Missing file: lang/".$langDIR."langindex". $langID.".inc !"); @include("lang/".$langDIR."langindex".$langID.".inc"); if (!file_exists("lang/".$langDIR."langcountry".$langID.".inc")) die("
Missing file: lang/".$langDIR."langcountry". $langID.".inc !
"); @include("lang/".$langDIR."langcountry".$langID.".inc"); if (file_exists("lang/".$langDIR."langspecial".$langID.".inc")) include("lang/".$langDIR."langspecial".$langID.".inc"); if (!isset($vgb_fontsizes)) $vgb_fontsizes = array(10,12,14,18); define ( "VGB_SMALLSIZE" , $vgb_fontsizes[0] ); define ( "VGB_NORMALSIZE" , $vgb_fontsizes[1] ); define ( "VGB_BIGSIZE" , $vgb_fontsizes[2] ); define ( "VGB_HUGESIZE" , $vgb_fontsizes[3] ); vgb_connectDB(); if ($settings['DEACTIVATED']) exit(); if (!$settings['USECOOKIES']) $cookie = array(); vgb_registerVisitor(); vgb_setSkinDir("",$skin); if (file_exists($skinDir."skininfo.php")) { include($skinDir."skininfo.php"); if (isset($skininfo['STYLEINC']) && $skininfo['STYLEINC']) { if (file_exists($skinDir."style.inc")) { include($skinDir."style.inc"); } } } $jsmail = array(); $rtf = 0; if (($settings['USEBBCODE']) && ($settings['USETOOLBAR']==2) && ($rtf = vgb_supportsRTF())) include("libs/rtf.php"); $emoticons = array(); $query = vgb_query("select * from VGB_EMOTICON order by PRIORITY asc"); while ($emoticon = vgb_result($query)) { $emoticons[] = array($emoticon['CODE'],$emoticon['FILENAME']); } if (isset($arg['vgbtekcit'])) Ticket(); $enc = (isset($arg['vgbmrofliam']) || isset($arg['vgbsendmail'])) ? $settings['MAILCHARSET'] : $settings['ENCODING']; if ($enc != "") header("Content-Type: text/html; charset=".$enc); if (isset($arg['vgbedocbb'])) BBCodeInfo(); elseif (isset($arg['vgberutcip'])) picture(); elseif (isset($arg['vgbhcraes'])) search(); elseif (isset($arg['vgbtnemmoc'])) { $validated = false; comment(); } elseif (isset($arg['vgbweiverp'])) preview(); elseif (isset($arg['vgbdnes'])) sendComment(); elseif (isset($arg['vgbssapdnes'])) sendpass(); elseif (isset($arg['vgbssap'])) decode(); elseif (isset($arg['vgbnigol'])) login(); elseif (isset($arg['vgbmrofliam'])) mailform(); elseif (isset($arg['vgbreliam'])) mailer(); elseif (isset($arg['vgbliamdnes'])) gbsend(); elseif (isset($arg['vgbnocitome'])) emoticon(); elseif (isset($arg['vgbetr'])) rte(); elseif (isset($arg['tcerider'])) { $url = $arg['tcerider']; if (strtolower(substr($url,0,7))!="http://") $url = "http://".$url; $jurl = str_replace("&","&",$url); echo vgb_startXHTML($enc)."
".$lang['notRedirected']."
"; exit(); } function rte() { echo " "; } function loggedIn( $inEntry = 0 ) { global $decode,$_IP,$PFIX,$screenparam,$settings; $_p = explode(".",$_IP); $sessionIP = $_p[0].".".$_p[1].".".$_p[2]; $loggedIn = false; if (!is_null($decode)) { $_query = vgb_query("select * from VGB_LOGIN where SESSIONID = '".addSlashes($decode)."' and IP = '".$sessionIP."'"); if (vgb_numrows($_query) != 0) { $_l = vgb_result($_query); vgb_query("update VGB_LOGIN set TSTAMP = now() where SESSIONID = '".addSlashes($decode)."'"); $screenparam .= "&".$PFIX."decode=".$decode; if (!$settings['ASKPRIVATE'] || ($inEntry == 0) || ($_l['ENTRYID'] == 0)) $loggedIn = true; else { $_query = vgb_query("select PRIVATE from VGB_ENTRY where ID = ".intval($inEntry)); if (vgb_numrows($_query) != 0) { $_e = vgb_result($_query); if (is_null($_e['PRIVATE']) || ($_l['ENTRYID'] == $inEntry)) $loggedIn = true; } } } } if (($inEntry == 0) || (!$settings['ASKPRIVATE'])) $loggedIn = true; else { $_query = vgb_query("select PRIVATE from VGB_ENTRY where ID = ".intval($inEntry)); if (vgb_numrows($_query) != 0) { $_e = vgb_result($_query); if (is_null($_e['PRIVATE'])) $loggedIn = true; } } return $loggedIn; } function out ( $in ) { echo $in; } function skinDir() { global $skinDir; if (isset($skinDir)) echo $skinDir; } function setStyle() { global $skinDir,$skin; vgb_setSkinDir("",$skin); if (!file_exists($skinDir."screencss.php")) { echo ""; } else include($skinDir."screencss.php"); } function ticket() { global $arg,$settings; $bg = (isset($arg['vgbbgcol']) && eregi("^[0-9a-f]{6}\$",$arg['vgbbgcol'])) ? $arg['vgbbgcol'] : "ffffff"; $tx = (isset($arg['vgbtxcol']) && eregi("^[0-9a-f]{6}\$",$arg['vgbtxcol'])) ? $arg['vgbtxcol'] : "000000"; $t = vgb_result(vgb_query("select * from VGB_TICKET where ID = ".intval($arg['vgbtekcit']))); include("libs/captcha.php"); vgb_captcha($t['TICKET'],$tx,$bg); exit(); } function picture() { global $arg,$settings; $ad = false; if (isset($arg['decode'])) { $query = vgb_query("select * from VGB_SESSION where substring(SESSIONID,1,10) = '".addSlashes($arg['decode'])."'"); if (vgb_numrows($query) > 0) $ad = true; } $query = vgb_query("select * from VGB_ENTRY where ID = ".intval($arg['vgberutcip'])); if ((vgb_numrows($query) > 0) && ($settings['ASKPICTURE'])) { $e = vgb_result($query); if (!is_null($e['PICTURE'])) if (loggedIn($arg['vgberutcip']) || $ad) { $filename = "upload/".$e['PICTURE']; if (isset($arg['vgbbmuht'])) { $size = @getImageSize($filename); $newSize = array((float)$size[0],(float)$size[1]); if (($settings['THUMBNAILX'] > 0) && ($size[0] > $settings['THUMBNAILX'])) { $newSize[0] = (float)($settings['THUMBNAILX']); $newSize[1] = (float)((float)($settings['THUMBNAILX'])/(float)($size[0])*$newSize[1]); } if (($settings['THUMBNAILY'] > 0) && ($newSize[1] > $settings['THUMBNAILY'])) { $newSize[0] = (float)((float)($settings['THUMBNAILY'])/$newSize[1]*$newSize[0]); $newSize[1] = (float)($settings['THUMBNAILY']); } $newSize = array( round($newSize[0]), round($newSize[1]) ); header('Content-type: image/jpeg'); $image_p = imagecreatetruecolor($newSize[0],$newSize[1]); $image = (substr($filename,-3)=='gif') ? imagecreatefromgif($filename) : imagecreatefromjpeg($filename); if (function_exists("imagecopyresampled")) imagecopyresampled($image_p, $image,0,0,0,0,$newSize[0],$newSize[1],$size[0],$size[1]); else imagecopyresized($image_p, $image,0,0,0,0,$newSize[0],$newSize[1],$size[0],$size[1]); imagepng($image_p); } else { $text = (is_null($e['PICTEXT']) || (!$settings['ASKPICTEXT'])) ? "" : vgb_removeHTML(vgb_UndoNoHTML(vgb_string(vgb_filterBadwords(vgb_noHTML($e['PICTEXT']),$settings['FILTERPICTEXT']))),false); echo " "; setStyle(); echo " $text "; vgb_saveAction(10,$e['PICTURE']); } } } } function search() { global $arg,$settings,$lang,$langC,$langDIR,$langID,$_param,$PFIX,$enc; if ($settings['ALLOWSEARCH'] && loggedIn(0)) { $_param = ""; foreach ($arg as $key => $val) { if (!in_array($key,array("vgbhcraes","vgbxiferp",$PFIX."filtername",$PFIX."filtertext",$PFIX."filteremail",$PFIX."filterhomepage",$PFIX."filtericq",$PFIX."filteraim",$PFIX."filtermsn",$PFIX."filteryahoo",$PFIX."filterskype",$PFIX."filterjabber",$PFIX."filtergadugadu",$PFIX."filtercountry",$PFIX."filterrating",$PFIX."filtercustom",$PFIX."filtergender",$PFIX."filterop",$PFIX."filterrop"))) if (is_array($val)) foreach ($val as $ak => $av) $_param .= "&".$key."[".urlencode($ak)."]=".urlencode($av); else $_param .= "&".urlencode($key)."=".urlencode($val); } $url = "http://".$settings['INDEXURL']; if ($url[strlen($url)-1] == "/") $url .= "index.".EXT; if ((strpos($url,"?") == 0) && ($_param != "")) $url .= "?"; $url .= $_param; echo vgb_startXHTML($enc)." ".$lang['search'].""; setStyle(); echo "
".$lang['searchEntries']."

".$lang['searchInfo']."
"; if ($settings['ASKGENDER']) echo " "; if ($settings['ASKEMAIL']) echo " "; if ($settings['ASKHOMEPAGE']) echo " "; if ($settings['ASKICQ']) echo " "; if ($settings['ASKAIM']) echo " "; if ($settings['ASKMSN']) echo " "; if ($settings['ASKYAHOO']) echo " "; if ($settings['ASKSKYPE']) echo " "; if ($settings['ASKJABBER']) echo " "; if ($settings['ASKGADUGADU']) echo " "; if ($settings['ASKCOUNTRY']) { echo " "; } $_query = vgb_query("select * from VGB_CUSTOMFIELD order by PRIORITY asc"); if (vgb_numrows($_query) > 0) { while ($_field = vgb_result($_query)) { echo ""; } } $_query = vgb_query("select * from VGB_RATINGBOX order by PRIORITY asc"); if (vgb_numrows($_query) != 0) { while ($_box = vgb_result($_query)) { echo ""; } } if ($settings['ASKPICTURE']) echo " "; echo"
".$lang['name'].":
".$lang['text'].":
".$lang['gender'].":
".$lang['email'].":
".$lang['homepage'].":
ICQ:
AIM:
MSN:
YAHOO:
Skype:
Jabber:
Gadu-Gadu:
".$lang['country'].":
".vgb_removeHTML(vgb_string($_field['NAME'])).""; if ($_field['TYPE'] == 2) { // the custom-field is a selection $_value = ""; } else { // the custom-field is text-input $_value = ($_field['TYPE'] == 1) ? "" : ""; $_value .= " set integer-boundary as maximum $_value .= strlen("999999999"); $_value .= "' />"; } else { // the input is text $_rules = explode("\n",$_field['RULES'],2); if ($_rules[0] != "") // set the given length as maximum $_value .= $_rules[0]; else // no rule => set string-maximum $_value .= "127"; $_value .= "' />"; } } echo $_value."
".vgb_removeHTML(vgb_string($_box['NAME'])).""; echo "
".$lang['onlyPicture']."


[ ".$lang['back']." ]

"; vgb_saveAction(11); } } function checkComment() { global $arg,$lang,$settings,$preName,$preEmail,$preText,$_user,$decText, $_IP,$_hostname,$time,$date,$errorMSG,$validated,$_nid,$rtf; if (!(isset($arg['vgbeman']) && (isset($arg['vgbliame'])) && (isset($arg['vgbdi'])) && (isset($arg['vgbtxet'])))) failure($lang['errorOccured']); else { $q = vgb_query("select CLOSED from VGB_ENTRY where ID = ".intval($arg['vgbdi'])); if (vgb_numrows($q) == 0) failure($lang['errorOccured']); $e = vgb_result($q); if ($e['CLOSED']) failure($lang['errorOccured']); $validated = ((($settings['USETICKETS']&1) > 0) && vgb_isTicket($arg['vgbdit'],$arg['vgbedoct'])) ? true : false; $today = getdate(time()); if (strlen($today['mon']) == 1) $today['mon'] = "0".$today['mon']; $date = $today['year']."-".$today['mon']."-". $today['mday']; $now = localtime(time(),1); if (strlen($now['tm_sec']) == 1) $now['tm_sec'] = "0".$now['tm_sec']; if (strlen($now['tm_min']) == 1) $now['tm_min'] = "0".$now['tm_min']; if (strlen($now['tm_hour']) == 1) $now['tm_hour'] = "0".$now['tm_hour']; $time = $now['tm_hour'].":".$now['tm_min'].":".$now['tm_sec']; $arg['vgbtnemmoc'] = trim($arg['vgbdi']); $preName = trim($arg['vgbeman']); $preEmail = trim($arg['vgbliame']); $preText = trim($arg['vgbtxet']); $decText = ($rtf && isset($arg['RTFDECODE'])) ? vgb_RTFdecode($preText) : $preText; $query2 = vgb_query("select * from VGB_USER where RESERVED = 1"); $_names = array(); while ($u = vgb_result($query2)) { $_names[] = strtolower($u['NAME']); } if (in_array(strtolower($preName),$_names)) $errorMSG = $lang['nameReserved']; elseif ((($settings['USETICKETS']&1) > 0) && !$validated) $errorMSG = $lang['wrongValidation']; elseif ($_nid) $errorMSG = "Please try again !"; elseif (strtolower(substr($preName,0,strlen($settings['PASSPREFIX']))) == strtolower(($settings['PASSPREFIX']))) { $_pass = strtolower(substr($preName,strlen($settings['PASSPREFIX']))); $query2 = vgb_query("select * from VGB_USER where PASSWORD = '".addSlashes($_pass)."'"); if (vgb_numrows($query2) == 0) $errorMSG = $lang['invalidPassword']; else { $u = vgb_result($query2); $_user['NAME'] = $u['NAME']; $_user['EMAIL'] = ($preEmail == "") ? $u['EMAIL'] : $preEmail; $_user['TEXT'] = $decText."\n\n".$u['SIGNATURE']; } } elseif (($x = vgb_noASCII(array($lang['email'] => $preEmail))) != "") $errorMSG = $lang['noASCII'].$x; elseif (($preEmail != "") && (!vgb_isValidEmail($preEmail))) $errorMSG = $lang['wrongField'].$lang['email']; elseif ($preName == "") $errorMSG = $lang['noName']; elseif ($decText == "") $errorMSG = $lang['noEntry']; elseif (vgb_strlen($preName) > $settings['MAXLENNAME']) $errorMSG = $lang['tooLong'].$lang['name']; elseif (vgb_strlen($preEmail) > $settings['MAXLENEMAIL']) $errorMSG = $lang['tooLong'].$lang['email']; elseif (($settings['MAXLENENTRY'] != 0) && (($_zahl = vgb_strlen($decText)) > $settings['MAXLENENTRY'])) $errorMSG = $lang['tooLongEntry']. ($_zahl-$settings['MAXLENENTRY']); } } function preview() { global $errorMSG,$preview,$preName,$preText,$preEmail,$time, $_IP,$_hostname,$date,$arg,$_user; checkComment(); if ($errorMSG == "") { $preview['NAME'] = (isset($_user)) ? $_user['NAME'] : $preName; $preview['EMAIL'] = (isset($_user)) ? $_user['EMAIL'] : $preEmail; if ($preview['EMAIL'] == "") $preview['EMAIL'] = null; $preview['TEXT'] = (isset($_user)) ? $_user['TEXT'] : $preText; $preview['HOSTNAME'] = $_hostname; $preview['IP'] = $_IP; $preview['DATE'] = $date; $preview['SIGNTIME'] = $time; $preview['ENTRYID'] = $arg['vgbdi']; $preview['ADMIN'] = 0; } Comment(); } function sendComment() { global $lang,$arg,$preName,$preText,$preEmail,$time,$_hostname,$_IP,$date, $errorMSG,$statusMSG,$settings,$_user,$validated,$rtf,$decText; if ($settings['ALLOWCOMMENTS'] && loggedIn($arg['vgbdi']) && (intval($arg['vgbdi'] > 0))) { checkComment(); if (!isset($errorMSG)) { vgb_query("delete from VGB_COMMENTSPAM where ". "date_add(TSTAMP,interval ".$settings['MAXSPAMTIME']." minute) < now()"); $query = vgb_query("select * from VGB_COMMENTSPAM where IP = '". $_IP."' and ENTRYID = ".intval($arg['vgbdi'])); if (vgb_numrows($query) != 0) { // possible spammer detected => ask to retry later vgb_query("update VGB_COMMENTSPAM set TSTAMP". " = now() where IP = '".$_IP. "' and ENTRYID = ".intval($arg['vgbdi'])); $errorMSG = $lang['spamWarning']; } else { // no spammer but save the ip in spamlist $query = vgb_query("insert into VGB_COMMENTSPAM values('". $_IP."','".date("Y-m-d H:i:s")."',".intval($arg['vgbdi']).")"); if (isset($_user)) { $preName = $_user['NAME']; $preEmail = $_user['EMAIL']; $preText = $_user['TEXT']; } elseif ($rtf && isset($arg['RTFDECODE'])) $preText = $decText; $q = "insert into VGB_COMMENT values (null,".intval($arg['vgbtnemmoc']).",". "'".addSlashes($preName)."',"; $q .= ($preEmail == "") ? "null," : "'".addSlashes($preEmail)."',"; $q .= "'".addSlashes($preText)."','".$_IP."','".addSlashes($_hostname)."','". $date."','".$time."',0,"; $q .= ($settings['MODERATEDMODE']) ? "1" : "0"; $q .= ")"; vgb_query($q); $statusMSG = $lang['sendSuccess']; if ($settings['MODERATEDMODE']) $statusMSG .= $lang['sendSuccessMod']; $_q = vgb_query("select * from VGB_ENTRY where ID = ".intval($arg['vgbtnemmoc'])); $e = vgb_result($_q); $am = vgb_getAdminEmails("COMMENT"); if ($am != '') vgb_notification(6,$am,$e['NAME'], array("comment" => $preText, "email" => $preEmail, "from" => $preName), $lang['commentSubject'],$lang['commentSubject']); if (!is_null($e['EMAIL']) && !$settings['MODERATEDMODE']) vgb_notification(7,$e['EMAIL'],$e['NAME'], array("comment" => $preText, "from" => $preName), $lang['commentSubject'],$lang['commentSubject']); vgb_query("update VGB_SETTINGS set COMMENTSENT = 1"); $validated = false; $preEmail=""; $preText=""; $preName=""; } } comment(); } } function comment() { global $lang,$arg,$settings,$skinDir,$preText,$preEmail,$validated,$emoticons,$enc, $preName,$preview,$errorMSG,$statusMSG,$screenparam,$PFIX,$cookie,$_param,$jsmail,$rtf; $_param = ""; foreach ($arg as $key => $val) { if (!in_array($key,array("RTFDECODE","vgbxiferp","vgbtnemmoc","vgbdi","vgbeman","vgbliame","vgbtxet","vgbweiverp","vgbdnes","vgbdit","vgbedoct"))) if (is_array($val)) foreach ($val as $ak => $av) $_param .= "&".$key."[".urlencode($ak)."]=".urlencode($av); else $_param .= "&".urlencode($key)."=".urlencode($val); } function showComment($_comment, $preview = false) { global $settings,$lang,$screenparam,$preName,$preEmail,$preText,$_user,$_param,$arg,$validated,$jsmail,$rtf; $_date = explode("-",vgb_diffDate($_comment['SIGNTIME'],$_comment['DATE'])); $name = vgb_outName($_comment['NAME'],$_comment['ADMIN']); $otext = $_comment['TEXT']; if ($preview && $rtf && isset($arg['RTFDECODE'])) $otext = vgb_RTFdecode($otext); $text = vgb_outText($otext,$_comment['ADMIN']); $class = ($_comment['ADMIN']) ? "bgadmin" : "bgcomment"; echo " "; if ($preview) echo "   ".$lang['preview'].""; echo "
"; if ($settings['USEMAILER'] && !is_null($_comment['EMAIL']) && !$preview) { if ($settings['USEMAILER'] == 2) { $mail = explode("@",$_comment['EMAIL'],2); $o = ""; for($i=0;$i$name"; } else { $_link = "screen.".EXT."?$screenparam&vgbreliam=a".$_comment['ID']; echo "$name"; } } else echo $name; echo "
".vgb_dateOut($_date)." - ".vgb_time(vgb_diffTime($_comment['SIGNTIME']))." "; if (($settings['HIDEIP'] != 1) || ($settings['HIDEHOST'] != 1)) { echo "- "; $IP = vgb_outIP($_comment['IP']); $_value = vgb_outHostname($_comment['HOSTNAME']); if ($settings['HIDEHOST'] == 1) echo $IP; else { echo $_value; if ($settings['HIDEIP'] != 1) echo " (".$IP.")"; } } echo "

".$text; if (($settings['BBCODEMASK']&16) && !$preview) echo "
» ".$lang['quote']."
"; else echo "
"; if ($preview) { if (isset($_user)) { $_comment['NAME'] = $preName; $_comment['EMAIL'] = $preEmail; $_comment['TEXT'] = $preText; } echo "
"; if ($validated) echo ""; echo "
"; } echo "
"; echo " "; } if (($settings['ALLOWCOMMENTS']) && (loggedIn($arg['vgbtnemmoc']) && (intval($arg['vgbtnemmoc'] > 0)))) { echo vgb_startXHTML($enc)." "; setStyle(); echo "
"; if (isset($statusMSG)) echo "
$statusMSG


"; elseif (isset($errorMSG)) echo "
$errorMSG


"; if ($settings['ALLOWCOMMENTS'] == 2) { $url = ($settings['INDEXURL'] != "") ? "http://".$settings['INDEXURL'] : "index.".EXT; if ($url[strlen($url)-1] == "/") $url .= "index.".EXT; if ((strpos($url,"?") == 0) && ($_param != "")) $url .= "?"; $url .= $_param; echo "
[". $lang['return']."]

"; } echo ""; $query = vgb_query("select * from VGB_COMMENT where UNMODERATED = 0 and ENTRYID = ".intval($arg['vgbtnemmoc'])." order by DATE asc, SIGNTIME asc, ID asc"); while ($comment = vgb_result($query)) { showComment($comment); } if (isset($preview)) showComment($preview,true); $q = vgb_query("select NAME,ENTRY,CLOSED from VGB_ENTRY where ID = ".intval($arg['vgbtnemmoc'])); $e = vgb_result($q); if (!$e['CLOSED']) { echo "
  ".$lang['newComment'].""; if ($settings['BBCODEMASK']&16) { echo "".$lang["; } echo "
"; } echo "
"; echo "
"; if ($validated) echo ""; echo " "; if (!$validated && (($settings['USETICKETS']&1)>0)) { $tid = vgb_newTicket(); echo ""; } echo " "; if ($settings['USEBBCODE']) { echo ""; } echo ""; if ($settings['USEEMOTICONS']) { echo ""; } echo "
".$lang['enterCode'].":
".$lang['name'].":
".$lang['email'].":
 
["; $_link = "screen.".EXT."?$screenparam&vgbedocbb=0"; echo " BBCode ]
".$lang['text'].":"; if ($settings['USEBBCODE'] && $settings['USETOOLBAR']) { echo "
"; BBCodeToolbar($settings['BBCODEMASK'],'','',$rtf); echo "
"; } if ($rtf) { echo "\n". ""; echo "
  "; foreach($emoticons as $emoticon) echo " ".htmlspecialchars($emoticon[0],ENT_QUOTES)." "; echo "


"; if ($settings['ALLOWCOMMENTS'] == 2) echo "
[". $lang['return']."]

"; echo " "; if (!isset($errorMSG)) $errorMSG = ""; if (isset($arg['vgbweiverp'])) vgb_saveAction(13,$errorMSG); elseif (isset($arg['vgbdnes'])) vgb_saveAction(14,$errorMSG); else vgb_saveAction(12,$e['NAME']); } } function sendpass() { global $lang,$arg,$settings,$_IP; // check for spammer if (($arg['vgbssapdnes'] != "") && loggedIn()) { $query = vgb_query("select * from VGB_ENTRY where ID = ".intval($arg['vgbssapdnes'])); if (vgb_numrows($query) == 1) { $entry = vgb_result($query); if (!(is_null($entry['EMAIL']) || is_null($entry['PRIVATE']))) { // check for spammer vgb_query("delete from VGB_MAILSPAM where ". "date_add(TSTAMP,interval ".MAILSPAMTIME." minute) < now()"); $query = vgb_query("select * from VGB_MAILSPAM where IP = '". $_IP."' and EMAIL = '".addSlashes($entry['EMAIL'])."'"); if (vgb_numrows($query) != 0) { // possible spammer detected => ask to retry later vgb_query("update VGB_MAILSPAM set TSTAMP". " = now() where IP = '".$_IP. "' and EMAIL = '".addSlashes($entry['EMAIL'])."'"); vgb_saveAction(15,$entry['EMAIL']."
".$lang['mailSpam']); failure($lang['mailSpam'],true); } else { // no spammer but save the ip in spamlist $query = vgb_query("insert into VGB_MAILSPAM values('". $_IP."','".date("Y-m-d H:i:s")."','".addSlashes($entry['EMAIL'])."')"); if (!vgb_mail($entry['EMAIL'],$lang['passwordMail'].$entry['PRIVATE'], $lang['passwordMail'].$entry['PRIVATE'])) { vgb_saveAction(15,$entry['EMAIL']."
".$lang['sendMailFail']); failure($lang['sendMailFail'],true); } vgb_saveAction(15,$entry['EMAIL']); success($lang['sendMailSuccess']); } } } } } function decode() { global $enc,$arg,$settings,$lang,$_IP; if (isset($arg['vgbxiferp']) && isset($arg['vgbegap']) && isset($arg['vgbnigol']) && ($arg['vgbnigol'] != "")) { // check for spammer $_p = explode(".",$_IP); $sessionIP = $_p[0].".".$_p[1].".".$_p[2]; vgb_query("delete from VGB_LOGIN where ". "date_add(TSTAMP,interval ".RELOGINAFTERMINUTE." minute) < now()"); $query = vgb_query("select * from VGB_LOGIN where IP = '". addSlashes($sessionIP)."' and ENTRYID = ".intval($arg['vgbnigol'])); if (vgb_numrows($query) == 0) { vgb_query("insert into VGB_LOGIN values ('".addSlashes($sessionIP)."','".date("Y-m-d H:i:s")."',".intval($arg['vgbnigol']).",0,null)"); $query = vgb_query("select * from VGB_LOGIN where IP = '".$sessionIP."' and ENTRYID = ".intval($arg['vgbnigol'])); } $_l = vgb_result($query); if ($_l['TRY'] == 3) { // possible hacker => login not possible vgb_query("update VGB_LOGIN set TSTAMP". " = now() where IP = '".$sessionIP. "' and ENTRYID = ".intval($arg['vgbnigol'])); failure($lang['noLogin']); } $query = vgb_query("select * from VGB_ENTRY where ID = ".intval($arg['vgbnigol'])); if (vgb_numrows($query) != 0) { $entry = vgb_result($query); if ($settings['ASKPRIVATE'] && !is_null($entry['PRIVATE'])) { if (strtolower($arg['vgbssap']) != $entry['PRIVATE']) { vgb_query("update VGB_LOGIN set TRY = TRY + 1, TSTAMP = now(), SESSIONID = null ". "where IP = '".$sessionIP."' and ENTRYID = ".intval($arg['vgbnigol'])); vgb_saveAction(17,$lang['invalidPassword']); failure($lang['invalidPassword']); } else { $sessionID = substr(md5(uniqid(rand())),0,20); vgb_query("update VGB_LOGIN set TRY = 0, TSTAMP = now(), SESSIONID = '".$sessionID."' where IP = '". $sessionIP."' and ENTRYID = ".intval($arg['vgbnigol'])); $_param = ""; foreach ($arg as $key => $val) { if (($key != "vgbegap") && ($key != "vgbnigol") && ($key != "vgbssap") && ($key != "vgbxiferp") && ($key != $arg['vgbxiferp']."decode")) { if (is_array($val)) { foreach ($val as $_inkey => $_inval) { $_param .= "&".urlencode($key)."[". urlencode($_inkey)."]=".urlencode($_inval); } } else $_param .= "&".urlencode($key)."=".urlencode($val); } } $url = ($settings['INDEXURL'] != "") ? "http://".$settings['INDEXURL'] : "index.".EXT; if ($url[strlen($url)-1] == "/") $url .= "index.".EXT; if (strpos($url,"?") == 0) $url .= "?"; $_c = explode("?",$url); if ($_c[1] != "") $url .= "&"; $url .= $arg['vgbxiferp']."decode=".urlencode($sessionID)."&show=".$arg['vgbegap'].$_param; $jurl = str_replace("&","&",$url); echo vgb_startXHTML($enc)." ".$lang['login']." "; setStyle(); echo "
".$lang['notRedirected']."
"; vgb_saveAction(17); } } } } } function login() { global $enc,$lang,$arg,$settings,$screenparam,$PFIX; if (isset($arg['vgbegap']) && isset($arg['vgbxiferp']) && ($arg['vgbnigol'] != "")) { $query = vgb_query("select * from VGB_ENTRY where ID = ".intval($arg['vgbnigol'])); if (vgb_numrows($query) != 0) { $entry = vgb_result($query); if ($settings['ASKPRIVATE'] && !is_null($entry['PRIVATE'])) { $_param = ""; foreach ($arg as $key => $val) if ($key != $PFIX."decode") { if (is_array($val)) { foreach ($val as $_inkey => $_inval) { $_param .= "&".urlencode($key)."[". urlencode($_inkey)."]=".urlencode($_inval); } } else $_param .= "&".urlencode($key)."=".urlencode($val); } $_link1 = "screen.".EXT."?$screenparam&"; $_link2 = "vgbssapdnes=".$arg['vgbnigol']; echo vgb_startXHTML($enc)." ".$lang['login'].""; setStyle(); echo "
".$lang['privateEntry']."

".$lang['enterPassword'].":

"; if (!is_null($entry['EMAIL'])) echo "» ".$lang['sendPassword']."

"; echo "

[ ".$lang['back']." ]
"; vgb_saveAction(16,$entry['NAME']); } } } } function emoticon() { global $enc,$arg,$settings,$skinDir; vgb_setSkinDir(); echo vgb_startXHTML($enc)." Emoticons"; setStyle(); echo " "; $query = vgb_query("select * from VGB_EMOTICON order by PRIORITY asc"); while ($emoticon = vgb_result($query)) echo " ".
                  htmlspecialchars($emoticon[ "; echo " "; } function success( $inText, $p = false ) { global $enc,$lang; echo vgb_startXHTML($enc)." "; setStyle(); echo "
".$inText."


[ ".$lang['closeWindow']." ]
"; } function failure( $inText, $close = false ) { global $lang,$enc; echo vgb_startXHTML($enc)." ".$lang['errorOccured'].""; setStyle(); echo "
$inText


"; if ($close) echo "[ ".$lang['closeWindow']." ]"; else echo "[ ".$lang['back']." ]"; echo "
"; exit(); } function mailauth( $id ) { global $settings; $auth = false; if ($settings['USEMAILER'] && ($id != "")) if ($id[0] == 'a') { $id = substr($id,1); $q = vgb_query("select * from VGB_COMMENT where UNMODERATED = 0 and ID = ".intval($id)); if (vgb_numrows($q) > 0) { $c = vgb_result($q); if (!is_null($c['EMAIL'])) { $m = $c['EMAIL']; $n = $c['NAME']; $q = vgb_query("select * from VGB_ENTRY where UNMODERATED = 0 and ID = ".intval($c['ENTRYID'])); if ((vgb_numrows($q) > 0) && loggedIn($c['ENTRYID'])) $auth = true; } } } else { $q = vgb_query("select * from VGB_ENTRY where UNMODERATED = 0 and ID = ".intval($id)); if (vgb_numrows($q) > 0) { $e = vgb_result($q); if (!is_null($e['EMAIL']) && loggedIn($id)) { $auth = true; $n = $e['NAME']; $m = $e['EMAIL']; } } } if ($auth) return array( $m, $n ); else return null; } function gbsend() { global $settings,$lang,$arg,$_IP,$errorMSG,$validated,$_hostname; $parameters = array("vgbdi","vgbtcejbus","vgbtxetliam","vgbotylper"); if (($settings['USETICKETS']&2)>0) { $parameters[] = "vgbdit"; $parameters[] = "vgbedoct"; } foreach ($parameters as $_parameter) { if (!isset($arg[$_parameter])) { exit(); } } $arg['vgbotylper'] = trim($arg['vgbotylper']); $arg['vgbtcejbus'] = trim($arg['vgbtcejbus']); $arg['vgbtxetliam'] = trim($arg['vgbtxetliam']); // check for spammer $a = (($arg['vgbdi'] == "") || ($arg['vgbdi'][strlen($arg['vgbdi'])-1] != "x")) ? null : mailauth(substr($arg['vgbdi'],0,-1)); // check for spammer if (!is_null($a)) { $validated = ((($settings['USETICKETS']&2) > 0) && vgb_isTicket($arg['vgbdit'],$arg['vgbedoct'])) ? true : false; vgb_query("delete from VGB_MAILSPAM where ". "date_add(TSTAMP,interval ".MAILSPAMTIME." minute) < now()"); $q = vgb_query("select * from VGB_MAILSPAM where IP = '".$_IP."'"); $n = vgb_numrows($q); $query = vgb_query("select * from VGB_MAILSPAM where IP = '". $_IP."' and EMAIL = '".addSlashes($a[0])."'"); if (vgb_numrows($query) != 0) { // possible spammer detected => ask to retry later vgb_query("update VGB_MAILSPAM set TSTAMP". " = now() where IP = '".$_IP. "' and EMAIL = '".addSlashes($a[0])."'"); $errorMSG = $lang['mailSpam']; } elseif ($settings['MAILLIMIT'] && ($settings['MAILLIMIT'] <= $n)) $errorMSG = $lang['noMail']; elseif ((($settings['USETICKETS']&2) > 0) && !$validated) $errorMSG = $lang['wrongValidation']; elseif (($arg['vgbotylper'] != "") && !vgb_isValidEmail($arg['vgbotylper'])) $errorMSG = $lang['wrongField'].$lang['replyTo']; elseif ($arg['vgbtcejbus'] == "") $errorMSG = $lang['noFieldValue'].$lang['subject']; elseif ($arg['vgbtxetliam'] == "") $errorMSG = $lang['noFieldValue'].$lang['message']; else { // no spammer but save the ip in spamlist vgb_query("insert into VGB_MAILSPAM values('". $_IP."','".date("Y-m-d H:i:s")."','".addSlashes($a[0])."')"); $ml = vgb_result(vgb_query("select * from VGB_EMAIL where ID = 20")); $m = (is_null($ml['MESSAGE'])) ? "" : $ml['MESSAGE']; if (strpos($m,"::text::") === false) $m .= "::text::"; $now = localtime(time(),1); if (strlen($now['tm_sec']) == 1) $now['tm_sec'] = "0".$now['tm_sec']; if (strlen($now['tm_min']) == 1) $now['tm_min'] = "0".$now['tm_min']; if (strlen($now['tm_hour']) == 1) $now['tm_hour'] = "0".$now['tm_hour']; $time = $now['tm_hour'].":".$now['tm_min'].":".$now['tm_sec']; $dtime = vgb_diffTime($time); $today = getdate(time()); if (strlen($today['mon']) == 1) $today['mon'] = "0".$today['mon']; $ddate = vgb_diffDate($time,$today['year']."-".$today['mon']."-". $today['mday']); $date = explode("-",$ddate); $mSub = array("url" => $settings['INDEXURL'], "date" => vgb_dateOut($date), "time" => $dtime, "ip" => $_IP, "host" => $_hostname, "text" => $arg['vgbtxetliam']); foreach ($mSub as $k => $v) { $m = str_replace("::".$k."::",$v,$m); } $h = ($arg['vgbotylper'] != "") ? array("Reply-To" => $arg['vgbotylper']) : array(); if ($settings['CHECKMAILS']) { vgb_query("insert into VGB_EMAIL values (null,0,'".addSlashes($arg['vgbtcejbus'])."','".addSlashes($m)."',0,1,'$_IP','".addSlashes($_hostname)."','".date("Y-m-d H:i:s")."','".addSlashes($a[0])."','".addSlashes($arg['vgbotylper'])."')"); $am = vgb_getAdminEmails("ENTRY"); if ($am != '') vgb_notification(10,$am,null, array("email" => $a[0], "text" => $m, "subject" => $arg['vgbtcejbus'], "reply" => $arg['vgbotylper']), $lang['emailSubject'],$lang['emailSubject']); $stat = $lang['mailCheck']; } else if (!vgb_mail($a[0],$arg['vgbtcejbus'],$m,$h)) $errorMSG = $lang['sendMailFail']; else $stat = $lang['sendMailSuccess']; } if (isset($errorMSG)) { print_mailform($arg['vgbdi']); vgb_saveAction(19,$a[0]."
".$errorMSG); } else { vgb_saveAction(19,$a[0]); success($stat,true); } } } function mailer() { global $enc,$settings,$lang,$arg,$screenparam; $id = $arg['vgbreliam']; $a = mailauth($id); if (!is_null($a)) { echo vgb_startXHTML($enc)." ".$lang['sendEmail'].""; setStyle(); echo "
".$lang['mailto']." ".vgb_outName($a[1])."
"; } } function mailform() { global $settings,$lang,$arg,$screenparam,$validated; $id = $arg['vgbmrofliam']; $a = mailauth($id); if (!is_null($a)) { $validated = false; print_mailform($id); $q = ($id[0]=='a') ? vgb_query("select NAME from VGB_COMMENT where ID = ".intval(substr($id,1))) : vgb_query("select NAME from VGB_ENTRY where ID = ".intval($id)); $e = vgb_result($q); vgb_saveAction(18,$e['NAME']); } } function print_mailform( $id ) { global $enc,$lang,$settings,$errorMSG,$screenparam,$arg,$validated; if ($id[strlen($id)-1] == "x") $id = substr($id,0,strlen($id)-1); echo vgb_startXHTML($enc)." ".$lang['sendEmail'].""; setStyle(); echo "
"; if (isset($errorMSG)) echo ""; if ($validated) echo ""; elseif (($settings['USETICKETS']&2)>0) { $tid = vgb_newTicket(); echo ""; } echo "
$errorMSG

".$lang['enterCode'].":
".$lang['replyTo'].":
".$lang['subject'].":
".$lang['message'].":

"; } function BBCodeInfo() { global $enc,$settings,$skinDir,$lang,$arg; function BBCodeRow( $name, $examples ) { echo " $name: "; $i = 1; $max = sizeof($examples); foreach ($examples as $example) { echo "$example =
".vgb_BBCode($example); if ($i < $max) echo "
"; $i++; } echo ""; } echo vgb_startXHTML($enc)." BBCode"; setStyle(); echo "
BBCode
".$lang['bbcodeInfo']."
".$lang['elements']."
"; $cm = $settings['BBCODEMASK']; if ($cm&512) BBCodeRow ($lang['link'],array("[url=www.google.com]".$lang['exampleLink']."[/url]")); if ($cm&1) BBCodeRow ($lang['bold'],array("[b]".$lang['exampleText']."[/b]")); if ($cm&2) BBCodeRow ($lang['italic'],array("[i]".$lang['exampleText']."[/i]")); if ($cm&4) BBCodeRow ($lang['underline'],array( "[u]".$lang['exampleText']."[/u]")); if ($cm&16) BBCodeRow ($lang['quote'],array( "[quote]".$lang['exampleText']."[/quote]","[quote=Nobody]".$lang['exampleText']."[/quote]")); if ($cm&8) BBCodeRow ($lang['code'],array( "[code]".$lang['exampleText']."[/code]")); if ($cm&32) BBCodeRow ($lang['left'],array( "[left]".$lang['exampleText']."[/left]")); if ($cm&64) BBCodeRow ($lang['center'],array( "[center]".$lang['exampleText']."[/center]")); if ($cm&128) BBCodeRow ($lang['right'],array( "[right]".$lang['exampleText']."[/right]")); if ($cm&8192) BBCodeRow ($lang['image'],array("[img]http://www.gnu.org/graphics/gnu-head-sm.jpg[/img]")); if ($cm&2048) { $lines = array(); $i = $settings['SIZEMIN']; while ($i <= $settings['SIZEMAX']) { $lines[] = "[size=$i]".$lang['exampleText']."[/size]"; $i++; } BBCodeRow ($lang['size'],$lines); } if (($cm&16384) || (($cm&1024) && ($settings['USERCOLORS'] != ""))) { $lines = array(); if ($cm&1024) { $lines[] = "[color=#FF0000]".$lang['exampleText']."[/color]"; } if (($cm&16384) && ($settings['USERCOLORS'] != "")) { $colors = explode("\n",$settings['USERCOLORS']); foreach ($colors as $color) { $name = explode("=",$color); $lines[] = "[color=".$name[0]."]".$lang['exampleText']."[/color]"; } } BBCodeRow ($lang['color'],$lines); } if ($cm&4096) { $lines = array(); if ($settings['USERFONTS'] == "") $lines[] = "[font=Times]".$lang['exampleText']."[/font]"; else { $fonts = explode("\n",$settings['USERFONTS']); foreach ($fonts as $font) { $lines[] = "[font=$font]".$lang['exampleText']."[/font]"; } } BBCodeRow ($lang['font'],$lines); } if ($cm&256) BBCodeRow ($lang['list'],array("[list][*] ". $lang['option']." 1 [*] ".$lang['option']." 2[/list]")); echo "

"; vgb_saveAction(9); } ?>