 Guthaben Hack Grundversion  |
crush-9
Mitglied
Dabei seit: 09.04.05
Beiträge: 24
 |
|
Doch hab ich ausgeführt gehabt, habs etz eben nochma ausgeführt dann kommt der fehler wenn ich die install ausführ:
Datenbank wird aktualisiert...
SQL-DATABASE ERROR
Database error in WoltLab Burning Board: Invalid SQL: ALTER TABLE `bb1_guthaben_config` ADD `namen_aendern_kosten` INT( 11 ) NOT NULL , ADD `namen_aendern_onoff` INT( 11 ) NOT NULL , ADD `benutzerrang_aendern_kosten` INT( 11 ) NOT NULL , ADD `benutzerrang_aendern_onoff` INT( 11 ) NOT NULL
mysql error: Duplicate column name 'namen_aendern_kosten'
mysql error number: 1060
Date: 31.05.2005 @ 17:54
Script: /wbblite/install-shop.php
Referer:
edit:
hier ist ma meine acp/guthaben.php
| code: |
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
|
<?php
require("./global.php");
isAdmin();
if (isset($_REQUEST['action'])) $action = $_REQUEST['action'];
else $action = 'edit';
if($action == "edit") {
if(isset($_POST["send"])) {
reset($_POST);
while(list($key,$val)=each($_POST)) $$key=trim($val);
$db->query("UPDATE bb".$n."_guthaben_config SET pn_onoff ='".intval($pn_onoff).")', threads_onoff ='".intval($threads_onoff)."', posts_onoff ='".intval($posts_onoff)."', reg_onoff ='".intval($reg_onoff)."', pn_wert ='".intval($pn_wert)."', threads_wert = '".intval($threads_wert)."', posts_wert ='".intval($posts_wert)."', reg_wert ='".intval($reg_wert)."', umfrage_wert ='".intval($umfrage_wert)."', umfrage_onoff ='".intval($umfrage_onoff)."', umfragevote_wert ='".intval($umfragevote_wert)."', umfragevote_onoff ='".intval($umfragevote_onoff)."', werber_wert ='".intval($werber_wert)."', werber_onoff ='".intval($werber_onoff)."', waehrung ='".htmlentities($waehrung)."', toplist_anzahl ='".intval($toplist)."'");
header("Location: guthaben.php?action=edit&sid=$session[hash]");
exit();
}
$guthaben = $db->query_first("SELECT * FROM bb".$n."_guthaben_config");
$guthaben_aktiv2 = $guthaben['posts_onoff'];
if($guthaben_aktiv2 == "1") {
$guthaben_posts = "<input type=\"radio\" value=\"1\" checked name=\"posts_onoff\"><b>Ja</b><input type=\"radio\" name=\"posts_onoff\" value=\"0\"><b>Nein</b>";
} else {
$guthaben_posts = "<input type=\"radio\" value=\"1\" name=\"posts_onoff\"><b>Ja</b><input type=\"radio\" checked name=\"posts_onoff\" value=\"0\"><b>Nein</b>";
}
$guthaben_threads2 = $guthaben['threads_onoff'];
if($guthaben_threads2 == "1") {
$guthaben_threads = "<input type=\"radio\" value=\"1\" checked name=\"threads_onoff\"><b>Ja</b><input type=\"radio\" name=\"threads_onoff\" value=\"0\"><b>Nein</b>";
} else {
$guthaben_threads = "<input type=\"radio\" value=\"1\" name=\"threads_onoff\"><b>Ja</b><input type=\"radio\" checked name=\"threads_onoff\" value=\"0\"><b>Nein</b>";
}
$guthaben_register2 = $guthaben['reg_onoff'];
if($guthaben_register2 == "1") {
$guthaben_register = "<input type=\"radio\" value=\"1\" checked name=\"reg_onoff\"><b>Ja</b><input type=\"radio\" name=\"reg_onoff\" value=\"0\"><b>Nein</b>";
} else {
$guthaben_register = "<input type=\"radio\" value=\"1\" name=\"reg_onoff\"><b>Ja</b><input type=\"radio\" checked name=\"reg_onoff\" value=\"0\"><b>Nein</b>";
}
$guthaben_pn2 = $guthaben['pn_onoff'];
if($guthaben_pn2 == "1") {
$guthaben_pn = "<input type=\"radio\" value=\"1\" checked name=\"pn_onoff\"><b>Ja</b><input type=\"radio\" name=\"pn_onoff\" value=\"0\"><b>Nein</b>";
} else {
$guthaben_pn = "<input type=\"radio\" value=\"1\" name=\"pn_onoff\"><b>Ja</b><input type=\"radio\" checked name=\"pn_onoff\" value=\"0\"><b>Nein</b>";
}
$guthaben_werber2 = $guthaben['werber_onoff'];
if($guthaben_werber2 == "1") {
$guthaben_werber = "<input type=\"radio\" value=\"1\" checked name=\"werber_onoff\"><b>Ja</b><input type=\"radio\" name=\"werber_onoff\" value=\"0\"><b>Nein</b>";
} else {
$guthaben_werber = "<input type=\"radio\" value=\"1\" name=\"werber_onoff\"><b>Ja</b><input type=\"radio\" checked name=\"werber_onoff\" value=\"0\"><b>Nein</b>";
}
eval("print(\"".gettemplate("guthaben")."\");");
}if($action == "shop") {
if(isset($_POST["send"])) {
reset($_POST);
while(list($key,$val)=each($_POST)) $$key=trim($val);
$db->query("UPDATE bb".$n."_guthaben_config SET namen_aendern_kosten ='".htmlentities($name_wert)."', namen_aendern_onoff ='".htmlentities($name_onoff)."', benutzerrang_aendern_kosten ='".htmlentities($ben_wert)."', benutzerrang_aendern_onoff ='".intval($ben_onoff)."'");
header("Location: guthaben.php?action=shop&sid=$session[hash]");
exit();
}
$guthaben = $db->query_first("SELECT * FROM bb".$n."_guthaben_config");
eval("print(\"".gettemplate("guthaben_shop")."\");");
}
?> |
|
Dieser Beitrag wurde 1 mal editiert, zum letzten Mal von crush-9: 31.05.05 17:57.
|
|
31.05.05 17:55 |
E-Mail
Finden
Als Freund hinzufügen
|
|
Frostyz 
Mitglied
Dabei seit: 18.01.04
Beiträge: 1.583
Herkunft: Wien
Themenstarter 
|
|
Probiers ma mit der:
Das ändern für eine neuen Wert (also die 200) seh leider euer problem ned deswegen mach ich da die acp steuerung weg.
$db->query("UPDATE bb".$n."_users SET guthaben=guthaben+200 WHERE userid='$r_werber'");
P.s. du bist faul lol...
register.php
| code: |
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
|
<?php
$filename="register.php";
require("./global.php");
if(isset($_REQUEST['action']) && $_REQUEST['action']=="activation") {
if(isset($_REQUEST['usrid']) && isset($_REQUEST['a'])) {
$result=$db->query_first("SELECT userid, activation FROM bb".$n."_users WHERE userid='".intval($_REQUEST['usrid'])."'");
if(!$result['userid']) eval("error(\"".$tpl->get("error_usernotexist")."\");");
if($result['activation']==1) eval("error(\"".$tpl->get("error_accountalreadyactive")."\");");
if($result['activation']!=intval($_REQUEST['a'])) eval("error(\"".$tpl->get("error_falseactivationcode")."\");");
$db->query("UPDATE bb".$n."_users SET activation=1 WHERE userid='$result[userid]'");
eval("redirect(\"".$tpl->get("redirect_accountactive")."\",\"index.php?sid=$session[hash]\",10);");
}
else eval("\$tpl->output(\"".$tpl->get("register_activation")."\");");
exit();
}
if($wbbuserdata['userid']!=0) access_error();
if($allowregister!=1) eval("error(\"".$tpl->get("error_register_disabled")."\");");
if($showdisclaimer==1 && $_POST['disclaimer']!="viewed") {
eval("\$tpl->output(\"".$tpl->get("register_disclaimer")."\");");
exit();
}
else {
if(isset($_POST['disclaimer'])) $disclaimer = $_POST['disclaimer'];
$group = $db->query_first("SELECT * FROM bb".$n."_groups WHERE default_group = 2");
if(isset($_POST['send'])) {
if(is_array($_POST['field'])) $field = trim_array($_POST['field']);
if(isset($_POST['r_email'])) $r_email = trim($_POST['r_email']);
if(isset($_POST['r_homepage'])) $r_homepage = trim($_POST['r_homepage']);
if(isset($_POST['r_icq'])) $r_icq = trim($_POST['r_icq']);
if(isset($_POST['r_aim'])) $r_aim = trim($_POST['r_aim']);
if(isset($_POST['r_yim'])) $r_yim = trim($_POST['r_yim']);
if(isset($_POST['r_msn'])) $r_msn = trim($_POST['r_msn']);
if(isset($_POST['r_werber'])) $r_werber = trim($_POST['r_werber']);
if(isset($_POST['r_day'])) $r_day = trim($_POST['r_day']);
if(isset($_POST['r_month'])) $r_month = trim($_POST['r_month']);
if(isset($_POST['r_year'])) $r_year = trim($_POST['r_year']);
if(isset($_POST['r_gender'])) $r_gender = trim($_POST['r_gender']);
if(isset($_POST['r_usertext'])) $r_usertext = trim($_POST['r_usertext']);
if(isset($_POST['r_username'])) $r_username = trim($_POST['r_username']);
if(isset($_POST['r_password'])) $r_password = trim($_POST['r_password']);
if(isset($_POST['r_confirmpassword'])) $r_confirmpassword = trim($_POST['r_confirmpassword']);
if(isset($_POST['r_signature'])) $r_signature = trim($_POST['r_signature']);
if(isset($_POST['r_invisible'])) $r_invisible = $_POST['r_invisible'];
if(isset($_POST['r_nosessionhash'])) $r_nosessionhash = $_POST['r_nosessionhash'];
if(isset($_POST['r_usecookies'])) $r_usecookies = $_POST['r_usecookies'];
if(isset($_POST['r_admincanemail'])) $r_admincanemail = $_POST['r_admincanemail'];
if(isset($_POST['r_showemail'])) $r_showemail = $_POST['r_showemail'];
if(isset($_POST['r_usercanemail'])) $r_usercanemail = $_POST['r_usercanemail'];
if(isset($_POST['r_emailnotify'])) $r_emailnotify = $_POST['r_emailnotify'];
if(isset($_POST['r_receivepm'])) $r_receivepm = $_POST['r_receivepm'];
if(isset($_POST['r_emailonpm'])) $r_emailonpm = $_POST['r_emailonpm'];
if(isset($_POST['r_pmpopup'])) $r_pmpopup = $_POST['r_pmpopup'];
if(isset($_POST['r_showsignatures'])) $r_showsignatures = $_POST['r_showsignatures'];
if(isset($_POST['r_showavatars'])) $r_showavatars = $_POST['r_showavatars'];
if(isset($_POST['r_showimages'])) $r_showimages = $_POST['r_showimages'];
if(isset($_POST['r_daysprune'])) $r_daysprune = $_POST['r_daysprune'];
if(isset($_POST['r_umaxposts'])) $r_umaxposts = $_POST['r_umaxposts'];
if(isset($_POST['r_styleid'])) $r_styleid = $_POST['r_styleid'];
$r_username=preg_replace("/\s{2,}/"," ",$r_username);
$error="";
$userfield_error=0;
$fieldvalues="";
$result = $db->query("SELECT profilefieldid, required FROM bb".$n."_profilefields ORDER BY profilefieldid ASC");
while($row=$db->fetch_array($result)) {
if($row['required']==1 && !$field[$row['profilefieldid']]) {
$userfield_error=1;
break;
}
$fieldvalues.=",'".addslashes(htmlspecialchars($field[$row['profilefieldid']]))."'";
}
if($userfield_error==1 || !$r_username || !$r_email || ($emailverifymode!=3 && (!$r_password || !$r_confirmpassword))) eval ("\$error .= \"".$tpl->get("register_error1")."\";");
if($emailverifymode!=3 && $r_password!=$r_confirmpassword) eval ("\$error .= \"".$tpl->get("register_error2")."\";");
if(!verify_username($r_username)) eval ("\$error .= \"".$tpl->get("register_error3")."\";");
if(!verify_email($r_email)) eval ("\$error .= \"".$tpl->get("register_error4")."\";");
if(strlen($r_signature)>$group['maxsiglength']) eval ("\$error .= \"".$tpl->get("register_error5")."\";");
if($group['maxsigimage']!=-1 && substr_count(strtolower($r_signature),"[img]")>$group['maxsigimage']) eval ("\$error .= \"".$tpl->get("register_error6")."\";");
if(strlen($r_usertext)>$group['maxusertextlength']) eval ("\$error .= \"".$tpl->get("register_error7")."\";");
if($error) eval ("\$register_error .= \"".$tpl->get("register_error")."\";");
else {
if($emailverifymode==3) $r_password=password_generate();
if($emailverifymode==1 || $emailverifymode==2) $activation=code_generate();
else $activation=1;
if($r_homepage && !preg_match("/[a-zA-Z]:\/\//si", $r_homepage)) $r_homepage = "http://".$r_homepage;
if($r_day && $r_month && $r_year) $birthday=ifelse(strlen($r_year)==4,$r_year,ifelse(strlen($r_year)==2,"19$r_year","0000"))."-".ifelse($r_month<10,"0$r_month",$r_month)."-".ifelse($r_day<10,"0$r_day",$r_day);
else $birthday = "0000-00-00";
$groupid = $group['groupid'];
$rankid = $db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$groupid') AND needposts='0' AND gender IN ('0','".intval($r_gender)."') ORDER BY gender DESC",1);
//Guthaben-Hack BEGIN
$guthaben_hack=$db->query_first("SELECT reg_onoff, reg_wert, werber_wert, werber_onoff FROM bb".$n."_guthaben_config");
If ($guthaben_hack['reg_onoff']==1){
$reg_on=",guthaben";
$reg_wert=", '".intval($guthaben_hack[reg_wert])."'";
}
//Guthaben Hack END
$db->query("INSERT INTO bb".$n."_users (userid,username,password,email,groupid,rankid,regdate,lastvisit,lastactivity,usertext,signature,icq,aim,yim,msn,homepage,birthday,gender,showemail,admincanemail,usercanemail,invisible,usecookies,styleid,activation,daysprune,timezoneoffset,dateformat,timeformat,emailnotify,receivepm,emailonpm,pmpopup,umaxposts,showsignatures,showavatars,showimages,nosessionhash $reg_on)
VALUES (NULL,'".addslashes(htmlspecialchars($r_username))."','".md5($r_password)."','".addslashes(htmlspecialchars($r_email))."','$groupid','$rankid[rankid]','".time()."','".time()."','".time()."','".addslashes(htmlspecialchars($r_usertext))."','".addslashes($r_signature)."','".intval($r_icq)."','".addslashes(htmlspecialchars($r_aim))."','".addslashes(htmlspecialchars($r_yim))."','".addslashes(htmlspecialchars($r_msn))."','".addslashes(htmlspecialchars($r_homepage))."','".addslashes(htmlspecialchars($birthday))."','".intval($r_gender)."','".intval($r_showemail)."','".intval($r_admincanemail)."','".intval($r_usercanemail)."','".intval($r_invisible)."','".intval($r_usecookies)."','".intval($r_styleid)."','".intval($activation)."','".intval($r_daysprune)."','".addslashes($default_timezoneoffset)."','".addslashes(htmlspecialchars($dateformat))."','".addslashes(htmlspecialchars($timeformat))."','".intval($r_emailnotify)."','".intval($r_receivepm)."','".intval($r_emailonpm)."','".intval($r_pmpopup)."','".intval($r_umaxposts)."','".intval($r_showsignatures)."','".intval($r_showavatars)."','".intval($r_showimages)."','".intval($r_nosessionhash)."'".$reg_wert.")");
$insertid = $db->insert_id();
//Guthaben-Hack BEGIN
$guthaben_hack=$db->query_first("SELECT reg_onoff, reg_wert FROM bb".$n."_guthaben_config");
If ($guthaben_hack['reg_onoff']==1){
$db->query("INSERT INTO bb".$n."_guthaben_konto (userid,begruendung,wieviel,date) VALUES ($insertid, 'Registrierung', '$guthaben_hack[reg_wert]','".time()."')");
}
//Guthaben Hack END
$db->query("INSERT INTO bb".$n."_userfields VALUES (".$insertid.$fieldvalues.")");
//Guthaben-Hack BEGIN
If (isset($r_werber){
$db->query("INSERT INTO bb".$n."_guthaben_werber (werberid,userid) VALUES ('".intval($r_werber)."',$insertid)");
$db->query("UPDATE bb".$n."_users SET guthaben=guthaben+200 WHERE userid='$r_werber'");
}
//Guthaben Hack END
if($regnotify==1) {
eval ("\$subject = \"".$tpl->get("ms_regnotify")."\";");
eval ("\$content = \"".$tpl->get("mt_regnotify")."\";");
mailer($webmastermail,$subject,$content);
}
$r_username=htmlspecialchars($r_username);
$r_email=htmlspecialchars($r_email);
if($r_nosessionhash==1) $session['hash']="";
if($emailverifymode==0) {
if($r_usecookies==1) {
bbcookie("wbb_userid","$insertid",time()+3600*24*365);
bbcookie("wbb_userpassword",md5($r_password),time()+3600*24*365);
}
$db->query("UPDATE bb".$n."_sessions SET userid = '".$insertid."' WHERE hash = '$sid'");
header("Location: index.php?sid=$session[hash]");
exit();
}
if($emailverifymode==1) {
eval ("\$subject = \"".$tpl->get("register_mail1_subject")."\";");
eval ("\$content = \"".$tpl->get("register_mail1_content")."\";");
mailer($r_email,$subject,$content);
eval("redirect(\"".$tpl->get("redirect_register1")."\",\"index.php?sid=$session[hash]\",20);");
}
if($emailverifymode==2) {
eval("redirect(\"".$tpl->get("redirect_register2")."\",\"index.php?sid=$session[hash]\",20);");
}
if($emailverifymode==3) {
eval ("\$subject = \"".$tpl->get("register_mail3_subject")."\";");
eval ("\$content = \"".$tpl->get("register_mail3_content")."\";");
mailer($r_email,$subject,$content);
eval("redirect(\"".$tpl->get("redirect_register3")."\",\"index.php?sid=$session[hash]\",20);");
}
}
}
else {
$r_invisible=$default_register_invisible;
$r_nosessionhash=$default_register_nosessionhash;
$r_usecookies=$default_register_usecookies;
$r_admincanemail=$default_register_admincanemail;
$r_showemail=1-$default_register_showemail;
$r_usercanemail=$default_register_usercanemail;
$r_emailnotify=$default_register_emailnotify;
$r_receivepm=$default_register_receivepm;
$r_emailonpm=$default_register_emailonpm;
$r_pmpopup=$default_register_pmpopup;
$r_showsignatures=$default_register_showsignatures;
$r_showavatars=$default_register_showavatars;
$r_showimages=$default_register_showimages;
}
for($i=1;$i<=31;$i++) $day_options.=makeoption($i,$i,$r_day);
for($i=1;$i<=12;$i++) $month_options.=makeoption($i,getmonth($i),$r_month);
if(isset($r_gender)) $gender[$r_gender]=" selected";
if(isset($r_invisible)) $invisible[$r_invisible]=" selected";
if(isset($r_nosessionhash)) $nosessionhash[$r_nosessionhash]=" selected";
if(isset($r_usecookies)) $usecookies[$r_usecookies]=" selected";
if(isset($r_admincanemail)) $admincanemail[$r_admincanemail]=" selected";
if(isset($r_showemail)) $showemail[$r_showemail]=" selected";
if(isset($r_usercanemail)) $usercanemail[$r_usercanemail]=" selected";
if(isset($r_emailnotify)) $emailnotify[$r_emailnotify]=" selected";
if(isset($r_receivepm)) $receivepm[$r_receivepm]=" selected";
if(isset($r_emailonpm)) $emailonpm[$r_emailonpm]=" selected";
if(isset($r_pmpopup)) $spmpopup[$r_pmpopup]=" selected";
if(isset($r_showsignatures)) $showsignatures[$r_showsignatures]=" selected";
if(isset($r_showavatars)) $showavatars[$r_showavatars]=" selected";
if(isset($r_showimages)) $showimages[$r_showimages]=" selected";
if(isset($r_daysprune)) $sdaysprune[$r_daysprune]=" selected";
if(isset($r_umaxposts)) $sumaxposts[$r_umaxposts]=" selected";
$timezones = explode("\n", $tpl->get("timezones"));
for($i=0;$i<count($timezones);$i++) {
$parts = explode("|", trim($timezones[$i]));
$timezone_options .= makeoption($parts[0],"(GMT".ifelse($parts[1]," ".$parts[1],"").") $parts[2]",$default_timezoneoffset);
}
$z=1;
$y=ifelse($emailverifymode!=3,0,1);
$result=$db->query("SELECT * FROM bb".$n."_profilefields ORDER BY fieldorder ASC");
while($row=$db->fetch_array($result)) {
$field_value=$field[$row['profilefieldid']];
if($row[required]==1) {
$tdbgcolor=getone($y,"{tablecolora}","{tablecolorb}");
$tdid=getone($y,"tablea","tableb");
eval ("\$profilefields_required .= \"".$tpl->get("register_userfield")."\";");
$y++;
}
else {
$tdbgcolor=getone($z,"{tablecolora}","{tablecolorb}");
$tdid=getone($z,"tablea","tableb");
eval ("\$profilefields .= \"".$tpl->get("register_userfield")."\";");
$z++;
}
}
$result = $db->query("SELECT styleid, stylename FROM bb".$n."_styles WHERE default_style = 0 ORDER BY stylename ASC");
while($row=$db->fetch_array($result)) $style_options.=makeoption($row['styleid'],$row['stylename'],$r_styleid);
$guthaben=$db->query_first("SELECT werber_onoff FROM bb".$n."_guthaben_config");
If ($guthaben['werber_onoff']==1){
eval ("\$register_werbeid .= \"".$tpl->get("register_werber")."\";");
}
if($emailverifymode!=3) eval ("\$register_password .= \"".$tpl->get("register_password")."\";");
eval ("\$note .= \"".$tpl->get("note_html_".ifelse($allowsightml==0,"not_")."allow")."\";");
eval ("\$note .= \"".$tpl->get("note_bbcode_".ifelse($allowsigbbcode==0,"not_")."allow")."\";");
eval ("\$note .= \"".$tpl->get("note_smilies_".ifelse($allowsigsmilies==0,"not_")."allow")."\";");
eval ("\$note .= \"".$tpl->get("note_images_".ifelse($maxsigimage==0,"not_")."allow")."\";");
if(!$r_icq) $r_icq="";
if($r_year=="0000") $r_year="";
eval("\$tpl->output(\"".$tpl->get("register")."\");");
}
?>
|
|
|
|
|
31.05.05 23:02 |
E-Mail
WWW
Finden
Als Freund hinzufügen
|
|
crush-9
Mitglied
Dabei seit: 09.04.05
Beiträge: 24
|
|
Aber in der install steht doch das man das nur amchen soll wenn man einen Verwarn hack hat aber ich hab doch gar keinen!
|
|
|
01.06.05 13:34 |
E-Mail
Finden
Als Freund hinzufügen
|
|
crush-9
Mitglied
Dabei seit: 09.04.05
Beiträge: 24
|
|
Bin grad am machen, aber:
acp/templates/guthaben.htm
########
Suchen nach:
<tr class="firstrow">
<td><b>Soll bei PNs Geld addiert werden? [ja = 1, nein =0]</b></td>
<td><input type="text" name="pn_onoff" value="$guthaben[pn_onoff]"></td>
</tr>
Bei mir gibs nur:
<tr class="firstrow">
<td><b>PNs Geld addiert werden?</b></td>
<td>$guthaben_pn</td>
</tr>
Was nu?
|
|
|
01.06.05 13:38 |
E-Mail
Finden
Als Freund hinzufügen
|
|
Frostyz
Mitglied
Dabei seit: 18.01.04
Beiträge: 1.583
Herkunft: Wien
Themenstarter
|
|
du solltest eigentlich nur die eine datei ausführen O.o
Und das was da steht passt.
|
|
|
01.06.05 13:50 |
E-Mail
WWW
Finden
Als Freund hinzufügen
|
|
crush-9
Mitglied
Dabei seit: 09.04.05
Beiträge: 24
|
|
Sorry, aber einmal kann ich deine hilfe nochgebrauchen! 
Wenn ich PM's schreiben will k0mmt:
| code: |
1:
2:
3:
|
Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /usr/export/www/hosting/bballer/wbblite/pms.php on line 275
|
|
Hier mal die pms.php
| code: |
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:
267:
268:
269:
270:
271:
272:
273:
274:
275:
276:
277:
278:
279:
280:
281:
282:
283:
284:
285:
286:
287:
288:
289:
290:
291:
292:
293:
294:
295:
296:
297:
298:
299:
300:
301:
302:
303:
304:
305:
306:
307:
308:
309:
310:
311:
312:
313:
314:
315:
316:
317:
318:
319:
320:
321:
322:
323:
324:
325:
326:
327:
328:
329:
330:
331:
332:
333:
334:
335:
336:
337:
338:
339:
340:
341:
342:
343:
344:
345:
346:
347:
348:
349:
350:
351:
352:
353:
354:
355:
356:
357:
358:
359:
360:
361:
362:
363:
364:
365:
366:
367:
368:
369:
370:
371:
372:
373:
374:
375:
376:
377:
378:
379:
380:
381:
382:
383:
384:
385:
386:
387:
388:
389:
390:
391:
392:
393:
394:
395:
396:
397:
398:
399:
400:
401:
402:
403:
404:
405:
406:
407:
408:
409:
410:
411:
412:
413:
414:
415:
416:
417:
418:
419:
420:
421:
422:
423:
424:
425:
426:
427:
428:
429:
430:
431:
432:
433:
434:
435:
436:
437:
438:
439:
440:
441:
442:
443:
444:
445:
446:
447:
448:
449:
450:
451:
452:
453:
454:
455:
456:
457:
458:
459:
460:
461:
462:
463:
464:
465:
466:
467:
468:
469:
470:
471:
472:
473:
474:
475:
476:
477:
478:
479:
480:
481:
482:
483:
484:
485:
|
<?php
$filename="pms.php";
require ("./global.php");
require("./acp/lib/class_parse.php");
if(!$wbbuserdata['userid'] || $wbbuserdata['canusepms']==0) access_error();
if(isset($_REQUEST['folderid'])) $folderid=$_REQUEST['folderid'];
else $folderid="0";
if(isset($_REQUEST['action'])) $action=$_REQUEST['action'];
else $action="";
/* view pms from folder x */
if(!$action) {
list($pmcount)=$db->query_first("SELECT COUNT(*) FROM bb".$n."_privatemessage WHERE recipientid='$wbbuserdata[userid]' AND deletepm<>1");
$result = $db->query("SELECT folderid, title FROM bb".$n."_folders WHERE userid='$wbbuserdata[userid]' ORDER BY title ASC");
$folder_bit="";
$moveto_options="";
$folder['title']="";
while($row=$db->fetch_array($result)) {
eval ("\$folder_bit .= \"".$tpl->get("pms_folderbit")."\";");
if($row['folderid']==$folderid) $folder['title']=$row['title'];
else {
eval ("\$moveto_options .= \"".$tpl->get("pms_moveto_options")."\";");
}
}
if($folderid!="outbox" && $folderid!=0 && !$folder['title']) access_error();
if(!$folder['title']) $folder['title']="Inbox";
if($folderid!="outbox" && $folderid!=0) eval ("\$folder_rename = \"".$tpl->get("pms_folder_rename")."\";");
else $folder_rename="";
$pms_bit="";
$d_select[1]="";
$d_select[2]="";
$d_select[5]="";
$d_select[10]="";
$d_select[20]="";
$d_select[30]="";
$d_select[45]="";
$d_select[60]="";
$d_select[75]="";
$d_select[100]="";
$d_select[365]="";
if($folderid=="outbox") {
$result=$db->query("SELECT
p.privatemessageid, p.subject, p.sendtime, p.iconid,
i.iconpath, i.icontitle,
u.userid, u.username
FROM bb".$n."_privatemessage p
LEFT JOIN bb".$n."_icons i USING(iconid)
LEFT JOIN bb".$n."_users u ON (p.recipientid=u.userid)
WHERE p.senderid='$wbbuserdata[userid]' AND p.deletepm<>2
ORDER BY sendtime DESC");
while($row=$db->fetch_array($result)) {
if($row['iconid']) $icon=makeimgtag($row['iconpath'],$row['icontitle']);
else $icon=" ";
$senddate=formatdate($dateformat,$row['sendtime']);
$sendtime=formatdate($timeformat,$row['sendtime']);
eval ("\$pms_bit .= \"".$tpl->get("pms_bit_outbox")."\";");
}
eval("\$tpl->output(\"".$tpl->get("pms_outbox")."\");");
}
else {
$result=$db->query("SELECT
p.privatemessageid, p.subject, p.sendtime, p.view, p.reply, p.forward, p.iconid,
i.iconpath, i.icontitle,
u.userid, u.username
FROM bb".$n."_privatemessage p
LEFT JOIN bb".$n."_icons i USING(iconid)
LEFT JOIN bb".$n."_users u ON (p.senderid=u.userid)
WHERE p.recipientid='$wbbuserdata[userid]' AND p.folderid='".addslashes($folderid)."' AND p.deletepm<>1
ORDER BY sendtime DESC");
while($row=$db->fetch_array($result)) {
if($row['iconid']) $icon=makeimgtag($row['iconpath'],$row['icontitle']);
else $icon=" ";
$senddate=formatdate($dateformat,$row['sendtime']);
$sendtime=formatdate($timeformat,$row['sendtime']);
if($row['sendtime'] >= $wbbuserdata['lastvisit'] && $row['view']==0) $pm_image = makeimgtag("{imagefolder}/pm_new.gif");
elseif($row['view']==0) $pm_image = makeimgtag("{imagefolder}/pm_unread.gif");
else {
if($row['reply']==1 && $row['forward']==1) $pm_image = makeimgtag("{imagefolder}/pm_reward.gif");
elseif($row['reply']==1) $pm_image = makeimgtag("{imagefolder}/pm_reply.gif");
elseif($row['forward']==1) $pm_image = makeimgtag("{imagefolder}/pm_forward.gif");
else $pm_image = makeimgtag("{imagefolder}/pm_normal.gif");
}
eval ("\$pms_bit .= \"".$tpl->get("pms_bit")."\";");
}
eval("\$tpl->output(\"".$tpl->get("pms_folder")."\");");
}
exit();
}
/** create a folder **/
if(isset($_POST['action']) && $_POST['action']=="createfolder") {
$foldertitle=trim($_POST['foldertitle']);
if(!$foldertitle) eval("redirect(\"".$tpl->get("redirect_falsefolder")."\",\"pms.php?sid=$session[hash]\",5);");
list($foldercount)=$db->query_first("SELECT COUNT(*) FROM bb".$n."_folders WHERE userid='$wbbuserdata[userid]'");
if($foldercount>=$maxfolders) eval("redirect(\"".$tpl->get("redirect_toomanyfolders")."\",\"pms.php?sid=$session[hash]\",5);");
$db->query("INSERT INTO bb".$n."_folders (folderid,userid,title) VALUES (NULL,'$wbbuserdata[userid]','".addslashes(htmlspecialchars($foldertitle))."')");
$folderid=$db->insert_id();
header("Location: pms.php?folderid=$folderid&sid=$session[hash]");
exit();
}
/** rename a folder **/
if(isset($_POST['action']) && $_POST['action']=="renamefolder") {
$foldertitle=trim($_POST['foldertitle']);
$folderid=intval($_POST['folderid']);
list($controluser)=$db->query_first("SELECT userid FROM bb".$n."_folders WHERE folderid='$folderid'");
if($controluser!=$wbbuserdata['userid']) access_error();
$db->unbuffered_query("UPDATE bb".$n."_folders SET title = '".addslashes(htmlspecialchars($foldertitle))."' WHERE folderid='$folderid'",1);
header("Location: pms.php?folderid=$folderid&sid=$session[hash]");
exit();
}
/** remove a folder **/
if(isset($_GET['action']) && $_GET['action']=="removefolder") {
$folderid=intval($_GET['folderid']);
list($controluser)=$db->query_first("SELECT userid FROM bb".$n."_folders WHERE folderid='$folderid'");
if($controluser!=$wbbuserdata['userid']) access_error();
$db->unbuffered_query("UPDATE bb".$n."_privatemessage SET folderid = '0' WHERE folderid='$folderid'",1);
$db->unbuffered_query("DELETE FROM bb".$n."_folders WHERE folderid='$folderid'",1);
header("Location: pms.php?sid=$session[hash]");
exit();
}
/** delete marked msgs **/
if(isset($_POST['action']) && $_POST['action']=="delmark") {
if($_POST['pmid'] && count($_POST['pmid'])) $pmids=implode(',',$_POST['pmid']);
else $pmids="";
if($pmids) {
if($_POST['folderid']=="outbox") {
$db->query("DELETE FROM bb".$n."_privatemessage WHERE senderid='$wbbuserdata[userid]' AND deletepm=1 AND privatemessageid IN (".addslashes($pmids).")");
$db->unbuffered_query("UPDATE bb".$n."_privatemessage SET deletepm=2 WHERE senderid='$wbbuserdata[userid]' AND privatemessageid IN (".addslashes($pmids).")",1);
}
else {
$db->query("DELETE FROM bb".$n."_privatemessage WHERE recipientid='$wbbuserdata[userid]' AND deletepm=2 AND privatemessageid IN (".addslashes($pmids).")");
$db->unbuffered_query("UPDATE bb".$n."_privatemessage SET deletepm=1 WHERE recipientid='$wbbuserdata[userid]' AND privatemessageid IN (".addslashes($pmids).")",1);
}
}
header("Location: pms.php?folderid=$folderid&sid=$session[hash]");
exit();
}
/** delete all msgs **/
if(isset($_POST['action']) && $_POST['action']=="delall") {
if($_POST['folderid']=="outbox") {
$db->query("DELETE FROM bb".$n."_privatemessage WHERE senderid='$wbbuserdata[userid]' AND deletepm=1");
$db->unbuffered_query("UPDATE bb".$n."_privatemessage SET deletepm=2 WHERE senderid='$wbbuserdata[userid]'",1);
}
else {
$db->query("DELETE FROM bb".$n."_privatemessage WHERE recipientid='$wbbuserdata[userid]' AND folderid='".intval($_POST['folderid'])."' AND deletepm=2");
$db->unbuffered_query("UPDATE bb".$n."_privatemessage SET deletepm=1 WHERE recipientid='$wbbuserdata[userid]' AND folderid='".intval($_POST['folderid'])."'",1);
}
header("Location: pms.php?folderid=$folderid&sid=$session[hash]");
exit();
}
/** view a pm **/
if(isset($_GET['action']) && $_GET['action']=="viewpm") {
if(isset($_GET['outbox'])) {
$pmid=intval($_GET['pmid']);
$pm=$db->query_first("SELECT
p.*,
i.iconpath, i.icontitle,
u.userid, u.username, u.signature
FROM bb".$n."_privatemessage p
LEFT JOIN bb".$n."_icons i USING(iconid)
LEFT JOIN bb".$n."_users u ON (p.recipientid=u.userid)
WHERE p.privatemessageid='$pmid' AND p.deletepm<>2");
if($pm['senderid']!=$wbbuserdata['userid']) eval("error(\"".$tpl->get("error_falselink")."\");");
$senddate=formatdate($dateformat,$pm['sendtime']);
$sendtime=formatdate($timeformat,$pm['sendtime']);
if($pm['iconid']) $icon=makeimgtag($pm['iconpath'],$pm['icontitle']);
else $icon="";
$parse = new parse($docensor,90,$pm['showsmilies']*$pm_allowsmilies,$pm_allowbbcode,$wbbuserdata['showimages'],$usecode);
$pm['message']=$parse->doparse($pm['message'],$pm['showsmilies']*$pm_allowsmilies,$pm_allowhtml,$pm_allowbbcode,$pm_allowimages);
$pm['subject']=$parse->textwrap($pm['subject'],30);
if($pm['showsignature']==1 && $wbbuserdata['showsignatures']==1 && $wbbuserdata['signature']) {
$posts['signature']=$parse->doparse($wbbuserdata['signature'],$pm['showsmilies']*$allowsigsmilies,$allowsightml,$allowsigbbcode,$maxsigimage);
eval ("\$signature = \"".$tpl->get("thread_signature")."\";");
}
eval("\$tpl->output(\"".$tpl->get("pms_viewpm_outbox")."\");");
}
else {
$pmid=intval($_GET['pmid']);
$pm=$db->query_first("SELECT
p.*, f.*,
i.iconpath, i.icontitle,
u.userid, u.username, u.signature
FROM bb".$n."_privatemessage p
LEFT JOIN bb".$n."_icons i USING(iconid)
LEFT JOIN bb".$n."_users u ON (p.senderid=u.userid)
LEFT JOIN bb".$n."_folders f ON (p.folderid=f.folderid)
WHERE p.privatemessageid='$pmid' AND p.deletepm<>1");
if($pm['recipientid']!=$wbbuserdata['userid']) eval("error(\"".$tpl->get("error_falselink")."\");");
if($pm['view']==0) $db->query("UPDATE bb".$n."_privatemessage SET view='".time()."' WHERE privatemessageid='$pmid'");
$senddate=formatdate($dateformat,$pm['sendtime']);
$sendtime=formatdate($timeformat,$pm['sendtime']);
if($pm['iconid']) $icon=makeimgtag($pm['iconpath'],$pm['icontitle']);
else $icon="";
if($pm['folderid']==0) $pm['title']="Inbox";
$parse = new parse($docensor,90,$pm['showsmilies']*$pm_allowsmilies,$pm_allowbbcode,$wbbuserdata['showimages'],$usecode);
$pm['message']=$parse->doparse($pm['message'],$pm['showsmilies']*$pm_allowsmilies,$pm_allowhtml,$pm_allowbbcode,$pm_allowimages);
$pm['subject']=$parse->textwrap($pm['subject'],30);
if($pm['showsignature']==1 && $wbbuserdata['showsignatures']==1 && $pm['signature']) {
$posts['signature']=$parse->doparse($pm['signature'],$pm['showsmilies']*$allowsigsmilies,$allowsightml,$allowsigbbcode,$maxsigimage);
eval ("\$signature = \"".$tpl->get("thread_signature")."\";");
}
eval("\$tpl->output(\"".$tpl->get("pms_viewpm")."\");");
}
}
/** create a new pm **/
if($_REQUEST['action']=="newpm" || $_REQUEST['action']=="replypm" || $_REQUEST['action']=="forwardpm") {
if($newpm_default_checked_0==1) $checked[0]="checked";
if($newpm_default_checked_1==1) $checked[1]="checked";
if($newpm_default_checked_2==1) $checked[2]="checked";
if($newpm_default_checked_3==1) $checked[3]="checked";
if($newpm_default_checked_4==1) $checked[4]="checked";
if(isset($_REQUEST['pmid'])) $pmid=intval($_REQUEST['pmid']);
if(isset($_POST['send'])) {
$subject=trim($_POST['subject']);
$recipient=trim($_POST['recipient']);
$message=stripcrap(trim($_POST['message']));
if(isset($_POST['iconid'])) $iconid=intval($_POST['iconid']);
else $iconid=0;
if(!isset($_POST['preview'])) {
$error="";
if(!$subject || !$recipient || !$message) eval ("\$error .= \"".$tpl->get("newthread_error1")."\";");
if($recipient) {
$result=$db->query_first("SELECT userid, username, email, ignorelist, receivepm, emailonpm, pmpopup FROM bb".$n."_users WHERE username='".addslashes(htmlspecialchars($recipient))."'");
$recipient = htmlspecialchars($recipient);
if(!$result['userid']) eval ("\$error .= \"".$tpl->get("pms_newpm_error1")."\";");
else {
if($result['receivepm']==0) eval ("\$error .= \"".$tpl->get("pms_newpm_error2")."\";");
elseif(add2list($result['ignorelist'],$wbbuserdata['userid'])==-1) eval ("\$error .= \"".$tpl->get("pms_newpm_error3")."\";");
else {
list($countpms)=$db->query_first("SELECT COUNT(*) FROM bb".$n."_privatemessage WHERE recipientid='$result[userid]' AND deletepm<>1");
if($countpms>=$maxpms) eval ("\$error .= \"".$tpl->get("pms_newpm_error4")."\";");
}
}
}
if($error) eval ("\$pm_error = \"".$tpl->get("newthread_error")."\";");
else {
if($_POST['parseurl']==1) $message=parseURL($message);
$db->unbuffered_query("INSERT INTO bb".$n."_privatemessage (privatemessageid,senderid,recipientid,subject,message,sendtime,showsmilies,showsignature,iconid,deletepm) VALUES (NULL,'$wbbuserdata[userid]','$result[userid]','".addslashes(htmlspecialchars($subject))."','".addslashes($message)."','".time()."','".(1-intval($_POST['disablesmilies']))."','".intval($_POST['showsignature'])."','$iconid','".ifelse($_POST['savecopy']==1,0,2)."')",1);
//Guthaben-Hack BEGIN
$guthaben_hack=$db->query_first("SELECT pn_onoff, pn_wert FROM bb".$n."_guthaben_config");
If ($guthaben_hack['pn_onoff']==1){
$db->unbuffered_query("UPDATE bb".$n."_users SET guthaben=guthaben-".$guthaben_hack[pn_wert]." WHERE userid='$wbbuserdata[userid]'",1);
$db->query("INSERT INTO bb".$n."_guthaben_konto (userid,begruendung,wieviel,date) VALUES ($wbbuserdata[userid], 'Erstellung einer Privaten Nachricht', '$guthaben_hack[ pn_wert]','".time()."')");
}
//Guthaben Hack END
if($result['pmpopup']==1) $db->unbuffered_query("UPDATE bb".$n."_users SET pmpopup=2 WHERE userid='$result[userid]'",1);
if($result['emailonpm']==1) {
eval ("\$mail_text = \"".$tpl->get("mt_newpm")."\";");
eval ("\$mail_subject = \"".$tpl->get("ms_newpm")."\";");
mailer($result['email'],$mail_subject,$mail_text);
}
if($_REQUEST['action']=="replypm") $db->unbuffered_query("UPDATE bb".$n."_privatemessage SET reply=1 WHERE privatemessageid='$pmid' AND recipientid='$wbbuserdata[userid]'",1);
if($_REQUEST['action']=="forwardpm") $db->unbuffered_query("UPDATE bb".$n."_privatemessage SET forward=1 WHERE privatemessageid='$pmid' AND recipientid='$wbbuserdata[userid]'",1);
header("Location: pms.php?sid=$session[hash]");
exit();
}
}
else {
$allowsmilies=1-intval($_POST['disablesmilies']);
$parse = new parse($docensor,75,$allowsmilies*$pm_allowsmilies,$pm_allowbbcode,$wbbuserdata['showimages'],$usecode);
$preview_subject=$parse->textwrap(htmlspecialchars($subject),30);
$preview_message=$parse->doparse(ifelse($_POST['parseurl']==1,parseURL($message),$message),$allowsmilies*$pm_allowsmilies,$pm_allowhtml,$pm_allowbbcode,$pm_allowimages);
if($iconid) {
$result = $db->query_first("SELECT * FROM bb".$n."_icons WHERE iconid = '$iconid'");
$preview_posticon=makeimgtag($result['iconpath'],$result['icontitle']);
}
eval ("\$preview_window = \"".$tpl->get("pms_newpm_preview")."\";");
}
if($_POST['parseurl']==1) $checked[0]="checked";
else $checked[0]="";
if($_POST['disablesmilies']==1) $checked[1]="checked";
else $checked[1]="";
if($_POST['showsignature']==1) $checked[2]="checked";
else $checked[2]="";
if($_POST['savecopy']==1) $checked[3]="checked";
else $checked[3]="";
}
else {
if(isset($_GET['userid'])) list($recipient)=$db->query_first("SELECT username FROM bb".$n."_users WHERE userid='".intval($_GET['userid'])."'");
if($_REQUEST['action']=="replypm" || $_REQUEST['action']=="forwardpm") {
$pm = $db->query_first("SELECT p.senderid, p.subject, p.message, p.sendtime, u.username FROM bb".$n."_privatemessage p LEFT JOIN bb".$n."_users u ON (u.userid=p.senderid) WHERE p.privatemessageid='$pmid' AND p.recipientid='$wbbuserdata[userid]'");
$sendtime=formatdate($dateformat." ".$timeformat,$pm['sendtime']);
if($docensor==1) {
if($parse) $pm['message']=$parse->censor($pm['message']);
else {
$parse = new parse(1);
$pm['message']=$parse->censor($pm['message']);
}
}
$pm['username']=rehtmlspecialchars($pm['username']);
if($_REQUEST['action']=="replypm") {
$pm['subject']=preg_replace("/^RE: /i","",$pm['subject']);
eval ("\$subject = \"".$tpl->get("pms_reply_subject")."\";");
eval ("\$message = \"".$tpl->get("pms_reply_message")."\";");
$recipient=$pm['username'];
}
if($_REQUEST['action']=="forwardpm") {
$pm['subject']=preg_replace("/^FW: /i","",$pm['subject']);
eval ("\$subject = \"".$tpl->get("pms_forward_subject")."\";");
eval ("\$message = \"".$tpl->get("pms_forward_message")."\";");
}
}
}
if(!isset($iconid)) $iconid=0;
$ICONselected[$iconid]="checked";
$result = $db->query("SELECT * FROM bb".$n."_icons ORDER BY iconorder ASC");
$iconcount=0;
while($row=$db->fetch_array($result)) {
$row_iconid=$row['iconid'];
eval ("\$choice_posticons .= \"".$tpl->get("newthread_iconbit")."\";");
if($iconcount==6) {
$choice_posticons.="<br>";
$iconcount=0;
}
else $iconcount++;
}
eval ("\$pm_icons .= \"".$tpl->get("newthread_icons")."\";");
if($pm_allowbbcode==1) $bbcode_buttons = getcodebuttons();
if($pm_allowsmilies==1) $bbcode_smilies = getclickysmilies($smilie_table_cols,$smilie_table_rows);
eval ("\$note = \"".$tpl->get("note_html_".ifelse($pm_allowhtml==0,"not_")."allow")."\";");
eval ("\$note .= \"".$tpl->get("note_bbcode_".ifelse($pm_allowbbcode==0,"not_")."allow")."\";");
eval ("\$note .= \"".$tpl->get("note_smilies_".ifelse($pm_allowsmilies==0,"not_")."allow")."\";");
eval ("\$note .= \"".$tpl->get("note_images_".ifelse($pm_allowimages==0,"not_")."allow")."\";");
if(isset($message)) $message=parse::convertHTML($message);
if(isset($subject)) $subject=str_replace("\"",""",$subject);
if(isset($recipient)) $recipient=str_replace("\"",""",$recipient);
eval("\$tpl->output(\"".$tpl->get("pms_newpm")."\");");
}
/** download a message -> txt file **/
if(isset($_GET['action']) && $_GET['action']=="downloadpm") {
$pm=$db->query_first("SELECT p.privatemessageid, p.subject, p.message, p.sendtime, u.username FROM bb".$n."_privatemessage p LEFT JOIN bb".$n."_users u ON (u.userid=p.senderid) WHERE privatemessageid='".intval($_GET['pmid'])."' AND recipientid='$wbbuserdata[userid]'");
if(!$pm['privatemessageid']) eval("error(\"".$tpl->get("error_falselink")."\");");
$sendtime=formatdate($dateformat." ".$timeformat,$pm['sendtime']);
$mime_type = (USR_BROWSER_AGENT == 'IE' || USR_BROWSER_AGENT == 'OPERA') ? 'application/octetstream' : 'application/octet-stream';
$content_disp = (USR_BROWSER_AGENT == 'IE') ? 'inline; ' : 'attachment; ';
header('Content-Type: '.$mime_type);
header('Content-disposition: '.$content_disp.'filename="pm-'.$pm['privatemessageid'].'.txt"');
header('Pragma: no-cache');
header('Expires: 0');
eval("print(\"".$tpl->get("pms_download")."\");");
}
/** delete one message **/
if($_REQUEST['action']=="deletepm") {
$pmid=intval($_REQUEST['pmid']);
if(isset($_REQUEST['outbox'])) $outbox=intval($_REQUEST['outbox']);
else $outbox=0;
if(isset($_POST['send']) && $_POST['send']=="send") {
if($outbox==1) {
$db->query("DELETE FROM bb".$n."_privatemessage WHERE senderid='$wbbuserdata[userid]' AND deletepm=1 AND privatemessageid='$pmid'");
$db->unbuffered_query("UPDATE bb".$n."_privatemessage SET deletepm=2 WHERE senderid='$wbbuserdata[userid]' AND privatemessageid='$pmid'",1);
header("Location: pms.php?folderid=outbox&sid=$session[hash]");
}
else {
$db->query("DELETE FROM bb".$n."_privatemessage WHERE recipientid='$wbbuserdata[userid]' AND deletepm=2 AND privatemessageid='$pmid'");
$db->unbuffered_query("UPDATE bb".$n."_privatemessage SET deletepm=1 WHERE recipientid='$wbbuserdata[userid]' AND privatemessageid='$pmid'",1);
header("Location: pms.php?sid=$session[hash]");
}
exit();
}
eval("\$tpl->output(\"".$tpl->get("pms_deletepm")."\");");
}
/** print message **/
if($_REQUEST['action']=="printpm") {
$pmid=intval($_REQUEST['pmid']);
$pm=$db->query_first("SELECT
p.*, i.iconpath, i.icontitle,
u.userid, u.username, u.signature
FROM bb".$n."_privatemessage p
LEFT JOIN bb".$n."_icons i USING(iconid)
LEFT JOIN bb".$n."_users u ON (p.senderid=u.userid)
WHERE p.privatemessageid='$pmid' AND p.deletepm<>1");
if($pm['recipientid']!=$wbbuserdata['userid']) eval("error(\"".$tpl->get("error_falselink")."\");");
$senddate=formatdate($dateformat,$pm['sendtime']);
$sendtime=formatdate($timeformat,$pm['sendtime']);
if($pm['iconid']) $icon=makeimgtag($pm['iconpath'],$pm['icontitle']);
else $icon="";
$parse = new parse($docensor,90,$pm['showsmilies']*$pm_allowsmilies,$pm_allowbbcode,$wbbuserdata['showimages'],$usecode);
$pm['message']=$parse->doparse($pm['message'],$pm['showsmilies']*$pm_allowsmilies,$pm_allowhtml,$pm_allowbbcode,$pm_allowimages);
$pm['subject']=$parse->textwrap($pm['subject'],30);
if($pm['showsignature']==1 && $wbbuserdata['showsignatures']==1 && $pm['signature']) {
$posts['signature']=$parse->doparse($pm['signature'],$pm['showsmilies']*$allowsigsmilies,$allowsightml,$allowsigbbcode,$maxsigimage);
eval ("\$signature = \"".$tpl->get("thread_signature")."\";");
}
eval("\$tpl->output(\"".$tpl->get("pms_printpm")."\");");
}
if($_REQUEST['action']=="popup") {
$result=$db->query("SELECT
p.privatemessageid, p.subject, p.sendtime, p.iconid,
i.iconpath, i.icontitle,
u.userid, u.username
FROM bb".$n."_privatemessage p
LEFT JOIN bb".$n."_icons i USING(iconid)
LEFT JOIN bb".$n."_users u ON (p.senderid=u.userid)
WHERE p.recipientid='$wbbuserdata[userid]' AND p.sendtime>'$wbbuserdata[lastvisit]' AND p.view=0 AND p.deletepm<>1
ORDER BY p.sendtime DESC");
$pmscount=$db->num_rows($result);
$pmbit="";
while($row=$db->fetch_array($result)) {
if($row['iconid']) $icon=makeimgtag($row['iconpath'],$row['icontitle']);
else $icon=" ";
$senddate=formatdate($dateformat,$row['sendtime']);
$sendtime=formatdate($timeformat,$row['sendtime']);
eval ("\$pmbit .= \"".$tpl->get("pmpopup_pmbit")."\";");
}
eval ("\$tpl->output(\"".$tpl->get("pmpopup")."\");");
exit();
}
/** move marked msgs to x **/
if(isset($_POST['action']) && substr($_POST['action'],0,6)=="moveto") {
$tofolderid=substr($_POST['action'],7);
if($_POST['pmid'] && count($_POST['pmid'])) $pmids=implode(',',$_POST['pmid']);
else $pmids="";
if($pmids) {
list($controluser)=$db->query_first("SELECT userid FROM bb".$n."_folders WHERE folderid='$tofolderid'");
if($controluser!=$wbbuserdata['userid']) access_error();
$db->query("UPDATE bb".$n."_privatemessage SET folderid='$tofolderid' WHERE recipientid='$wbbuserdata[userid]' AND privatemessageid IN (".addslashes($pmids).")");
}
header("Location: pms.php?folderid=$folderid&sid=$session[hash]");
exit();
}
?>
|
|
Glaub des könnte auch vom Guthaben hack kommen!
|
|
|
01.06.05 15:20 |
E-Mail
Finden
Als Freund hinzufügen
|
|
Frostyz
Mitglied
Dabei seit: 18.01.04
Beiträge: 1.583
Herkunft: Wien
Themenstarter
|
|
Suchen nach:
$db->query("INSERT INTO bb".$n."_guthaben_konto (userid,begruendung,wieviel,date) VALUES ($wbbuserdata[userid], 'Erstellung einer Privaten Nachricht', '$guthaben_hack[ pn_wert]','".time()."')");
Ersetzen mit:
$db->query("INSERT INTO bb".$n."_guthaben_konto (userid,begruendung,wieviel,date) VALUES ($wbbuserdata[userid], 'Erstellung einer Privaten Nachricht', '$guthaben_hack[pn_wert]','".time()."')");
|
|
|
01.06.05 15:25 |
E-Mail
WWW
Finden
Als Freund hinzufügen
|
|
BlackDragon_
Mitglied
Dabei seit: 19.05.05
Beiträge: 56
Forenversion: Wbblite 1.0.2
|
|
Wow, klasse Support, n dicken Daumen nach oben.
Ein Hack von dir jederzeit gerne. Bei der Hilfestellung. Niemals mehr n andern Coder.
Dann geh ich mal und Frag die Wand die kann mir bsetimmt gleich viel Auskunft über meine Fragen liefer.
|
|
|
01.06.05 16:20 |
E-Mail
WWW
Finden
Als Freund hinzufügen
|
|
Frostyz
Mitglied
Dabei seit: 18.01.04
Beiträge: 1.583
Herkunft: Wien
Themenstarter
|
|
Naja.
Okay viel spaß bei der auskunft lol
aber naja wenn dus eh nicht weist dann sag dass ned so...
Suche nach:
If (isset($r_werber){
Ersetzen mit:
If (isset($r_werber)){
|
|
|
01.06.05 16:28 |
E-Mail
WWW
Finden
Als Freund hinzufügen
|
|
BlackDragon_
Mitglied
Dabei seit: 19.05.05
Beiträge: 56
Forenversion: Wbblite 1.0.2
|
|
Ok, domo arigato *verbeug*
klar hätte ich durch überlegen etc. vielleicht auch irgendwann den Fehler entdeckt. Aber du bist nunmal der Chef des Guthabens ;-). Es ist dein Hack und du hennst die Variablen usw. besser als jeder andere. Wenn du einem nich hilfst wer soll es denn sonst tun?
Das mit dem geld für werber bekommen tut, nur wird es nicht in den Kontoauszügen verbucht (zumindest bei mir) werde mich damit aber auch noch beschäftigen, vielleicht finde ich wo der Hund begraben liegt.
|
|
|
01.06.05 16:41 |
E-Mail
WWW
Finden
Als Freund hinzufügen
|
|
|
