$gbook_title=pkEntities($gbookinfo['gbook_title']);
$gbook_autor=pkEntities($gbookinfo['gbook_autor']);
$gbook_text=$BBCODE->parse($gbookinfo['gbook_text'],0,$config['gbook_ubb'],$config['gbook_smilies'],$config['gbook_images'],1,pkGetConfig('guestbook_imageresize'),pkGetConfig('guestbook_textwrap'));
$gbook_time=formattime($gbookinfo['gbook_time']);
$print_time=formattime();
eval(\$site_body.= \.pkTpl(guestbook/print).\;);
break;
#END case print
case->sign' :
if($config['gbook_eod']!=1)
{
pkEvent('function_disabled');
return;
}
$error=0;
$ACTION=(isset($_REQUEST['action'])) ? $_REQUEST['action'] :->view';
if((isset($_POST['save']) && $ACTION==$_POST['save']) || (isset($_POST['preview']) && $ACTION==$_POST['preview']))
{
$floodcontrol=pkTIME-($config['gbook_floodctrl']*60);
$infocount=$DB->fetch_array($DB->query(SELECT
COUNT(*)
FROM .$db_tab['gbook'].
WHERE gbook_ip='.$SQL->f($ENV->getvar('REMOTE_ADDR')).' AND
gbook_userid='.$SQL->i(pkGetUservalue('id')).' AND
gbook_time>'.$floodcontrol.'
LIMIT 1));
if(!pkCaptchaCodeValid($ENV->_post(pkCAPTCHAVARNAME)))
$error=7;
elseif((isset($_POST['content']) && empty($_POST['content'])) ||
(isset($_POST['gbook_title']) && empty($_POST['gbook_title'])) ||
(isset($_POST['gbook_autor']) && empty($_POST['gbook_autor'])))
$error=1;
elseif(strlen(trim($_POST['content']))>$config['gbook_maxchars'])
{
$error=2;
$charcount=strlen($_POST['content']);
}
elseif($infocount[0]>0)
$error=3;
elseif(!checkusername($_POST['gbook_autor'],1))
$error=4;
elseif(($_POST['gbook_notify']==1 || $_POST['gbook_email']!='') && !emailcheck($_POST['gbook_email'],1))
$error=5;
else
{
if($ACTION==$_POST['save'])
{
if($DB->query(INSERT INTO .$db_tab['gbook'].
(gbook_autor, gbook_title, gbook_email, gbook_icqnr, gbook_time, gbook_text, gbook_check, gbook_hpage, gbook_ip, gbook_userid, gbook_notify) VALUES
('.$SQL->f($_POST['gbook_autor']).',
->.$SQL->f($_POST['gbook_title']).',
->.$SQL->f($_POST['gbook_email']).',
->.$SQL->f($_POST['gbook_icqnr']).',
->.pkTIME.',
->.$SQL->f($_POST['content']).',
->.$SQL->i($_POST['gbook_check']).',
->.$SQL->f($_POST['gbook_hpage']).',
->.$SQL->f($ENV->getvar('REMOTE_ADDR')).',
->.$SQL->i(pkGetUservalue('id')).',
->.$SQL->i($_POST['gbook_notify']).')))
{
$gbid=$DB->insert_id();
$autor=$_POST['gbook_autor'];
$mail_title=$config['site_name'].' -->.$lang['new_gbentry'].':->.$_POST['gbook_title'];
eval(\$mail_text= \.pkTpl(guestbook/signgb_mail_notify).\;);
notifymail('gbook',$mail_title,$mail_text);
$im_title=$lang['new_gbentry'].':->.$_POST['gbook_title'];
eval(\$im_text= \.pkTpl(guestbook/signgb_im_notify).\;);
notifyim('gbook',$im_title,$im_text);
pkHeaderlocation('','','event=guestbook');
}
$error=6;
}
elseif($ACTION==$_POST['preview'])
{
pkLoadClass($BBCODE,'bbcode');
$counter=$DB->fetch_array($DB->query(SELECT COUNT(*) FROM .$db_tab['gbook'].));
$gbook_number=$counter[0]+1;
if($_POST['gbook_autor']!='')
$gbook_autor=pkEntities($_POST['gbook_autor']);
else
$gbook_autor=pkGetUservalueF('nick');
if($_POST['gbook_check']==1 && $_POST['gbook_email']!='')
{
$userinfo['user_email']=pkEntities($_POST['gbook_email']);
eval(\$gbook_email= \.pkTpl(member_email_iconlink).\;);
}
else
$gbook_email='->;
if($_POST['gbook_hpage']!='')
{
if(eregi(http://,$_POST['gbook_hpage']))
$info_link=pkEntities($_POST['gbook_hpage']);
else
$info_link=http://.pkEntities($_POST['gbook_hpage']);
eval(\$gbook_hpage= \.pkTpl(member_hpage_iconlink).\;);
}
else
$gbook_hpage='->;
if($_POST['gbook_icqnr']>0)
{
$userinfo['user_icqid']=$_POST['gbook_icqnr'];
eval(\$gbook_icq= \.pkTpl(member_icq_iconlink).\;);
}
else
$gbook_icq='->;
$gbook_title=pkEntities($_POST['gbook_title']);
$gbook_text=$BBCODE->parse($_POST['content'],0,$config['gbook_ubb'],$config['gbook_smilies'],$config['gbook_images'],1,pkGetConfig('guestbook_imageresize'),pkGetConfig('guestbook_textwrap'));
$gbook_time=formattime();
eval(\$site_body.= \.pkTpl(guestbook/signgb_preview).\;);
}
}
}
if($error>0)
eval(\$sign_message= \.pkTpl(guestbook/signgb_error.$error).\;);
else
eval(\$sign_message= \.pkTpl(guestbook/signgb_message).\;);
if($_POST['gbook_autor']!='')
$gbook_autor=pkEntities($_POST['gbook_autor']);
else
$gbook_autor=pkGetUservalueF('nick');
if($_POST['gbook_email']!='')
$gbook_email=pkEntities($_POST['gbook_email']);
else
$gbook_email=pkGetUservalueF('email');
if($_POST['gbook_check']==1)
$check1=checked;
elseif($ACTION=='view')
$check1=checked;
if($config['gbook_commenteod']==1)
{
if($_POST['gbook_notify']==1)
$check2=checked;
eval(\$sign_comment= \.pkTpl(guestbook/signgb_comment).\;);
}
if(isset($_POST['gbook_hpage']) && !empty($_POST['gbook_hpage']))
$gbook_hpage=pkEntities(trim($_POST['gbook_hpage']));
elseif(($gbook_hpage=pkGetUservalue('hpage')) && !empty($gbook_hpage))
$gbook_hpage=pkGetUservalueF('hpage');
else
$gbook_hpage='';
if(intval($_POST['gbook_icqnr'])>0)
$gbook_icqnr=intval($_POST['gbook_icqnr']);
elseif(intval(pkGetUservalue('icqid'))>0)
$gbook_icqnr=intval(pkGetUservalue('icqid'));
if(trim($_POST['gbook_title'])!='')
$gbook_title=pkEntities($_POST['gbook_title']);
if(trim($_POST['content'])!='')
$gbook_text=pkEntities($_POST['content']);
unset($sign_format);
if($config['gbook_ubb']==1)
eval(\$sign_format= \.pkTpl(format_text).\;);
if($config['gbook_smilies']==1)
{
$smilies=new smilies();
$sign_format.=$smilies->getSmilies(1);
}
if($sign_format)
eval(\$sign_format= \.pkTpl(format_table).\;);
$captcha=pkCaptchaField(NULL,2);
eval(\$site_body.= \.pkTpl(guestbook/signgb).\;);
break;
#END case sign
default :
if(!$config['gbook_eod']==1)
{
pkEvent('function_disabled');
return;
}
pkLoadClass($BBCODE,'bbcode');
pkLoadFunc('user');
if(isset($_REQUEST['entries']) && intval($_REQUEST['entries'])>0)
$entries=intval($_REQUEST['entries']);
else
$entries=0;
if($config['gbook_welcome']!=)
{
$gbook_welcome=$BBCODE->parse($config['gbook_welcome'],1,1,1,1);
eval(\$gbook_welcome= \.pkTpl(guestbook/viewgb_welcome).\;);
}
if($path=='guestbook')
{
$counter=$DB->fetch_array($DB->query(SELECT COUNT(*) FROM .$db_tab['gbook']));
$sidelink=sidelinkfull($counter[0], $config['gbook_epp'], $entries, include.php?path=guestbook,small);
eval(\$gbook_sidelink= \.pkTpl(guestbook/viewgb_sidelink).\;);
}
$gbook_number=$counter[0]-$entries;
if(intval($_REQUEST['gbid']>0))
$sqlcommand= WHERE gbook_id='.intval($_REQUEST['gbid']).';
else
unset($sqlcommand);
$getinfo=$DB->query(SELECT * FROM .$db_tab['gbook']. .$sqlcommand.
ORDER BY gbook_time DESC LIMIT .$entries.,.$config['gbook_epp']);
unset($sqlcommand);
while($gbookinfo=$DB->fetch_array($getinfo))
{
$gbookinfo_hash[]=$gbookinfo;
if($gbookinfo['gbook_userid']!=0)
{
if($sqlcommand)
$sqlcommand.= OR user_id='.$gbookinfo['gbook_userid'].';
else
$sqlcommand=SELECT * FROM .$db_tab['user']. WHERE user_id='.$gbookinfo['gbook_userid'].';
}
}
if($sqlcommand)
{
$getuserinfo=$DB->query($sqlcommand);
while($userinfo=$DB->fetch_array($getuserinfo))
{
$userinfo_cache[$userinfo['user_id']]=$userinfo;
}
}
if(is_array($gbookinfo_hash))
{
foreach($gbookinfo_hash as $gbookinfo)
{
$row=rowcolor($row);
if($gbookinfo['gbook_userid']!=0 && $userinfo_cache[$gbookinfo['gbook_userid']]!='')
{
$userinfo=$userinfo_cache[$gbookinfo['gbook_userid']];
$userinfo['user_nick']=pkEntities($userinfo['user_nick']);
eval(\$gbook_autor= \.pkTpl(member_showprofil_textlink).\;);
if(isonline($userinfo['user_id']))
eval(\$info_os= \.pkTpl(member_os_online).\;);
else
eval(\$info_os= \.pkTpl(member_os_offline).\;);
if($userinfo['user_emailshow']==1)
{
if($config['member_mailer']==1)
eval(\$gbook_email= \.pkTpl(member_email_iconlink2).\;);
else
eval(\$gbook_email= \.pkTpl(member_email_iconlink).\;);
}
if(intval($userinfo['user_icqid'])>0)
eval(\$gbook_icq= \.pkTpl(member_icq_iconlink).\;);
if($userinfo['user_hpage']!='')
{
if(ereg(http://,$userinfo['user_hpage']))
$info_link=pkEntities($userinfo['user_hpage']);
else
$info_link=http://.pkEntities($userinfo['user_hpage']);
eval(\$gbook_hpage= \.pkTpl(member_hpage_iconlink).\;);
}
$info_sig=pkUserSignature($userinfo['user_sig']);
}
else
{
$gbook_autor=$userinfo['user_nick']=pkEntities($gbookinfo['gbook_autor']);
if($gbookinfo['gbook_check']==1 && $gbookinfo['gbook_email']!='')
{
$userinfo['user_email']=pkEntities($gbookinfo['gbook_email']);
eval(\$gbook_email= \.pkTpl(member_email_iconlink).\;);
}
if($gbookinfo['gbook_hpage']!='')
{
if(ereg(http://,$gbookinfo['gbook_hpage']))
$info_link=pkEntities($gbookinfo['gbook_hpage']);
else
$info_link=http://.pkEntities($gbookinfo['gbook_hpage']);
eval(\$gbook_hpage= \.pkTpl(member_hpage_iconlink).\;);
}
if(intval($gbookinfo['gbook_icqnr'])>0)
{
$userinfo['user_icqid']=intval($gbookinfo['gbook_icqnr']);
eval(\$gbook_icq= \.pkTpl(member_icq_iconlink).\;);
}
eval(\$info_os= \.pkTpl(guest_os_icon).\;);
}
$gbook_title=pkEntities($gbookinfo['gbook_title']);
$gbook_text=$BBCODE->parse($gbookinfo['gbook_text'],0,$config['gbook_ubb'],$config['gbook_smilies'],$config['gbook_images'],1,pkGetConfig('guestbook_imageresize'),pkGetConfig('guestbook_textwrap'));
$gbook_time=formattime($gbookinfo['gbook_time']);
if(adminaccess('gbedit') || adminaccess('gbdelete'))
{
if($gbookinfo['gbook_ip']==0)
eval(\$gbook_ip= \.pkTpl(guestbook/gbook_ipno_iconlink).\;);
else
eval(\$gbook_ip= \.pkTpl(guestbook/gbook_ip_iconlink).\;);
if(adminaccess('gbedit'))
eval(\$gbook_admin= \.pkTpl(guestbook/gbook_admin_iconlink).\;);
if(adminaccess('gbdelete'))
eval(\$gbook_admin.= \.pkTpl(guestbook/gbook_admin_iconlink2).\;);
}
if($config['gbook_commenteod']==1)
{
list($ccounter)=$DB->fetch_row($DB->query(SELECT COUNT(*) FROM .$db_tab['comment']. WHERE comment_cat='gb' and comment_subid='.$gbookinfo['gbook_id'].'));
$gbook_comment=pkGetSpecialLang('comment',$ccounter);
eval(\$gbook_comment= \.pkTpl(guestbook/viewgb_comment_textlink).\;);
}
eval(\$gbook_row.= \.pkTpl(guestbook/viewgb_row).\;);
$gbook_number--;
unset($gbook_email);
unset($gbook_hpage);
unset($gbook_icq);
unset($gbook_admin);
unset($gbook_ip);
unset($gbook_comment);
unset($info_sig);
}
}
eval(\$site_body.= \.pkTpl(guestbook/viewgb).\;);
break;
#END default
}
?>