function showthumb($picID)
{
global $_language;
$_language->read_module('gallery', true);
global $thumbwidth, $_language;
$pic = mysql_fetch_array(safe_query("SELECT * FROM " . PREFIX . "gallery_pictures WHERE picID='" . $picID . "'"));
if ($pic['picID']) {
$pic['gallery'] = str_break(stripslashes($this->getgalleryname($picID)), 45);
if (file_exists('images/gallery/thumb/' . $picID . '.jpg')) {
$pic['image'] = '<a href="index.php?site=gallery&picID=' . $picID . '"><img src="images/gallery/thumb/' . $picID . '.jpg" border="0" width="' . $thumbwidth . '" alt="" /></a>';
} else {
$pic['image'] = '<a href="index.php?site=gallery&picID=' . $picID . '"><img src="images/nopic.gif" border="0" width="' . $thumbwidth . '" alt="' . $_language->module['no_thumb'] . '" /></a>';
}
$pic['comments'] = mysql_num_rows(safe_query("SELECT commentID FROM " . PREFIX . "comments WHERE parentID='" . $picID . "' AND type='ga'"));
$ergebnis = mysql_fetch_array(safe_query("SELECT date FROM " . PREFIX . "gallery as gal, " . PREFIX . "gallery_pictures as pic WHERE gal.galleryID=pic.galleryID AND pic.picID='" . $picID . "'"));
$pic['date'] = date("d.m.Y", $ergebnis['date']);
$pic['groupID'] = $this->getgroupid_by_gallery($pic['galleryID']);
$pic['name'] = stripslashes(clearfromtags($pic['name']));
eval("\$thumb = \"" . gettemplate("gallery_content_showthumb") . "\";");
} else {
$thumb = '<tr><td colspan="2">' . $_language->module['no_picture'] . '</td></tr>';
}
return $thumb;
}
function vote($poll)
{
global $userID, $_language;
$pagebg = PAGEBG;
$border = BORDER;
$bghead = BGHEAD;
$bgcat = BGCAT;
if ($poll) {
$lastpoll = safe_query("SELECT * FROM " . PREFIX . "poll WHERE aktiv='1' AND laufzeit>" . time() . " AND intern<=" . isclanmember($userID) . " and pollID='" . $poll . "' LIMIT 0,1");
} else {
$num = mysql_num_rows(safe_query("SELECT * FROM " . PREFIX . "poll WHERE aktiv='1' AND laufzeit>" . time() . " AND intern<=" . isclanmember($userID) . ""));
if ($num) {
$start = rand(0, $num - 1);
$lastpoll = safe_query("SELECT * FROM " . PREFIX . "poll WHERE aktiv='1' AND laufzeit>" . time() . " AND intern<=" . isclanmember($userID) . " ORDER BY pollID DESC LIMIT " . $start . "," . ($start + 1) . "");
} else {
echo $_language->module['no_active_poll'] . '<br /><br />• <a href="index.php?site=polls">' . $_language->module['show_polls'] . '</a>';
return true;
}
}
$anz = mysql_num_rows($lastpoll);
$ds = mysql_fetch_array($lastpoll);
if ($anz) {
$anz = mysql_num_rows(safe_query("SELECT pollID FROM `" . PREFIX . "poll` WHERE pollID='" . $ds['pollID'] . "' AND hosts LIKE '%" . $_SERVER['REMOTE_ADDR'] . "%' AND intern<=" . isclanmember($userID) . ""));
$anz_user = false;
if ($userID) {
$user_ids = explode(";", $ds['userIDs']);
if (in_array($userID, $user_ids)) {
$anz_user = true;
}
}
$cookie = false;
if (isset($_COOKIE['poll']) && is_array($_COOKIE['poll'])) {
$cookie = in_array($ds['pollID'], $_COOKIE['poll']);
}
if ($cookie or $anz or $anz_user) {
if ($ds['intern'] == 1) {
$isintern = '(' . $_language->module['intern'] . ')';
} else {
$isintern = '';
}
$title = $ds['titel'];
for ($n = 1; $n <= 10; $n++) {
if ($ds['o' . $n]) {
$options[] = clearfromtags($ds['o' . $n]);
}
}
$votes = safe_query("SELECT * FROM " . PREFIX . "poll_votes WHERE pollID='" . $ds['pollID'] . "'");
$dv = mysql_fetch_array($votes);
$gesamtstimmen = $dv['o1'] + $dv['o2'] + $dv['o3'] + $dv['o4'] + $dv['o5'] + $dv['o6'] + $dv['o7'] + $dv['o8'] + $dv['o9'] + $dv['o10'];
eval("\$poll_voted_head = \"" . gettemplate("poll_voted_head") . "\";");
echo $poll_voted_head;
$n = 1;
$bg = BG_2;
foreach ($options as $option) {
$stimmen = $dv['o' . $n];
if ($gesamtstimmen) {
$perc = $stimmen / $gesamtstimmen * 10000;
settype($perc, "integer");
$perc = $perc / 100;
} else {
$perc = 0;
}
$picwidth = $perc;
settype($picwidth, "integer");
eval("\$poll_voted_content = \"" . gettemplate("poll_voted_content") . "\";");
echo $poll_voted_content;
$n++;
}
$anzcomments = getanzcomments($ds['pollID'], 'po');
$comments = '<a href="index.php?site=polls&pollID=' . $ds['pollID'] . '">[' . $anzcomments . '] ' . $_language->module['comments'] . '</a>';
eval("\$poll_voted_foot = \"" . gettemplate("poll_voted_foot") . "\";");
echo $poll_voted_foot;
unset($options);
} else {
if ($ds['intern'] == 1) {
$isintern = '(' . $_language->module['intern'] . ')';
} else {
$isintern = '';
}
$title = $ds['titel'];
eval("\$poll_head = \"" . gettemplate("poll_head") . "\";");
echo $poll_head;
for ($n = 1; $n <= 10; $n++) {
if ($ds['o' . $n]) {
$options[] = $ds['o' . $n];
}
}
$n = 1;
foreach ($options as $option) {
$option = $option;
eval("\$poll_content = \"" . gettemplate("poll_content") . "\";");
echo $poll_content;
$n++;
}
$pollID = $ds['pollID'];
eval("\$poll_foot = \"" . gettemplate("poll_foot") . "\";");
echo $poll_foot;
}
} else {
echo $_language->module['no_active_poll'] . '<br /><br />• <a href="index.php?site=polls">' . $_language->module['show_polls'] . '</a>';
}
}
}
}
}
if (isset($_GET['news'])) {
$ergebnis_news = safe_query("SELECT \r\n\t\t\t\t\t\t\t\t\t\t\t\tdate,\r\n\t\t\t\t\t\t\t\t\t\t\t\tposter,\r\n\t\t\t\t\t\t\t\t\t\t\t\tnewsID\r\n\t\t\t\t\t\t\t\t\t\t FROM\r\n\t\t\t\t\t\t\t\t\t\t \t\t" . PREFIX . "news\r\n\t\t\t\t\t\t\t\t\t\t WHERE\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tpublished = '1'\r\n\t\t\t\t\t\t\t\t\t\t\t\tAND\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tintern <= '" . isclanmember($userID) . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tAND\r\n\t\t\t\t\t\t\t\t\t\t\t\t(\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tdate between " . $after . " AND " . $before . "\r\n\t\t\t\t\t\t\t\t\t\t\t\t)");
while ($ds = mysql_fetch_array($ergebnis_news)) {
$ergebnis_news_contents = safe_query("SELECT language, headline, content FROM " . PREFIX . "news_contents WHERE newsID = '" . $ds['newsID'] . "' and (content LIKE '%" . $text . "%' or headline LIKE '%" . $text . "%')");
if (mysql_num_rows($ergebnis_news_contents)) {
$message_array = array();
while ($qs = mysql_fetch_array($ergebnis_news_contents)) {
$message_array[] = array('lang' => $qs['language'], 'headline' => $qs['headline'], 'message' => $qs['content']);
}
$showlang = select_language($message_array);
$newsID = $ds['newsID'];
$res_title[$i] = $message_array[$showlang]['headline'];
$res_message[$i] = clearfromtags($message_array[$showlang]['message']);
$res_link[$i] = '<a href="index.php?site=news_comments&newsID=' . $newsID . '">' . $_language->module['news_link'] . '</a>';
$res_occurr[$i] = substri_count_array($message_array, stripslashes($text));
$res_date[$i] = $ds['date'];
$res_type[$i] = $_language->module['news'];
$i++;
}
}
}
$count_results = $i;
echo "<center><b>" . $count_results . "</b> " . $_language->module['results_found'] . "</center><br /><br />";
$pages = ceil($count_results / $results);
if ($pages > 1) {
echo makepagelink("index.php?site=search&action=search&articles=" . $_GET['articles'] . "&faq=" . $_GET['faq'] . "&forum=" . $_GET['forum'] . "&news=" . $_GET['news'] . "&r=" . $_GET['r'] . "&text=" . $_GET['text'] . "&am=" . $_GET['am'] . "&ad=" . $_GET['ad'] . "&ay=" . $_GET['ay'] . "&bm=" . $_GET['bm'] . "&bd=" . $_GET['bd'] . "&by=" . $_GET['by'] . "&order=" . $_GET['order'], $page, $pages);
}
// sort results
function print_termine($tag, $month, $year)
{
global $wincolor;
global $loosecolor;
global $drawcolor;
global $userID;
global $_language;
$_language->read_module('calendar');
$pagebg = PAGEBG;
$border = BORDER;
$bghead = BGHEAD;
$bgcat = BGCAT;
$start_date = mktime(0, 0, 0, $month, $tag, $year);
$end_date = mktime(23, 59, 59, $month, $tag, $year);
unset($termin);
$ergebnis = safe_query("SELECT * FROM " . PREFIX . "upcoming");
$anz = mysql_num_rows($ergebnis);
if ($anz) {
while ($ds = mysql_fetch_array($ergebnis)) {
if ($ds['type'] == "c") {
if ($ds['date'] >= $start_date && $ds['date'] <= $end_date) {
$date = date("d.m.Y", $ds['date']);
$time = date("H:i", $ds['date']);
$squad = getsquadname($ds['squad']);
$oppcountry = "[flag]" . $ds['oppcountry'] . "[/flag]";
$oppcountry = flags($oppcountry);
$opponent = $oppcountry . ' <a href="' . $ds['opphp'] . '" target="_blank">' . clearfromtags($ds['opptag']) . ' / ' . clearfromtags($ds['opponent']) . '</a>';
$maps = clearfromtags($ds['maps']);
$server = clearfromtags($ds['server']);
$league = '<a href="' . $ds['leaguehp'] . '" target="_blank">' . clearfromtags($ds['league']) . '</a>';
if (isclanmember($userID)) {
$warinfo = cleartext($ds['warinfo']);
} else {
$warinfo = $_language->module['you_have_to_be_clanmember'];
}
$players = "";
$announce = "";
$adminaction = '';
if (isclanmember($userID) or isanyadmin($userID)) {
$anmeldung = safe_query("SELECT * FROM " . PREFIX . "upcoming_announce WHERE upID='" . $ds['upID'] . "'");
if (mysql_num_rows($anmeldung)) {
$i = 1;
while ($da = mysql_fetch_array($anmeldung)) {
if ($da['status'] == "y") {
$fontcolor = $wincolor;
} elseif ($da['status'] == "n") {
$fontcolor = $loosecolor;
} else {
$fontcolor = $drawcolor;
}
if ($i > 1) {
$players .= ', <a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>';
} else {
$players .= '<a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>';
}
$i++;
}
} else {
$players = $_language->module['no_announced'];
}
if (issquadmember($userID, $ds['squad']) and $ds['date'] > time()) {
$announce = '• <a href="index.php?site=calendar&action=announce&upID=' . $ds['upID'] . '">' . $_language->module['announce_here'] . '</a>';
} else {
$announce = "";
}
if (isclanwaradmin($userID)) {
$adminaction = '<div align="right">
<input type="button" onclick="MM_openBrWindow(\'clanwars.php?action=new&upID=' . $ds['upID'] . '\',\'Clanwars\',\'toolbar=no,status=no,scrollbars=yes,width=800,height=490\')" value="' . $_language->module['add_clanwars'] . '" />
<input type="button" onclick="MM_goToURL(\'parent\',\'index.php?site=calendar&action=editwar&upID=' . $ds['upID'] . '\');return document.MM_returnValue" value="' . $_language->module['edit'] . '" />
<input type="button" onclick="MM_confirm(\'' . $_language->module['really_delete'] . '\', \'calendar.php?action=delete&upID=' . $ds['upID'] . '\')" value="' . $_language->module['delete'] . '" /></div>';
} else {
$adminaction = '';
}
} else {
$players = $_language->module['access_member'];
}
$bg1 = BG_1;
$bg2 = BG_2;
$bg3 = BG_3;
$bg4 = BG_4;
eval("\$upcoming_war_details = \"" . gettemplate("upcoming_war_details") . "\";");
echo $upcoming_war_details;
}
} else {
if ($start_date <= $ds['date'] && $end_date >= $ds['date'] || $start_date >= $ds['date'] && $end_date <= $ds['enddate'] || $start_date <= $ds['enddate'] && $end_date >= $ds['enddate']) {
$date = date("d.m.Y", $ds['date']);
$time = date("H:i", $ds['date']);
$enddate = date("d.m.Y", $ds['enddate']);
$endtime = date("H:i", $ds['enddate']);
$title = clearfromtags($ds['title']);
$location = '<a href="' . $ds['locationhp'] . '" target="_blank">' . clearfromtags($ds['location']) . '</a>';
$dateinfo = cleartext($ds['dateinfo']);
$dateinfo = toggle($dateinfo, $ds['upID']);
$country = "[flag]" . $ds['country'] . "[/flag]";
$country = flags($country);
$players = "";
if (isclanmember($userID)) {
$anmeldung = safe_query("SELECT * FROM " . PREFIX . "upcoming_announce WHERE upID='" . $ds['upID'] . "'");
if (mysql_num_rows($anmeldung)) {
$i = 1;
while ($da = mysql_fetch_array($anmeldung)) {
if ($da['status'] == "y") {
$fontcolor = $wincolor;
} elseif ($da['status'] == "n") {
$fontcolor = $loosecolor;
} else {
$fontcolor = $drawcolor;
}
if ($i > 1) {
$players .= ', <a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>';
} else {
$players .= '<a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>';
}
$i++;
}
} else {
$players = $_language->module['no_announced'];
}
if (isclanmember($userID) and $ds['date'] > time()) {
$announce = '• <a href="index.php?site=calendar&action=announce&upID=' . $ds['upID'] . '">' . $_language->module['announce_here'] . '</a>';
} else {
$announce = '';
}
if (isclanwaradmin($userID)) {
$adminaction = '<div align="right"><input type="button" onclick="MM_goToURL(\'parent\',\'index.php?site=calendar&action=editdate&upID=' . $ds['upID'] . '\');return document.MM_returnValue" value="' . $_language->module['edit'] . '" /><input type="button" onclick="MM_confirm(\'' . $_language->module['really_delete'] . '\', \'calendar.php?action=delete&upID=' . $ds['upID'] . '\')" value="' . $_language->module['delete'] . '" /></div>';
} else {
$adminaction = '';
}
} else {
$players = $_language->module['access_member'];
$announce = '';
$adminaction = '';
}
$bg1 = BG_1;
$bg2 = BG_2;
$bg3 = BG_3;
$bg4 = BG_4;
eval("\$upcoming_date_details = \"" . gettemplate("upcoming_date_details") . "\";");
echo $upcoming_date_details;
}
}
}
} else {
echo $_language->module['no_entries'];
}
}
echo $gallery;
echo '<tr>';
$i = 1;
$percent = 100 / $pics_per_row;
while ($pic = mysql_fetch_array($ergebnis)) {
if ($i % 2) {
$bg = BG_2;
} else {
$bg = BG_1;
}
$dir = 'images/gallery/';
$pic['pic'] = $dir . 'thumb/' . $pic['picID'] . '.jpg';
if (!file_exists($pic['pic'])) {
$pic['pic'] = 'images/nopic.gif';
}
$pic['name'] = clearfromtags($pic['name']);
$pic['comment'] = cleartext($pic['comment'], false);
$pic['comments'] = mysql_num_rows(safe_query("SELECT commentID FROM " . PREFIX . "comments WHERE parentID='" . $pic['picID'] . "' AND type='ga'"));
eval("\$gallery = \"" . gettemplate("gallery_showlist") . "\";");
echo $gallery;
if ($pics_per_row > 1) {
if (($i - 1) % $pics_per_row == $pics_per_row - 1) {
echo '</tr><tr>';
}
} else {
echo '</tr><tr>';
}
$i++;
}
echo '<td bgcolor="' . $bgcat . '"> </td></tr>';
eval("\$gallery = \"" . gettemplate("gallery_gallery_foot") . "\";");
$bg1 = BG_2;
}
$title = $ds['titel'];
if ($ds['intern'] == 1) {
$isintern = '(' . $_language->module['intern'] . ')';
} else {
$isintern = '';
}
if ($ds['laufzeit'] < time() or $ds['aktiv'] == "0") {
$timeleft = $_language->module['poll_ended'];
} else {
$timeleft = floor(($ds['laufzeit'] - time()) / (60 * 60 * 24)) . " " . $_language->module['days'] . " (" . date("d.m.Y H:i", $ds['laufzeit']) . ") <br /><a href='index.php?site=polls&vote=" . $ds['pollID'] . "'>[" . $_language->module['vote_now'] . "]</a>";
}
for ($n = 1; $n <= 10; $n++) {
if ($ds['o' . $n]) {
$options[] = clearfromtags($ds['o' . $n]);
}
}
$adminactions = '';
if (ispollsadmin($userID)) {
if ($ds['aktiv']) {
$stop = ' <input type="button" onclick="MM_confirm(\'' . $_language->module['really_stop'] . '\', \'polls.php?end=true&pollID=' . $ds['pollID'] . '\')" value="' . $_language->module['stop_poll'] . '" /> ';
} else {
$stop = ' <input type="button" onclick="MM_confirm(\'' . $_language->module['really_reopen'] . '\', \'polls.php?reopen=true&pollID=' . $ds['pollID'] . '\')" value="' . $_language->module['reopen_poll'] . '" /> ';
}
$edit = ' <input type="button" onclick="MM_goToURL(\'parent\',\'index.php?site=polls&action=edit&pollID=' . $ds['pollID'] . '\');return document.MM_returnValue" value="' . $_language->module['edit'] . '" /> ';
$adminactions = $edit . '<input type="button" onclick="MM_confirm(\'' . $_language->module['really_delete'] . '\', \'polls.php?delete=true&pollID=' . $ds['pollID'] . '\')" value="' . $_language->module['delete'] . '" />' . $stop;
}
$votes = safe_query("SELECT * FROM " . PREFIX . "poll_votes WHERE pollID='" . $ds['pollID'] . "'");
$dv = mysql_fetch_array($votes);
$gesamtstimmen = $dv['o1'] + $dv['o2'] + $dv['o3'] + $dv['o4'] + $dv['o5'] + $dv['o6'] + $dv['o7'] + $dv['o8'] + $dv['o9'] + $dv['o10'];
$run = 0;
}
if ($userID) {
$run = 1;
} else {
$CAPCLASS = new Captcha();
if ($CAPCLASS->check_captcha($_POST['captcha'], $_POST['captcha_hash'])) {
$run = 1;
}
}
if ($_POST['mode'] and $run) {
$mode = $_POST['mode'];
$type = $_POST['type'];
$info = $_POST['description'];
$id = $_POST['id'];
if ($info) {
$info = clearfromtags($info);
} else {
$info = $_language->module['no_informations'];
}
$date = time();
$message = sprintf($_language->module['report_message'], $mode, $type, $id, $info, $id);
//send message to file-admins
$ergebnis = safe_query("SELECT userID FROM " . PREFIX . "user_groups WHERE files='1'");
while ($ds = mysql_fetch_array($ergebnis)) {
sendmessage($ds['userID'], $type . ': ' . $mode, $message);
}
redirect("index.php?site=" . $type, $_language->module['report_recognized'], "3");
} else {
echo $_language->module['wrong_securitycode'];
}
foreach ($message_array as $val) {
if ($showlang != $i) {
$langs .= '<span style="padding-left:2px"><a href="index.php?site=news_comments&newsID=' . $ds['newsID'] . '&lang=' . $val['lang'] . '"><img src="images/flags/' . $val['countryShort'] . '.gif" width="18" height="12" border="0" alt="' . $val['country'] . '" /></a></span>';
}
$i++;
}
$headline = $message_array[$showlang]['headline'];
$content = $message_array[$showlang]['message'];
if ($ds['intern'] == 1) {
$isintern = '(' . $_language->module['intern'] . ')';
} else {
$isintern = '';
}
$content = htmloutput($content);
$content = toggle($content, $ds['newsID']);
$headline = clearfromtags($headline);
$comments = '';
$poster = '<a href="index.php?site=profile&id=' . $ds['poster'] . '"><b>' . getnickname($ds['poster']) . '</b></a>';
$related = '';
if ($ds['link1'] && $ds['url1'] != "http://" && $ds['window1']) {
$related .= '• <a href="' . $ds['url1'] . '" target="_blank">' . $ds['link1'] . '</a> ';
}
if ($ds['link1'] && $ds['url1'] != "http://" && !$ds['window1']) {
$related .= '• <a href="' . $ds['url1'] . '">' . $ds['link1'] . '</a> ';
}
if ($ds['link2'] && $ds['url2'] != "http://" && $ds['window2']) {
$related .= '• <a href="' . $ds['url2'] . '" target="_blank">' . $ds['link2'] . '</a> ';
}
if ($ds['link2'] && $ds['url2'] != "http://" && !$ds['window2']) {
$related .= '• <a href="' . $ds['url2'] . '">' . $ds['link2'] . '</a> ';
}
}
} else {
$anzcomments = getanzcomments($ds['newsID'], 'ne');
$replace = array('$anzcomments', '$url', '$lastposter', '$lastdate');
$vars = array($anzcomments, 'index.php?site=news_comments&newsID=' . $ds['newsID'], clearfromtags(html_entity_decode(getlastcommentposter($ds['newsID'], 'ne'))), date('d.m.Y - H:i', getlastcommentdate($ds['newsID'], 'ne')));
switch ($anzcomments) {
case 0:
$comments = str_replace($replace, $vars, '0');
break;
case 1:
$comments = str_replace($replace, $vars, '1');
break;
default:
$comments = str_replace($replace, $vars, '$anzcomments');
break;
}
}
} else {
$comments = 'Closed';
}
/* End - Comments Mod*/
$headlines = clearfromtags($headlines);
eval("\$sc_headlines = \"" . gettemplate("sc_headlines") . "\";");
echo $sc_headlines;
$n++;
}
echo '</ul>';
unset($sc_rubricID);
unset($sc_categoryID);
unset($sc_game);
}
$vars = array($anzcomments, 'index.php?site=clanwars_details&cwID=' . $ds['cwID'], clearfromtags(getlastcommentposter($ds['cwID'], 'cw')), date('d.m.Y - H:i', getlastcommentdate($ds['cwID'], 'cw')));
switch ($anzcomments) {
case 0:
$comments = str_replace($replace, $vars, $_language->module['no_comment']);
break;
case 1:
$comments = str_replace($replace, $vars, $_language->module['comment']);
break;
default:
$comments = str_replace($replace, $vars, $_language->module['comments']);
break;
}
} else {
$anzcomments = getanzcomments($ds['newsID'], 'ne');
$replace = array('$anzcomments', '$url', '$lastposter', '$lastdate');
$vars = array($anzcomments, 'index.php?site=news_comments&newsID=' . $ds['newsID'], clearfromtags(html_entity_decode(getlastcommentposter($ds['newsID'], 'ne'))), date('d.m.Y - H:i', getlastcommentdate($ds['newsID'], 'ne')));
switch ($anzcomments) {
case 0:
$comments = str_replace($replace, $vars, $_language->module['no_comment']);
break;
case 1:
$comments = str_replace($replace, $vars, $_language->module['comment']);
break;
default:
$comments = str_replace($replace, $vars, $_language->module['comments']);
break;
}
}
} else {
$comments = '';
}
$usergrp = 1;
break;
}
}
if (!$usergrp and !ismoderator($userID, $ds['boardID'])) {
continue;
}
}
if ($n % 2) {
$bg1 = BG_1;
$bg2 = BG_2;
} else {
$bg1 = BG_3;
$bg2 = BG_4;
}
$topictitle_full = clearfromtags($ds['topic']);
$topictitle = unhtmlspecialchars($topictitle_full);
if (mb_strlen($topictitle) > $maxlatesttopicchars) {
$topictitle = mb_substr($topictitle, 0, $maxlatesttopicchars);
$topictitle .= '...';
}
$topictitle = htmlspecialchars($topictitle);
$last_poster = $ds['nickname'];
$board = $ds['name'];
$date = date('d.m.Y - H:i', $ds['lastdate']);
$small_date = date('d.m H:i', $ds['lastdate']);
$latesticon = '<img src="images/icons/' . $ds['icon'] . '" width="15" height="15" alt="" />';
$boardlink = '<a href="index.php?site=forum&board=' . $ds['boardID'] . '">' . $board . '</a>';
$topiclink = '<a href="index.php?site=forum_topic&topic=' . $ds['topicID'] . '&type=ASC&page=' . ceil(($ds['replys'] + 1) / $maxposts) . '" onmouseover="showWMTT(\'latesttopics_' . $n . '\')" onmouseout="hideWMTT()">' . $topictitle . '</a>';
$replys = $ds['replys'];
$replys_text = $replys == 1 ? $_language->module['reply'] : $_language->module['replies'];
# #
# Code based on WebSPELL Clanpackage (Michael Gruber - webspell.at), #
# Far Development by Development Team - webspell.org #
# #
# visit webspell.org #
# #
##########################################################################
*/
$_language->read_module('news');
$ergebnis = safe_query("SELECT newsID FROM " . PREFIX . "news WHERE newsID='" . $topnewsID . "' AND intern<=" . isclanmember($userID) . " AND published='1' LIMIT 0,1");
$anz = mysql_num_rows($ergebnis);
if ($anz) {
$dn = mysql_fetch_array($ergebnis);
$message_array = array();
$query = safe_query("SELECT * FROM " . PREFIX . "news_contents WHERE newsID='" . $dn['newsID'] . "'");
while ($qs = mysql_fetch_array($query)) {
$message_array[] = array('lang' => $qs['language'], 'headline' => $qs['headline'], 'message' => $qs['content']);
}
$showlang = select_language($message_array);
$headline = clearfromtags($message_array[$showlang]['headline']);
$content = $message_array[$showlang]['message'];
if (mb_strlen($content) > $maxtopnewschars) {
$content = mb_substr($content, 0, $maxtopnewschars);
$content .= '...';
}
$content = nl2br(strip_tags($content));
eval("\$sc_topnews = \"" . gettemplate("sc_topnews") . "\";");
echo $sc_topnews;
} else {
echo $_language->module['no_topnews'];
}
function top5()
{
$pagebg = PAGEBG;
$border = BORDER;
$bghead = BGHEAD;
$bgcat = BGCAT;
global $_language;
$_language->read_module('articles');
echo '<table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td width="49%" valign="top">';
// RATING
$ergebnis = safe_query("SELECT * FROM " . PREFIX . "articles WHERE saved='1' ORDER BY rating DESC LIMIT 0,5");
$top = $_language->module['top5_rating'];
eval("\$top5_head = \"" . gettemplate("top5_head") . "\";");
echo $top5_head;
$n = 1;
while ($ds = mysql_fetch_array($ergebnis)) {
if ($n % 2) {
$bg1 = BG_1;
$bg2 = BG_2;
} else {
$bg1 = BG_3;
$bg2 = BG_4;
}
$title = '<a href="index.php?site=articles&action=show&articlesID=' . $ds['articlesID'] . '">' . clearfromtags($ds['title']) . '</a>';
$poster = '<a href="index.php?site=profile&id=' . $ds['poster'] . '">' . getnickname($ds['poster']) . '</a>';
$viewed = '(' . $ds['viewed'] . ')';
$ratings = array(0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
for ($i = 0; $i < $ds['rating']; $i++) {
$ratings[$i] = 1;
}
$ratingpic = '<img src="images/icons/rating_' . $ratings[0] . '_start.gif" width="1" height="5" alt="" />';
foreach ($ratings as $pic) {
$ratingpic .= '<img src="images/icons/rating_' . $pic . '.gif" width="4" height="5" alt="" />';
}
echo '<tr>
<td bgcolor="' . $bg1 . '" align="center"><b>' . $n . '.</b></td>
<td bgcolor="' . $bg1 . '" align="center" style="white-space:nowrap;">' . $ratingpic . '</td>
<td bgcolor="' . $bg1 . '">' . $title . '</td>
</tr>';
unset($ratingpic);
$n++;
}
echo '</table>';
echo '</td><td width="2%"> </td><td width="49%" valign="top">';
// POINTS
$ergebnis = safe_query("SELECT * FROM " . PREFIX . "articles WHERE saved='1' ORDER BY points DESC LIMIT 0,5");
$top = $_language->module['top5_points'];
eval("\$top5_head = \"" . gettemplate("top5_head") . "\";");
echo $top5_head;
$n = 1;
while ($ds = mysql_fetch_array($ergebnis)) {
if ($n % 2) {
$bg1 = BG_1;
$bg2 = BG_2;
} else {
$bg1 = BG_3;
$bg2 = BG_4;
}
$title = '<a href="index.php?site=articles&action=show&articlesID=' . $ds['articlesID'] . '">' . clearfromtags($ds['title']) . '</a>';
$viewed = '(' . $ds['viewed'] . ')';
echo '<tr>
<td bgcolor="' . $bg1 . '" align="center"><b>' . $n . '.</b></td>
<td bgcolor="' . $bg1 . '" align="center">' . $ds['points'] . '</td>
<td bgcolor="' . $bg1 . '">' . $title . '</td>
</tr>';
$n++;
}
echo '</table></td></tr></table><br />';
}
} else {
echo '<a href="index.php?site=challenge&type=ASC">' . $_language->module['sort'] . '</a> <img src="images/icons/desc.gif" width="9" height="7" border="0" alt="" /> ';
}
echo '<br /><br />';
$i = 0;
while ($ds = mysql_fetch_array($ergebnis)) {
$bg1 = $i % 2 ? BG_1 : BG_1;
$date = date("d.m.Y", $ds['date']);
$cwdate = date("d.m.Y - H:i", $ds['cwdate']);
$squad = getsquadname($ds['squadID']);
$oppcountry = "[flag]" . $ds['oppcountry'] . "[/flag]";
$country = flags($oppcountry);
$opponent = '<a href="' . $ds['opphp'] . '" target="_blank">' . clearfromtags($ds['opponent']) . '</a>';
$league = clearfromtags($ds['league']);
$map = clearfromtags($ds['map']);
$server = clearfromtags($ds['server']);
$info = cleartext($ds['info']);
$email = '<a href="mailto:' . mail_protect(cleartext($ds['email'])) . '">' . $ds['email'] . '</a>';
if (isset($ds['hp'])) {
if (!validate_url($ds['hp'])) {
$homepage = '';
} else {
$homepage = '<a href="' . $ds['hp'] . '" target="_blank"><img src="images/icons/hp.gif" border="0" width="14" height="14" alt="homepage" /></a>';
}
}
if (isset($ds['name'])) {
$name = cleartext($ds['name']);
}
if (isset($ds['comment'])) {
$message = cleartext($ds['comment']);
}
}
} else {
echo '<tr bgcolor="' . BG_1 . '"><td colspan="4">' . $_language->module['no_outgoing'] . '</td></tr>';
}
eval("\$pm_outgoing_foot = \"" . gettemplate("pm_outgoing_foot") . "\";");
echo $pm_outgoing_foot;
} elseif ($action == "show") {
$id = (int) $_GET['id'];
$ds = mysql_fetch_array(safe_query("SELECT * FROM " . PREFIX . "messenger WHERE messageID='" . $id . "' AND userID='" . $userID . "'"));
if ($ds['touser'] == $userID or $ds['fromuser'] == $userID) {
safe_query("UPDATE " . PREFIX . "messenger SET viewed='1' WHERE messageID='{$id}'");
$date = date("d.m.Y - H:i", $ds['date']);
$sender = '<a href="index.php?site=profile&id=' . $ds['fromuser'] . '"><b>' . getnickname($ds['fromuser']) . '</b></a>';
$message = cleartext($ds['message']);
$message = toggle($message, $ds['messageID']);
$title = clearfromtags($ds['title']);
$bg1 = BG_1;
eval("\$pm_show = \"" . gettemplate("pm_show") . "\";");
echo $pm_show;
} else {
redirect('index.php?site=messenger', '', 0);
}
} elseif ($action == "touser") {
$touser = $_GET['touser'];
$_language->read_module('bbcode', true);
$tousernick = getnickname($touser);
$touser = getforminput($touser);
$bg1 = BG_1;
eval("\$addbbcode = \"" . gettemplate("addbbcode") . "\";");
eval("\$pm_new_touser = \"" . gettemplate("pm_new_touser") . "\";");
echo $pm_new_touser;
$bg2 = BG_2;
$pagebg = PAGEBG;
$border = BORDER;
$bghead = BGHEAD;
$bgcat = BGCAT;
$vars = array('%spacecolor%', '%used_size%', '%available_size%');
$repl = array($color, round($size / (1024 * 1024), 2), round($maxusergalleries / (1024 * 1024), 2));
$space_max_in_user = str_replace($vars, $repl, $_language->module['x_of_y_mb_in_use']);
eval("\$usergallery_head = \"" . gettemplate("usergallery_head") . "\";");
echo $usergallery_head;
$ergebnis = safe_query("SELECT * FROM " . PREFIX . "gallery WHERE userID='" . $userID . "'");
if (mysql_num_rows($ergebnis) == 0) {
echo '<tr bgcolor="' . $bg1 . '"><td colspan="4">' . $_language->module['no_galleries'] . '</td></tr>';
}
for ($i = 1; $ds = mysql_fetch_array($ergebnis); $i++) {
if ($i % 2) {
$bg = $bg1;
} else {
$bg = $bg2;
}
$name = clearfromtags($ds['name']);
$galleryID = $ds['galleryID'];
eval("\$usergallery = \"" . gettemplate("usergallery") . "\";");
echo $usergallery;
}
eval("\$usergallery_foot = \"" . gettemplate("usergallery_foot") . "\";");
echo $usergallery_foot;
}
} else {
redirect('index.php?site=login', '', 0);
}
} elseif (isset($_GET['file'])) {
// ADMINACTIONS
$adminactions = '';
if (isfileadmin($userID)) {
$adminactions = '<table width="100%" border="0" cellpadding="0" cellspacing="0"><tr><td align="left">';
$adminactions .= '</td><td align="right"><input type="button" onclick="MM_goToURL(\'parent\',\'index.php?site=files&action=newfile\');return document.MM_returnValue" value="' . $_language->module['new_file'] . '" /> ';
$adminactions .= '<input type="button" onclick="MM_openBrWindow(\'admin/admincenter.php?site=filecategorys\',\'\')" value="' . $_language->module['new_category'] . '" />';
$adminactions .= '</td></tr></table><br />';
}
// FILE-INFORMATION
$file = mysql_fetch_array(safe_query("SELECT * FROM " . PREFIX . "files WHERE fileID='" . $_GET['file'] . "'"));
if ($file['accesslevel'] == 2 and !isclanmember($userID)) {
die($_language->module['no_access']);
}
$fileID = $file['fileID'];
$filename = clearfromtags($file['filename']);
$fileinfo = cleartext($file['info']);
$fileinfo = toggle($fileinfo, $file['fileID']);
$filesize = $file['filesize'];
if (!$filesize) {
$filesize = 0;
}
$downloads = $file['downloads'];
if (!$downloads) {
$downloads = 0;
}
$filevotes = $file['votes'];
$filevotes ? $filevotes = ', ' . $filevotes . ' votes' : ($filevotes = ', unrated');
$traffic = detectfilesize($filesize * $downloads);
$filesize = detectfilesize($file['filesize']);
$reportlink = '<a href="index.php?site=files&action=report&link=' . $file['fileID'] . '"><b>' . $_language->module['report_dead_link'] . '</b></a>';
}
if ($userID) {
$run = 1;
} else {
$CAPCLASS = new Captcha();
if (!$CAPCLASS->check_captcha($_POST['captcha'], $_POST['captcha_hash'])) {
$fehler[] = $_language->module['wrong_securitycode'];
} else {
$run = 1;
}
}
if (!count($fehler) and $run) {
$header = "From:{$from}\n";
$header .= "Reply-To: {$from}\n";
$header .= "Content-Type: text/html; charset=utf-8\n";
mail($getemail, stripslashes($subject), stripslashes('This mail was send over your webSPELL - Website (IP ' . $GLOBALS['ip'] . '): ' . $hp_url . '<br /><br /><b>' . getinput($name) . ' writes:</b><br />' . clearfromtags($text)), $header);
redirect('index.php?site=contact', $_language->module['send_successfull'], 3);
unset($_POST['name']);
unset($_POST['from']);
unset($_POST['text']);
unset($_POST['subject']);
} else {
$errors = implode('<br />• ', $fehler);
$showerror = '<div class="errorbox">
<b>' . $_language->module['errors_there'] . ':</b><br /><br />
• ' . $errors . '
</div>';
}
}
$getemail = '';
$ergebnis = safe_query("SELECT * FROM " . PREFIX . "contact ORDER BY sort");
if ($action == "save") {
$message = trim($_POST['message']);
$name = trim($_POST['name']);
$run = 0;
if ($userID) {
$run = 1;
$name = mysql_real_escape_string(getnickname($userID));
} else {
$CAPCLASS = new Captcha();
if ($CAPCLASS->check_captcha($_POST['captcha'], $_POST['captcha_hash'])) {
$run = 1;
}
if (mysql_num_rows(safe_query("SELECT * FROM " . PREFIX . "user WHERE nickname = '{$name}' "))) {
$name = '*' . $name . '*';
}
$name = clearfromtags($name);
}
if (!empty($name) && !empty($message) && $run) {
$date = time();
$ip = $GLOBALS['ip'];
$ergebnis = safe_query("SELECT * FROM " . PREFIX . "shoutbox ORDER BY date DESC LIMIT 0,1");
$ds = mysql_fetch_array($ergebnis);
if ($ds['message'] != $message or $ds['name'] != $name) {
safe_query("INSERT INTO " . PREFIX . "shoutbox (date, name, message, ip) VALUES ( '{$date}', '{$name}', '{$message}', '{$ip}' ) ");
}
}
redirect('index.php?site=shoutbox_content&action=showall', 'shoutbox', 0);
} elseif ($action == "delete") {
include "_mysql.php";
include "_settings.php";
include '_functions.php';
$posttime = date("d.m.y H:i", $db['date']);
if (mb_strlen($db['message']) > 100) {
$message = mb_substr($db['message'], 0, 90 + mb_strpos(mb_substr($db['message'], 90, mb_strlen($db['message'])), " ")) . "...";
} else {
$message = $db['message'];
}
$postlist .= '<tr bgcolor="' . $bgcolor1 . '">
<td>
<table width="100%" cellpadding="2" cellspacing="1">
<tr>
<td colspan="3"><a href="index.php?site=forum_topic&topic=' . $db['topicID'] . '">' . $posttime . ' <br /><b>' . str_break(getinput($db['topic']), 34) . '</b></a></td>
</tr>
<tr><td></td></tr>
<tr>
<td width="1%"> </td>
<td bgcolor="' . $bgcolor2 . '" width="98%"><div style="overflow:hidden;">' . str_break(clearfromtags($message), 34) . '</div></td>
<td width="1%"> </td>
</tr>
</table>
</td>
</tr>';
$n++;
}
} else {
$postlist = '<tr>
<td bgcolor="' . BG_1 . '" valign="top">' . $_language->module['no_new_posts'] . '</td>
</tr>';
}
//clanmember/admin/referer
if (isclanmember($userID)) {
$cashboxpic = '<td><a href="index.php?site=cash_box"><img src="images/icons/cashbox.gif" border="0" alt="Cashbox" /></a></td>
if ($graphiccard == '') {
$graphiccard = $_language->module['n_a'];
}
$soundcard = clearfromtags($ds['soundcard']);
if ($soundcard == '') {
$soundcard = $_language->module['n_a'];
}
$keyboard = clearfromtags($ds['keyboard']);
if ($keyboard == '') {
$keyboard = $_language->module['n_a'];
}
$mouse = clearfromtags($ds['mouse']);
if ($mouse == '') {
$mouse = $_language->module['n_a'];
}
$mousepad = clearfromtags($ds['mousepad']);
if ($mousepad == '') {
$mousepad = $_language->module['n_a'];
}
/******HardwareMod******/
/************************************************/
$anznewsposts = getusernewsposts($ds['userID']);
$anzforumtopics = getuserforumtopics($ds['userID']);
$anzforumposts = getuserforumposts($ds['userID']);
$comments = array();
$comments[] = getusercomments($ds['userID'], 'ne');
$comments[] = getusercomments($ds['userID'], 'cw');
$comments[] = getusercomments($ds['userID'], 'ar');
$comments[] = getusercomments($ds['userID'], 'de');
$pmgot = 0;
$pmgot = $ds['pmgot'];
<?php
$ergebnis = safe_query("SELECT * FROM " . PREFIX . "videos ORDER BY vidID DESC LIMIT 0,8");
while ($ds = mysql_fetch_array($ergebnis)) {
$name = $ds[vidheadline];
if (strlen($name) > 25) {
$name = substr($name, 0, 25);
$name .= '..';
}
echo '<div class="sm_gallery" style="background:url(http://img.youtube.com/vi/' . $ds[vidclip] . '/mqdefault.jpg) #12181C; background-size: 249px 142px;">
<div class="gallery_overlay"><small>VIDEO</small><br/>
<a href="video/' . $ds[vidID] . '/">' . clearfromtags($name) . '</a>
</div></div>';
}
