sendmail($email, 'NEWPM', $input);
}
message($apx->lang->get('MSG_OK'), mklink('user.php?action=pms&dir=out', 'user,pms,out.html'));
}
} else {
if ($_POST['preview']) {
$text = $_POST['text'];
if ($set['user']['pm_badwords']) {
$text = badwords($text);
}
$text = replace($text, 1);
if ($set['user']['pm_allowsmilies']) {
$text = dbsmilies($text);
}
if ($set['user']['pm_allowcode']) {
$text = dbcodes($text);
}
$apx->tmpl->assign('PREVIEW', $text);
$apx->tmpl->assign('USERNAME', compatible_hsc($_POST['touser']));
$apx->tmpl->assign('SUBJECT', compatible_hsc($_POST['subject']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('ADDSIG', intval($_POST['addsig']));
} else {
$text = '';
if ($_REQUEST['answer']) {
$res = $db->first("SELECT a.subject,a.text,b.userid,b.username,c.username AS username2 FROM " . PRE . "_user_pms AS a LEFT JOIN " . PRE . "_user AS b ON a.fromuser=b.userid LEFT JOIN " . PRE . "_user AS c ON a.touser=c.userid WHERE ( a.id='" . $_REQUEST['answer'] . "' AND ( a.touser='******'userid'] . "' OR a.fromuser='******'userid'] . "' ) )");
if ($res['userid'] == $user->info['userid']) {
$username = compatible_hsc($res['username2']);
$subject = compatible_hsc($res['subject']);
$text = '[QUOTE]' . compatible_hsc($res['text']) . "[/QUOTE]\n";
} else {
function mksig($info, $nospacer = false)
{
global $set;
$text = $info['signature'];
if (!$text) {
return '';
}
if ($set['user']['sig_badwords']) {
$text = badwords($text);
}
$text = replace($text, 1);
if ($set['user']['sig_allowsmilies']) {
$text = dbsmilies($text);
}
if ($set['user']['sig_allowcode']) {
$text = dbcodes($text, 1);
}
if (!$nospacer) {
$text = $set['user']['sigspace'] . $text;
}
return $text;
}
function addcom()
{
global $db, $apx, $user;
$_POST['mid'] = (int) $_POST['mid'];
if (!$_POST['mid']) {
die('missing mID!');
}
//if ( !$apx->is_module($_POST['module']) ) die('invalid MODULE!');
$apx->lang->drop('add', 'comments');
list($spam) = $db->first("SELECT time FROM " . PRE . "_comments WHERE ( module='" . addslashes($_POST['module']) . "' AND ip='" . get_remoteaddr() . "' AND mid='" . $_POST['mid'] . "' ) ORDER BY time DESC");
//Captcha prüfen
if ($this->set['captcha'] && !$user->info['userid']) {
require BASEDIR . 'lib/class.captcha.php';
$captcha = new captcha();
$captchafailed = $captcha->check();
}
if ($user->info['userid']) {
if ($captchafailed) {
message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()');
} elseif ($this->ip_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKIP'), 'back');
} elseif (!$_POST['text'] || $this->set['req_title'] && !$_POST['title']) {
message('back');
} elseif ($this->text_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back');
} elseif ($this->set['maxlen'] && strlen($_POST['text']) > $this->set['maxlen']) {
message($apx->lang->get('MSG_COM_TOOLONG'), 'back');
} elseif ($spam + $this->set['spamprot'] * 60 > time()) {
message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back');
} else {
if ($this->set['mod'] && !$user->is_team_member()) {
$_POST['active'] = 0;
} else {
$_POST['active'] = 1;
}
$_POST['userid'] = $user->info['userid'];
$_POST['username'] = $user->info['username'];
$_POST['time'] = time();
$_POST['ip'] = get_remoteaddr();
$db->dinsert(PRE . '_comments', 'module,mid,userid,username,title,text,time,notify,ip,active');
$comid = $db->insert_id();
//eMail-Benachrichtigung (Admin)
if ($this->set['mailonnew']) {
$text = strip_tags(dbcodes($_POST['text']));
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text);
sendmail($this->set['mailonnew'], 'SENDCOM', $input);
}
//eMail-Benachrichtigung (User)
if ($_POST['active']) {
$data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "' AND c.userid!=" . $user->info['userid'] . "\n\t\t\t\t\t");
if (count($data)) {
foreach ($data as $res) {
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']);
sendmail($res['email'], 'NOTIFYCOM', $input);
}
}
//Notify zurücksetzen
$db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'");
}
//Captcha löschen
if ($this->set['captcha'] && !$user->info['userid']) {
$captcha->remove();
}
message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
}
} elseif ($this->set['pub']) {
if (!checkmail($_POST['email'])) {
if ($this->set['req_email']) {
$emailnotvalid = true;
} else {
$_POST['email'] = '';
}
}
if ($captchafailed) {
message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()');
} elseif ($this->ip_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKIP'), 'back');
} elseif (!$_POST['username'] || !$_POST['text'] || $this->set['req_email'] && !$_POST['email'] || $this->set['req_homepage'] && !$_POST['homepage'] || $this->set['req_title'] && !$_POST['title']) {
message('back');
} elseif ($_POST['notify'] && !$_POST['email']) {
message($apx->lang->get('MSG_COM_MAILNEEDED'), 'back');
} elseif ($this->text_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back');
} elseif ($this->set['entrymaxlen'] && strlen($_POST['text']) > $this->set['entrymaxlen']) {
message($apx->lang->get('MSG_COM_TOOLONG'), 'back');
} elseif ($emailnotvalid) {
message($apx->lang->get('MSG_COM_EMAILNOTVALID'), 'back');
} elseif ($spam + $this->set['spamprot'] * 60 > time()) {
message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back');
} else {
if (substr($_POST['homepage'], 0, 4) == 'www.') {
$_POST['homepage'] = 'http://' . $_POST['homepage'];
}
if ($this->set['mod']) {
$_POST['active'] = 0;
} else {
$_POST['active'] = 1;
}
$_POST['time'] = time();
$_POST['ip'] = get_remoteaddr();
$db->dinsert(PRE . '_comments', 'module,mid,userid,username,email,homepage,title,text,time,notify,ip,active');
//eMail-Benachrichtigung (Admin)
if ($this->set['mailonnew']) {
$text = strip_tags(dbcodes($_POST['text']));
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text);
sendmail($this->set['mailonnew'], 'SENDCOM', $input);
}
//eMail-Benachrichtigung (User)
if ($_POST['active']) {
$data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "'\n\t\t\t\t\t");
if (count($data)) {
foreach ($data as $res) {
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']);
sendmail($res['email'], 'NOTIFYCOM', $input);
}
}
//Notify zurücksetzen
$db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'");
}
//Captcha löschen
if ($this->set['captcha'] && !$user->info['userid']) {
$captcha->remove();
}
message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
}
}
}
function user_blogs_last($count = 5, $start = 0, $friendsonly = false, $userid = 0, $template = 'lastblogs')
{
global $set, $db, $apx, $user;
$tmpl = new tengine();
$count = (int) $count;
$start = (int) $start;
$userid = (int) $userid;
//Verwendete Variablen auslesen
$parse = $apx->tmpl->used_vars('functions/' . $template, 'user');
//Nach Freunde filtern
$friendfilter = '';
if ($friendsonly) {
$friends = $user->get_buddies();
$friends[] = -1;
$friendfilter = " AND userid IN (" . implode(',', $friends) . ") ";
}
//Nach Benutzer filtern
$userfilter = '';
if ($userid) {
$userfilter = " AND userid='" . $userid . "'";
}
$data = $db->fetch("SELECT * FROM " . PRE . "_user_blog WHERE 1 " . $userfilter . $friendfilter . " ORDER BY time DESC LIMIT " . iif($start, $start . ',') . $count);
if (count($data)) {
//Benutzer-Infos auslesen
$userdata = array();
if (in_template(array('BLOG.USERNAME', 'BLOG.REALNAME', 'BLOG.AVATAR', 'BLOG.AVATER_TITLE'), $parse)) {
$userids = get_ids($data, 'userid');
$userdata = $user->get_info_multi($userids, 'username,realname,avatar,avatar_title');
}
//Blogs auflisten
$tabledata = array();
foreach ($data as $res) {
++$i;
$link = mklink('user.php?action=blog&id=' . $res['userid'] . '&blogid=' . $res['id'], 'user,blog,' . $res['userid'] . ',id' . $res['id'] . urlformat($res['title']) . '.html');
//Text
$text = '';
if (in_array('BLOG.TEXT', $parse)) {
$text = $res['text'];
$text = badwords($text);
$text = replace($text, 1);
$text = dbsmilies($text);
$text = dbcodes($text);
}
$tabledata[$i]['ID'] = $res['id'];
$tabledata[$i]['TITLE'] = replace($res['title']);
$tabledata[$i]['TEXT'] = $res['text'];
$tabledata[$i]['LINK'] = $link;
$tabledata[$i]['TIME'] = $res['time'];
//Userinfo
$userinfo = $userdata[$res['userid']];
$tabledata[$i]['USERID'] = $res['userid'];
$tabledata[$i]['USERNAME'] = replace($userinfo['username']);
$tabledata[$i]['REALNAME'] = replace($userinfo['realname']);
$tabledata[$i]['AVATAR'] = $user->mkavatar($userinfo);
$tabledata[$i]['AVATAR_TITLE'] = $user->mkavtitle($userinfo);
//Kommentare
if ($apx->is_module('comments') && $res['allowcoms']) {
require_once BASEDIR . getmodulepath('comments') . 'class.comments.php';
if (!isset($coms)) {
$coms = new comments('userblog', $res['id']);
} else {
$coms->mid = $res['id'];
}
$link = mklink('user.php?action=blog&id=' . $res['userid'] . '&blogid=' . $res['id'], 'user,blog,' . $res['userid'] . ',id' . $res['id'] . urlformat($res['title']) . '.html');
$tabledata[$i]['COMMENT_COUNT'] = $coms->count();
$tabledata[$i]['COMMENT_LINK'] = $coms->link($link);
$tabledata[$i]['DISPLAY_COMMENTS'] = 1;
if (in_template(array('BLOG.COMMENT_LAST_USERID', 'BLOG.COMMENT_LAST_NAME', 'BLOG.COMMENT_LAST_TIME'), $parse)) {
$tabledata[$i]['COMMENT_LAST_USERID'] = $coms->last_userid();
$tabledata[$i]['COMMENT_LAST_NAME'] = $coms->last_name();
$tabledata[$i]['COMMENT_LAST_TIME'] = $coms->last_time();
}
}
}
}
$tmpl->assign('BLOG', $tabledata);
//Template ausgeben
$tmpl->parse('functions/' . $template, 'user');
}
