ilch.de :: Forum :: Ilch Clan 1.1 :: Fehlersuche und Probleme

Ich war einfach mal so frei und hab das ganze flott gefixed...
<?php 
#   Copyright by: Manuel
#   Support: www.ilch.de
#   Fixed by: Christopher Back


defined ('main') or die ( 'no direct access' );

$title = $allgAr['title'].' :: G&auml;stebuch';
$hmenu = 'G&auml;stebuch';
$design = new design ( $title , $hmenu );
$design->header();

# time sperre in sekunden
$timeSperre = $allgAr['Gsperre'];

# ip
$ip = getenv('REMOTE_ADDR');

/*

  gbook
	
	id , name , mail , page , ip , time , txt

*/

switch($menu->get(1)) {
case 1 :

	$tpl = new tpl ( 'gbook.htm' );
	$ar = array (
    'uname' => $_SESSION['authname'],
    'SMILIES' => getsmilies(),
		'ANTISPAM' => get_antispam ('gbook', 1),
    'TXTL' => $allgAr['Gtxtl']
  );
	$tpl->set_ar_out($ar,3);
  
  if (!isset($_SESSION['klicktime'])) { $_SESSION['klicktime'] = 0; }
  
break;
case 2 :

  $dppk_time = time();
 
  if (($_SESSION['klicktime'] + $timeSperre) < $dppk_time
  AND isset($_POST['name'])
  AND isset($_POST['txt'])
  AND trim($_POST['name']) != ""
  AND trim($_POST['txt']) != ""
  AND chk_antispam ('gbook' )
  AND strlen ($_POST['txt']) <= $allgAr['Gtxtl'] ) {

    $txt = escape($_POST['txt'], 'textarea');
	  $name = escape($_POST['name'], 'string');
	  $mail = escape($_POST['mail'], 'string');
	  $page = escape($_POST['page'], 'string');
	
  	db_query("INSERT INTO prefix_gbook (name, mail, page, time, ip, txt) VALUES ('".$name."','".$mail."','".$page."', '".time()."','".$ip."','".$txt."')");
   
					
    
    $_SESSION['klicktime'] = $dppk_time;
    wd('index.php?gbook',$lang['insertsuccessful']);
	} else {
	  echo '- '.$lang['donotpostsofast'];
	  echo '<br />- '.sprintf($lang['gbooktexttolong'], $allgAr['Gtxtl']);
	  echo '<br />- '.$lang['plsfilloutallfields'];
	}	
  break;
case 'show' :
  if ($allgAr['gbook_koms_for_inserts'] == 1) {
    $id = escape($menu->get(2), 'integer');
    if ((loggedin() OR chk_antispam('gbookkom')) AND isset($_POST['name']) AND isset($_POST['text'])) {
      $name = escape($_POST['name'], 'string');
      $text = escape($_POST['text'], 'string');
      db_query("INSERT INTO prefix_koms (name,text,uid,cat) VALUES ('".$name."', '".$text."', ".$id.", 'GBOOK')");
    }
    if ($menu->getA(3) == 'd' AND is_numeric($menu->getE(3)) AND has_right(-7, 'gbook')) {
      $did = escape($menu->getE(3), 'integer');
      db_query("DELETE FROM prefix_koms WHERE uid = ".$id." AND cat = 'GBOOK' AND id = ".$did);
    }
    

    $r  = db_fetch_assoc(db_query("SELECT time, name, mail, page, txt as text, id FROM prefix_gbook WHERE id = ".$id));
    $r['datum'] = date('d.m.Y', $r['time']);
    if ($r['page'] != '') {
      $r['page'] = get_homepage($r['page']);
      $r['page'] = ' &nbsp; <a href="'.$r['page'].'" target="_blank"><img src="include/images/icons/page.gif" border="0" alt="Homepage '.$lang['from'].' '.$r['name'].'"></a>'; 
		}
		if ($r['mail'] != '') { 
	    $r['mail'] = ' &nbsp; <a href="mailto:'.escape_email_to_show($r['mail']).'"><img src="include/images/icons/mail.gif" border="0" alt="E-Mail '.$lang['from'].' '.$r['name'].'"></a>'; 
		}
    
    $tpl = new tpl ( 'gbook.htm' );
		$r['ANTISPAM'] = (loggedin()?'':get_antispam('gbookkom', 0));
    $r['uname'] = $_SESSION['authname'];
    $tpl->set_ar_out($r, 4);
    $i = 1;
    $erg = db_query("SELECT id, name, text FROM prefix_koms WHERE uid = ".$id." AND cat = 'GBOOK' ORDER BY id DESC");
    while ($r1 = db_fetch_assoc($erg)) {
      $r1['zahl'] = $i;
      $r1['text'] = bbcode($r1['text']);
      if (has_right(-7, 'gbook')) { $r1['text'] .= '<a href="index.php?gbook-show-'.$id.'-d'.$r1['id'].'"><img src="include/images/icons/del.gif" alt="'.$lang['delete'].'" border="0" title="'.$lang['delete'].'" /></a>'; }
      $tpl->set_ar_out($r1, 5);
      $i++;
    }
    $tpl->out(6);
  }
  break;
default :

  $limit = $allgAr['gbook_posts_per_site'];  // Limit 
  $page = ( $menu->getA(1) == 'p' ? escape($menu->getE(1), 'integer') : 1 );
  $MPL = db_make_sites ($page , "" , $limit , "?gbook" , 'gbook' );
  $anfang = ($page - 1) * $limit;
  
	$tpl = new tpl ( 'gbook.htm' );
	
  $ei1 = @db_query("SELECT COUNT(ID) FROM prefix_gbook"); 
  $ein    = @db_result($ei1,0);
	
	$ar = array ('EINTRAGE' => $ein );
	$tpl->set_ar_out($ar,0);
	
	$erg = db_query("SELECT * FROM prefix_gbook ORDER BY time DESC LIMIT ".$anfang.",".$limit) or die (db_error());
	while ($row = db_fetch_object($erg)) {
	  
    $page = '';
    $mail = '';
		if ($row->page) {
      $row->page = get_homepage($row->page);
      $page = ' &nbsp; <a href="'.$row->page.'" target="_blank"><img src="include/images/icons/page.gif" border="0" alt="Homepage '.$lang['from'].' '.$row->name.'"></a>'; 
		}
		if ($row->mail) { 
	    $mail = ' &nbsp; <a href="mailto:'.escape_email_to_show($row->mail).'"><img src="include/images/icons/mail.gif" border="0" alt="E-Mail '.$lang['from'].' '.$row->name.'"></a>'; 
		}
    $koms = '';
    if ($allgAr['gbook_koms_for_inserts'] == 1) {
      $koms = db_result(db_query("SELECT COUNT(*) FROM prefix_koms WHERE uid = ".$row->id." AND cat = 'GBOOK'"),0,0);
      $koms = '<a href="index.php?gbook-show-'.$row->id.'">'.$koms.' '.$lang['comments'].'</a>';
    }
    
		$ar = array ( 'NAME' => $row->name,
		                'DATE' => date("d.m.Y",$row->time),
                    'koms' => $koms,
										'MAIL' => $mail,
										'ID'   => $row->id,
										'PAGE' => $page,
										'TEXT' => BBCode($row->txt)
		  );
      
			$tpl->set_ar_out($ar,1);
	}
	$tpl->set_out('SITELINK', $MPL, 2 );
break;
}

//-----------------------------------------------------------|

$design->footer();

?>
Beitrag zur Merkliste hinzufügen

ilch Forum » Ilch Clan 1.1 » Fehlersuche und Probleme » [FIX] 1.1 C Gbook
