function fma_filter($type, $filename, $Extension)
{
$autorise = false;
$error = "";
if ($type == "f") {
$filename = removeHack($filename);
}
$filename = preg_replace('#[/\\\\:\\*\\?"<>|]#i', '', rawurldecode($filename));
$filename = str_replace("..", "", $filename);
// Liste des extensions autorisées
$suffix = strtoLower(substr(strrchr($filename, '.'), 1));
if ($suffix != "" or $type == "d") {
if (in_array($suffix, $Extension) or $Extension[0] == "*" or $type == "d") {
// Fichiers interdits en fonction de qui est connecté
if (fma_autorise($type, $filename)) {
$autorise = true;
} else {
$error = fma_translate("Fichier interdit");
}
} else {
$error = fma_translate("Type de fichier interdit");
}
} else {
$error = fma_translate("Fichier interdit");
}
$tab[] = $autorise;
$tab[] = $error;
$tab[] = $filename;
return $tab;
}
function AddImgs($imgscat, $newcard1, $newdesc1, $newcard2, $newdesc2, $newcard3, $newdesc3, $newcard4, $newdesc4, $newcard5, $newdesc5, $user_connecte)
{
global $language, $MaxSizeImg, $MaxSizeThumb, $ModPath, $ModStart, $NPDS_Prefix, $ThisFile, $adminmail, $nuke_url, $notif_admin;
include_once "modules/upload/lang/upload.lang-{$language}.php";
include_once "modules/upload/clsUpload.php";
$newdesc1 = $newdesc1 . gal_trans(" proposé par ") . $user_connecte;
$newdesc2 = $newdesc2 . gal_trans(" proposé par ") . $user_connecte;
$newdesc3 = $newdesc3 . gal_trans(" proposé par ") . $user_connecte;
$newdesc4 = $newdesc4 . gal_trans(" proposé par ") . $user_connecte;
$newdesc5 = $newdesc5 . gal_trans(" proposé par ") . $user_connecte;
$year = date("Y");
$month = date("m");
$day = date("d");
$hour = date("H");
$min = date("i");
$sec = date("s");
echo '<h4 class="breadcrumb"><a href="' . $ThisFile . '">' . gal_trans("Accueil") . '</a></h4>';
echo '<p>' . gal_trans("Proposer des images") . '</p>';
echo "<ul>";
$soumission = false;
$i = 1;
while ($i <= 5) {
$img = "newcard{$i}";
$tit = "newdesc{$i}";
if (!empty(${$img})) {
$newimg = stripslashes(removeHack(${$img}));
if (!empty(${$tit})) {
$newtit = addslashes(removeHack(${$tit}));
} else {
$newtit = "";
}
$upload = new Upload();
$upload->maxupload_size = 200000 * 100;
$origin_filename = trim($upload->getFileName("newcard" . $i));
$filename_ext = strtolower(substr(strrchr($origin_filename, "."), 1));
if ($filename_ext == "jpg" or $filename_ext == "gif") {
$newfilename = $year . $month . $day . $hour . $min . $sec . "-" . $i . "." . $filename_ext;
if ($upload->saveAs($newfilename, "modules/{$ModPath}/imgs/", "newcard" . $i, true)) {
if (function_exists('gd_info') or extension_loaded('gd')) {
@CreateThumb($newfilename, "modules/{$ModPath}/imgs/", "modules/{$ModPath}/imgs/", $MaxSizeImg, $filename_ext);
@CreateThumb($newfilename, "modules/{$ModPath}/imgs/", "modules/{$ModPath}/mini/", $MaxSizeThumb, $filename_ext);
}
if (sql_query("INSERT INTO " . $NPDS_Prefix . "tdgal_img VALUES ('','{$imgscat}','{$newfilename}','{$newtit}','','0','1')")) {
echo "<li>" . gal_trans("Photo envoyée avec succès, elle sera traitée par le webmaster") . " : {$origin_filename}</li>";
$soumission = true;
} else {
echo "<li><span class=\"text-danger\">" . gal_trans("Impossible d'ajouter l'image en BDD") . " : {$origin_filename}</span></li>";
@unlink("modules/{$ModPath}/imgs/{$newfilename}");
@unlink("modules/{$ModPath}/mini/{$newfilename}");
}
} else {
echo "<li><span class=\"text-danger\">" . $upload->errors . "</span></li>";
}
} else {
if ($filename_ext != "") {
echo "<li><span class=\"text-danger\">" . gal_trans("Ce fichier n'est pas un fichier jpg ou gif") . " : {$origin_filename}</span></li>";
}
}
}
$i++;
}
echo "</ul>";
if ($notif_admin and $soumission) {
$subject = gal_trans("Nouvelle soumission de Photos");
$message = gal_trans("Des photos viennent d'être proposées dans la galerie photo du site ") . $nuke_url . gal_trans(" par ") . $user_connecte;
send_email($adminmail, $subject, $message, "", true, "html");
}
}
function links_search($query, $topicL, $min, $max, $offset)
{
global $ModPath, $ModStart, $links_DB;
include "header.php";
mainheader();
$filen = "modules/{$ModPath}/links.ban_02.php";
if (file_exists($filen)) {
include $filen;
}
$query = removeHack(stripslashes(htmlspecialchars($query, ENT_QUOTES, cur_charset)));
// Romano et NoSP
if ($topicL != '') {
$result = sql_query("SELECT lid, url, title, description, date, hits, topicid_card, cid, sid from " . $links_DB . "links_links WHERE topicid_card='{$topicL}' AND (title LIKE '%{$query}%' OR description LIKE '%{$query}%') ORDER BY lid ASC LIMIT {$min},{$offset}");
} else {
$result = sql_query("SELECT lid, url, title, description, date, hits, topicid_card, cid, sid from " . $links_DB . "links_links WHERE title LIKE '%{$query}%' OR description LIKE '%{$query}%' ORDER BY lid ASC LIMIT {$min},{$offset}");
}
if ($result) {
$link_fiche_detail = '';
include_once "modules/{$ModPath}/links-view.php";
$prev = $min - $offset;
if ($prev >= 0) {
echo "{$min} <a href=\"modules.php?ModPath={$ModPath}&ModStart={$ModStart}&op=search&min={$prev}&query={$query}&topicL={$topicL}\" class=\"noir\">";
echo translate("previous matches") . "</a> ";
}
if ($x >= $offset - 1) {
echo "<a href=\"modules.php?ModPath={$ModPath}&ModStart={$ModStart}&op=search&min={$max}&query={$query}&topicL={$topicL}\" class=\"noir\">";
echo translate("next matches") . "</a>";
}
}
include "footer.php";
}
function insertChat($username, $message, $dbname, $id)
{
global $NPDS_Prefix;
if ($message != '') {
$username = removeHack(stripslashes(FixQuotes(strip_tags(trim($username)))));
$message = removeHack(stripslashes(FixQuotes(strip_tags(trim($message)))));
$ip = getip();
settype($id, 'integer');
settype($dbname, 'integer');
$result = sql_query("INSERT INTO " . $NPDS_Prefix . "chatbox VALUES ('" . $username . "', '" . $ip . "', '" . $message . "', '" . time() . "', '{$id}', " . $dbname . ")");
}
}
}
if (user_is_moderator($userdata[0], $userdata[2], $forum_access) < 2) {
forumerror('0036');
}
}
$userdata = get_userdata($userdata[1]);
if ($allow_html == 0 || isset($html)) {
$message = htmlspecialchars($message, ENT_COMPAT | ENT_HTML401, cur_charset);
}
if ($allow_bbcode == 1 and $forum_type != "6" and $forum_type != "5") {
$message = smile($message);
}
if ($forum_type != 6 and $forum_type != 5) {
$message = make_clickable($message);
$message = aff_code($message);
$message = str_replace("\n", "<br />", removeHack($message));
$message .= '<div class="text-muted text-xs-right small"><i class="fa fa-edit"></i> ' . translate("This message was edited by") . " : " . $userdata['uname'] . " / " . post_convertdate(time() + $gmt * 3600) . "</div>";
} else {
$message .= "\n\n" . translate("This message was edited by") . " : " . $userdata['uname'] . " / " . post_convertdate(time() + $gmt * 3600);
}
$message = addslashes($message);
if ($subject == "") {
$subject = translate("Untitled");
}
// Forum ARBRE
if ($arbre) {
$hrefX = "viewtopicH.php";
} else {
$hrefX = "viewtopic.php";
}
if (!isset($delete)) {
function SaveSetReseaux($ModPath, $ModStart)
{
global $cookie;
$li_rs = '';
foreach ($_POST['rs'] as $v1) {
if ($v1['uid'] !== '') {
$li_rs .= $v1['id'] . '|' . $v1['uid'] . ';';
}
}
$li_rs = rtrim($li_rs, ';');
$li_rs = removeHack(stripslashes(FixQuotes($li_rs)));
sql_query("UPDATE " . $NPDS_Prefix . "users_extend SET M2='{$li_rs}' WHERE uid='{$cookie['0']}'");
Header("Location: modules.php?&ModPath={$ModPath}&ModStart={$ModStart}");
}
@unlink("modules/{$ModPath}/locks/{$page}-vgp-{$groupe}.txt");
$mess = wspad_trans("révision") . " " . ($row['ranq'] + 1) . " " . wspad_trans("sauvegardée");
break;
case "supp":
$auteur = removeHack(stripslashes(FixQuotes($auteur)));
$result = sql_query("DELETE FROM " . $NPDS_Prefix . "wspad WHERE page='{$page}' AND member='{$groupe}' AND ranq='{$ranq}'");
sql_query("UPDATE " . $NPDS_Prefix . "wspad SET verrou='' WHERE verrou='{$auteur}'");
break;
case "suppdoc":
settype($member, 'integer');
$result = sql_query("DELETE FROM " . $NPDS_Prefix . "wspad WHERE page='{$page}' AND member='{$member}'");
@unlink("modules/{$ModPath}/locks/{$page}-vgp-{$groupe}.txt");
break;
case "renomer":
// Filtre les caractères interdits dans les noms de pages
$newpage = preg_replace('#[^a-zA-Z0-9\\s\\_\\.\\-]#i', '_', removeHack(stripslashes(urldecode($newpage))));
settype($member, 'integer');
$result = sql_query("UPDATE " . $NPDS_Prefix . "wspad SET page='{$newpage}', verrou='' WHERE page='{$page}' AND member='{$member}'");
@unlink("modules/{$ModPath}/locks/{$page}-vgp-{$groupe}.txt");
break;
case "conv_new":
$row = sql_fetch_assoc(sql_query("SELECT content FROM " . $NPDS_Prefix . "wspad WHERE page='{$page}' AND member='{$groupe}' AND ranq='{$ranq}'"));
$date_debval = date("Y-d-m H:i:s", time());
$deb_year = substr($date_debval, 0, 4);
$date_finval = $deb_year + 99 . "-01-01 00:00:00";
$result = sql_query("INSERT INTO " . $NPDS_Prefix . "queue VALUES (NULL, {$cookie['0']}, '{$auteur}', '{$page}', '" . FixQuotes($row['content']) . "', '', now(), '','{$date_debval}','{$date_finval}','0')");
break;
}
// For IE ----------------------
header("X-UA-Compatible: IE=8");
// For IE ----------------------
function SendSite($yname, $ymail, $fname, $fmail, $asb_question, $asb_reponse)
{
global $user;
if (!$user) {
//anti_spambot
if (!R_spambot($asb_question, $asb_reponse, "")) {
Ecr_Log('security', "Friend Anti-Spam : name=" . $yname . " / mail=" . $ymail, '');
redirect_url("index.php");
die;
}
}
global $sitename, $nuke_url;
$subject = translate("Interesting Site:") . " {$sitename}";
$fname = removeHack($fname);
$message = translate("Hello") . " {$fname} :\n\n" . translate("Your Friend") . " {$yname} " . translate("considered our site") . " {$sitename} " . translate("interesting and wanted to send it to you.") . "\n\n{$sitename} : <a href=\"{$nuke_url}\">{$nuke_url}</a>\n\n";
include "signat.php";
$fmail = removeHack($fmail);
$subject = removeHack($subject);
$message = removeHack($message);
$yname = removeHack($yname);
$ymail = removeHack($ymail);
$stop = false;
if (!$fmail || $fmail == '' || !preg_match('#^[_\\.0-9a-z-]+@[0-9a-z-\\.]+\\.+[a-z]{2,4}$#i', $fmail)) {
$stop = true;
}
if (!$ymail || $ymail == '' || !preg_match('#^[_\\.0-9a-z-]+@[0-9a-z-\\.]+\\.+[a-z]{2,4}$#i', $ymail)) {
$stop = true;
}
if (!$stop) {
send_email($fmail, $subject, $message, $ymail, false, 'html');
} else {
$fname = '';
}
Header("Location: friend.php?op=SiteSent&fname={$fname}");
}
list($catid) = sql_fetch_row($result);
// vérifie que le Topic existe : sinon met le Topic générique
$topic = decryptK(removeHack($Xtopic), $tmp['KEY']);
$result = sql_query("select topicid from " . $NPDS_Prefix . "topics where topictext='" . addslashes($topic) . "'");
list($topicid) = sql_fetch_row($result);
// OK on fait la mise à jour
if ($pasfinA and $pasfinB) {
$subject = decryptK(removeHack($Xsubject), $tmp['KEY']);
$hometext = decryptK(removeHack($Xhometext), $tmp['KEY']);
$bodytext = decryptK(removeHack($Xbodytext), $tmp['KEY']);
$notes = decryptK(removeHack($Xnotes), $tmp['KEY']);
$ihome = decryptK(removeHack($Xihome), $tmp['KEY']);
$date_finval = decryptK(removeHack($Xdate_finval), $tmp['KEY']);
$epur = decryptK(removeHack($Xepur), $tmp['KEY']);
// autonews ou pas ?
$date_debval = decryptK(removeHack($Xdate_debval), $tmp['KEY']);
if ($date_debval == "") {
$result = sql_query("insert into " . $NPDS_Prefix . "stories values (NULL, '{$catid}', '{$aid}', '{$subject}', now(), '{$hometext}', '{$bodytext}', '0', '0', '{$topicid}', '{$author}', '{$notes}', '{$ihome}', '0', '{$date_finval}','{$epur}')");
Ecr_Log("security", "Cluster Paradise : insert_stories ({$subject} - {$date_finval}) by AID : {$aid}", "");
// Réseaux sociaux
if (file_exists('modules/npds_twi/npds_to_twi.php')) {
include 'modules/npds_twi/npds_to_twi.php';
}
if (file_exists('modules/npds_fbk/npds_to_fbk.php')) {
include 'modules/npds_twi/npds_to_fbk.php';
}
// Réseaux sociaux
} else {
$result = sql_query("insert into " . $NPDS_Prefix . "autonews values (NULL, '{$catid}', '{$aid}', '{$subject}', now(), '{$hometext}', '{$bodytext}', '{$topicid}', '{$author}', '{$notes}', '{$ihome}','{$date_debval}','{$date_finval}','{$epur}')");
Ecr_Log("security", "Cluster Paradise : insert_autonews ({$subject} - {$date_debval} - {$date_finval}) by AID : {$aid}", "");
}
function submitStory($subject, $story, $bodytext, $topic, $date_debval, $date_finval, $epur, $asb_question, $asb_reponse)
{
global $user, $EditedMessage, $anonymous, $notify, $NPDS_Prefix;
if ($user) {
global $cookie;
$uid = $cookie[0];
$name = $cookie[1];
} else {
$uid = -1;
$name = $anonymous;
//anti_spambot
if (!R_spambot($asb_question, $asb_reponse, "")) {
Ecr_Log("security", "Submit Anti-Spam : name=" . $yname . " / mail=" . $ymail, "");
redirect_url("index.php");
die;
}
}
$subject = removeHack(stripslashes(FixQuotes(str_replace("\"", """, strip_tags($subject)))));
$story = removeHack(stripslashes(FixQuotes($story)));
$bodytext = removeHack(stripslashes(FixQuotes($bodytext)));
$result = sql_query("INSERT INTO " . $NPDS_Prefix . "queue VALUES (NULL, '{$uid}', '{$name}', '{$subject}', '{$story}', '{$bodytext}', now(), '{$topic}','{$date_debval}','{$date_finval}','{$epur}')");
if (sql_last_id()) {
if ($notify) {
global $notify_email, $notify_subject, $notify_message, $notify_from;
send_email($notify_email, $notify_subject, $notify_message, $notify_from, false, "text");
}
include 'header.php';
echo '<h2>' . translate("Submit News") . '</h2>';
echo '<p class="lead text-info">' . translate("Thanks for your submission.") . '</p>';
include 'footer.php';
} else {
include 'header.php';
echo sql_error();
include 'footer.php';
}
}
if ($message == '') {
forumerror('0019');
}
if ($allow_html == 0 || isset($html)) {
$message = htmlspecialchars($message, ENT_COMPAT | ENT_HTML401, cur_charset);
}
if ($sig) {
$message .= '<br /><br />' . $userdata['user_sig'];
}
$message = aff_code($message);
$message = str_replace('\\n', '<br />', $message);
if ($allow_bbcode) {
$message = smile($message);
}
$message = make_clickable($message);
$message = removeHack(addslashes($message));
$time = date(translate("dateinternal"), time() + $gmt * 3600);
include_once "language/lang-multi.php";
if (strstr($to_user, ',')) {
$tempo = explode(',', $to_user);
while (list(, $to_user) = each($tempo)) {
$res = sql_query("SELECT uid, user_langue FROM " . $NPDS_Prefix . "users WHERE uname='{$to_user}'");
list($to_userid, $user_langue) = sql_fetch_row($res);
if ($to_userid != "" and $to_userid != 1) {
$sql = "INSERT INTO " . $NPDS_Prefix . "priv_msgs (msg_image, subject, from_userid, to_userid, msg_time, msg_text) ";
$sql .= "VALUES ('{$image}', '{$subject}', '" . $userdata['uid'] . "', '{$to_userid}', '{$time}', '{$message}')";
if (!($result = sql_query($sql))) {
forumerror('0020');
}
if ($copie) {
$sql = "INSERT INTO " . $NPDS_Prefix . "priv_msgs (msg_image, subject, from_userid, to_userid, msg_time, msg_text, type_msg, read_msg) ";
<a href="#" class="list-group-item disabled">
<h3>' . translate("Categories") . '<span class="label label-default label-pill pull-xs-right">' . sql_num_rows($result) . '</span></h3></a>';
while (list($id_cat, $categories) = sql_fetch_row($result)) {
$catname = urlencode(aff_langue($categories));
echo '<a class="list-group-item" href="faq.php?id_cat=' . $id_cat . '&myfaq=yes&categories=' . $catname . '"><h4 class="list-group-item-heading">' . aff_langue($categories) . '</h4></a>';
}
echo '</div>';
}
if ($SuperCache) {
$cache_obj->endCachingPage();
}
include "footer.php";
} else {
$title = "FAQ : " . removeHack(StripSlashes($categories));
include "header.php";
// Include cache manager
if ($SuperCache) {
$cache_obj = new cacheManager();
$cache_obj->startCachingPage();
} else {
$cache_obj = new SuperCacheEmpty();
}
if ($cache_obj->genereting_output == 1 or $cache_obj->genereting_output == -1 or !$SuperCache) {
ShowFaq($id_cat, removeHack($categories));
ShowFaqAll($id_cat);
}
if ($SuperCache) {
$cache_obj->endCachingPage();
}
include "footer.php";
}
}
if ($Titlesitename == "") {
$Titlesitename = $sitename;
}
// globalisation de la variable title pour marquetapage mais protection pour la zone admin
if ($pages_ref != "admin.php") {
global $title;
}
if (!$title) {
if ($fin_title == "+" or $fin_title == "-") {
$title = $TitlesitenameX;
} else {
$title = aff_langue(substr($PAGES[$pages_ref]['title'], 0, strlen($PAGES[$pages_ref]['title'])));
}
} else {
$title = removeHack($title);
}
// meta description
settype($m_description, 'string');
if (array_key_exists('meta-description', $PAGES[$pages_ref]) and $m_description == '') {
$m_description = aff_langue($PAGES[$pages_ref]['meta-description']);
}
// meta keywords
settype($m_keywords, 'string');
if (array_key_exists('meta-keywords', $PAGES[$pages_ref]) and $m_keywords == '') {
$m_keywords = aff_langue($PAGES[$pages_ref]['meta-keywords']);
}
}
// Initialisation de TinyMce
global $tiny_mce, $tiny_mce_theme, $tiny_mce_relurl;
if ($tiny_mce) {
function PrintPage($oper, $DB, $nl, $sid)
{
global $user, $cookie, $theme, $Default_Theme, $language, $site_logo, $sitename, $datetime, $nuke_url, $site_font, $Titlesitename;
global $NPDS_Prefix;
$aff = true;
if ($oper == 'news') {
$xtab = news_aff('libre', "where sid='{$sid}'", 1, 1);
list($sid, $catid, $aid, $title, $time, $hometext, $bodytext, $comments, $counter, $topic, $informant, $notes) = $xtab[0];
if ($topic != '') {
$result2 = sql_query("SELECT topictext FROM " . $NPDS_Prefix . "topics WHERE topicid='{$topic}'");
list($topictext) = sql_fetch_row($result2);
} else {
$aff = false;
}
}
if ($oper == 'archive') {
$xtab = news_aff('archive', "WHERE sid='{$sid}'", 1, 1);
list($sid, $catid, $aid, $title, $time, $hometext, $bodytext, $comments, $counter, $topic, $informant, $notes) = $xtab[0];
if ($topic != '') {
$result2 = sql_query("SELECT topictext FROM " . $NPDS_Prefix . "topics WHERE topicid='{$topic}'");
list($topictext) = sql_fetch_row($result2);
} else {
$aff = false;
}
}
if ($oper == 'links') {
$DB = removeHack(stripslashes(htmlentities(urldecode($DB), ENT_NOQUOTES, cur_charset)));
$result = sql_query("SELECT url, title, description, date FROM " . $DB . "links_links WHERE lid='{$sid}'");
list($url, $title, $description, $time) = sql_fetch_row($result);
$title = stripslashes($title);
$description = stripslashes($description);
}
if ($oper == 'static') {
if (preg_match('#^[a-z0-9_\\.-]#i', $sid) and !stristr($sid, ".*://") and !stristr($sid, "..") and !stristr($sid, "../") and !stristr($sid, 'script') and !stristr($sid, "cookie") and !stristr($sid, 'iframe') and !stristr($sid, 'applet') and !stristr($sid, 'object') and !stristr($sid, 'meta')) {
if (file_exists("static/{$sid}")) {
ob_start();
include "static/{$sid}";
$remp = ob_get_contents();
ob_end_clean();
if ($DB) {
$remp = meta_lang(aff_code(aff_langue($remp)));
}
if ($nl) {
$remp = nl2br(str_replace(' ', ' ', htmlentities($remp, ENT_QUOTES, cur_charset)));
}
$title = $sid;
} else {
$aff = false;
}
} else {
$remp = '<div class="alert alert-danger">' . translate("Please enter information according to the specifications") . '</div>';
$aff = false;
}
}
if ($aff == true) {
$Titlesitename = 'NPDS - ' . translate("Printer Friendly Page") . ' / ' . $title;
if (isset($time)) {
formatTimestamp($time);
}
include "meta/meta.php";
if (isset($user)) {
if ($cookie[9] == '') {
$cookie[9] = $Default_Theme;
}
if (isset($theme)) {
$cookie[9] = $theme;
}
$tmp_theme = $cookie[9];
if (!($file = @opendir("themes/{$cookie['9']}"))) {
$tmp_theme = $Default_Theme;
}
} else {
$tmp_theme = $Default_Theme;
}
echo '
<link rel="stylesheet" href="lib/bootstrap/dist/css/bootstrap.min.css" />';
echo import_css($tmp_theme, $language, $site_font, '', '');
echo '
</head>
<body>
<div max-width="640" class="container p-1 n-hyphenate">
<div>';
$pos = strpos($site_logo, '/');
if ($pos) {
echo '<img class="img-fluid d-block mx-auto" src="' . $site_logo . '" alt="website logo" />';
} else {
echo '<img class="img-fluid d-block mx-auto" src="images/' . $site_logo . '" alt="website logo" />';
}
echo '
<h1 class="d-block text-xs-center my-2">' . aff_langue($title) . '</h1>';
if ($oper == 'news' or $oper == 'archive') {
$hometext = meta_lang(aff_code(aff_langue($hometext)));
$bodytext = meta_lang(aff_code(aff_langue($bodytext)));
echo '
<span class="float-xs-right text-capitalize" style="font-size: .8rem;"> ' . $datetime . '</span><br />
<hr />
<h2 class="mb-1">' . translate("Topic:") . ' ' . aff_langue($topictext) . '</h2>
</div>
<div>' . $hometext . '<br /><br />';
if ($bodytext != '') {
echo $bodytext . '<br /><br />';
}
echo meta_lang(aff_code(aff_langue($notes)));
echo '
</div>';
if ($oper == 'news') {
echo '
<hr />
<p class="text-xs-center">' . translate("This article comes from") . ' ' . $sitename . '<br />
' . translate("The URL for this story is:") . '
<a href="' . $nuke_url . '/article.php?sid=' . $sid . '">' . $nuke_url . '/article.php?sid=' . $sid . '</a>
</p>';
} else {
echo '
<hr />
<p class="text-xs-center">' . translate("This article comes from") . ' ' . $sitename . '<br />
' . translate("The URL for this story is:") . '
<a href="' . $nuke_url . '/article.php?sid=' . $sid . '&archive=1">' . $nuke_url . '/article.php?sid=' . $sid . '&archive=1</a>
</p>';
}
}
if ($oper == 'links') {
echo '<span class="float-xs-right text-capitalize" style="font-size: .8rem;">' . $datetime . '</span><br /><hr />';
if ($url != '') {
echo '<h2 class="mb-1">' . translate("Links") . ' : ' . $url . '</h2>';
}
echo '
<div>' . aff_langue($description) . '</div>
<hr />
<p class="text-xs-center">' . translate("This article comes from") . ' ' . $sitename . '<br />
<a href="' . $nuke_url . '">' . $nuke_url . '</a></p>';
}
if ($oper == 'static') {
echo '
<div>
' . $remp . '
</div>
<hr />
<p class="text-xs-center">' . translate("This article comes from") . ' ' . $sitename . '<br />
<a href="' . $nuke_url . '/static.php?op=' . $sid . '&npds=1">' . $nuke_url . '/static.php?op=' . $sid . '&npds=1</a></p>';
}
echo '
</div>
</body>
</html>';
} else {
header("location: index.php");
}
}
$content .= "</tbody>\n</table>\n";
$content .= "\n<script type=\"text/javascript\">\n //<![CDATA[\n tog('lst_fav','show_fav','hide_fav');\n //]]>\n </script>\n";
}
global $block_title;
$uri = urlencode($REQUEST_URI);
if ($post) {
$title .= "/" . $post;
}
if ($title == "") {
$title_MTP = basename(urldecode($uri));
} else {
$title_MTP = $title;
}
$boxTitle = "<span><a href=\"modules.php?ModPath=marquetapage&ModStart=marquetapage&op=add&uri={$uri}&topic=" . urlencode($title_MTP) . "\"><img src=\"{$add}\" name=\"image\" onmouseover=\"image.src='{$addj}';\" onmouseout=\"image.src='{$add}';\" border=\"0\" style=\"vertical-align:middle\" alt=\"" . translate("Add") . " " . translate("favourite") . "\" title=\"" . translate("Add") . " " . translate("favourite") . "\" /></a></span>";
if ($block_title == "") {
$boxTitle .= " MarqueTaPage " . $tmp_toggle;
} else {
$boxTitle .= " " . $block_title . " " . $tmp_toggle;
}
themesidebox($boxTitle, $content);
}
}
if ($op == "add") {
marquetapage_add(removeHack($uri), removeHack($topic), "ad_tapage");
}
if ($op == "supp") {
marquetapage_add(removeHack($uri), "", "sp_tapage");
}
if ($op == "supp_all") {
marquetapage_add(removeHack($uri), "", "sp_tespages");
}
}
if (!isset($max)) {
$max = $min + $offset;
}
if (!isset($member)) {
$member = '';
}
if (!isset($query)) {
$query_title = '';
$query_body = '';
$query = $query_body;
$limit = " LIMIT 0, {$limit_full_search}";
} else {
$query_title = removeHack(stripslashes(urldecode($query)));
// electrobug
$query_body = removeHack(stripslashes(htmlentities(urldecode($query), ENT_NOQUOTES, cur_charset)));
// electrobug
$query = $query_body;
$limit = '';
}
include "header.php";
if ($topic > 0) {
$result = sql_query("SELECT topicimage, topictext FROM " . $NPDS_Prefix . "topics WHERE topicid='{$topic}'");
list($topicimage, $topictext) = sql_fetch_row($result);
} else {
$topictext = translate("All Topics");
$topicimage = "all-topics.gif";
}
settype($type, 'string');
if ($type == "users") {
echo '<h2>' . translate("Search in Users Database") . '</h2>';
function savejournal($uid, $journal, $datetime)
{
global $NPDS_Prefix;
global $user;
$cookie = cookiedecode($user);
$result = sql_query("SELECT uid FROM " . $NPDS_Prefix . "users WHERE uname='{$cookie['1']}'");
list($vuid) = sql_fetch_row($result);
if ($uid == $vuid) {
$journal = removeHack(stripslashes(FixQuotes($journal)));
if ($datetime) {
$journalentry = $journal;
$journalentry .= "<br /><br />";
global $gmt;
$journalentry .= date(translate("dateinternal"), time() + $gmt * 3600);
sql_query("UPDATE " . $NPDS_Prefix . "users SET user_journal='{$journalentry}' WHERE uid='{$uid}'");
} else {
sql_query("UPDATE " . $NPDS_Prefix . "users SET user_journal='{$journal}' WHERE uid='{$uid}'");
}
$userinfo = getusrinfo($user);
Header("Location: user.php");
} else {
Header("Location: index.php");
}
}
}
$size = sizeof($terms);
for ($i = 1; $i < $size; $i++) {
$addquery .= " {$andor} (p.post_text LIKE '%{$terms[$i]}%' OR strcmp(soundex(p.post_text), soundex('{$terms[$i]}'))=0)";
}
$addquery .= ")";
}
if (isset($forum) && $forum != "all") {
if (isset($addquery)) {
$addquery .= " AND p.forum_id='{$forum}' AND f.forum_id='{$forum}'";
} else {
$addquery .= " p.forum_id='{$forum}' AND f.forum_id='{$forum}'";
}
}
if (isset($username) && $username != "") {
$username = removeHack(stripslashes(htmlspecialchars(urldecode($username), ENT_QUOTES, cur_charset)));
// electrobug
if (!($result = sql_query("SELECT uid FROM " . $NPDS_Prefix . "users WHERE uname='{$username}'"))) {
forumerror(01);
}
list($userid) = sql_fetch_row($result);
if (isset($addquery)) {
$addquery .= " AND p.poster_id='{$userid}' AND u.uname='{$username}'";
} else {
$addquery = " p.poster_id='{$userid}' AND u.uname='{$username}'";
}
}
if (!$user) {
if (!isset($addquery)) {
$addquery = "";
}
}
if (isset($sig) && $userdata['uid'] != 1) {
$message .= " [addsig]";
}
if ($forum_type != "6" and $forum_type != "5") {
$message = aff_code($message);
$message = str_replace("\n", "<br />", $message);
}
if ($allow_bbcode == 1 and $forum_type != "6" and $forum_type != "5") {
$message = smile($message);
}
if ($forum_type != "6" and $forum_type != "5") {
$message = make_clickable($message);
$message = removeHack($message);
}
$image_subject = removeHack($image_subject);
$message = addslashes($message);
$time = date("Y-m-d H:i:s", time() + $gmt * 3600);
$sql = "INSERT INTO " . $NPDS_Prefix . "posts (post_idH, topic_id, image, forum_id, poster_id, post_text, post_time, poster_ip, poster_dns) VALUES ('0', '{$topic}', '{$image_subject}', '{$forum}', '" . $userdata['uid'] . "', '{$message}', '{$time}', '{$poster_ip}', '{$hostname}')";
if (!($result = sql_query($sql))) {
forumerror('0020');
} else {
$IdPost = sql_last_id();
}
$sql = "UPDATE " . $NPDS_Prefix . "forumtopics SET topic_time = '{$time}', current_poster = '" . $userdata['uid'] . "' WHERE topic_id = '{$topic}'";
if (!($result = sql_query($sql))) {
forumerror('0020');
}
$sql = "UPDATE " . $NPDS_Prefix . "forum_read SET status='0' where topicid = '{$topic}' and uid <> '" . $userdata['uid'] . "'";
if (!($r = sql_query($sql))) {
forumerror('0001');
function PrintPage($oper, $DB, $nl, $sid)
{
global $user, $cookie, $theme, $Default_Theme, $language, $site_logo, $sitename, $datetime, $nuke_url, $site_font, $Titlesitename;
global $NPDS_Prefix;
$aff = true;
if ($oper == 'news') {
$xtab = news_aff("libre", "where sid='{$sid}'", 1, 1);
list($sid, $catid, $aid, $title, $time, $hometext, $bodytext, $comments, $counter, $topic, $informant, $notes) = $xtab[0];
if ($topic != '') {
$result2 = sql_query("SELECT topictext FROM " . $NPDS_Prefix . "topics WHERE topicid='{$topic}'");
list($topictext) = sql_fetch_row($result2);
} else {
$aff = false;
}
}
if ($oper == 'archive') {
$xtab = news_aff("archive", "WHERE sid='{$sid}'", 1, 1);
list($sid, $catid, $aid, $title, $time, $hometext, $bodytext, $comments, $counter, $topic, $informant, $notes) = $xtab[0];
if ($topic != "") {
$result2 = sql_query("SELECT topictext FROM " . $NPDS_Prefix . "topics WHERE topicid='{$topic}'");
list($topictext) = sql_fetch_row($result2);
} else {
$aff = false;
}
}
if ($oper == "links") {
$DB = removeHack(stripslashes(htmlentities(urldecode($DB), ENT_NOQUOTES, cur_charset)));
$result = sql_query("SELECT url, title, description, date FROM " . $DB . "links_links WHERE lid='{$sid}'");
list($url, $title, $description, $time) = sql_fetch_row($result);
$title = stripslashes($title);
$description = stripslashes($description);
}
if ($oper == "static") {
if (preg_match('#^[a-z0-9_\\.-]#i', $sid) and !stristr($sid, ".*://") and !stristr($sid, "..") and !stristr($sid, "../") and !stristr($sid, "script") and !stristr($sid, "cookie") and !stristr($sid, "iframe") and !stristr($sid, "applet") and !stristr($sid, "object") and !stristr($sid, "meta")) {
if (file_exists("static/{$sid}")) {
ob_start();
include "static/{$sid}";
$remp = ob_get_contents();
ob_end_clean();
if ($DB) {
$remp = meta_lang(aff_code(aff_langue($remp)));
}
if ($nl) {
$remp = nl2br(str_replace(" ", " ", htmlentities($remp, ENT_QUOTES, cur_charset)));
}
$title = $sid;
} else {
$aff = false;
}
} else {
$remp = "<p align=\"center\" class=\"rouge\">" . translate("Please enter information according to the specifications") . "</p><br />";
$aff = false;
}
}
if ($aff == true) {
$Titlesitename = "NPDS - " . translate("Printer Friendly Page") . " / " . $title;
if (isset($time)) {
formatTimestamp($time);
}
include "meta/meta.php";
if (isset($user)) {
if ($cookie[9] == "") {
$cookie[9] = $Default_Theme;
}
if (isset($theme)) {
$cookie[9] = $theme;
}
$tmp_theme = $cookie[9];
if (!($file = @opendir("themes/{$cookie['9']}"))) {
$tmp_theme = $Default_Theme;
}
} else {
$tmp_theme = $Default_Theme;
}
echo import_css($tmp_theme, $language, $site_font, "", "");
echo "\n </head>\n <body style=\"background-color: #FFFFFF; background-image: none;\">\n <table border=\"0\"><tr><td>\n <table border=\"0\" width=\"640\" cellpadding=\"0\" cellspacing=\"1\" style=\"background-color: #000000;\"><tr><td>\n <table border=\"0\" width=\"640\" cellpadding=\"20\" cellspacing=\"1\" style=\"background-color: #FFFFFF;\"><tr><td>";
echo "<p align=\"center\">";
$pos = strpos($site_logo, "/");
if ($pos) {
echo "<img src=\"{$site_logo}\" border=\"0\" alt=\"\" />";
} else {
echo "<img src=\"images/{$site_logo}\" border=\"0\" alt=\"\" />";
}
echo "<br /><br /><b>" . aff_langue($title) . "</b><br /><br />";
if ($oper == "news" or $oper == "archive") {
$hometext = meta_lang(aff_code(aff_langue($hometext)));
$bodytext = meta_lang(aff_code(aff_langue($bodytext)));
echo "<span style=\"font-size: 10px;\"><b>" . translate("Date:") . "</b> {$datetime} :: <b>" . translate("Topic:") . "</b> " . aff_langue($topictext) . "<br /><br />\n </span></p>{$hometext}<br /><br />";
if ($bodytext != '') {
echo "{$bodytext}<br /><br />";
}
echo meta_lang(aff_code(aff_langue($notes)));
if ($oper == "news") {
echo "</td></tr><tr><td><br /><br /><br /><hr noshade=\"noshade\" class=\"ongl\" /><br />\n <p align=\"center\">" . translate("This article comes from") . " {$sitename}<br /><br />\n " . translate("The URL for this story is:") . "\n <a href=\"{$nuke_url}/article.php?sid={$sid}\">{$nuke_url}/article.php?sid={$sid}</a></p>";
} else {
echo "</td></tr><tr><td><br /><br /><br /><hr noshade=\"noshade\" class=\"ongl\" /><br />\n <p align=\"center\">" . translate("This article comes from") . " {$sitename}<br /><br />\n " . translate("The URL for this story is:") . "\n <a href=\"{$nuke_url}/article.php?sid={$sid}&archive=1\">{$nuke_url}/article.php?sid={$sid}&archive=1</a></p>";
}
}
if ($oper == "links") {
echo "<span style=\"font-size: 10px;\"><b>" . translate("Date:") . "</b> {$datetime}";
if ($url != "") {
echo " :: <b>" . translate("Links") . " : </b> {$url}<br /><br />";
}
echo "</span></p>" . aff_langue($description);
echo "</td></tr><tr><td><br /><br /><br /><hr noshade=\"noshade\" class=\"ongl\" /><br />\n <p align=\"center\">" . translate("This article comes from") . " {$sitename}<br /><br />\n <a href=\"{$nuke_url}\">{$nuke_url}</a></p>";
}
if ($oper == "static") {
echo "</p><span style=\"font-size: 10px;\">" . $remp . "</span>";
echo "</td></tr><tr><td><br /><br /><br /><hr noshade=\"noshade\" class=\"ongl\" /><br />\n <p align=\"center\">" . translate("This article comes from") . " {$sitename}<br /><br />\n <a href=\"{$nuke_url}/static.php?op={$sid}&npds=1\">{$nuke_url}/static.php?op={$sid}&npds=1</a></p>";
}
echo "</td></tr></table></td></tr></table></td></tr></table></body></html>";
} else {
header("location: index.php");
}
}
//]]>
</script>';
}
global $block_title;
$uri = urlencode($REQUEST_URI);
if ($post) {
$title .= "/" . $post;
}
if ($title == '') {
$title_MTP = basename(urldecode($uri));
} else {
$title_MTP = $title;
}
$boxTitle = '<span><a href="modules.php?ModPath=marquetapage&ModStart=marquetapage&op=add&uri=' . $uri . '&topic=' . urlencode($title_MTP) . '"><i class="fa fa-bookmark-o " title="' . translate("Add") . ' ' . translate("favourite") . '" data-toggle="tooltip"></i></a></span>';
if ($block_title == '') {
$boxTitle .= ' MarqueTaPage';
} else {
$boxTitle .= ' ' . $block_title;
}
themesidebox($boxTitle, $content);
}
}
if ($op == 'add') {
marquetapage_add(removeHack($uri), removeHack($topic), 'ad_tapage');
}
if ($op == 'supp') {
marquetapage_add(removeHack($uri), '', 'sp_tapage');
}
if ($op == 'supp_all') {
marquetapage_add(removeHack($uri), '', 'sp_tespages');
}
$message .= " [addsig]";
}
if ($myrow['forum_type'] != 6 and $myrow['forum_type'] != 5) {
$message = aff_code($message);
$message = str_replace("\n", "<br />", $message);
}
if ($allow_bbcode and $myrow['forum_type'] != 6 and $myrow['forum_type'] != 5) {
$message = smile($message);
}
if ($myrow['forum_type'] != 6 and $myrow['forum_type'] != 5) {
$message = make_clickable($message);
$message = removeHack($message);
}
$message = addslashes($message);
if (!isset($Mmod)) {
$subject = removeHack(strip_tags($subject));
}
$Msubject = $subject;
$time = date("Y-m-d H:i", time() + $gmt * 3600);
$sql = "INSERT INTO " . $NPDS_Prefix . "forumtopics (topic_title, topic_poster, current_poster, forum_id, topic_time, topic_notify) VALUES ('{$subject}', '" . $userdata['uid'] . "', '" . $userdata['uid'] . "', '{$forum}', '{$time}'";
if (isset($notify2) && $userdata['uid'] != 1) {
$sql .= ", '1'";
} else {
$sql .= ", '0'";
}
$sql .= ')';
if (!($result = sql_query($sql))) {
forumerror('0020');
}
$topic_id = sql_last_id();
$sql = "INSERT INTO " . $NPDS_Prefix . "posts (topic_id, image, forum_id, poster_id, post_text, post_time, poster_ip, poster_dns) VALUES ('{$topic_id}', '{$image_subject}', '{$forum}', '" . $userdata['uid'] . "', '{$message}', '{$time}', '{$poster_ip}', '{$hostname}')";
if ($formulaire != '') {
include "modules/comments/comments_extender.php";
}
if ($allow_html == 0 || isset($html)) {
$message = htmlspecialchars($message, ENT_COMPAT | ENT_HTML401, cur_charset);
}
if (isset($sig) && $userdata['uid'] != 1) {
$message .= ' [addsig]';
}
$message = aff_code($message);
$message = str_replace("\n", "<br />", $message);
if ($allow_bbcode) {
$message = smile($message);
}
$message = make_clickable($message);
$message = removeHack($message);
$image_subject = '';
$message = addslashes($message);
$time = date("Y-m-d H:i:s", time() + $gmt * 3600);
$sql = "INSERT INTO " . $NPDS_Prefix . "posts (post_idH, topic_id, image, forum_id, poster_id, post_text, post_time, poster_ip, poster_dns) VALUES ('0', '{$topic}', '{$image_subject}', '{$forum}', '" . $userdata['uid'] . "', '{$message}', '{$time}', '{$poster_ip}', '{$hostname}')";
if (!($result = sql_query($sql))) {
forumerror('0020');
} else {
$IdPost = sql_last_id();
}
$sql = "UPDATE " . $NPDS_Prefix . "users_status SET posts=posts+1 WHERE (uid = '" . $userdata['uid'] . "')";
$result = sql_query($sql);
if (!$result) {
forumerror('0029');
}
// ordre de mise à jour d'un champ externe ?
function DoEditImg($id, $imggal, $newdesc)
{
global $ThisRedo, $NPDS_Prefix;
$newtit = addslashes(removeHack($newdesc));
if ($imggal == "") {
$imggal = "-1";
}
if (sql_query("UPDATE " . $NPDS_Prefix . "tdgal_img SET gal_id='{$imggal}', comment='{$newtit}' WHERE id='{$id}'")) {
redirect_url($ThisRedo . "&subop=viewarbo");
} else {
echo "<script type=\"text/javascript\">\n//<![CDATA[\nalert('Erreur lors de la modification de l'image');\n//]]>\n</script>";
redirect_url($ThisRedo . "&subop=editimg&imgid={$id}");
}
}
while (list($username, $message, $dbname, $date_message) = sql_fetch_row($result)) {
$thing .= "<div class='chatmessage'><div class='chatheure'>" . date(translate("Chatdate"), $date_message + $gmt * 3600) . "</div>";
if ($dbname == 1) {
if (!$user and $member_list == 1 and !$admin) {
$thing .= "<div class='chatnom'>{$username}</div>";
} else {
$thing .= "<div class='chatnom'><a href='user.php?op=userinfo&uname={$username}' target='_blank'>{$username}</a></div>";
}
} else {
$thing .= "<div class='chatnom'>{$username}</div>";
}
$message = smilie($message);
$chat_forbidden_words = array("'\"'i" => '"', "'OxOA'i" => '', "'OxOD'i" => '', "'\n'i" => '', "'\r'i" => '', "'\t'i" => '');
$message = preg_replace(array_keys($chat_forbidden_words), array_values($chat_forbidden_words), $message);
$message = str_replace('"', '\\"', make_clickable($message));
$thing .= "<div class='chattexte'>" . removeHack($message) . "</div></div>";
$repere = $date_message;
}
$thing = "\"" . $thing . "\"";
}
if ($aff_entetes == "1") {
$meta_op = true;
include "meta/meta.php";
$Xthing .= $l_meta;
$Xthing .= str_replace("\n", "", import_css_javascript($tmp_theme, $language, $site_font, basename($_SERVER['PHP_SELF']), ""));
$Xthing .= "</head><body id='chat'>";
$Xthing = "\"" . str_replace("'", "\\'", $Xthing) . "\"";
}
$result = sql_query("SELECT DISTINCT ip FROM " . $NPDS_Prefix . "chatbox WHERE id='{$id}' and date >= " . (time() - 60 * 2) . "");
$numofchatters = sql_num_rows($result);
$rafraich_connectes = 0;
$imgtmp = "images/forum/avatar/blank.gif";
}
}
}
return $imgtmp;
}
include "header.php";
$pagesize = $show_user;
if (!isset($letter) or $letter == '') {
$letter = translate("All");
}
$letter = removeHack(stripslashes(htmlspecialchars($letter, ENT_QUOTES, cur_charset)));
if (!isset($sortby)) {
$sortby = 'uid DESC';
}
$sortby = removeHack($sortby);
if (!isset($page)) {
$page = 1;
}
if (isset($list)) {
$tempo = unique(explode(',', $list));
$list = urlencode(implode(',', $tempo));
}
$result = sql_query("SELECT uname, user_avatar FROM " . $NPDS_Prefix . "users ORDER BY uid DESC limit 0,1");
list($lastuser, $lastava) = sql_fetch_row($result);
echo '
<h2><img src="images/admin/users.png" alt="' . translate("Members List") . '" />' . translate("Members List");
if (isset($uid_from_ws) and $uid_from_ws != '') {
echo '<span class="text-muted"> ' . translate("for group") . ' #' . $gr_from_ws . '</span>';
}
echo '</h2>
}
$row2 = sql_fetch_assoc($result);
$userdata['uid'] = $row2['poster_id'];
// IF we made it this far we are allowed to edit this message
settype($forum, "integer");
$myrow2 = sql_fetch_assoc(sql_query("SELECT forum_type FROM " . $NPDS_Prefix . "forums WHERE (forum_id = '{$forum}')"));
$forum_type = $myrow2['forum_type'];
if ($allow_html == 0 || isset($html)) {
$messageP = htmlspecialchars($messageP, ENT_COMPAT | ENT_HTML401, cur_charset);
}
if ($allow_bbcode and $forum_type != 6 and $forum_type != 5) {
$messageP = smile($messageP);
}
if ($forum_type != 6 and $forum_type != 5) {
$messageP = aff_code($messageP);
$messageP = str_replace("\n", '<br />', removeHack($messageP));
$messageP .= "<br /><p>" . translate("This message was edited by") . ' : ' . $userdata['uname'] . "</p>";
if ($allow_bbcode) {
$messageP = aff_video_yt($messageP);
}
} else {
$messageP .= "\n\n" . translate("This message was edited by") . ' : ' . $userdata['uname'];
}
$messageP = addslashes($messageP);
break;
}
$theposterdata = get_userdata_from_id($userdatat[0]);
echo '
<h4>' . translate("Preview") . '</h4>
<div class="row">
<div class="col-xs-12">
function main()
{
global $dcategory, $sortby, $sortorder, $sitename;
$dcategory = removeHack(stripslashes(htmlspecialchars(urldecode($dcategory), ENT_QUOTES, cur_charset)));
// electrobug
$dcategory = str_replace("'", "\\'", $dcategory);
$sortby = removeHack(stripslashes(htmlspecialchars(urldecode($sortby), ENT_QUOTES, cur_charset)));
// electrobug
include "header.php";
echo '<h2>' . translate("Download Section") . '</h2>';
tlist();
if ($dcategory != translate("No category")) {
listdownloads($dcategory, $sortby, $sortorder);
}
if (file_exists("static/download.ban.txt")) {
include "static/download.ban.txt";
}
include "footer.php";
}
function send_review($date, $title, $text, $reviewer, $email, $score, $cover, $url, $url_title, $hits, $id, $asb_question, $asb_reponse)
{
global $admin, $user, $NPDS_Prefix;
include 'header.php';
$date = reversedate($date);
$title = stripslashes(FixQuotes(strip_tags($title)));
$text = stripslashes(Fixquotes(urldecode(removeHack($text))));
if (!$user and !$admin) {
//anti_spambot
if (!R_spambot($asb_question, $asb_reponse, $text)) {
Ecr_Log('security', 'Review Anti-Spam : title=' . $title, '');
redirect_url("index.php");
die;
}
}
echo '
<h2>' . translate("Write a Review") . '</h2>
<br /><p class="lead text-danger">' . translate("Thanks for submitting this review") . '';
if ($id != 0) {
echo " " . translate("modification") . "";
} else {
echo ", {$reviewer}";
}
echo '<br /><br />';
if ($admin && $id == 0) {
sql_query("INSERT INTO " . $NPDS_Prefix . "reviews VALUES (NULL, '{$date}', '{$title}', '{$text}', '{$reviewer}', '{$email}', '{$score}', '{$cover}', '{$url}', '{$url_title}', '1')");
echo translate("It is now available in the reviews database.");
} else {
if ($admin && $id != 0) {
sql_query("UPDATE " . $NPDS_Prefix . "reviews SET date='{$date}', title='{$title}', text='{$text}', reviewer='{$reviewer}', email='{$email}', score='{$score}', cover='{$cover}', url='{$url}', url_title='{$url_title}', hits='{$hits}' WHERE id='{$id}'");
echo translate("It is now available in the reviews database.");
} else {
sql_query("INSERT INTO " . $NPDS_Prefix . "reviews_add VALUES (NULL, '{$date}', '{$title}', '{$text}', '{$reviewer}', '{$email}', '{$score}', '{$url}', '{$url_title}')");
echo translate("The editors will look at your submission. It should be available soon!");
}
}
echo '</p><a class="btn btn-default" role="button" href="reviews.php" title="' . translate("Back to Reviews Index") . '"><i class="fa fa-lg fa-undo"></i>
</a>';
include "footer.php";
}
$bnid = md5($nomBlocNote . substr(urldecode($uriBlocNote), 0, strpos(urldecode($uriBlocNote), "&")));
} else {
$bnid = md5($nomBlocNote . urldecode($uriBlocNote));
}
} else {
$bnid = '';
}
if ($bnid) {
if ($supBlocNote == 'RAZ') {
sql_query("DELETE FROM " . $NPDS_Prefix . "blocnotes WHERE bnid='{$bnid}'");
} else {
sql_query("LOCK TABLES " . $NPDS_Prefix . "blocnotes WRITE");
$result = sql_query("SELECT texte FROM " . $NPDS_Prefix . "blocnotes WHERE bnid='{$bnid}'");
if (sql_num_rows($result) > 0) {
if ($texteBlocNote != "") {
sql_query("UPDATE " . $NPDS_Prefix . "blocnotes SET texte='" . removeHack($texteBlocNote) . "' WHERE bnid='{$bnid}'");
} else {
sql_query("DELETE FROM " . $NPDS_Prefix . "blocnotes WHERE bnid='{$bnid}'");
}
} else {
if ($texteBlocNote != "") {
sql_query("INSERT INTO " . $NPDS_Prefix . "blocnotes (bnid, texte) VALUES ('{$bnid}', '" . removeHack($texteBlocNote) . "')");
}
}
sql_query("UNLOCK TABLES");
}
}
header("location: " . urldecode($uriBlocNote));
} else {
header("location: index.php");
}
