switch ($_GET['action']) {
case 'view':
if (@$_SESSION['rights']['public']['awards']['view'] or @$_SESSION['rights']['superadmin']) {
awards_view((int) $_GET['id']);
$conditions['action'] = 'add';
$conditions['link'] = '?section=news&action=comments&id=' . (int) $_GET['id'];
comments_get('awards', (int) $_GET['id'], $conditions);
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'addcomment':
if (@$_SESSION['rights']['public']['awards']['com_add'] or @$_SESSION['rights']['superadmin']) {
$conditions['action'] = 'add';
$conditions['link'] = '?section=awards&action=view&id=' . (int) $_GET['id'];
comments_add('awards', (int) $_GET['id'], $conditions);
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'editcomment':
$conditions['action'] = 'edit';
$conditions['link'] = '?section=awards&action=view&id=' . (int) $_GET['subid'];
comments_edit('awards', (int) $_GET['subid'], (int) $_GET['id'], $conditions);
break;
default:
if (@$_SESSION['rights']['public']['awards']['view'] or @$_SESSION['rights']['superadmin']) {
awards();
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'comments':
if (@$_SESSION['rights']['public']['news']['com_view'] or @$_SESSION['rights']['superadmin']) {
news_once((int) $_GET['id']);
$conditions['action'] = 'add';
$conditions['link'] = '?section=news&action=comments&id=' . (int) $_GET['id'];
comments_get('news', (int) $_GET['id'], $conditions);
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'addcomment':
if (@$_SESSION['rights']['public']['news']['com_add'] or @$_SESSION['rights']['superadmin']) {
$conditions['action'] = 'add';
$conditions['link'] = '?section=news&action=comments&id=' . (int) $_GET['id'];
comments_add('news', (int) $_GET['id'], $conditions);
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'editcomment':
$conditions['action'] = 'edit';
$conditions['link'] = '?section=news&action=comments&id=' . (int) $_GET['subid'];
comments_edit('news', (int) $_GET['subid'], (int) $_GET['id'], $conditions);
break;
default:
if (@$_SESSION['rights']['public']['news']['view'] or @$_SESSION['rights']['superadmin']) {
news();
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'newmsg':
account_new_msg();
break;
case 'stats':
account_stats();
break;
case 'guestbook':
$conditions['action'] = 'add';
$conditions['link'] = '?section=account&action=guestbook';
comments_get('user', $_SESSION['userID'], $conditions, 0, 1, "user");
break;
case 'addcomment':
$conditions['action'] = 'add';
$conditions['link'] = '?section=account&action=guestbook';
comments_add('user', $_SESSION['userID'], $conditions, "user");
break;
case 'editcomment':
$conditions['action'] = 'edit';
$conditions['link'] = '?section=account&action=guestbook';
comments_edit('user', $_SESSION['userID'], (int) $_GET['id'], $conditions, "user");
break;
default:
account();
}
// Funktionen für nicht angemelde User //
} elseif (isset($_GET['action'])) {
switch ($_GET['action']) {
case 'register':
account_register();
break;
<?php
// vim: sw=4:ts=4:noet:sta:
if (isset($_POST['lib_comments'])) {
if (!session_id()) {
session_start();
}
ob_start();
$action = $_POST['action'];
if ($action == 'add') {
$r = comments_add();
} else {
if ($action == 'del') {
$r = comments_del();
} else {
if ($action == 'mass_prune') {
$r = comments_mass_prune();
}
}
}
ob_end_clean();
echo $r;
exit;
}
function comments_add()
{
$parent_id = (int) $_POST['parent_id'];
$author = mysql_escape_string($_POST['author']);
$email = mysql_escape_string($_POST['email']);
$jevix = new Jevix();
$jevix->cfgAllowTags(array('p', 'blockquote', 'cite', 'b', 'i', 'br'));
gallery_kate((int) $_GET['id']);
break;
case 'gallery':
gallery_gallery((int) $_GET['id']);
break;
case 'viewpic':
gallery_viewpic((int) $_GET['id']);
$conditions['action'] = 'add';
$conditions['link'] = '?section=gallery&action=viewpic&id=' . (int) $_GET['id'];
comments_get('gallery', (int) $_GET['id'], $conditions);
break;
case 'addcomment':
if (@$_SESSION['rights']['public']['gallery']['com_add'] or @$_SESSION['rights']['superadmin']) {
$conditions['action'] = 'add';
$conditions['link'] = '?section=gallery&action=viewpic&id=' . (int) $_GET['id'];
comments_add('gallery', (int) $_GET['id'], $conditions);
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'editcomment':
$conditions['action'] = 'edit';
$conditions['link'] = '?section=gallery&action=viewpic&id=' . (int) $_GET['subid'];
comments_edit('gallery', (int) $_GET['subid'], (int) $_GET['id'], $conditions);
break;
default:
gallery();
}
} else {
gallery();
}
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'vote':
if (@$_SESSION['rights']['public']['survey']['view'] or @$_SESSION['rights']['superadmin']) {
survey_vote((int) $_GET['id']);
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'addcomment':
if (@$_SESSION['rights']['public']['survey']['com_add'] or @$_SESSION['rights']['superadmin']) {
$conditions['action'] = 'add';
$conditions['link'] = '?section=survey&action=viewsurvey&id=' . (int) $_GET['id'];
comments_add('survey', (int) $_GET['id'], $conditions);
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'editcomment':
$conditions['action'] = 'edit';
$conditions['link'] = '?section=survey&action=viewsurvey&id=' . (int) $_GET['subid'];
comments_edit('survey', (int) $_GET['subid'], (int) $_GET['id'], $conditions);
break;
default:
if (@$_SESSION['rights']['public']['survey']['view'] or @$_SESSION['rights']['superadmin']) {
survey();
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'setpart':
if (@$_SESSION['rights']['public']['clanwars']['view_next'] or @$_SESSION['rights']['superadmin']) {
clanwars_next_part((int) $_GET['id'], (int) $_GET['mode']);
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'addcomment':
if (@$_SESSION['rights']['public']['clanwars']['com_add'] or @$_SESSION['rights']['superadmin']) {
$conditions['action'] = 'add';
$conditions['link'] = '?section=clanwars&action=view&id=' . (int) $_GET['id'];
comments_add('clanwars', (int) $_GET['id'], $conditions);
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'editcomment':
$conditions['action'] = 'edit';
$conditions['link'] = '?section=clanwars&action=view&id=' . (int) $_GET['subid'];
comments_edit('clanwars', (int) $_GET['subid'], (int) $_GET['id'], $conditions);
break;
default:
if (@$_SESSION['rights']['public']['clanwars']['view'] or @$_SESSION['rights']['superadmin']) {
clanwars();
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'comments':
if (@$_SESSION['rights']['public']['guestbook']['com_view'] or @$_SESSION['rights']['superadmin']) {
gb_once((int) $_GET['id']);
$conditions['action'] = 'add';
$conditions['link'] = '?section=guestbook&action=comments&id=' . (int) $_GET['id'];
comments_get('gb_com', (int) $_GET['id'], $conditions, 0, 1, 'guestbook');
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'addcomment':
if (@$_SESSION['rights']['public']['guestbook']['com_add'] or @$_SESSION['rights']['superadmin']) {
$conditions['action'] = 'add';
$conditions['link'] = '?section=guestbook&action=comments&id=' . (int) $_GET['id'];
comments_add('gb_com', (int) $_GET['id'], $conditions, 'guestbook');
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'editcomment':
$conditions['action'] = 'edit';
$conditions['link'] = '?section=guestbook&action=comments&id=' . (int) $_GET['subid'];
comments_edit('gb_com', (int) $_GET['subid'], (int) $_GET['id'], $conditions, 'guestbook');
break;
case 'editgbcomment':
$conditions['action'] = 'editgb';
$conditions['link'] = '?section=guestbook&action=comments&id=' . (int) $_GET['id'];
comments_edit('guestbook', 0, (int) $_GET['id'], $conditions, 'guestbook', 'edit');
break;
default:
}
if (isset($_GET['action'])) {
switch ($_GET['action']) {
case 'viewonline':
user_view_online();
break;
case 'list':
if (@$_SESSION['rights']['public']['user']['list'] or @$_SESSION['rights']['superadmin']) {
user_liste();
} else {
table(ERROR, ACCESS_DENIED);
}
break;
case 'addcomment':
$conditions['action'] = 'add';
$conditions['link'] = '?section=user&view=gb&id=' . (int) $_GET['id'];
comments_add('user', (int) $_GET['id'], $conditions);
break;
case 'editcomment':
$conditions['action'] = 'edit';
$conditions['link'] = '?section=user&view=gb&id=' . (int) $_GET['subid'];
comments_edit('user', (int) $_GET['subid'], (int) $_GET['id'], $conditions);
break;
default:
table(ERROR, NO_FUNKTION_CHOOSE);
}
} elseif (isset($_GET['id'])) {
user_details((int) $_GET['id']);
} else {
table(ERROR, NO_FUNKTION_CHOOSE);
}
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'getfile':
if (@$_SESSION['rights']['public']['downloads']['download'] or @$_SESSION['rights']['superadmin']) {
get_file((int) $_GET['id']);
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'addcomment':
if (@$_SESSION['rights']['public']['downloads']['com_add'] or @$_SESSION['rights']['superadmin']) {
$conditions['action'] = 'add';
$conditions['link'] = '?section=downloads&action=viewdl&id=' . (int) $_GET['id'];
comments_add('downloads', (int) $_GET['id'], $conditions);
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}
break;
case 'editcomment':
$conditions['action'] = 'edit';
$conditions['link'] = '?section=downloads&action=viewdl&id=' . (int) $_GET['subid'];
comments_edit('downloads', (int) $_GET['subid'], (int) $_GET['id'], $conditions);
break;
default:
if (@$_SESSION['rights']['public']['downloads']['view'] or @$_SESSION['rights']['superadmin']) {
downloads();
} else {
echo table(ACCESS_DENIED, NO_ACCESS_RIGHTS);
}