Parašė Meskis· 2009 Sau. 10 20:01:06
#8
here it is:
<?php
/*---------------------------------------------------+
| eXtreme-Fusion Content Management System |
+----------------------------------------------------+
| Copyright (c) 2005 eXtreme Crew |
| http://www.extreme-fusion.pl |
+----------------------------------------------------+
| Engine Php-fusion by Nick Jones |
| http://www.php-fusion.co.uk/ |
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the |
| GNU General Public License. For details refer to |
| the included gpl.txt file or visit http://gnu.org |
+----------------------------------------------------*/
if (!defined("IN_FUSION")) { header("Location: ../../index.php"); exit; }
if (isset($_GET[id]) && !isNum($_GET[id])) fallback(FUSION_SELF);
if (isset($_GET[shout]) && !preg_match("#(add|edit|delete)#iu", $_GET[shout])) fallback(FUSION_SELF);
define("SBX_EDIT_USER", $settings[sbx_edit_user]);
$shout = $_GET[shout]; $id = $_GET[id];
openside($locale['120']);
if (iMEMBER || $settings['guestposts'] == "1") {
$result = dbquery("SELECT * FROM ".$db_prefix."shoutbox WHERE shout_id='".$id."'");
if (dbrows($result)) $sdata = dbarray($result);
if (isset($_POST['post_shout']) && isset($shout)) {
$flood = false;
if (iMEMBER) {
$shout_name = $userdata['user_id'];
} elseif ($settings['guestposts'] == "1") {
$shout_name = trim(stripinput($_POST['shout_name']));
$shout_name = preg_replace("(^[0-9]*)", "", $shout_name);
if (isNum($shout_name)) $shout_name="";
}
$shout_message = str_replace("\n", " ", $_POST['shout_message']);
$shout_message = preg_replace("/^(.{255}).*$/", "$1", $shout_message);
$shout_message = str_replace("[", " [", $shout_message);
$shout_message = preg_replace("/([^\s]{21})/", "$1\n", $shout_message);
$shout_message = trim(stripinput(censorwords($shout_message)));
$shout_message = str_replace("\n", "<br>", $shout_message);
if ($shout_name != "" && $shout_message != "") {
$result = dbquery("SELECT MAX(shout_datestamp) AS last_shout FROM ".$db_prefix."shoutbox WHERE shout_ip='".USER_IP."'");
if (!iSUPERADMIN && dbrows($result) > 0) {
$data = dbarray($result);
if ((time() - $data['last_shout']) < $settings['flood_interval']) {
$flood = true;
$result = dbquery("INSERT INTO ".$db_prefix."flood_control (flood_ip, flood_timestamp) VALUES ('".USER_IP."', '".time()."')");
if (dbcount("(flood_ip)", "flood_control", "flood_ip='".USER_IP."'") > 4) {
if (iMEMBER) $result = dbquery("UPDATE ".$db_prefix."users SET user_status='1' WHERE user_id='".$userdata['user_id']."'");
}
}
}
if (!$flood) {
$lin = FUSION_QUERY;
if ($shout =='add') {
$result = dbquery("INSERT INTO ".$db_prefix."shoutbox (shout_name, shout_message, shout_datestamp, shout_ip) VALUES ('$shout_name', '$shout_message', '".time()."', '".USER_IP."')");
if (EPS && iMEMBER) {
$przydzial = dbarray(dbquery("SELECT point_ammount from ".DB_PREFIX."eps_points WHERE point_id='2'"));
$result = dbquery("UPDATE ".DB_PREFIX."users SET points_normal=points_normal+".($przydzial['point_ammount'])." WHERE user_id='".$userdata['user_id']."'");
}
}
if ($shout =='edit' AND checkrights("S")
OR SBX_EDIT_USER AND iMEMBER AND $sdata['shout_name'] == $userdata['user_id']) {
$result = dbquery("UPDATE ".$db_prefix."shoutbox SET shout_message='$shout_message' WHERE shout_id='".$id."'");
}
$lin = str_replace("&shout=$shout&id=$id", '', $lin);
$lin = str_replace("shout=$shout&id=$id", '', $lin);
if($lin != '') redirect(FUSION_SELF."?".$lin);
else redirect(FUSION_SELF.$lin);
}
}
}
if (
isset($shout) AND isset($id) AND isNum($id) AND checkrights("S")
OR isset($shout) AND isset($id) AND isNum($id) AND !checkrights("S") AND iMEMBER AND $sdata['shout_name'] == $userdata['user_id'] AND SBX_EDIT_USER
) {
if ($shout == 'edit') {
$shout_message = str_replace("<br>", "", $sdata[shout_message]);
$shout_message = str_replace(" [", "[", $shout_message);
} else if ($shout == 'delete') {
$result = dbquery("DELETE from ".$db_prefix."shoutbox WHERE shout_id='".$id."'");
$lin = FUSION_QUERY;
$lin = str_replace("&shout=$shout&id=$id", '', $lin);
$lin = str_replace("shout=$shout&id=$id", '', $lin);
if($lin != '') redirect(FUSION_SELF."?".$lin);
else redirect(FUSION_SELF.$lin);
}
} else {
$id = 0;
$shout = 'add';
$shout_message = '';
$shout_name = '';
}
if(iMEMBER){
$caution_r = dbquery("SELECT * from ".$db_prefix."cautions WHERE user_id=".$userdata['user_id']);
$caution = dbarray($caution_r);
$c_count = dbrows($caution_r);
$caution_conf = dbarray(dbquery("SELECT * from ".$db_prefix."cautions_config"));
}
if ($c_count > $caution_conf['shoutbox']) {
echo $caution_conf['shoutbox_info']."<br><br>";
} else {
if ($shout == 'add') {
echo "<form name='chatform' method='post' action='".FUSION_SELF.(FUSION_QUERY ? "?".str_replace("&","&",FUSION_QUERY."&shout=$shout&id=$id") : "?shout=add&id=$id")."'>";
} else {
echo "<form name='chatform' method='post' action='".FUSION_SELF.(FUSION_QUERY ? "?".str_replace("&","&",FUSION_QUERY) : "?shout=$shout&id=$id")."'>";
}
echo"
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td colspan='2' style='text-align:center;'>\n";
if (iGUEST) {
echo $locale['121']."<br>
<input type='text' name='shout_name' value='$shout_name' class='textbox' maxlength='30' style='width:140px;'><br>
".$locale['122']."<br>\n";
}
echo" <textarea name='shout_message' rows='4' class='textbox' style='width:140px;'>$shout_message</textarea>";
echo" <center><A href=\"javascript:show_hide(ShowHide2)\"><img border='0' src='".INFUSIONS."shoutbox_panel/images/icon_select.gif' vspace='2' title='".$locale['129']."'></a> ";
echo" <A href=\"javascript:show_hide(ShowHide7)\"><img border='0' src='".INFUSIONS."shoutbox_panel/images/icon_bbcode.gif' vspace='2' title='BBCode'></a> ";
echo" <a href='".INFUSIONS."shoutbox_panel/shoutboxhelp.php'><img border='0' src='".INFUSIONS."shoutbox_panel/images/icon_help.gif' vspace='2' title='".$locale['130']."'></a>";
echo" <div id='ShowHide2'><FIELDSET><LEGEND>".$locale['131']."</LEGEND>";
echo displaysmileys("shout_message", 1)."</FIELDSET><script>show_hide(ShowHide2)</script></div>";
echo" <div id='ShowHide7'><FIELDSET><LEGEND>BBCode</LEGEND><center><input type='button' value='b' class='button' style='font-weight:bold;width:25px;' onClick=\"addText2('shout_message', '', '');\">";
echo" <input type='button' value='i' class='button' style='font-style:italic;width:25px;' onClick=\"addText2('shout_message', '', '');\">";
echo" <input type='button' value='u' class='button' style='text-decoration:underline;width:25px;' onClick=\"addText2('shout_message', '', '');\"></center><br>";
echo" <select name='bbcolor' class='textbox' style='width:90px;' onChange=\"addText2('shout_message', '[color=' + this.options[this.selectedIndex].value + ']', '[/color]');this.selectedIndex=0;\">
<option value=''>Default</option>
<option value='maroon' style='color:maroon;'>Maroon</option>
<option value='red' style='color:red;'>Red</option>
<option value='orange' style='color:orange;'>Orange</option>
<option value='brown' style='color:brown;'>Brown</option>
<option value='yellow' style='color:yellow;'>Yellow</option>
<option value='green' style='color:green;'>Green</option>
<option value='lime' style='color:lime;'>Lime</option>
<option value='olive' style='color:olive;'>Olive</option>
<option value='cyan' style='color:cyan;'>Cyan</option>
<option value='blue' style='color:blue;'>Blue</option>
<option value='navy' style='color:navy;'>Navy Blue</option>
<option value='purple' style='color:purple;'>Purple</option>
<option value='violet' style='color:violet;'>Violet</option>
<option value='black' style='color:black;'>Black</option>
<option value='gray' style='color:gray;'>Gray</option>
<option value='silver' style='color:silver;'>Silver</option>
<option value='white' style='color:white;'>White</option>
</select></FIELDSET>";
echo" </td>
</tr>";
echo" <tr>
<td align='center'>
<input type='submit' name='post_shout' value='".$locale['123']."' class='button'>";
echo" </td>
</tr>
</table></form></div>\n";
echo"<script>show_hide(ShowHide7)</script>";
}
echo"<br>\n";
} else {
echo"<center>".$locale['125']."</center><br>\n";
}
$result = dbquery("
SELECT * FROM ".DB_PREFIX."shoutbox
LEFT JOIN ".DB_PREFIX."users ON ".DB_PREFIX."shoutbox.shout_name=".DB_PREFIX."users.user_id
ORDER BY shout_datestamp DESC LIMIT 0,".$settings['numofshouts']
);
echo" <script type='text/javascript' src='".INFUSIONS."shoutbox_panel/js/lighttable.js' language='Javascript'></script>";
echo" <script type=\"text/javascript\">
iens6=document.all||document.getElementById
ns4=document.layers
//specify speed of scroll (greater=faster)
var speed=5
if (iens6){
document.write('<div id=\"container\" style=\"position:relative;width:100%;height:280px;border:0px solid #444444;overflow:hidden\">')
document.write('<div id=\"content\" style=\"position:absolute;width:100%;left:0;top:0\">')
}
</script>";
echo "<ilayer name=\"nscontainer\" width=100% height=250 clip=\"0,0,277,400\">";
echo "<layer name=\"nscontent\" width=100% height=250 visibility=hidden>";
if (dbrows($result) > 0) {
$gouest_opt = dbarray(dbquery("SELECT * FROM ".$db_prefix."colors WHERE user_level=0"));
while ($data = dbarray($result)) {
echo"<FIELDSET><LEGEND><span class='shoutboxname'>";
$user = "<span style='color:#".$data['user_color']."'>".$data['user_prefix'].$data['user_name']."</span>";
if ($data['user_name']) {
echo"<a href='".BASEDIR."profile.php?lookup=".$data['user_id']."' class='side'>$user</a><br>\n";
} else {
echo"<span style='color:#".$gouest_opt['user_color']."'>".$gouest_opt['user_prefix'].$data['shout_name']."</span>\n";
}
echo"</span></LEGEND>";
if (checkrights("S") AND $shout != "edit"){
echo "[ <a href='".FUSION_SELF.(FUSION_QUERY ? "?".str_replace("&","&",FUSION_QUERY)."&shout=delete&id=".$data['shout_id'] : "?shout=delete&id=".$data['shout_id'])."'>".$locale['133']."</a> | <a href='".FUSION_SELF.(FUSION_QUERY ? "?".str_replace("&","&",FUSION_QUERY)."&shout=edit&id=".$data['shout_id'] : "?shout=edit&id=".$data['shout_id'])."'>".$locale['134']."</a> ]<br><font style='font-style:italic;font-family:Tahoma;font-size:8;color:#777777;'>IP: ".$data['user_ip']."</font><br>";
} elseif (SBX_EDIT_USER AND iMEMBER AND $data['shout_name'] == $userdata['user_id'] AND $id == "" AND !checkrights("S")) {
echo "[ <a href='".FUSION_SELF.(FUSION_QUERY ? "?".str_replace("&","&",FUSION_QUERY)."&shout=edit&id=".$data['shout_id'] : "?shout=edit&id=".$data['shout_id'])."'>".$locale['134']."</a> ]<br>";
} else {
echo "\n";
}
echo "<span class='shoutboxdate'><font style='font-style:italic;font-family:Tahoma;font-size:8;color:#777777;'>".$locale['135']." ".showdate("shortdate", $data['shout_datestamp'])."</font></span><br>";
$mes = str_replace(" [", "[", $data[shout_message]);
$mes = nl2br(parseubb(parsesmileys($mes)));
echo "<span class='shoutbox'>".$mes ."</span></FIELDSET>";
echo "<br>\n";
}
} else {
echo "<div align='left'>".$locale['127']."</div>\n";
}
echo "</layer></ilayer><script language=\"JavaScript1.2\">
if (iens6)
document.write('</div></div>')
</script>";
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\"><td><p align=\"right\">";
echo "<a href=\"#\" onMouseover=\"moveup()\" onMouseout=\"clearTimeout(moveupvar)\"><img src=\"".INFUSIONS."shoutbox_panel/images/up.gif\" border=\"0\"></a> ";
echo "<a href=\"#\" onMouseover=\"movedown()\" onMouseout=\"clearTimeout(movedownvar)\"><img src=\"".INFUSIONS."shoutbox_panel/images/down.gif\" border=\"0\"></a>";
echo "</td></table>";
if (iMEMBER) {
echo "<hr><center>\n<img border='0' src='".THEME."images/bullet.gif'> ";
echo "<a href='".INFUSIONS."shoutbox_panel/shoutbox_archive.php' class='side'>".$locale['126']."</a> ";
echo "<img border='0' src='".THEME."images/bulletb.gif'></center>\n";
} else {
echo "<div align='left'></div>\n";
}
echo "<script language=\"JavaScript1.2\">
if (iens6) {
var crossobj=document.getElementById? document.getElementById(\"content\") : document.all.content
var contentheight=crossobj.offsetHeight
}
else if (ns4) {
var crossobj=document.nscontainer.document.nscontent
var contentheight=crossobj.clip.height
}
function movedown(){
if (iens6&&parseInt(crossobj.style.top)>=(contentheight*(-1)+100))
crossobj.style.top=parseInt(crossobj.style.top)-speed+\"px\"
else if (ns4&&crossobj.top>=(contentheight*(-1)+100))
crossobj.top-=speed
movedownvar=setTimeout(\"movedown()\",20)
}
function moveup(){
if (iens6&&parseInt(crossobj.style.top)<=0)
crossobj.style.top=parseInt(crossobj.style.top)+speed+\"px\"
else if (ns4&&crossobj.top<=0)
crossobj.top+=speed
moveupvar=setTimeout(\"moveup()\",20)
}
function getcontent_height(){
if (iens6)
contentheight=crossobj.offsetHeight
else if (ns4)
document.nscontainer.document.nscontent.visibility=\"show\"
}
window.onload=getcontent_height
</script>";
closeside();
?>
bet cia lieva ta saukykla, man paciam nepatinka, reiktu panasios kaip buvo emotive.in ar tokios niekur negausiu? ?|
Redagavo Meskis· 2009 Sau. 10 20:01:56