Untitled

<?PHP
  include("config.php");
  if(! check_login()) {
    header("Location: login.php");
    exit;
  }


  mysql_query("UPDATE `users` SET `online`=NOW() WHERE `login`='{$data->login}'");

 if($data->level == 1){
 $don = "10";
 }
 if($data->level >= 2){
 $don = "50";
 }

function undo_magic_quotes_gpc($mGetPostCookieVariable = '')
{
    if($mGetPostCookieVariable == '' && get_magic_quotes_gpc() == 1)
    {
        $_POST = undo_magic_quotes_gpc($_POST);
        $_GET = undo_magic_quotes_gpc($_GET);
        $_COOKIE = undo_magic_quotes_gpc($_COOKIE);
    }
    else
    {
        if(is_array($mGetPostCookieVariable))
        {
            return array_map('undo_magic_quotes_gpc', $mGetPostCookieVariable);
        }
        else
        {
            return stripslashes($mGetPostCookieVariable);
        }
    }
}

?>

<html>

<head>
<title>Provenzano</title>

<link rel="stylesheet" type="text/css" href="style.css">


</head>

<script language="javascript">
var checked = 0;
function checkAll() {
  checked = !checked;
  for(i=0; i<document.form1.elements.length; i++)
    document.form1.elements[i].checked = checked;
}


function newBlock() {
  if(document.form1['block'].value != '')
    document.form2['blocklist[]'].options[document.form2['blocklist[]'].options.length] = new Option(document.form1['block'].value)
  return false;
}

function unBlock() {
  while(document.form2['blocklist[]'].selectedIndex >= 0)
    document.form2['blocklist[]'].options[document.form2['blocklist[]'].selectedIndex] = null;
  return false;
}

function submitList() {
  for(i=0; i<document.form2['blocklist[]'].options.length; i++)
    document.form2['blocklist[]'].options[i].selected = 1;
  return true;
}
</script>
</head>
<table width="100%" align="center">
<?php /* ------------------------- */
    if($_GET['p'] == "inbox") {
      print <<<ENDHTML
  <tr><td class="subTitle"><b>Inbox</b></td></tr>
  <tr><td class="mainTxt">
    - <a href="message.php?p=inbox"><img border="0" img src="images/postvakin.png"> Inbox</a><br>
    - <a href="message.php?p=new"><img border="0" img src="images/opstellen.png"> Nieuw bericht</a><br>
    - <a href="message.php?p=outbox"><img border="0" img src="images/outbox.png"> Verzonden</a><br>
  </td></tr>
ENDHTML;
      $dbres = mysql_query("SELECT * FROM `messages` WHERE `to`='{$data->login}' AND `inbox`='1'");
      $messnow = mysql_num_rows($dbres);
if($messnow > $don){
$messnow = "$don";
}
      print "  <tr><td><form name=\"form1\" method=\"post\" action=\"message.php?p=del\"><table width=100%>\n";
      print "    <tr><td colspan=4 class=mainTxt><div align=\"center\">Maximaal $don berichten (Nu: <b>{$messnow}</b>)</div></td></tr><tr><td width=10><input type=\"checkbox\" onClick=\"checkAll()\"></td>  <td class=\"mainTxt\" align=\"center\" width=150><i>Van:</i></td>  <td class=\"mainTxt\" align=\"center\" width=225><i>Onderwerp:</i></td>  <td class=\"mainTxt\" align=\"center\" width=175><i>Datum:</i></td></tr>\n";
      $dbres                = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `messages` WHERE `to`='{$data->login}' AND `read`=0 AND `inbox`=1 ORDER BY `time` DESC LIMIT 0,$don");
      while($message = mysql_fetch_object($dbres)) {
        if($message->subject == ''){
        $message->subject       = "(Geen)";
        }
        print "    <tr><td width=10><input type=\"checkbox\" name=\"id[]\" value=\"{$message->id}\"></td>  <td class=\"mainTxt\" width=150><a href=\"user.php?x={$message->from}\">{$message->from}</a></td>  <td class=\"mainTxt\"><a href=\"message.php?p=read&id={$message->id}\"><b>{$message->subject}</b></a></td>  <td class=\"mainTxt\" width=175>{$message->time}</td></tr>\n";
      }

      $dbres                = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `messages` WHERE `to`='{$data->login}' AND `read`=1 AND `inbox`=1 ORDER BY `time` DESC  LIMIT 0,$don");
      while($message = mysql_fetch_object($dbres)) {
        if(preg_match('/^\s*$/',$message->subject))
          $message->subject     = "(Geen)";
        print "    <tr><td width=10><input type=\"checkbox\" name=\"id[]\" value=\"{$message->id}\"></td>  <td class=\"mainTxt\" width=200><a href=\"user.php?x={$message->from}\">{$message->from}</a></td>  <td class=\"mainTxt\"><a href=\"message.php?p=read&id={$message->id}\">{$message->subject}</a></td>  <td class=\"mainTxt\" width=175>{$message->time}</td></tr>\n";
      }

      print "    </table><input type=\"submit\" value=\"Delete\" style=\"font-size: 10pt\"></form></td></tr>\n";
    }
    else if($_GET['p'] == "outbox") {
      print <<<ENDHTML
  <tr><td class="subTitle"><b>Outbox</b></td></tr>
  <tr><td class="mainTxt">
    - <a href="message.php?p=inbox"><img border="0" img src="images/postvakin.png"> Inbox</a><br>
    - <a href="message.php?p=new"><img border="0" img src="images/opstellen.png"> Nieuw bericht</a><br>
    - <a href="message.php?p=outbox"><img border="0" img src="images/outbox.png"> Verzonden</a><br>
  </td></tr>
ENDHTML;
      print "  <tr><td><form name=\"form1\" method=\"post\" action=\"message.php?p=del\"><table width=100%>\n";
      print "    <tr><td width=10><input type=\"checkbox\" onClick=\"checkAll()\"></td>  <td class=\"mainTxt\" align=\"center\" width=150><i>Naar:</i></td>  <td class=\"mainTxt\" align=\"center\" width=225><i>Onderwerp:</i></td>  <td class=\"mainTxt\" align=\"center\" width=175><i>Datum:</i></td></tr>\n";
      $dbres                = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `messages` WHERE `from`='{$data->login}' AND `outbox`=1 ORDER BY `time` DESC");
      while($message = mysql_fetch_object($dbres)) {
        if(preg_match('/^\s*$/',$message->subject))
          $message->subject     = "(Geen)";
        if($message->read == 1)
          print "    <tr><td width=10><input type=\"checkbox\" name=\"id[]\" value=\"{$message->id}\"></td>  <td class=\"mainTxt\" width=200><a href=\"user.php?x={$message->to}\">{$message->to}</a></td>  <td class=\"mainTxt\"><a href=\"message.php?p=read&id={$message->id}\">{$message->subject}</a></td>  <td class=\"mainTxt\" width=175>{$message->time}</td></tr>\n";
        else
          print "    <tr><td width=10><input type=\"checkbox\" name=\"id[]\" value=\"{$message->id}\"></td>  <td class=\"mainTxt\" width=200><a href=\"user.php?x={$message->to}\"><b>{$message->to}</b></a></td>  <td class=\"mainTxt\"><a href=\"message.php?p=read&id={$message->id}\"><b>{$message->subject}</b></a></td>  <td class=\"mainTxt\" width=175>{$message->time}</td></tr>\n";
      }

      print "    </table><input type=\"submit\" value=\"Delete\" style=\"font-size: 10pt\"></form></td></tr>\n";
    }
    else if($_GET['p'] == "read") {
      $dbres            = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `messages` WHERE `id`='{$_GET['id']}' AND (`to`='{$data->login}' OR `from`='{$data->login}')");
      if($message = mysql_fetch_object($dbres)) {
        if($message->to == $data->login)
          mysql_query("UPDATE `messages` SET `read`='1' WHERE `id`='$message->id'") or die(mysql_error());
$message->info = $message->message;
$message->info          = preg_replace('/\n/',"<br>\n",$message->info);
 $message->info         = str_replace("[b]","<b>","$message->info");
 $message->info         = str_replace("[/b]","</b>","$message->info");
 $message->info         = str_replace("[i]","<i>","$message->info");
 $message->info         = str_replace("[/i]","</i>","$message->info");
 $message->info         = str_replace("[u]","<u>","$message->info");
 $message->info         = str_replace("[/u]","</u>","$message->info");
 $message->info         = str_replace("[center]","<center>","$message->info");
 $message->info         = str_replace("[/center]","</center>","$message->info");
 $message->info         = str_replace("[IMG]",'<img src="',"$message->info");
 $message->info         = str_replace("[/IMG]",'">',"$message->info");
 $message->info         = str_replace("[B]","<b>","$message->info");
 $message->info         = str_replace("[/B]","</b>","$message->info");
 $message->info         = str_replace("[I]","<i>","$message->info");
 $message->info         = str_replace("[/I]","</i>","$message->info");
 $message->info         = str_replace("[U]","<u>","$message->info");
 $message->info         = str_replace("[/U]","</u>","$message->info");
 $message->info         = str_replace("[CENTER]","<center>","$message->info");
 $message->info         = str_replace("[/CENTER]","</center>","$message->info");
 $message->info         = str_replace("[img]",'<img src="',"$message->info");
 $message->info         = str_replace("[/img]",'">',"$message->info");
 $message->info = preg_replace("/\[scroll\](.+?)\[\/scroll\]/is",'<marquee>\1</marquee>',  $message->info);
 $message->info =  preg_replace ("#\\[size=(\#|[a-zA-Z\--:/.]+)\](.*?)\[/size\\]#si", "<font size=\"\\1\">\\2</size>",  $message->info);
 $message->info = preg_replace ("#\\[color=(\#[0-9A-F]{6}|[a-z\-]+)\](.*?)\[/color\\]#si", "<font color=\"\\1\">\\2</font>",  $message->info);
 $message->info =  preg_replace ("#\\[url=(\#|[a-zA-Z\--:/.]+)\](.*?)\[/url\\]#si", "<a href=\"\\1\" target=\"\\new\">\\2</a>",  $message->info);
 $message->info             = str_replace(":P", "<img src=\"/images/smilies/puh.gif\">",$message->info);
 $message->info             = str_replace(":p", "<img src=\"/images/smilies/puh.gif\">",$message->info);
 $message->info             = str_replace(":)","<img src=\"/images/smilies/smilesmile.gif\">",$message->info);
 $message->info         = str_replace(":D","<img src=\"/images/smilies/lol.gif\">",$message->info);
 $message->info         = str_replace("*D","<img src=\"/images/smilies/smileteeth.gif\">",$message->info);
 $message->info         = str_replace(":^","<img src=\"/images/smilies/idea.gif\">",$message->info);
 $message->info         = str_replace(":w","<img src=\"/images/smilies/bye.gif\">",$message->info);
 $message->info         = str_replace("_o_","<img src=\"/images/smilies/worship.gif\">",$message->info);
 $message->info         = str_replace(":')","<img src=\"/images/smilies/happytears.gif\">",$message->info);
 $message->info         = str_replace(":(","<img src=\"/images/smilies/smileredface.gif\">",$message->info);
 $message->info         = str_replace(":?","<img src=\"/images/smilies/smileconfused.gif\">",$message->info);
 $message->info         = str_replace(":|","<img src=\"/images/smilies/smilehmmm.gif\">",$message->info);
 $message->info         = str_replace(":'(","<img src=\"/images/smilies/tears.gif\">",$message->info);
 $message->info         = str_replace("9)7","<img src=\"/images/smilies/hammer2.gif\">",$message->info);
 $message->info         = str_replace(":=","<img src=\"/images/smilies/applaus.gif\">",$message->info);
 $message->info         = str_replace(";)","<img src=\"/images/smilies/smilewink.gif\">",$message->info);
 $message->info         = str_replace(":+","<img src=\"/images/smilies/clown.gif\">",$message->info);
 $message->info         = str_replace("o)","<img src=\"/images/smilies/smilebounce.gif\">",$message->info);
 $message->info         = str_replace(":o","<img src=\"/images/smilies/blush.gif\">",$message->info);
 $message->info         = str_replace(":s","<img src=\"/images/smilies/smileconfused.gif\">",$message->info);
        $message->message       = preg_replace('/kom ook spelen op dit spel/', "****", $message->message);

        print <<<ENDHTML
  <tr><td class="subTitle"><b>Bericht</b></td></tr>
  <tr><td class="mainTxt" style="letter-spacing: normal;"><table width=100%>
    <tr><td width=100>Van:</td>     <td>{$message->from}</td></tr>
    <tr><td width=100>Naar:</td>       <td>{$message->to}</td></tr>
    <tr><td width=100>Onderwerp:</td>  <td>{$message->subject}</td></tr>
  </table></td></tr>
  <tr><td class="mainTxt">
{$message->info}
  </td></tr>
  <tr><td align="right"><table>
ENDHTML;

        if($message->from != $data->login)
          print "    <tr><td class=\"mainTxt\" align=\"center\" width=100><a href=\"message.php?p=new&to={$message->from}&subject=". urlencode("Re: {$message->subject}") ."\">Antwoord</a></td>  ";
        else
          print "    <tr>";

print "<td class=\"mainTxt\" align=\"center\" width=100><a href=\"message.php?p=del&id=[]{$message->id}\">Delete</a></td></tr></table>\n";
      }
    }
    else if($_GET['p'] == "del") {
      if(isset($_GET['id'])){

        $dbres                = mysql_query("SELECT `outbox`,`inbox`,`from`,`to` FROM `messages` WHERE `id`='$msgid' AND (`from`='{$user->login}' OR `to`='{$user->login}')")  or die (mysql_error());
        if($message = mysql_fetch_object($dbres)) {
          if($message->from == $user->login){
            mysql_query("UPDATE `messages` SET `outbox`=0 WHERE `id`='$msgid'");
          } else{
            mysql_query("UPDATE `messages` SET `inbox`=0 WHERE `id`='$msgid'");
          }

          }
        }
      print <<<ENDHTML
  <tr><td class="subTitle"><b>Berichten</b></td></tr>
  <tr><td class="mainTxt">
    - <a href="message.php?p=inbox"><img border="0" img src="images/postvakin.png"> Inbox</a><br>
    - <a href="message.php?p=new"><img border="0" img src="images/opstellen.png"> Nieuw bericht</a><br>
    - <a href="message.php?p=outbox"><img border="0" img src="images/outbox.png"> Verzonden</a><br>
  </td></tr>
  <tr><td class="mainTxt">Bericht(en) verwijderd</td></tr>
ENDHTML;
    }
    else if($_GET['p'] == "new") {
      print <<<ENDHTML
  <tr><td class="subTitle"><b>Nieuw bericht</b></td></tr>
  <tr><td class="mainTxt">
    - <a href="message.php?p=inbox"><img border="0" img src="images/postvakin.png"> Inbox</a><br>
    - <a href="message.php?p=new"><img border="0" img src="images/opstellen.png"> Nieuw bericht</a><br>
    - <a href="message.php?p=outbox"><img border="0" img src="images/outbox.png"> Verzonden</a><br>
  </td></tr>
ENDHTML;
      if(isset($_POST['to'],$_POST['message'])) {
        if(strtolower($_POST['to']) != strtolower($data->login)) {
          $dbres            = mysql_query("SELECT `login` FROM `users` WHERE `login`='{$_POST['to']}'");
          $info             = mysql_fetch_object($dbres);
          if($info == false)
            print "  <tr><td class=\"mainTxt\">'{$_POST['to']}' bestaat niet</td></tr>\n";
          else if(preg_match("/,{$data->login},/i",$info->blocklist))
             print "  <tr><td class=\"mainTxt\">{$info->login} Heeft je geblokkeerd</td></tr>\n";
          else {
            $_POST['subject']       = preg_replace('/</','<',$_POST['subject']);

            $dbres          = mysql_query("SELECT `login` FROM `users` WHERE `login`='{$_POST['to']}'") or die(mysql_error());
            if($recp = mysql_fetch_object($dbres)) {
              $forwardedFor     = ($_SERVER['HTTP_X_FORWARDED_FOR'] != "") ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['HTTP_CLIENT_IP'];
              $forwardedFor     = preg_replace('/, .+/','',$forwardedFor);
              $info  = stripslashes($_POST['message']);
              $msgheen = ucfirst(strtolower($recp->login));
              mysql_query("INSERT INTO `messages`(`time`,`IP`,`forwardedFor`,`from`,`to`,`subject`,`message`) values(NOW(),'{$_SERVER['REMOTE_ADDR']}','$forwardedFor','{$data->login}','{$msgheen}','{$_POST['subject']}','{$info}')") or die(mysql_error());
              mysql_query("UPDATE `users` SET `messages`=`messages`+'1' WHERE `login`='{$data->login}'");
              mysql_query("DELETE FROM `temp` WHERE `id`='{$_POST['id']}' AND `code`='{$_POST['code']}' AND `area`='message'");
              print "  <tr><td class=\"mainTxt\">Bericht verzonden</td></tr>\n";
            }
          }
        }
        else
          print "  <tr><td class=\"mainTxt\">Je kan geen bericht naar jezelf sturen</td></tr>\n";
      }

      $_REQUEST['message']      = stripslashes($_REQUEST['message']);
      print <<<ENDHTML
  <tr><td class="mainTxt" align="center">
    <form name="form1" method="POST" action="message.php?p=new"><table width=100%>
    <tr><td width=100>Naar:</td>        <td><input type="text" name="to" value="{$_REQUEST['to']}" maxlength=16></td></tr>
    <tr><td width=100>Onderwerp:</td>   <td><input type="text" name="subject" value="{$_REQUEST['subject']}" maxlength=25></td></tr>
    <tr><td width=100 valign="top">Bericht:<br><br>
ENDHTML;
      print <<<ENDHTML
    </td>                   <td><textarea name="message" cols=40 rows=10>{$_REQUEST['message']}</textarea></td></tr>
    <tr><td width=100></td>         <td align="left"><input type="submit" name="submit" value="Verzenden"></td></tr>
</table>

<tr><td colspan=3 class=subTitle align=center><b>Smilies</b></td></tr>
<tr><td colspan="3" class="mainTxt">
<a href="javascript://" onClick="document.form1.message.value += (':)')"><img src=images/smiles/smilesmile.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (';)')"><img src=images/smiles/smilewink.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':P')"><img src=images/smiles/smilepuh.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':p')"><img src=images/smiles/smiletongue.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':yumm:')"><img src=images/smiles/smileyummie.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':@')"><img src=images/smiles/smilemean.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += ('8)')"><img src=images/smiles/smilecool.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':D')"><img src=images/smiles/smilelol.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += ('*D')"><img src=images/smiles/smileteeth.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':smoke:')"><img src=images/smiles/smilecigar.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += ('%)')"><img src=images/smiles/smileweird.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += ('O)')"><img src=images/smiles/smilebounce.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += ('#)')"><img src=images/smiles/smileeyes.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':z')"><img src=images/smiles/smilesleep.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':Z')"><img src=images/smiles/smiledeepsleep.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':idea:')"><img src=images/smiles/smileidea.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':W')"><img src=images/smiles/smilebye.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += ('_o_')"><img src=images/smiles/smileworship.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':\')')"><img src=images/smiles/smilehappytears.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':(')"><img src=images/smiles/smileredface.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':huh:')"><img src=images/smiles/smilehuh.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':|')"><img src=images/smiles/smilehmm.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':\'(')"><img src=images/smiles/smiletears.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':X')"><img src=images/smiles/smilesilence.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':hammer:')"><img src=images/smiles/smilehammer.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':wall:')"><img src=images/smiles/smilewall.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += ('+o(')"><img src=images/smiles/smilepuke.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':gsm:')"><img src=images/smiles/smilegsm.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += ('[!)')"><img src=images/smiles/smileheadphone.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':omg:')"><img src=images/smiles/smileomg.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':%')"><img src=images/smiles/smilegreen.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':{')"><img src=images/smiles/smiledracula.gif border=0></a>
<a href="javascript://" onClick="document.form1.message.value += (':blow:')"><img src=images/smiles/emo_blow.gif border=0></a>
  </td></tr>
ENDHTML;
    }
    else {
      print <<<ENDHTML
  <tr><td class="subTitle"><b>Berichten</b></td></tr>
  <tr><td class="mainTxt">
    - <a href="message.php?p=inbox"><img border="0" img src="images/postvakin.png"> Inbox</a><br>
    - <a href="message.php?p=new"><img border="0" img src="images/opstellen.png"> Nieuw bericht</a><br>
    - <a href="message.php?p=outbox"><img border="0" img src="images/outbox.png"> Verzonden</a><br>
  </td></tr>
ENDHTML;
    }

?>
</table></td></tr>


</body>


</html>

<?PHP

// de site word sloom dus moeten we wel alles afsluiten..

mysql_close();

// zo dat was het dan weer voor vandaag..
?>