News Extended 1.4c Backend Fehler

Gehe zu Seite:

Geschlossen

Do. 28.07.2016 00:47 Uhr #1

CiSeN Mitglied

Mal wieder ein freundliches Hallo meinerseits in die Runde,

mir ist ein kleiner Fehler im News Extended 1.4c aufgefallen. Hab auch schon die SuFu missbraucht, die mir aber nichts passendes ausgespuckt hatte.
Und zwar geht es darum wenn man versucht eine News zu erstellen, die im Titel ein Apostroph oder auch ' genannt versucht zu verwenden; dann kommt nach dem absenden folgende Fehlermeldung:

MySQL Error:
1064 : You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 's',1,FROM_UNIXTIME(1469658903),1023,0,'','','0',1469658840,0,NULL)' at line 2
in Query:
INSERT INTO `ic1_news` (news_title,user_id,news_time,news_recht,news_groups,news_kat,news_text,html,`show`,archiv,endtime) VALUES ('Assassin's',1,FROM_UNIXTIME(1469658903),1023,0,'','','0',1469658840,0,NULL)
 
Debug backtrace:
    @ mysql.php:46 -- debug_bt()
    @ mysql.php:64 -- db_check_error(...)
    @ news.php:191 -- db_query(...)
    @ admin.php:20 -- require_once(...)

Wenn man die news ohne ' schreibt und anschließend über "bearbeiten" den Titel anpasst funktioniert es einwandfrei; auch wenn man eine News einsendet kann man das Sonderzeichen verwenden. Nur halt nicht bei direkter Newserstellung.

Vielleicht weiß ja einer unter euch Rat, wie man das Problem gelöst bekommt. Meine php-Kenntnisse sind in der Hinsicht leider einfach zu bescheiden.

ich poste einfach mal die admin/news.php, um den Code direkt vor Augen zu haben:

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

<?php
// Copyright by: Manuel Staechele
// Support: www.ilch.de
// Modded by Mairu für News Extended
defined ('main') or die ('no direct access');
defined ('admin') or die ('only admin access');
 
if (!isset($_SESSION['allowFCKUpload'])) {
    $_SESSION['allowFCKUpload'] = true;
}
 
// -----------------------------------------------------------|
// #
// ##
// ###
// #### F u n k t i o n e n
function dz_timestamp($d, $t = '00:00') {
    $d = trim($d);
    $t = trim($t);
    if (preg_match('/^\d{1,2}.\d{1,2}.(\d{2}|\d{4})$/', $d) == false OR preg_match('/^\d{1,2}:\d\d$/', $t) == false) {
        return false;
    }
    $d = explode('.', $d);
    $t = explode(':', $t);
    if ($o = mktime($t[0], $t[1], 0, $d[1], $d[0], $d[2])) {
        return $o;
    } else {
        return false;
    }
}
 
function getKats ($akt , $addkat = '', $self = false) {
    $katAr = array();
    if ($self) {
        $katAr['#0#'] = 'selbst w&auml;hlen';
    }
    $katAr['Allgemein'] = 'Allgemein';
 
    $kats = '';
    $erg = db_query("SELECT DISTINCT news_kat FROM `prefix_news`");
    while ($row = db_fetch_object($erg)) {
        $katAr[$row->news_kat] = $row->news_kat;
    }
    if (!empty($addkat) AND $addkat != '#0#') {
        $katAr[$addkat] = $addkat;
    }
    $katAr = array_unique($katAr);
 
    foreach($katAr as $k => $a) {
        if (trim($k) == trim($akt)) {
            $sel = 'selected="selected"';
        } else {
            $sel = '';
        }
        $kats .= '<option value="' . $k . '" ' . $sel . '>' . $a . '</option>';
    }
    return ($kats);
}
 
function vorschau($form) {
    global $info;
    $resp = new xajaxResponse();
    $txt = bbcode($form['txt']);
    $resp->assign('vorschau_td', 'innerHTML' , $txt);
    $resp->script("document.getElementById('vorschau').style.display = 'block';");
    if (isset($info['ImgMaxBreite'])) {
        $resp->script("ResizeBBCodeImages()");
    }
    return $resp;
}
 
function vorschau_id($id) {
    global $info;
    $resp = new xajaxResponse();
    $txt = @db_result($q = db_query("SELECT news_text, html FROM prefix_news WHERE news_id = '$id'"), 0, 0);
    if (@db_result($q, 0, 1) == 0) {
        $txt = bbcode($txt);
    }
    $resp->assign('vorschau_td', 'innerHTML' , $txt);
    $resp->script("document.getElementById('vorschau').style.display = 'block';");
    if (isset($info['ImgMaxBreite'])) {
        $resp->script("ResizeBBCodeImages()");
    }
    return $resp;
}
 
function tn_koms() {
    $resp = new xajaxResponse();
    $now = @db_result(db_query('SELECT v2 FROM prefix_allg WHERE k = "news"'), 0);
    db_query('UPDATE prefix_allg SET v2 = IF(v2=1,0,1) WHERE k = "news"');
    $linktxt = $now == '0' ? 'ja' : 'nein';
    $resp->assign('tn_koms', 'innerHTML' , $linktxt);
    return $resp;
}
 
function saveopts($newsempf, $kat) {
    $resp = new xajaxResponse();
    if (!db_query("UPDATE prefix_allg SET v3 = '$newsempf', v4 = '$kat' WHERE k = 'News'")) {
        $resp->alert("Fehler aufgetreten:\n" . mysql_error());
    }
    return $resp;
}
 
function setArchiv($id, $old) {
    $resp = new xajaxResponse();
    $new = $old == 'A' ? 0 : 1;
    if (db_query("UPDATE prefix_news SET archiv = $new WHERE news_id = '$id'")) {
        $resp->assign('archiv_link_' . $id, 'innerHTML' , $old == 'A' ? 'N' : 'A');
    } else {
        $resp->alert("Fehler:\n" . mysql_error());
    }
    return $resp;
}
// xajax für vorschau
$xajax = new xajax();
$xajax->configureMany(array('decodeUTF8Input' => true ,'characterEncoding' => 'ISO-8859-1', 'requestURI' => 'admin.php?news-ajax'));
 
$xajax->register(XAJAX_FUNCTION, 'vorschau');
$xajax->register(XAJAX_FUNCTION, 'vorschau_id');
$xajax->register(XAJAX_FUNCTION, 'tn_koms');
$xajax->register(XAJAX_FUNCTION, 'saveopts');
$xajax->register(XAJAX_FUNCTION, 'setArchiv');
$xajax->processRequest();
// #### F u n k t i o n
// ###
// ##
// #
 
// #
// ##
// ###
// #### A k t i o n e n
$design = new design ('Admins Area', 'Admins Area', 2);
$design->header();
 
if (!empty($_REQUEST['um'])) {
    $um = $_REQUEST['um'];
    $newscreatetime = time();
    $newschangesqladd = '';
    $archiv = 0;
    // Sperre
    if ($_POST['gesperrt'] != 'on') {
        $show = dz_timestamp($_POST['datum'], $_POST['zeit']);
        if (!$show) {
            $show = 1;
        } elseif (isset($_POST['set_time'])) {
            $newscreatetime = $show;
            $newschangesqladd .= ',news_time = FROM_UNIXTIME(' . $show . '), editor_id  = NULL, edit_time  = NULL';
            debug('TEST: ' . $newscreatetimech);
        }
    } else {
        $show = 0;
    }
    // Enddatum
    if ($_POST['close'] == '0') {
        $endtime = 'NULL';
    } elseif ($_POST['close'] == '1') {
        $endtime = dz_timestamp($_POST['cdatum'], $_POST['czeit']);
    } else {
        $endtime = dz_timestamp($_POST['cdatum'], $_POST['czeit']);
        $archiv = 2;
    }
 
    //Grundrechte + Gruppen
    if ($um == 'insert' or $um == 'change') {
        $grecht = 0;
        for($i=0; $i<10; $i++) {
            if (isset($_POST['grecht_'.$i])) {
                $grecht = $grecht | pow(2, $i);
            }
        }
 
        $groups = 0;
        $sql = db_query("SELECT id FROM prefix_groups");
        while ($r = db_fetch_assoc($sql)){
            if (isset($_POST['groups_'.$r['id']])) {
                $groups = $groups | pow(2, $r['id']);
            }
        }
    }
 
 
    if ($um == 'insert') {
        // insert
        $text = escape($_POST['txt'], 'textarea');
        if ($_POST['katLis'] == 'neu') {
            $_POST['katLis'] = $_POST['kat'];
        }
 
        db_query("INSERT INTO `prefix_news` (news_title,user_id,news_time,news_recht,news_groups,news_kat,news_text,html,`show`,archiv,endtime)
        VALUES ('" . $_POST['titel'] . "'," . $_SESSION['authid'] . ",FROM_UNIXTIME(".$newscreatetime.")," . $grecht . "," . $groups . ",'" . $_POST['katLis'] . "','" . $text . "','" . $_POST['html'] . "',$show,$archiv,$endtime)");
        // insert
    } elseif ($um == 'change') {
        // edit
        $text = escape($_POST['txt'], 'textarea');
 
        if ($_POST['katLis'] == 'neu') {
            $_POST['katLis'] = $_POST['kat'];
        }
        db_query('UPDATE `prefix_news` SET
                news_title = "' . escape($_POST['titel'], 'string') . '",
                editor_id  = "' . $_SESSION['authid'] . '",
                edit_time  = NOW(),
                news_recht = "' . $grecht . '",
                news_groups = "' . $groups . '",
                news_kat   = "' . $_POST['katLis'] . '",
                html       = "' . $_POST['html'] . '",
                `show`     = ' . $show . ',
                archiv     = ' . $archiv . ',
                endtime     = ' . $endtime . ',
                news_text  = "' . $text . '"' . $newschangesqladd . ' WHERE news_id = "' . $_POST['newsID'] . '" LIMIT 1');
        $edit = $_POST['newsID'];
    }
}
// edit
// del
if ($menu->get(1) == 'del') {
    db_query('DELETE FROM `prefix_news` WHERE news_id = "' . $menu->get(2) . '" LIMIT 1');
}
// del
// Sperren/Freischalten
if ($menu->getA(1) == 's') {
    db_query('UPDATE `prefix_news` SET `show` = IF(`show`>0,0,1) WHERE news_id = "' . $menu->getE(1) . '" LIMIT 1');
}
// Sperren/Freischalten
// Topnews
if ($menu->getA(1) == 't') {
    db_query('UPDATE `prefix_allg` SET `v1` = "' . $menu->getE(1) . '" WHERE k = "news" LIMIT 1');
}
// Topnews
// #### A k t i o n e n
// ###
// ##
// #
 
// #
// ##
// ###
// #### h t m l   E i n g a b e n
if (empty ($doNoIn)) {
    $limit = 20; // Limit
    $page = ($menu->getA(1) == 'p' ? $menu->getE(1) : 1);
    $MPL = db_make_sites ($page , '' , $limit , "?news" , 'news');
    $anfang = ($page - 1) * $limit;
    if ($menu->get(1) != 'edit') {
        $FnewsID = '';
        $Faktion = 'insert';
        $Fueber = '';
        $Fstext = '';
        $Ftxt = '';
        $Fgrecht = 1023;
        $Fgroups = 0;
        $FkatLis = '';
        $Fsub = 'Eintragen';
        $Fhtml = '';
        $sel0 = 'checked="checked"';
        $sel1 = '';
        $sel_show = 'checked="checked"';
        $datum = date('d.m.Y');
        $zeit = date('H:i');
        $csel0 = 'checked="checked"';
        $csel1 = '';
        $csel2 = '';
        $cdatum = date('d.m.Y', time() + 604800);
        $czeit = date('H:i');
    } else {
        $row = db_fetch_object(db_query("SELECT * FROM `prefix_news` WHERE news_id = " . $menu->get(2)));
        $FnewsID = $row->news_id;
        $Faktion = 'change';
        $Fueber = str_replace('"', '&quot;', $row->news_title);
        $Ftxt = stripslashes($row->news_text);
        $Fgrecht = $row->news_recht;
        $Fgroups = $row->news_groups;
        $FkatLis = $row->news_kat;
        $Fsub = '&Auml;ndern';
        $Fhtml = $row->html == 1 ? 'switch_html();' : '';
        if ($row->show == 0) {
            $sel_gesperrt = 'checked="checked"';
            $datum = '';
            $zeit = '';
        } else {
            $sel_gesperrt = '';
            $row->show = $row->show < 10000 ? time() : $row->show;
            $datum = date('d.m.Y', $row->show);
            $zeit = date('H:i', $row->show);
        }
        $sel0 = $sel1 = '';
        if ($row->html) {
            $sel1 = 'checked="checked"';
        } else {
            $sel0 = 'checked="checked"';
        }
        $csel0 = $csel1 = $csel2 = '';
        if ($row->archiv == 1) {
            $csel2 = 'checked="checked"';
            $row->endtime = time() - 1000;
        } elseif (is_null($row->endtime)) {
            $csel0 = 'checked="checked"';
            $row->endtime = time() + 604800;
        } elseif ($row->archiv == 2) {
            $csel2 = 'checked="checked"';
        } else {
            $csel1 = 'checked="checked"';
        }
        $cdatum = date('d.m.Y', $row->endtime);
        $czeit = date('H:i', $row->endtime);
    }
    $tpl = new tpl ('news', 1);
 
    $ar = array (
        'NEWSID' => $FnewsID,
        'AKTION' => $Faktion,
        'MPL' => $MPL,
        'UEBER' => $Fueber,
        'txt' => $Ftxt,
        'SMILIS' => getsmilies(),
        // 'grecht' => dbliste($Fgrecht,$tpl,'grecht',"SELECT id,name FROM prefix_grundrechte ORDER BY id DESC"),
        'KATS' => getKats($FkatLis),
        'FSUB' => $Fsub,
        'sel0' => $sel0,
        'sel1' => $sel1,
        'sel_gesperrt' => $sel_gesperrt,
        'datum' => $datum,
        'zeit' => $zeit,
        'csel0' => $csel0,
        'csel1' => $csel1,
        'csel2' => $csel2,
        'cdatum' => $cdatum,
        'czeit' => $czeit,
        'xajax' => $xajax->getJavascript()
        );
    // Grundrechte
    $ar['grecht'] = '';
    $qry = db_query('SELECT ABS(id) as id, name FROM prefix_grundrechte ORDER BY id');
    while ($r = db_fetch_assoc($qry)) {
        $ar['grecht'] .= '<span style="white-space: nowrap; margin-right: 5px;"><input type="checkbox" id="grecht_' . $r['id'] . '" name="grecht_' . $r['id'] . '" ' .
        (($Fgrecht == ($Fgrecht | pow(2, $r['id']))) ? 'checked="checked"' : '') . ' />' .
        '<label for="grecht_' . $r['id'] . '">' . $r['name'] . "</label></span>\n";
    }
    // Groups
    $ar['groups'] = '';
    $qry = db_query('SELECT id, name FROM prefix_groups ORDER BY id');
    while ($r = db_fetch_assoc($qry)) {
        $ar['groups'] .= '<span style="white-space: nowrap; margin-right: 5px;"><input type="checkbox" id="groups_' . $r['id'] . '" name="groups_' . $r['id'] . '" ' .
        (($Fgroups == ($Fgroups | pow(2, $r['id']))) ? 'checked="checked"' : '') . ' />' .
        '<label for="groups_' . $r['id'] . '">' . $r['name'] . "</label></span>\n";
    }
 
    $tpl->set_ar_out($ar, 0);
    if (isset($info['ImgMaxBreite'])) {
        $tpl->out(2); //BBCode 2.0 Modul
    } else {
        $tpl->out(1); //BBCode vom Ilchscript
    }
    $tpl->set_ar_out($ar, 3);
    // e d i t , d e l e t e
    $abf = 'SELECT *
            FROM `prefix_news`
                    ORDER BY news_time DESC
                    LIMIT ' . $anfang . ',' . $limit;
 
    $erg = db_query($abf);
    $class = '';
    $opts = db_fetch_object(db_query("SELECT v1 as topnews, v2 as koms,v3 as pmempf,v4 as kat FROM prefix_allg WHERE k = 'news'"));
 
    while ($row = db_fetch_object($erg)) {
        $class = ($class == 'Cmite' ? 'Cnorm' : 'Cmite');
 
        $tpl->set_ar_out(array ('ID' => $row->news_id,
                'class' => $class,
                'TITEL' => $row->news_title,
                'sperre' => $row->show >= 1 ? 'jep' : 'nop',
                'sperren' => $row->show >= 1 ? 'Sperren' : 'Freischalten',
                'title' => "Ersteller: " . get_n($row->user_id) . " ($row->news_time)" . (is_null($row->editor_id) ? '' : "\nGe&auml;ndert von: " . get_n($row->editor_id) . " ($row->edit_time)"),
                'topnews' => $row->news_id == $opts->topnews ? 'ok' : 'leer',
                'archiv' => (($row->archiv == 1) OR ($row->archiv == 2 AND $row->endtime < time())) ? 'A' : 'N'
                ) , 4);
    }
    // e d i t , d e l e t e
    // Mögliche PM-Empfänger
    $pmq = db_query("SELECT a.id, a.name FROM prefix_user a LEFT JOIN prefix_modulerights b ON b.mid = 2 AND b.uid = a.id WHERE a.recht <= -8 OR b.mid IS NOT NULL");
    $pmempf = '';
    $pmar = explode('#', $opts->pmempf);
    while ($r = db_fetch_object($pmq)) {
        $sel = in_array($r->id, $pmar) ? 'selected="selected"' : '';
        $pmempf .= "<option value=\"$r->id\" $sel>$r->name</option>";
    } // while
    $tpl->set_ar_out(array (
            'MPL' => $MPL,
            'html' => $Fhtml,
            'tn_koms' => $opts->koms == '1' ? 'ja' : 'nein',
            'nadd_kat' => getKats($opts->kat, $opts->kat , true),
            'pmempf' => $pmempf
            ) , 5);
}
 
$design->footer();
 
?>

verwendete ilch Version: 1.1 P

betroffene Homepage: externer Link

Zuletzt modifiziert von CiSeN am 28.07.2016 - 01:04:00

Bombing For Peace Is Like Fu**ing For Virginity !!!

0 Mitglieder finden den Beitrag gut.

zitieren

Do. 28.07.2016 01:13 Uhr #2

Siggi Hall Of Fame

Registriert seit
08.02.2007

Beiträge
6.558

Beitragswertungen

Könnte daran liegen weil es beim Update escapet wird und beim einfügen also into nicht

Wie poste ich falsch?
0 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 12:33 Uhr #3

CiSeN Mitglied

Registriert seit
06.01.2010

Beiträge
58

Beitragswertungen

Hallo Siggi,

danke für die richtungsweisung... Heißt das, dass ich die dazugehörigen values angleichen muss oder wie muss ich das machen?

Bombing For Peace Is Like Fu**ing For Virginity !!!
0 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 12:36 Uhr #4

Siggi Hall Of Fame

Registriert seit
08.02.2007

Beiträge
6.558

Beitragswertungen

Du änderst einfach in Zeile 191 $_POST['titel'] zu escape($_POST['titel'], 'string')

Wie poste ich falsch?
1 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 12:45 Uhr #5

CiSeN Mitglied

Registriert seit
06.01.2010

Beiträge
58

Beitragswertungen

Danke dir.

Da war ich ja beim richtigen Ansatz. Allerdings hätte ich jetzt alle angepasst.

Vielen Dank!

Bombing For Peace Is Like Fu**ing For Virginity !!!
0 Mitglieder finden den Beitrag gut.
- zitieren

Do. 28.07.2016 13:30 Uhr #6

CiSeN Mitglied

Jetzt hätte ich nochmal ein kleine Zusatzfrage, möchte dafür jetzt aber nicht extra einen neuen Thread eröffnen; deswegen knalle ich es einfach mal hier mit rein.
Und zwar habe ich "ein wenig" am News Script rumgebastelt und daraus ein zusätzliches Artikelsystem gemacht.
Nun habe ich darin ein Feld eingebaut, das einem anzeigen soll, ob ein Text zum Download bereit steht oder nicht.
Was ich genau meine kann man hier sehen.

Die Sache würde ich gerne per if-Abfrage einbauen, der (ich hoffe, dass er korrekt ist) so aussehen soll:

if (!empty($row['articles_download']))
{
    $download = "<a href="?downloads-show-'.$row['articles_download'].'">vorhanden</a>";
}
else
{
    $download = "nicht vorhanden";

Jetzt stellt sich mir nur die Frage, an welcher Stelle ich in contents/articles/articles.php einbauen muss.

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

<?php
// Copyright by: Manuel Staechele
// Support: www.ilch.de
// Modded by Mairu für News Extended
defined ('main') or die ('no direct access');
 
$title = $allgAr['title'] . ' :: Artikel';
$hmenu = 'Artikel';
$design = new design ($title , $hmenu);
$design->addheader('<link rel="alternate" type="application/atom+xml" title="Artikel (Atom)" href="index.php?articles-atom" />
<link rel="alternate" type="application/rss+xml" title="Artikel (RSS)" href="index.php?articles-rss" />');
 
function articles_find_kat ($kat) {
    $katpfad = 'include/images/articles/';
    $katjpg = $katpfad . $kat . '.jpg';
    $katgif = $katpfad . $kat . '.gif';
    $katpng = $katpfad . $kat . '.png';
 
    if (file_exists($katjpg)) {
        $pfadzumBild = $katjpg;
    } elseif (file_exists ($katgif)) {
        $pfadzumBild = $katgif;
    } elseif (file_exists ($katpng)) {
        $pfadzumBild = $katpng;
    }
 
    if (!empty($pfadzumBild)) {
        $kategorie = '<img style="" src="' . $pfadzumBild . '" alt="' . $kat . '">';
    } else {
        $kategorie = ' ' . $kat . ' ';
    }
 
    return ($kategorie);
}
// Schaut ob ein Name so oder ähnlich in der Datenbank vorhanden ist
// gibt true zurück falls der Name noch nicht verwendet ist
function checkName($name) {
    if (db_count_query("SELECT COUNT(name) FROM prefix_user WHERE name LIKE '$name'")) {
        return false;
    } else {
        return true;
    }
}
 
function checkKomName($name) {
    $resp = new xajaxResponse();
    if (checkName($name) OR loggedin()) {
        $resp->script('document.forms["komform"].submit();');
    } else {
        $resp->assign('komname', 'value' , '');
        $resp->alert('Dieser Name ist bereits an einen User vergeben, benutze bitte einen anderen.');
        $resp->script("document.getElementById('komname').focus();");
    }
    return $resp;
}
// xajax für namencheck
$xajax = new xajax();
$xajax->configureMany(array('decodeUTF8Input' => true ,'characterEncoding' => 'ISO-8859-1', 'requestURI' => 'admin.php?articles-ajax'));
$xajax->register(XAJAX_FUNCTION, 'checkKomName');
$xajax->processRequest();
 
if ($menu->get(1) == 'ajax') {
    exit();
}
 
if (!is_numeric($menu->get(1))) {
    if ($menu->get(1) == 'rss' || $menu->get(1) == 'atom') {
        // ob_clean();
        $feed_type = $menu->get(1);
 
        $abf = "SELECT MAX(articles_time) AS last_update FROM prefix_articles";
        $erg = db_query($abf);
        $row = db_fetch_assoc($erg);
        $last_update = str_replace(' ', 'T', $row['last_update']) . 'Z';
 
        $tn_id = intval(@db_result($articles_opts = db_query("SELECT v1 FROM prefix_allg WHERE k = 'articles' LIMIT 1"), 0));
 
        $abf = "SELECT
      a.articles_title as title,
      a.articles_id as id,";
        $abf .= ($feed_type == 'atom') ? 'a.articles_time as datum,' : "DATE_FORMAT(a.articles_time,'%a, %e %b %y %H:%i:%s') as datum,";
        $abf .=
        "a.articles_kat as kate,
        a.articles_kat2 as kate2,
      a.articles_text as text,
      b.name as username,
      a.html
    FROM prefix_articles as a
    LEFT JOIN prefix_user as b ON a.user_id = b.id
    WHERE (a.articles_recht | 1) = a.articles_recht AND a.`show` > 0 AND a.`show` <= UNIX_TIMESTAMP() AND a.articles_id != $tn_id AND a.`archiv` != 1 AND (a.endtime IS NULL OR a.endtime > UNIX_TIMESTAMP())
    ORDER BY articles_title LIMIT 15";
        $erg = db_query($abf);
        $tpl = new tpl('articles_' . $menu->get(1) . '.htm');
 
        header('Content-type: application/' . $menu->get(1) . '+xml');
 
        $tpl->set_ar_out(array('FEEDTITLE' => $allgAr['title'],
                'UPDATED' => $last_update,
                'SITEURL' => 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF'])), 0);
        while ($row = db_fetch_assoc($erg)) {
            if ($feed_type == 'atom') {
                $Z = (date('Z') > 0 ? '+' : '') . date('H:i:s', date('Z') + 23 * 3600);
                $row['datum'] = str_replace(' ', 'T', $row['datum']) . $Z;
            }
 
            $a = explode('[PREVIEWENDE]', $row['text']);
            $tpl->set_ar_out(array(
                    'TITLE'     => $row['title'],
                    'TXT'       => $row['html'] ? $a[0] : bbcode($a[0]),
                    'LINK'      => 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php?articles-' . $row['id'],
                    'AUTHOR'    => $row['username'],
                    'DATE'      => $row['datum']
                    ), 1);
        }
        $tpl->out(2);
        exit;
    } else {
        $design->header();
        $limit = $allgAr['Nlimit'];
        $page = ($menu->getA(1) == 'p' ? $menu->getE(1) : 1);
 
        //Gruppenrechte
        $groups = getGroupRights();
 
        // Topartikel ausgeben
        $tn_id = intval(@db_result($articles_opts = db_query("SELECT v1, v2 FROM prefix_allg WHERE k = 'articles' LIMIT 1"), 0, 0));
        $tn_koms = @db_result($articles_opts, 0, 1);
        $tn_sql = db_query("SELECT a.articles_title as title, a.articles_text, a.articles_kat, a.articles_kat2, a.articles_recht, a.articles_groups, a.html,
                DATE_FORMAT(a.articles_time,'%d. %m. %Y - %H:%i Uhr') as datum,
                DATE_FORMAT(a.articles_time,'%W') as dayofweek,
                b.name as username,
                c.name as editorname,
                a.html,
                a.edit_time,
                a.klicks,
                b.id as uid
            FROM prefix_articles a
            LEFT JOIN prefix_user as b ON a.user_id = b.id
            LEFT JOIN prefix_user as c ON a.editor_id = c.id
            WHERE a.articles_id = $tn_id AND a.`show` > 0 AND a.`show` <= UNIX_TIMESTAMP() AND (a.endtime IS NULL OR a.endtime > UNIX_TIMESTAMP()) AND
            (((" . pow(2, abs($_SESSION['authright'])) . " | a.articles_recht) = a.articles_recht) OR
            (a.articles_groups != 0 AND ((a.articles_groups ^ $groups) != (a.articles_groups | $groups))))");
        if (db_num_rows($tn_sql) > 0) {
            $tn_r = db_fetch_assoc($tn_sql);
 
            $dontShow = false;
            if ((pow(2, abs($_SESSION['authright'])) | $tn_r['articles_recht']) != $tn_r['articles_recht']) {
                $dontShow = true;
            }
            if ($dontShow) {
                foreach($_SESSION['authgrp'] as $id => $bool) {
                    if ($bool and (pow(2, abs($id)) | $tn_r['articles_groups'] == $tn_r['articles_groups'])) {
                        $dontShow = false;
                        break;
                    }
                }
            }
            if (!$dontShow) {
                $tn_tpl = new tpl ('articles/top');
                if ($tn_koms) {
                    $tn_r['kom'] = db_count_query("SELECT COUNT(id) FROM prefix_koms WHERE uid = $tn_id AND cat = 'ARTICLES'");
                }
                $tn_r['showkom'] = $tn_koms;
                if (strpos ($tn_r['articles_text'], '[PREVIEWENDE]') !== false) {
                    $a = explode('[PREVIEWENDE]' , $tn_r['articles_text']);
                    $tn_r['articles_text']= $a[0];
                    $tn_r['readwholearticles'] = '<a href="index.php?articles-' . $tn_id . '" alt="mehr lesen" title="mehr lesen"><img src="include/images/icons/articles/more.gif" alt="mehr lesen" border="0"></a>';
                } else {
                     $tn_r['readwholearticles'] = '';
                }
                $tn_r['id'] = $tn_id;
                $tn_r['klicks'] = '<img src="include/images/icons/articles/counter.gif" alt="' . $tn_r['klicks']. ' mal gelesen" title="' . $tn_r['klicks']. ' mal gelesen" border="0">';
                $tn_r['datum']  = $lang[$tn_r['dayofweek']] . ' ' . $tn_r['datum'];
                $tn_r['edit']   = is_null($tn_r['edit_time']) ? '' : '<br /><i>zuletzt ge&auml;ndert am ' . date('d.m.Y - H:i', strtotime($tn_r['edit_time'])) . '&nbsp;Uhr';
                if (!empty($tn_r['edit']) and $tn_r['editorname'] != $tn_r['username']) {
                    $tn_r['edit'].= ' von ' . $tn_r['editorname']. '</i>';
                } elseif (!empty($tn_r['edit'])) {
                    $tn_r['edit'].= '</i>';
                }
 
                $tn_r['kate'] = articles_find_kat($tn_r['articles_kat']);
                $tn_r['text'] = $tn_r['html']? $tn_r['articles_text']: bbcode($tn_r['articles_text']);
                $tn_tpl->set_ar_out($tn_r, 0);
                unset($tn_tpl);
            }
        }
 
        //Kategorie einschränken
        if ($menu->get(1) != '' and ($menu->getA(1) != 'p' or $menu->getE(1) == 0)) {
            $kats = $katssql = array();  #collect given kats
            $i = 1;
            while($kat = escape($menu->get($i), 'string')){
                $kats[] = $kat;
                $katssql[] = '"' . $kat . '"';
                $i++;
            }
            $articles_kat = 'articles_kat IN ('.implode(',', $katssql).') AND';
            $katmpl = '-'.implode('-', $kats);
            $page = $menu->getE('p');
            if ($page < 1) {
                $page = 1;
            }
            $katmpl = str_replace('-p'.$page, '', $katmpl);
        } else {
            $articles_kat = $katmpl = '';
            $page = ($menu->getA(1) == 'p' ? $menu->getE(1) : 1);
        }
 
        $anfang = ($page - 1) * $limit;
 
        $MPL = db_make_sites ($page , "WHERE (((" . pow(2, abs($_SESSION['authright'])) . " | articles_recht) = articles_recht) OR
            (articles_groups != 0 AND ((articles_groups ^ $groups) != (articles_groups | $groups)))) AND $articles_kat `show` > 0 AND `show` <= UNIX_TIMESTAMP() AND articles_id != $tn_id AND archiv != 1 AND (endtime IS NULL OR endtime > UNIX_TIMESTAMP())" , $limit , '?articles'.$katmpl , 'articles');
        // Normale Artikel
        $tpl = new tpl ('articles/articles.htm');
 
        $abf = "SELECT
      a.articles_title as title,
      a.articles_id as id,
      DATE_FORMAT(a.articles_time,'%d. %m. %Y - %H:%i Uhr') as datum,
      DATE_FORMAT(a.articles_time,'%W') as dayofweek,
      a.articles_kat as kate,
        a.articles_kat2 as kate2,
      a.articles_text as text,
      b.name as username,
      c.name as editorname,
      a.html,
      a.edit_time,
      a.klicks,
      b.id as uid
    FROM prefix_articles as a
    LEFT JOIN prefix_user as b ON a.user_id = b.id
    LEFT JOIN prefix_user as c ON a.editor_id = c.id
    WHERE (((" . pow(2, abs($_SESSION['authright'])) . " | a.articles_recht) = a.articles_recht) OR
          (a.articles_groups != 0 AND ((a.articles_groups ^ $groups) != (a.articles_groups | $groups)))) AND $articles_kat
        a.`show` > 0 AND a.`show` <= UNIX_TIMESTAMP() AND articles_id != $tn_id AND a.`archiv` != 1 AND
        (a.endtime IS NULL OR a.endtime > UNIX_TIMESTAMP())
    ORDER BY a.articles_title, articles_kat2
    LIMIT " . $anfang . "," . $limit;
 
        // echo '<pre>'.$abf.'</pre>';
        $erg = db_query($abf);
        if (db_num_rows($erg) == 0 and !empty($articles_kat)) {
            echo 'Keinen Artikel in dieser Kategorie gefunden.<br />
                <a href="index.php?articles">Artikel&uuml;bersichtsseite aufrufen</a>';
            $design->footer(1);
        }
        while ($row = db_fetch_assoc($erg)) {
            $k0m = db_query("SELECT COUNT(ID) FROM `prefix_koms` WHERE uid = " . $row['id'] . " AND cat = 'ARTICLES'");
            $row['kom'] = db_result($k0m, 0);
 
            $row['kate'] = articles_find_kat($row['kate']);
            $row['datum'] = $lang[$row['dayofweek']] . ' ' . $row['datum'];
            if (strpos ($row['text'] , '[PREVIEWENDE]') !== false) {
                $a = explode('[PREVIEWENDE]' , $row['text']);
                $row['text'] = $a[0];
                $row['readwholearticles'] = '<a href="index.php?articles-' . $row['id'] . '" alt="mehr lesen" title="mehr lesen"><img src="include/images/icons/articles/more.gif" alt="mehr lesen" border="0"></a>';
            } else {
                $row['readwholearticles'] = '';
            }
            $row['klicks'] = '<img src="include/images/icons/articles/counter.gif" alt="' . $row['klicks'] . ' mal gelesen" title="' . $row['klicks'] . ' mal gelesen" border="0">';
            if (!$row['html']) {
                $row['text'] = bbcode($row['text']);
            }
            $row['edit'] = is_null($row['edit_time']) ? '' : '<br /><i>zuletzt ge&auml;ndert am ' . date('d.m.Y - H:i', strtotime($row['edit_time'])) . '&nbsp;Uhr';
            if (!empty($row['edit']) and $row['editorname'] != $row['username']) {
                $row['edit'] .= ' von ' . $row['editorname'] . '</i>';
            } elseif (!empty($row['edit'])) {
                $row['edit'] .= '</i>';
            }
            $tpl->set_ar_out($row, 0);
        }
        $tpl->set_out('SITELINK', $MPL, 1);
        unset($tpl);
    }
} else {
    $design->header();
    $xajax->printJavascript();
 
    $nid = escape($menu->get(1), 'integer');
    $erg = db_query("SELECT a.articles_title, a.articles_kat2, a.articles_release, a.articles_publisher, a.articles_developer1, a.articles_developer2, a.articles_developer3, a.articles_developer4, a.articles_developer5, a.articles_usk, a.articles_download, a.articles_id, DATE_FORMAT(a.articles_time,'%d. %m. %Y - %H:%i Uhr') as datum,DATE_FORMAT(a.articles_time,'%W') as dayofweek,a.articles_kat,a.articles_text,b.name as username,c.name as editorname,a.html,a.edit_time,a.klicks,b.id as uid,a.articles_recht,a.articles_groups FROM prefix_articles as a LEFT JOIN prefix_user as b ON a.user_id = b.id LEFT JOIN prefix_user as c ON a.editor_id = c.id WHERE a.`show` > 0 AND a.`show` <= UNIX_TIMESTAMP() AND a.articles_id = '" . $nid . "'");
    if (db_num_rows($erg) == 0) {
        $dontShow = true;
    } else {
        $dontShow = false;
        $row = db_fetch_object($erg);
        if ((pow(2, abs($_SESSION['authright'])) | $row->articles_recht) != $row->articles_recht) {
            $dontShow = true;
        }
        if ($dontShow) {
            foreach($_SESSION['authgrp'] as $id => $bool) {
                if ($bool and (pow(2, abs($id)) | $row->articles_groups) == $row->articles_groups) {
                    $dontShow = false;
                    break;
                }
            }
        }
    }
 
    if ($dontShow) {
        echo 'Artikel existiert nicht oder Sie haben keine Rechte ihn zu sehen.  <a href="javascript:history.back();">zur&uuml;ck</a>';
        $design->footer(1);
    }
 
    $komsOK = true;
    if ($allgAr['Ngkoms'] == 0) {
        if (loggedin()) {
            $komsOK = true;
        } else {
            $komsOK = false;
        }
    }
    if ($allgAr['Nukoms'] == 0) {
        $komsOK = false;
    }
 
    $kom_info = '';
    // kommentar add
    if ((loggedin() OR chk_antispam ('articleskom')) AND $komsOK AND !empty($_POST['name']) AND !empty($_POST['txt'])) {
        $_POST['txt'] = escape($_POST['txt'], 'string');
        $_POST['name'] = escape($_POST['name'], 'string');
        if (checkName($_POST['name']) or loggedin()) {
            if (loggedin()) {
                $_POST['name'] = $_SESSION['authname'];
            }
            db_query("INSERT INTO `prefix_koms` (`uid`,`cat`,`name`,`text`) VALUES (" . $nid . ",'ARTICLES','" . $_POST['name'] . "','" . $_POST['txt'] . "')");
        } else {
            $kom_info = '<span style="color:red;">Dieser Name ist bereits an einen User vergeben, benutze bitte einen anderen.</span><br />';
        }
    }
    // kommentar add
    // kommentar loeschen
    if ($menu->getA(2) == 'd' AND is_numeric($menu->getE(2)) AND has_right(- 7, 'articles')) {
        $kommentar_id = escape($menu->getE(2), 'integer');
        db_query("DELETE FROM prefix_koms WHERE uid = " . $nid . " AND cat = 'ARTICLES' AND id = " . $kommentar_id);
    }
    // kommentar loeschen
    $kategorie = articles_find_kat($row->articles_kat);
 
    $textToShow = $row->html ? $row->articles_text : bbcode($row->articles_text);
    $textToShow = str_replace('[PREVIEWENDE]', '', $textToShow);
    if (!empty($such)) {
        $textToShow = markword($textToShow, $such);
    }
    // klicks zaehlen
    db_query("UPDATE prefix_articles SET klicks = klicks + 1 WHERE articles_id = " . $nid); 
     
    $tpl = new tpl ('articles/articles.htm');
    $ar = array (
        'TEXT'              => $textToShow,
        'KATE'              => $kategorie,
        'NID'               => $nid,
        'uname'             => $_SESSION['authname'],
        'ANTISPAM'          => (loggedin()?'':get_antispam ('articleskom', 0)),
        'NAME'              => $row->articles_title,
        'info'              => $kom_info,
        'KATE2'             => $row->articles_kat2,
        'RELEASE'           => $row->articles_release,
        'PUBLISHER'         => $row->articles_publisher,
        'DEVELOPER1'        => $row->articles_developer1,
        'DEVELOPER2'        => $row->articles_developer2,
        'DEVELOPER3'        => $row->articles_developer3,
        'DEVELOPER4'        => $row->articles_developer4,
        'DEVELOPER5'        => $row->articles_developer5,
        'ID'                => $row->user_id,
        'USERNAME'          => $row->username,
        'DOWNLOAD'          => $download,
        'USK'               => $row->articles_usk,
        );
    $tpl->set_ar_out($ar, 2);
 
    if ($komsOK) {
        $tpl->set_ar_out (array ('NAME' => $row->articles_title , 'NID' => $nid, 'style' => loggedin() ? 'style="display:none;"' : ''), 3);
    }
    $erg1 = db_query("SELECT text, name, id FROM `prefix_koms` WHERE uid = " . $nid . " AND cat = 'ARTICLES' ORDER BY id DESC");
    $ergAnz1 = db_num_rows($erg1);
    if ($ergAnz1 == 0) {
        echo '<b>' . $lang['nocomments'] . '</b>';
    } else {
        $zahl = $ergAnz1;
        while ($row1 = db_fetch_assoc($erg1)) {
            $row1['text'] = bbcode(trim($row1['text']));
            if (has_right(- 7, 'articles')) {
                $row1['text'] .= '<a href="javascript:delkom(' . $nid . ',' . $row1['id'] . ')"><img src="include/images/icons/del.gif" alt="l&ouml;schen" border="0" title="l&ouml;schen" /></a>';
            }
            $tpl->set_ar_out(array('NAME' => $row1['name'], 'TEXT' => $row1['text'], 'ZAHL' => $zahl) , 4);
            $zahl--;
        }
    }
    $tpl->out(5);
}
 
$design->footer();
 
?>

Erneute Hilfe dazu wäre echt klasse. Danke schonmal

Bombing For Peace Is Like Fu**ing For Virginity !!!

0 Mitglieder finden den Beitrag gut.

zitieren

Do. 28.07.2016 13:43 Uhr #7

Siggi Hall Of Fame

Registriert seit
08.02.2007

Beiträge
6.558

Beitragswertungen

Ich würde es mal vor Zeile 347 einfügen, dadrunter im array gibt er es ja aus

Wie poste ich falsch?
0 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 13:47 Uhr #8

CiSeN Mitglied

Registriert seit
06.01.2010

Beiträge
58

Beitragswertungen

Jetzt habe ich Parse error:

Parse error: syntax error, unexpected 'articles_download' (T_STRING) in /users/cisen/www/include/contents/articles/articles.php on line 349

Bombing For Peace Is Like Fu**ing For Virginity !!!
0 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 13:52 Uhr #9

Siggi Hall Of Fame

Registriert seit
08.02.2007

Beiträge
6.558

Beitragswertungen

Und wenn du es hiermit versuchst?
?
1
2
3
4
5
if (!empty($row->articles_download)) {
$download = '<a href="?downloads-show-'.$row->articles_download.'"vorhanden</a>';
} else {
$download = 'nicht vorhanden';
}

Zuletzt modifiziert von Siggi am 28.07.2016 - 13:54:23

Wie poste ich falsch?
1 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 14:02 Uhr #10

CiSeN Mitglied

Registriert seit
06.01.2010

Beiträge
58

Beitragswertungen

Das hat geklappt.

Vielen lieben Dank!!!

Bombing For Peace Is Like Fu**ing For Virginity !!!
0 Mitglieder finden den Beitrag gut.
- zitieren

Beitrag zur Merkliste hinzufügen

ilch Forum » Ilch Clan 1.1 » Fehlersuche und Probleme » News Extended 1.4c Backend Fehler