<?php if (!preg_match("/index.php/", $REQUEST_URI)) { die("Direct Open not allowed."); } $stopheaderoutput_main = TRUE; if (trim($info)) { if (!($info = $db->query("SELECT * FROM {$tab['help']} WHERE name='{$info}' OR id='{$info}'"))) { eval("\$msg = \"" . gettemplate("help.nohelp") . "\";"); } else { $db->query_str("UPDATE {$tab['help']} SET views=views+1 WHERE id='{$info['id']}'"); $info[text] = mksworacodes($info[text]); eval("\$msg = \"" . gettemplate("help.msg") . "\";"); } eval("\$inc[action] = \"" . gettemplate("help.main") . "\";"); }
} $action = "ugb"; } ########################################## if ($action == "ugb" || $fail_ugb) { $stopheaderoutput_main = true; $fail = $fail_ugb; if (!is_numeric($uid) || !($user = getuser($uid))) { eval("\$inc[action] = \"" . gettemplate("user.ugb.invaliduser") . "\";"); } else { $username = mkuser("user_name", "", $user); $result = $db->query_str("SELECT * FROM {$tab['ugb']} WHERE uid='{$uid}' ORDER BY id DESC"); while ($e = $db->fetch_array($result)) { $wuser = getuser($e[aid]); $autor = mkuser("user_name", "", $wuser); $e[text] = mksworacodes($e[text]); $time = mkdate($e[time]); eval("\$bit .= \"" . gettemplate("user.ugb.bit") . "\";"); } if (!$bit) { eval("\$bit = \"" . gettemplate("user.ugb.nobit") . "\";"); } $loginname = mkuser("user_name", "", $login); eval("\$inc[action] = \"" . gettemplate("user.ugb.main") . "\";"); } } ########################################## ########################################## } else { ########### if (!$show && !$login[id]) {
} } $UPDATE = $db->query_str("UPDATE {$tab['forum_post']} SET count_views=count_views+1 WHERE id='{$threadid}'"); $postsquery = $db->query_str("SELECT * FROM {$tab['forum_post']} WHERE parent_postid='{$threadid}' ORDER BY is_first DESC, settime ASC LIMIT {$start},{$showpp}"); $views = $thisthread[count_views] + 1; if (!mysql_num_rows($postsquery)) { eval("\$incf[posts] = \"" . gettemplate("forum.wrongid") . "\";"); } else { while ($post = $db->fetch_array($postsquery)) { ///////////////////////////////////////////////////// if (!$post[post_title]) { $post[post_title] = "<br />"; } $post[post_text] = str_replace("<", "<", $post[post_text]); $post[post_text] = str_replace(">", ">", $post[post_text]); $post[post_text] = mksworacodes($post[post_text], $post[aut_id]); $post[post_text] = str_replace("\r\n", "<br>", $post[post_text]); // ------- // $user = getuser($post[aut_id]); $user_name = mkuser("user_name", 0, $user); $user_location = mkuser("user_location", 0, $user); $avatar = mkuser("avatar", 0, $user); $user_points = $user[points] ? mkuser("points", 0, $user) : NULL; if ($post[signatur]) { $post[post_text] .= "<br><br>" . mkuser("user_signatur", 0, $user); } if ($post[smilies]) { $post[post_text] = makesmilies($post[post_text]); } // ------- // eval("\$userstuff = \"" . gettemplate("forum.thread.post.userstuff") . "\";");
} else { $newsquery = $db->query_str("SELECT * FROM {$tab['news']} WHERE id='{$newsid}'"); } while ($news = $db->fetch_array($newsquery)) { $comments = $db->query("SELECT COUNT(*) FROM {$tab['news_comment']} WHERE newsid='{$news['id']}'"); $comments = $comments[0]; $user_name = mkuser("user_name", $news[autid], $NULL); $news[date] = mkdate($news[date]); if (!$news[html]) { $news[text] = htmlspecialchars($news[text]); } if ($news[smilies]) { $news[text] = makesmilies($news[text]); } $news[text] = str_replace("\r\n", "<br>", $news[text]); $news[text] = mksworacodes($news[text], $news[autid]); eval("\$inc[news] .= \"" . gettemplate("news.news") . "\";"); } /* --- LISTE --- */ if ($config[news_list]) { $newsquery = $db->query_str("SELECT id,title FROM {$tab['news']} WHERE activated='1' AND blocked='0' ORDER BY date DESC LIMIT {$config['news_list']}"); while ($news = $db->fetch_array($newsquery)) { $user_name = mkuser("user_name", $news[autid], $NULL); $news[date] = mkdate($news[date]); eval("\$latestnews.=\"" . gettemplate("news.newtitles.bit") . "\";"); } eval("\$oldernews = \"" . gettemplate("news.oldernews") . "\";"); } /* --- INCLUDE --- */ if ($config[news_include_others]) { ob_start();
function mkuser($mode, $userid, &$userref) { global $db, $tab, $useronline; if (!$userref) { $user = getuser($userid); } else { $user = $userref; } switch ($mode) { ############### case "user_hp": $user[user_hp] = mk2url($user[user_hp], 0); break; ############### ############### case "user_signatur": if (!$user[user_signatur]) { return; } $user[user_signatur] = makesmilies(mksworacodes(htmlspecialchars($user[user_signatur]))); break; ############### ############### case "user_text": $user[user_text] = makesmilies(mksworacodes($user[user_text])); break; ############### ############### case "user_gender": if ($user[user_gender] == 1) { $user[user_gender] = "männlich"; } if ($user[user_gender] == 2) { $user[user_gender] = "weiblich"; } break; ############### ############### case "user_email": switch ($user[show_email]) { case TRUE: $mode .= ".mail"; break; default: $mode .= ".nomail"; break; } break; $dir = dir("./includes"); while ($f = $dir->read()) { if (preg_match("#^u_#", $f)) { include "./includes/" . $f; } } ############### ############### case "avatar": if (!$db->query("SELECT * FROM {$tab['avatar']} WHERE userid='{$user['id']}'")) { return ""; } break; } if ($mode == "user_icq" && !$user[user_icq]) { return "---"; } if ($mode == "user_aim" && !$user[user_aim]) { return "---"; } if ($mode == "user_yim" && !$user[user_yim]) { return "---"; } if ($mode == "user_yim" && !$user[user_yim]) { return "---"; } if ($mode == "user_email" && !$user[user_email]) { return "---"; } if ($mode == "user_hp" && !$user[user_hp]) { return "---"; } eval("\$return = \"" . gettemplate("user.show.{$mode}") . "\";"); return $return; }