<CMSPHP>
$is_dev = false;
</CMSPHP>
<CMSPHP:CACHE>
//Alle Variablen, die nur innerhalb des gecachten PHPs sichtbar sind, auch für dynamisches PHP zur Verfügung stellen
echo '<CMSPHP>';
if (is_array($cms_mod['value'])) {
foreach($cms_mod['value'] AS $k => $v){
echo '$mvars["'.$k.'"] = "'. addslashes($v) .'";'."\n";
}}
echo '</CMSPHP>';
</CMSPHP:CACHE>
<CMSPHP>
if($is_dev) {
include "D:/sefrengo/module eigene/Gaestebuch/1.3/Gaestebuch_output.php";
} else {
//
//0: Schriftart
//1: Schriftart Eingabefelder
//8: Anzahl der Eintraege
//9: Frontend-Template
//10: Final-Template
//11: Link fuer einen neuen Eintrag
//12: Link zum editieren
//13: Link zum loeschen
//14: Link zur URL
//15: Link zur eMail
//16: Backend-Template
//17: Template zur location
//18: Schriftart
//19: Schriftart Eingabefelder (nicht verwendet)
//20: Template für comment2
//21: Template fuer Eintrag erstellen Frontend
//22: Checkbox Mail senden
//23: Email-Adresse
//24: Email-Template
//25: Email-Betreff
//26: Checkbox Moderation
//27: Smileys als Bilder
//28: Reihenfolge der Ausgabe
//29: Formularfelder testen
//30: Fehlertext
//31: Schriftart Eingabefelde {but_send}
//32: Schriftart fuer Eingabefelde name
//33: Schriftart fuer Eingabefelde email
//34: Schriftart fuer Eingabefelde {homepage}
//35: Schriftart fuer Eingabefelde {location}
//36: Schriftart fuer Eingabefelde {comment}
//37: Schriftart fuer Eingabefelde {comment2}
//38: Template fuer Eintrag erstellen/bearbeiten Frontend
//39: Navitrennzeichen
//40: Navianzahl
//41: Navi TextPrev
//42: Navi TextNext
//43: Navi TextFirst
//44: Navi TextLast
//71 captchaimage verwenden
//73 txt captchaimage length (7)
//74 txt captchaimage width (7)
//75 txt captchaimage height (7)
//76 txt captchaimage attributes (7)
//77 txt captchaimage styleset (7)
//78 txtarea captchaimage template (7)
//91 Badwords
//92 Fehlermeldung bei Spamversuch mit Badwords
// zur Fehlersuche
//if(isset($test))
//{
// $mod['test'] = "true";
//}
if ( !function_exists('gaestebuch_checkInput') ) {
function gaestebuch_checkInput($check_string) {
global $name, $email, $url, $location, $comment, $comment2, $moderated;
$returnvalue ="";
//'required' => '/(\s|\S)/',
if( (! preg_match('/(\s|\S)/', $name)) && (substr_count($check_string,"name") >= 1 ) ){
$returnvalue .= "Name, ";
}
if( (! preg_match('/(\s|\S)/', $url)) && (substr_count($check_string,"url") >= 1 ) ){
$returnvalue .= "Homepage, ";
}
if( (! preg_match('/(\s|\S)/', $location)) && (substr_count($check_string,"location") >= 1 ) ){
$returnvalue .= "Wohnort, ";
}
if( (! preg_match('/(\s|\S)/', $comment)) && (substr_count($check_string,"comment") >= 1 ) ){
$returnvalue .= "Kommentar, ";
}
if( (! preg_match('/(\s|\S)/', $comment2)) && (substr_count($check_string,"com2") >= 1 ) ){
$returnvalue .= "Antwort, ";
}
if( (! preg_match('/(\s|\S)/', $moderated)) && (substr_count($check_string,"moderated") >= 1 ) ){
$returnvalue .= "Moderiert, ";
}
if (substr_count($check_string,"email") >= 1 ) {
//'email' => '/^[a-zA-Z0-9\._-]+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/',
if(! preg_match('/^[a-zA-Z0-9\._-]+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$/', $email) ){
$returnvalue .= "eMail, ";
}
} else {
//'emailOrEmpty' => '/(^$)|(^[a-zA-Z0-9\._-]+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$)/'
if(! preg_match('/(^$)|(^[a-zA-Z0-9\._-]+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$)/', $email)) {
$returnvalue .= "eMail, ";
}
}
return $returnvalue;
} // end function
} // end if exist
if ( !function_exists('gaestebuch_renderSmileys') ) {
function gaestebuch_renderSmileys($text,$url) {
// the list of codes to be interpreted
$search = array(
'/( :\)| :-\)|:smile:)/i',
'/( :\/| :-\/|:undecided:)/i',
'/( ;\)| ;-\)|:wink:)/i',
'/(
| :-D|:cheesy:)/i',
'/( :\(| :-\(|:frown:)/i',
'/( :\'\(| :\'-\(|:cry:)/i',
'/(
| :-o|:shocked:)/i',
'/( 8\)| 8-\)|:cool:)/i',
'/( ::\)|
)/i',
'/(
| :-P|:tongue:)/i',
'/( :X| :-X|:sealed:)/i');
// the related <img> html elements
$prefix = ' <img src="'.$url.'/';
$suffix = '" alt="" border="0" /> ';
$replace = array(
$prefix.'smile.gif'.$suffix,
$prefix.'undecided.gif'.$suffix,
$prefix.'winkgrin.gif'.$suffix,
$prefix.'cheesy.gif'.$suffix,
$prefix.'frown.gif'.$suffix,
$prefix.'cry.gif'.$suffix,
$prefix.'shocked.gif'.$suffix,
$prefix.'cool.gif'.$suffix,
$prefix.'rolleyes.gif'.$suffix,
$prefix.'tongue.gif'.$suffix,
$prefix.'sealed.gif'.$suffix);
// process the text
return preg_replace($search, $replace, $text);
}
}
if ( !function_exists('gaestebuch_set_captcha_vals') ) {
function gaestebuch_set_captcha_vals($length = 4, $width = 100, $height = 30, $attributes = '', $styleset = '', $template = '{image} {textfield}{hiddentoken}') {
global $captchavals;
$captchavals['length'] = $length;
$captchavals['width'] = $width;
$captchavals['height'] = $height;
$captchavals['attributes'] = $attributes;
$captchavals['styleset'] = $styleset;
$captchavals['template'] = $template;
}
}
if ( !function_exists('gaestebuch_checkCaptcha') ) {
function gaestebuch_checkCaptcha() {
// required api
$request_object =& sf_factoryGetObject('HTTP', 'WebRequest');
$captcha_object =& sf_factoryGetObject('GUI', 'CaptchaImage');
$mod['action'] = $request_object->getVal('action');
$mod['test_captcha'] = $request_object->getVal('gb_captcha');
if ($captcha_object->validateByCharseqAndRequestFieldname($mod['test_captcha'],'gb_captcha','post'))
{
return '';
} else {
return "Captcha, ";
};
}
}
// ********************************************************************************
***************
// neuen Eintrag testen
if(${'gb'.$cms_mod['container']['id'].'_'.$cms_mod['modul']['id']} == 'save') {
//Werte holen
$sf_wr =& $GLOBALS['sf_factory']->getObject('HTTP', 'WebRequest');
$name = $sf_wr->getVal('name');
$url = $sf_wr->getVal('url');
$location = $sf_wr->getVal('location');
$comment = $sf_wr->getVal('comment');
$comment2 = $sf_wr->getVal('comment2');
$moderated = $sf_wr->getVal('moderated');
if (!((($sess->name == 'sefrengo') || ($sess->name == 'cms')) || ($view == 'edit')))
{
// Eingaben ueberpruefen
$gb['InputFailure'] = gaestebuch_checkInput($mvars['29']);
if ($mvars['71'] == 'true')
{
// Captcha ueberpruefen
$gb['InputFailure'] .= gaestebuch_checkCaptcha();
}
}
// den gesamten Content nach verdächtigem durchforsten und dann abbrechen
$value1035 = "MOD_VALUE[91]";
$badStrings = explode(",",$value1035);
array_walk($badStrings , create_function('&$temp', '$temp = trim($temp);'));
foreach($badStrings as $v2)
{
if(eregi($v2,$comment)){
$gb['InputFailure'] .= "<br>MOD_VALUE[92], ";
break;
}
}
unset($v2, $badStrings);
}
// ********************************************************************************
***************
// Eingabeformular fuer neuen Eintrag
if((${'gb'.$cms_mod['container']['id'].'_'.$cms_mod['modul']['id']} == 'edit') || ($gb['InputFailure'] != "")) {
// Eintrag zum editieren aus der Datenbank suchen
if ($gb_entry) {
$sql = "SELECT * FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype!='1' AND typenumber='$gb_entry'";
$db->query($sql);
while ($db->next_record()) {
if ($db->f('idtype') == 'gb_name') $gb_temp['name'] = htmlentities($db->f('value'), ENT_COMPAT, 'UTF-8');
if ($db->f('idtype') == 'gb_email') $gb_temp['email'] = htmlentities($db->f('value'), ENT_COMPAT, 'UTF-8');
if ($db->f('idtype') == 'gb_url') $gb_temp['url'] = htmlentities($db->f('value'), ENT_COMPAT, 'UTF-8');
if ($db->f('idtype') == 'gb_location') $gb_temp['location'] = htmlentities($db->f('value'), ENT_COMPAT, 'UTF-8');
if ($db->f('idtype') == 'gb_comment') $gb_temp['comment'] = htmlentities($db->f('value'), ENT_COMPAT, 'UTF-8');
if ($db->f('idtype') == 'gb_comment2') $gb_temp['comment2'] = htmlentities($db->f('value'), ENT_COMPAT, 'UTF-8');
if ($db->f('idtype') == 'gb_moderated') $gb_temp['moderated'] = htmlentities($db->f('value'), ENT_COMPAT, 'UTF-8');
}
}
// fals die Eingaben nicht i.O. waren
if ($gb['InputFailure'] != "")
{
if ($name) $gb_temp['name'] = $name;
if ($email) $gb_temp['email'] = $email;
if ($url) $gb_temp['url'] = $url;
if ($location) $gb_temp['location'] = $location;
if ($comment) $gb_temp['comment'] = $comment;
if ($comment2) $gb_temp['comment2'] = $comment2;
if ($moderated) $gb_temp['moderated'] = $moderated;
}
//if ($mvars['19'] != '') $gb_temp['span'] = ' class='.$mvars['19'];
if ($mvars['31'] != '') $gb_temp['span_but'] = ' class='.$mvars['31'];
if ($mvars['32'] != '') $gb_temp['span_name'] = ' class='.$mvars['32'];
if ($mvars['33'] != '') $gb_temp['span_email'] = ' class='.$mvars['33'];
if ($mvars['34'] != '') $gb_temp['span_url'] = ' class='.$mvars['34'];
if ($mvars['35'] != '') $gb_temp['span_location'] = ' class='.$mvars['35'];
if ($mvars['36'] != '') $gb_temp['span_comment'] = ' class='.$mvars['36'];
if ($mvars['37'] != '') $gb_temp['span_comment2'] = ' class='.$mvars['37'];
if ($mvars['26'] != '') $gb_temp['span_moderated'] = ' class='.$mvars['26'];
if ($mvars['71'] == 'true')
{
$captcha_object =& sf_factoryGetObject('GUI', 'CaptchaImage');
gaestebuch_set_captcha_vals($mvars['73'], $mvars['74'], $mvars['75'], $mvars['76'], $mvars['77'], $mvars['78']);
$captcha_object->setCaptchaTemplate($captchavals['template']);
$gb_temp['captcha'] = $captcha_object->getCaptchaHtml('gb_captcha',
$captchavals['length'],
null,
$captchavals['attributes'],
$captchavals['styleset'],
$captchavals['width'],
$captchavals['height']);
} else {
$gb_temp['captcha'] = '';
}
if (($sess->name == 'sefrengo') || ($sess->name == 'cms'))
{
if($view == 'edit') {
$final_temp = $mvars['38'];
} else {
$final_temp = $mvars['21'];
}
} else {
$final_temp = $mvars['21'];
}
$final_temp = str_replace('{name}', "<input type=\"text\" name=\"name\" id=\"name\" value=\"".$gb_temp['name']."\"".$gb_temp['span_name']." />", $final_temp);
$final_temp = str_replace('{email}', "<input type=\"text\" name=\"email\" id=\"email\" value=\"".$gb_temp['email']."\"".$gb_temp['span_email']." />", $final_temp);
$final_temp = str_replace('{homepage}', "<input type=\"text\" name=\"url\" id=\"url\" value=\"".$gb_temp['url']."\"".$gb_temp['span_url']." />", $final_temp);
$final_temp = str_replace('{location}', "<input type=\"text\" name=\"location\" id=\"location\" value=\"".$gb_temp['location']."\"".$gb_temp['span_location']." />", $final_temp);
$final_temp = str_replace('{comment}', "<textarea name=\"comment\" id=\"comment\" cols=\"35\" rows=\"10\"".$gb_temp['span_comment'].">".$gb_temp['comment']."</textarea>", $final_temp);
$final_temp = str_replace('{comment2}', "<textarea name=\"comment2\" id=\"comment2\" cols=\"35\" rows=\"10\"".$gb_temp['span_comment2'].">".$gb_temp['comment2']."</textarea>", $final_temp);
$final_temp = str_replace('{moderated}', "<input type=\"text\" name=\"moderated\" id=\"moderated\" value=\"".$gb_temp['moderated']."\"".$gb_temp['span_moderated']." />", $final_temp);
$final_temp = str_replace('{captcha}', $gb_temp['captcha'], $final_temp);
if($mvars['27'] != "false" ) { // olaf smileys ausgeben wenn true
$final_temp = str_replace('{smileys}', " <div class=\"smileys\">
<a href=\"java script:setsmile(1)\"><img src=\"./cms/mod/smileys/smile.gif\"
alt=\"\" /></a> <a href=\"java script:setsmile(2)\"><img src=
\"./cms/mod/smileys/undecided.gif\" alt=\"\" /></a> <a href=
\"java script:setsmile(3)\"><img src=\"./cms/mod/smileys/winkgrin.gif\" alt=
\"\" /></a> <a href=\"java script:setsmile(4)\"><img src=
\"./cms/mod/smileys/cheesy.gif\" alt=\"\" /></a> <a href=
\"java script:setsmile(5)\"><img src=\"./cms/mod/smileys/frown.gif\" alt=
\"\" /></a> <a href=\"java script:setsmile(6)\"><img src=
\"./cms/mod/smileys/cry.gif\" alt=\"\" /></a> <a href=
\"java script:setsmile(7)\"><img src=\"./cms/mod/smileys/shocked.gif\" alt=
\"\" /></a> <a href=\"java script:setsmile(8)\"><img src=
\"./cms/mod/smileys/cool.gif\" alt=\"\" /></a> <a href=
\"java script:setsmile(9)\"><img src=\"./cms/mod/smileys/rolleyes.gif\" alt=
\"\" /></a> <a href=\"java script:setsmile(10)\"><img src=
\"./cms/mod/smileys/tongue.gif\" alt=\"\" /></a> <a href=
\"java script:setsmile(11)\"><img src=\"./cms/mod/smileys/sealed.gif\" alt=
\"\" /></a>
</div>
<script type=\"text/javascript\">
<!--
function setsmile(smiliecode) {
var comment;
var smiliestring;
switch (smiliecode) {
case 1:
smiliestring = \" :-) \";
break;
case 2:
smiliestring = \" :-/ \";
break;
case 3:
smiliestring = \";-) \";
break;
case 4:
smiliestring = \" :-D \";
break;
case 5:
smiliestring = \" :-( \";
break;
case 6:
smiliestring = \" :cry: \";
break;
case 7:
smiliestring = \" :-o \";
break;
case 8:
smiliestring = \" 8-) \";
break;
case 9:
smiliestring = \" :
\";
break;
case 10:
smiliestring = \" :-P \";
break;
case 11:
smiliestring = \" :-X \";
break;
default:
smiliestring = \"\";
break;
}
comment = document.getElementById(\"comment\");
comment.value = comment.value + smiliestring;
}
//-->
</script>", $final_temp);
$final_temp = str_replace('{smileys2}', " <div class=\"smileys\">
<a href=\"java script:setsmile2(1)\"><img src=\"./cms/mod/smileys/smile.gif\"
alt=\"\" /></a> <a href=\"java script:setsmile2(2)\"><img src=
\"./cms/mod/smileys/undecided.gif\" alt=\"\" /></a> <a href=
\"java script:setsmile2(3)\"><img src=\"./cms/mod/smileys/winkgrin.gif\" alt=
\"\" /></a> <a href=\"java script:setsmile2(4)\"><img src=
\"./cms/mod/smileys/cheesy.gif\" alt=\"\" /></a> <a href=
\"java script:setsmile2(5)\"><img src=\"./cms/mod/smileys/frown.gif\" alt=
\"\" /></a> <a href=\"java script:setsmile2(6)\"><img src=
\"./cms/mod/smileys/cry.gif\" alt=\"\" /></a> <a href=
\"java script:setsmile2(7)\"><img src=\"./cms/mod/smileys/shocked.gif\" alt=
\"\" /></a> <a href=\"java script:setsmile2(8)\"><img src=
\"./cms/mod/smileys/cool.gif\" alt=\"\" /></a> <a href=
\"java script:setsmile2(9)\"><img src=\"./cms/mod/smileys/rolleyes.gif\" alt=
\"\" /></a> <a href=\"java script:setsmile2(10)\"><img src=
\"./cms/mod/smileys/tongue.gif\" alt=\"\" /></a> <a href=
\"java script:setsmile2(11)\"><img src=\"./cms/mod/smileys/sealed.gif\" alt=
\"\" /></a>
</div>
<script type=\"text/javascript\">
<!--
function setsmile2(smiliecode) {
var comment;
var smiliestring;
switch (smiliecode) {
case 1:
smiliestring = \" :-) \";
break;
case 2:
smiliestring = \" :-/ \";
break;
case 3:
smiliestring = \";-) \";
break;
case 4:
smiliestring = \" :-D \";
break;
case 5:
smiliestring = \" :-( \";
break;
case 6:
smiliestring = \" :cry: \";
break;
case 7:
smiliestring = \" :-o \";
break;
case 8:
smiliestring = \" 8-) \";
break;
case 9:
smiliestring = \" :
\";
break;
case 10:
smiliestring = \" :-P \";
break;
case 11:
smiliestring = \" :-X \";
break;
default:
smiliestring = \"\";
break;
}
comment2 = document.getElementById(\"comment2\");
comment2.value = comment2.value + smiliestring;
}
//-->
</script>", $final_temp);
} else {
$final_temp = str_replace('{smileys}', "", $final_temp);
$final_temp = str_replace('{smileys2}', "", $final_temp);
} // olaf Ende smileys
$final_temp = str_replace('{but_send}', "<input type=\"submit\" value=\"eintragen\"".$gb_temp['span_but']." />", $final_temp);
$final_temp = str_replace('{but_abort}', "<a href=\"".$con_side[$idcatside]['link']."\">Zurück</a>", $final_temp);
if ($gb['InputFailure'] != "") {
// $final_temp = str_replace('{failure}',$mvars['30'].substr($gb['InputFailure'],0,-2), $final_temp);
$final_temp = str_replace('{failure}',str_replace('{field}',substr($gb['InputFailure'],0,-2), $mvars['30']), $final_temp);
} else {
$final_temp = str_replace('{failure}',"", $final_temp);
}
$final_temp = "<form id=\"gb".$cms_mod['container']['id']."_".$cms_mod['modul']['id']."\" action=\"".$con_side[$idcatside]['link']."\" method=\"post\">\n<div id=\"gb".$cms_mod['container']['id']."\">\n<input type=\"hidden\" name=\"gb".$cms_mod['container']['id']."_".$cms_mod['modul']['id']."\" value=\"save\" />\n<input type=\"hidden\" name=\"gb_entry\" value=\"$gb_entry\" />\n".$final_temp."\n</div>\n</form>";
if ($mvars['18'] != '') eval(' ?><span class='.$mvars['18'].'>'.$final_temp.'</span>');
else eval(' ?>'.$final_temp);
}
// ********************************************************************************
***************
// neuen Eintrag in die Datenbank schreiben
if((${'gb'.$cms_mod['container']['id'].'_'.$cms_mod['modul']['id']} == 'save') && ( $gb['InputFailure'] == "")) {
if ($mod['test'] == "true") {echo "<hr>Kontrolle:".implode(',',$_POST)."--> gb_entry".$gb_entry."<br>";}
if(!$gb_entry) {
// neue Eintragsnummer suchen (hoechste + 1)
$sql = "SELECT MAX(typenumber) AS typenumber FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype!='1'";
$db->query($sql);
$db->next_record();
if ($db->affected_rows()) $typenumber = $db->f('typenumber') + 1;
else $typenumber = 1;
} else {
$sql = "SELECT * FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype!='1' AND typenumber='$gb_entry'";
$db->query($sql);
while ($db->next_record()) {
if ($db->f('idtype') == 'gb_name') $gb_temp2['name'] = 1;
if ($db->f('idtype') == 'gb_email') $gb_temp2['email'] = 1;
if ($db->f('idtype') == 'gb_url') $gb_temp2['url'] = 1;
if ($db->f('idtype') == 'gb_location') $gb_temp2['location'] = 1;
if ($db->f('idtype') == 'gb_comment') $gb_temp2['comment'] = 1;
if ($db->f('idtype') == 'gb_comment2') $gb_temp2['comment2'] = 1;
if ($db->f('idtype') == 'gb_moderated') $gb_temp2['moderated'] = 1;
}
$typenumber = $gb_entry;
}
// Name schreiben
if ($name) {
set_magic_quotes_gpc($name);
if($gb_temp2['name'] == 1) {
unset($gb_temp);
$sql = "UPDATE $cms_db[content_external] SET value='$name', lastmodified='".time()."', author='".$auth->auth['uid']."' WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_name' AND typenumber='$gb_entry'";
$db->query($sql);
if ($db->affected_rows()) $gb_temp='true';
else $gb_change='true';
} else {
$sql = "INSERT INTO $cms_db[content_external] (idsidelang, container, number, idtype, typenumber, value, author, created, lastmodified) VALUES ('".$con_side[$idcatside]['idsidelang']."', '".$cms_mod['container']['id']."', '".$cms_mod['modul']['id']."', 'gb_name', '$typenumber', '$name', '".$auth->auth['uid']."', '".time()."', '".time()."')";
$db->query($sql);
$gb_change='true';
}
} else {
if($gb_temp2['name'] == 1) {
$sql = "DELETE FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_name' AND typenumber='$gb_entry'";
$db->query($sql);
}
}
// eMail-Adresse schreiben
if ($email) {
set_magic_quotes_gpc($email);
if($gb_temp2['email'] == 1) {
unset($gb_temp);
$sql = "UPDATE $cms_db[content_external] SET value='$email', lastmodified='".time()."', author='".$auth->auth['uid']."', typenumber='$gb_entry' WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_email' AND typenumber='$gb_entry'";
if ($mod['test'] == "true") {echo "<hr>SQL:".$sql."<br>";}
$db->query($sql);
if ($db->affected_rows()) { $gb_temp='true'; if ($mod['test'] == "true") {echo "<hr>dg_temp -> true<br>";} }
else {$gb_change='true'; if ($mod['test'] == "true") {echo "<hr>gd_change -> true<br>";} }
} else {
$sql = "INSERT INTO $cms_db[content_external] (idsidelang, container, number, idtype, typenumber, value, author, created, lastmodified) VALUES ('".$con_side[$idcatside]['idsidelang']."', '".$cms_mod['container']['id']."', '".$cms_mod['modul']['id']."', 'gb_email', '$typenumber', '$email', '".$auth->auth['uid']."', '".time()."', '".time()."')";
$db->query($sql);
$gb_change='true';
}
} else {
if($gb_temp2['email'] == 1) {
$sql = "DELETE FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_email' AND typenumber='$gb_entry'";
$db->query($sql);
}
}
// url schreiben
if ($url) {
set_magic_quotes_gpc($url);
$url = str_replace('http://','',$url);
if($gb_temp2['url'] == 1) {
unset($gb_temp);
$sql = "UPDATE $cms_db[content_external] SET value='$url', lastmodified='".time()."', author='".$auth->auth['uid']."' WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_url' AND typenumber='$gb_entry'";
$db->query($sql);
if ($db->affected_rows()) $gb_temp='true';
else $gb_change='true';
} else {
$sql = "INSERT INTO $cms_db[content_external] (idsidelang, container, number, idtype, typenumber, value, author, created, lastmodified) VALUES ('".$con_side[$idcatside]['idsidelang']."', '".$cms_mod['container']['id']."', '".$cms_mod['modul']['id']."', 'gb_url', '$typenumber', '$url', '".$auth->auth['uid']."', '".time()."', '".time()."')";
$db->query($sql);
$gb_change='true';
}
} else {
if($gb_temp2['url'] == 1) {
$sql = "DELETE FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_url' AND typenumber='$gb_entry'";
$db->query($sql);
}
}
// Wohnort schreiben
if ($location) {
set_magic_quotes_gpc($location);
if($gb_temp2['location'] == 1) {
unset($gb_temp);
$sql = "UPDATE $cms_db[content_external] SET value='$location', lastmodified='".time()."', author='".$auth->auth['uid']."' WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_location' AND typenumber='$gb_entry'";
$db->query($sql);
if ($db->affected_rows()) $gb_temp='true';
else $gb_change='true';
} else {
$sql = "INSERT INTO $cms_db[content_external] (idsidelang, container, number, idtype, typenumber, value, author, created, lastmodified) VALUES ('".$con_side[$idcatside]['idsidelang']."', '".$cms_mod['container']['id']."', '".$cms_mod['modul']['id']."', 'gb_location', '$typenumber', '$location', '".$auth->auth['uid']."', '".time()."', '".time()."')";
$db->query($sql);
$gb_change='true';
}
} else {
if($gb_temp2['location'] == 1) {
$sql = "DELETE FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_location' AND typenumber='$gb_entry'";
$db->query($sql);
}
}
// Kommentar schreiben
if ($comment) {
set_magic_quotes_gpc($comment);
if($gb_temp2['comment'] == 1) {
unset($gb_temp);
$sql = "UPDATE $cms_db[content_external] SET value='$comment', lastmodified='".time()."', author='".$auth->auth['uid']."' WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_comment' AND typenumber='$gb_entry'";
$db->query($sql);
if ($db->affected_rows()) $gb_temp='true';
else $gb_change='true';
} else {
$sql = "INSERT INTO $cms_db[content_external] (idsidelang, container, number, idtype, typenumber, value, author, created, lastmodified) VALUES ('".$con_side[$idcatside]['idsidelang']."', '".$cms_mod['container']['id']."', '".$cms_mod['modul']['id']."', 'gb_comment', '$typenumber', '$comment', '".$auth->auth['uid']."', '".time()."', '".time()."')";
$db->query($sql);
$gb_change='true';
}
} else {
if($gb_temp2['comment'] == 1) {
$sql = "DELETE FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_comment' AND typenumber='$gb_entry'";
$db->query($sql);
}
}
// Kommentar schreiben
if ($comment2) {
set_magic_quotes_gpc($comment2);
if($gb_temp2['comment2'] == 1) {
unset($gb_temp);
$sql = "UPDATE $cms_db[content_external] SET value='$comment2', lastmodified='".time()."', author='".$auth->auth['uid']."' WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_comment2' AND typenumber='$gb_entry'";
$db->query($sql);
if ($db->affected_rows()) $gb_temp='true';
else $gb_change='true';
} else {
$sql = "INSERT INTO $cms_db[content_external] (idsidelang, container, number, idtype, typenumber, value, author, created, lastmodified) VALUES ('".$con_side[$idcatside]['idsidelang']."', '".$cms_mod['container']['id']."', '".$cms_mod['modul']['id']."', 'gb_comment2', '$typenumber', '$comment2', '".$auth->auth['uid']."', '".time()."', '".time()."')";
$db->query($sql);
$gb_change='true';
}
} else {
if($gb_temp2['comment2'] == 1) {
$sql = "DELETE FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_comment2' AND typenumber='$gb_entry'";
$db->query($sql);
}
}
// IP-Adresse schreiben
if ($gb_change) {
if(!$gb_entry) {
$sql = "INSERT INTO $cms_db[content_external] (idsidelang, container, number, idtype, typenumber, value, author, created, lastmodified) VALUES ('".$con_side[$idcatside]['idsidelang']."', '".$cms_mod['container']['id']."', '".$cms_mod['modul']['id']."', 'gb_ip', '$typenumber', '".getenv('REMOTE_ADDR')."', '".$auth->auth['uid']."', '".time()."', '".time()."')";
$db->query($sql);
}
}
// Moderation schreiben
if ($moderated) {
set_magic_quotes_gpc($moderated);
if($gb_temp2['moderated'] == 1) {
unset($gb_temp);
$sql = "UPDATE $cms_db[content_external] SET value='$moderated', lastmodified='".time()."', author='".$auth->auth['uid']."' WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_moderated' AND typenumber='$gb_entry'";
$db->query($sql);
if ($db->affected_rows()) $gb_temp='true';
else $gb_change='true';
} else {
$sql = "INSERT INTO $cms_db[content_external] (idsidelang, container, number, idtype, typenumber, value, author, created, lastmodified) VALUES ('".$con_side[$idcatside]['idsidelang']."', '".$cms_mod['container']['id']."', '".$cms_mod['modul']['id']."', 'gb_moderated', '$typenumber', '$moderated', '".$auth->auth['uid']."', '".time()."', '".time()."')";
$db->query($sql);
$gb_change='true';
}
} else {
if($gb_temp2['moderated'] == 1) {
$sql = "DELETE FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype='gb_moderated' AND typenumber='$gb_entry'";
$db->query($sql);
}
}
unset($typenumber);
unset($gb_entry);
unset($gb_temp);
unset(${'gb'.$cms_mod['container']['id'].'_'.$cms_mod['modul']['id']});
// E-Mail schreiben wenn gewuenscht
if($mvars['22'] == "true" && strchr($mvars['23'],'@')){
$mailbody = str_replace('{name}',$name,$mvars['24']);
$mailbody = str_replace('{email}',$email,$mailbody);
$mailbody = str_replace('{homepage}',$url,$mailbody);
$mailbody = str_replace('{location}',$location,$mailbody);
$mailbody = str_replace('{comment}',stripslashes($comment),$mailbody);
$mailbody = str_replace('{comment2}',stripslashes($comment2),$mailbody);
$mailbody = str_replace('{created}',date("d.m.Y h:i"),$mailbody);
$mailbody = str_replace('{ip}',getenv('REMOTE_ADDR'),$mailbody);
$mailbody = str_replace('{link}',$cfg_client['htmlpath'].$con_side[$idcatside]['link'],$mailbody);
$mailbody = str_replace('<br />',"\n",$mailbody);
mail($mvars['23'], $mvars['25'], $mailbody, "From: Gaestebuch<".$mvars['23'].">\nX-Mailer: PHP/" . phpversion(). "\n");
unset($mailbody);
}
}
// ********************************************************************************
***************
// wenn "del" als aktion uebergeben wird und wir noch im edit-modus sind
if(${'gb'.$cms_mod['container']['id'].'_'.$cms_mod['modul']['id']} == 'delete' && $cms_side['edit']) {
$sql = "DELETE FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype!='1' AND typenumber='$gb_entry'";
$db->query($sql);
$sql = "UPDATE $cms_db[content_external] SET typenumber=typenumber-1 WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype!='1' AND typenumber>'$gb_entry'";
$db->query($sql);
unset(${'gb'.$cms_mod['container']['id'].'_'.$cms_mod['modul']['id']});
}
// ********************************************************************************
***************
// Gaestebuch anzeigen
if(!${'gb'.$cms_mod['container']['id'].'_'.$cms_mod['modul']['id']}) {
// Navigationstemplate
$gb['navi_forward_on'] = $mvars['2'];
$gb['navi_forward_off'] = $mvars['3'];
$gb['navi_backward_on'] = $mvars['4'];
$gb['navi_backward_off'] = $mvars['5'];
$gb['navi_numeric_on'] = $mvars['6'];
$gb['navi_numeric_off'] = $mvars['7'];
// Startposition festlegen
$gb['navi_position'] = (is_numeric(${'gb'.$cms_mod['container']['id'].'_'.$cms_mod['modul']['id'].'_pos'}) && ${'gb'.$cms_mod['container']['id'].'_'.$cms_mod['modul']['id'].'_pos'} > 0) ? ${'gb'.$cms_mod['container']['id'].'_'.$cms_mod['modul']['id'].'_pos'} : 1;
// Eintraege zaehlen
$sql = "SELECT DISTINCT typenumber FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype!='1'";
$db->query($sql);
//Anzahl aller moeglichen Artikel
$gb['side_score'] = $db->num_rows();
// Seitennavigation bauen
if ($mvars['8'] > '0')
{
$base_url = "gb".$cms_mod['container']['id']."_".$cms_mod['modul']['id']."_pos";
$pager =& sf_factoryGetObject('GUI', 'Pager');
$pager->setTotalItems($gb['side_score']);
$pager->setItemsPerPage($mvars['8']);
$pager->setDelta($mvars['40']);
$pager->setCurrentPage($gb['navi_position']);
$pager->setSpacesBeforeSeparator(0);
$pager->setSeparator($mvars['39']);
$pager->setTextPrev($mvars['41']);
$pager->setTextNext($mvars['42']);
$pager->setTextFirst($mvars['43']);
$pager->setTextLast($mvars['44']);
$pager->setUrlVar($base_url);
$pager->generate();
$final['navi'] = $pager->getLinks();
} else {
$final['navi'] = "";
}
// Eintraege in Array schreiben
if ($mvars['28'] == "SORT_DESC") {
// start = anzEintraege - startSeite - anzAnzeigen + 1
$gb['begin_search'] = $gb['side_score'] - ($gb['navi_position']-1)*$mvars['8'] - $mvars['8'] + 1;
$gb['end_search'] = $gb['side_score'] - ($gb['navi_position']-1)*$mvars['8'];
} else {
$gb['begin_search'] = ($gb['navi_position']-1)*$mvars['8'] + 1;
$gb['end_search'] = ($gb['navi_position']-1)*$mvars['8'] + $mvars['8'];
}
if ($mod['test'] == "true") {echo "<hr>Kontrolle Navigation: Anz ".$gb['side_score']."<br>Start: ".$gb['begin_search']."<br>Ende: ".$gb['end_search']."<br>[28]:".$mvars['28']."<br>[8]:".$mvars['8']."<br>";}
if ($mvars['8'] == '0') {
$sql = "SELECT * FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype!='1' ORDER BY lastmodified DESC";
} else {
//$sql = "SELECT * FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype!='1' AND typenumber BETWEEN '".$gb['begin_search']."' AND '".$gb['end_search']."' ORDER BY lastmodified ".$mvars['28'];
$sql = "SELECT * FROM $cms_db[content_external] WHERE idsidelang='".$con_side[$idcatside]['idsidelang']."' AND container='".$cms_mod['container']['id']."' AND number='".$cms_mod['modul']['id']."' AND idtype!='1' AND typenumber BETWEEN '".$gb['begin_search']."' AND '".$gb['end_search']."' ORDER BY lastmodified DESC";
}
$db->query($sql);
while ($db->next_record()) {
//if ($mod['test'] == "true") {echo "<br>Eintraege: Nr:".$db->f('typenumber')." Creat:".$db->f('created')." Last:".$db->f('lastmodified')." value: ".$db->f('value')." Type: ".$db->f('idtype');}
$gb['typenumber'][] = $db->f('typenumber');
if ($db->f('idtype') == 'gb_name') $gb[$db->f('typenumber')]['name'] = $db->f('value');
if ($db->f('idtype') == 'gb_email' && $mvars['15'] != '') $gb[$db->f('typenumber')]['email'] = str_replace('{url}', htmlspecialchars($db->f('value'), ENT_COMPAT, 'UTF-8'), $mvars['15']);
if ($db->f('idtype') == 'gb_url' && $mvars['14'] != '') $gb[$db->f('typenumber')]['url'] = str_replace('{url}', htmlspecialchars($db->f('value'), ENT_COMPAT, 'UTF-8'), $mvars['14']);
if ($db->f('idtype') == 'gb_location' && $mvars['17'] != '') $gb[$db->f('typenumber')]['location'] = str_replace('{loc}', htmlspecialchars($db->f('value'), ENT_COMPAT, 'UTF-8'), $mvars['17']);
if ($db->f('idtype') == 'gb_comment') $gb[$db->f('typenumber')]['comment'] = $db->f('value');
if ($db->f('idtype') == 'gb_comment2' && $mvars['20'] != '') $gb[$db->f('typenumber')]['comment2'] = str_replace('{com2}', htmlspecialchars($db->f('value'), ENT_COMPAT, 'UTF-8'), $mvars['20']);
if ($db->f('idtype') == 'gb_moderated') $gb[$db->f('typenumber')]['moderated'] = $db->f('value');
if ($db->f('idtype') == 'gb_ip') {
$gb[$db->f('typenumber')]['ip'] = $db->f('value');
$gb[$db->f('typenumber')]['created'] = date($cfg_cms['FormatDate'].' '.$cfg_cms['FormatTime'], $db->f('created'));
}
if (!$gb[$db->f('typenumber')]['lastmodified']) $gb[$db->f('typenumber')]['lastmodified'] = date($cfg_cms['FormatDate'].' '.$cfg_cms['FormatTime'], $db->f('lastmodified'));
}
// Template erstellen
$final['newentry'] = str_replace('{url}', $con_side[$idcatside]['link']."&gb".$cms_mod['container']['id']."_".$cms_mod['modul']['id']."=edit", $mvars['11']);
// Eintraege erstellen
if (is_array($gb['typenumber'])) {
$gb['typenumber'] = array_unique($gb['typenumber']);
if ( $mvars['28'] == 'SORT_DESC') {
array_multisort ($gb['typenumber'], SORT_NUMERIC, SORT_DESC);
} else {
array_multisort ($gb['typenumber'], SORT_NUMERIC, SORT_ASC);
}
foreach($gb['typenumber'] as $gb['number']=>$i) {
$final['editentry'] = str_replace('{url}', $con_side[$idcatside]['link']."&gb".$cms_mod['container']['id']."_".$cms_mod['modul']['id']."=edit&gb_entry=".$i, $mvars['12']);
$final['deleteentry'] = str_replace('{url}', $con_side[$idcatside]['link']."&gb".$cms_mod['container']['id']."_".$cms_mod['modul']['id']."=delete&gb_entry=".$i, $mvars['13']);
if ($mvars['1'] != '') {
$gb_temp['span'] = '<span class='.$mvars['1'].'">';
$gb_temp['span2'] = '</span>';
} else {
$gb_temp['span'] = '';
$gb_temp['span2'] = '';
}
if ($cms_side['edit']) $comment_temp = $mvars['16'];
else $comment_temp = $mvars['9'];
$comment_temp = str_replace('{name}', $gb_temp['span'].htmlspecialchars($gb[$i]['name'], ENT_COMPAT, 'UTF-8').$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{email}', $gb_temp['span'].$gb[$i]['email'].$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{homepage}', $gb_temp['span'].$gb[$i]['url'].$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{location}', $gb_temp['span'].htmlspecialchars($gb[$i]['location'], ENT_COMPAT, 'UTF-8').$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{comment}', $gb_temp['span'].str_replace("<br />","<br />", nl2br(htmlspecialchars($gb[$i]['comment'], ENT_COMPAT, 'UTF-8'))).$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{comment2}', $gb_temp['span'].str_replace("<br />","<br />", nl2br($gb[$i]['comment2'])).$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{moderated}', $gb_temp['span'].htmlspecialchars($gb[$i]['moderated'], ENT_COMPAT, 'UTF-8').$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{ip}', $gb_temp['span'].$gb[$i]['ip'].$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{created}', $gb_temp['span'].$gb[$i]['created'].$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{lastmodified}', $gb_temp['span'].$gb[$i]['lastmodified'].$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{newentry}', $gb_temp['span'].$final['newentry'].$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{number}', $gb_temp['span'].$i.$gb_temp['span2'], $comment_temp);
if ($cms_side['edit']) {
$comment_temp = str_replace('{editentry}', $gb_temp['span'].$final['editentry'].$gb_temp['span2'], $comment_temp);
$comment_temp = str_replace('{deleteentry}', $gb_temp['span'].$final['deleteentry'].$gb_temp['span2'], $comment_temp);
} else {
$comment_temp = str_replace('{editentry}', '', $comment_temp);
$comment_temp = str_replace('{deleteentry}', '', $comment_temp);
}
if($mvars['27'] != "false" ) {
$comment_temp = gaestebuch_renderSmileys($comment_temp,'cms/mod/smileys');
}
if ($mvars['0'] != '') $final['comments'] .= '<span class="'.$mvars['0'].'">'.$comment_temp.'</span>';
else $final['comments'] .= $comment_temp;
}
}
// Final-Template erstellen
$final_temp = str_replace('{newentry}', $final['newentry'], $mvars['10']);
$final_temp = str_replace('{comments}', $final['comments'], $final_temp);
$final_temp = str_replace('{navi}', $final['navi'], $final_temp);
$final_temp = str_replace('{navi_forward}', $final['navi_forward'], $final_temp);
$final_temp = str_replace('{navi_backward}', $final['navi_backward'], $final_temp);
eval(' ?>'.$final_temp);
}
unset($gb, $gb_temp, $comment_temp, $final_temp, $final, $gb_temp2, $mod, $gb_change, $base_url, $captcha_object);
} //end $is_dev
unset($is_dev);
</CMSPHP>
Unter Administrativ ist jetzt die neue Checkbox für die Moderation und es wird auch der Wert vom Formular unter "moderiert" übernommen.
Jetz sollte das Feld vesteckt werden und immer mit dem Inhalt "1" gefüllt werden.
$final_temp = str_replace('{moderated}', "<input type=\"text\" name=\"moderated\" id=\"moderated\" value=\"".$gb_temp['moderated']."\"".$gb_temp['span_moderated']." />", $final_temp);
wenn ich da den type von text auf hidden und value auf "1" ändere wird in der DB nichts gespeichert. Warum?
Dann mein Problem mit der Abfrage.
Jetzt sollte verglichen werden (denke ähnlich wie Captcha), falls moderation gewünscht wurde, ob in dem Feld eine "0" steht und damit im Frontend angezeigt wird. Vorraussetzung ist dafür, dass im backend (Beitrag edit: (also freischalten) value von "1" auf "0" geändert wird!
Falls nicht moderiert werden soll, kann man ja den inhalt von value mit "1" ausgeben!