/** * Zeigt das Formular an, in dem User ihre Einträge machen können * * @param $text Vorbelegung für den text * @param $mail Vorbelegung für die Emailadresse * @param $page Vorbelegung für die Homepage */ function showForm($text = "", $mail = "", $page = "", $fehler = "") { global $allgAr; $tpl = new tpl('gbook.htm'); $ar = array('uname' => $_SESSION['authname'], 'SMILIES' => getsmilies(), 'ANTISPAM' => get_antispam('gbook', 1), 'TXTL' => $allgAr['Gtxtl'], 'TEXT' => $text, 'PAGE' => $page, 'MAIL' => $mail, 'FEHLER' => $fehler); $tpl->set_ar_out($ar, "formular_eintrag"); if (!isset($_SESSION['klicktime_gbook'])) { $_SESSION['klicktime_gbook'] = 0; } }
function show_sitemap($q, $lv, $table, $menu, $where, $was) { $limit = 200; $page = $menu->getA(2) == 'p' ? $menu->getE(2) : 1; $MPL = db_make_sites($page, $where, $limit, '?sitemap-' . $menu->get(1), $table); $anfang = ($page - 1) * $limit; $q = db_query($q . " LIMIT " . $anfang . "," . $limit); $tpl = new tpl('sitemap'); $l = ''; while ($r = db_fetch_row($q)) { $l .= $tpl->list_get('links', array(str_replace('{id}', $r[0], $lv), $r[1])); } $tpl->set_ar_out(array('MPL' => $MPL, 'site' => $was, 'links' => $l), 1); }
function sharchiv() { $tpl = new tpl('shbox4', 0); echo '<div> <h4 align="center" class="Chead">' . $this->version . ' Archiv</h4> </div>'; $erg = db_query('SELECT * FROM `prefix_shbox4` ORDER BY `id` DESC'); while ($row = db_fetch_assoc($erg)) { $text = $row['txt']; $text = $this->shtext($text); $ar = array('AUSGABE' => '<p class="Cdark" style="margin:0;">' . $this->shdate($row['time'], $row['uid']) . '</p> <p class="Cnorm" style="margin:0;">' . $this->colortext($this->sh_usercheck($row['uid']), $text) . '</p> <br />'); $tpl->set_ar_out($ar, 2); } $tpl->set_ar(array('VERS' => $this->version())); $tpl->out(3); }
function wd($wdLINK, $wdTEXT, $wdZEIT = 3) { global $lang; if (!is_array($wdLINK)) { $urls = '<a href="' . $wdLINK . '">' . $lang['forward2'] . '</a>'; $wdURL = $wdLINK; } else { $urls = ''; $i = 0; foreach ($wdLINK as $k => $v) { if ($i == 0) { $wdURL = $v; } $urls .= '<a href="' . $v . '">' . $k . '</a><br />'; $i++; } } $tpl = new tpl('weiterleitung.htm'); $ar = array('LINK' => $urls, 'URL' => $wdURL, 'ZEIT' => $wdZEIT, 'TEXT' => $wdTEXT); $tpl->set_ar_out($ar, 0); unset($tpl); }
/** * Die Adminnavigation aus der angegeben XML-Datei auslesen * * @param $file die zu lesende XML-Datei */ function get_ini_menu($file) { $menus = simplexml_load_file($file); $umenu = ''; $tpl = new tpl('adminsubmenu', 1); if ($menus->attributes()->hide == 'true') { $tpl->out(4); return $umenu; } foreach ($menus->list as $liste) { $tpl->set_out('headline', $liste->attributes()->title, 0); $tpl->out(1); foreach ($liste->modul as $mod) { // wenn der nutzer die nötigen rechte hat if ($mod->right >= $_SESSION['authright'] or !isset($mod->right)) { $tpl->set_ar_out(array('url' => $mod->url, 'title' => utf8_decode($mod->title)), 2); } } $tpl->out(3); } return $umenu; }
} $tpl->out(4); } elseif ($row['status'] == 3) { // lastwars $row['memberliste'] = lastwars_get_memberlist($_GET['mehr']); $wlpar = array(1 => 'gewonnen', 2 => 'verloren', 3 => 'unentschieden'); $row['erg'] = $row['owp'] . ' zu ' . $row['opp']; $row['ergliste'] = get_erg_liste($_GET['mehr']); $row['wlp'] = $wlpar[$row['wlp']]; $title = $allgAr['title'] . ' :: Wars :: Lastwars'; $hmenu = '<a href="?wars" class="smalfont">Wars</a><b> » </b>Lastwars'; $design = new design($title, $hmenu); $design->header(); $tpl = new tpl('wars_last'); $row['tag'] = empty($row['tag']) ? $row['gegner'] : $row['tag']; $tpl->set_ar_out($row, 0); // kommentare fuer lastwars if ($allgAr['wars_last_komms'] < 0 and has_right($allgAr['wars_last_komms'])) { // aktion if (isset($_POST['kommentar_fuer_last_wars'])) { $name = $_SESSION['authname']; $text = escape($_POST['text'], 'textarea'); db_query("INSERT INTO prefix_koms (name,cat,text,uid) VALUES ('" . $name . "','WARSLAST', '" . $text . "', " . $_GET['mehr'] . " )"); } if (isset($_GET['kommentar_fuer_last_wars_loeschen']) and is_siteadmin('wars')) { db_query("DELETE FROM prefix_koms WHERE cat = 'WARSLAST' AND uid = " . $_GET['mehr'] . " AND id = " . $_GET['kommentar_fuer_last_wars_loeschen']); } // anzeigen $tpl->out(1); $class = ''; $erg = db_query("SELECT name,text,id FROM prefix_koms WHERE cat = 'WARSLAST' AND uid = " . $_GET['mehr'] . " ORDER BY id DESC");
$tpl->set('minus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag < 0"), 0)); $tpl->set('plus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag > 0"), 0)); $tpl->set('saldo', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse"), 0)); $tpl->set('Jminus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag < 0 AND datum >= '" . $jaka . "' AND datum <= '" . $jake . "'"), 0)); $tpl->set('Jplus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag > 0 AND datum >= '" . $jaka . "' AND datum <= '" . $jake . "'"), 0)); $tpl->set('Jsaldo', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE datum >= '" . $jaka . "' AND datum <= '" . $jake . "'"), 0)); $tpl->set('Mminus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag < 0 AND datum >= '" . $aka . "' AND datum <= '" . $ake . "'"), 0)); $tpl->set('Mplus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag > 0 AND datum >= '" . $aka . "' AND datum <= '" . $ake . "'"), 0)); $tpl->set('Msaldo', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE datum >= '" . $aka . "' AND datum <= '" . $ake . "'"), 0)); $tpl->set('month', $lang[date('F', $akt)]); $tpl->set('pm', $pm); $tpl->set('nm', $nm); $tpl->set('py', $py); $tpl->set('ny', $ny); $tpl->set('jahr', $y); $tpl->out(0); $class = ''; $erg = db_query("SELECT name, verwendung, id, ROUND(betrag,2) as betrag FROM prefix_kasse WHERE datum >= '" . $aka . "' AND datum <= '" . $ake . "' ORDER BY datum DESC"); while ($r = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $r['class'] = $class; if (has_right(-8, 'kasse')) { $r['verwendung'] .= '<span style="float: right;"> <a href="admin.php?kasse-' . $r['id'] . '"><img src="include/images/icons/edit.gif" border="0" title="' . $lang['change'] . '" alt="' . $lang['change'] . '" /></a> <a href="index.php?kasse-d' . $r['id'] . '"><img src="include/images/icons/del.gif" border="0" title="' . $lang['delete'] . '" alt="' . $lang['delete'] . '" /></a> </span>'; } $tpl->set_ar_out($r, 1); } $tpl->out(2); $design->footer();
$page = $menu->getA(3) == 'p' ? $menu->getE(3) : 1; $filtername = escape($menu->get(2), 'string'); } else { $page = $menu->getA(1) == 'p' ? $menu->getE(1) : 1; } $anfang = ($page - 1) * $limit; $tpl = new tpl('user/memb_list.htm'); if (isset($_GET['filtername']) and !empty($_GET['filtername'])) { $filtername = escape($_GET['filtername'], 'string'); } if (!empty($filtername)) { $sql_search = " WHERE prefix_user.name LIKE '%" . $filtername . "%'"; $MPL = db_make_sites($page, $sql_search, $limit, '?user-filtername-' . $filtername, 'user'); } else { $sql_search = ""; $MPL = db_make_sites($page, "", $limit, '?user', 'user'); } $tpl->set_out('SITELINK', $MPL, 0); $class = ''; $erg = db_query("SELECT\r\n posts,\r\n prefix_user.id,\r\n prefix_grundrechte.name as recht_name,\r\n regist,\r\n prefix_user.name\r\nFROM prefix_user\r\n LEFT JOIN prefix_grundrechte ON prefix_user.recht = prefix_grundrechte.id\r\n {$sql_search}\r\nORDER by recht,prefix_user.posts DESC LIMIT " . $anfang . "," . $limit); while ($row = db_fetch_object($erg)) { if ($class == 'Cmite') { $class = 'Cnorm'; } else { $class = 'Cmite'; } $ar = array('NAME' => $row->name, 'RANG' => userrang($row->posts, $row->id), 'CLASS' => $class, 'POSTS' => $row->posts, 'UID' => $row->id, 'DATE' => date('d.m.Y', $row->regist), 'GRUPE' => $row->recht_name); $tpl->set_ar_out($ar, 1); } $tpl->set_out('filtername', $filtername ? $filtername : '', 2); $design->footer();
db_query('UPDATE `prefix_rules` SET `text` = "' . $text . '", `titel` = "' . $titel . '", `zahl` = "' . $zahl . '" WHERE `id` = "' . $sid . '"'); } } if (!empty($_GET['delete'])) { $delete = escape($_GET['delete'], 'integer'); db_query('DELETE FROM `prefix_rules` WHERE `id` = "' . $delete . '" LIMIT 1'); } if (empty($_GET['sid'])) { $row = array(); $row['sub'] = 'Eintragen'; $row['zahl'] = ''; $row['titel'] = ''; $row['text'] = $row['sid'] = ''; } else { $abf = 'SELECT `text`,`zahl`,`titel`,`id` as `sid` FROM `prefix_rules` WHERE `id` = "' . escape($_GET['sid'], 'integer') . '"'; $erg = db_query($abf); $row = db_fetch_assoc($erg); $row['sub'] = 'Ändern'; } $clas = ''; $tpl = new tpl('rules', 1); $row['ANTISPAM'] = get_antispam('adminuser_action', 0, true); $tpl->set_ar_out($row, 0); $erg = db_query('SELECT * FROM `prefix_rules` ORDER BY `zahl`'); while ($row = db_fetch_assoc($erg)) { $clas = $clas == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $clas; $tpl->set_ar_out($row, 1); } $tpl->out(2); $design->footer();
* @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) * @copyright (C) 2000-2010 ilch.de * @version $Id$ */ defined('main') or die('no direct access'); defined('admin') or die('only admin access'); if ($menu->get(1) == "phpinfo") { phpinfo(); } else { $design = new design('Ilch Admin-Control-Panel :: Serverkonfiguration', '', 2); $design->header(); $tpl = new tpl('checkconf', 1); $tpl->out(0); // # Server conf $tpl->set_out('head', $lang['phpserverconf'], 1); $tpl->set_ar_out(array('class' => 'Cmite', 'opt' => 'version', 'val' => phpversion()), 3); $confstrings = array("safe_mode", "display_errors", "max_execution_time", "memory_limit", "register_globals", "file_uploads", "upload_max_filesize", "post_max_size", "disable_functions"); $class = 'Cmite'; foreach ($confstrings as $str) { if ($class == 'Cmite') { $class = 'Cnorm'; } else { $class = 'Cmite'; } $tpl->set("class", $class); $tpl->set("opt", $str); $tpl->set("val", ini_get($str)); $tpl->out(3); } // sockets if ($class == 'Cmite') {
db_query("UPDATE prefix_history SET date = '" . $date . "',title = '" . $title . "',txt = '" . $txt . "' WHERE id = '" . $IdToEdit . "'"); } } else { echo 'Datum stimmt nicht, bitte im Format DD.MM.YYYY eingeben also z.B. 29.12.2005<br />'; } } if (!isset($IdToDelete)) { if ($menu->getA(1) == 'e' and is_numeric($menu->getE(1)) and empty($IdToEdit)) { $IdToEdit = escape($menu->getE(1), 'integer'); $erg = db_query("SELECT id,DATE_FORMAT(date,'%d.%m.%Y') as date,title,txt FROM prefix_history WHERE id = '" . $IdToEdit . "'"); $_ilch = db_fetch_assoc($erg); $_ilch['pkey'] = $IdToEdit; } else { $_ilch = array('pkey' => '', 'date' => date('d.m.Y'), 'title' => '', 'txt' => ''); } $tpl->set_ar_out($_ilch, 0); $limit = 20; $page = $menu->getA(1) == 'p' ? escape($menu->getE(1), 'integer') : 1; $MPL = db_make_sites($page, 'ORDER BY `date` DESC', $limit, '?history', 'history'); $anfang = ($page - 1) * $limit; $abf = "SELECT `id`,`date`,`title` FROM prefix_history ORDER BY `date` DESC LIMIT " . $anfang . "," . $limit; $erg = db_query($abf); while ($row = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $class; list($y, $m, $d) = explode('-', $row['date']); $row['date'] = $d . '.' . $m . '.' . $y; $tpl->set_ar_out($row, 1); } $tpl->set_out('MPL', $MPL, 2); }
<?php /** * @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) * @copyright (C) 2000-2010 ilch.de * @version $Id$ */ defined('main') or die('no direct access'); $title = $allgAr['title'] . ' :: Awards'; $hmenu = 'Awards'; $design = new design($title, $hmenu); $design->header(); $tpl = new tpl('awards.htm'); $tpl->out(0); $class = 'Cnorm'; $erg = db_query("SELECT `platz`, `text`, `wofur`, `team`, `bild`, DATE_FORMAT(time, '%d.%m.%Y') as `time` FROM `prefix_awards` ORDER BY `time` DESC"); while ($row = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; if ($row['bild'] != '' and trim($row['bild']) != 'http://') { $row['bildutime'] = '<span style="float: left; margin-right: 10px;"><img src="' . $row['bild'] . '" alt="' . $row['wofur'] . '" title="' . $row['wofur'] . '"/><br /><font class="smalfont">' . $row['time'] . '</font></span><br />'; } else { $row['bildutime'] = $lang['date'] . ': ' . $row['time'] . '<br />'; } $row['class'] = $class; $tpl->set_ar_out($row, "tabelle"); } $tpl->out("ende"); $design->footer();
$design->footer(1); } } #anzeigen $design->header(); $tpl = new tpl('selfbp', 1); $akl = ''; if (isset($_REQUEST['akl'])) { $akl = $_REQUEST['akl']; } #löschen if (isset($_REQUEST['del'])) { $del = $_REQUEST['del']; $a = substr($del, 0, 1); $e = substr($del, 1); if ($e != 'neu') { unlink('include/contents/selfbp/self' . $a . '/' . $e); } } $text = get_text($akl); $properties = get_properties($text); if (!isset($properties['wysiwyg'])) { $properties['wysiwyg'] = 1; } $text = edit_text($text, false); #$text = rteSafe($text); $filename = get_filename($akl); $akl = get_akl($akl); $view = get_view($properties['view']); $tpl->set_ar_out(array('akl' => $akl, 'text' => $text, 'filename' => $filename, 'exfilename' => $filename, 'wysiwyg' => $properties['wysiwyg'], 'title' => $properties['title'], 'hmenu' => $properties['hmenu'], 'view' => $view, 'viewoptions' => $properties['viewoptions'], 'wysiwyg_editor' => $properties['wysiwyg'] == 1 ? '<script type="text/javascript">buttonPath = "include/images/icons/editor/"; imageBrowse = "admin.php?selfbp-imagebrowser"; makeWhizzyWig("bbwy", "all");</script>' : ''), 0); $design->footer();
} } // Class $class = 'Cmite'; // Template laden $tpl = new tpl('modules/loader', 1); // Template-Header $tpl->out(0); // Module abfragen und Ausgeben $erg = db_query("SELECT `id`, `pos`, `task`, `file`, `description` FROM `prefix_loader` ORDER BY `pos` ASC"); if (db_num_rows($erg) > 0) { $tpl->out(3); while ($row = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $class; $tpl->set_ar_out($row, 4); } } // Tabellenuebergang $tpl->out(1); // Aendern oder Einfuegen if ($aid == 'edit') { $lid = $menu->get(3); $erg = db_query('SELECT `task`, `file`, `description` FROM `prefix_loader` WHERE `id` = ' . $lid); $row = db_fetch_assoc($erg); $task = getTasks($row['task']); $tpl->set_ar_out(array('aname' => 'Eintrag bearbeiten', 'task' => $task, 'file' => $row['file'], 'description' => $row['description'], 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 5); } else { $task = getTasks(''); $tpl->set_ar_out(array('aname' => 'Eintrag hinzufügen', 'task' => $task, 'file' => '', 'description' => '', 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 5); }
$catname = ''; } $title = $allgAr['title'] . ' :: Gallery ' . $cattitle; $hmenu = '<a class="smalfont" href="?gallery">Gallery</a>' . $catname; $design = new design($title, $hmenu); $design->header(); $tpl = new tpl('gallery'); $erg = db_query("SELECT id,name,`besch` FROM prefix_gallery_cats WHERE recht >= {$_SESSION['authright']} AND cat = " . $cid . " ORDER BY pos"); if (db_num_rows($erg) > 0) { $tpl->out(1); $class = 'Cnorm'; while ($row = db_fetch_assoc($erg)) { $row['gallery'] = count_files($row['id']); $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $class; $tpl->set_ar_out($row, 2); } $tpl->out(3); } $limit = $img_per_site; $page = $menu->getA(2) == 'p' ? escape($menu->getE(2), 'integer') : 1; $MPL = db_make_sites($page, '', $limit, '?gallery-' . $cid, "gallery_imgs LEFT JOIN prefix_gallery_cats ON prefix_gallery_imgs.cat = prefix_gallery_cats.id WHERE prefix_gallery_imgs.cat = " . $cid . " AND (recht >= " . $_SESSION['authright'] . " OR recht IS NULL)"); $anfang = ($page - 1) * $limit; $erg = db_query("SELECT prefix_gallery_imgs.id,prefix_gallery_imgs.cat,datei_name,endung,prefix_gallery_imgs.`besch`,klicks,vote_wertung,vote_klicks FROM prefix_gallery_imgs LEFT JOIN prefix_gallery_cats ON prefix_gallery_imgs.cat = prefix_gallery_cats.id WHERE prefix_gallery_imgs.cat = " . $cid . " AND (recht >= " . $_SESSION['authright'] . " OR recht IS NULL) ORDER BY id ASC LIMIT " . $anfang . "," . $limit); if (db_num_rows($erg) > 0) { $tpl->set('imgperline', $allgAr['gallery_imgs_per_line']); $tpl->set('cname', $cname); $tpl->set('breite', $allgAr['gallery_normal_width'] + 30); $tpl->set('MPL', $MPL); $tpl->out(4); $class = 'Cnorm';
$Fsub = 'Ändern'; $Fbez = $row->bez; $Fmin = $row->min; if ($row->spez == 1) { $Fjch = 'checked'; $Fnch = ''; } else { $Fnch = 'checked'; $Fjch = ''; } $Frid = $row->id; $Fakt = 'change'; } $tpl = new tpl('range', 1); $ar = array('SUB' => $Fsub, 'BEZ' => $Fbez, 'MIN' => $Fmin, 'JCH' => $Fjch, 'NCH' => $Fnch, 'RID' => $Frid, 'AKT' => $Fakt); $tpl->set_ar_out($ar, 3); } else { $_POST['bez'] = escape($_POST['bez'], 'string'); $_POST['min'] = escape($_POST['min'], 'integer'); $_POST['spez'] = escape($_POST['spez'], 'integer'); $_POST['rid'] = escape($_POST['rid'], 'integer'); if (empty($_POST['rid'])) { if ($_POST['spez'] == 1) { $_POST['min'] = '0'; } db_query('INSERT INTO `prefix_ranks` (`bez`,`min`,`spez`) VALUES ( "' . $_POST['bez'] . '","' . $_POST['min'] . '","' . $_POST['spez'] . '" ) '); wd('admin.php?range', 'Erfolgreich eingetragen', 1); } else { if ($_POST['spez'] == 1) { $_POST['min'] = '0'; }
case 'gruppen': $uid = $menu->get(2); if (isset($_POST['usergroups'])) { $erg = db_query("SELECT id FROM prefix_groups"); while ($row = db_fetch_assoc($erg)) { $ck = db_count_query("SELECT COUNT(uid) FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row['id']); if ($ck == 0 and isset($_POST['grprhave'][$row['id']][$uid])) { db_query("INSERT INTO prefix_groupusers (uid,gid,fid) VALUES ( " . $uid . ", " . $row['id'] . ", 3 )"); } elseif ($ck == 1 and !isset($_POST['grprhave'][$row['id']][$uid])) { db_query("DELETE FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row['id']); } } } $user_name = db_result(db_query("SELECT name FROM prefix_user WHERE id = " . $uid), 0); $tpl = new tpl('user/gruppen', 1); $tpl->set_ar_out(array('username' => $user_name, 'userid' => $uid), 0); $class = 'Cnorm'; $erg = db_query("SELECT name,id FROM prefix_groups"); while ($row = db_fetch_assoc($erg)) { $ck = db_count_query("SELECT COUNT(uid) FROM prefix_groupusers WHERE uid = " . $uid . " AND gid = " . $row['id']); $row['ck'] = $ck == 0 ? '' : 'checked'; $class = $class == 'Cnorm' ? 'Cmite' : 'Cnorm'; $row['class'] = $class; $tpl->set_ar_out($row, 1); } $tpl->out(2); break; // details eines users anzeigen // details eines users anzeigen case 1: $design = new design('Admins Area', 'Admins Area', 2);
$kategorie = news_find_kat($row->news_kat); $textToShow = bbcode($row->news_text); $textToShow = str_replace('[PREVIEWENDE]', '', $textToShow); if (!empty($such)) { $textToShow = markword($textToShow, $such); } $tpl = new tpl('news.htm'); if (loggedin()) { $uname = $_SESSION['authname']; $readonly = 'readonly'; } else { $uname = ''; $readonly = ''; } $ar = array('TEXT' => $textToShow, 'KATE' => $kategorie, 'NID' => $nid, 'uname' => $uname, 'readonly' => $readonly, 'ANTISPAM' => get_antispam('newskom', 0), 'NAME' => $row->news_title); $tpl->set_ar_out($ar, 2); if ($komsOK) { $tpl->set_ar_out(array('NAME' => $row->news_title, 'NID' => $nid), "koms_on"); $erg1 = db_query("SELECT `text`, `name`, `userid`, `id`, `time` FROM `prefix_koms` WHERE `uid` = " . $nid . " AND `cat` = 'NEWS' ORDER BY `id` DESC"); $anz = db_num_rows($erg1); if ($anz == 0) { echo $lang['nocomments']; } else { while ($row1 = db_fetch_assoc($erg1)) { $row1['text'] = bbcode(trim($row1['text'])); if (has_right(-7, 'news')) { $del = ' <a href="?news-' . $nid . '-d' . $row1['id'] . '"><img src="include/images/icons/del.gif" alt="löschen" border="0" title="löschen" /></a>'; } $tpl->set_ar_out(array('TEXT' => $row1['text'], 'AVATAR' => get_avatar($row1['userid']), 'NAME' => $row1['name'], 'TIME' => post_date($row1['time'], 1) . $del, 'ZAHL' => $anz), "koms_self"); $anz--; }
} if ($show) { $tpl = new tpl('forum/forum', 1); $firstcat = @db_result(db_query("SELECT id FROM `prefix_forumcats` ORDER BY pos LIMIT 1"), 0); if (isset($showcid)) { $id = $showcid; } else { $id = $menu->getA(1) == 'S' ? $menu->getE(1) : (is_numeric($firstcat) ? $firstcat : 0); } $tpl->set_out('cid', $id, 0); $class = ''; $erg = db_query("SELECT id, cid, name as cname, pos as cpos FROM prefix_forumcats WHERE id = {$id} ORDER BY pos"); while ($row = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $class; $tpl->set_ar_out($row, 1); $erg1 = db_query("SELECT\r\n prefix_forums.id as fid,\r\n prefix_forums.name as fname,\r\n prefix_forums.pos as fpos,\r\n case when view <= 0 then vg.name else vt.name end as view,\r\n case when reply <= 0 then rg.name else rt.name end as reply,\r\n case when start <= 0 then sg.name else st.name end as start\r\n FROM prefix_forums\r\n LEFT JOIN prefix_grundrechte as vg ON prefix_forums.view = vg.id\r\n LEFT JOIN prefix_grundrechte as rg ON rg.id = prefix_forums.reply\r\n LEFT JOIN prefix_grundrechte as sg ON sg.id = prefix_forums.start\r\n\r\n\t\t\tLEFT JOIN prefix_groups as vt ON prefix_forums.view = vt.id\r\n LEFT JOIN prefix_groups as rt ON rt.id = prefix_forums.reply\r\n LEFT JOIN prefix_groups as st ON st.id = prefix_forums.start\r\n WHERE prefix_forums.cid = " . $row['id'] . " ORDER BY prefix_forums.pos"); while ($row1 = db_fetch_assoc($erg1)) { $row1['class'] = $row['class']; $row1['cid'] = $id; $tpl->set_ar_out($row1, 2); } } $tpl->out(3); forum_admin_showcats(0, ''); $topcid = is_numeric($r->topcid) ? $r->topcid : 0; $Cout = array(); $Cout['cid'] = $cid; $Cout['ak'] = $um == 'changeCategorie' ? 'change' : 'new'; $Cout['sub'] = $um == 'changeCategorie' ? 'ändern' : 'erstellen'; $Cout['name'] = $um == 'changeCategorie' ? $r->name : '';
} } $tpl->out(1); $class = ''; $statusar = array(2 => $lang['reported'], 1 => $lang['rejected'], 3 => $lang['allowed']); $erg = db_query("SELECT `pruef`, DATE_FORMAT(von,'%d.%m.%Y') as `von`, DATE_FORMAT(bis,'%d.%m.%Y') as `bis`, `betreff`, `prefix_user`.`name`, `uid`, `prefix_awaycal`.`id` FROM `prefix_awaycal` LEFT JOIN `prefix_user` ON `prefix_user`.`id` = `prefix_awaycal`.`uid` ORDER BY `id` DESC"); while ($r = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $r['class'] = $class; $r['status'] = $statusar[$r['pruef']]; if ($r['uid'] == $_SESSION['authid'] or is_siteadmin('awaycal')) { $r['betreff'] .= '<br /><span style="float: right;"><a href="index.php?awaycal-d' . $r['id'] . '"><img src="include/images/icons/del.gif" alt="' . $lang['delete'] . '" title="' . $lang['delete'] . '" border="0" /></a> - <a href="index.php?awaycal-e' . $r['id'] . '"><img src="include/images/icons/edit.gif" alt="' . $lang['change'] . '" title="' . $lang['change'] . '" border="0" /></a>'; if (is_siteadmin('awaycal')) { $r['betreff'] .= ' - <a href="index.php?awaycal-c' . $r['id'] . '-1"><img src="include/images/icons/nop.gif" alt="' . $lang['reject'] . '" title="' . $lang['reject'] . '" border="0" /></a> - <a href="index.php?awaycal-c' . $r['id'] . '-3"><img src="include/images/icons/jep.gif" alt="' . $lang['allow'] . '" title="' . $lang['allow'] . '" border="0" /></a>'; } $r['betreff'] .= '</span>'; } $tpl->set_ar_out($r, 2); } $tpl->out(3); $e = false; if ($menu->getA(1) == 'e' and is_numeric($menu->getE(1))) { $id = escape($menu->getE(1), 'intger'); $ar = db_fetch_assoc(db_query("SELECT `uid`, `id`, `von`, `bis`, `betreff` FROM `prefix_awaycal` WHERE `id` = " . $id)); $e |= (is_siteadmin('awaycal') or $ar['uid'] == $_SESSION['authid']); } if ($e == false) { $ar = array('id' => '', 'von' => date('d.m.Y'), 'bis' => date('d.m.Y'), 'betreff' => ''); } $tpl->set_ar_out($ar, 0); $design->footer();
# kommentar add # kommentar loeschen if ($menu->getA(2) == 'd' and is_numeric($menu->getE(2)) and has_right(-7, 'news')) { $kommentar_id = escape($menu->getE(2), 'integer'); db_query("DELETE FROM prefix_koms WHERE uid = " . $nid . " AND cat = 'NEWS' AND id = " . $kommentar_id); } # kommentar loeschen $kategorie = news_find_kat($row->news_kat); $textToShow = bbcode($row->news_text); $textToShow = str_replace('[PREVIEWENDE]', '', $textToShow); if (!empty($such)) { $textToShow = markword($textToShow, $such); } $tpl = new tpl('news.htm'); $ar = array('TEXT' => $textToShow, 'KATE' => $kategorie, 'NID' => $nid, 'uname' => $_SESSION['authname'], 'ANTISPAM' => loggedin() ? '' : get_antispam('newskom', 0), 'NAME' => $row->news_title); $tpl->set_ar_out($ar, 2); if ($komsOK) { $tpl->set_ar_out(array('NAME' => $row->news_title, 'NID' => $nid), 3); } $erg1 = db_query("SELECT text, name, id FROM `prefix_koms` WHERE uid = " . $nid . " AND cat = 'NEWS' ORDER BY id DESC"); $ergAnz1 = db_num_rows($erg1); if ($ergAnz1 == 0) { echo '<b>' . $lang['nocomments'] . '</b>'; } else { $zahl = $ergAnz1; while ($row1 = db_fetch_assoc($erg1)) { $row1['text'] = bbcode(trim($row1['text'])); if (has_right(-7, 'news')) { $row1['text'] .= '<a href="?news-' . $nid . '-d' . $row1['id'] . '"><img src="include/images/icons/del.gif" alt="löschen" border="0" title="löschen" /></a>'; } $tpl->set_ar_out(array('NAME' => $row1['name'], 'TEXT' => $row1['text'], 'ZAHL' => $zahl), 4);
$mail = escape($_POST['mail'], 'string'); $page = escape($_POST['page'], 'string'); $text = escape($_POST['text'], 'string'); if (empty($_POST['gid'])) { db_query("INSERT INTO prefix_gbook (name, mail, page, txt, time) VALUES ('" . $name . "','" . $mail . "','" . $page . "','" . $text . "', '" . time() . "')"); } else { $gid = escape($_POST['gid'], 'integer'); db_query("UPDATE prefix_gbook SET name = '" . $name . "', mail = '" . $mail . "', page = '" . $page . "', txt = '" . $text . "' WHERE id = " . $gid); } } $r = array('name' => '', 'mail' => '', 'page' => '', 'text' => '', 'id' => ''); if (isset($_GET['edit'])) { $id = escape($_GET['edit'], 'integer'); $r = db_fetch_assoc(db_query("SELECT id, name, mail, page, txt as text FROM prefix_gbook WHERE id = " . $id)); } $tpl = new tpl('gbook', 1); $tpl->set_ar_out($r, 0); $class = ''; $erg = db_query('SELECT name, mail, txt, id FROM `prefix_gbook` ORDER BY time DESC'); while ($r = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $text = substr(preg_replace("/\r\n|\r|\n/", " ", htmlentities(strip_tags(stripslashes($r['txt'])), ILCH_ENTITIES_FLAGS, ILCH_CHARSET)), 0, 75); echo '<tr class="' . $class . '">'; echo '<td><a href="admin.php?gbook=0&edit=' . $r['id'] . '"><img src="include/images/icons/edit.gif" /></a></td>'; echo '<td><a href="javascript:delcheck(' . $r['id'] . ')"><img src="include/images/icons/del.gif"></a></td>'; echo '<td><b><a href="mailto:' . $r['mail'] . '">' . $r['name'] . '</a></b> <span class="smalfont">'; echo $text . '</span></td>'; echo '</tr>'; } $tpl->out(1); $design->footer();
<?php defined('main') or die('no direct access'); defined('admin') or die('only admin access'); $design = new design('Admins Area', 'Admins Area', 2); $design->header(); $tpl = new tpl('trains', 1); if (!empty($_POST['send'])) { $mon = str_replace('#', '', escape($_POST['mon'], 'textarea')); $die = str_replace('#', '', escape($_POST['die'], 'textarea')); $mit = str_replace('#', '', escape($_POST['mit'], 'textarea')); $don = str_replace('#', '', escape($_POST['don'], 'textarea')); $fre = str_replace('#', '', escape($_POST['fre'], 'textarea')); $sam = str_replace('#', '', escape($_POST['sam'], 'textarea')); $son = str_replace('#', '', escape($_POST['son'], 'textarea')); $new = $mon . '#' . $die . '#' . $mit . '#' . $don . '#' . $fre . '#' . $sam . '#' . $son; db_query("UPDATE `prefix_allg` SET t1 = '" . $new . "' WHERE k = 'trainzeiten'"); wd('?trains', 'Daten erfolgreich geändert', 2); } else { $row = db_fetch_object(db_query("SELECT t1 FROM `prefix_allg` WHERE k = 'trainzeiten'")); $dbe = explode('#', $row->t1); $ar = array('MON' => $dbe[0], 'DIE' => $dbe[1], 'MIT' => $dbe[2], 'DON' => $dbe[3], 'FRE' => $dbe[4], 'SAM' => $dbe[5], 'SON' => $dbe[6]); $tpl->set_ar_out($ar, 0); } $design->footer();
if ($_SESSION['authright'] <= $drecht) { $row['downlink'] = '<a href="index.php?downloads-down-' . $row['id'] . '">' . $lang['download'] . '</a>'; } else { $row['downlink'] = '<a href="index.php?downloads-error">' . $lang['download'] . '</a>'; } $row['ssurl'] = $row['ssurl'] != '' ? '<img src="' . $row['ssurl'] . '" alt="' . $row['name'] . ' ' . $row['version'] . '" title="' . $row['name'] . ' ' . $row['version'] . '" style="float:left; border: none; padding-right:5px;" />' : ''; $row['surl'] = empty($row['surl']) ? '' : ' <a href="' . $row['surl'] . '" target="_blank">Demo/Screenshot</a>'; $row['size'] = get_download_size($row['url']); $row['descl'] = bbcode($row['descl']); $row['version_kl'] = empty($row['version']) ? '' : '(' . $row['version'] . ')'; $title = $allgAr['title'] . ' :: Downloads ' . $cattitle; $hmenu = '<a class="smalfont" href="?downloads">Downloads</a>' . $catname; $design = new design($title, $hmenu); $header = array('jquery/jquery.validate.js', 'forms/downloads.js'); $design->header($header); $tpl->set_ar_out($row, 0); // Kommentare if ($komsOK) { $id = escape($menu->get(2), 'integer'); if (chk_antispam('downloads') and isset($_POST['name']) and isset($_POST['text'])) { if (loggedin()) { $name = $_SESSION['authname']; $userid = $_SESSION['authid']; } else { $name = escape($_POST['name'], 'string') . ' (Gast)'; $userid = 0; } $text = escape($_POST['text'], 'string'); db_query("INSERT INTO `prefix_koms` (`name`,`userid`,`text`,`time`,`uid`,`cat`) VALUES ('" . $name . "', " . $userid . ", '" . $text . "','" . time() . "', " . $id . ", 'DOWNLOAD')"); } if ($menu->getA(3) == 'd' and is_numeric($menu->getE(3)) and has_right(-7, 'downloads')) {
if ($nps < $anz and $nps >= 0) { db_query("UPDATE `prefix_modules` SET `pos` = " . $pos . " WHERE `pos` = " . $nps . " AND `menu` = '" . $cat . "'"); db_query("UPDATE `prefix_modules` SET `pos` = " . $nps . " WHERE `id` = " . $id); } } // Template laden $tpl = new tpl('modules/adminmenu', 1); // Template-Header $tpl->out(0); // Module abfragen und Ausgeben $erg = db_query("SELECT * FROM `prefix_modules` WHERE `menu` != '' ORDER BY `menu`, `pos` ASC"); $katname = ''; while ($row = db_fetch_assoc($erg)) { if ($katname != $row['menu']) { $class = 'Cmite'; $tpl->set_ar_out(array('kat' => $row['menu'], 'url' => $row['url']), 3); $katname = $row['menu']; } $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $tpl->set_ar_out(array('class' => $class, 'id' => $row['id'], 'name' => $row['name'], 'url' => $row['url'], 'pos' => $row['pos']), 4); } // Tabellenuebergang $tpl->out(1); // Aendern oder Einfuegen if ($aid == 'edit') { $mid = $menu->get(3); $erg = db_query('SELECT `pos`, `menu` FROM `prefix_modules` WHERE `id` = ' . $mid); $row = db_fetch_assoc($erg); $kat = getKats($row['menu']); $modul = dblistee($mid, 'SELECT `id`, `name` FROM `prefix_modules` WHERE (`menu` = "" AND (`gshow` = 1 OR `ashow` = 1)) OR `id` = ' . $mid . ' ORDER BY `name` ASC'); $tpl->set_ar_out(array('aname' => 'Eintrag bearbeiten', 'modul' => $modul, 'kat' => $kat, 'pos' => $row['pos'], 'ANTISPAM' => get_antispam('adminuser_action', 0, true)), 5);
if (loggedin()) { if (user_has_admin_right($menu, false)) { $tpl->set('ADMIN', '<a class="box" href="admin.php?admin">' . $lang['adminarea'] . '</a>'); } else { $tpl->set('ADMIN', ''); } if ($allgAr['Fpmf'] == 1) { $erg = db_query("SELECT COUNT(id) FROM `prefix_pm` WHERE gelesen = 0 AND status < 1 AND eid = " . $_SESSION['authid']); $check_pm = db_result($erg, 0); $nachrichten_link = '<a class="box" href="index.php?forum-privmsg">' . $lang['messages'] . '</a> (' . $check_pm . ')<br>'; } else { $nachrichten_link = ''; } $tpl->set('SID', session_id()); $tpl->set('NACHRICHTEN', $nachrichten_link); $tpl->set('NAME', $_SESSION['authname']); $tpl->out(0); } else { if (empty($_POST['login_name'])) { $_POST['login_name'] = 'Nickname'; } if (empty($_POST['login_pw'])) { $_POST['login_pw'] = 'הההההההה'; } $regist = ''; if ($allgAr['forum_regist'] == 1) { $regist = ' <a href="index.php?user-regist">Regist</a>'; } $tpl->set_ar_out(array('regist' => $regist, 'wdlink' => '?' . $allgAr['smodul'], 'PASS' => $_POST['login_pw'], 'NAME' => $_POST['login_name']), 1); } unset($tpl);
$abfF = 'SELECT u.*, f.* FROM prefix_friendscheck f LEFT JOIN prefix_user u ON u.id = f.uid WHERE f.fid = ' . $uid . ' ORDER BY f.id ASC'; $ergF = db_query($abfF); $abfBlock = 'SELECT u.*, f.* FROM prefix_userblock f LEFT JOIN prefix_user u ON u.id = f.bid WHERE f.uid = ' . $uid . ' ORDER BY f.id ASC'; $ergBlock = db_query($abfBlock); $tpl->out(0); if ($FAnzahl > 0) { while ($rowF = db_fetch_assoc($ergF)) { $rowF['FNAME'] = '<a href="?user-details-' . $rowF['uid'] . '">' . $rowF['name'] . '</a>'; if (file_exists($rowF['avatar'])) { $rowF['AVATAR'] = '<img src="' . $rowF['avatar'] . '" width="80" height="80" border="0">'; } else { $rowF['AVATAR'] = '<img src="include/images/userprofil/avatar/nouser.png" width="75" height="75" border="0">'; } $rowF['OTHER'] = '<br /><br /><div class="friendButton friendAccept" onclick="location.href = \'?user-fcheck-accept-' . $rowF['uid'] . '\';">Annehmen</div>'; $rowF['OTHER'] .= '<div class="friendButton friendRefuse" onclick="location.href = \'?user-fcheck-refuse-' . $rowF['uid'] . '\';">Ablehnen</div>'; $tpl->set_ar_out($rowF, 1); } } else { echo '<br /><div id="contenText" align="center">Keine Freundschaftsanfragen vorhanden.</div>'; } $tpl->out(2); } else { wd('index.php', 'Es ist ein Fehler aufgetreten.'); } $design->footer(); break; case 'add': $title = $allgAr['title'] . ' :: Users :: Freund hinzufügen'; $hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">Users</a><b> » </b> Freund hinzufügen'; $design = new design($title, $hmenu, 1); $design->header();
$mail = ''; $subject = ''; $wer = ''; $text = ''; } else { echo $lang['emailcouldnotsend']; } } $tpl = new tpl('contact.htm'); $tpl->out(0); $i = 1; foreach ($k as $a) { $e = explode('|', $a); if ($e[0] == '' or $e[1] == '') { continue; } if ($i == 1) { $c = 'checked'; } else { $c = ''; } $tpl->set_ar_out(array('KEY' => md5($e[0]), 'VAL' => $e[1], 'c' => $c), 1); $i++; } $tpl->set('name', $name); $tpl->set('mail', $mail); $tpl->set('subject', $subject); $tpl->set('text', $text); $tpl->set('ANTISPAM', get_antispam('contact', 100)); $tpl->out(2); $design->footer();
$menu->set_url(1, ''); } else { db_query("INSERT INTO `prefix_awards` (time, platz, team, wofur, bild, text) VALUES\r\n ('" . $datum . "', '" . $platz . "', '" . $team . "', '" . $wofur . "', '" . $bild . "', '" . $text . "')"); } } #Ändern/Ausgabearray füllen if ($menu->getA(1) == 'e' and is_numeric($menu->getE(1))) { $r = db_fetch_assoc(db_query("SELECT * FROM `prefix_awards` WHERE id = " . $menu->getE(1))); $r['id'] = '-e' . $r['id']; $t = explode('-', $r['time']); $r['datum'] = $t[2] . '.' . $t[1] . '.' . $t[0]; } else { $r = array('id' => '', 'datum' => date('d.m.Y'), 'platz' => '', 'wofur' => '', 'bild' => '', 'text' => '', 'teams' => getTeams()); } #Ausgabe $tpl = new tpl('awards', 1); $tpl->set_ar_out($r, 0); if (empty($r['team'])) { $tpl->set_ar_out($r, 1); } else { $tpl->set_ar_out($r, 2); } $tpl->set_ar_out($r, 3); $erg = db_query('SELECT * FROM `prefix_awards` ORDER BY time DESC'); while ($row = db_fetch_assoc($erg)) { $t = explode('-', $row['time']); $row['datum'] = $t[2] . '.' . $t[1] . '.' . $t[0]; $tpl->set_ar_out($row, 4); } $tpl->out(5); $design->footer();
// Topic Hits werden eins hochgesetzt. db_query('UPDATE `prefix_topics` SET `hit` = `hit` + 1 WHERE `id` = "' . $tid . '"'); // mehrere seiten fals gefordert $limit = $allgAr['Fpanz']; // Limit $page = $menu->getA(3) == 'p' ? $menu->getE(3) : 1; $MPL = db_make_sites($page, "WHERE tid = " . $tid, $limit, 'index.php?forum-showposts-' . $tid, 'posts'); $anfang = ($page - 1) * $limit; $antworten = ''; if ($aktTopicRow['stat'] == 1 and $forum_rights['reply'] == true or ($_SESSION['authright'] <= '-7' or $forum_rights['mods'] == true)) { $antworten = '<b>[ <a href="index.php?forum-newpost-' . $tid . '">' . $lang['answer'] . '</a> ]</b>'; } $class = 'Cmite'; $tpl = new tpl('forum/showpost'); $ar = array('SITELINK' => $MPL, 'tid' => $tid, 'ANTWORTEN' => $antworten, 'TOPICNAME' => $aktTopicRow['name']); $tpl->set_ar_out($ar, 0); $i = $anfang + 1; $ges_ar = array('wurstegal', 'maennlich', 'weiblich'); $erg = db_query("SELECT `geschlecht`, `prefix_posts`.`id`,`txt`,`time`,`erstid`,`erst`,`sig`,`avatar`,`posts`,`prefix_user`.`sperre` FROM `prefix_posts` LEFT JOIN `prefix_user` ON `prefix_posts`.`erstid` = `prefix_user`.`id` WHERE `tid` = " . $tid . " ORDER BY `time` LIMIT " . $anfang . "," . $limit); while ($row = db_fetch_assoc($erg)) { $class = $class == 'Cnorm' ? 'Cmite' : 'Cnorm'; // define some vars. $row['sig'] = empty($row['sig']) ? '' : '<br /><hr style="width: 50%;" align="left">' . bbcode($row['sig']); $row['TID'] = $tid; $row['class'] = $class; //$row[ 'date' ] = date('d.m.Y - H:i:s', $row[ 'time' ]); $row['date'] = post_date($row['time'], 1); $row['delete'] = ''; $row['change'] = ''; if ($row['sperre'] == 1) { $row['sperre'] = '<br /><strong>gesperrt</strong>';