Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?PHP
- include("config.php");
- if(! check_login()) {
- header("Location: login.php");
- exit;
- }
- mysql_query("UPDATE `users` SET `online`=NOW() WHERE `login`='{$data->login}'");
- if($data->level == 1){
- $don = "10";
- }
- if($data->level >= 2){
- $don = "50";
- }
- function undo_magic_quotes_gpc($mGetPostCookieVariable = '')
- {
- if($mGetPostCookieVariable == '' && get_magic_quotes_gpc() == 1)
- {
- $_POST = undo_magic_quotes_gpc($_POST);
- $_GET = undo_magic_quotes_gpc($_GET);
- $_COOKIE = undo_magic_quotes_gpc($_COOKIE);
- }
- else
- {
- if(is_array($mGetPostCookieVariable))
- {
- return array_map('undo_magic_quotes_gpc', $mGetPostCookieVariable);
- }
- else
- {
- return stripslashes($mGetPostCookieVariable);
- }
- }
- }
- ?>
- <html>
- <head>
- <title>Provenzano</title>
- <link rel="stylesheet" type="text/css" href="style.css">
- </head>
- <script language="javascript">
- var checked = 0;
- function checkAll() {
- checked = !checked;
- for(i=0; i<document.form1.elements.length; i++)
- document.form1.elements[i].checked = checked;
- }
- function newBlock() {
- if(document.form1['block'].value != '')
- document.form2['blocklist[]'].options[document.form2['blocklist[]'].options.length] = new Option(document.form1['block'].value)
- return false;
- }
- function unBlock() {
- while(document.form2['blocklist[]'].selectedIndex >= 0)
- document.form2['blocklist[]'].options[document.form2['blocklist[]'].selectedIndex] = null;
- return false;
- }
- function submitList() {
- for(i=0; i<document.form2['blocklist[]'].options.length; i++)
- document.form2['blocklist[]'].options[i].selected = 1;
- return true;
- }
- </script>
- </head>
- <table width="100%" align="center">
- <?php /* ------------------------- */
- if($_GET['p'] == "inbox") {
- print <<<ENDHTML
- <tr><td class="subTitle"><b>Inbox</b></td></tr>
- <tr><td class="mainTxt">
- - <a href="message.php?p=inbox"><img border="0" img src="images/postvakin.png"> Inbox</a><br>
- - <a href="message.php?p=new"><img border="0" img src="images/opstellen.png"> Nieuw bericht</a><br>
- - <a href="message.php?p=outbox"><img border="0" img src="images/outbox.png"> Verzonden</a><br>
- </td></tr>
- ENDHTML;
- $dbres = mysql_query("SELECT * FROM `messages` WHERE `to`='{$data->login}' AND `inbox`='1'");
- $messnow = mysql_num_rows($dbres);
- if($messnow > $don){
- $messnow = "$don";
- }
- print " <tr><td><form name=\"form1\" method=\"post\" action=\"message.php?p=del\"><table width=100%>\n";
- print " <tr><td colspan=4 class=mainTxt><div align=\"center\">Maximaal $don berichten (Nu: <b>{$messnow}</b>)</div></td></tr><tr><td width=10><input type=\"checkbox\" onClick=\"checkAll()\"></td> <td class=\"mainTxt\" align=\"center\" width=150><i>Van:</i></td> <td class=\"mainTxt\" align=\"center\" width=225><i>Onderwerp:</i></td> <td class=\"mainTxt\" align=\"center\" width=175><i>Datum:</i></td></tr>\n";
- $dbres = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `messages` WHERE `to`='{$data->login}' AND `read`=0 AND `inbox`=1 ORDER BY `time` DESC LIMIT 0,$don");
- while($message = mysql_fetch_object($dbres)) {
- if($message->subject == ''){
- $message->subject = "(Geen)";
- }
- print " <tr><td width=10><input type=\"checkbox\" name=\"id[]\" value=\"{$message->id}\"></td> <td class=\"mainTxt\" width=150><a href=\"user.php?x={$message->from}\">{$message->from}</a></td> <td class=\"mainTxt\"><a href=\"message.php?p=read&id={$message->id}\"><b>{$message->subject}</b></a></td> <td class=\"mainTxt\" width=175>{$message->time}</td></tr>\n";
- }
- $dbres = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `messages` WHERE `to`='{$data->login}' AND `read`=1 AND `inbox`=1 ORDER BY `time` DESC LIMIT 0,$don");
- while($message = mysql_fetch_object($dbres)) {
- if(preg_match('/^\s*$/',$message->subject))
- $message->subject = "(Geen)";
- print " <tr><td width=10><input type=\"checkbox\" name=\"id[]\" value=\"{$message->id}\"></td> <td class=\"mainTxt\" width=200><a href=\"user.php?x={$message->from}\">{$message->from}</a></td> <td class=\"mainTxt\"><a href=\"message.php?p=read&id={$message->id}\">{$message->subject}</a></td> <td class=\"mainTxt\" width=175>{$message->time}</td></tr>\n";
- }
- print " </table><input type=\"submit\" value=\"Delete\" style=\"font-size: 10pt\"></form></td></tr>\n";
- }
- else if($_GET['p'] == "outbox") {
- print <<<ENDHTML
- <tr><td class="subTitle"><b>Outbox</b></td></tr>
- <tr><td class="mainTxt">
- - <a href="message.php?p=inbox"><img border="0" img src="images/postvakin.png"> Inbox</a><br>
- - <a href="message.php?p=new"><img border="0" img src="images/opstellen.png"> Nieuw bericht</a><br>
- - <a href="message.php?p=outbox"><img border="0" img src="images/outbox.png"> Verzonden</a><br>
- </td></tr>
- ENDHTML;
- print " <tr><td><form name=\"form1\" method=\"post\" action=\"message.php?p=del\"><table width=100%>\n";
- print " <tr><td width=10><input type=\"checkbox\" onClick=\"checkAll()\"></td> <td class=\"mainTxt\" align=\"center\" width=150><i>Naar:</i></td> <td class=\"mainTxt\" align=\"center\" width=225><i>Onderwerp:</i></td> <td class=\"mainTxt\" align=\"center\" width=175><i>Datum:</i></td></tr>\n";
- $dbres = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `messages` WHERE `from`='{$data->login}' AND `outbox`=1 ORDER BY `time` DESC");
- while($message = mysql_fetch_object($dbres)) {
- if(preg_match('/^\s*$/',$message->subject))
- $message->subject = "(Geen)";
- if($message->read == 1)
- print " <tr><td width=10><input type=\"checkbox\" name=\"id[]\" value=\"{$message->id}\"></td> <td class=\"mainTxt\" width=200><a href=\"user.php?x={$message->to}\">{$message->to}</a></td> <td class=\"mainTxt\"><a href=\"message.php?p=read&id={$message->id}\">{$message->subject}</a></td> <td class=\"mainTxt\" width=175>{$message->time}</td></tr>\n";
- else
- print " <tr><td width=10><input type=\"checkbox\" name=\"id[]\" value=\"{$message->id}\"></td> <td class=\"mainTxt\" width=200><a href=\"user.php?x={$message->to}\"><b>{$message->to}</b></a></td> <td class=\"mainTxt\"><a href=\"message.php?p=read&id={$message->id}\"><b>{$message->subject}</b></a></td> <td class=\"mainTxt\" width=175>{$message->time}</td></tr>\n";
- }
- print " </table><input type=\"submit\" value=\"Delete\" style=\"font-size: 10pt\"></form></td></tr>\n";
- }
- else if($_GET['p'] == "read") {
- $dbres = mysql_query("SELECT *,DATE_FORMAT(`time`,'%d-%m-%Y %H:%i') AS `time` FROM `messages` WHERE `id`='{$_GET['id']}' AND (`to`='{$data->login}' OR `from`='{$data->login}')");
- if($message = mysql_fetch_object($dbres)) {
- if($message->to == $data->login)
- mysql_query("UPDATE `messages` SET `read`='1' WHERE `id`='$message->id'") or die(mysql_error());
- $message->info = $message->message;
- $message->info = preg_replace('/\n/',"<br>\n",$message->info);
- $message->info = str_replace("[b]","<b>","$message->info");
- $message->info = str_replace("[/b]","</b>","$message->info");
- $message->info = str_replace("[i]","<i>","$message->info");
- $message->info = str_replace("[/i]","</i>","$message->info");
- $message->info = str_replace("[u]","<u>","$message->info");
- $message->info = str_replace("[/u]","</u>","$message->info");
- $message->info = str_replace("[center]","<center>","$message->info");
- $message->info = str_replace("[/center]","</center>","$message->info");
- $message->info = str_replace("[IMG]",'<img src="',"$message->info");
- $message->info = str_replace("[/IMG]",'">',"$message->info");
- $message->info = str_replace("[B]","<b>","$message->info");
- $message->info = str_replace("[/B]","</b>","$message->info");
- $message->info = str_replace("[I]","<i>","$message->info");
- $message->info = str_replace("[/I]","</i>","$message->info");
- $message->info = str_replace("[U]","<u>","$message->info");
- $message->info = str_replace("[/U]","</u>","$message->info");
- $message->info = str_replace("[CENTER]","<center>","$message->info");
- $message->info = str_replace("[/CENTER]","</center>","$message->info");
- $message->info = str_replace("[img]",'<img src="',"$message->info");
- $message->info = str_replace("[/img]",'">',"$message->info");
- $message->info = preg_replace("/\[scroll\](.+?)\[\/scroll\]/is",'<marquee>\1</marquee>', $message->info);
- $message->info = preg_replace ("#\\[size=(\#|[a-zA-Z\--:/.]+)\](.*?)\[/size\\]#si", "<font size=\"\\1\">\\2</size>", $message->info);
- $message->info = preg_replace ("#\\[color=(\#[0-9A-F]{6}|[a-z\-]+)\](.*?)\[/color\\]#si", "<font color=\"\\1\">\\2</font>", $message->info);
- $message->info = preg_replace ("#\\[url=(\#|[a-zA-Z\--:/.]+)\](.*?)\[/url\\]#si", "<a href=\"\\1\" target=\"\\new\">\\2</a>", $message->info);
- $message->info = str_replace(":P", "<img src=\"/images/smilies/puh.gif\">",$message->info);
- $message->info = str_replace(":p", "<img src=\"/images/smilies/puh.gif\">",$message->info);
- $message->info = str_replace(":)","<img src=\"/images/smilies/smilesmile.gif\">",$message->info);
- $message->info = str_replace(":D","<img src=\"/images/smilies/lol.gif\">",$message->info);
- $message->info = str_replace("*D","<img src=\"/images/smilies/smileteeth.gif\">",$message->info);
- $message->info = str_replace(":^","<img src=\"/images/smilies/idea.gif\">",$message->info);
- $message->info = str_replace(":w","<img src=\"/images/smilies/bye.gif\">",$message->info);
- $message->info = str_replace("_o_","<img src=\"/images/smilies/worship.gif\">",$message->info);
- $message->info = str_replace(":')","<img src=\"/images/smilies/happytears.gif\">",$message->info);
- $message->info = str_replace(":(","<img src=\"/images/smilies/smileredface.gif\">",$message->info);
- $message->info = str_replace(":?","<img src=\"/images/smilies/smileconfused.gif\">",$message->info);
- $message->info = str_replace(":|","<img src=\"/images/smilies/smilehmmm.gif\">",$message->info);
- $message->info = str_replace(":'(","<img src=\"/images/smilies/tears.gif\">",$message->info);
- $message->info = str_replace("9)7","<img src=\"/images/smilies/hammer2.gif\">",$message->info);
- $message->info = str_replace(":=","<img src=\"/images/smilies/applaus.gif\">",$message->info);
- $message->info = str_replace(";)","<img src=\"/images/smilies/smilewink.gif\">",$message->info);
- $message->info = str_replace(":+","<img src=\"/images/smilies/clown.gif\">",$message->info);
- $message->info = str_replace("o)","<img src=\"/images/smilies/smilebounce.gif\">",$message->info);
- $message->info = str_replace(":o","<img src=\"/images/smilies/blush.gif\">",$message->info);
- $message->info = str_replace(":s","<img src=\"/images/smilies/smileconfused.gif\">",$message->info);
- $message->message = preg_replace('/kom ook spelen op dit spel/', "****", $message->message);
- print <<<ENDHTML
- <tr><td class="subTitle"><b>Bericht</b></td></tr>
- <tr><td class="mainTxt" style="letter-spacing: normal;"><table width=100%>
- <tr><td width=100>Van:</td> <td>{$message->from}</td></tr>
- <tr><td width=100>Naar:</td> <td>{$message->to}</td></tr>
- <tr><td width=100>Onderwerp:</td> <td>{$message->subject}</td></tr>
- </table></td></tr>
- <tr><td class="mainTxt">
- {$message->info}
- </td></tr>
- <tr><td align="right"><table>
- ENDHTML;
- if($message->from != $data->login)
- print " <tr><td class=\"mainTxt\" align=\"center\" width=100><a href=\"message.php?p=new&to={$message->from}&subject=". urlencode("Re: {$message->subject}") ."\">Antwoord</a></td> ";
- else
- print " <tr>";
- print "<td class=\"mainTxt\" align=\"center\" width=100><a href=\"message.php?p=del&id=[]{$message->id}\">Delete</a></td></tr></table>\n";
- }
- }
- else if($_GET['p'] == "del") {
- if(isset($_GET['id'])){
- $dbres = mysql_query("SELECT `outbox`,`inbox`,`from`,`to` FROM `messages` WHERE `id`='$msgid' AND (`from`='{$user->login}' OR `to`='{$user->login}')") or die (mysql_error());
- if($message = mysql_fetch_object($dbres)) {
- if($message->from == $user->login){
- mysql_query("UPDATE `messages` SET `outbox`=0 WHERE `id`='$msgid'");
- } else{
- mysql_query("UPDATE `messages` SET `inbox`=0 WHERE `id`='$msgid'");
- }
- }
- }
- print <<<ENDHTML
- <tr><td class="subTitle"><b>Berichten</b></td></tr>
- <tr><td class="mainTxt">
- - <a href="message.php?p=inbox"><img border="0" img src="images/postvakin.png"> Inbox</a><br>
- - <a href="message.php?p=new"><img border="0" img src="images/opstellen.png"> Nieuw bericht</a><br>
- - <a href="message.php?p=outbox"><img border="0" img src="images/outbox.png"> Verzonden</a><br>
- </td></tr>
- <tr><td class="mainTxt">Bericht(en) verwijderd</td></tr>
- ENDHTML;
- }
- else if($_GET['p'] == "new") {
- print <<<ENDHTML
- <tr><td class="subTitle"><b>Nieuw bericht</b></td></tr>
- <tr><td class="mainTxt">
- - <a href="message.php?p=inbox"><img border="0" img src="images/postvakin.png"> Inbox</a><br>
- - <a href="message.php?p=new"><img border="0" img src="images/opstellen.png"> Nieuw bericht</a><br>
- - <a href="message.php?p=outbox"><img border="0" img src="images/outbox.png"> Verzonden</a><br>
- </td></tr>
- ENDHTML;
- if(isset($_POST['to'],$_POST['message'])) {
- if(strtolower($_POST['to']) != strtolower($data->login)) {
- $dbres = mysql_query("SELECT `login` FROM `users` WHERE `login`='{$_POST['to']}'");
- $info = mysql_fetch_object($dbres);
- if($info == false)
- print " <tr><td class=\"mainTxt\">'{$_POST['to']}' bestaat niet</td></tr>\n";
- else if(preg_match("/,{$data->login},/i",$info->blocklist))
- print " <tr><td class=\"mainTxt\">{$info->login} Heeft je geblokkeerd</td></tr>\n";
- else {
- $_POST['subject'] = preg_replace('/</','<',$_POST['subject']);
- $dbres = mysql_query("SELECT `login` FROM `users` WHERE `login`='{$_POST['to']}'") or die(mysql_error());
- if($recp = mysql_fetch_object($dbres)) {
- $forwardedFor = ($_SERVER['HTTP_X_FORWARDED_FOR'] != "") ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['HTTP_CLIENT_IP'];
- $forwardedFor = preg_replace('/, .+/','',$forwardedFor);
- $info = stripslashes($_POST['message']);
- $msgheen = ucfirst(strtolower($recp->login));
- mysql_query("INSERT INTO `messages`(`time`,`IP`,`forwardedFor`,`from`,`to`,`subject`,`message`) values(NOW(),'{$_SERVER['REMOTE_ADDR']}','$forwardedFor','{$data->login}','{$msgheen}','{$_POST['subject']}','{$info}')") or die(mysql_error());
- mysql_query("UPDATE `users` SET `messages`=`messages`+'1' WHERE `login`='{$data->login}'");
- mysql_query("DELETE FROM `temp` WHERE `id`='{$_POST['id']}' AND `code`='{$_POST['code']}' AND `area`='message'");
- print " <tr><td class=\"mainTxt\">Bericht verzonden</td></tr>\n";
- }
- }
- }
- else
- print " <tr><td class=\"mainTxt\">Je kan geen bericht naar jezelf sturen</td></tr>\n";
- }
- $_REQUEST['message'] = stripslashes($_REQUEST['message']);
- print <<<ENDHTML
- <tr><td class="mainTxt" align="center">
- <form name="form1" method="POST" action="message.php?p=new"><table width=100%>
- <tr><td width=100>Naar:</td> <td><input type="text" name="to" value="{$_REQUEST['to']}" maxlength=16></td></tr>
- <tr><td width=100>Onderwerp:</td> <td><input type="text" name="subject" value="{$_REQUEST['subject']}" maxlength=25></td></tr>
- <tr><td width=100 valign="top">Bericht:<br><br>
- ENDHTML;
- print <<<ENDHTML
- </td> <td><textarea name="message" cols=40 rows=10>{$_REQUEST['message']}</textarea></td></tr>
- <tr><td width=100></td> <td align="left"><input type="submit" name="submit" value="Verzenden"></td></tr>
- </table>
- <tr><td colspan=3 class=subTitle align=center><b>Smilies</b></td></tr>
- <tr><td colspan="3" class="mainTxt">
- <a href="javascript://" onClick="document.form1.message.value += (':)')"><img src=images/smiles/smilesmile.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (';)')"><img src=images/smiles/smilewink.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':P')"><img src=images/smiles/smilepuh.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':p')"><img src=images/smiles/smiletongue.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':yumm:')"><img src=images/smiles/smileyummie.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':@')"><img src=images/smiles/smilemean.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += ('8)')"><img src=images/smiles/smilecool.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':D')"><img src=images/smiles/smilelol.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += ('*D')"><img src=images/smiles/smileteeth.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':smoke:')"><img src=images/smiles/smilecigar.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += ('%)')"><img src=images/smiles/smileweird.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += ('O)')"><img src=images/smiles/smilebounce.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += ('#)')"><img src=images/smiles/smileeyes.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':z')"><img src=images/smiles/smilesleep.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':Z')"><img src=images/smiles/smiledeepsleep.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':idea:')"><img src=images/smiles/smileidea.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':W')"><img src=images/smiles/smilebye.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += ('_o_')"><img src=images/smiles/smileworship.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':\')')"><img src=images/smiles/smilehappytears.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':(')"><img src=images/smiles/smileredface.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':huh:')"><img src=images/smiles/smilehuh.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':|')"><img src=images/smiles/smilehmm.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':\'(')"><img src=images/smiles/smiletears.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':X')"><img src=images/smiles/smilesilence.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':hammer:')"><img src=images/smiles/smilehammer.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':wall:')"><img src=images/smiles/smilewall.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += ('+o(')"><img src=images/smiles/smilepuke.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':gsm:')"><img src=images/smiles/smilegsm.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += ('[!)')"><img src=images/smiles/smileheadphone.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':omg:')"><img src=images/smiles/smileomg.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':%')"><img src=images/smiles/smilegreen.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':{')"><img src=images/smiles/smiledracula.gif border=0></a>
- <a href="javascript://" onClick="document.form1.message.value += (':blow:')"><img src=images/smiles/emo_blow.gif border=0></a>
- </td></tr>
- ENDHTML;
- }
- else {
- print <<<ENDHTML
- <tr><td class="subTitle"><b>Berichten</b></td></tr>
- <tr><td class="mainTxt">
- - <a href="message.php?p=inbox"><img border="0" img src="images/postvakin.png"> Inbox</a><br>
- - <a href="message.php?p=new"><img border="0" img src="images/opstellen.png"> Nieuw bericht</a><br>
- - <a href="message.php?p=outbox"><img border="0" img src="images/outbox.png"> Verzonden</a><br>
- </td></tr>
- ENDHTML;
- }
- ?>
- </table></td></tr>
- </body>
- </html>
- <?PHP
- // de site word sloom dus moeten we wel alles afsluiten..
- mysql_close();
- // zo dat was het dan weer voor vandaag..
- ?>
Add Comment
Please, Sign In to add comment