get("error_falselink")."\");"); if ($modpermissions['userid']==$wbbuserdata['userid'] || $wbbuserdata['issupermod']==1){ $wbbuserdata['canuploadfilebase']=1; $wbbuserdata['candownloadfilebase']=1; $filebase['filebasepermission']=1; } switch ($action){ case "selectdb": if (isset($_POST['send'])){ if($filebaseid>=0) { header("Location: filebase_entry.php?action=addentry&filebaseid=$filebaseid&sid=$session[hash]"); exit(); } } $result = $db->query("SELECT filebaseid, closed FROM bb".$n."_filebases WHERE forumid='$forumid'"); while($row = $db->fetch_array($result)) if(!$row['closed']) $filebases[] = $row['filebaseid']; if(count($filebases)==1) { header("Location: filebase_entry.php?action=addentry&filebaseid=$filebases[0]&sid=$session[hash]"); exit(); } $filebasejump = makefilebaseselectdb($filebases[0], $filebases); eval("\$tpl->output(\"".$tpl->get("filebase_selectdb")."\");"); break; case "fileedit": if ($wbbuserdata['canuploadfilebase']!=1) access_error(); if (isset($_POST['send'])){ $filetype = explode(".",$_FILES['file']['name']); $random=code_generate(); if($_POST['externurl']) { $file_name = substr(strrchr($_POST['externurl'], "/"),1); $file_extension = strtolower(substr(strrchr($file_name,"."),1)); $file_name = substr($file_name,0,(intval(strlen($file_extension))+1)*-1); // $file_name = substr(strrchr($_POST['externurl'], "/"),1); // list($file_name, $file_extension) = explode(".", $file_name); $file_handle = @fopen($_POST['externurl'],"r"); $file_size = filesize_remote($_POST['externurl']); if(!$file_size && !$file_handle) eval ("\$error.= \"".$tpl->get("filebase_newentry_error6")."\";"); } else { $file_extension = strtolower(substr(strrchr($_FILES['file']['name'],"."),1)); $file_name = substr($_FILES['file']['name'],0,(intval(strlen($file_extension))+1)*-1); } $allowedfilebaseextensions = explode("\n",$wbbuserdata['allowedfilebaseextensions']); $allowedfilebaseextensions = trim_array($allowedfilebaseextensions); if ($_FILES['file']['size']>$wbbuserdata['maxfilebasesize'] || $file_size>$wbbuserdata['maxfilebasesizeextern'] || (!$_FILES['file']['size'] && !$file_size && !$file_handle)) eval ("\$error.= \"".$tpl->get("filebase_editfile_error1")."\";"); if($_POST['externurl']) @fclose($file_handle); if (!in_array($file_extension,$allowedfilebaseextensions)) eval("\$error.= \"".$tpl->get("filebase_editfile_error2")."\";"); if (!$error){ if($filebase['ftpup']) { require("acp/lib/class_ftp.php"); $ftp = new ftp($db_ftpserver,$db_ftpuser,$db_ftppass); } if($fileid){ $attach = $db->query_first("SELECT * FROM bb".$n."_filebase_attachments WHERE attachmentid='".$fileid."'"); if($_FILES['file']['name'] || $attach['externurl']!=$_POST['externurl']) $db->query("DELETE FROM bb".$n."_filebase_attachments WHERE attachmentid='".$fileid."'"); if($filebase['ftpup'] && $attach['externurl'] == "") $ftp->del($db_invpath.$filebase['filepath'],$attach['attachmentid']."-".$attach['random'].".".$attach['attachmentextension']); else if($attach['externurl'] == "") unlink ($filebase['filepath']."/".$attach['attachmentid']."-".$attach['random'].".".$attach['attachmentextension']); } $db->query("INSERT INTO bb".$n."_filebase_attachments SET attachmentname='".$file_name."',attachmentextension='".$file_extension."', attachmentsize='".(($file_size) ? ($file_size) : (intval($_FILES['file']['size'])))."',externurl='".addslashes($_POST['externurl'])."',random='".$random."'"); $attaid=$db->insert_id("bb".$n."_filebase_attachments","attachmentid");; if($filebase['ftpup'] && $_POST['externurl'] == ""){ if(is_uploaded_file($_FILES['file']['tmp_name'])){ $ftp->put($_FILES['file']['tmp_name'],$db_invpath.$filebase['filepath'],$attaid."-".$random.".".$file_extension); if ($ftp->err) $error.=implode(" ",$ftp->err); } } else if($_POST['externurl'] == ""){ if(move_uploaded_file($_FILES['file']['tmp_name'],$filebase['filepath']."/".$attaid."-".$random.".".$file_extension)){} else $error="

Der Dateiupload ist fehlgeschlagen. Bitte wenden sie sich an den Administrator (Ordner nicht vorhanden)

"; } } if($error){ $db->query("DELETE FROM bb".$n."_filebase_attachments WHERE attachmentid='".$attaid."'"); eval ("\$error = \"".$tpl->get("filebase_editfile_error")."\";"); } else { eval("\$tpl->output(\"".$tpl->get("filebase_editfile_rdy")."\");"); exit(); } } $maxsize = formatFilesize($wbbuserdata['maxfilebasesize']); if ($fileid) { eval ("\$alreadyadd = \"".$tpl->get("filebase_editfile_alreadyadd")."\";"); $attach = $db->query_first("SELECT * FROM bb".$n."_filebase_attachments WHERE attachmentid='".$fileid."'"); } if($wbbuserdata['canuploadfilebaseextern']) { $maxsizeextern = formatFilesize($wbbuserdata['maxfilebasesizeextern']); eval ("\$fb_externurl = \"".$tpl->get("filebase_editfile_externurl")."\";"); } eval("\$tpl->output(\"".$tpl->get("filebase_editfile")."\");"); break; case "addentry": if($wbbuserdata['canuploadfilebase']==0 || $filebase['uploadpermission']==0 || $filebase['closed']==1 || $filebase['isfilebase']==0) access_error(); if($newthread_default_checked_0==1) $checked[0]="checked"; if($wbbuserdata['emailnotify']==1) $checked[1]="checked"; if($newthread_default_checked_2==1) $checked[2]="checked"; if($newthread_default_checked_3==1) $checked[3]="checked"; if(isset($_POST['send'])) { $topic=trim($_POST['topic']); if($dostopshooting==1) $topic=stopShooting($topic); $message=stripcrap(trim($_POST['message'])); $fileid=intval($_POST['fileid']); $uploadname=$_POST['uploadname']; $demourl=$_POST['demourl']; $version=$_POST['version']; if(!$wbbuserdata['userid']) $guestname=trim($_POST['guestname']); if(!isset($_POST['preview'])) { $error=""; if(!$wbbuserdata['userid']) { $wbbuserdata['username']=$guestname; if(!$wbbuserdata['username'] || !verify_username($wbbuserdata['username'])) eval ("\$error .= \"".$tpl->get("newentry_error2")."\";"); $wbbuserdata['username']=htmlspecialchars($wbbuserdata['username']); } $alreadyfile = $db->query_first("SELECT entryid FROM bb".$n."_filebase_attachments WHERE attachmentid='$fileid'"); if(!$topic || !$message || !$fileid) eval ("\$error .= \"".$tpl->get("filebase_newentry_error1")."\";"); if(flood_control($wbbuserdata['userid'],$REMOTE_ADDR,$wbbuserdata['avoidfc'])) eval ("\$error .= \"".$tpl->get("filebase_newentry_error3")."\";"); if($wbbuserdata['maxpostimage']!=-1 && substr_count(strtolower($message),"[img]")>$wbbuserdata['maxpostimage']) eval ("\$error .= \"".$tpl->get("filebase_newentry_error4")."\";"); if($alreadyfile['entryid']) eval ("\$error .= \"".$tpl->get("filebase_newentry_error5")."\";"); if(!$fileid) eval ("\$error .= \"".$tpl->get("filebase_newentry_error6")."\";"); // $attach = $db->query_first("SELECT * FROM bb".$n."_filebase_attachments WHERE attachmentid='$fileid'"); if($error) eval ("\$newentry_error .= \"".$tpl->get("filebase_newentry_error")."\";"); else { if($_POST['parseurl']==1) $message = parseURL($message); if($wbbuserdata['canuploadfilebasewithoutmoderation']==1) $filebase['moderatenew']=0; $time = time(); /* Guthaben 4.xx Start * Filebase Upload, Betrag gutschreiben */ $hopfi=$db->query_first("SELECT * FROM bb".$n."_guthaben WHERE gutid='1'"); if($hopfi['fileuponoff'] == 1) { $db->query("INSERT INTO bb".$n."_kontoauszug (kid,userid,datum,uhrzeit,info,betrag,art) VALUES ('','".$wbbuserdata['userid']."','".date("d.m.y")."','".date("H:i")."','Datei : [".$topic."] in die Filebase upgeloadet.','".$hopfi['fileupguthaben']."','plus')"); $db->query("UPDATE bb".$n."_users SET guthaben=guthaben+".$hopfi['fileupguthaben']." WHERE userid='".$wbbuserdata['userid']."'"); } /* Guthaben 4.xx Ende * Filebase Upload, Betrag gutschreiben */ $db->query("INSERT INTO bb".$n."_filebase_entries (entryid,filebaseid,topic,message,posttime,userid,username,visible,ipaddress,demourl,version) VALUES (NULL,'".$filebase['filebaseid']."','".addslashes(htmlspecialchars($topic))."','".addslashes($message)."','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata['username'])."','".ifelse($filebase['moderatenew']==1,-1,1)."','".$REMOTE_ADDR."','".addslashes($_POST['demourl'])."','".addslashes($_POST['version'])."')"); $entryid = $db->insert_id(); $attach = $db->query("UPDATE bb".$n."_filebase_attachments SET entryid=$entryid WHERE attachmentid='$fileid'"); if($filebase['moderatenew']==0) $db->query("UPDATE bb".$n."_filebases SET entrycount=entrycount+1, lastentryid='$entryid', lastposttime='$time', lastposterid='$wbbuserdata[userid]', lastposter='".addslashes($wbbuserdata[username])."' WHERE filebaseid IN ($filebase[parentlist],$filebaseid)"); // ##### Erstellen des Support-entrys, wenn Forum angegeben $board = $db->query_first("SELECT isboard,parentlist,title FROM bb".$n."_boards WHERE boardid='".$filebase['forumid']."'"); if($filebase['forumid'] && $board['isboard']) { $db->query("INSERT INTO bb".$n."_threads (threadid,boardid,topic,starttime,starterid,starter,lastposttime,lastposterid,lastposter,visible) VALUES (NULL,'".$filebase['forumid']."','".addslashes(htmlspecialchars($topic))."','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata['username'])."','$time','$wbbuserdata[userid]','".addslashes($wbbuserdata['username'])."','".ifelse($filebase['moderatenew']==1,-1,1)."')"); $threadid = $db->insert_id(); $db->query("UPDATE bb".$n."_filebase_entries SET threadid='$threadid' WHERE entryid='$entryid'"); eval ("\$message .= \"".$tpl->get("filebase_threadbb")."\";"); $db->query("INSERT INTO bb".$n."_posts (postid,threadid,userid,username,posttopic,posttime,message,allowsmilies,showsignature,ipaddress,visible) VALUES (NULL,'$threadid','$wbbuserdata[userid]','".addslashes($wbbuserdata['username'])."','".addslashes(htmlspecialchars($topic))."','$time','".addslashes($message)."','".(1-intval($_POST['disablesmilies']))."','".intval($_POST['showsignature'])."','".$REMOTE_ADDR."','".ifelse($filebase['moderatenew']==1,-1,1)."')"); $postid = $db->insert_id(); if($_POST['emailnotify']==1 && $wbbuserdata['userid']) $db->query("INSERT INTO bb".$n."_subscribethreads (userid,threadid,emailnotify,countemails) VALUES ($wbbuserdata[userid],$entryid,1,0)"); wordmatch($postid,$message,$topic); $wbbuserdata['userposts']+=1; list($rankid)=$db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$wbbuserdata[groupid]') AND needposts<='$wbbuserdata[userposts]' AND gender IN ('0','$wbbuserdata[gender]') ORDER BY needposts DESC, gender DESC LIMIT 1"); $db->query("UPDATE bb".$n."_users SET userposts=userposts+1".ifelse($rankid!=$wbbuserdata['rankid'],", rankid='$rankid'","")." WHERE userid = '$wbbuserdata[userid]'"); if($filebase['moderatenew']==1) eval("redirect(\"".$tpl->get("redirect_waiting4moderation")."\",\"filebase.php?filebaseid=$filebaseid&sid=$session[hash]\",10);"); else { $db->query("UPDATE bb".$n."_boards SET threadcount=threadcount+1, postcount=postcount+1, lastthreadid='$threadid', lastposttime='$time', lastposterid='$wbbuserdata[userid]', lastposter='".addslashes($wbbuserdata['username'])."' WHERE boardid IN ($board[parentlist],$filebase[forumid])"); $result = $db->query("SELECT u.email, u.username, s.countemails FROM bb".$n."_subscribeboards s LEFT JOIN bb".$n."_users u USING(userid) WHERE s.boardid='$filebase[forumid]' AND s.userid<>'$wbbuserdata[userid]' AND s.emailnotify=1 AND s.countemails<'$maxnotifymails' AND u.email is not null"); $filebase['title']=$filebase2['title']; while($row = $db->fetch_array($result)) { eval ("\$mail_subject = \"".$tpl->get("ms_newentry")."\";"); if($row['countemails']==$maxnotifymails-1) eval ("\$mail_text = \"".$tpl->get("mt_newentry_lastone")."\";"); else eval ("\$mail_text = \"".$tpl->get("mt_newentry")."\";"); mailer($row['email'],$mail_subject,$mail_text); } $db->query("UPDATE bb".$n."_subscribeboards SET countemails=countemails+1 WHERE boardid='$filebase[forumid]' AND userid<>'$wbbuserdata[userid]' AND emailnotify=1 AND countemails<'$maxnotifymails'"); } } header("Location: filebase_entry.php?entryid=$entryid&sid=$session[hash]"); exit(); } } else { $parse = new parse($docensor,75,$filebase['allowsmilies'],$filebase['allowbbcode'],$wbbuserdata['showimages'],$usecode); $preview_topic=$parse->textwrap(htmlspecialchars($topic),30); $preview_message=$parse->doparse(parseURL($message),$filebase['allowsmilies'],$filebase['allowhtml'],$filebase['allowbbcode'],$filebase['allowimages']); eval ("\$preview_window = \"".$tpl->get("filebase_newthread_preview")."\";"); if($_POST['parseurl']==1) $checked[0]="checked"; else $checked[0]=""; if($_POST['emailnotify']==1) $checked[1]="checked"; else $checked[1]=""; if($_POST['disablesmilies']==1) $checked[2]="checked"; else $checked[2]=""; if($_POST['showsignature']==1) $checked[3]="checked"; else $checked[3]=""; } } $navbar=fb_getNavbar($filebase['parentlist']); eval ("\$navbar .= \"".$tpl->get("filebase_navbar_filebase")."\";"); if($wbbuserdata['userid']==0) eval ("\$newentry_username .= \"".$tpl->get("filebase_newentry_username_input")."\";"); else eval ("\$newentry_username .= \"".$tpl->get("filebase_newentry_username")."\";"); if($filebase['allowbbcode']==1) $bbcode_buttons = getcodebuttons(); if($filebase['allowsmilies']==1) $bbcode_smilies = getclickysmilies($smilie_table_cols,$smilie_table_rows); eval ("\$note .= \"".$tpl->get("note_html_".ifelse($filebase['allowhtml']==0,"not_")."allow")."\";"); eval ("\$note .= \"".$tpl->get("note_bbcode_".ifelse($filebase['allowbbcode']==0,"not_")."allow")."\";"); eval ("\$note .= \"".$tpl->get("note_smilies_".ifelse($filebase['allowsmilies']==0,"not_")."allow")."\";"); eval ("\$note .= \"".$tpl->get("note_images_".ifelse($filebase['allowimages']==0,"not_")."allow")."\";"); if(isset($message)) $message=parse::convertHTML($message); if(isset($topic)) $topic=str_replace("\"",""",$topic); if(isset($guestname)) $guestname=str_replace("\"",""",$guestname); $board = $db->query_first("SELECT isboard FROM bb".$n."_boards WHERE boardid='".$filebase['forumid']."'"); if($filebase['forumid'] && $board['isboard']) eval ("\$reply_notify .= \"".$tpl->get("filebase_newentry_notify")."\";"); eval("\$tpl->output(\"".$tpl->get("filebase_newentry")."\");"); break; case "download": if (($filebase['downloadpermission']==0 || $wbbuserdata['candownloadfilebase']==0) && !(!$entry['visible'] && ($wbbuserdata['issupermod'] || $wbbuserdata['canuseacp'] || $modpermissions['userid']==$wbbuserdata['userid']))) access_error(); /* Guthaben 4.xx Start * Filebase download berechnen */ $hopfi=$db->query_first("SELECT * FROM bb".$n."_guthaben WHERE gutid='1'"); if($hopfi['filedownonoff'] == 1) { if($wbbuserdata['guthaben']>=$hopfi['filedownguthaben']) { $hopfentitel = $db->query_first("SELECT topic FROM bb".$n."_filebase_entries WHERE entryid='".$entry['entryid']."'"); $db->query("INSERT INTO bb".$n."_kontoauszug (kid,userid,datum,uhrzeit,info,betrag,art) VALUES ('','$wbbuserdata[userid]','".date("d.m.y")."','".date("H:i")."','Datei : [".$hopfentitel[topic]."] aus der Filebase downgeloadet...','".$hopfi['filedownguthaben']."','minus')"); $db->query("UPDATE bb".$n."_users SET guthaben=guthaben-".$hopfi['filedownguthaben']." WHERE userid='".$wbbuserdata['userid']."'"); } else { eval("\$tpl->output(\"".$tpl->get("konto_error7")."\");"); exit(); } } /* Guthaben 4.xx Ende * Filebase download berechnen*/ $db->query("UPDATE bb".$n."_filebase_entries SET counter=counter+1, lastdl='".time()."' WHERE entryid='".$entry['entryid']."'"); if (($filebase['ftpup'] || $attach['externurl']) && $filebase['showurl']) { if($attach['externurl']) $dblink = $attach['externurl']; else $dblink = "http://".(($db_httppath) ? ($db_httppath) : ($db_ftpserver))."/".$filebase['filepath']."/".$attach['attachmentid']."-".$attach['random'].".".$attach['attachmentextension']; eval("\$tpl->output(\"".$tpl->get("filebase_entry_dlmeta")."\");"); } else { if($attach['externurl']) { $dblink = $attach['externurl']; $attach['attachmentname'] = substr(strrchr($attach['externurl'], "/"),1); list($attach['attachmentname'], $attach['attachmentextension']) = explode(".", $attach['attachmentname']); $file_size = filesize_remote($attach['externurl']); if($file_size != $attach['attachmentsize']) { $db->query("UPDATE bb".$n."_filebase_attachments SET attachmentsize='$file_size' WHERE attachmentid='".$attach['attachmentid']."'"); $attach['attachmentsize'] = $file_size; } } else if($filebase['ftpup']) { $dblink = tempnam("filebase", "fb0_"); require("acp/lib/class_ftp.php"); $ftp = new ftp($db_ftpserver,$db_ftpuser,$db_ftppass); $ftp->get($dblink,$db_invpath.$filebase['filepath'],$attach['attachmentid']."-".$attach['random'].".".$attach['attachmentextension']); } else $dblink = "./".$filebase['filepath']."/".$attach['attachmentid']."-".$attach['random'].".".$attach['attachmentextension']; header("Content-Type: ".getfileheader( $attach['attachmentextension'] ).""); header("Content-Disposition: ". (!strpos($HTTP_USER_AGENT,"MSIE 5.5")?"attachment; ":""). "filename=".$attach['attachmentname'].".".$attach['attachmentextension']); header("Content-Transfer-Encoding: binary"); header("Cache-Control: post-check=0, pre-check=0"); if($attach['attachmentsize']) header("Content-Length: ".$attach['attachmentsize']); $send_length = readfile($dblink); if ($filebase['ftpup']) unlink($dblink); exit(); } break; case "invertentry": if(($modpermissions['userid']!=$wbbuserdata['userid'] && $wbbuserdata['issupermod']!=1 && $wbbuserdata['userid']!=$entry['userid']) || ($wbbuserdata['canuploadfilebase']==0 || $filebase['uploadpermission']==0 || $filebase['closed']==1) || $filebase['isfilebase']==0 || !$wbbuserdata['userid']) access_error(); if (isset($_POST['send'])) { fb_fbinvert($entryid); if (isset($_POST['invert'])) fb_thinvert($entry['threadid']); header("LOCATION: filebase_entry.php?entryid=$entryid&sid=$session[hash]"); } $navbar=fb_getNavbar($filebase['parentlist']); list($closed)=$db->query_first("SELECT closed FROM bb".$n."_threads WHERE threadid='".$entry['threadid']."'"); if ($entry['closed']) $entry_invert="wieder öffnen"; else $entry_invert="closen"; if ($closed) $thread_invert="wieder öffnen"; else $thread_invert="closen"; eval ("\$navbar .= \"".$tpl->get("filebase_navbar_filebase")."\";"); eval("\$tpl->output(\"".$tpl->get("filebase_entry_closeentry")."\");"); break; case "delentry": if(($modpermissions['userid']!=$wbbuserdata['userid'] && $wbbuserdata['issupermod']!=1 && $wbbuserdata['userid']!=$entry['userid']) || ($wbbuserdata['canuploadfilebase']==0 || $filebase['uploadpermission']==0 || $filebase['closed']==1) || $filebase['isfilebase']==0 || !$wbbuserdata['userid']) access_error(); if (isset($_POST['send'])){ if ($entry['threadid']){ $thread=$db->query_first("SELECT * FROM bb".$n."_threads WHERE threadid='".$entry['threadid']."'"); $threadid=$thread['threadid']; $board=$db->query_first("SELECT * FROM bb".$n."_boards WHERE boardid='".$thread['boardid']."'"); $boardid=$board['boardid']; deletethread($entry['threadid']); } deleteentry($entryid); header("LOCATION: filebase.php?filebaseid=$filebaseid&sid=$session[hash]"); exit(); } eval("\$tpl->output(\"".$tpl->get("filebase_entry_delentry")."\");"); exit(); break; case "editentry": if($modpermissions['userid']!=$wbbuserdata['userid'] && $wbbuserdata['issupermod']!=1 && $wbbuserdata['userid']!=$entry['userid'] || !$wbbuserdata['userid'] || ($entry['closed']==1 && $wbbuserdata['issupermod']!=1 && $wbbuserdata['canuseacp']!=1)) access_error(); if(isset($_POST['send'])) { $topic=trim($_POST['topic']); $uploadname=$_POST['uploadname']; $demourl=$_POST['demourl']; $fileid=$_POST['fileid']; $version=$_POST['version']; $message=$_POST['message']; if($dostopshooting==1) $topic=stopShooting($topic); $message=stripcrap(trim($_POST['message'])); if(!$wbbuserdata['userid']) $guestname=trim($_POST['guestname']); if(!isset($_POST['preview'])) { $error=""; $checkattach=$db->query_first("SELECT * FROM bb".$n."_filebase_attachments WHERE attachmentid='$fileid'"); if(!$topic || !$message || !$fileid) eval ("\$error .= \"".$tpl->get("filebase_newentry_error1")."\";"); //if(flood_control($wbbuserdata['userid'],$REMOTE_ADDR,$wbbuserdata['avoidfc'])) eval ("\$error .= \"".$tpl->get("filebase_newentry_error3")."\";"); if($wbbuserdata['maxpostimage']!=-1 && substr_count(strtolower($message),"[img]")>$wbbuserdata['maxpostimage']) eval ("\$error .= \"".$tpl->get("filebase_newentry_error4")."\";"); if($checkattach['entryid'] AND $checkattach['entryid']!=$entryid) eval ("\$error .= \"".$tpl->get("filebase_newentry_error5")."\";"); if(!$checkattach['attachmentid']) eval ("\$error .= \"".$tpl->get("filebase_newentry_error6")."\";"); if($error) eval ("\$newentry_error .= \"".$tpl->get("filebase_newentry_error")."\";"); else { $message=parseURL($message); if($wbbuserdata['canuploadfilebasewithoutmoderation']==1) $filebase['moderatenew']=0; $time=time(); $db->query("UPDATE bb".$n."_filebase_attachments SET entryid='$entryid' WHERE attachmentid='".$fileid."'"); $db->query("UPDATE bb".$n."_filebase_entries SET edittime='".time()."', editorid='".$wbbuserdata['userid']."', editcount=editcount+1,topic='".addslashes(htmlspecialchars($topic))."', editor='".addslashes($wbbuserdata['username'])."',editorid='".$wbbuserdata['userid']."',message='".addslashes($message)."',visible='".ifelse($filebase['moderatenew']==1,-1,1)."',ipaddress='$REMOTE_ADDR',demourl='".addslashes($_POST['demourl'])."',version='".addslashes($_POST['version'])."' WHERE entryid='$entryid'"); if($filebase['moderatenew']==1){ fb_updatefilebaseInfo("$filebaseid,$filebase[parentlist]",$entry['posttime']); } // ##### Modifizieren des Support-entrys, wenn Forum angegeben $board=$db->query_first("SELECT isboard,parentlist,title,lastthreadid FROM bb".$n."_boards WHERE boardid='".$filebase['forumid']."'"); if($filebase['forumid'] && $board['isboard'] && $entry['threadid']) { $db->query("UPDATE bb".$n."_threads SET topic='".addslashes(htmlspecialchars($topic))."',visible='".ifelse($filebase['moderatenew']==1,-1,1)."' WHERE threadid=$entry[threadid]"); list($postid)=$db->query_first("SELECT postid FROM bb".$n."_posts WHERE threadid='$entry[threadid]' ORDER BY posttime ASC"); list($postcount)=$db->query_first("SELECT COUNT(*) FROM bb".$n."_posts WHERE threadid='$entry[threadid]'"); eval ("\$message .= \"".$tpl->get("filebase_threadbb")."\";"); $db->query("UPDATE bb".$n."_posts SET posttopic='".addslashes(htmlspecialchars($topic))."',message='".addslashes($message)."',ipaddress='".$REMOTE_ADDR."',visible='".ifelse($filebase['moderatenew']==1,-1,1)."' WHERE postid='$postid'"); if($board['lastthreadid']==$entry['threadid']) updateBoardInfo("$filebase[forumid],$board[parentlist]"); if($filebase['moderatenew']==1){ $db->query("UPDATE bb".$n."_boards SET threadcount=threadcount-1, postcount=postcount-$postcount WHERE boardid IN ($filebase[forumid],$board[parentlist])"); $db->query("UPDATE bb".$n."_filebases SET entrycount=entrycount-1 WHERE filebaseid IN ($filebaseid,$filebase[parentlist])"); eval("redirect(\"".$tpl->get("redirect_waiting4moderation")."\",\"filebase.php?filebaseid=$filebaseid&sid=$session[hash]\",10);"); } wordmatch($postid,$message,$topic); } header("Location: filebase_entry.php?entryid=$entryid&sid=$session[hash]"); exit(); } } else { //Preview $parse = new parse($docensor,75,$filebase['allowsmilies'],$filebase['allowbbcode'],$wbbuserdata['showimages'],$usecode); $preview_topic=$parse->textwrap(htmlspecialchars($topic),30); $preview_message=$parse->doparse(parseURL($message),$filebase['allowsmilies'],$filebase['allowhtml'],$filebase['allowbbcode'],$filebase['allowimages']); eval ("\$preview_window = \"".$tpl->get("filebase_newthread_preview")."\";"); } } else { $uploadname=$attach['attachmentname'].".".$attach['attachmentextension']; $demourl=$entry['demourl']; $fileid=$attach['attachmentid']; $version=$entry['version']; $username=$entry['username']; $topic=$entry['topic']; $message=$entry['message']; } $navbar=fb_getNavbar($filebase['parentlist']); eval ("\$navbar .= \"".$tpl->get("filebase_navbar_filebase")."\";"); if($filebase['allowbbcode']==1) $bbcode_buttons = getcodebuttons(); if($filebase['allowsmilies']==1) $bbcode_smilies = getclickysmilies($smilie_table_cols,$smilie_table_rows); eval ("\$note .= \"".$tpl->get("note_html_".ifelse($filebase['allowhtml']==0,"not_")."allow")."\";"); eval ("\$note .= \"".$tpl->get("note_bbcode_".ifelse($filebase['allowbbcode']==0,"not_")."allow")."\";"); eval ("\$note .= \"".$tpl->get("note_smilies_".ifelse($filebase['allowsmilies']==0,"not_")."allow")."\";"); eval ("\$note .= \"".$tpl->get("note_images_".ifelse($filebase['allowimages']==0,"not_")."allow")."\";"); eval("\$tpl->output(\"".$tpl->get("filebase_editentry")."\");"); exit(); break; case "moveentry": if(($modpermissions['userid']!=$wbbuserdata['userid'] && $wbbuserdata['issupermod']!=1 && $wbbuserdata['userid']!=$entry['userid']) || ($wbbuserdata['canuploadfilebase']==0 || $filebase['uploadpermission']==0 || $filebase['closed']==1) || $filebase['isfilebase']==0 || !$wbbuserdata['userid']) access_error(); if ($_POST['send']){ $newfbid=intval($_POST['newfbid']); $newfb = $db->query_first("SELECT fb.*, p.* FROM bb".$n."_filebases fb LEFT JOIN bb".$n."_filebase_permissions p ON (p.filebaseid='$newfbid' AND p.groupid='$wbbuserdata[groupid]') WHERE fb.filebaseid = '$newfbid'"); if(!$newfbid || $newfbid==-1 || !$newfb['isfilebase'] || !$newfb['filebasepermission'] || $newfbid==$filebaseid) eval("error(\"".$tpl->get("filebase_error_cantmove")."\");"); fb_moveentry($entryid,$newfbid); header("Location: filebase_entry.php?entryid=$entryid&sid=$session[hash]"); exit(); } $navbar=fb_getNavbar($filebase['parentlist']); eval ("\$navbar .= \"".$tpl->get("filebase_navbar_filebase")."\";"); $result = $db->query("SELECT filebaseid, parentid, filebaseorder, IF(isfilebase=1,title,CONCAT(title,' *')) AS title, invisible, isfilebase FROM bb".$n."_filebases ORDER by parentid ASC, filebaseorder ASC"); while ($row = $db->fetch_array($result)) $filebasecache[$row['parentid']][$row['boardorder']][$row['filebaseid']] = $row; $result = $db->query("SELECT * FROM bb".$n."_filebase_permissions WHERE groupid = '$wbbuserdata[groupid]'"); while ($row = $db->fetch_array($result)) $permissioncache[$row['filebaseid']] = $row; $newfilebase_options=makefilebaseselect(0); eval("\$tpl->output(\"".$tpl->get("filebase_entry_moveentry")."\");"); exit(); break; case "userentry": if (isset($_REQUEST['userid'])) $userid = intval($_REQUEST['userid']); else $userid = $wbbuserdata['userid']; $user_info = $db->query_first("SELECT userid, username FROM bb".$n."_users WHERE userid='$userid'"); if(isset($_GET['page'])) { $page=intval($_GET['page']); if($page==0) $page=1; } else $page=1; unset($datecute); if(isset($_GET['sortfield'])) $sortfield=$_GET['sortfield']; else $sortfield="edittime"; switch ($sortfield) { case "edittime": break; case "counter": break; case "topic": break; default: $sortfield = "edittime"; break; } $f_select['topic']=""; $f_select['counter']=""; $f_select['edittime']=""; $f_select[$sortfield]="selected"; if(isset($_GET['sortorder'])) $sortorder=$_GET['sortorder']; else $sortorder="DESC"; switch ($sortorder) { case "ASC": break; case "DESC": break; default: $sortorder = "DESC"; break; } $o_select['ASC']=""; $o_select['DESC']=""; $o_select[$sortorder]="selected"; if(isset($_GET['daysprune'])) $daysprune = intval($_GET['daysprune']); elseif($wbbuserdata['daysprune']!=0) $daysprune = $wbbuserdata['daysprune']; else $daysprune = $default_daysprune; $d_select[1500]=""; $d_select[1000]=""; $d_select[1]=""; $d_select[2]=""; $d_select[5]=""; $d_select[10]=""; $d_select[20]=""; $d_select[30]=""; $d_select[45]=""; $d_select[60]=""; $d_select[75]=""; $d_select[100]=""; $d_select[365]=""; $d_select[$daysprune]="selected"; if($daysprune!=1000) { if($daysprune==1500) $datecute = " AND (edittime >= '".$wbbuserdata['lastvisit']."' OR posttime >= '".$wbbuserdata['lastvisit']."')"; else { $tempdate=time()-($daysprune*86400); $datecute = " AND (edittime >= '".$tempdate."' OR posttime >= '".$tempdate."')"; } } else $datecute=""; list($entrycount) = $db->query_first("SELECT COUNT(entryid) FROM bb".$n."_filebase_entries fe LEFT JOIN bb".$n."_filebase_permissions fp ON (fe.filebaseid=fp.filebaseid) LEFT JOIN bb".$n."_filebases f ON (fe.filebaseid=f.filebaseid) WHERE userid='$userid' AND filebasepermission=1 AND fp.groupid=$wbbuserdata[groupid] AND visible=1 $datecute"); $pages = ceil($entrycount/$default_threadsperpage); if($pages>1) $pagelink = makepagelink("filebase_entry.php?action=userentry&userid=$_GET[userid]&sid=$session[hash]&daysprune=$daysprune&sortfield=$sortfield&sortorder=$sortorder",$page,$pages,$showpagelinks-1); else $pagelink=""; $l_entries = ($page-1) * $default_threadsperpage + 1; $h_entries = $page * $default_threadsperpage; if($h_entries > $entrycount) $h_entries = $entrycount; $result=$db->query("SELECT * FROM bb".$n."_filebase_entries fe LEFT JOIN bb".$n."_filebase_permissions fp ON (fe.filebaseid=fp.filebaseid) LEFT JOIN bb".$n."_filebases f ON (fe.filebaseid=f.filebaseid) WHERE userid='$userid' AND filebasepermission=1 AND fp.groupid=$wbbuserdata[groupid] AND visible=1 $datecute ORDER BY ".(($sortfield=="edittime")?("IF(edittime=0,posttime,edittime)"):($sortfield))." $sortorder",$default_threadsperpage,$default_threadsperpage*($page-1)); $parse = new parse($docensor,75,$filebase['allowsmilies'],$filebase['allowbbcode'],$wbbuserdata['showimages'],$usecode); while($row=$db->fetch_array($result)){ unset($demourl); unset($thread); $tdbgcolor=getone($count,"{tablecolorb}","{tablecolora}"); $tdid=getone($count,"tableb","tablea"); if($row['demourl']) $demourl=$parse->formaturl($row['demourl'],"Demo"); else $demourl="-"; if($row['threadid']) eval ("\$thread= \"".$tpl->get("filebase_userentry_thread")."\";"); else $thread="-"; eval ("\$userentry_viewbit.= \"".$tpl->get("filebase_userentry_viewbit")."\";"); } if(!$userentry_viewbit) eval ("\$userentry_viewbit= \"".$tpl->get("filebase_userentry_noentries")."\";"); eval("\$tpl->output(\"".$tpl->get("filebase_userentry_view")."\");"); exit(); break; case "version": echo "Filebase Lite Version $filebaseversion
by SNap! & Shr522
Visit:
MyWBB"; break; case "addthread": if(($modpermissions['userid']!=$wbbuserdata['userid'] && $wbbuserdata['issupermod']!=1 && $wbbuserdata['userid']!=$entry['userid']) || ($wbbuserdata['canuploadfilebase']==0 || $filebase['uploadpermission']==0 || $filebase['closed']==1) || $filebase['isfilebase']==0 || !$wbbuserdata['userid']) access_error(); if (isset($_POST['send'])){ $board = $db->query_first("SELECT isboard,parentlist,title FROM bb".$n."_boards WHERE boardid='".$filebase['forumid']."'"); if(!$filebase['forumid'] || !$board['isboard']) if(!$filebase['']) eval ("\$error .= \"".$tpl->get("filebase_entry_addthread_error1")."\";"); if ($entry['threadid']) eval ("\$error .= \"".$tpl->get("filebase_entry_addthread_error2")."\";"); if($error) eval ("\$newentry_error .= \"".$tpl->get("filebase_newentry_error")."\";"); else { $entryid = $entry['entryid']; $message = $entry['message']; $topic = $entry['topic']; $time = time(); $db->query("INSERT INTO bb".$n."_threads (threadid,boardid,topic,starttime,starterid,starter,lastposttime,lastposterid,lastposter,visible) VALUES (NULL,'".$filebase['forumid']."','".addslashes(htmlspecialchars($entry['topic']))."','$time','$entry[userid]','".addslashes($entry['username'])."','$time','$entry[userid]','".addslashes($entry['username'])."','1')"); $threadid = $db->insert_id(); $db->query("UPDATE bb".$n."_filebase_entries SET threadid='$threadid' WHERE entryid='$entryid'"); eval ("\$message .= \"".$tpl->get("filebase_threadbb")."\";"); $db->query("INSERT INTO bb".$n."_posts (postid,threadid,userid,username,posttopic,posttime,message,allowsmilies,showsignature,ipaddress,visible) VALUES (NULL,'$threadid','$entry[userid]','".addslashes($entry['username'])."','".addslashes(htmlspecialchars($entry['topic']))."','$time','".addslashes($message)."','0','1','".$REMOTE_ADDR."','1')"); $postid = $db->insert_id(); wordmatch($postid,$message,$topic); $entryuserdata = $db->query_first("SELECT * FROM bb".$n."_users WHERE userid = '".$entry['userid']."'"); $entryuserdata['userposts']+=1; list($rankid)=$db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$entryuserdata[groupid]') AND needposts<='$entryuserdata[userposts]' AND gender IN ('0','$entryuserdata[gender]') ORDER BY needposts DESC, gender DESC LIMIT 1"); $db->query("UPDATE bb".$n."_users SET userposts=userposts+1".ifelse($rankid!=$entryuserdata['rankid'],", rankid='$rankid'","")." WHERE userid = '$entryuserdata[userid]'"); $db->query("UPDATE bb".$n."_boards SET threadcount=threadcount+1, postcount=postcount+1, lastthreadid='$threadid', lastposttime='$time', lastposterid='$entryuserdata[userid]', lastposter='".addslashes($entryuserdata['username'])."' WHERE boardid IN ($board[parentlist],$filebase[forumid])"); $result = $db->query("SELECT u.email, u.username, s.countemails FROM bb".$n."_subscribeboards s LEFT JOIN bb".$n."_users u USING(userid) WHERE s.boardid='$filebase[forumid]' AND s.userid<>'$entryuserdata[userid]' AND s.emailnotify=1 AND s.countemails<'$maxnotifymails' AND u.email is not null"); $filebase['title']=$filebase2['title']; while($row = $db->fetch_array($result)) { eval ("\$mail_subject = \"".$tpl->get("ms_newentry")."\";"); if($row['countemails']==$maxnotifymails-1) eval ("\$mail_text = \"".$tpl->get("mt_newentry_lastone")."\";"); else eval ("\$mail_text = \"".$tpl->get("mt_newentry")."\";"); mailer($row['email'],$mail_subject,$mail_text); } $db->query("UPDATE bb".$n."_subscribeboards SET countemails=countemails+1 WHERE boardid='$filebase[forumid]' AND userid<>'$wbbuserdata[userid]' AND emailnotify=1 AND countemails<'$maxnotifymails'"); header("Location: filebase_entry.php?entryid=$entryid&sid=$session[hash]"); } } eval("\$tpl->output(\"".$tpl->get("filebase_entry_addthread")."\");"); exit(); break; default: if($filebase['filebasepermission']==0) access_error(); if((!isset($entryid)) || $entry['closed']==3 || $action==-1) eval("error(\"".$tpl->get("error_falselink")."\");"); $navbar=fb_getNavbar($filebase['parentlist']); $parse = new parse($docensor,75,$filebase['allowsmilies'],$filebase['allowbbcode'],$wbbuserdata['showimages'],$usecode); $entry['message']=$parse->doparse($entry['message'],$filebase['allowsmilies'],$filebase['allowhtml'],$filebase['allowbbcode'],$filebase['allowimages']); if(!$attach['attachmentsize']) $size = "unknown"; else $size=formatFilesize($attach['attachmentsize']); $createdate=formatdate($dateformat." ".$timeformat,$entry['posttime']); if($entry['lastdl']) $lastdl = formatdate($dateformat." ".$timeformat,$entry['lastdl']); else $lastdl = "n/a"; if($entry['edittime']){ $lastedit=formatdate($dateformat." ".$timeformat,$entry['edittime']); eval ("\$edit= \"".$tpl->get("filebase_entry_editinfo")."\";"); } eval ("\$navbar .= \"".$tpl->get("filebase_navbar_entryend")."\";"); if(($modpermissions['userid']==$wbbuserdata['userid'] || $wbbuserdata['issupermod']==1) && $wbbuserdata['userid']) eval ("\$modoptions .= \"".$tpl->get("filebase_entry_modoptions")."\";"); if($entry['demourl']) $demourl=$parse->formaturl($entry['demourl'],"Demo ansehen"); else $demourl="-nicht vorhanden-"; if($entry['threadid']) eval ("\$disclink = \"".$tpl->get("filebase_entry_disclink")."\";"); if($entry['closed'] && !$wbbuserdata['issupermod'] && !$wbbuserdata['canuseacp'] && $modpermissions['userid']!=$wbbuserdata['userid']) $editlink = ""; else eval ("\$editlink = \"".$tpl->get("filebase_entry_editlink")."\";"); $hopfi2=$db->query_first("SELECT * FROM bb".$n."_guthaben WHERE gutid='1'"); $filebaseguthaben = $hopfi2['filedownguthaben']; $waehrung = $hopfi2['waehrung']; if($hopfi2['filedownonoff'] == 0) $hopfi2['filedownonoff'] = "(deaktiviert)"; else $hopfi2['filedownonoff'] = "(eingeschaltet)"; eval("\$tpl->output(\"".$tpl->get("filebase_entry")."\");"); exit(); break; } ?>