API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 24th, 2014
214
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 38.08 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. // -------------------------------------------------------------------------//
  3. // Nuked-KlaN - PHP Portal //
  4. // http://www.nuked-klan.org //
  5. // -------------------------------------------------------------------------//
  6. // This program is free software. you can redistribute it and/or modify //
  7. // it under the terms of the GNU General Public License as published by //
  8. // the Free Software Foundation; either version 2 of the License. //
  9. // -------------------------------------------------------------------------//
  10. defined('INDEX_CHECK') or die;
  11.  
  12. global $language, $user, $cookie_captcha;
  13. translate("modules/Comment/lang/$language.lang.php");
  14. include_once('Includes/nkCaptcha.php');
  15. if (_NKCAPTCHA == "off") $captcha = 0;
  16. else if ((_NKCAPTCHA == 'auto' OR _NKCAPTCHA == 'on') && $user[1] > 0) $captcha = 0;
  17. else $captcha = 1;
  18. $visiteur = ($user) ? $user[1] : 0;
  19.  
  20. function verification($module, $im_id){
  21. global $nuked;
  22.  
  23. if(empty($module)) $module = $_REQUEST['file'];
  24.  
  25. if($module == "News" || $module == "news"):
  26.  
  27. $WhereModule = 'news';
  28. $sqlverif = 'news';
  29. $specification = 'id';
  30.  
  31. elseif($module == "Download" || $module == "download"):
  32.  
  33. $WhereModule = 'download';
  34. $sqlverif = "downloads";
  35. $specification = "id";
  36.  
  37. elseif($module == "Sections" || $module == "sections"):
  38.  
  39. $WhereModule = 'sections';
  40. $sqlverif = "sections";
  41. $specification = "artid";
  42.  
  43. elseif($module == "Links" || $module == "links"):
  44.  
  45. $WhereModule = 'links';
  46. $sqlverif = "liens";
  47. $specification = "id";
  48.  
  49. elseif($module == "Wars" || $module == "match"):
  50.  
  51. $WhereModule = 'wars';
  52. $sqlverif = "match";
  53. $specification = "warid";
  54.  
  55. elseif($module == "Gallery" || $module == "gallery"):
  56.  
  57. $WhereModule = 'gallery';
  58. $sqlverif = "gallery";
  59. $specification = "sid";
  60.  
  61. elseif($module == "Survey" || $module == "survey"):
  62.  
  63. $WhereModule = 'survey';
  64. $sqlverif = "sondage";
  65. $specification = "sid";
  66.  
  67. elseif($module == "Docus" || $module == "Docus"):
  68.  
  69. $WhereModule = 'Docus';
  70. $sqlverif = "Docus";
  71. $specification = "artid";
  72. endif;
  73.  
  74. $Sql = mysql_query("SELECT active FROM " . $nuked['prefix'] . "_comment_mod WHERE module = '$WhereModule'");
  75. list($active) = mysql_fetch_array($Sql);
  76.  
  77. $Str = mysql_query("SELECT * FROM " . $nuked['prefix'] . "_$sqlverif WHERE $specification = '" . intval($im_id) . "'");
  78.  
  79. return (mysql_num_rows($Str) > 0 && $active == 1);
  80. }
  81.  
  82. function NbComment($im_id, $module){
  83. $im_id = mysql_real_escape_string(stripslashes($im_id));
  84. $module = mysql_real_escape_string(stripslashes($module));
  85. $Sql = mysql_query("SELECT id FROM ".COMMENT_TABLE." WHERE im_id = '$im_id' AND module = '$module'");
  86. return mysql_num_rows($Sql);
  87. }
  88.  
  89. function com_index($module, $im_id){
  90. global $user, $bgcolor1, $bgcolor2, $bgcolor3, $nuked, $visiteur, $language, $captcha;
  91.  
  92. define('EDITOR_CHECK', 1);
  93. ?>
  94. <script type="text/javascript">
  95. <!--
  96. function sent(pseudo, module, im_id, code){
  97. var editor_val = CKEDITOR.instances.e_basic.document.getBody().getChild(0).getText();
  98. var editor_txt = CKEDITOR.instances.e_basic.getData();
  99. if(editor_val == ''){
  100. alert('<?php echo _NOTEXT; ?>');
  101. return false;
  102. }
  103. else if(pseudo == ''){
  104. alert('<?php echo _NONICK; ?>');
  105. return false;
  106. }
  107. else if(code == ''){
  108. alert('<?php echo _CAPTCHACOM; ?>');
  109. return false;
  110. }
  111. else{
  112. var OAjax;
  113. if (window.XMLHttpRequest) OAjax = new XMLHttpRequest();
  114. else if (window.ActiveXObject) OAjax = new ActiveXObject('Microsoft.XMLHTTP');
  115. OAjax.open('POST',"index.php?file=Comment&nuked_nude=index&op=post_comment",true);
  116. OAjax.onreadystatechange = function(){
  117. if (OAjax.readyState == 4 && OAjax.status==200){
  118. if (document.getElementById){
  119. document.getElementById("message").innerHTML = '<div style="margin:25px 5px;padding:10px 0;text-align:center;border:1px solid #e3e3e3;background:#edfff7;color:#333"><b><?php echo _THXCOM; ?></b></div>';
  120. document.location = document.location;
  121. }
  122. }
  123. }
  124. OAjax.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
  125. OAjax.send("texte="+encodeURIComponent(editor_txt)+"&pseudo="+pseudo+"&module="+module+"&im_id="+im_id+"&ajax=1&code_confirm="+code+"");
  126. return true;
  127. }
  128. }
  129. -->
  130. </script>
  131. <style>
  132. .commentslistnono:after { border-color: #fff; }
  133. .commentslistnono:before { background-color: #fff; }
  134. .commentslistnono .comment {
  135. background: #fff;
  136. border-radius: 10px;
  137. font-size: 11px;
  138. padding: 10px 15px;
  139. }
  140. .commentslistnono [class*="level-"] .photo:before { background-color: #fff; }
  141. .commentslistnono .meta { color: #ccc; }
  142. .commentslistnono .meta a { color: inherit; }
  143. .commentslistnono .meta a:hover { color: #34b5d0; }
  144. .commentslistnono .body { color: #888; }
  145.  
  146. /**
  147. * commentslistnono Thread
  148. */
  149. .commentslistnono {
  150. list-style-type: none;
  151. padding: 5px 0 0 46px;
  152. position: relative;
  153. margin-left:auto;margin-right:auto;
  154. width: 90%;
  155.  
  156. }
  157. .commentslistnono:before,
  158. .commentslistnono .comment,
  159. .commentslistnono .comment:after,
  160. .commentslistnono .comment:before,
  161. .commentslistnono .photo img,
  162. .commentslistnono [class*="level-"] .photo:before {
  163. -webkit-box-shadow: 0 1px 3px rgba(0,0,0,.4);
  164. -moz-box-shadow: 0 1px 3px rgba(0,0,0,.4);
  165. box-shadow: 0 1px 3px rgba(0,0,0,.4);
  166. }
  167. .commentslistnono:after,
  168. .commentslistnono:before {
  169. display: block;
  170. content: '';
  171. position: absolute;
  172. }
  173. .commentslistnono:before {
  174. -webkit-border-radius: 0 0 5px 5px;
  175. -moz-border-radius: 0 0 5px 5px;
  176. border-radius: 0 0 5px 5px;
  177. height: 100%;
  178. width: 8px;
  179. left: 0;
  180. top: 0;
  181. }
  182. .commentslistnono:after {
  183. box-shadow: 0 1px 3px rgba(0,0,0,.4), 0 1px 3px rgba(0,0,0,.4) inset;
  184. border-width: 4px;
  185. border-style: solid;
  186. -webkit-border-radius: 18px;
  187. -moz-border-radius: 18px;
  188. border-radius: 18px;
  189. height: 10px;
  190. width: 10px;
  191. left: -5px;
  192. top: -18px;
  193. z-index: 99999;
  194. }
  195. .commentslistnono .comment {
  196. margin-bottom: 10px;
  197. position: relative;
  198. }
  199. .commentslistnono .comment:after,
  200. .commentslistnono .comment:before {
  201. -webkit-border-radius: 10px;
  202. -moz-border-radius: 10px;
  203. border-radius: 10px;
  204. background-color: #fff;
  205. position: absolute;
  206. display: block;
  207. content: '';
  208. }
  209. .commentslistnono .comment:after {
  210. width: 12px;
  211. height: 12px;
  212. left: -14px;
  213. top: 7px;
  214. }
  215. .commentslistnono .comment:before {
  216. width: 5px;
  217. height: 5px;
  218. left: -22px;
  219. top: 16px;
  220. }
  221. .commentslistnono .photo {
  222. position: absolute;
  223. left: -60px;
  224. top: 2px;
  225. }
  226. .commentslistnono .photo img {
  227. background: <?php echo $bgcolor3; ?>;
  228. height: 32px;
  229. width: 32px;
  230. padding:1px;
  231. border: 1px solid #fff;
  232. border-radius: 32px;
  233. overflow: hidden;
  234. }
  235. .commentslistnono .meta { margin-bottom: 5px; }
  236. .commentslistnono .meta .reply { display: none; float: right; }
  237. .commentslistnono .comment:hover .reply { display: block; }
  238. .commentslistnono [class*="level-"] .photo:before {
  239. display: block;
  240. content: '';
  241. position: absolute;
  242. margin-top: -2px;
  243. height: 4px;
  244. width: 20px;
  245. left: -10px;
  246. top: 50%;
  247. z-index: -1;
  248. }
  249. .commentslistnono .level-2 { margin-left: 30px; }
  250. .commentslistnono .level-3 { margin-left: 50px; }
  251. .commentslistnono .level-4 { margin-left: 70px; }
  252. .commentslistnono .level-5 { margin-left: 90px; }
  253. .commentslistnono .level-6 { margin-left: 110px; }
  254. .commentslistnono .level-3 .photo:before { width: 40px; left: -30px;}
  255. .commentslistnono .level-4 .photo:before { width: 60px; left: -50px;}
  256. .commentslistnono .level-5 .photo:before { width: 80px; left: -70px;}
  257. .commentslistnono .level-6 .photo:before { width: 100px; left: -90px;}
  258. </style>
  259.  
  260. <?php
  261.  
  262. $level_access = nivo_mod("Comment");
  263. $level_admin = admin_mod("Comment");
  264. $NbComment = NbComment($im_id, $module);
  265.  
  266. if(verification($_REQUEST['file'],$im_id)){
  267. /*
  268. echo '<h3 style="text-align: center">' . _LAST4COMS . '</h3>
  269. <table style="background:'.$bgcolor3.';margin:5px" width="98%" cellpadding="3" cellspacing="1">
  270. <tr style="background:'.$bgcolor3.';">
  271. <td style="width:30%;text-align:center"><b>'._AUTHOR.'</b></td>
  272. <td style="width:70%;text-align:center"><b>'._COMMENT.'</b></td>
  273. </tr>';
  274. */
  275. $sql = mysql_query("SELECT id, titre, comment, autor, autor_id, date, autor_ip FROM ".COMMENT_TABLE." WHERE im_id = '$im_id' AND module = '$module' ORDER BY id DESC LIMIT 0, 4");
  276. $count = mysql_num_rows($sql);
  277. if ( $count > 0 ) {
  278. echo '<ul class="commentslistnono">';
  279. while($row = mysql_fetch_assoc($sql)){
  280. $test = 0;
  281. $row['date'] = nkDate($row['date']);
  282. $row['titre'] = htmlentities($row['titre']);
  283. $row['titre'] = nk_CSS($row['titre']);
  284. $row['autor'] = nk_CSS($row['autor']);
  285. $texte = (!empty($row['titre'])) ? '<b>'.$row['titre'].'</b><br /><br />'.$row['comment'] : $row['comment'];
  286.  
  287. if(!empty($row['autor_id'])){
  288. $sql_member = mysql_query("SELECT pseudo, avatar, country FROM ".USER_TABLE." WHERE id = '{$row['autor_id']}'");
  289. $test = mysql_num_rows($sql_member);
  290. }
  291.  
  292. if(!empty($row['autor_id']) && $test > 0) list($autor, $avatar, $country) = mysql_fetch_array($sql_member);
  293. else $autor = $row['autor'];
  294.  
  295. if(empty($avatar)) $avatar = "http://www.streamzer.net/modules/Comment/images/noavatar.png";
  296. if(empty($country)) $country = "France.gif";
  297.  
  298. if($j == 0){$bg = $bgcolor2; $j++;}
  299. else{$bg = $bgcolor1; $j = 0;}
  300.  
  301. if ($visiteur >= $level_admin && $level_admin > -1){
  302.  
  303. echo '<script type="text/javascript">function delmess(pseudo, id){if(confirm(\''._DELCOMMENT.' \'+pseudo+\' ! '._CONFIRM.'\')){document.location.href = \'index.php?file=Comment&page=admin&op=del_com&cid=\'+id;}}</script>';
  304.  
  305. $admin = '<a href="index.php?file=Comment&amp;page=admin&amp;op=edit_com&amp;cid='.$row['id'].'"><img style="border:none;" src="modules/Forum/images/buttons/'.$language.'/edit.gif" alt="" title="'._EDITTHISCOM.'" /></a>&nbsp;<a href="javascript:delmess(\''.mysql_real_escape_string(stripslashes($autor)).'\', \''.$row['id'].'\');"><img style="border:none;" src="modules/Forum/images/delete.gif" alt="" title="'._DELTHISCOM.'" /></a>';
  306.  
  307. }else $admin = '';
  308. /*
  309. echo '<tr style="background:'.$bg.';">
  310. <td style="width:30%;" valign="top"><img src="images/flags/'.$country.'" alt="'.$country.'" />&nbsp;<b>'.$autor.'</b>';
  311.  
  312. if ($visiteur >= $level_admin && $level_admin > -1) echo '<br />Ip : '.$row['autor_ip'];
  313.  
  314. echo '<br /><br /><img src="'.$avatar.'" style="max-width: 100px; max-height: 100px;" alt="" />';
  315.  
  316. $profil = ($test > 0) ? '<a href="http://www.streamzer.net/index.php?file=Members&amp;op=detail&amp;autor='.urlencode($autor).'"><img style="border:none;" src="modules/Forum/images/buttons/'.$language.'/profile.gif" alt="" /></a>' : '';
  317.  
  318. echo ' </td>
  319. <td style="width:70%;" valign="top">
  320. <img src="images/posticon.gif" alt="" /><small> '._POSTED.' : '.$row['date'].'</small>
  321. <br /><br />'.$texte.'<br /><br />
  322. </td>
  323. </tr>
  324. <tr style="background:'.$bg.';">
  325. <td style="width:30%;">&nbsp;</td>
  326. <td colspan="2">'.$profil.'&nbsp;'.$admin.'<br /></td>
  327. </tr>';
  328. */
  329. echo '<li class="comment">
  330. <a href="http://www.streamzer.net/index.php?file=Members&amp;op=detail&amp;autor='.urlencode($autor).'" title="Profil de '.urlencode($autor).'" class="photo"><img src="'.$avatar.'" alt="'.urlencode($autor).'"></a>
  331. <div class="meta">'.urlencode($autor).' | '._POSTED.' '.$row['date'].' <a href="#message" class="reply">Réagir</a></div>
  332. <div class="body">'.$texte.'</div>
  333. </li>';
  334. unset($avatar, $autor, $country);
  335. }
  336. }
  337. echo '</ul>';
  338. if ($count == "0") echo '<tr style="background:'.$bgcolor2.';"><td align="center" colspan="2">'._NOCOMMENT.'</td></tr>';
  339.  
  340. echo '</table>';
  341.  
  342. if ($count >= 0){
  343. echo '<div style="text-align:center;padding:10px 10px 0 0"><b>'._COMMENTS.' :</b>&nbsp;'.$NbComment.'&nbsp;';
  344.  
  345. if ($visiteur >= $level_access && $level_access > -1){
  346. echo '<br />[ <a href="#" onclick="javascript:window.open(\'http://www.streamzer.net/index.php?file=Comment&amp;nuked_nude=index&amp;op=view_com&amp;im_id='.$im_id.'&amp;module='.$module.'\',\'popup\',\'toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=600,height=480,top=100,left=100\');return(false)">'._VIEWCOMMENT.'</a> ]';
  347. }
  348. echo '</div>';
  349. }
  350.  
  351. $Soumission = 'sent(this.compseudo.value, this.module.value, this.imid.value, this.code.value);return false;';
  352.  
  353. echo '<div id="message">
  354. </form><form method="post" onsubmit="'.$Soumission.'" action="">
  355. <table width="100%" cellspacing="5" cellpadding="0" border="0" style="padding-top:15px">';
  356. if($user) echo '<tr style="display: none"><td colspan="2"><input id="compseudo" type="hidden" name="pseudo" value="'.$user[2].'" /></td></tr>';
  357. else {
  358. echo '<tr>
  359. <td style="padding-left:5px;width:30%"><b>'._NICK.' :</b></td>
  360. <td><input id="compseudo" type="text" size="30" name="pseudo" maxlength="30" /></td>
  361. </tr>';
  362. }
  363. echo '<tr>
  364. <td colspan="2" align="center" style="padding-top: 10px"><textarea id="e_basic" name="comtexte" cols="40" rows="3"></textarea></td>
  365. </tr>';
  366.  
  367. if ($captcha == 1) create_captcha(2);
  368. else echo '<tr><td colspan="2"><input type="hidden" id="code" name="code" value="0" /></td></tr>';
  369.  
  370. echo ' <tr>
  371. <td colspan="2" align="center">
  372. <input type="hidden" id="imid" name="im_id" value="'.$im_id.'" />
  373. <input type="hidden" id="module" name="module" value="'.$module.'" />
  374. <input type="submit" value="'._SEND_COM.'" />
  375. </td>
  376. </tr>
  377. </table>
  378. </form>
  379. </div>';
  380. }
  381. }
  382.  
  383.  
  384.  
  385. function view_com($module, $im_id){
  386.  
  387. global $user, $bgcolor2, $bgcolor3, $theme, $nuked, $language, $visiteur;
  388.  
  389. if(!verification($module,$im_id)) exit();
  390. if ($language == "french" && strpos("WIN", PHP_OS)) setlocale (LC_TIME, "french");
  391. else if ($language == "french" && strpos("BSD", PHP_OS)) setlocale (LC_TIME, "fr_FR.ISO8859-1");
  392. else if ($language == "french") setlocale (LC_TIME, "fr_FR");
  393. else setlocale (LC_TIME, $language);
  394.  
  395. $level_access = nivo_mod("Comment");
  396. $level_admin = admin_mod("Comment");
  397. $module = mysql_real_escape_string(stripslashes($module));
  398.  
  399. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  400. <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr">
  401. <head><title>'._COMMENTS.'</title>
  402. <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
  403. <meta http-equiv="content-style-type" content="text/css" />
  404. <link title="style" type="text/css" rel="stylesheet" href="themes/'.$theme.'/style.css" /></head>
  405. <body style="background:'.$bgcolor2.';">
  406. <script type="text/javascript">function delmess(autor, id){if (confirm(\''._DELCOMMENT.' \'+autor+\' ! '._CONFIRM.'\')){document.location.href = \'index.php?file=Comment&nuked_nude=index&op=del_comment&cid=\'+id;}}</script>';
  407.  
  408. $sql = mysql_query("SELECT id, titre, comment, autor, autor_id, date, autor_ip FROM ".COMMENT_TABLE." WHERE im_id = '$im_id' AND module = '$module' ORDER BY id DESC");
  409. if (mysql_num_rows($sql) != 0){
  410.  
  411. while($row = mysql_fetch_assoc($sql)):
  412.  
  413. $row['date'] = nkDate($row['date']);
  414. $row['titre'] = htmlentities($row['titre']);
  415. $row['titre'] = nk_CSS($row['titre']);
  416. $row['autor'] = nk_CSS($row['autor']);
  417.  
  418. if(!empty($row['autor_id'])){
  419. $sql_member = mysql_query("SELECT pseudo FROM ".USER_TABLE." WHERE id ='{$row['autor_id']}'");
  420. $test = mysql_num_rows($sql_member);
  421. }
  422.  
  423. if(!empty($row['autor_id']) && $test > 0){
  424. list($author) = mysql_fetch_array($sql_member);
  425. $autor = '<a href="http://www.streamzer.net/index.php?file=Members&amp;op=detail&amp;autor='.urlencode($author).'" onclick="window.open(this.href);return false;">'.$author.'</a>';
  426. }else $autor = $row['autor'];
  427.  
  428. echo '<table style="width:90%;margin:0px auto;" cellspacing="0" cellpadding="0"><tr><td style="width:90%;"><b>'.$titre.'</b>';
  429.  
  430. if ($visiteur >= $level_admin && $level_admin > -1){
  431. echo '&nbsp;('.$row['autor_ip'].') <a href="index.php?file=Comment&amp;nuked_nude=index&amp;op=edit_comment&amp;cid='.$row['id'].'"><img style="border:none;" src="images/edit.gif" alt="" title="'._EDITTHISCOM.'" /></a><a href="javascript:delmess(\''.mysql_real_escape_string($row['autor']).'\', \''.$row['id'].'\');"><img style="border:none;" src="images/del.gif" alt="" title="'._DELTHISCOM.'"></a>';
  432. }
  433.  
  434. echo '</td></tr><tr><td><img src="images/posticon.gif" alt="" />&nbsp;'._POSTEDBY.'&nbsp;'.$autor.'&nbsp;'._THE.'&nbsp;'.$row['date'].'<br /><br />'.$row['comment'].'<br /><hr style="height:1px;color:'.$bgcolor3.';" /></td></tr></table>';
  435.  
  436. endwhile;
  437.  
  438. }else{
  439. echo '<div style="text-align:center;"><br /><br />'._NOCOMMENT.'<br /></div>';
  440. }
  441.  
  442. if ($visiteur >= $level_access && $level_access > -1){
  443. echo '<div style="text-align:center;"><br /><input type="button" value="'._POSTCOMMENT.'" onclick="document.location=\'index.php?file=Comment&amp;nuked_nude=index&amp;op=post_com&amp;im_id='.$im_id.'&amp;module='.$module.'\'" /></div>';
  444. }
  445.  
  446. echo '<div style="text-align:center;"><br />[ <a href="#" onclick="javascript:window.close();"><b>'._CLOSEWINDOW.'</b></a> ]</div></body></html>';
  447. }
  448.  
  449. function post_com($module, $im_id){
  450.  
  451. global $user, $nuked, $bgcolor2, $bgcolor4, $language, $theme, $visiteur, $captcha;
  452.  
  453. define('EDITOR_CHECK', 1);
  454.  
  455. $level_access = nivo_mod("Comment");
  456.  
  457. if(!verification($module,$im_id)){}
  458. elseif($visiteur >= $level_access && $level_access > -1){
  459. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
  460. . "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"fr\">\n"
  461. . "<head><title>" . _POSTCOMMENT . "</title>\n"
  462. . "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n"
  463. . "<meta http-equiv=\"content-style-type\" content=\"text/css\" />\n"
  464. . "<link title=\"style\" type=\"text/css\" rel=\"stylesheet\" href=\"themes/" . $theme . "/style.css\" /></head>\n"
  465. . "<body style=\"background : " . $bgcolor2 . ";\">\n";
  466.  
  467. echo "<script type=\"text/javascript\">\n"
  468. ."<!--\n"
  469. . "\n"
  470. . "function trim(string)\n"
  471. . "{"
  472. . "return string.replace(/(^\s*)|(\s*$)/g,'');"
  473. . "}\n"
  474. . "\n"
  475. . "if (trim(document.getElementById('com_pseudo').value) == \"\")\n"
  476. . "{\n"
  477. . "alert('" . _NONICK . "');\n"
  478. . "return false;\n"
  479. . "}\n"
  480. . "return true;\n"
  481. . "}\n"
  482. . "\n"
  483. . "// -->\n"
  484. . "</script>\n";
  485.  
  486. echo "</form><form method=\"post\" action=\"index.php?file=Comment&nuked_nude=index&op=post_comment\" return verifchamps();\">\n"
  487. . "<table width=\"100%\" cellspacing=\"1\" cellpadding=\"0\">\n"
  488. . "<tr><td><b>" . _TITLE . " :</b> <input type=\"text\" name=\"titre\" size=\"40\" maxlength=\"40\" /><br /><br /></td></tr>\n"
  489. . "<tr><td><b>" . _MESSAGE . " :</b><br />"
  490. . "<textarea id=\"e_basic\" name=\"texte\" cols=\"40\" rows=\"10\"></textarea></td></tr>\n"
  491. . "<tr><td><b>" . _NICK . " :</b>";
  492.  
  493. if ($user){
  494. echo "&nbsp;&nbsp;<b>" . $user[2] . "</b><input id=\"com_pseudo\" type=\"hidden\" name=\"pseudo\" value=\"" . $user[2] . "\" /></td>\n";
  495. }
  496. else{
  497. echo "<input id=\"com_pseudo\" type=\"text\" size=\"30\" name=\"pseudo\" maxlength=\"30\" /></td>\n";
  498. }
  499.  
  500. echo "</tr>";
  501.  
  502. if ($captcha == 1) create_captcha(1);
  503. else echo "<input type=\"hidden\" id=\"code\" name=\"code\" value=\"0\" />\n";
  504.  
  505. echo "<tr><td align=\"right\" colspan=\"2\">\n"
  506. . "<input type=\"hidden\" name=\"im_id\" value=\"" . $im_id . "\" />\n"
  507. . "<input type=\"hidden\" name=\"noajax\" value=\"true\" />\n"
  508. . "<input type=\"hidden\" name=\"module\" value=\"" . $module . "\" />\n"
  509. . "</td></tr></table><div style=\"text-align: center;\"><input type=\"submit\" value=\"" . _SEND . "\" /><br /></div></form>";
  510.  
  511. echo '<script type="text/javascript" src="media/ckeditor/ckeditor.js"></script>',"\n"
  512. , '<script type="text/javascript">',"\n"
  513. , '//<![CDATA[',"\n";
  514. echo ConfigSmileyCkeditor().'',"\n";
  515. echo ' CKEDITOR.replace( \'e_basic\',',"\n"
  516. , ' {',"\n"
  517. , ' toolbar : \'Basic\',',"\n"
  518. , ' language : \'' . substr($language, 0,2) . '\',',"\n";
  519. if(!empty($bgcolor4)) echo ' uiColor : \'' . $bgcolor4 . '\'',"\n";
  520. echo ' });',"\n"
  521. , '//]]>',"\n"
  522. , '</script>',"\n"
  523. , '</body></html>',"\n";
  524.  
  525. }
  526. else{
  527. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
  528. . "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"fr\">\n"
  529. . "<head><title>" . _POSTCOMMENT . "</title>\n"
  530. . "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n"
  531. . "<meta http-equiv=\"content-style-type\" content=\"text/css\" />\n"
  532. . "<link title=\"style\" type=\"text/css\" rel=\"stylesheet\" href=\"themes/" . $theme . "/style.css\" /></head>\n"
  533. . "<body style=\"background : " . $bgcolor2 . ";\">\n"
  534. . "<div style=\"text-align: center;\"><br /><br /><br />" . _NOENTRANCE . "</div><br /></div></body></html>";
  535. }
  536. }
  537.  
  538. function post_comment($im_id, $module, $titre, $texte, $pseudo){
  539. global $user, $nuked, $bgcolor2, $theme, $user_ip, $visiteur, $captcha;
  540.  
  541.  
  542.  
  543. if(!isset($_REQUEST['noajax'])){
  544. $titre = utf8_decode($titre);
  545. $texte = utf8_decode($texte);
  546. $pseudo = utf8_decode($pseudo);
  547. }
  548. $level_access = nivo_mod("Comment");
  549. if (!verification($module,$im_id)){}
  550. else if ($visiteur >= $level_access && $level_access > -1){
  551. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
  552. . "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"fr\">\n"
  553. . "<head><title>" . _POSTCOMMENT . "</title>\n"
  554. . "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n"
  555. . "<meta http-equiv=\"content-style-type\" content=\"text/css\" />\n"
  556. . "<link title=\"style\" type=\"text/css\" rel=\"stylesheet\" href=\"themes/" . $theme . "/style.css\" /></head>\n"
  557. . "<body style=\"background : " . $bgcolor2 . ";\">\n";
  558.  
  559. if ($captcha == 1 && !ValidCaptchaCode($_REQUEST['code_confirm'])){
  560. die ("<div style=\"text-align: center;\"><br /><br />" . _BADCODECONFIRM . "<br /><br /><a href=\"javascript:history.back()\">[ <b>" . _BACK . "</b> ]</a></div>");
  561. }
  562.  
  563. if ($visiteur > 0){
  564. $autor = $user[2];
  565. $autor_id = $user[0];
  566. }
  567. else{
  568. $pseudo = htmlentities($pseudo, ENT_QUOTES);
  569. $pseudo = verif_pseudo($pseudo);
  570. if ($pseudo == "error1"){
  571. die ("<div style=\"text-align: center;\"><br /><br />" . _PSEUDOFAILDED . "<br><a href=\"#\" onclick=\"history.back()\">" . _BACK . "</a></div>");
  572. }
  573. else if ($pseudo == "error2"){
  574. die ("<div style=\"text-align: center;\"><br /><br />" . _RESERVNICK . "<br><a href=\"#\" onclick=\"history.back()\">" . _BACK . "</a></div>");
  575. }
  576. else if ($pseudo == "error3"){
  577. die ("<div style=\"text-align: center;\"><br /><br />" . _BANNEDNICK . "<br><a href=\"#\" onclick=\"history.back()\">" . _BACK . "</a></div>");
  578. }
  579. else{
  580. $autor = $pseudo;
  581. $autor_id="";
  582. }
  583. }
  584.  
  585. $flood = mysql_query("SELECT date FROM " . COMMENT_TABLE . " WHERE autor = '" . $autor . "' OR autor_ip = '" . $user_ip . "' ORDER BY date DESC LIMIT 0, 1");
  586. list($flood_date) = mysql_fetch_row($flood);
  587. $anti_flood = $flood_date + $nuked['post_flood'];
  588.  
  589. $date = time();
  590.  
  591. if ($date < $anti_flood && $user[1] < admin_mod("Comment")){
  592. echo "<br /><br /><div style=\"text-align: center;\">" . _NOFLOOD . "</div><br /><br />";
  593. $url = "index.php?file=Comment&nuked_nude=index&op=view_com&im_id=" . $im_id . "&module=" . $module;
  594. redirect($url, 2);
  595. closetable();
  596. footer();
  597. exit();
  598. }
  599.  
  600. $texte = secu_html(html_entity_decode($texte));
  601. $titre = mysql_real_escape_string(stripslashes($titre));
  602. $texte = stripslashes($texte);
  603. $module = mysql_real_escape_string(stripslashes($module));
  604.  
  605. if (strlen($titre) > 40){
  606. $titre = substr($titre, 0, 40) . "...";
  607. }
  608.  
  609. $add = mysql_query("INSERT INTO " . COMMENT_TABLE . " ( `id` , `module` , `im_id` , `autor` , `autor_id` , `titre` , `comment` , `date` , `autor_ip` ) VALUES ( '' , '" . $module . "' , '" . $im_id . "' , '" . $autor . "' , '" . $autor_id . "' , '" . $titre . "' , '" . mysql_real_escape_string($texte) . "' , '" . $date . "' , '" . $user_ip . "')");
  610. echo "<div style=\"text-align: center;\"><br /><br /><br /><b>" . _COMMENTADD . "</b>";
  611.  
  612. if ($module == "news"){
  613. echo "<br /><br />[ <a href=\"#\" onclick=\"javascript:window.close();window.opener.document.location.reload(true);\">" . _CLOSEWINDOW . "</a> ]</div></body></html>";
  614. }
  615. else{
  616. echo "</div>";
  617. $url_redir = "index.php?file=Comment&nuked_nude=index&op=view_com&im_id=" . $im_id . "&module=" . $module;
  618. if ($_REQUEST['ajax'] != 1){
  619. redirect($url_redir, 2);
  620. }
  621. echo "</body></html>";
  622. }
  623. }
  624. else{
  625. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
  626. . "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"fr\">\n"
  627. . "<head><title>" . _POSTCOMMENT . "</title>\n"
  628. . "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n"
  629. . "<meta http-equiv=\"content-style-type\" content=\"text/css\" />\n"
  630. . "<link title=\"style\" type=\"text/css\" rel=\"stylesheet\" href=\"themes/" . $theme . "/style.css\" /></head>\n"
  631. . "<body style=\"background : " . $bgcolor2 . ";\">\n"
  632. . "<div style=\"text-align: center;\"><br /><br /><br />" . _NOENTRANCE . "</div><br /><br /><br />\n"
  633. . "<a href=\"#\" onclick=\"javascript:window.close()\"><b>" . _CLOSEWINDOW . "</b></a></div></body></html>";
  634. }
  635. }
  636.  
  637. function del_comment($cid){
  638. global $nuked, $user, $theme, $bgcolor2, $nuked_nude, $visiteur;
  639.  
  640. $level_admin = admin_mod("Comment");
  641.  
  642. if ($visiteur >= $level_admin){
  643. $sql = mysql_query("SELECT module, im_id FROM " . COMMENT_TABLE . " WHERE id = '" . $cid . "'");
  644. list($module, $im_id) = mysql_fetch_array($sql);
  645.  
  646. $del = mysql_query("DELETE FROM " . COMMENT_TABLE . " WHERE id = '" . $cid . "'");
  647.  
  648. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
  649. . "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"fr\">\n"
  650. . "<head><title>" . _COMMENTS . "</title>\n"
  651. . "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n"
  652. . "<meta http-equiv=\"content-style-type\" content=\"text/css\" />\n"
  653. . "<link title=\"style\" type=\"text/css\" rel=\"stylesheet\" href=\"themes/" . $theme . "/style.css\" /></head>\n"
  654. . "<body style=\"background : " . $bgcolor2 . ";\">\n"
  655. . "<div style=\"text-align: center;\"><br /><br /><br /><b>" . _COMMENTDEL . "</b></div>\n";
  656.  
  657. $url_redir = "index.php?file=Comment&nuked_nude=index&op=view_com&im_id=" . $im_id . "&module=" . $module;
  658. redirect($url_redir, 2);
  659. echo "</body></html>";
  660. }
  661. else{
  662. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
  663. . "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"fr\">\n"
  664. . "<head><title>" . _COMMENTS . "</title>\n"
  665. . "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n"
  666. . "<meta http-equiv=\"content-style-type\" content=\"text/css\" />\n"
  667. . "<link title=\"style\" type=\"text/css\" rel=\"stylesheet\" href=\"themes/" . $theme . "/style.css\" /></head>\n"
  668. . "<body style=\"background : " . $bgcolor2 . ";\">\n"
  669. . "<div style=\"text-align: center;\"><br /><br /><br />" . _ZONEADMIN . "</div>\n";
  670.  
  671. $url_redir = "index.php?file=Comment&nuked_nude=index&op=view_com&im_id=" . $im_id . "&module=" . $module;
  672. redirect($url_redir, 5);
  673. echo "</body></html>";
  674. }
  675. }
  676.  
  677. function modif_comment($cid, $titre, $texte, $module, $im_id){
  678. global $nuked, $user, $theme, $bgcolor2, $visiteur;
  679.  
  680. $level_admin = admin_mod("Comment");
  681. $texte = secu_html(html_entity_decode($texte));
  682. if(!verification($module,$im_id)){
  683. exit();
  684. }
  685. if ($visiteur >= $level_admin){
  686. $sql = mysql_query("UPDATE " . COMMENT_TABLE . " SET titre = '" . $titre . "', comment = '" . $texte . "' WHERE id = '" . $cid . "'");
  687.  
  688. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
  689. . "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"fr\">\n"
  690. . "<head><title>" . _COMMENTS . "</title>\n"
  691. . "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n"
  692. . "<meta http-equiv=\"content-style-type\" content=\"text/css\" />\n"
  693. . "<link title=\"style\" type=\"text/css\" rel=\"stylesheet\" href=\"themes/" . $theme . "/style.css\" /></head>\n"
  694. . "<body style=\"background : " . $bgcolor2 . ";\">\n"
  695. . "<div style=\"text-align: center;\"><br /><br /><br /><b>" . _COMMENTMODIF . "</b></div>\n";
  696.  
  697. $url_redir = "index.php?file=Comment&nuked_nude=index&op=view_com&im_id=" . $im_id . "&module=" . $module;
  698. redirect($url_redir, 2);
  699. echo "</body></html>";
  700. }
  701. else{
  702. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
  703. . "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"fr\">\n"
  704. . "<head><title>" . _COMMENTS . "</title>\n"
  705. . "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n"
  706. . "<meta http-equiv=\"content-style-type\" content=\"text/css\" />\n"
  707. . "<link title=\"style\" type=\"text/css\" rel=\"stylesheet\" href=\"themes/" . $theme . "/style.css\" /></head>\n"
  708. . "<body style=\"background : " . $bgcolor2 . ";\">\n"
  709. . "<div style=\"text-align: center;\"><br /><br /><br />" . _ZONEADMIN . "</div>\n";
  710.  
  711. $url_redir = "index.php?file=Comment&nuked_nude=index&op=view_com&im_id=" . $im_id . "&amp;module=" . $module;
  712. redirect($url_redir, 5);
  713. echo "</body></html>";
  714. }
  715. }
  716.  
  717. function edit_comment($cid){
  718. global $user, $nuked, $bgcolor2, $theme, $visiteur;
  719.  
  720. define('EDITOR_CHECK', 1);
  721.  
  722. $level_admin = admin_mod("Comment");
  723.  
  724. if ($visiteur >= $level_admin){
  725. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
  726. . "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"fr\">\n"
  727. . "<head><title>" . _POSTCOMMENT . "</title>\n"
  728. . "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n"
  729. . "<meta http-equiv=\"content-style-type\" content=\"text/css\" />\n"
  730. . "<link title=\"style\" type=\"text/css\" rel=\"stylesheet\" href=\"themes/" . $theme . "/style.css\" /></head>\n"
  731. . "<body style=\"background : " . $bgcolor2 . ";\">\n";
  732.  
  733. $sql = mysql_query("SELECT autor, autor_id, titre, comment, autor_ip, module, im_id FROM " . COMMENT_TABLE . " WHERE id = '" . $cid . "'");
  734. list($auteur, $autor_id, $titre, $texte, $ip, $module, $im_id) = mysql_fetch_array($sql);
  735.  
  736. $titre = htmlentities($titre);
  737.  
  738. if($autor_id != ""){
  739. $sql_member = mysql_query("SELECT pseudo FROM " . USER_TABLE . " WHERE id = '" . $autor_id . "'");
  740. list($autor) = mysql_fetch_array($sql_member);
  741. }
  742. else{
  743. $autor = $auteur;
  744. }
  745.  
  746. echo "</form><form method=\"post\" action=\"index.php?file=Comment&amp;nuked_nude=index&amp;op=modif_comment\" >\n"
  747. . "<table width=\"100%\" cellspacing=\"1\" cellpadding=\"0\">\n"
  748. . "<tr><td><b>" . _TITLE . " :</b> <input type=\"text\" name=\"titre\" size=\"40\" maxlength=\"40\" value=\"" . $titre . "\" /><br /><br /></td></tr>\n"
  749. . "<tr><td><b>" . _MESSAGE . " :</b><br />\n"
  750. . "<textarea id=\"e_basic\" name=\"texte\" cols=\"58\" rows=\"10\">" . $texte . "</textarea></td></tr>\n"
  751. . "<tr><td><b>" . _NICK . " :</b> " . $autor ." ( " . $ip . " )</td></tr>\n"
  752. . "<tr><td align=\"right\" colspan=\"2\">\n"
  753. . "<input type=\"hidden\" name=\"cid\" value=\"" . $cid . "\" />\n"
  754. . "<input type=\"hidden\" name=\"im_id\" value=\"" . $im_id . "\" />\n"
  755. . "<input type=\"hidden\" name=\"module\" value=\"" . $module . "\" />\n"
  756. . "</td></tr></table><div style=\"text-align: center;\"><input type=\"submit\" value=\"" . _SEND . "\" /><br /><br />\n"
  757. . "<a href=\"#\" onclick=\"javascript:window.close()\"><b>" . _CLOSEWINDOW . "</b></a></div></form></body></html>";
  758. }
  759. else{
  760. echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
  761. . "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"fr\">\n"
  762. . "<head><title>" . _COMMENTS . "</title>\n"
  763. . "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n"
  764. . "<meta http-equiv=\"content-style-type\" content=\"text/css\" />\n"
  765. . "<link title=\"style\" type=\"text/css\" rel=\"stylesheet\" href=\"themes/" . $theme . "/style.css\" /></head>\n"
  766. . "<body style=\"background : " . $bgcolor2 . ";\">\n"
  767. . "<div style=\"text-align: center;\"><br /><br /><br />" . _ZONEADMIN . "</div>\n";
  768.  
  769. $url_redir = "index.php?file=Comment&nuked_nude=index&op=view_com&im_id=" . $im_id . "&module=" . $module;
  770. redirect($url_redir, 5);
  771. echo "</body></html>";
  772. }
  773. }
  774.  
  775. switch ($_REQUEST['op']){
  776. case"del_comment":
  777. del_comment($_REQUEST['cid']);
  778. break;
  779.  
  780. case"modif_comment":
  781. modif_comment($_REQUEST['cid'], $_REQUEST['titre'], $_REQUEST['texte'], $_REQUEST['module'], $_REQUEST['im_id']);
  782. break;
  783.  
  784. case "com_index":
  785. com_index($_REQUEST['im'], $_REQUEST['im_id']);
  786. break;
  787.  
  788. case "post_com":
  789. post_com($_REQUEST['module'], $_REQUEST['im_id']);
  790. break;
  791.  
  792. case "view_com":
  793. view_com($_REQUEST['module'], $_REQUEST['im_id']);
  794. break;
  795.  
  796. case "post_comment":
  797. post_comment($_REQUEST['im_id'], $_REQUEST['module'], $_REQUEST['titre'], $_REQUEST['texte'], $_REQUEST['pseudo']);
  798. break;
  799.  
  800. case "edit_comment":
  801. edit_comment($_REQUEST['cid']);
  802. break;
  803.  
  804. default:
  805. break;
  806. }
  807. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!