<?php
defined ('main') or die ('no direct access');
$title = $allgAr['title'] . ' :: News';
$hmenu = 'News';
$design = new design ($title , $hmenu);
$design->addheader('<link rel="alternate" type="application/atom+xml" title="News (Atom)" href="index.php?news-atom" />
<link rel="alternate" type="application/rss+xml" title="News (RSS)" href="index.php?news-rss" />');
function news_find_kat ($kat) {
$katpfad = 'include/images/news/';
$katjpg = $katpfad . $kat . '.jpg';
$katgif = $katpfad . $kat . '.gif';
$katpng = $katpfad . $kat . '.png';
if (file_exists($katjpg)) {
$pfadzumBild = $katjpg;
} elseif (file_exists ($katgif)) {
$pfadzumBild = $katgif;
} elseif (file_exists ($katpng)) {
$pfadzumBild = $katpng;
}
if (!empty($pfadzumBild)) {
$kategorie = '<img style="" src="' . $pfadzumBild . '" alt="' . $kat . '">';
} else {
$kategorie = '<b>' . $kat . '</b><br /><br />';
}
return ($kategorie);
}
function checkName($name) {
if (db_count_query("SELECT COUNT(name) FROM prefix_user WHERE name LIKE '$name'")) {
return false;
} else {
return true;
}
}
function checkKomName($name) {
$resp = new xajaxResponse();
if (checkName($name) OR loggedin()) {
$name = utf8_decode($name);
$resp->script('document.forms["komform"].submit();');
} else {
$resp->assign('komname', 'value' , '');
$resp->alert('Dieser Name ist bereits an einen User vergeben, benutze bitte einen anderen.');
$resp->script("document.getElementById('komname').focus();");
}
return $resp;
}
$xajax = new xajax('index.php?news-ajax');
$xajax->registerFunction('checkKomName');
$xajax->processRequest();
if ($menu->get(1) == 'ajax') {
exit();
}
if (!is_numeric($menu->get(1))) {
if ($menu->get(1) == 'rss' || $menu->get(1) == 'atom') {
$feed_type = $menu->get(1);
$abf = "SELECT MAX(news_time) AS last_update FROM prefix_news";
$erg = db_query($abf);
$row = db_fetch_assoc($erg);
$dbavatar = @db_result(db_query("SELECT avatar FROM prefix_user WHERE id = '".user_id."'"),0);
if (!empty($dbavatar)) { $avatar = '<img src="'.$avatar.'" border="0">'; } else { $avatar = '<img src="noavatar.jpg" border="0">'; }
$last_update = str_replace(' ', 'T', $row['last_update']) . 'Z';
$tn_id = intval(@db_result($news_opts = db_query("SELECT v1 FROM prefix_allg WHERE k = 'news' LIMIT 1"), 0));
$abf = "SELECT
a.news_title as title,
a.news_id as id,";
$abf .= ($feed_type == 'atom') ? 'a.news_time as datum,' : "DATE_FORMAT(a.news_time,'%a, %e %b %y %H:%i:%s') as datum,";
$abf .=
"a.news_kat as kate,
a.news_text as text,
b.name as username,
a.html
FROM prefix_news as a
LEFT JOIN prefix_user as b ON a.user_id = b.id
WHERE (a.news_recht | 1) = a.news_recht AND a.`show` > 0 AND a.`show` <= UNIX_TIMESTAMP() AND a.news_id != $tn_id AND a.`archiv` != 1 AND (a.endtime IS NULL OR a.endtime > UNIX_TIMESTAMP())
ORDER BY news_time DESC LIMIT 15";
$erg = db_query($abf);
$tpl = new tpl('news_' . $menu->get(1) . '.htm');
header('Content-type: application/' . $menu->get(1) . '+xml');
$tpl->set_ar_out(array('FEEDTITLE' => $allgAr['title'],
'UPDATED' => $last_update,
'SITEURL' => 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF'])), 0); while ($row = db_fetch_assoc($erg)) {
if ($feed_type == 'atom') {
$Z = (date('Z') > 0 ? '+' : '') . date('H:i:s', date('Z') + 23 * 3600);
$row['datum'] = str_replace(' ', 'T', $row['datum']) . $Z;
}
$a = explode('[PREVIEWENDE]', $row['text']);
$tpl->set_ar_out(array('TITLE' => $row['title'],
'TXT' => $row['html'] ? $a[0] : bbcode($a[0]),
'LINK' => 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php?news-' . $row['id'], 'AUTHOR' => $row['username'],
'DATE' => $row['datum']
), 1);
}
$tpl->out(2);
exit;
} else {
$design->header();
$limit = $allgAr['Nlimit'];
$page = ($menu->getA(1) == 'p' ? $menu->getE(1) : 1);
$tn_id = intval(@db_result($news_opts = db_query("SELECT v1, v2 FROM prefix_allg WHERE k = 'news' LIMIT 1"), 0, 0));
$tn_koms = @db_result($news_opts, 0, 1);
$tn_sql = db_query("SELECT news_title, news_text, news_recht, news_groups, html FROM prefix_news WHERE news_id = $tn_id AND `show` > 0 AND `show` <= UNIX_TIMESTAMP() AND (endtime IS NULL OR endtime > UNIX_TIMESTAMP())");
if (db_num_rows($tn_sql) > 0) {
$tn_r = db_fetch_object($tn_sql);
$dontShow = false;
if ((pow(2, abs($_SESSION['authright'])) | $tn_r->news_recht) != $tn_r->news_recht) {
$dontShow = true;
}
if ($dontShow) {
foreach($_SESSION['authgrp'] as $id => $bool) {
if ($bool and (pow(2, abs($id)) | $tn_r->news_groups) == $tn_r->news_groups) {
$dontShow = false;
break;
}
}
}
if (!$dontShow) {
$tn_tpl = new tpl ('news/top');
$tn_tpl->set('title', $tn_r->news_title);
$tn_tpl->set('koms', $tn_koms == '1' ? '<br /><a href="index.php?news-' . $tn_id . '">' . db_count_query("SELECT COUNT(id) FROM prefix_koms WHERE uid = $tn_id AND cat = 'NEWS'") . ' ' . $lang['comments'] . ' </a>' : '');
$tn_tpl->set_out('txt', $tn_r->html ? $tn_r->news_text : bbcode($tn_r->news_text), 0);
unset($tn_tpl);
}
}
if ($menu->get(1) != '' and ($menu->getA(1) != 'p' or $menu->getE(1) == 0)) {
$news_kat = 'news_kat = "'.$menu->get(1).'" AND';
$katmpl = '-'.$menu->get(1);
$page = ($menu->getA(2) == 'p' ? $menu->getE(2) : 1);
} else {
$news_kat = $katmpl = '';
$page = ($menu->getA(1) == 'p' ? $menu->getE(1) : 1);
}
$anfang = ($page - 1) * $limit;
$groups = getGroupRights();
$MPL = db_make_sites ($page , "WHERE (((" . pow(2, abs($_SESSION['authright'])) . " | news_recht) = news_recht) OR
(news_groups != 0 AND ((news_groups ^ $groups) != (news_groups | $groups)))) AND $news_kat `show` > 0 AND `show` <= UNIX_TIMESTAMP() AND news_id != $tn_id AND archiv != 1 AND (endtime IS NULL OR endtime > UNIX_TIMESTAMP())" , $limit , '?news'.$katmpl , 'news');
$tpl = new tpl ('news/news.htm');
$abf = "SELECT
a.news_title as title,
a.news_id as id,
DATE_FORMAT(a.news_time,'%d. %m. %Y - %H:%i Uhr') as datum,
DATE_FORMAT(a.news_time,'%W') as dayofweek,
a.news_kat as kate,
a.news_text as text,
b.name as username,
c.name as editorname,
a.html,
a.edit_time,
a.klicks,
b.avatar as avatar,
b.id as uid
FROM prefix_news as a
LEFT JOIN prefix_user as b ON a.user_id = b.id
LEFT JOIN prefix_user as c ON a.editor_id = c.id
WHERE (((" . pow(2, abs($_SESSION['authright'])) . " | a.news_recht) = a.news_recht) OR
(a.news_groups != 0 AND ((a.news_groups ^ $groups) != (a.news_groups | $groups)))) AND $news_kat
a.`show` > 0 AND a.`show` <= UNIX_TIMESTAMP() AND news_id != $tn_id AND a.`archiv` != 1 AND
(a.endtime IS NULL OR a.endtime > UNIX_TIMESTAMP())
ORDER BY a.news_time DESC
LIMIT " . $anfang . "," . $limit;
$erg = db_query($abf);
if (db_num_rows($erg) == 0 and !empty($news_kat)) {
echo 'Keine News in dieser Kategorie gefunden.<br />
<a href="index.php?news">Newsübersichtsseite aufrufen</a>';
$design->footer(1);
}
while ($row = db_fetch_assoc($erg)) {
$k0m = db_query("SELECT COUNT(ID) FROM `prefix_koms` WHERE uid = " . $row['id'] . " AND cat = 'NEWS'");
$row['kom'] = db_result($k0m, 0);
$row['useravatar'] = !empty($row['avatar']) && file_exists($row['avatar']) ? '<a href="index.php?user-details-'.$row['uid'].'"><img src="'.$row['avatar'].'" border="0" alt="'.$row['username'].'" title="'.$row['username'].'" /></a>' : 'n/a';
$row['kate'] = news_find_kat($row['kate']);
$row['datum'] = $lang[$row['dayofweek']] . ' ' . $row['datum'];
if (strpos ($row['text'] , '[PREVIEWENDE]') !== false) {
$a = explode('[PREVIEWENDE]' , $row['text']);
$row['text'] = $a[0];
$row['readwholenews'] = '<a href="index.php?news-' . $row['id'] . '" alt="mehr lesen" title="mehr lesen"><img src="include/images/icons/news/more.gif" alt="mehr lesen" border="0"></a>';
} else {
$row['readwholenews'] = '';
}
$row['klicks'] = '<img src="include/images/icons/news/counter.gif" alt="' . $row['klicks'] . ' mal gelesen" title="' . $row['klicks'] . ' mal gelesen" border="0">';
if (!$row['html']) {
$row['text'] = bbcode($row['text']);
}
$row['edit'] = is_null($row['edit_time']) ? '' : '<br /><i>zuletzt geändert am ' . date('d.m.Y - H:i', strtotime($row['edit_time'])) . ' Uhr';
if (!empty($row['edit']) and $row['editorname'] != $row['username']) {
$row['edit'] .= ' von ' . $row['editorname'] . '</i>';
} elseif (!empty($row['edit'])) {
$row['edit'] .= '</i>';
}
$tpl->set_ar_out($row, 0);
}
$tpl->set_out('SITELINK', $MPL, 1);
unset($tpl);
}
} else {
$design->header();
$xajax->printJavascript();
$nid = escape($menu->get(1), 'integer');
$erg = db_query("SELECT a.news_title,
a.news_id,
DATE_FORMAT(a.news_time,'%d. %m. %Y') as datum,
DATE_FORMAT(a.news_time,'%W') as dayofweek,
a.news_kat,
a.news_text,
a.news_recht,
a.news_groups,
a.html,
a.show,
b.name as username,
b.avatar as avatar,
b.id as userid
FROM prefix_news as a
LEFT JOIN prefix_user as b ON a.user_id = b.id
WHERE `a`.`show` > 0 AND `a`.`show` <= UNIX_TIMESTAMP() AND `a`.`news_id` = '" . $nid . "'");
if (db_num_rows($erg) == 0) {
$dontShow = true;
} else {
$dontShow = false;
$row = db_fetch_object($erg);
if ((pow(2, abs($_SESSION['authright'])) | $row->news_recht) != $row->news_recht) {
$dontShow = true;
}
if ($dontShow) {
foreach($_SESSION['authgrp'] as $id => $bool) {
if ($bool and (pow(2, abs($id)) | $row->news_groups) == $row->news_groups) {
$dontShow = false;
break;
}
}
}
}
if ($dontShow) {
echo 'News existiert nicht oder Sie haben keine Rechte sie zu sehen. <a href="javascript:history.back();">zurück</a>';
$design->footer(1);
}
$komsOK = true;
if ($allgAr['Ngkoms'] == 0) {
if (loggedin()) {
$komsOK = true;
} else {
$komsOK = false;
}
}
if ($allgAr['Nukoms'] == 0) {
$komsOK = false;
}
$kom_info = '';
if ((loggedin() OR chk_antispam ('newskom')) AND $komsOK AND !empty($_POST['name']) AND !empty($_POST['txt'])) {
$_POST['txt'] = escape($_POST['txt'], 'string');
$_POST['name'] = escape($_POST['name'], 'string');
if (checkName($_POST['name']) or loggedin()) {
if (loggedin()) {
$_POST['name'] = $_SESSION['authname'];
}
db_query("INSERT INTO `prefix_koms` (`uid`,`cat`,`name`,`text`) VALUES (" . $nid . ",'NEWS','" . $_POST['name'] . "','" . $_POST['txt'] . "')");
} else {
$kom_info = '<span style="color:red;">Dieser Name ist bereits an einen User vergeben, benutze bitte einen anderen.</span><br />';
}
}
if ($menu->getA(2) == 'd' AND is_numeric($menu->getE(2)) AND has_right(- 7, 'news')) {
$kommentar_id = escape($menu->getE(2), 'integer');
db_query("DELETE FROM prefix_koms WHERE uid = " . $nid . " AND cat = 'NEWS' AND id = " . $kommentar_id);
}
$kategorie = news_find_kat($row->news_kat);
$textToShow = $row->html ? $row->news_text : bbcode($row->news_text);
$textToShow = str_replace('[PREVIEWENDE]', '', $textToShow);
if (!empty($such)) {
$textToShow = markword($textToShow, $such);
}
$avatar = !empty($row->avatar) && file_exists($row->avatar) ? '<a href="index.php?user-details-'.$row->userid.'"><img src="'.$row->avatar.'" border="0" alt="'.$row->username.'" title="'.$row->username.'"></a>' : 'n/a';
db_query("UPDATE prefix_news SET klicks = klicks + 1 WHERE news_id = " . $nid);
$tpl = new tpl ('news/news.htm');
$ar = array (
'TEXT' => $textToShow,
'KATE' => $kategorie,
'AVATAR' => $avatar,
'USERID' => $row->userid,
'USERNAME' => $row->username,
'NID' => $nid,
'uname' => $_SESSION['authname'],
'ANTISPAM' => (loggedin()?'':get_antispam ('newskom', 0)),
'NAME' => $row->news_title,
'info' => $kom_info
);
$tpl->set_ar_out($ar, 2);
if ($komsOK) {
$tpl->set_ar_out (array ('NAME' => $row->news_title , 'NID' => $nid, 'style' => loggedin() ? 'style="display:none;"' : ''), 3);
}
$erg1 = db_query("SELECT `a`.`text`, `a`.`name`, `a`.`id`, `b`.`id` AS `userid`, `b`.`name` AS `username`, `b`.`avatar`
FROM `prefix_koms` AS `a`
LEFT JOIN `prefix_user` AS `b` ON `a`.`name` = `b`.`name`
WHERE `a`.`uid` = " . $nid . " AND `a`.`cat` = 'NEWS' ORDER BY `a`.`id` DESC");
$ergAnz1 = db_num_rows($erg1);
if ( $ergAnz1 == 0 ) {
echo '<b>'.$lang['nocomments'].'</b>';
} else {
$zahl = $ergAnz1;
while ($row1 = db_fetch_assoc($erg1)) {
$username = empty($row1['userid']) ? '<em>Gast:</em> '.$row1['name'] : '<a href="index.php?user-details-'.$row1['userid'].'">'.$row1['username'].'</a>';
$komavatar = (empty($row1['userid']) ? '' : (!empty($row1['avatar']) && file_exists($row1['avatar']) ? '<a href="index.php?user-details-'.$row1['userid'].'"><img src="'.$row1['avatar'].'" border="0" alt="'.$row1['username'].'" title="'.$row1['username'].'"></a>' : '<img src="include/images/avatars/wurstegal.jpg" alt="Kein Avatar" />'));
$row1['text'] = bbcode(trim($row1['text']));
if (has_right(-7, 'news')) {
$row1['text'] .= '<a href="?news-'.$nid.'-d'.$row1['id'].'"><img src="include/images/icons/del.gif" alt="löschen" border="0" title="löschen" /></a>';
}
$tpl->set_ar_out( array('NAME' => $username,
'AVATAR' => $komavatar,
'TEXT' => $row1['text'],
'ZAHL' => $zahl ) , 4 );
$zahl--;
}
}
$tpl->out(5);
}
$design->footer();
?>
Auch dir Lord riesen Dank für deine Mühe.
Poste dir hier Morgen den Code 
Zitat
