Пример #1
0
function misc_videofile()
{
    global $set, $db, $apx, $user;
    $_REQUEST['id'] = (int) $_REQUEST['id'];
    if (!$_REQUEST['id']) {
        die('missing ID!');
    }
    if ($set['videos']['regonly'] && !$user->info['userid']) {
        die('video only for registered users!');
    }
    $apx->lang->drop('detail', 'videos');
    //Secure Check
    $res = $db->first("SELECT id,title,file,regonly,`limit`,password,source FROM " . PRE . "_videos WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$user->is_team_member(), "AND ( '" . time() . "' BETWEEN starttime AND endtime )") . " " . section_filter() . " ) LIMIT 1");
    if (!$res['id']) {
        die('file not found!');
    }
    if ($res['regonly'] && !$user->info['userid']) {
        die('video only for registered users!');
    }
    if (videos_limit_is_reached($res['id'], $res['limit'])) {
        message($apx->lang->get('MSG_LIMITREACHED'), 'back');
    }
    if ($res['password'] && $_POST['password'] != $res['password']) {
        tmessage('pwdrequired', array('ID' => $_REQUEST['id'], 'SECHASH' => $_REQUEST['sechash']), 'videos');
    }
    $checkhash = md5($_SERVER['HTTP_HOST'] . $res['file'] . date('Y/m/d', time() - TIMEDIFF));
    if ($checkhash != $_REQUEST['sechash']) {
        header("HTTP/1.1 301 Moved Permanently");
        header('location:' . str_replace('&', '&', mklink('videos.php?id=' . $_REQUEST['id'], 'videos,id' . $_REQUEST['id'] . urlformat($res['title']) . '.html')));
        exit;
    }
    //Datei downloadbar?
    if (!in_array($res['source'], array('apexx', 'external'))) {
        header("HTTP/1.1 404 Not Found");
        exit;
    }
    //Statistik
    $thefsize = videos_filesize($res);
    videos_insert_stats($res['id'], $thefsize, $res['source'] == 'apexx');
    //Datei senden
    if ($res['source'] == 'external') {
        header("HTTP/1.1 301 Moved Permanently");
        header('location:' . $res['file']);
        exit;
    } else {
        header("HTTP/1.1 301 Moved Permanently");
        header('location:' . HTTPDIR . getpath('uploads') . $res['file']);
        exit;
    }
}
Пример #2
0
function check_forum_password($forum)
{
    global $set;
    $forumid = $forum['password_fromid'] ? $forum['password_fromid'] : $forum['forumid'];
    if (!$forum['password']) {
        return true;
    }
    if ($_COOKIE[$set['main']['cookie_pre'] . '_forum_password_' . $forumid] == $forum['password']) {
        return true;
    }
    if (isset($_POST['password']) && $_POST['password'] == $forum['password']) {
        setcookie($set['main']['cookie_pre'] . '_forum_password_' . $forumid, $_POST['password'], time() + 100 * 24 * 3600);
        return true;
    } else {
        tmessage('forumpwd');
    }
}
Пример #3
0
<?php

$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
    die('missing ID!');
}
$apx->lang->drop('delpm');
if ($_POST['send']) {
    $db->query("UPDATE " . PRE . "_user_pms SET del_to='1' WHERE ( id='" . $_REQUEST['id'] . "' AND touser='******'userid'] . "' ) LIMIT 1");
    $db->query("UPDATE " . PRE . "_user_pms SET del_from='1' WHERE ( id='" . $_REQUEST['id'] . "' AND fromuser='******'userid'] . "' ) LIMIT 1");
    message($apx->lang->get('MSG_OK'), mklink('user.php?action=pms', 'user,pms.html'));
} else {
    tmessage('delpm', array('ID' => $_REQUEST['id']));
}
Пример #4
0
<?php

$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
    die('missing ID!');
}
$apx->lang->drop('profile');
headline($apx->lang->get('HEADLINE_PROFILE'), str_replace('&', '&amp;', $_SERVER['REQUEST_URI']));
titlebar($apx->lang->get('HEADLINE_PROFILE'));
//Nur für Registrierte
if ($set['user']['profile_regonly'] && !$user->info['userid']) {
    tmessage('profileregonly', array(), false, false);
    require 'lib/_end.php';
}
//Userinfo auslesen
$res = $db->first("SELECT * FROM " . PRE . "_user WHERE userid='" . $_REQUEST['id'] . "' LIMIT 1");
$userid = $res['userid'];
if (!$res['userid']) {
    filenotfound();
}
//Nur für Freunde
if ($res['pub_profileforfriends'] && !$user->is_buddy_of($res['userid']) && $user->info['userid'] != $res['userid'] && $user->info['groupid'] != 1) {
    message($apx->lang->get('MSG_FRIENDSONLY'));
    require 'lib/_end.php';
}
//Verwendete Variablen auslesen
$parse = $apx->tmpl->used_vars('profile');
//Besucher aufzeichnen und ausgeben
if (in_array('VISITOR', $parse)) {
    if ($_REQUEST['id'] != $user->info['userid']) {
        user_count_visit('profile', $_REQUEST['id']);
Пример #5
0
<?php

$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
    die('missing ID!');
}
$apx->lang->drop('delbuddy');
if ($_POST['send']) {
    if ($user->is_buddy($_REQUEST['id'])) {
        $db->query("DELETE FROM " . PRE . "_user_friends WHERE userid='" . $user->info['userid'] . "' AND friendid='" . $_REQUEST['id'] . "' LIMIT 1");
    }
    message($apx->lang->get('MSG_OK'), mklink('user.php?action=friends', 'user,friends.html'));
} else {
    tmessage('delbuddy', array('ID' => $_REQUEST['id']));
}
Пример #6
0
}
//Nur für Registrierte
if ($set['user']['profile_regonly'] && !$user->info['userid']) {
    tmessage('profileregonly', array(), false, false);
    require 'lib/_end.php';
}
//Eintrag löschen
$_REQUEST['del'] = (int) $_REQUEST['del'];
if ($user->info['userid'] && $_REQUEST['del']) {
    $apx->lang->drop('guestbook');
    if ($_POST['del']) {
        $db->query("DELETE FROM " . PRE . "_user_guestbook WHERE id='" . $_POST['del'] . "' AND owner='" . $user->info['userid'] . "' LIMIT 1");
        $goto = mklink('user.php?action=guestbook&amp;id=' . $user->info['userid'], 'user,guestbook,' . $user->info['userid'] . ',1.html');
        message($apx->lang->get('MSG_DEL_OK'), $goto);
    } else {
        tmessage('delguestbook', array('ID' => $_REQUEST['del']));
    }
    return;
}
////////////////////
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
    die('missing ID!');
}
$apx->lang->drop('guestbook');
headline($apx->lang->get('HEADLINE_GUESTBOOK'), str_replace('&', '&amp;', $_SERVER['REQUEST_URI']));
titlebar($apx->lang->get('HEADLINE_GUESTBOOK'));
//Benutzernamen auslesen
$profileInfo = $db->first("SELECT userid,username,pub_usegb,pub_profileforfriends FROM " . PRE . "_user WHERE userid='" . $_REQUEST['id'] . "' LIMIT 1");
list($userid, $username, $usegb, $friendonly) = $profileInfo;
$apx->tmpl->assign('USERID', $userid);
Пример #7
0
function checkage()
{
    global $apx, $set, $db, $user;
    //Alter wurde bereits bestätigt
    if ($_COOKIE[$set['main']['cookie_pre'] . '_checkage'] || $user->is_team_member() || $user->info['ageconfirmed']) {
        return;
    }
    $apx->lang->drop('checkage', 'main');
    //Alter prüfen
    if ($_POST['checkage'] && $_POST['birthday']['day'] && $_POST['birthday']['month'] && $_POST['birthday']['year']) {
        $stamp = intval(sprintf('%04d%02d%02d', $_POST['birthday']['year'], $_POST['birthday']['month'], $_POST['birthday']['day']));
        $maxstamp = intval(sprintf('%04d%02d%02d', date('Y') - 18, date('n'), date('j')));
        if ($stamp <= $maxstamp) {
            setcookie($set['main']['cookie_pre'] . '_checkage', 1);
            return;
        } else {
            message($apx->lang->get('MSG_TOOYOUNG'), HTTPDIR);
            require BASEDIR . 'lib/_end.php';
        }
    }
    //Nachricht anzeigen
    //header('HTTP/1.0 403 Forbidden');
    tmessage('checkage', array(), 'main');
    require BASEDIR . 'lib/_end.php';
}
Пример #8
0
            } else {
                $db->query("INSERT INTO " . PRE . "_user_ignore (userid,ignored,reason) VALUES ('" . $user->info['userid'] . "','" . $userid . "','" . addslashes($_POST['reason']) . "')");
                $goto = mklink('user.php?action=ignorelist', 'user,ignorelist.html');
                message($apx->lang->get('MSG_ADD_OK'), $goto);
            }
        }
    } else {
        tmessage('addignore', array('USERNAME' => compatible_hsc($_REQUEST['username'])));
    }
} elseif ($_REQUEST['del']) {
    if ($_POST['del']) {
        $db->query("DELETE FROM " . PRE . "_user_ignore WHERE userid='" . $user->info['userid'] . "' AND ignored='" . intval($_POST['del']) . "' LIMIT 1");
        $goto = mklink('user.php?action=ignorelist', 'user,ignorelist.html');
        message($apx->lang->get('MSG_DEL_OK'), $goto);
    } else {
        tmessage('delignore', array('ID' => $_REQUEST['del']));
    }
} else {
    //Ignorierte Benutzer auslesen
    $data = $db->fetch("SELECT u.userid,u.username,i.reason FROM " . PRE . "_user_ignore AS i LEFT JOIN " . PRE . "_user AS u ON i.ignored=u.userid WHERE i.userid='" . $user->info['userid'] . "' ORDER BY u.username ASC");
    if (count($data)) {
        foreach ($data as $res) {
            ++$i;
            $tabledata[$i]['ID'] = $res['userid'];
            $tabledata[$i]['NAME'] = replace($res['username']);
            $tabledata[$i]['REASON'] = replace($res['reason']);
            $tabledata[$i]['LINK_DEL'] = mklink('user.php?action=ignorelist&amp;del=' . $res['userid'], 'user,ignorelist.html?del=' . $res['userid']);
        }
    }
    $apx->tmpl->assign('LINK_ADD', mklink('user.php?action=ignorelist&amp;add=1', 'user,ignorelist.html?add=1'));
    $apx->tmpl->assign('USER', $tabledata);
Пример #9
0
 function resync()
 {
     global $set, $apx, $db;
     if ($_REQUEST['send']) {
         if (!checkToken()) {
             printInvalidToken();
         } else {
             @set_time_limit(600);
             //Thread- und Beitragszahlen berichtigen
             $data = $db->fetch("\n\t\t\t\tSELECT forumid\n\t\t\t\tFROM " . PRE . "_forums\n\t\t\t");
             if (count($data)) {
                 foreach ($data as $res) {
                     $forumid = $res['forumid'];
                     $forumThreads = 0;
                     $forumPosts = 0;
                     $forumLastpost = array();
                     $forumLastthread = array();
                     //Threads auslesen
                     $threaddata = $db->fetch("\n\t\t\t\t\t\tSELECT threadid, prefix, title, icon, del\n\t\t\t\t\t\tFROM " . PRE . "_forum_threads\n\t\t\t\t\t\tWHERE del=0 AND moved=0 AND forumid='" . $forumid . "'\n\t\t\t\t\t");
                     if (count($threaddata)) {
                         foreach ($threaddata as $tres) {
                             $threadid = $tres['threadid'];
                             list($threadPosts) = $db->first("\n\t\t\t\t\t\t\t\tSELECT count(postid)\n\t\t\t\t\t\t\t\tFROM " . PRE . "_forum_posts\n\t\t\t\t\t\t\t\tWHERE del=0 AND threadid='" . $threadid . "'\n\t\t\t\t\t\t\t");
                             $threadLastpost = $db->first("\n\t\t\t\t\t\t\t\tSELECT postid, userid, username, time\n\t\t\t\t\t\t\t\tFROM " . PRE . "_forum_posts\n\t\t\t\t\t\t\t\tWHERE del=0 AND threadid='" . $threadid . "'\n\t\t\t\t\t\t\t\tORDER BY time DESC\n\t\t\t\t\t\t\t\tLIMIT 1\n\t\t\t\t\t\t\t");
                             $db->query("\n\t\t\t\t\t\t\t\tUPDATE " . PRE . "_forum_threads\n\t\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\t\tposts='" . $threadPosts . "',\n\t\t\t\t\t\t\t\t\tlastpost='" . $threadLastpost['postid'] . "',\n\t\t\t\t\t\t\t\t\tlastposter='" . addslashes($threadLastpost['username']) . "',\n\t\t\t\t\t\t\t\t\tlastposter_userid='" . $threadLastpost['userid'] . "',\n\t\t\t\t\t\t\t\t\tlastposttime='" . $threadLastpost['time'] . "'\n\t\t\t\t\t\t\t\tWHERE threadid='" . $threadid . "'\n\t\t\t\t\t\t\t");
                             //Themen/Beiträge im Forum
                             if (!$tres['del']) {
                                 ++$forumThreads;
                             }
                             $forumPosts += $threadPosts;
                             //Lastpost im Forum
                             if (!$forumLastpost || $forumLastpost['time'] < $threadLastpost['time']) {
                                 $forumLastthread = $tres;
                                 $forumLastpost = $threadLastpost;
                             }
                         }
                     }
                     //Forum aktualisieren
                     $db->query("\n\t\t\t\t\t\tUPDATE " . PRE . "_forums\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tthreads='" . $forumThreads . "',\n\t\t\t\t\t\t\tposts='" . $forumPosts . "',\n\t\t\t\t\t\t\tlastpost='" . $forumLastpost['postid'] . "',\n\t\t\t\t\t\t\tlastposter='" . addslashes($forumLastpost['username']) . "',\n\t\t\t\t\t\t\tlastposter_userid='" . $forumLastpost['userid'] . "',\n\t\t\t\t\t\t\tlastposttime='" . $forumLastpost['time'] . "',\n\t\t\t\t\t\t\tlastthread='" . $forumLastthread['threadid'] . "',\n\t\t\t\t\t\t\tlastthread_title='" . addslashes($forumLastthread['title']) . "',\n\t\t\t\t\t\t\tlastthread_icon='" . addslashes($forumLastthread['icon']) . "',\n\t\t\t\t\t\t\tlastthread_prefix='" . addslashes($forumLastthread['prefix']) . "'\n\t\t\t\t\t\tWHERE forumid='" . $forumid . "'\n\t\t\t\t\t\tLIMIT 1");
                 }
             }
             logit('FORUM_RESYNC');
             message($apx->lang->get('MSG_OK'));
         }
     } else {
         tmessage('resync');
     }
 }
Пример #10
0
    if ($_REQUEST['option'] == 'addforum') {
        $_POST['type'] = 'forum';
    } else {
        $_POST['type'] = 'thread';
    }
    //Benachrichtigung
    if (in_array($_POST['subscription'], array('none', 'instant', 'daily', 'weekly'))) {
        $_POST['notification'] = $_POST['subscription'];
    } else {
        $_POST['notification'] = 'none';
    }
    $_POST['userid'] = $user->info['userid'];
    $_POST['source'] = $_POST['id'];
    //Duplikate vermeiden
    list($duplicate) = $db->first("SELECT id FROM " . PRE . "_forum_subscriptions WHERE ( type='" . addslashes($_POST['type']) . "' AND source='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' ) LIMIT 1");
    if (!$duplicate) {
        $db->dinsert(PRE . '_forum_subscriptions', 'userid,type,source,notification');
    }
    message($apx->lang->get('MSG_SUBADD_OK'), mklink('user.php?action=subscriptions', 'user,subscriptions.html'));
} else {
    require_once BASEDIR . getmodulepath('forum') . 'basics.php';
    //Titel auslesen
    if ($_REQUEST['option'] == 'addforum') {
        list($title) = $db->first("SELECT title FROM " . PRE . "_forums WHERE forumid='" . $_REQUEST['id'] . "' LIMIT 1");
    } else {
        list($prefix, $title) = $db->first("SELECT prefix,title FROM " . PRE . "_forum_threads WHERE threadid='" . $_REQUEST['id'] . "' LIMIT 1");
        $title = trim(compatible_hsc(strip_tags(forum_get_prefix($prefix) . ' ') . $title));
    }
    $input = array('ID' => $_REQUEST['id'], 'TITLE' => $title, 'OPTION' => $_REQUEST['option']);
    tmessage('subscription_add', $input);
}
Пример #11
0
     checkage();
 }
 //Passwortschutz
 if ($gallery['password']) {
     $password = $gallery['password'];
     $pwdid = $gallery['id'];
 } else {
     $parentIds = dash_unserialize($gallery['parents']);
     if ($parentIds) {
         list($pwdid, $password) = $db->first("SELECT id,password FROM " . PRE . "_gallery WHERE id='" . $parentIds[0] . "' LIMIT 1");
     }
 }
 if ($password && $password == $_POST['password']) {
     setcookie('gallery_pwd_' . $pwdid, $_POST['password'], time() + 1 * 24 * 3600);
 } elseif ($password && $_COOKIE['gallery_pwd_' . $pwdid] != $password) {
     tmessage('pwdrequired', array('ID' => $_REQUEST['id'], 'PIC' => $_REQUEST['pic']));
 }
 //Headline + Titlebar
 headline(strip_tags($gallery['title']), mklink('gallery.php?id=' . $_REQUEST['id'] . '&amp;p=' . $_REQUEST['p'], 'gallery,list' . $_REQUEST['id'] . ',' . iif($_REQUEST['p'], $_REQUEST['p'], 1) . urlformat($gallery['title']) . '.html'));
 titlebar($apx->lang->get('HEADLINE') . ': ' . strip_tags($gallery['title']));
 //Unter-Galerien auslesen, die veröffentlicht sind
 if ($set['gallery']['subgals'] && $gallery['children']) {
     $openData = $db->fetch("SELECT id FROM " . PRE . "_gallery WHERE id IN (" . implode(', ', $gallery['children']) . ") AND '" . time() . "' BETWEEN starttime AND endtime");
     $openIds = array_merge(get_ids($openData), array($gallery['id']));
 } else {
     $openIds = array($gallery['id']);
 }
 //////////////////// UNTERGALERIEN
 if ($set['gallery']['subgals']) {
     require_once BASEDIR . 'lib/class.recursivetree.php';
     $tree = new RecursiveTree(PRE . '_gallery', 'id');
Пример #12
0
if ($_REQUEST['galid']) {
    $galid = $_REQUEST['galid'];
    //Zugangsrechte?
    $gallery = $db->first("SELECT * FROM " . PRE . "_user_gallery WHERE id='" . $galid . "' AND owner='" . $_REQUEST['id'] . "' LIMIT 1");
    if (!$gallery['id']) {
        die('access denied!');
    }
    //Passwortschutz
    if ($gallery['password']) {
        $password = $gallery['password'];
        $pwdid = $gallery['id'];
    }
    if ($password && $password == $_POST['password']) {
        setcookie('usergallery_pwd_' . $pwdid, md5(md5($_POST['password']) . $set['main']['crypt']), time() + 1 * 24 * 3600);
    } elseif ($user->info['gtype'] != 'admin' && $user->info['userid'] != $gallery['owner'] && $password && $_COOKIE['usergallery_pwd_' . $pwdid] != md5(md5($password) . $set['main']['crypt'])) {
        tmessage('gallerypwdrequired', array('ID' => $_REQUEST['id'], 'GALID' => $_REQUEST['galid']));
    }
    //Verwendete Variablen
    $parse = $apx->tmpl->used_vars('gallery_pics');
    //Besucher aufzeichnen und ausgeben
    if (in_array('VISITOR', $parse)) {
        if ($userid != $user->info['userid']) {
            user_count_visit('gallery', $_REQUEST['id']);
        }
        if (!$set['user']['visitorself'] || $userid == $user->info['userid']) {
            user_assign_visitors('gallery', $_REQUEST['id'], $apx->tmpl, $parse);
        }
    }
    //Galerie-Infos
    $images = 0;
    if (in_array('COUNT', $parse)) {
Пример #13
0
<?php

$apx->module('forum');
//Diese Aktion gehört dem Forum
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
    die('missing ID!');
}
$apx->lang->drop('subscribe');
$subinfo = $db->first("SELECT type,notification FROM " . PRE . "_forum_subscriptions WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
if ($_POST['send']) {
    //Benachrichtigung
    if ($subinfo['type'] == 'thread' && !in_array($_POST['subscription'], array('none', 'instant', 'daily', 'weekly'))) {
        die('invalid notification type');
    }
    if ($subinfo['type'] == 'forum' && !in_array($_POST['subscription'], array('none', 'daily', 'weekly'))) {
        die('invalid notification type');
    }
    $db->query("UPDATE " . PRE . "_forum_subscriptions SET notification='" . $_POST['subscription'] . "' WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
    message($apx->lang->get('MSG_SUBEDIT_OK'), mklink('user.php?action=subscriptions', 'user,subscriptions.html'));
} else {
    $input = array('ID' => $_REQUEST['id'], 'SUBSCRIPTION' => $subinfo['notification'], 'ISTHREAD' => iif($subinfo['type'] == 'thread', 1, 0));
    tmessage('subscription_edit', $input);
}
Пример #14
0
<?php

$apx->module('forum');
//Diese Aktion gehört dem Forum
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
    die('missing ID!');
}
$apx->lang->drop('subscribe');
if ($_POST['send']) {
    $db->query("DELETE FROM " . PRE . "_forum_subscriptions WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
    message($apx->lang->get('MSG_SUBDEL_OK'), mklink('user.php?action=subscriptions', 'user,subscriptions.html'));
} else {
    tmessage('subscription_del', array('ID' => $_REQUEST['id']));
}
Пример #15
0
function tmessageOverlay($file, $input = array(), $dir = false)
{
    global $set, $db, $apx;
    $apx->tmpl->assign_static('OVERLAY', true);
    tmessage($file, $input, $dir);
}
Пример #16
0
<?php

$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
    die('missing ID!');
}
$apx->lang->drop('bookmarks');
if ($_POST['send']) {
    $db->query("DELETE FROM " . PRE . "_user_bookmarks WHERE id='" . $_REQUEST['id'] . "' AND userid='" . $user->info['userid'] . "' LIMIT 1");
    message($apx->lang->get('MSG_OK_DEL'), mklink('user.php', 'user.html'));
} else {
    tmessage('delbookmark', array('ID' => $_REQUEST['id']));
}
Пример #17
0
if ($_REQUEST['id'] && $_REQUEST['broken']) {
    $apx->lang->drop('broken');
    if ($_POST['broken']) {
        $res = $db->first("SELECT title FROM " . PRE . "_videos WHERE ( id='" . $_REQUEST['id'] . "' " . section_filter() . " ) LIMIT 1");
        titlebar($apx->lang->get('HEADLINE') . ': ' . $res['title']);
        $link = mklink('videos.php?id=' . $_REQUEST['id'], 'videos,id' . $_REQUEST['id'] . urlformat($res['title']) . '.html');
        $db->query("UPDATE " . PRE . "_videos SET broken='" . time() . "' WHERE ( id='" . $_REQUEST['id'] . "' " . section_filter() . " ) LIMIT 1");
        //eMail-Benachrichtigung
        if ($set['videos']['mailonbroken']) {
            $input = array('URL' => substr(HTTP, 0, -1) . $link);
            sendmail($set['videos']['mailonbroken'], 'BROKEN', $input);
        }
        message($apx->lang->get('MSG_BROKEN'), $link);
        require 'lib/_end.php';
    } else {
        tmessage('broken', array('ID' => $_REQUEST['id']));
    }
}
////////////////////////////////////////////////////////////////////////////////// NUR KOMMENTARE
if ($_REQUEST['id'] && $_REQUEST['comments']) {
    $res = $db->first("SELECT title FROM " . PRE . "_videos WHERE ( id='" . $_REQUEST['id'] . "' " . section_filter() . " ) LIMIT 1");
    titlebar($apx->lang->get('HEADLINE') . ': ' . $res['title']);
    videos_showcomments($_REQUEST['id']);
}
///////////////////////////////////////////////////////////////////////////////////////// DETAILS
if ($_REQUEST['id']) {
    $apx->lang->drop('detail');
    //Verwendete Variablen auslesen
    $parse = $apx->tmpl->used_vars('detail');
    //Video-Info
    $res = $db->first("SELECT a.*,b.username,b.email,b.pub_hidemail FROM " . PRE . "_videos AS a LEFT JOIN " . PRE . "_user AS b USING(userid) WHERE ( a.id='" . $_REQUEST['id'] . "' AND a.status='finished' " . iif(!$user->is_team_member(), "AND ( '" . time() . "' BETWEEN a.starttime AND a.endtime )") . " " . section_filter() . " ) LIMIT 1");
Пример #18
0
     } elseif (count($locids) > 1) {
         $inputfields = '';
         foreach ($_POST as $key => $value) {
             if ($key == 'locid') {
                 continue;
             }
             $inputfields .= '<input type="hidden" name="' . $key . '" value="' . compatible_hsc($value) . '" />';
         }
         $select = array();
         foreach ($data as $res) {
             ++$i;
             $select[$i]['ID'] = $res['id'];
             $select[$i]['NAME'] = $res['stamp'] . ' ' . replace($res['name']);
         }
         $input = array('INPUTS' => $inputfields, 'SELECT' => $select);
         tmessage('choosecity', $input);
     }
     //Locid-Suche
     list($l, $b) = $db->first("SELECT l,b FROM " . PRE . "_user_locations WHERE id='" . $locids[0] . "' LIMIT 1");
     $distance = (int) $_POST['distance'];
     $data = $db->fetch("\n\t\t\tSELECT id\n\t\t\tFROM `" . PRE . "_user_locations`\n\t\t\tWHERE (sqrt((l-" . $l . ")*70*(l-" . $l . ")*70+(b-" . $b . ")*111*(b-" . $b . ")*111))<=" . $distance . "\n\t\t");
     $neighbours = get_ids($data, 'id');
     //Auf Locids eingrenzen
     $where .= " AND locid IN (" . implode(',', $neighbours) . ") ";
 }
 //Suchbegriff
 if ($_POST['item']) {
     $items = explode(' ', $_POST['item']);
     $items = array_map('trim', $items);
     $itemsearchfields = array('username', 'homepage', 'realname', 'interests', 'work');
     for ($i = 1; $i <= 10; $i++) {
Пример #19
0
 function sendpm_exec()
 {
     global $apx, $db, $set;
     //Token prüfen
     if (!checkToken()) {
         printInvalidToken();
         return;
     }
     //FORWARDER
     if (!isset($_REQUEST['done'])) {
         tmessage('sending', array('FORWARDER' => 'action.php?action=user.sendpm&amp;doit=1&amp;sectoken=' . $apx->session->get('sectoken') . '&amp;done=0'));
         return;
     }
     //VARS
     $done = (int) $_REQUEST['done'];
     $countPerCall = 50;
     @set_time_limit(600);
     //Newsletter-Info auslesen
     $newsletter = $set['user']['sendpm_data'];
     if (!isset($newsletter['text'])) {
         die('no valid newsletter!');
     }
     $newsletter['text_clear'] = $newsletter['text'];
     while (preg_match('#\\[([a-z0-9]+)(=.*?)?\\](.*?)\\[/\\1\\]#si', $newsletter['text_clear'])) {
         $text = preg_replace('#\\[([a-z0-9]+)(=.*?)?\\](.*?)\\[/\\1\\]#si', '\\3', $newsletter['text_clear']);
     }
     //SEND NEWSLETTER
     if (is_array($newsletter['groups']) && count($newsletter['groups'])) {
         $data = $db->fetch("SELECT userid, email, pub_poppm, pub_mailpm FROM " . PRE . "_user WHERE active=1 AND reg_key='' AND groupid IN (" . implode(',', $newsletter['groups']) . ") ORDER BY email ASC LIMIT " . $done . "," . $countPerCall);
     } else {
         $data = $db->fetch("SELECT userid, email, pub_poppm, pub_mailpm FROM " . PRE . "_user WHERE active=1 AND reg_key='' ORDER BY email ASC LIMIT " . $done . "," . $countPerCall);
     }
     if (count($data)) {
         foreach ($data as $res) {
             ++$i;
             $this->sendpm_send($res, $newsletter['subject'], $newsletter['text'], $newsletter['text_clear']);
         }
         ////// FORWARDER
         //Vorgang beendet
         if ($i < $countPerCall) {
             $db->query("UPDATE " . PRE . "_config SET value='' WHERE module='user' AND varname='sendpm_data' LIMIT 1");
             logit('USER_SENDPM');
             message($apx->lang->get('MSG_OK'));
             return;
         } else {
             tmessage('sending', array('FORWARDER' => 'action.php?action=user.sendpm&amp;doit=1&amp;sectoken=' . $apx->session->get('sectoken') . '&amp;done=' . ($done + $countPerCall)));
             return;
         }
     } else {
         $db->query("UPDATE " . PRE . "_config SET value='' WHERE module='user' AND varname='sendpm_data' LIMIT 1");
         logit('USER_SENDPM');
         message($apx->lang->get('MSG_OK'));
         return;
     }
 }
Пример #20
0
 function add()
 {
     global $set, $db, $apx;
     //Typ wählen
     if (!$_REQUEST['type'] || !in_array($_REQUEST['type'], $this->alltypes)) {
         //Typliste
         $typelist = '';
         foreach ($this->alltypes as $type) {
             $typelist .= '<option value="' . $type . '"' . iif($type == $_POST['type'], ' selected="selected"') . '>' . $apx->lang->get('PRODTYPE_' . strtoupper($type)) . '</option>';
         }
         tmessage('choosetype', array('TYPELIST' => $typelist, 'UPDATEPARENT' => $_REQUEST['updateparent']));
         return;
     } else {
         $call = 'add_' . $_REQUEST['type'];
         $this->{$call}();
     }
 }
Пример #21
0
     die('missing post-ID!');
 }
 $postinfo = post_info($_REQUEST['id']);
 if (!$postinfo['postid'] || $postinfo['del']) {
     message($apx->lang->get('MSG_POSTNOTEXIST'));
 }
 $threadinfo = thread_info($postinfo['threadid']);
 if (!$threadinfo['threadid'] || $threadinfo['del']) {
     message($apx->lang->get('MSG_THREADNOTEXIST'));
 }
 $foruminfo = forum_info($threadinfo['forumid']);
 if (!$foruminfo['forumid']) {
     message($apx->lang->get('MSG_FORUMNOTEXIST'));
 }
 if (!forum_access_admin($foruminfo)) {
     tmessage('noright', array(), false, false);
 }
 //////////////////////////////////////////////////////////////////////////////// SUCHERGEBNISSE ANZEIGEN
 //Beiträge von dieser IP
 $data = $db->fetch("SELECT userid,username,count(postid) AS posts FROM " . PRE . "_forum_posts WHERE ip='" . addslashes($postinfo['ip']) . "' GROUP BY username ORDER BY username ASC");
 if (count($data)) {
     foreach ($data as $res) {
         ++$i;
         $fromdata[$i]['USERID'] = $res['userid'];
         $fromdata[$i]['USERNAME'] = replace($res['username']);
         $fromdata[$i]['POSTS'] = $res['posts'];
     }
 }
 //Weitere IPs des Benutzers
 if ($postinfo['userid']) {
     $data = $db->fetch("SELECT ip,count(postid) AS posts FROM " . PRE . "_forum_posts WHERE userid='" . $postinfo['userid'] . "' GROUP BY ip ORDER BY posts DESC");
Пример #22
0
                 foreach ($data as $res) {
                     $picture = $res['picture'];
                     $thumbnail = $res['thumbnail'];
                     if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) {
                         $mm->deletefile($picture);
                     }
                     if ($thumbnail && file_exists(BASEDIR . getpath('uploads') . $thumbnail)) {
                         $mm->deletefile($thumbnail);
                     }
                 }
             }
             $mm->deletedir('user/gallery-' . $_REQUEST['id']);
         }
         message($apx->lang->get('MSG_DEL_OK'), mklink('user.php?action=mygallery', 'user,mygallery.html'));
     } else {
         tmessage('delgallery', array('ID' => $_REQUEST['id']));
     }
     require 'lib/_end.php';
 }
 //GALERIEN AUFLISTEN
 $data = $db->fetch("SELECT id,title FROM " . PRE . "_user_gallery WHERE owner='" . $user->info['userid'] . "'");
 if (count($data)) {
     foreach ($data as $res) {
         ++$i;
         //Bilder
         list($images) = $db->first("SELECT count(*) FROM " . PRE . "_user_pictures WHERE galid='" . $res['id'] . "'");
         //Link
         $link = mklink('user.php?action=gallery&amp;id=' . $user->info['userid'] . '&amp;galid=' . $res['id'], 'user,gallery,' . $user->info['userid'] . ',' . $res['id'] . ',0.html');
         $tabledata[$i]['ID'] = $res['id'];
         $tabledata[$i]['TITLE'] = replace($res['title']);
         $tabledata[$i]['LINK'] = $link;