "' ) LIMIT 1");
$db->query("UPDATE " . PRE . "_user_pms SET del_from='1' WHERE ( id='" . $_REQUEST['id'] . "' AND fromuser='******'userid'] . "' ) LIMIT 1");
message($apx->lang->get('MSG_OK'), mklink('user.php?action=pms', 'user,pms.html'));
} else {
tmessage('delpm', array('ID' => $_REQUEST['id']));
}
<?php
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
$apx->lang->drop('profile');
headline($apx->lang->get('HEADLINE_PROFILE'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
titlebar($apx->lang->get('HEADLINE_PROFILE'));
//Nur für Registrierte
if ($set['user']['profile_regonly'] && !$user->info['userid']) {
tmessage('profileregonly', array(), false, false);
require 'lib/_end.php';
}
//Userinfo auslesen
$res = $db->first("SELECT * FROM " . PRE . "_user WHERE userid='" . $_REQUEST['id'] . "' LIMIT 1");
$userid = $res['userid'];
if (!$res['userid']) {
filenotfound();
}
//Nur für Freunde
if ($res['pub_profileforfriends'] && !$user->is_buddy_of($res['userid']) && $user->info['userid'] != $res['userid'] && $user->info['groupid'] != 1) {
message($apx->lang->get('MSG_FRIENDSONLY'));
require 'lib/_end.php';
}
//Verwendete Variablen auslesen
$parse = $apx->tmpl->used_vars('profile');
//Besucher aufzeichnen und ausgeben
if (in_array('VISITOR', $parse)) {
if ($_REQUEST['id'] != $user->info['userid']) {
user_count_visit('profile', $_REQUEST['id']);
<?php
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
$apx->lang->drop('delbuddy');
if ($_POST['send']) {
if ($user->is_buddy($_REQUEST['id'])) {
$db->query("DELETE FROM " . PRE . "_user_friends WHERE userid='" . $user->info['userid'] . "' AND friendid='" . $_REQUEST['id'] . "' LIMIT 1");
}
message($apx->lang->get('MSG_OK'), mklink('user.php?action=friends', 'user,friends.html'));
} else {
tmessage('delbuddy', array('ID' => $_REQUEST['id']));
}
}
//Nur für Registrierte
if ($set['user']['profile_regonly'] && !$user->info['userid']) {
tmessage('profileregonly', array(), false, false);
require 'lib/_end.php';
}
//Eintrag löschen
$_REQUEST['del'] = (int) $_REQUEST['del'];
if ($user->info['userid'] && $_REQUEST['del']) {
$apx->lang->drop('guestbook');
if ($_POST['del']) {
$db->query("DELETE FROM " . PRE . "_user_guestbook WHERE id='" . $_POST['del'] . "' AND owner='" . $user->info['userid'] . "' LIMIT 1");
$goto = mklink('user.php?action=guestbook&id=' . $user->info['userid'], 'user,guestbook,' . $user->info['userid'] . ',1.html');
message($apx->lang->get('MSG_DEL_OK'), $goto);
} else {
tmessage('delguestbook', array('ID' => $_REQUEST['del']));
}
return;
}
////////////////////
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
$apx->lang->drop('guestbook');
headline($apx->lang->get('HEADLINE_GUESTBOOK'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
titlebar($apx->lang->get('HEADLINE_GUESTBOOK'));
//Benutzernamen auslesen
$profileInfo = $db->first("SELECT userid,username,pub_usegb,pub_profileforfriends FROM " . PRE . "_user WHERE userid='" . $_REQUEST['id'] . "' LIMIT 1");
list($userid, $username, $usegb, $friendonly) = $profileInfo;
$apx->tmpl->assign('USERID', $userid);
function checkage()
{
global $apx, $set, $db, $user;
//Alter wurde bereits bestätigt
if ($_COOKIE[$set['main']['cookie_pre'] . '_checkage'] || $user->is_team_member() || $user->info['ageconfirmed']) {
return;
}
$apx->lang->drop('checkage', 'main');
//Alter prüfen
if ($_POST['checkage'] && $_POST['birthday']['day'] && $_POST['birthday']['month'] && $_POST['birthday']['year']) {
$stamp = intval(sprintf('%04d%02d%02d', $_POST['birthday']['year'], $_POST['birthday']['month'], $_POST['birthday']['day']));
$maxstamp = intval(sprintf('%04d%02d%02d', date('Y') - 18, date('n'), date('j')));
if ($stamp <= $maxstamp) {
setcookie($set['main']['cookie_pre'] . '_checkage', 1);
return;
} else {
message($apx->lang->get('MSG_TOOYOUNG'), HTTPDIR);
require BASEDIR . 'lib/_end.php';
}
}
//Nachricht anzeigen
//header('HTTP/1.0 403 Forbidden');
tmessage('checkage', array(), 'main');
require BASEDIR . 'lib/_end.php';
}
} else {
$db->query("INSERT INTO " . PRE . "_user_ignore (userid,ignored,reason) VALUES ('" . $user->info['userid'] . "','" . $userid . "','" . addslashes($_POST['reason']) . "')");
$goto = mklink('user.php?action=ignorelist', 'user,ignorelist.html');
message($apx->lang->get('MSG_ADD_OK'), $goto);
}
}
} else {
tmessage('addignore', array('USERNAME' => compatible_hsc($_REQUEST['username'])));
}
} elseif ($_REQUEST['del']) {
if ($_POST['del']) {
$db->query("DELETE FROM " . PRE . "_user_ignore WHERE userid='" . $user->info['userid'] . "' AND ignored='" . intval($_POST['del']) . "' LIMIT 1");
$goto = mklink('user.php?action=ignorelist', 'user,ignorelist.html');
message($apx->lang->get('MSG_DEL_OK'), $goto);
} else {
tmessage('delignore', array('ID' => $_REQUEST['del']));
}
} else {
//Ignorierte Benutzer auslesen
$data = $db->fetch("SELECT u.userid,u.username,i.reason FROM " . PRE . "_user_ignore AS i LEFT JOIN " . PRE . "_user AS u ON i.ignored=u.userid WHERE i.userid='" . $user->info['userid'] . "' ORDER BY u.username ASC");
if (count($data)) {
foreach ($data as $res) {
++$i;
$tabledata[$i]['ID'] = $res['userid'];
$tabledata[$i]['NAME'] = replace($res['username']);
$tabledata[$i]['REASON'] = replace($res['reason']);
$tabledata[$i]['LINK_DEL'] = mklink('user.php?action=ignorelist&del=' . $res['userid'], 'user,ignorelist.html?del=' . $res['userid']);
}
}
$apx->tmpl->assign('LINK_ADD', mklink('user.php?action=ignorelist&add=1', 'user,ignorelist.html?add=1'));
$apx->tmpl->assign('USER', $tabledata);
function resync()
{
global $set, $apx, $db;
if ($_REQUEST['send']) {
if (!checkToken()) {
printInvalidToken();
} else {
@set_time_limit(600);
//Thread- und Beitragszahlen berichtigen
$data = $db->fetch("\n\t\t\t\tSELECT forumid\n\t\t\t\tFROM " . PRE . "_forums\n\t\t\t");
if (count($data)) {
foreach ($data as $res) {
$forumid = $res['forumid'];
$forumThreads = 0;
$forumPosts = 0;
$forumLastpost = array();
$forumLastthread = array();
//Threads auslesen
$threaddata = $db->fetch("\n\t\t\t\t\t\tSELECT threadid, prefix, title, icon, del\n\t\t\t\t\t\tFROM " . PRE . "_forum_threads\n\t\t\t\t\t\tWHERE del=0 AND moved=0 AND forumid='" . $forumid . "'\n\t\t\t\t\t");
if (count($threaddata)) {
foreach ($threaddata as $tres) {
$threadid = $tres['threadid'];
list($threadPosts) = $db->first("\n\t\t\t\t\t\t\t\tSELECT count(postid)\n\t\t\t\t\t\t\t\tFROM " . PRE . "_forum_posts\n\t\t\t\t\t\t\t\tWHERE del=0 AND threadid='" . $threadid . "'\n\t\t\t\t\t\t\t");
$threadLastpost = $db->first("\n\t\t\t\t\t\t\t\tSELECT postid, userid, username, time\n\t\t\t\t\t\t\t\tFROM " . PRE . "_forum_posts\n\t\t\t\t\t\t\t\tWHERE del=0 AND threadid='" . $threadid . "'\n\t\t\t\t\t\t\t\tORDER BY time DESC\n\t\t\t\t\t\t\t\tLIMIT 1\n\t\t\t\t\t\t\t");
$db->query("\n\t\t\t\t\t\t\t\tUPDATE " . PRE . "_forum_threads\n\t\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\t\tposts='" . $threadPosts . "',\n\t\t\t\t\t\t\t\t\tlastpost='" . $threadLastpost['postid'] . "',\n\t\t\t\t\t\t\t\t\tlastposter='" . addslashes($threadLastpost['username']) . "',\n\t\t\t\t\t\t\t\t\tlastposter_userid='" . $threadLastpost['userid'] . "',\n\t\t\t\t\t\t\t\t\tlastposttime='" . $threadLastpost['time'] . "'\n\t\t\t\t\t\t\t\tWHERE threadid='" . $threadid . "'\n\t\t\t\t\t\t\t");
//Themen/Beiträge im Forum
if (!$tres['del']) {
++$forumThreads;
}
$forumPosts += $threadPosts;
//Lastpost im Forum
if (!$forumLastpost || $forumLastpost['time'] < $threadLastpost['time']) {
$forumLastthread = $tres;
$forumLastpost = $threadLastpost;
}
}
}
//Forum aktualisieren
$db->query("\n\t\t\t\t\t\tUPDATE " . PRE . "_forums\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tthreads='" . $forumThreads . "',\n\t\t\t\t\t\t\tposts='" . $forumPosts . "',\n\t\t\t\t\t\t\tlastpost='" . $forumLastpost['postid'] . "',\n\t\t\t\t\t\t\tlastposter='" . addslashes($forumLastpost['username']) . "',\n\t\t\t\t\t\t\tlastposter_userid='" . $forumLastpost['userid'] . "',\n\t\t\t\t\t\t\tlastposttime='" . $forumLastpost['time'] . "',\n\t\t\t\t\t\t\tlastthread='" . $forumLastthread['threadid'] . "',\n\t\t\t\t\t\t\tlastthread_title='" . addslashes($forumLastthread['title']) . "',\n\t\t\t\t\t\t\tlastthread_icon='" . addslashes($forumLastthread['icon']) . "',\n\t\t\t\t\t\t\tlastthread_prefix='" . addslashes($forumLastthread['prefix']) . "'\n\t\t\t\t\t\tWHERE forumid='" . $forumid . "'\n\t\t\t\t\t\tLIMIT 1");
}
}
logit('FORUM_RESYNC');
message($apx->lang->get('MSG_OK'));
}
} else {
tmessage('resync');
}
}
if ($_REQUEST['option'] == 'addforum') {
$_POST['type'] = 'forum';
} else {
$_POST['type'] = 'thread';
}
//Benachrichtigung
if (in_array($_POST['subscription'], array('none', 'instant', 'daily', 'weekly'))) {
$_POST['notification'] = $_POST['subscription'];
} else {
$_POST['notification'] = 'none';
}
$_POST['userid'] = $user->info['userid'];
$_POST['source'] = $_POST['id'];
//Duplikate vermeiden
list($duplicate) = $db->first("SELECT id FROM " . PRE . "_forum_subscriptions WHERE ( type='" . addslashes($_POST['type']) . "' AND source='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' ) LIMIT 1");
if (!$duplicate) {
$db->dinsert(PRE . '_forum_subscriptions', 'userid,type,source,notification');
}
message($apx->lang->get('MSG_SUBADD_OK'), mklink('user.php?action=subscriptions', 'user,subscriptions.html'));
} else {
require_once BASEDIR . getmodulepath('forum') . 'basics.php';
//Titel auslesen
if ($_REQUEST['option'] == 'addforum') {
list($title) = $db->first("SELECT title FROM " . PRE . "_forums WHERE forumid='" . $_REQUEST['id'] . "' LIMIT 1");
} else {
list($prefix, $title) = $db->first("SELECT prefix,title FROM " . PRE . "_forum_threads WHERE threadid='" . $_REQUEST['id'] . "' LIMIT 1");
$title = trim(compatible_hsc(strip_tags(forum_get_prefix($prefix) . ' ') . $title));
}
$input = array('ID' => $_REQUEST['id'], 'TITLE' => $title, 'OPTION' => $_REQUEST['option']);
tmessage('subscription_add', $input);
}
checkage();
}
//Passwortschutz
if ($gallery['password']) {
$password = $gallery['password'];
$pwdid = $gallery['id'];
} else {
$parentIds = dash_unserialize($gallery['parents']);
if ($parentIds) {
list($pwdid, $password) = $db->first("SELECT id,password FROM " . PRE . "_gallery WHERE id='" . $parentIds[0] . "' LIMIT 1");
}
}
if ($password && $password == $_POST['password']) {
setcookie('gallery_pwd_' . $pwdid, $_POST['password'], time() + 1 * 24 * 3600);
} elseif ($password && $_COOKIE['gallery_pwd_' . $pwdid] != $password) {
tmessage('pwdrequired', array('ID' => $_REQUEST['id'], 'PIC' => $_REQUEST['pic']));
}
//Headline + Titlebar
headline(strip_tags($gallery['title']), mklink('gallery.php?id=' . $_REQUEST['id'] . '&p=' . $_REQUEST['p'], 'gallery,list' . $_REQUEST['id'] . ',' . iif($_REQUEST['p'], $_REQUEST['p'], 1) . urlformat($gallery['title']) . '.html'));
titlebar($apx->lang->get('HEADLINE') . ': ' . strip_tags($gallery['title']));
//Unter-Galerien auslesen, die veröffentlicht sind
if ($set['gallery']['subgals'] && $gallery['children']) {
$openData = $db->fetch("SELECT id FROM " . PRE . "_gallery WHERE id IN (" . implode(', ', $gallery['children']) . ") AND '" . time() . "' BETWEEN starttime AND endtime");
$openIds = array_merge(get_ids($openData), array($gallery['id']));
} else {
$openIds = array($gallery['id']);
}
//////////////////// UNTERGALERIEN
if ($set['gallery']['subgals']) {
require_once BASEDIR . 'lib/class.recursivetree.php';
$tree = new RecursiveTree(PRE . '_gallery', 'id');
if ($_REQUEST['galid']) {
$galid = $_REQUEST['galid'];
//Zugangsrechte?
$gallery = $db->first("SELECT * FROM " . PRE . "_user_gallery WHERE id='" . $galid . "' AND owner='" . $_REQUEST['id'] . "' LIMIT 1");
if (!$gallery['id']) {
die('access denied!');
}
//Passwortschutz
if ($gallery['password']) {
$password = $gallery['password'];
$pwdid = $gallery['id'];
}
if ($password && $password == $_POST['password']) {
setcookie('usergallery_pwd_' . $pwdid, md5(md5($_POST['password']) . $set['main']['crypt']), time() + 1 * 24 * 3600);
} elseif ($user->info['gtype'] != 'admin' && $user->info['userid'] != $gallery['owner'] && $password && $_COOKIE['usergallery_pwd_' . $pwdid] != md5(md5($password) . $set['main']['crypt'])) {
tmessage('gallerypwdrequired', array('ID' => $_REQUEST['id'], 'GALID' => $_REQUEST['galid']));
}
//Verwendete Variablen
$parse = $apx->tmpl->used_vars('gallery_pics');
//Besucher aufzeichnen und ausgeben
if (in_array('VISITOR', $parse)) {
if ($userid != $user->info['userid']) {
user_count_visit('gallery', $_REQUEST['id']);
}
if (!$set['user']['visitorself'] || $userid == $user->info['userid']) {
user_assign_visitors('gallery', $_REQUEST['id'], $apx->tmpl, $parse);
}
}
//Galerie-Infos
$images = 0;
if (in_array('COUNT', $parse)) {
<?php
$apx->module('forum');
//Diese Aktion gehört dem Forum
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
$apx->lang->drop('subscribe');
$subinfo = $db->first("SELECT type,notification FROM " . PRE . "_forum_subscriptions WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
if ($_POST['send']) {
//Benachrichtigung
if ($subinfo['type'] == 'thread' && !in_array($_POST['subscription'], array('none', 'instant', 'daily', 'weekly'))) {
die('invalid notification type');
}
if ($subinfo['type'] == 'forum' && !in_array($_POST['subscription'], array('none', 'daily', 'weekly'))) {
die('invalid notification type');
}
$db->query("UPDATE " . PRE . "_forum_subscriptions SET notification='" . $_POST['subscription'] . "' WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
message($apx->lang->get('MSG_SUBEDIT_OK'), mklink('user.php?action=subscriptions', 'user,subscriptions.html'));
} else {
$input = array('ID' => $_REQUEST['id'], 'SUBSCRIPTION' => $subinfo['notification'], 'ISTHREAD' => iif($subinfo['type'] == 'thread', 1, 0));
tmessage('subscription_edit', $input);
}
<?php
$apx->module('forum');
//Diese Aktion gehört dem Forum
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
$apx->lang->drop('subscribe');
if ($_POST['send']) {
$db->query("DELETE FROM " . PRE . "_forum_subscriptions WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
message($apx->lang->get('MSG_SUBDEL_OK'), mklink('user.php?action=subscriptions', 'user,subscriptions.html'));
} else {
tmessage('subscription_del', array('ID' => $_REQUEST['id']));
}
function tmessageOverlay($file, $input = array(), $dir = false)
{
global $set, $db, $apx;
$apx->tmpl->assign_static('OVERLAY', true);
tmessage($file, $input, $dir);
}
<?php
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
$apx->lang->drop('bookmarks');
if ($_POST['send']) {
$db->query("DELETE FROM " . PRE . "_user_bookmarks WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
message($apx->lang->get('MSG_OK_DEL'), mklink('user.php', 'user.html'));
} else {
tmessage('delbookmark', array('ID' => $_REQUEST['id']));
}
if ($_REQUEST['id'] && $_REQUEST['broken']) {
$apx->lang->drop('broken');
if ($_POST['broken']) {
$res = $db->first("SELECT title FROM " . PRE . "_videos WHERE ( id='" . $_REQUEST['id'] . "' " . section_filter() . " ) LIMIT 1");
titlebar($apx->lang->get('HEADLINE') . ': ' . $res['title']);
$link = mklink('videos.php?id=' . $_REQUEST['id'], 'videos,id' . $_REQUEST['id'] . urlformat($res['title']) . '.html');
$db->query("UPDATE " . PRE . "_videos SET broken='" . time() . "' WHERE ( id='" . $_REQUEST['id'] . "' " . section_filter() . " ) LIMIT 1");
//eMail-Benachrichtigung
if ($set['videos']['mailonbroken']) {
$input = array('URL' => substr(HTTP, 0, -1) . $link);
sendmail($set['videos']['mailonbroken'], 'BROKEN', $input);
}
message($apx->lang->get('MSG_BROKEN'), $link);
require 'lib/_end.php';
} else {
tmessage('broken', array('ID' => $_REQUEST['id']));
}
}
////////////////////////////////////////////////////////////////////////////////// NUR KOMMENTARE
if ($_REQUEST['id'] && $_REQUEST['comments']) {
$res = $db->first("SELECT title FROM " . PRE . "_videos WHERE ( id='" . $_REQUEST['id'] . "' " . section_filter() . " ) LIMIT 1");
titlebar($apx->lang->get('HEADLINE') . ': ' . $res['title']);
videos_showcomments($_REQUEST['id']);
}
///////////////////////////////////////////////////////////////////////////////////////// DETAILS
if ($_REQUEST['id']) {
$apx->lang->drop('detail');
//Verwendete Variablen auslesen
$parse = $apx->tmpl->used_vars('detail');
//Video-Info
$res = $db->first("SELECT a.*,b.username,b.email,b.pub_hidemail FROM " . PRE . "_videos AS a LEFT JOIN " . PRE . "_user AS b USING(userid) WHERE ( a.id='" . $_REQUEST['id'] . "' AND a.status='finished' " . iif(!$user->is_team_member(), "AND ( '" . time() . "' BETWEEN a.starttime AND a.endtime )") . " " . section_filter() . " ) LIMIT 1");
} elseif (count($locids) > 1) {
$inputfields = '';
foreach ($_POST as $key => $value) {
if ($key == 'locid') {
continue;
}
$inputfields .= '<input type="hidden" name="' . $key . '" value="' . compatible_hsc($value) . '" />';
}
$select = array();
foreach ($data as $res) {
++$i;
$select[$i]['ID'] = $res['id'];
$select[$i]['NAME'] = $res['stamp'] . ' ' . replace($res['name']);
}
$input = array('INPUTS' => $inputfields, 'SELECT' => $select);
tmessage('choosecity', $input);
}
//Locid-Suche
list($l, $b) = $db->first("SELECT l,b FROM " . PRE . "_user_locations WHERE id='" . $locids[0] . "' LIMIT 1");
$distance = (int) $_POST['distance'];
$data = $db->fetch("\n\t\t\tSELECT id\n\t\t\tFROM `" . PRE . "_user_locations`\n\t\t\tWHERE (sqrt((l-" . $l . ")*70*(l-" . $l . ")*70+(b-" . $b . ")*111*(b-" . $b . ")*111))<=" . $distance . "\n\t\t");
$neighbours = get_ids($data, 'id');
//Auf Locids eingrenzen
$where .= " AND locid IN (" . implode(',', $neighbours) . ") ";
}
//Suchbegriff
if ($_POST['item']) {
$items = explode(' ', $_POST['item']);
$items = array_map('trim', $items);
$itemsearchfields = array('username', 'homepage', 'realname', 'interests', 'work');
for ($i = 1; $i <= 10; $i++) {
function sendpm_exec()
{
global $apx, $db, $set;
//Token prüfen
if (!checkToken()) {
printInvalidToken();
return;
}
//FORWARDER
if (!isset($_REQUEST['done'])) {
tmessage('sending', array('FORWARDER' => 'action.php?action=user.sendpm&doit=1&sectoken=' . $apx->session->get('sectoken') . '&done=0'));
return;
}
//VARS
$done = (int) $_REQUEST['done'];
$countPerCall = 50;
@set_time_limit(600);
//Newsletter-Info auslesen
$newsletter = $set['user']['sendpm_data'];
if (!isset($newsletter['text'])) {
die('no valid newsletter!');
}
$newsletter['text_clear'] = $newsletter['text'];
while (preg_match('#\\[([a-z0-9]+)(=.*?)?\\](.*?)\\[/\\1\\]#si', $newsletter['text_clear'])) {
$text = preg_replace('#\\[([a-z0-9]+)(=.*?)?\\](.*?)\\[/\\1\\]#si', '\\3', $newsletter['text_clear']);
}
//SEND NEWSLETTER
if (is_array($newsletter['groups']) && count($newsletter['groups'])) {
$data = $db->fetch("SELECT userid, email, pub_poppm, pub_mailpm FROM " . PRE . "_user WHERE active=1 AND reg_key='' AND groupid IN (" . implode(',', $newsletter['groups']) . ") ORDER BY email ASC LIMIT " . $done . "," . $countPerCall);
} else {
$data = $db->fetch("SELECT userid, email, pub_poppm, pub_mailpm FROM " . PRE . "_user WHERE active=1 AND reg_key='' ORDER BY email ASC LIMIT " . $done . "," . $countPerCall);
}
if (count($data)) {
foreach ($data as $res) {
++$i;
$this->sendpm_send($res, $newsletter['subject'], $newsletter['text'], $newsletter['text_clear']);
}
////// FORWARDER
//Vorgang beendet
if ($i < $countPerCall) {
$db->query("UPDATE " . PRE . "_config SET value='' WHERE module='user' AND varname='sendpm_data' LIMIT 1");
logit('USER_SENDPM');
message($apx->lang->get('MSG_OK'));
return;
} else {
tmessage('sending', array('FORWARDER' => 'action.php?action=user.sendpm&doit=1&sectoken=' . $apx->session->get('sectoken') . '&done=' . ($done + $countPerCall)));
return;
}
} else {
$db->query("UPDATE " . PRE . "_config SET value='' WHERE module='user' AND varname='sendpm_data' LIMIT 1");
logit('USER_SENDPM');
message($apx->lang->get('MSG_OK'));
return;
}
}
function add()
{
global $set, $db, $apx;
//Typ wählen
if (!$_REQUEST['type'] || !in_array($_REQUEST['type'], $this->alltypes)) {
//Typliste
$typelist = '';
foreach ($this->alltypes as $type) {
$typelist .= '<option value="' . $type . '"' . iif($type == $_POST['type'], ' selected="selected"') . '>' . $apx->lang->get('PRODTYPE_' . strtoupper($type)) . '</option>';
}
tmessage('choosetype', array('TYPELIST' => $typelist, 'UPDATEPARENT' => $_REQUEST['updateparent']));
return;
} else {
$call = 'add_' . $_REQUEST['type'];
$this->{$call}();
}
}
die('missing post-ID!');
}
$postinfo = post_info($_REQUEST['id']);
if (!$postinfo['postid'] || $postinfo['del']) {
message($apx->lang->get('MSG_POSTNOTEXIST'));
}
$threadinfo = thread_info($postinfo['threadid']);
if (!$threadinfo['threadid'] || $threadinfo['del']) {
message($apx->lang->get('MSG_THREADNOTEXIST'));
}
$foruminfo = forum_info($threadinfo['forumid']);
if (!$foruminfo['forumid']) {
message($apx->lang->get('MSG_FORUMNOTEXIST'));
}
if (!forum_access_admin($foruminfo)) {
tmessage('noright', array(), false, false);
}
//////////////////////////////////////////////////////////////////////////////// SUCHERGEBNISSE ANZEIGEN
//Beiträge von dieser IP
$data = $db->fetch("SELECT userid,username,count(postid) AS posts FROM " . PRE . "_forum_posts WHERE ip='" . addslashes($postinfo['ip']) . "' GROUP BY username ORDER BY username ASC");
if (count($data)) {
foreach ($data as $res) {
++$i;
$fromdata[$i]['USERID'] = $res['userid'];
$fromdata[$i]['USERNAME'] = replace($res['username']);
$fromdata[$i]['POSTS'] = $res['posts'];
}
}
//Weitere IPs des Benutzers
if ($postinfo['userid']) {
$data = $db->fetch("SELECT ip,count(postid) AS posts FROM " . PRE . "_forum_posts WHERE userid='" . $postinfo['userid'] . "' GROUP BY ip ORDER BY posts DESC");
foreach ($data as $res) {
$picture = $res['picture'];
$thumbnail = $res['thumbnail'];
if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) {
$mm->deletefile($picture);
}
if ($thumbnail && file_exists(BASEDIR . getpath('uploads') . $thumbnail)) {
$mm->deletefile($thumbnail);
}
}
}
$mm->deletedir('user/gallery-' . $_REQUEST['id']);
}
message($apx->lang->get('MSG_DEL_OK'), mklink('user.php?action=mygallery', 'user,mygallery.html'));
} else {
tmessage('delgallery', array('ID' => $_REQUEST['id']));
}
require 'lib/_end.php';
}
//GALERIEN AUFLISTEN
$data = $db->fetch("SELECT id,title FROM " . PRE . "_user_gallery WHERE owner='" . $user->info['userid'] . "'");
if (count($data)) {
foreach ($data as $res) {
++$i;
//Bilder
list($images) = $db->first("SELECT count(*) FROM " . PRE . "_user_pictures WHERE galid='" . $res['id'] . "'");
//Link
$link = mklink('user.php?action=gallery&id=' . $user->info['userid'] . '&galid=' . $res['id'], 'user,gallery,' . $user->info['userid'] . ',' . $res['id'] . ',0.html');
$tabledata[$i]['ID'] = $res['id'];
$tabledata[$i]['TITLE'] = replace($res['title']);
$tabledata[$i]['LINK'] = $link;