check_captcha($_POST['captcha'], $_POST['captcha_hash'])) $run=1;
if(mysql_num_rows(safe_query("SELECT * FROM ".PREFIX."user WHERE nickname = '$name' "))) $name = '*'.$name.'*';
}
if(!empty($name) && !empty($message) && $run) {
$date=time();
$ip = $_SERVER['REMOTE_ADDR'];
$ergebnis = safe_query("SELECT * FROM ".PREFIX."shoutbox ORDER BY date DESC LIMIT 0,1");
$ds=mysql_fetch_array($ergebnis);
if(($ds[message] != $message) OR ($ds[name] != $name)) safe_query("INSERT INTO ".PREFIX."shoutbox (date, name, message, ip) VALUES ( '$date', '$name', '$message', '$ip' ) ");
}
redirect("shoutbox_content.php?action=show",'',0);
}
elseif($_GET['action']=="delete") {
include("_mysql.php");
include("_settings.php");
include('_functions.php');
if(!isfeedbackadmin($userID)) die('No access.');
foreach($_POST['shoutID'] as $id) {
safe_query("DELETE FROM ".PREFIX."shoutbox WHERE shoutID='$id'");
}
header("Location: index.php?site=shoutbox_content&action=showall");
}
elseif($_GET['action']=="showall") {
eval ("\$title_shoutbox = \"".gettemplate("title_shoutbox")."\";");
echo $title_shoutbox;
$all = safe_query("SELECT count(shoutID) FROM ".PREFIX."shoutbox ORDER BY date");
$all = mysql_result($all, 0);
$pages=1;
if(!isset($page)) $page = 1;
if(!isset($type)) $type = "DESC";
$max=$maxsball;
for ($n=$max; $n<=$all; $n+=$max) {
if($all>$n) $pages++;
}
if($pages>1) $page_link = makepagelink("index.php?site=shoutbox_content&action=showall&type=$type", $page, $pages);
if ($page == "1") {
$ergebnis = safe_query("SELECT * FROM ".PREFIX."shoutbox ORDER BY date $type LIMIT 0,$max");
if($type=="DESC") $n=$all;
else $n=1;
}
else {
$start=$page*$max-$max;
$ergebnis = safe_query("SELECT * FROM ".PREFIX."shoutbox ORDER BY date $type LIMIT $start,$max");
if($type=="DESC") $n = $all-($page-1)*$max;
else $n = ($page-1)*$max+1;
}
if($type=="ASC")
$sorter='Sort: ';
else
$sorter='Sort: ';
echo'
'.$sorter.' '.$page_link.' |
';
eval ("\$shoutbox_all_head = \"".gettemplate("shoutbox_all_head")."\";");
echo $shoutbox_all_head;
$i=1;
while($ds=mysql_fetch_array($ergebnis)) {
$i%2 ? $bg1=BG_1 : $bg1=BG_2;
$date=date("d.m - H:i", $ds[date]);
$name=cleartext($ds[name]);
$message=cleartext($ds[message]);
$ip='logged';
if(isfeedbackadmin($userID)) {
$actions='';
$ip=$ds[ip];
}
else $actions='';
eval ("\$shoutbox_all_content = \"".gettemplate("shoutbox_all_content")."\";");
echo $shoutbox_all_content;
if($type=="DESC") $n--;
else $n++;
$i++;
}
eval ("\$shoutbox_all_foot = \"".gettemplate("shoutbox_all_foot")."\";");
echo $shoutbox_all_foot;
if(isfeedbackadmin($userID)) $submit=' select all
';
echo'
'.$page_link.' |
'.$submit.' |
';
if($pages>1) $page_link = makepagelink("index.php?site=shoutbox_content&action=showall", $page, $pages);
}
else {
include("_mysql.php");
include("_settings.php");
include("_functions.php");
$pagebg=PAGEBG;
$border=BORDER;
$bghead=BGHEAD;
$bgcat=BGCAT;
$bg1=BG_1;
if(!$sbrefresh) $sbrefresh = 60;
eval ("\$shoutbox_head = \"".gettemplate("shoutbox_head")."\";");
echo $shoutbox_head;
$ergebnis=safe_query("SELECT * FROM ".PREFIX."shoutbox ORDER BY date DESC LIMIT 0,".$maxshoutbox."");
while($ds=mysql_fetch_array($ergebnis)) {
$date=date("H:i", $ds[date]);
$name=clearfromtags($ds[name]);
$message=cleartext($ds[message], false);
eval ("\$shoutbox_content = \"".gettemplate("shoutbox_content")."\";");
echo $shoutbox_content;
}
eval ("\$shoutbox_foot = \"".gettemplate("shoutbox_foot")."\";");
echo $shoutbox_foot;
}
?>