$_POST['send_username'] = $_POST['send_email'] = '';
} else {
$_POST['userid'] = 0;
}
$_POST['addtime'] = time();
$_POST['send_ip'] = get_remoteaddr();
$_POST['secid'] = 'all';
$_POST['text'] = strtr(strip_tags($_POST['text']), array("\r\n" => "<br />\r\n", "\n" => "<br />\n"));
//eMail-Benachrichtigung
if ($set['links']['mailonnew']) {
$input = array('URL' => HTTP);
sendmail($set['links']['mailonnew'], 'SENDLINK', $input);
}
//Captcha löschen
if ($set['links']['captcha'] && !$user->info['userid']) {
$captcha->remove();
}
$db->dinsert(PRE . '_links', 'userid,secid,send_username,send_email,send_ip,catid,title,url,text,addtime');
message($apx->lang->get('MSG_OK'), mklink('links.php', 'links.html'));
}
//SCRIPT BEENDEN
require 'lib/_end.php';
}
////////////////////////////////////////////////////////////////////////////////////////////////////////
//Kategorien auflisten
require_once BASEDIR . 'lib/class.recursivetree.php';
$tree = new RecursiveTree(PRE . '_links_cat', 'id');
$data = $tree->getTree(array('title', 'open'));
if (count($data)) {
foreach ($data as $res) {
++$i;
function addcom()
{
global $db, $apx, $user;
$_POST['mid'] = (int) $_POST['mid'];
if (!$_POST['mid']) {
die('missing mID!');
}
//if ( !$apx->is_module($_POST['module']) ) die('invalid MODULE!');
$apx->lang->drop('add', 'comments');
list($spam) = $db->first("SELECT time FROM " . PRE . "_comments WHERE ( module='" . addslashes($_POST['module']) . "' AND ip='" . get_remoteaddr() . "' AND mid='" . $_POST['mid'] . "' ) ORDER BY time DESC");
//Captcha prüfen
if ($this->set['captcha'] && !$user->info['userid']) {
require BASEDIR . 'lib/class.captcha.php';
$captcha = new captcha();
$captchafailed = $captcha->check();
}
if ($user->info['userid']) {
if ($captchafailed) {
message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()');
} elseif ($this->ip_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKIP'), 'back');
} elseif (!$_POST['text'] || $this->set['req_title'] && !$_POST['title']) {
message('back');
} elseif ($this->text_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back');
} elseif ($this->set['maxlen'] && strlen($_POST['text']) > $this->set['maxlen']) {
message($apx->lang->get('MSG_COM_TOOLONG'), 'back');
} elseif ($spam + $this->set['spamprot'] * 60 > time()) {
message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back');
} else {
if ($this->set['mod'] && !$user->is_team_member()) {
$_POST['active'] = 0;
} else {
$_POST['active'] = 1;
}
$_POST['userid'] = $user->info['userid'];
$_POST['username'] = $user->info['username'];
$_POST['time'] = time();
$_POST['ip'] = get_remoteaddr();
$db->dinsert(PRE . '_comments', 'module,mid,userid,username,title,text,time,notify,ip,active');
$comid = $db->insert_id();
//eMail-Benachrichtigung (Admin)
if ($this->set['mailonnew']) {
$text = strip_tags(dbcodes($_POST['text']));
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text);
sendmail($this->set['mailonnew'], 'SENDCOM', $input);
}
//eMail-Benachrichtigung (User)
if ($_POST['active']) {
$data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "' AND c.userid!=" . $user->info['userid'] . "\n\t\t\t\t\t");
if (count($data)) {
foreach ($data as $res) {
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']);
sendmail($res['email'], 'NOTIFYCOM', $input);
}
}
//Notify zurücksetzen
$db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'");
}
//Captcha löschen
if ($this->set['captcha'] && !$user->info['userid']) {
$captcha->remove();
}
message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
}
} elseif ($this->set['pub']) {
if (!checkmail($_POST['email'])) {
if ($this->set['req_email']) {
$emailnotvalid = true;
} else {
$_POST['email'] = '';
}
}
if ($captchafailed) {
message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()');
} elseif ($this->ip_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKIP'), 'back');
} elseif (!$_POST['username'] || !$_POST['text'] || $this->set['req_email'] && !$_POST['email'] || $this->set['req_homepage'] && !$_POST['homepage'] || $this->set['req_title'] && !$_POST['title']) {
message('back');
} elseif ($_POST['notify'] && !$_POST['email']) {
message($apx->lang->get('MSG_COM_MAILNEEDED'), 'back');
} elseif ($this->text_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back');
} elseif ($this->set['entrymaxlen'] && strlen($_POST['text']) > $this->set['entrymaxlen']) {
message($apx->lang->get('MSG_COM_TOOLONG'), 'back');
} elseif ($emailnotvalid) {
message($apx->lang->get('MSG_COM_EMAILNOTVALID'), 'back');
} elseif ($spam + $this->set['spamprot'] * 60 > time()) {
message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back');
} else {
if (substr($_POST['homepage'], 0, 4) == 'www.') {
$_POST['homepage'] = 'http://' . $_POST['homepage'];
}
if ($this->set['mod']) {
$_POST['active'] = 0;
} else {
$_POST['active'] = 1;
}
$_POST['time'] = time();
$_POST['ip'] = get_remoteaddr();
$db->dinsert(PRE . '_comments', 'module,mid,userid,username,email,homepage,title,text,time,notify,ip,active');
//eMail-Benachrichtigung (Admin)
if ($this->set['mailonnew']) {
$text = strip_tags(dbcodes($_POST['text']));
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text);
sendmail($this->set['mailonnew'], 'SENDCOM', $input);
}
//eMail-Benachrichtigung (User)
if ($_POST['active']) {
$data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "'\n\t\t\t\t\t");
if (count($data)) {
foreach ($data as $res) {
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']);
sendmail($res['email'], 'NOTIFYCOM', $input);
}
}
//Notify zurücksetzen
$db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'");
}
//Captcha löschen
if ($this->set['captcha'] && !$user->info['userid']) {
$captcha->remove();
}
message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
}
}
}
