function cleanupPOSTandGET() { // remove possible unsecure PHP replacement tags in GET and POST vars if (isset($_POST) && count($_POST)) { foreach ($_POST as $key => $value) { if (!is_array($_POST[$key])) { $_POST[$key] = remove_unsecure_rptags($value); } } } if (isset($_GET) && count($_GET)) { foreach ($_GET as $key => $value) { $_GET[$key] = remove_unsecure_rptags($value); } } }
$CNT_TMP .= getContentPartTopLink($crow["acontent_top"]); // Space after if ($crow["acontent_after"]) { if (!empty($template_default["article"]["div_spacer"])) { $CNT_TMP .= '<div style="margin-bottom:' . $crow["acontent_after"] . 'px;" class="' . $template_default['classes']['spaceholder-cp-after'] . '"></div>'; } else { $CNT_TMP .= '<br class="' . $template_default['classes']['spaceholder-cp-after'] . '" />' . spacer(1, $crow["acontent_after"]); } } // Maybe content part ID should b used inside templates or for something different $CNT_TMP = str_replace(array('[%CPID%]', '{CPID}'), $crow["acontent_id"], $CNT_TMP); // trigger content part functions $CNT_TMP = trigger_cp($CNT_TMP, $crow); //check if PHP replacent tags are allowed for content if (empty($phpwcms["allow_cntPHP_rt"])) { $CNT_TMP = remove_unsecure_rptags($CNT_TMP); } // wrap tab if (!empty($crow['acontent_tab'])) { $crow['acontent_tab'] = explode('_', $crow['acontent_tab'], 2); $crow['acontent_tab']['num'] = explode('|', $crow['acontent_tab'][0]); $crow['acontent_tab']['type'] = empty($crow['acontent_tab']['num'][1]) ? 1 : $crow['acontent_tab']['num'][1]; $crow['acontent_tab']['num'] = intval($crow['acontent_tab']['num'][0]); if ($crow['acontent_tab']['type'] == 2) { $crow['acontent_tab']['title'] = empty($crow['acontent_tab'][1]) ? i18n_substitute_text_token($content['cptab_types'][2]['title']) : $crow['acontent_tab'][1]; $crow['acontent_tab']['type'] = 2; } elseif (isset($template_default['attributes']['cpgroup_custom'][$crow['acontent_tab']['type']])) { $crow['acontent_tab']['title'] = empty($crow['acontent_tab'][1]) ? $template_default['attributes']['cpgroup_custom'][$crow['acontent_tab']['type']]['title'] : $crow['acontent_tab'][1]; $content['cptab_types'][$crow['acontent_tab']['type']] = array('id' => $crow['acontent_tab']['type'], 'item' => $crow['acontent_tab']['type'], 'title' => $template_default['attributes']['cpgroup_custom'][$crow['acontent_tab']['type']]['title']); } else { $crow['acontent_tab']['title'] = empty($crow['acontent_tab'][1]) ? i18n_substitute_text_token($content['cptab_types'][1]['title']) : $crow['acontent_tab'][1];
$guestbook['nav'] = get_tmpl_section('NAV', $guestbook['template']); $guestbook['entry'] = get_tmpl_section('GUESTBOOK_ENTRY', $guestbook['template']); $guestbook['list'] = get_tmpl_section('GUESTBOOK', $guestbook['template']); $guestbook['ban'] = trim(get_tmpl_section('BAN', $guestbook['template']) . ' ' . $guestbook['banned']); $guestbook['replace'] = strip_tags(trim(get_tmpl_section('BAN_REPLACE', $guestbook['template']))); $guestbook['ban_ip'] = trim(get_tmpl_section('BAN_IP', $guestbook['template'])); $guestbook['comment'] = trim(get_tmpl_section('COMMENT', $guestbook['template'])); $guestbook['comment'] = explode('|', $guestbook['comment']); $guestbook['comment'][0] = trim($guestbook['comment'][0]); $guestbook['comment'][1] = trim($guestbook['comment'][1]); // processiong post values if (isset($_POST['guestbook_send'])) { $guestbook['post']['email'] = clean_slweg(remove_unsecure_rptags($_POST['guestbook_email'])); $guestbook['post']['name'] = clean_slweg(remove_unsecure_rptags($_POST['guestbook_name'])); $guestbook['post']['url'] = clean_slweg(remove_unsecure_rptags($_POST['guestbook_url'])); $guestbook['post']['msg'] = clean_slweg(remove_unsecure_rptags($_POST['guestbook_msg'])); $guestbook['post']['msg'] = preg_replace('/\\[c\\](.*?)\\[\\/c\\]/is', "\$1", $guestbook['post']['msg']); $guestbook['post']['show'] = intval($_POST['guestbook_show']); if ($guestbook['post']['show'] > 2) { $guestbook['post']['show'] = 0; } // email error if (!is_valid_email($guestbook['post']['email'])) { $guestbook['error']['email'] = 'Proof the email address: it is empty or false.'; } // name error if (empty($guestbook['post']['name'])) { $guestbook['error']['name'] = 'Don't forget to insert your name.'; } // banned stuff $guestbook['ban_count'] = 0;
case 'newsletter': /* * Newsletter */ $form_newletter_setting = array(); $form_newletter_setting['double_optin'] = 0; $form_value = array(); if ($POST_DO && ($cnt_form["fields"][$key]['required'] || isset($_POST[$POST_name]))) { if (isset($_POST[$POST_name]) && is_array($_POST[$POST_name])) { $POST_val[$POST_name] = array_map('combined_POST_cleaning', $_POST[$POST_name]); $POST_val[$POST_name] = array_diff($POST_val[$POST_name], array('')); if (!count($POST_val[$POST_name])) { $POST_val[$POST_name] = false; } } else { $POST_val[$POST_name] = isset($_POST[$POST_name]) ? remove_unsecure_rptags(clean_slweg($_POST[$POST_name])) : false; } if ($cnt_form["fields"][$key]['required'] && ($POST_val[$POST_name] === false || $POST_val[$POST_name] == '')) { $POST_ERR[$key] = $cnt_form["fields"][$key]['error']; $cnt_form["fields"][$key]['class'] = getFieldErrorClass($value['class'], $cnt_form["error_class"]); } else { $cnt_form["fields"][$key]['value'] = str_replace(' checked', '', $cnt_form["fields"][$key]['value']); } if (isset($POST_val[$POST_name])) { $form_newletter_setting['selection'] = $POST_val[$POST_name]; } else { $form_newletter_setting['selection'] = false; } } // prepare default settings for newsletter field $form_value_default = convertStringToArray($cnt_form["fields"][$key]['value'], "\n", 'UNIQUE', false);
function clean_search_text($string = '') { $string = strip_tags($string); $string = strip_bbcode($string); $string = clean_replacement_tags($string); $string = remove_unsecure_rptags($string); $string = str_replace(' ', ' ', $string); $string = preg_replace('/\\s+/', ' ', $string); $string = cleanUpSpecialHtmlEntities($string); return $string; }
require_once PHPWCMS_ROOT . '/include/inc_front/img.func.inc.php'; //ecard $CNT_TMP .= headline($crow["acontent_title"], $crow["acontent_subtitle"], $template_default["article"]); $ecard = unserialize($crow["acontent_form"]); $ecard["send_err"] = 0; $ecard["send_success"] = 0; $ecard["selected"] = ''; // check if e-card was posted if (isset($_POST['ecard_chooser'])) { $ecard["chooser"] = isset($_POST['ecard_chooser']) ? intval($_POST['ecard_chooser']) : 0; $ecard["selected"] = $ecard["chooser"]; $ecard["sender_name"] = clean_slweg(remove_unsecure_rptags($_POST["ecard_sender_name"])); $ecard["sender_email"] = clean_slweg(remove_unsecure_rptags($_POST["ecard_sender_email"])); $ecard["recipient_name"] = clean_slweg(remove_unsecure_rptags($_POST["ecard_recipient_name"])); $ecard["recipient_email"] = clean_slweg(remove_unsecure_rptags($_POST["ecard_recipient_email"])); $ecard["sender_msg"] = clean_slweg(remove_unsecure_rptags($_POST["ecard_sender_msg"])); if (!is_valid_email($ecard["sender_email"]) || !is_valid_email($ecard["recipient_email"])) { $ecard["send_err"] = 1; } else { //send message require_once PHPWCMS_ROOT . '/include/inc_ext/phpmailer/PHPMailerAutoload.php'; $ecard["capt"] = explode("\n", $ecard["caption"]); $thumb_image = get_cached_image(array("target_ext" => $ecard['images'][$ecard["chooser"]][3], "image_name" => $ecard['images'][$ecard["chooser"]][2] . '.' . $ecard['images'][$ecard["chooser"]][3], "max_width" => $ecard['images'][$ecard["chooser"]][4], "max_height" => $ecard['images'][$ecard["chooser"]][5], "thumb_name" => md5($ecard['images'][$ecard["chooser"]][2] . $ecard['images'][$ecard["chooser"]][4] . $ecard['images'][$ecard["chooser"]][5] . $phpwcms["sharpen_level"] . $phpwcms['colorspace']))); $list_img_temp = '<img src="' . PHPWCMS_IMAGES . $thumb_image[0] . '" ' . $thumb_image[3] . ' alt="' . html_specialchars($ecard['images'][$ecard["chooser"]][1]) . '" />'; $ecard["send"] = str_replace('###ECARD_TITLE###', html_specialchars(chop($ecard["capt"][$ecard["chooser"]])), $ecard["send"]); $ecard["send"] = str_replace('###ECARD_IMAGE###', $list_img_temp, $ecard["send"]); $ecard["send"] = str_replace('###RECIPIENT_NAME###', $ecard["recipient_name"] ? html_specialchars($ecard["recipient_name"]) : html_specialchars($ecard["recipient_email"]), $ecard["send"]); $ecard["send"] = str_replace('###RECIPIENT_EMAIL###', html_specialchars($ecard["recipient_email"]), $ecard["send"]); $ecard["send"] = str_replace('###SENDER_MESSAGE###', nl2br(html_specialchars($ecard["sender_msg"])), $ecard["send"]); $ecard["send"] = str_replace('###ECARD_SUBJECT###', html_specialchars($ecard["subject"]), $ecard["send"]); $ecard["mailer"] = new PHPMailer();
require_once PHPWCMS_ROOT . '/include/inc_lib/dbcon.inc.php'; require_once PHPWCMS_ROOT . '/include/inc_lib/general.inc.php'; checkLogin(); require_once PHPWCMS_ROOT . '/include/inc_lib/backend.functions.inc.php'; if (isset($_GET['del']) && intval($_GET['del'])) { $sql = "UPDATE " . DB_PREPEND . "phpwcms_guestbook SET guestbook_trashed=9 WHERE guestbook_cid="; $sql .= intval($_GET['cid']) . " AND guestbook_id=" . intval($_GET['del']) . " LIMIT 1;"; _dbQuery($sql, 'UPDATE'); } if (isset($_GET['edit']) && intval($_GET['edit'])) { $gberror = ''; if (isset($_POST['gbsubmit'])) { $gbemail = clean_slweg(remove_unsecure_rptags($_POST['gbemail'])); $gbname = clean_slweg(remove_unsecure_rptags($_POST['gbname'])); $gburl = clean_slweg(remove_unsecure_rptags($_POST['gburl'])); $gbmsg = clean_slweg(remove_unsecure_rptags($_POST['gbmsg'])); $gbshow = intval($_POST['gbshow']); if ($gbshow > 2) { $gbshow = 0; } $gbid = intval($_POST['gbid']); $gbcid = intval($_POST['gbcid']); if (!$gbemail || !$gbname) { $gberror = 'Old values recovered - no changes made'; } if (!$gberror) { $sql = "UPDATE " . DB_PREPEND . "phpwcms_guestbook SET "; $sql .= "guestbook_msg=" . _dbEscape($gbmsg) . ", "; $sql .= "guestbook_name=" . _dbEscape($gbname) . ", "; $sql .= "guestbook_email=" . _dbEscape($gbemail) . ", "; $sql .= "guestbook_url=" . _dbEscape($gburl) . ", ";
function combined_POST_cleaning($val) { $val = clean_slweg($val); $val = remove_unsecure_rptags($val); return $val; }
function showSelectedContent($param = '', $cpsql = null, $listmode = false) { global $template_default; global $db; global $content; global $block; global $phpwcms; global $aktion; $topcount = 999999; $template = ''; $param = is_array($param) && isset($param[1]) ? $param[1] : $param; $type = null; $mode = null; $related_type = 'OR'; $where = ''; $not = array(); if ($cpsql === null) { if ($cp = explode(',', $param)) { $mode = strtoupper(trim($cp[0])); $type = substr($mode, 0, 2); if ($type === 'AS') { $mode = explode('|', $cp[0]); if (isset($mode[1])) { $mode[1] = trim($mode[1]); if (is_numeric($mode[1])) { $topcount = intval($mode[1]); } elseif (empty($mode[2]) && strlen($mode[1]) > 4 && ($mode[1] == 'default' || is_file(PHPWCMS_TEMPLATE . 'inc_cntpart/articlesummary/list/' . $mode[1]))) { $template = $mode[1]; } } if (isset($mode[2])) { $mode[2] = trim($mode[2]); if (is_numeric($mode[2])) { $topcount = intval($mode[2]); } elseif (strlen($mode[2]) > 4 && ($mode[2] == 'default' || is_file(PHPWCMS_TEMPLATE . 'inc_cntpart/articlesummary/list/' . $mode[2]))) { $template = $mode[2]; } } $mode = strtoupper(trim($mode[0])); if (isset($cp[1])) { // now check if $cp[1] = trim($cp[1]); if (!is_numeric($cp[1])) { $cp[1] = explode('|', $cp[1], 2); // Check for OR or AND if (isset($cp[1][1])) { $related_type = strtoupper(trim($cp[1][1])); if ($related_type !== 'AND' && $related_type !== 'OR') { $related_type = 'OR'; } } $cp[1] = trim($cp[1][0]); switch ($cp[1]) { case 'random': $where = 'RANDOM'; break; case 'related': if (isset($cp[2])) { unset($cp[0], $cp[1]); $related = array(); foreach ($cp as $value) { $related[] = "article_keyword LIKE " . _dbEscape(strtoupper(trim($value)), true, '%', '%'); } if (count($related)) { $where = '(' . implode(' ' . $related_type . ' ', $related) . ')'; } } break; case 'new': default: $where = 'NEW'; break; } $not[] = $aktion[1]; $cp = array(); } } } if (count($cp)) { unset($cp[0]); foreach ($cp as $key => $value) { $value = intval($value); if (!$value) { unset($cp[$key]); } else { $cp[$key] = $value; } } if (!count($cp)) { return ''; } } } else { // oh no ID given, end function return ''; } } elseif (is_string($cpsql)) { // Otherwise custom SQL // and fallback to CPC mode $type = 'CP'; $mode = 'CPC'; $cp = array(0); } $CNT_TMP = ''; // Article Mode if ($type === 'AS') { if (substr($mode, -1) == 'P') { $mode = substr($mode, 0, -1); $priorize = 'article_priorize DESC, '; } else { $priorize = ''; } switch ($mode) { case 'ASL': $sort = $priorize . 'article_begin ASC'; break; // sorted by livedate ascending // sorted by livedate ascending case 'ASLD': $sort = $priorize . 'article_begin DESC'; break; // sorted by livedate descending // sorted by livedate descending case 'ASK': $sort = $priorize . 'article_end ASC'; break; // sorted by killdate ascending // sorted by killdate ascending case 'ASKD': $sort = $priorize . 'article_end DESC'; break; // sorted by killdate descending // sorted by killdate descending case 'ASC': $sort = $priorize . 'article_tstamp ASC'; break; // sorted by change date ascending // sorted by change date ascending case 'ASCD': $sort = $priorize . 'article_tspamp DESC'; break; // sorted by change date descending // sorted by change date descending case 'AST': $sort = $priorize . 'article_keyword ASC'; break; // sorted by keyword ascending // sorted by keyword ascending case 'ASTD': $sort = $priorize . 'article_keyword DESC'; break; // sorted by keyword descending // sorted by keyword descending case 'ASR': $sort = 'RAND()'; break; // random sort // random sort default: $sort = ''; } $CNT_TMP = list_articles_summary(get_article_data($cp, $topcount, $sort, $where, $not), $topcount, $template); // Content Part mode CP, CPA, CPAD, CPS, CPAS, CPASD } elseif ($type === 'CP') { $sort = $mode == 'CPAD' || $mode == 'CPASD' ? ' DESC' : ''; //means ASCENDING foreach ($cp as $value) { if ($mode == 'CP') { // content part listing $sql = "SELECT * FROM " . DB_PREPEND . "phpwcms_articlecontent "; $sql .= "INNER JOIN " . DB_PREPEND . "phpwcms_article ON "; $sql .= DB_PREPEND . "phpwcms_article.article_id=" . DB_PREPEND . "phpwcms_articlecontent.acontent_aid "; $sql .= "WHERE acontent_id=" . $value . " AND acontent_visible=1 "; $sql .= "AND acontent_block NOT IN ('CPSET', 'SYSTEM') "; if (!FEUSER_LOGIN_STATUS) { $sql .= 'AND acontent_granted=0 '; } $sql .= "AND acontent_trash=0 AND " . DB_PREPEND . "phpwcms_article.article_deleted=0 "; if (!PREVIEW_MODE) { $sql .= ' AND ' . DB_PREPEND . "phpwcms_article.article_begin < NOW() AND " . DB_PREPEND . "phpwcms_article.article_end > NOW() "; } $sql .= "LIMIT 1"; } elseif ($mode == 'CPS') { $sql = "SELECT * FROM " . DB_PREPEND . "phpwcms_articlecontent "; $sql .= "INNER JOIN " . DB_PREPEND . "phpwcms_article ON "; $sql .= DB_PREPEND . "phpwcms_article.article_id=" . DB_PREPEND . "phpwcms_articlecontent.acontent_aid "; $sql .= "WHERE acontent_id=" . $value . " AND acontent_visible=1 "; $sql .= "AND acontent_block='SYSTEM' "; if (!FEUSER_LOGIN_STATUS) { $sql .= 'AND acontent_granted=0 '; } $sql .= "AND acontent_trash=0 AND " . DB_PREPEND . "phpwcms_article.article_deleted=0 "; if (!PREVIEW_MODE) { $sql .= ' AND ' . DB_PREPEND . "phpwcms_article.article_begin < NOW() AND " . DB_PREPEND . "phpwcms_article.article_end > NOW() "; } $sql .= "LIMIT 1"; } elseif ($mode == 'CPC') { $sql = $cpsql; } else { // content parts based on article ID $sql = "SELECT * FROM " . DB_PREPEND . "phpwcms_articlecontent "; $sql .= "WHERE acontent_aid=" . $value . " AND acontent_visible=1 AND acontent_trash=0 "; if ($mode == 'CPAS' || $mode == 'CPASD') { $sql .= "AND acontent_block='SYSTEM' "; } else { $sql .= "AND acontent_block NOT IN ('CPSET', 'SYSTEM') "; } if (!FEUSER_LOGIN_STATUS) { $sql .= 'AND acontent_granted=0 '; } $sql .= "ORDER BY acontent_sorting" . $sort . ", acontent_id"; } if (!empty($sql) && ($cresult = mysql_query($sql, $db))) { while ($crow = mysql_fetch_assoc($cresult)) { if ($crow["acontent_type"] == 30 && !isset($phpwcms['modules'][$crow["acontent_module"]])) { continue; } if ($crow["acontent_type"] == 24) { // first retrieve alias ID information and settings $crow = getContentPartAlias($crow); if ($crow === false) { continue; } } // Set listmode setting, allows fallback listmode content part template // for content parts which supports it (ToDo extend it) $crow['acontent_template_listmode'] = $listmode; $space = getContentPartSpacer($crow["acontent_before"], $crow["acontent_after"]); // Space before $CNT_TMP .= $space['before']; // set frontend edit link $CNT_TMP .= getFrontendEditLink('CP', $crow['acontent_aid'], $crow['acontent_id']); // include content part code section if ($crow["acontent_type"] != 30) { include PHPWCMS_ROOT . '/include/inc_front/content/cnt' . $crow["acontent_type"] . '.article.inc.php'; } elseif ($crow["acontent_type"] == 30 && file_exists($phpwcms['modules'][$crow["acontent_module"]]['path'] . 'inc/cnt.article.php')) { $CNT_TMP .= getFrontendEditLink('module', $phpwcms['modules'][$crow["acontent_module"]]['name'], $crow['acontent_aid']); // now try to include module content part code include $phpwcms['modules'][$crow["acontent_module"]]['path'] . 'inc/cnt.article.php'; } //check if top link should be shown $CNT_TMP .= getContentPartTopLink($crow["acontent_top"]); //Maybe content part ID should b used inside templates or for something different $CNT_TMP = str_replace(array('[%CPID%]', '{CPID}'), $crow["acontent_id"], $CNT_TMP); // trigger content part functions $CNT_TMP = trigger_cp($CNT_TMP, $crow); // Space after $CNT_TMP .= $space['after']; } mysql_free_result($cresult); } } } if (empty($phpwcms["allow_cntPHP_rt"]) || empty($phpwcms['enable_inline_php'])) { $CNT_TMP = remove_unsecure_rptags($CNT_TMP); } return trim($CNT_TMP); }
$temp_mailtext .= '{NEWSLETTER_DELETE}' . "\n\n\n"; $temp_mailtext .= 'Best Regards' . "\n"; $temp_mailtext .= $phpwcms['SMTP_FROM_NAME'] . "\n"; $temp_mailtext .= $phpwcms["admin_email"] . "\n\n"; $temp_mailtext .= "--\nIP: {IP}, Date: {DATE:d-m-Y, H:i:s}\n"; if (!$content["newsletter"]["change_text"]) { $content["newsletter"]["change_text"] = $temp_mailtext; } if (!$content["newsletter"]["reg_text"]) { $content["newsletter"]["reg_text"] = $temp_mailtext; } } if (isset($_POST["newsletter_send"]) && intval($_POST["newsletter_send"])) { unset($content["newsletter"]["email_subscription"]); $content["newsletter"]["email_address"] = clean_slweg(remove_unsecure_rptags($_POST["newsletter_email"]), 250); $content["newsletter"]["email_name"] = clean_slweg(remove_unsecure_rptags($_POST["newsletter_name"]), 250); $content["newsletter"]["email_subscription"] = isset($_POST["email_subscription"]) && is_array($_POST["email_subscription"]) ? $_POST["email_subscription"] : array(0 => 0); if (empty($content["newsletter"]["url1"])) { $content["newsletter"]["url1"] = ''; } if (empty($content["newsletter"]["url2"])) { $content["newsletter"]["url2"] = ''; } if (is_valid_email($content["newsletter"]["email_address"])) { //Success $content["newsletter"]["success"] = 1; $content["newsletter"]["reffering_key"] = ""; $check_sql = "SELECT * FROM " . DB_PREPEND . "phpwcms_address WHERE address_email=" . _dbEscape($content["newsletter"]["email_address"]) . " LIMIT 1"; if ($check_result = mysql_query($check_sql, $db)) { if ($check_row = mysql_fetch_array($check_result, MYSQL_ASSOC)) { $content["newsletter"]["reffering_key"] = $check_row["address_key"];
$alink_sql .= ' ORDER BY ' . $ao[2]; if ($result = mysql_query($alink_sql, $db) or die("error while getting link article list: " . $alink_sql)) { $alinkmenu['count'] = 0; while ($row = mysql_fetch_row($result)) { $tempRowSpan = ''; $row[3] = preg_replace('/<br[^>]*?>$/i', '', $row[3]); $row['article_id'] = $row[0]; $row['article_alias'] = $row[4]; $row['article_title'] = html_specialchars($row[1]); $alinkmenu['count']++; $row['article_menutitle'] = empty($alinkmenu["titleasnumber"]) ? html_specialchars(empty($row[5]) ? $row[1] : $row[5]) : $alinkmenu['count']; if ($alinkmenu['headertext'] && !empty($row[3])) { $alinkmenu['sum'] = $row[3]; if (!empty($alinkmenu['maxchar'])) { $alinkmenu['sum'] = clean_replacement_tags($alinkmenu['sum']); $alinkmenu['sum'] = remove_unsecure_rptags($alinkmenu['sum']); $alinkmenu['sum'] = preg_replace('/\\s/i', ' ', $alinkmenu['sum']); $alinkmenu['sum'] = preg_replace('/\\s{2,}/i', ' ', $alinkmenu['sum']); $alinkmenu['sum'] = trim(decode_entities($alinkmenu['sum'])); $alinkmenu['sum'] = wordwrap($alinkmenu['sum'], $alinkmenu['maxchar'], "\n"); list($alinkmenu['sum']) = explode("\n", $alinkmenu['sum']); $alinkmenu['sum'] = trim($alinkmenu['sum']); $alinkmenu['sum'] = html_specialchars($alinkmenu['sum']); if (!empty($alinkmenu['morelink'])) { $alinkmenu['sum'] .= '<a href="index.php?' . setGetArticleAid($row) . '" title="' . $row['article_title'] . '">'; $alinkmenu['sum'] .= $alinkmenu['morelink']; $alinkmenu['sum'] .= '</a>'; } } } else { $alinkmenu['sum'] = false;