<?php
defined (
'main'
)
or
die
(
'no direct access'
);
include
(
'include/includes/js/shbox/shboxfunc.php'
);
$abf
= db_query(
'SELECT * FROM `prefix_shbox_config` WHERE id="1"'
);
$conf
= db_fetch_assoc(
$abf
);
echo
'
<table width=
"'.$conf['tabellewidth'].'%"
height=
""
border=
"0"
gcolor=
""
cellspacing=
"0"
cellpadding=
"0"
>
<tr>
<td>
';
$postname
= escape(
$_POST
[
'xname'
],
'string'
);
$postnamex
=
'*GAST*'
;
$tags
=
array
(
'[img]'
,
'[url]'
,
'[IMG]'
,
'[URL]'
,
'[/img]'
,
'[/url]'
,
'[/IMG]'
,
'[/URL]'
,
'[COLOR]'
,
'[/COLOR]'
,
'[color]'
,
'[/color]'
,
'http'
,
'www'
,
'://'
);
$posttxt
= escape(
$_POST
[
'xtxt'
],
'textarea'
);
$posttxt
=
str_replace
(
$tags
,
''
, escape(
$_POST
[xtxt],
'string'
));
$posttxt
=
strip_tags
(
$posttxt
);
if
(isset(
$_POST
[
'subshbox'
]))
{
if
(
$posttxt
==
''
){
}
else
{
if
( loggedin() )
{
if
( isset(
$_POST
[
'xtxt'
]) AND !
empty
(
$_POST
[
'xdate'
]) AND !
empty
(
$_POST
[
'xname'
]) AND !
empty
(
$_POST
[
'xip'
]) )
{
db_query("INSERT INTO prefix_shbox (`txt`,`
date
`,`name`,`ip`) VALUES
(
'".$posttxt."'
,
'".escape($_POST[xdate],'
string
')."'
,
'".$postname."'
,
'".escape($_POST[xip],'
string
')."'
)");
}
}
else
{
$abfs
= db_query(
"SELECT id FROM prefix_user WHERE name = BINARY '"
.
$postname
.
"'"
);
if
(db_num_rows(
$abfs
) > 0)
{
if
(
$conf
[
'spam'
] == AN)
{
if
(
$_POST
[
'sz'
] ==
$_POST
[
'xspam'
])
{
if
( isset(
$_POST
[
'xtxt'
]) AND !
empty
(
$_POST
[
'xdate'
]) AND !
empty
(
$_POST
[
'xname'
]) AND !
empty
(
$_POST
[
'xip'
]) )
{
db_query("INSERT INTO prefix_shbox (`txt`,`
date
`,`name`,`ip`) VALUES
(
'".$posttxt."'
,
'".escape($_POST[xdate],'
string
')."'
,
'".$postnamex."'
,
'".escape($_POST[xip],'
string
')."'
)");
}
}
}
else
{
if
( isset(
$_POST
[
'xtxt'
]) AND !
empty
(
$_POST
[
'xdate'
]) AND !
empty
(
$_POST
[
'xname'
]) AND !
empty
(
$_POST
[
'xip'
]) )
{
db_query("INSERT INTO prefix_shbox (`txt`,`
date
`,`name`,`ip`) VALUES
(
'".$posttxt."'
,
'".escape($_POST[xdate],'
string
')."'
,
'".$postnamex."'
,
'".escape($_POST[xip],'
string
')."'
)");
}
}
}
else
{
if
(
$conf
[
'spam'
] == AN)
{
if
(escape(
$_POST
[
'sz'
],
'string'
) == escape(
$_POST
[
'xspam'
],
'string'
))
{
if
( isset(
$_POST
[
'xtxt'
]) AND !
empty
(
$_POST
[
'xdate'
]) AND !
empty
(
$_POST
[
'xname'
]) AND !
empty
(
$_POST
[
'xip'
]) )
{
db_query("INSERT INTO prefix_shbox (`txt`,`
date
`,`name`,`ip`) VALUES
(
'".$posttxt."'
,
'".escape($_POST[xdate],'
string
')."'
,
'".$postname."'
,
'".escape($_POST[xip],'
string
')."'
)");
}
}
}
else
{
if
( isset(
$_POST
[
'xtxt'
]) AND !
empty
(
$_POST
[
'xdate'
]) AND !
empty
(
$_POST
[
'xname'
]) AND !
empty
(
$_POST
[
'xip'
]) )
{
db_query("INSERT INTO prefix_shbox (`txt`,`
date
`,`name`,`ip`) VALUES
(
'".$posttxt."'
,
'".escape($_POST[xdate],'
string
')."'
,
'".$postname."'
,
'".escape($_POST[xip],'
strng
')."'
)");
}
}
}
}
}
}
$ILCH_HEADER_ADDITIONS
.= '
<link rel=
"stylesheet"
type=
"text/css"
href=
"include/includes/js/shbox/shbox.css"
>
<script type=
"text/javascript"
charset=
"utf-8"
src=
"include/includes/js/shbox/shbox.js"
></script>
<script language=
"JavaScript"
type=
"text/javascript"
>
window.onload =
"fetch()"
;
interval = window.setInterval(
"fetch();"
,
'.$conf['
setinterval
'].'
);
</script>
';
$datum
=
date
(
"$conf[datumformat]"
);
$hr
=
'<hr style="height:0px;border:solid '
.
$conf
[
'hrcolor'
].
' 0px;border-top-width: 1px;" />'
;
if
(
$conf
[
'ip'
] == JA)
{
$ips
=
$_SERVER
[
'REMOTE_ADDR'
];
$ip
=
'<br />Deine IP : '
.
$_SERVER
[
'REMOTE_ADDR'
].
''
;
}
else
{
$ip
=
''
;
}
srand ((double) microtime() * 1000000);
$sz
= rand(999,10000);
if
(
$conf
[
'spam'
] == AN)
{
$spam
= '
<table border=
"0"
bgcolor=
"'.$conf['tabellecolor'].'"
cellpadding=
"0"
cellspacing=
"0"
>
<tr>
<td align=
"center"
>
<input type=
"hidden"
name=
"sz"
value=
"'.$sz.'"
/>
'.$sz.'
<input name=
"xspam"
size=
"4"
maxlength=
"4"
value=
""
/>
</td>
</tr>
</table>
';
}
else
{
$spam
=
''
;
}
if
(
$conf
[
'smilies'
] == JA)
{
$smilies
= shboxsmilies();
}
else
{
$smilies
=
''
;
}
if
( loggedin() )
{
$abf
=
'SELECT id, name, avatar FROM prefix_user WHERE name = "'
.escape(
$_SESSION
[
'authname'
],
'string'
).
'"'
;
$erg
= db_query(
$abf
);
$row
= db_fetch_object(
$erg
);
{
$tabellew
=
$conf
[
'tabellewidth'
];
$tabelleh
=
$conf
[
'tabelleheight'
];
if
(
$conf
[
'anzeige'
] == 0)
{
if
(
file_exists
(
$row
->avatar))
{
$avatar
=
'<img src="'
.
$row
->avatar.
'" border="0" height="'
.
$conf
[
'avatarx'
].
'" width="'
.
$conf
[
'avatary'
].
'">'
;
}
else
{
$avatar
=
$_SESSION
[
'authname'
];
}
}
else
{
$avatar
=
$_SESSION
[
'authname'
];
}
}
$tpl
=
new
tpl (
'shbox'
);
$ar
=
array
(
'txt'
=>
$text
= escape(
$_POST
[
'txt'
],
'textarea'
),
'CLASS'
=>
$class
,
'SMILIES'
=>
$smilies
,
'IP'
=>
$ip
,
'IPS'
=>
$ips
,
'USER'
=>
$_SESSION
[
'authname'
],
'AVATAR'
=>
$avatar
,
'HR'
=>
$hr
,
'DATE'
=>
$datum
,
'TXTROWS'
=>
$conf
[
'textrows'
],
'TXTCOLS'
=>
$conf
[
'textcols'
],
'TXTCOLOR'
=>
$conf
[
'textgroundcolor'
],
'TCOLOR'
=>
$conf
[
'tabellecolor'
],
'TABELLEH'
=>
$tabelleh
,
'TABELLEW'
=>
$tabellew
);
$tpl
->set_ar_out(
$ar
, 0);
}
elseif
(
$conf
[
'gastrecht'
] == AN)
{
$gast
=
''
.
$conf
[
'nametext'
].
'<br /><input name="xname" size="'
.
$conf
[
'namesize'
].
'" maxlength="'
.
$conf
[
'namelänge'
].
'" style="background-color:'
.
$conf
[
'namegroundcolor'
].
'" value="GAST" />'
;
$tpl
=
new
tpl (
'shbox'
);
$ar
=
array
(
'txt'
=>
$text
= escape(
$_POST
[
'txt'
],
'textarea'
),
'CLASS'
=>
$class
,
'SMILIES'
=>
$smilies
,
'IP'
=>
$ip
,
'IPS'
=>
$ips
,
'GAST'
=>
$gast
,
'HR'
=>
$hr
,
'DATE'
=>
$datum
,
'SPAM'
=>
$spam
,
'TXTROWS'
=>
$conf
[
'textrows'
],
'TXTCOLS'
=>
$conf
[
'textcols'
],
'TXTCOLOR'
=>
$conf
[
'textgroundcolor'
],
'TCOLOR'
=>
$conf
[
'tabellecolor'
],
'TABELLEH'
=>
$tabelleh
,
'TABELLEW'
=>
$tabellew
);
$tpl
->set_ar_out(
$ar
, 1);
}
else
{
echo
'<center>'
.
$conf
[
'nametext'
].
'</center><br />'
;
echo
$hr
;
}
if
(
$conf
[
'reload'
] == AN)
{
echo
'<div id=
"shoutbox"
>
<center><img src=
"include/images/load.gif"
alt=
"Load"
id=
"shoutbox"
border=
"0"
/></center>
</div>';
}
else
{
echo
shbox();
}
echo
'
<table width=
"'.$conf['tabellewidth'].'%"
height=
"'.$conf['tabelleheight'].'%"
border=
"0"
bgcolor=
"'.$conf['tabellecolor'].'"
align=
"center"
cellpadding=
"0"
cellspacing=
"0"
>
<tr>
<td>
<center><b><a href=
"index.php?shbox-archiv"
>ARCHIV</a></b></center>
</td>
</tr>
</table>
</td>
</tr>
</table>';
?>