function contact()
{
global $pagenum, $contactmessage, $set;
$out = "<div id=\"LNE_contact\">\n<form method=\"post\" id=\"LNE_contactform\" action=\"\"><fieldset>\n";
if ($_SESSION['user'] != "") {
$out .= "<input type=\"hidden\" name=\"name\" value=\"" . $_SESSION['user'] . "\" />\n";
$out .= "<input type=\"hidden\" name=\"email\" value=\"\" />\n";
} else {
$out .= "<p><b>{$contactmessage['30']}:</b><br />\n";
$out .= "<input type=\"text\" name=\"name\" value=\"\" /></p>\n";
$out .= "<p><b>{$contactmessage['31']}:</b><br />\n";
$out .= "<input type=\"text\" name=\"email\" value=\"\" /></p>\n";
$out .= "<p><b>{$contactmessage['34']}:</b><br />\n";
$out .= "<input type=\"text\" name=\"phone\" value=\"\" /></p>\n";
}
$out .= "<p><b>{$contactmessage['32']}:</b><br />\n";
$out .= "<textarea name=\"text\"></textarea></p>\n";
if ($_SESSION['user'] != "") {
srand((double) microtime() * 1000000);
$a = rand(1, 9);
$b = rand(1, 9);
$c = $a * $b;
$_SESSION[session_id()] = $c;
$out .= "<input type=\"hidden\" name=\"secCode\" value=\"{$c}\" />\n";
} else {
$out .= "<p><b>{$contactmessage['99']}:</b><br />\n";
if ($set['extension'] == "0") {
//text catchpa - use this is your server doesn't display the catchpa image correctly
srand((double) microtime() * 1000000);
$a = rand(0, 9);
$b = rand(0, 9);
$c = $a + $b;
$out .= "{$a} + {$b} = ";
$_SESSION[session_id()] = $c;
$out .= "<input type=\"text\" name=\"secCode\" maxlength=\"2\" style=\"width:20px\" />";
$out .= "</p>\n";
// end of text catchpa
} else {
// image catchpa
$out .= catchpa();
$out .= "</p>\n";
// end of image catchpa
}
}
$out .= "<p><input type=\"hidden\" name=\"page\" value=\"{$pagenum}\" />\n";
$out .= "<input type=\"hidden\" name=\"submit\" value=\"Send message\" />\n";
$out .= "<input type=\"submit\" name=\"aa\" value=\"{$contactmessage['33']}\" />";
$out .= "</p>\n</fieldset></form></div>\n";
return $out;
}
function uploads()
{
global $uploadsmessage, $prefix, $set;
if (file_exists("addons/uploads/lang/lang_" . $set['language'] . ".php")) {
require_once "addons/uploads/lang/lang_" . $set['language'] . ".php";
} else {
require_once "addons/uploads/lang/lang_en_US.php";
}
require_once "addons/uploads/settings.php";
if (!($crow = fetch_array(dbquery("SELECT * FROM " . $prefix . "downloadscat WHERE nome=\"Uploads\"")))) {
dbquery("INSERT INTO " . $prefix . "downloadscat (id, nome, descr) VALUES (null, \"Uploads\", \"Users upload here\")");
$crow = fetch_array(dbquery("SELECT * FROM " . $prefix . "downloadscat WHERE nome=\"Uploads\""));
}
$message = "";
if ($_POST['submitupload'] == "Add Upload") {
if ($_POST['secCode'] != $_SESSION['operation']) {
$message = $uploadsmessage[8];
} else {
$succeded = false;
$message = $_FILES["file"]["error"];
if ($_FILES['uploadedfile']['name'] != "") {
$_FILES['uploadedfile']['name'] = str_replace(" ", "_", $_FILES['uploadedfile']['name']);
$target_path = "./uploads/" . basename($_FILES['uploadedfile']['name']);
if (file_exists($target_path)) {
unlink($target_path);
}
if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
$succeded = true;
$message = $uploadsmessage[12];
@chmod($target_path, 0644);
} else {
$message = $uploadsmessage[11];
}
} else {
$message = $uploadsmessage[9];
}
if ($succeded) {
$filenam = basename($_FILES['uploadedfile']['name']);
$query = "INSERT INTO " . $prefix . "downloads (reg,nome,file,downloads,ex) VALUES (null,\"" . encode(sanitize($_POST['nome'])) . "\",\"{$filenam}\", 0, " . sanitize($_POST['cat']) . ")";
if (!dbquery($query)) {
$message = $uploadsmessage[10];
}
}
}
} else {
if ($_SESSION['adminlevel'] >= $adminlevel) {
$out .= "\n<div id=\"LNE_show\">\n";
$out .= "<div align=\"center\">\n<h3>{$uploadsmessage['5']}</h3>\n";
$out .= "<form enctype=\"multipart/form-data\" method=\"post\" action=\"\"><fieldset style=\"border: 0;\"><table>\n";
$out .= "<tr><td align=\"right\"><input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"{$max_upload_file_size}\" /><b>{$uploadsmessage['13']}: </b></td>";
$out .= "<td><input type=\"text\" name=\"nome\" style=\"width: 100%;\" /></td></tr>\n";
$out .= "<tr><td align=\"right\"><b>{$uploadsmessage['5']}: </b></td><td><input style=\" text-align: left;\" name=\"uploadedfile\" type=\"file\" name=\"uploadfile\" />\n</td></tr>\n";
$out .= "<tr><td align=\"right\"><b>{$uploadsmessage['6']}: </b></td>\n";
if ($set['catchpa'] == "0") {
//text catchpa
srand((double) microtime() * 1000000);
$a = rand(0, 9);
$b = rand(0, 9);
$c = $a + $b;
$out .= "<td>{$a} + {$b} = ";
$_SESSION['operation'] = $c;
$out .= "<input type=\"text\" name=\"secCode\" maxlength=\"2\" style=\"width:20px\" /></td></tr>\n";
} else {
// image catchpa
$out .= "<td>";
$out .= catchpa();
/* $out.="<img src=\"./LightNEasy/seccode.php\" width=\"71\" height=\"21\" align=\"absmiddle\" />"; */
$out .= "</td></tr>\n";
}
$out .= "<tr><td></td><td><input type=\"hidden\" name=\"cat\" value=\"" . $crow['id'] . "\" /><input type=\"hidden\" name=\"submitupload\" value=\"Add Upload\" />\n";
$out .= "<input type=\"submit\" name=\"aaa\" value=\"{$uploadsmessage['7']}\" />\n";
$out .= "</td><td> </td></tr>\n</table>\n</fieldset>\n</form>\n</div>\n";
} else {
$out .= "<h3>{$uploadsmessage['21']}</h3>\n";
}
}
if ($message != "") {
$out .= "<h3 style=\"color: red;\">{$message}</h3>\n";
}
if (!($result = dbquery("SELECT * FROM " . $prefix . "downloads WHERE ex=" . $crow['id'] . " ORDER BY reg DESC"))) {
die($uploadsmessage[3]);
}
$out .= "<h3>{$uploadsmessage['14']}</h3>\n";
if (num_rows($result)) {
$GETarray = $_GET;
$out .= "<ul>";
while ($row = fetch_array($result)) {
$GETarray['dlid'] = $row['reg'];
$out .= "<li>" . decode($row['nome']) . "</li>\n";
}
$out .= "</ul>";
} else {
$out .= "<h3>{$uploadsmessage['4']}</h3>";
}
$out .= "</div>\n";
return $out;
}
function commentform($newsid)
{
global $newsmessage, $editar, $set;
$out = "<form action=\"\" id=\"LNEnews_commentform\" method=\"post\"><fieldset class=\"noborder\">\n";
if ($_SESSION['user'] != "") {
$out .= "<input type=\"hidden\" name=\"commentname\" value=\"" . $_SESSION['user'] . "\" />\n";
$out .= "<input type=\"hidden\" name=\"commentemail\" value=\"" . $_SESSION['email'] . "\" />\n";
} else {
$out .= "<p><b>" . $newsmessage[30] . ":</b><br />\n";
$out .= "<input type=\"text\" name=\"commentname\" value=\"";
if ($editar) {
$out .= sanitize($_POST['commentname']);
}
$out .= "\" /></p>\n";
$out .= "<p><b>" . $newsmessage[31] . ":</b><br />\n";
$out .= "<input type=\"text\" name=\"commentemail\" value=\"";
if ($editar) {
$out .= sanitize($_POST['commentemail']);
}
$out .= "\"></p>\n";
}
$out .= "<p><b>" . $newsmessage[138] . ":</b><br />\n";
$out .= "<textarea name=\"commentmessage\">";
if ($editar) {
$out .= sanitize($_POST['commentmessage']);
}
$out .= "</textarea></p>\n";
if ($_SESSION['user'] != "") {
srand((double) microtime() * 1000000);
$a = rand(1, 99);
$_SESSION[session_id()] = $a;
$out .= "<input type=\"hidden\" name=\"secCode\" value=\"{$a}\" />\n";
} else {
$out .= "<p><b>{$newsmessage['99']}:<br />\n";
if ($set['extension'] == "0") {
//text catchpa - use this is your server doesn't display the catchpa image correctly
srand((double) microtime() * 1000000);
$a = rand(0, 9);
$b = rand(0, 9);
$c = $a + $b;
$out .= "<td>{$a} + {$b} = ";
$_SESSION[session_id()] = $c;
$out .= "<input type=\"text\" name=\"secCode\" maxlength=\"2\" style=\"width:20px\" /></p>\n";
// end of text catchpa
} else {
// image catchpa
$out .= catchpa() . "</p>\n";
// end of image catchpa
}
}
$out .= "<input type=\"hidden\" name=\"submit\" value=\"sendcomment\" />\n";
$out .= "<input type=\"hidden\" name=\"newsid\" value=\"{$newsid}\" />\n";
$out .= "<input type=\"submit\" class=\"submit\" value=\"{$newsmessage['137']}\" />\n</fieldset></form><br />\n";
return $out;
}
function register()
{
global $langmessage, $message, $prefix;
$message = "";
if ($_POST['submit'] == "enterregister") {
if ($_SESSION[session_id()] != $_POST['secCode']) {
$message = "<h3>{$langmessage['64']}</h3>\n";
}
if ($_POST['handle'] == "" || $_POST['password'] == "" || $_POST['password1'] == "" || $_POST['email'] == "") {
$message = "<h3>{$langmessage['101']}</h3>\n";
}
// check if both passwords match
if ($_POST['password'] != $_POST['password1']) {
$message = "<h3>{$langmessage['180']}</h3>\n";
}
if ($message == "") {
$handle = encode(sanitize(strip_tags($_POST['handle'])));
$password = sanitize($_POST['password']);
$email = sanitize(strip_tags($_POST['email']));
$fname = encode(sanitize(strip_tags($_POST['fname'])));
$lname = encode(sanitize(strip_tags($_POST['lname'])));
$website = sanitize(strip_tags($_POST['website']));
$location = encode(sanitize(strip_tags($_POST['location'])));
if (num_rows(dbquery("SELECT * FROM " . $prefix . "users WHERE handle=\"{$handle}\""))) {
$message = "<h3>{$langmessage['33']}</h3>\n";
}
}
if ($message == "") {
// all ok so far
$ip = $_SERVER['REMOTE_ADDR'];
$query = "INSERT INTO " . $prefix . "users (id, handle, password, adminlevel, ip, datejoined, email, firstname, lastname, website, location) VALUES (null, \"{$handle}\", \"" . sha1($password) . "\", 2, \"{$ip}\", " . time() . ", \"{$email}\", \"{$fname}\", \"{$lname}\", \"{$website}\", \"{$location}\")";
dbquery($query);
$message = "<h3>{$langmessage['27']}.</h3><p>{$langmessage['181']}</p>\n";
}
return $message;
} else {
$out = "<p>{$langmessage['174']}</p>\n";
$out .= "<form name=\"form1\" method=\"post\" action=\"\">\n";
$out .= "<table>\n";
$out .= "<tr><td align=\"right\">{$langmessage['155']} </td><td><input type=\"text\" name=\"handle\" value=\"\" /></td></tr>\n";
$out .= "<tr><td align=\"right\">{$langmessage['6']} </td><td><input type=\"password\" name=\"password\" value=\"\" /></td></tr>\n";
$out .= "<tr><td align=\"right\">{$langmessage['156']} </td><td><input type=\"password\" name=\"password1\" value=\"\" /></td></tr>\n";
$out .= "<tr><td align=\"right\">{$langmessage['158']} </td><td><input type=\"text\" name=\"email\" value=\"\" /></td></tr>\n";
$out .= "<tr><td align=\"right\">{$langmessage['166']} </td><td><input type=\"text\" name=\"fname\" value=\"\" /></td></tr>\n";
$out .= "<tr><td align=\"right\">{$langmessage['167']} </td><td><input type=\"text\" name=\"lname\" value=\"\" /></td></tr>\n";
$out .= "<tr><td align=\"right\">{$langmessage['10']} </td><td><input type=\"text\" name=\"website\" value=\"\" /></td></tr>\n";
$out .= "<tr><td align=\"right\">{$langmessage['169']} </td><td><input type=\"text\" name=\"location\" value=\"\" /></td></tr>\n";
$out .= "<tr><td align=\"right\">{$langmessage['63']}</td><td>" . catchpa() . "</td></tr>\n";
$out .= "<tr><td><input type=\"hidden\" name=\"submit\" value=\"enterregister\"></td><td><input type=\"submit\" name=\"aaa\" value=\"{$langmessage['179']}\"></td></tr>\n";
$out .= "</table></form>\n";
}
return $out;
}
