$user['useravatar'] = ""; } // check signature length. if ($config['sig_restrict']) { if (!check_siglen(preparse_code($user['usersignature']))) { $err_msg .= 'Ihre Signatur enthält zuviele Zeichen (max. ' . $config['sig_maxlen'] . ') oder besteht aus zu vielen Zeilen (max. ' . $config['sig_maxlines'] . ').'; } } if (!$user['userpassword']) { $err_msg .= 'Bitte geben Sie ein Passwort an'; } if (strlen($err_msg) > 0) { message("Fehler", "Es sind leider folgende Fehler aufgetreten:<br><br><font color='{$style['color_err']}'>{$err_msg}</font>"); } else { if ($user['userhomepage'] == 'http://') { $user['userhomepage'] = ''; } if ($user['userbday_day'] == 0 || $user['userbday_month'] == 0 || $user['userbday_year'] == 0) { $user['userbday'] = '0000-00-00'; } else { $user['userbday'] = sprintf('%04d-%02d-%02d', $user['userbday_year'], $user['userbday_month'], $user['userbday_day']); } if (!thwb_query("UPDATE " . $pref . "user SET\n userpassword='******'userpassword']) . "',\n userhomepage='" . addslashes($user['userhomepage']) . "',\n userlocation='" . addslashes($user['userlocation']) . "',\n usericq='" . addslashes($user['usericq']) . "',\n useraim='" . addslashes($user['useraim']) . "',\n usermsn='" . addslashes($user['usermsn']) . "',\n userbday='" . addslashes($user['userbday']) . "',\n useroccupation='" . addslashes($user['useroccupation']) . "',\n useravatar='" . addslashes($user['useravatar']) . "',\n userinterests='" . addslashes($user['userinterests']) . "',\n usersignature='" . addslashes(preparse_code($user['usersignature'])) . "',\n userhideemail='" . intval($user['userhideemail']) . "',\n userinvisible='" . intval($user['userinvisible']) . "',\n usernoding='" . intval($user['usernoding']) . "',\n styleid='" . intval($user['styleid']) . "',\n userhidesig='" . intval($user['userhidesig']) . "' WHERE userid='{$g_user['userid']}'")) { message("Fehler", "Interner Fehler!"); } } // *try* to reset password if ($user['usernewpassword'] || $user['usernewpassword2']) { setcookie("thwb_cookie", $user['userpassword'] . $g_user['userid'], time() + 60 * 60 * 24 * 365); } message("Update erfolgreich!", "Das Update war erfolgreich!");
} } if (strlen($newpost['posttext']) < $config['message_minlength']) { $msg .= "Ihr Text ist zu kurz!<br>"; } if (strlen($newpost['posttext']) > $config['message_maxlength']) { $msg .= "Ihr Text ist zu lang!<br>"; } if (isset($msg) && strlen($msg) > 0) { message("Fehler", "Es sind leider folgende Fehler aufgetreten:<br><br><font color='{$style['color_err']}'>{$msg}</font>"); } $c_time = time(); thwb_query("UPDATE " . $pref . "post SET posttext='" . addslashes(preparse_code($newpost['posttext'])) . "',\n postlasteditby='{$g_user['username']}', postlastedittime='" . time() . "',\n postsmilies='" . ($newpost['postsmilies'] ? 1 : 0) . "',\n postcode='" . ($newpost['postcode'] ? 1 : 0) . "',\n postemailnotify='" . (isset($newpost['postemailnotify']) && $newpost['postemailnotify'] ? 1 : 0) . "' WHERE postid='{$post['postid']}'"); // topic updaten, (auch board), nicht als normaluser if ($firstpost && $P->has_permission(P_EDITTOPIC)) { $newpost['threadtopic'] = addslashes(preparse_code($newpost['threadtopic'])); // topic setten thwb_query("UPDATE " . $pref . "thread SET threadtopic = '" . $newpost['threadtopic'] . "' WHERE threadid = '{$post['threadid']}'"); // board updaten updateboard($thread['boardid']); // eventuell vorhandene threadlinks updaten $r_link = thwb_query("SELECT threadid, boardid FROM " . $pref . "thread WHERE threadlink = " . $post['threadid']); if (mysql_num_rows($r_link)) { $a_link = mysql_fetch_array($r_link); thwb_query("UPDATE " . $pref . "thread SET threadtopic = '" . $newpost['threadtopic'] . "' WHERE threadid = " . $a_link['threadid']); // nicht updaten, threadlinks werden eh nicht im boardlastpost angezeigt // updateboard( $a_link['boardid'] ); } } header("Location: " . build_link("showtopic.php?threadid={$thread['threadid']}&pagenum=lastpage#" . $post['postid'], true)); }
$g_user['username'] = $config['guestprefix'] . $post['postguestname']; $post['postguestname'] = $config['guestprefix'] . addslashes($post['postguestname']); } else { $post['postguestname'] = ''; } if ($config["usebwordprot"] >= BWORD_POST) { $post["posttext"] = check_banned($post["posttext"]); } if (isset($config['auto_close']) && $config['auto_close'] > 0) { thwb_query("UPDATE " . $pref . "thread SET threadclosed = '1' WHERE threadtime < '" . (time() - ($config['auto_close'] + 1) * 86400) . "'"); } if (isset($config['auto_delete']) && $config['auto_delete'] > 0) { thwb_query("DELETE FROM " . $pref . "thread WHERE threadtime < " . (time() - $config['auto_delete'] * 86400) . ""); } // neue nachricht posten thwb_query("INSERT INTO " . $pref . "post (posttime, posttext, userid, threadid, postemailnotify, postsmilies, postcode, postip, postguestname)\n VALUES('{$ctime}',\n '" . addslashes(preparse_code($post['posttext'])) . "',\n '{$g_user['userid']}',\n '{$thread['threadid']}',\n '" . ($post['postemailnotify'] ? 1 : 0) . "',\n '" . ($post['postsmilies'] ? 1 : 0) . "',\n '" . ($post['postcode'] ? 1 : 0) . "',\n '" . addslashes($REMOTE_ADDR) . "',\n '" . $post['postguestname'] . "')"); // Replys um 1 erhöhen in der board datenbank thwb_query("UPDATE " . $pref . "board SET\n boardlastpost='{$ctime}',\n boardposts=boardposts+1,\n boardlastpostby='" . addslashes($g_user['username']) . "',\n boardthreadtopic='" . addslashes($thread['threadtopic']) . "',\n boardthreadid={$thread['threadid']} WHERE boardid='{$board['boardid']}'"); if ($g_user['userid']) { // Den postings wert des postenden users erhöhen thwb_query("UPDATE " . $pref . "user SET userlastpost={$ctime}, userposts=userposts+1 WHERE userid='{$g_user['userid']}'"); } // Replys um 1 erhöhen in der topic datenbank + time aktualisieren thwb_query("UPDATE " . $pref . "thread SET threadtime='{$ctime}', threadreplies=threadreplies+1,\n threadlastreplyby='" . addslashes($g_user['username']) . "' WHERE threadid='{$thread['threadid']}'"); // email zeug if ($config['use_email']) { $TRegmail = new Template("./templates/mail/newreply.mail"); $r_email = thwb_query("SELECT DISTINCT\n user.useremail as useremail, thread.threadtopic as threadtopic\n FROM\n " . $pref . "post as post, " . $pref . "user as user, " . $pref . "thread as thread\n WHERE\n thread.threadid={$thread['threadid']} AND\n post.threadid={$thread['threadid']} AND\n post.userid=user.userid AND\n post.postemailnotify=1 AND\n user.userid<>{$g_user['userid']}"); while ($email = mysql_fetch_array($r_email)) { $text = ''; eval($TRegmail->GetTemplate("text"));
check_username($post['postguestname']); // override notify $post['postemailnotify'] = 0; $g_user['username'] = $config['guestprefix'] . $post['postguestname']; $post['postguestname'] = $config['guestprefix'] . addslashes($post['postguestname']); } else { $post['postguestname'] = ''; } if ($config['uppercase_prot']) { $thread['threadtopic'] = killshout($thread['threadtopic']); } // Autoclose & delete if (isset($config['auto_close']) && $config['auto_close'] > 0) { thwb_query("UPDATE " . $pref . "thread SET threadclosed = '1' WHERE threadtime < '" . (time() - ($config['auto_close'] + 1) * 86400) . "'"); } if (isset($config['auto_delete']) && $config['auto_delete'] > 0) { thwb_query("DELETE FROM " . $pref . "thread WHERE threadtime < " . (time() - $config['auto_delete'] * 86400) . ""); } // die neue nachricht abspeichern in dem topics table thwb_query("INSERT INTO " . $pref . "thread (threadtime, threadtopic, threadauthor, boardid,\n threadlastreplyby, threadiconid, threadcreationtime)\n VALUES('{$time}',\n '" . addslashes(preparse_code($thread['threadtopic'])) . "',\n '" . addslashes($g_user['username']) . "',\n '{$board['boardid']}',\n '" . addslashes($g_user['username']) . "',\n '" . intval($thread['threadiconid']) . "',\n '{$time}')"); $thread['threadid'] = mysql_insert_id(); // die neue nachricht abspeichern in dem messages table thwb_query("INSERT INTO " . $pref . "post (posttime, posttext, userid, threadid, postemailnotify, postip, postsmilies,\n postcode, postguestname)\n VALUES('{$time}',\n '" . addslashes(preparse_code($post['posttext'])) . "',\n '{$g_user['userid']}',\n '{$thread['threadid']}',\n '{$post['postemailnotify']}',\n '" . addslashes($REMOTE_ADDR) . "',\n '" . ($post['postsmilies'] ? 1 : 0) . "',\n '" . ($post['postcode'] ? 1 : 0) . "',\n '" . addslashes($post['postguestname']) . "')"); // Den topics-count-wert des board erhöhen thwb_query("UPDATE " . $pref . "board SET\n boardthreads=boardthreads+1,\n boardlastpost='{$time}',\n boardposts=boardposts+1,\n boardlastpostby='" . addslashes($g_user['username']) . "',\n boardthreadtopic='" . addslashes(preparse_code($thread['threadtopic'])) . "',\n boardthreadid={$thread['threadid']}\n WHERE boardid='{$board['boardid']}'"); if ($g_user['userid']) { // Den postings wert des postenden users erhöhen thwb_query("UPDATE " . $pref . "user SET userlastpost={$time}, userposts=userposts+1 WHERE userid='{$g_user['userid']}'"); } header("Location: " . build_link("showtopic.php?threadid={$thread['threadid']}", true)); }