$delquery = $db->query_str("DELETE FROM {$tab['news']} WHERE id='{$newsid}'"); $adminaction = "news_select"; } ############################ if ($adminaction_block) { $block = $db->query("SELECT * FROM {$tab['news']} WHERE id='{$newsid}'"); $block[blocked] ? $block = 0 : ($block = 1); $savequery = $db->query_str("UPDATE {$tab['news']} SET blocked='{$block}' WHERE id='{$newsid}'"); header("LOCATION: {$HTTP_REFERER}"); } ############################ if ($adminaction_in_activate) { $news = $db->query("SELECT * FROM {$tab['news']} WHERE id='{$newsid}'"); $news[activated] ? $activ = 0 : ($activ = 1); if ($activ) { addpoints($points[news_activate], $news[autid]); } $savequery = $db->query_str("UPDATE {$tab['news']} SET activated='{$activ}' WHERE id='{$newsid}'"); header("LOCATION: {$HTTP_REFERER}"); } ############################ ########################### if ($adminaction_edit) { $form = $db->query("SELECT * FROM {$tab['news']} WHERE id='{$newsid}'"); $user_name = mkuser("user_name", $form[autid], $NULL); $smilies = getsmiliesbit("news.newsform.smilie.bit"); $thisaction = "news_edit_save"; unset($adminaction); eval("\$inc[action] = \t\"" . gettemplate("news.admin.newsform") . "\";"); } ############################
} else { $puplic = "0"; } $savenewsquery = $db->query_str("INSERT INTO {$tab['news']} (autid,date,title,text,smilies,html,activated) \r\n\t\t\t\t\t\t\tVALUES ('{$login['id']}','{$time}','{$form['title']}','{$form['text']}','{$form['smilies']}','{$form['html']}','{$puplic}')"); eval("\$inc[action] = \"" . gettemplate("news.success.send") . "\";"); } } ################ if ($action == "new_comment_save") { if (!$newsid) { header("LOCATION: index.php?section=news"); } if ($form[autname] && $form[title] && $form[text] && $newsid) { $time = time(); $query = $db->query_str("INSERT INTO {$tab['news_comment']} (newsid,autname,title,text,date) \r\n\t\t\t\t\t\tVALUES('{$newsid}','{$form['autname']}','{$form['title']}','{$form['text']}','{$time}')"); addpoints($points[news_com]); unset($form); } else { eval("\$fail_comment = \"" . gettemplate("fail.eingabe") . "\";"); } $action = "news_comment"; } ################ if ($action == "news_new") { if (!$login) { eval("\$inc[action] = \"" . gettemplate("fail.access.notloggedin") . "\";"); } else { $user = getuser($login[id]); $smilies = getsmiliesbit("news.newsform.smilie.bit"); $user_name = mkuser("user_name", 0, $login); $thisaction = "new_new_save";
} $res = $db->fetchOne("SELECT COUNT(*) AS NUM FROM members WHERE email='" . $email . "'"); if ($res != 0) { serveranswer(0, $lang['txt']['usernameused']); } $res = $db->fetchOne("SELECT COUNT(*) AS NUM FROM members WHERE username='******' and status='Active'"); if ($res == 0) { $referrer = "0"; } else { $ref = $db->fetchRow("SELECT id, password, username, type, referrals, myrefs1 FROM members WHERE username='******'"); $newpassword = $input->pc['password']; $newusername = $input->pc['username']; require_once SOURCES . "cheater_password.php"; $membership = $db->fetchRow("SELECT point_enable, point_ref, directref_limit FROM membership WHERE id=" . $ref['type']); if ($membership['point_enable'] == 1) { addpoints($ref['id'], $membership['point_ref']); } $limitref = $membership['directref_limit']; $addref = "no"; if ($ref['referrals'] < $limitref) { $addref = "yes"; } if ($limitref == "-1") { $addref = "yes"; } if ($addref == "yes") { $set = array("referrals" => $ref['referrals'] + 1, "myrefs1" => $ref['myrefs1'] + 1); $upd = $db->update("members", $set, "id=" . $ref['id']); $referrer = $ref['id']; /*here start referal_constant*/ $verificar = $db->fetchOne("SELECT COUNT(*) AS NUM FROM addon WHERE name='referal_constant' ; ");
if (!$login[id]) { $login[id] = "1"; } if (!$form[title] || !$form[text]) { eval("\$fail_thread = \"" . gettemplate("fail.eingabe") . "\";"); } else { if ($db->query("SELECT * FROM {$tab['forum_post']} WHERE post_title='{$form['title']}' AND post_text='{$form['text']}' AND aut_id='{$login['id']}' AND parent_boardid='{$boardid}'")) { eval("\$incf[action] = \"" . gettemplate("forum.fail.post.twice") . "\";"); } else { $boardposts = $thisboard[count_posts] + 1; $boardthreads = $thisboard[count_threads] + 1; $insertstring = $db->query_str("INSERT INTO {$tab['forum_post']} (parent_boardid,settime,is_first,aut_id,post_title,post_text,smilies,signatur) \n\t\t\t\t\t\t\t\t\t\tVALUES ('{$boardid}','" . time() . "','1','{$login['id']}','{$form['title']}','{$form['text']}','{$form['smilies']}','{$form['signatur']}')"); $postid = mysql_insert_id(); $id = $db->query_str("UPDATE {$tab['forum_post']} SET \n\t\t\t\t\t\t\t\t\tlast_userid='{$login['id']}',\n\t\t\t\t\t\t\t\t\tparent_postid='{$postid}',\n\t\t\t\t\t\t\t\t\tlast_posttime='" . time() . "'\n\t\t\t\t\t\t\t\t\tWHERE id='{$postid}'"); $updateboard = $db->query_str("UPDATE {$tab['forum_board']} SET \n\t\t\t\t\t\t\t\t\t\tcount_threads=count_threads+1,\n\t\t\t\t\t\t\t\t\t\tcount_posts=count_posts+1,\n\t\t\t\t\t\t\t\t\t\tlast_userid='{$login['id']}',\n\t\t\t\t\t\t\t\t\t\tlast_postid='{$postid}'\n\t\t\t\t\t\t\t\t\t\tWHERE id='{$boardid}'"); addpoints($points[forum_newthread]); set_forum_notify(); header("LOCATION: index.php?section=forum&swora=" . session_id() . "&boardid={$boardid}&threadid={$postid}&start={$start}"); } } } ########################## if ($action == "save_edit_thread") { $post = getpost($postid); if ($post[is_first] && !$form[title]) { eval("\$fail_edit = \"" . gettemplate("fail.eingabe") . "\";"); } elseif ($post[aut_id] != $login[id] && !is_allowed($sec[forum][id], $boardid)) { eval("\$inc[action] = \"" . gettemplate("fail.access.noaccess") . "\";"); } else { if (!$form[text]) { eval("\$fail_edit = \"" . gettemplate("fail.eingabe") . "\";");