sendmail($email, 'NEWPM', $input); } message($apx->lang->get('MSG_OK'), mklink('user.php?action=pms&dir=out', 'user,pms,out.html')); } } else { if ($_POST['preview']) { $text = $_POST['text']; if ($set['user']['pm_badwords']) { $text = badwords($text); } $text = replace($text, 1); if ($set['user']['pm_allowsmilies']) { $text = dbsmilies($text); } if ($set['user']['pm_allowcode']) { $text = dbcodes($text); } $apx->tmpl->assign('PREVIEW', $text); $apx->tmpl->assign('USERNAME', compatible_hsc($_POST['touser'])); $apx->tmpl->assign('SUBJECT', compatible_hsc($_POST['subject'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('ADDSIG', intval($_POST['addsig'])); } else { $text = ''; if ($_REQUEST['answer']) { $res = $db->first("SELECT a.subject,a.text,b.userid,b.username,c.username AS username2 FROM " . PRE . "_user_pms AS a LEFT JOIN " . PRE . "_user AS b ON a.fromuser=b.userid LEFT JOIN " . PRE . "_user AS c ON a.touser=c.userid WHERE ( a.id='" . $_REQUEST['answer'] . "' AND ( a.touser='******'userid'] . "' OR a.fromuser='******'userid'] . "' ) )"); if ($res['userid'] == $user->info['userid']) { $username = compatible_hsc($res['username2']); $subject = compatible_hsc($res['subject']); $text = '[QUOTE]' . compatible_hsc($res['text']) . "[/QUOTE]\n"; } else {
function mksig($info, $nospacer = false) { global $set; $text = $info['signature']; if (!$text) { return ''; } if ($set['user']['sig_badwords']) { $text = badwords($text); } $text = replace($text, 1); if ($set['user']['sig_allowsmilies']) { $text = dbsmilies($text); } if ($set['user']['sig_allowcode']) { $text = dbcodes($text, 1); } if (!$nospacer) { $text = $set['user']['sigspace'] . $text; } return $text; }
function addcom() { global $db, $apx, $user; $_POST['mid'] = (int) $_POST['mid']; if (!$_POST['mid']) { die('missing mID!'); } //if ( !$apx->is_module($_POST['module']) ) die('invalid MODULE!'); $apx->lang->drop('add', 'comments'); list($spam) = $db->first("SELECT time FROM " . PRE . "_comments WHERE ( module='" . addslashes($_POST['module']) . "' AND ip='" . get_remoteaddr() . "' AND mid='" . $_POST['mid'] . "' ) ORDER BY time DESC"); //Captcha prüfen if ($this->set['captcha'] && !$user->info['userid']) { require BASEDIR . 'lib/class.captcha.php'; $captcha = new captcha(); $captchafailed = $captcha->check(); } if ($user->info['userid']) { if ($captchafailed) { message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()'); } elseif ($this->ip_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKIP'), 'back'); } elseif (!$_POST['text'] || $this->set['req_title'] && !$_POST['title']) { message('back'); } elseif ($this->text_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back'); } elseif ($this->set['maxlen'] && strlen($_POST['text']) > $this->set['maxlen']) { message($apx->lang->get('MSG_COM_TOOLONG'), 'back'); } elseif ($spam + $this->set['spamprot'] * 60 > time()) { message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back'); } else { if ($this->set['mod'] && !$user->is_team_member()) { $_POST['active'] = 0; } else { $_POST['active'] = 1; } $_POST['userid'] = $user->info['userid']; $_POST['username'] = $user->info['username']; $_POST['time'] = time(); $_POST['ip'] = get_remoteaddr(); $db->dinsert(PRE . '_comments', 'module,mid,userid,username,title,text,time,notify,ip,active'); $comid = $db->insert_id(); //eMail-Benachrichtigung (Admin) if ($this->set['mailonnew']) { $text = strip_tags(dbcodes($_POST['text'])); $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text); sendmail($this->set['mailonnew'], 'SENDCOM', $input); } //eMail-Benachrichtigung (User) if ($_POST['active']) { $data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "' AND c.userid!=" . $user->info['userid'] . "\n\t\t\t\t\t"); if (count($data)) { foreach ($data as $res) { $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']); sendmail($res['email'], 'NOTIFYCOM', $input); } } //Notify zurücksetzen $db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'"); } //Captcha löschen if ($this->set['captcha'] && !$user->info['userid']) { $captcha->remove(); } message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI'])); } } elseif ($this->set['pub']) { if (!checkmail($_POST['email'])) { if ($this->set['req_email']) { $emailnotvalid = true; } else { $_POST['email'] = ''; } } if ($captchafailed) { message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()'); } elseif ($this->ip_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKIP'), 'back'); } elseif (!$_POST['username'] || !$_POST['text'] || $this->set['req_email'] && !$_POST['email'] || $this->set['req_homepage'] && !$_POST['homepage'] || $this->set['req_title'] && !$_POST['title']) { message('back'); } elseif ($_POST['notify'] && !$_POST['email']) { message($apx->lang->get('MSG_COM_MAILNEEDED'), 'back'); } elseif ($this->text_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back'); } elseif ($this->set['entrymaxlen'] && strlen($_POST['text']) > $this->set['entrymaxlen']) { message($apx->lang->get('MSG_COM_TOOLONG'), 'back'); } elseif ($emailnotvalid) { message($apx->lang->get('MSG_COM_EMAILNOTVALID'), 'back'); } elseif ($spam + $this->set['spamprot'] * 60 > time()) { message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back'); } else { if (substr($_POST['homepage'], 0, 4) == 'www.') { $_POST['homepage'] = 'http://' . $_POST['homepage']; } if ($this->set['mod']) { $_POST['active'] = 0; } else { $_POST['active'] = 1; } $_POST['time'] = time(); $_POST['ip'] = get_remoteaddr(); $db->dinsert(PRE . '_comments', 'module,mid,userid,username,email,homepage,title,text,time,notify,ip,active'); //eMail-Benachrichtigung (Admin) if ($this->set['mailonnew']) { $text = strip_tags(dbcodes($_POST['text'])); $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text); sendmail($this->set['mailonnew'], 'SENDCOM', $input); } //eMail-Benachrichtigung (User) if ($_POST['active']) { $data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "'\n\t\t\t\t\t"); if (count($data)) { foreach ($data as $res) { $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']); sendmail($res['email'], 'NOTIFYCOM', $input); } } //Notify zurücksetzen $db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'"); } //Captcha löschen if ($this->set['captcha'] && !$user->info['userid']) { $captcha->remove(); } message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI'])); } } }
function user_blogs_last($count = 5, $start = 0, $friendsonly = false, $userid = 0, $template = 'lastblogs') { global $set, $db, $apx, $user; $tmpl = new tengine(); $count = (int) $count; $start = (int) $start; $userid = (int) $userid; //Verwendete Variablen auslesen $parse = $apx->tmpl->used_vars('functions/' . $template, 'user'); //Nach Freunde filtern $friendfilter = ''; if ($friendsonly) { $friends = $user->get_buddies(); $friends[] = -1; $friendfilter = " AND userid IN (" . implode(',', $friends) . ") "; } //Nach Benutzer filtern $userfilter = ''; if ($userid) { $userfilter = " AND userid='" . $userid . "'"; } $data = $db->fetch("SELECT * FROM " . PRE . "_user_blog WHERE 1 " . $userfilter . $friendfilter . " ORDER BY time DESC LIMIT " . iif($start, $start . ',') . $count); if (count($data)) { //Benutzer-Infos auslesen $userdata = array(); if (in_template(array('BLOG.USERNAME', 'BLOG.REALNAME', 'BLOG.AVATAR', 'BLOG.AVATER_TITLE'), $parse)) { $userids = get_ids($data, 'userid'); $userdata = $user->get_info_multi($userids, 'username,realname,avatar,avatar_title'); } //Blogs auflisten $tabledata = array(); foreach ($data as $res) { ++$i; $link = mklink('user.php?action=blog&id=' . $res['userid'] . '&blogid=' . $res['id'], 'user,blog,' . $res['userid'] . ',id' . $res['id'] . urlformat($res['title']) . '.html'); //Text $text = ''; if (in_array('BLOG.TEXT', $parse)) { $text = $res['text']; $text = badwords($text); $text = replace($text, 1); $text = dbsmilies($text); $text = dbcodes($text); } $tabledata[$i]['ID'] = $res['id']; $tabledata[$i]['TITLE'] = replace($res['title']); $tabledata[$i]['TEXT'] = $res['text']; $tabledata[$i]['LINK'] = $link; $tabledata[$i]['TIME'] = $res['time']; //Userinfo $userinfo = $userdata[$res['userid']]; $tabledata[$i]['USERID'] = $res['userid']; $tabledata[$i]['USERNAME'] = replace($userinfo['username']); $tabledata[$i]['REALNAME'] = replace($userinfo['realname']); $tabledata[$i]['AVATAR'] = $user->mkavatar($userinfo); $tabledata[$i]['AVATAR_TITLE'] = $user->mkavtitle($userinfo); //Kommentare if ($apx->is_module('comments') && $res['allowcoms']) { require_once BASEDIR . getmodulepath('comments') . 'class.comments.php'; if (!isset($coms)) { $coms = new comments('userblog', $res['id']); } else { $coms->mid = $res['id']; } $link = mklink('user.php?action=blog&id=' . $res['userid'] . '&blogid=' . $res['id'], 'user,blog,' . $res['userid'] . ',id' . $res['id'] . urlformat($res['title']) . '.html'); $tabledata[$i]['COMMENT_COUNT'] = $coms->count(); $tabledata[$i]['COMMENT_LINK'] = $coms->link($link); $tabledata[$i]['DISPLAY_COMMENTS'] = 1; if (in_template(array('BLOG.COMMENT_LAST_USERID', 'BLOG.COMMENT_LAST_NAME', 'BLOG.COMMENT_LAST_TIME'), $parse)) { $tabledata[$i]['COMMENT_LAST_USERID'] = $coms->last_userid(); $tabledata[$i]['COMMENT_LAST_NAME'] = $coms->last_name(); $tabledata[$i]['COMMENT_LAST_TIME'] = $coms->last_time(); } } } } $tmpl->assign('BLOG', $tabledata); //Template ausgeben $tmpl->parse('functions/' . $template, 'user'); }