"; echo "Datei: ".__FILE__."
"; echo $error->message."
"; echo $error->userinfo."
"; // die(); } // set standard variables $lan="de"; $dir="winlike"; // GET-variables if ($HTTP_GET_VARS["lan"]) $lan = $HTTP_GET_VARS["lan"]; require_once("HTML/Template/Sigma.php"); require_once("DB.php"); require_once("../form_pager.inc.php"); PEAR::setErrorHandling(PEAR_ERROR_CALLBACK,'pear_error'); $tpl =& new HTML_Template_Sigma(''); // Template-Ordner $tpl->loadTemplateFile('gast1.html'); // Template laden include ("db.inc.php"); include ("date.inc.php"); // $debug = "Y"; // while(list($key,$val)=each($_REQUEST)){echo "".$key."-->".$val."
";} // while(list($key,$val)=each($_SESSION)){echo "".$key."-->".$val."
";} /* if ($submit == "Senden"){ print "

" . $ename . " " . $Kommentar . "

"; } // spezialfilter spammer $badlist = array( "*@bk.ru", "*@bablo.com", "*@google.com", "*@mail.com", "*@microsoft.com", "*@gmail.com" ); */ // wildcards im array function my_inArray($needle, $haystack) { foreach ($haystack as $value) { if (true === fnmatch($value, $needle)) { return true; } } return false; } // spezialfilter spammer $badlistpage = array( "*blogspot.com*", "*narajuto.org*", "*blog.drecom.jp*", "*blog.livedoor.jp*", "*digg.com/celebrity*", "*newmail.ru*", "*hotmail.ru*" ); $bad = 0; $blocked_ip = array("195.225.177."); $hpagex = $_POST['hpagex']; $hpagex = eregi_replace("http://" , "", $hpagex); if (!my_inArray($hpagex,$badlistpage)) { $bad = 0; } if(eregi('blogspot.com', $hpagex)) { $bad = 1; } if(eregi('blog.drecom.jp', $hpagex)) { $bad = 1; } if(eregi('teensex', $hpagex)) { $bad = 1; } if(eregi('URL=', $_POST['Kommentar'])) { $bad = 1; } if(eregi('195.225.177.', $_SERVER['REMOTE_ADDR'])) { $bad = 1; } if ($_POST['email'] != "") {$bad = 1;} if ($_POST['liame'] == "Unknown") {$bad = 1;} if (trim($_POST['ename'] . $_POST['Kommentar']) != "" && $PHPSESSIDx == $_POST['tester'] && $bad == 0) { //Ausgabe wenn Beitrag erfolgreich abgeschickt wurde $Kommentar = strip_tags($_POST['Kommentar']); $ename = strip_tags($_POST['ename']); $email = strip_tags($_POST['liame']); /* if(!eregi("^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\.[a-z]{2,4}$", $email)) { echo "

Die email addresse stimmt nicht!

\n"; } */ $Kommentar = nl2br($Kommentar); $Kommentar = preg_replace("!\015\012|\012|\015!","",$Kommentar); $email = ereg_replace("@", "|at|", $email); $sql = "INSERT INTO st_gb_1 SET st_gb_name = '$ename', st_gb_datum = '" . date ("Y-m-d H:i:s") . "', st_gb_mailad ='$email', st_gb_page = '$hpagex', st_gb_comment = '$Kommentar', st_gb_lock ='1', st_gb_ip = '".$_SERVER['REMOTE_ADDR']."' "; $res=$db->getAll($sql); $message = "Name: " . stripslashes($ename) . "\n E-Mail: " . stripslashes($email) . " -> (" . $_POST['email'] . ")\n Web: " . stripslashes($hpagex) . "\n Datum: " . date ("Y-m-d H:i:s") . "\n Kommentar:" . stripslashes($Kommentar) . "\n"; /* $fp = fopen($path,"a"); fwrite ($fp, $message); fclose ($fp); */ mail('lou@steam-rock.com', 'Neuer Gaesteeintrag COM', $ename . " -> " . $message, 'From: Webchef ' . "\r\n"); // $date = "$tag, der $n. $monat $jahr " . (date ("H:i:s")); $tpl->setVariable('ename', $ename); $tpl->setVariable('date', "$tag, der $n. $monat $jahr " . date ("H:i:s")); $tpl->setVariable('email', $email); $tpl->setVariable('hpage', $hpagex); $tpl->setVariable('Kommentar', $Kommentar); $tpl->touchBlock('responder'); $tpl->hideBlock('po'); $tpl->hideBlock('book'); $tpl->hideBlock('pu'); } else { // ################################################################################################################################# // Pager // ################################################################################################################################# // $tpl->touchBlock('keine_treffer'); $query = "SELECT st_gb_id FROM st_gb_1 WHERE st_gb_lock ='0'; "; if($debug == "Y") { echo "

$query

"; } $res=$db->getAll($query); $treffer=count($res); $treffer != "0" ? $tpl->hideBlock('keine_treffer') : $tpl->hideBlock('book'); $pager = new PAGER(); $pager->formlink = "gast1.php"; $pager->parameter = array('lan'=>$lan, 'action'=>$action); $pager->treffer = $treffer; $pager->aps = "10"; $pager->anzahl_links = "10"; $pager->fontcolor = "#FFFFFF"; $pager->trenner = " "; $aps = "10"; $anzahl_links = "10"; if($page <= "1") { $von = "0"; } else { $von = $page*$aps-$aps; } $tpl->setVariable('pager', $pager->pagenav() ); $tpl->setVariable('von', $von+1 ); if($treffer < $aps*$page) { $tpl->setVariable('bis', $treffer ); } else { $tpl->setVariable('bis', $aps*$page ); } $tpl->setVariable('treffer', $treffer ); //$page = $page*$aps-$aps; //######### Zweiter Pager ########################################################################################################## $tpl->setVariable('pager_2', $pager->pagenav_2() ); $tpl->setVariable('von_2', $von+1 ); if($treffer < $aps*$page) { $tpl->setVariable('bis_2', $treffer ); } else { $tpl->setVariable('bis_2', $aps*$page ); } $tpl->setVariable('treffer_2', $treffer ); $tpl->setVariable('seite',$page); $page = $page*$aps-$aps; include ("date.inc.php"); // echo "

Heute ist $tag, der $n. $monat $jahr

"; //print (date( " H:i:s")); $query = "SELECT st_gb_id, st_gb_name, st_gb_datum, st_gb_mailad, st_gb_page, st_gb_comment FROM st_gb_1 WHERE st_gb_lock ='0' ORDER BY st_gb_id DESC LIMIT $page,$aps"; if($debug == "Y") { echo "

$query

"; } $res=$db->getAll($query); $i = "0"; foreach($res as $gbe){ $tpl->setVariable($gbe); $tpl->hideBlock('web'); $tpl->hideBlock('mail'); // $date = "$tag, der $n. $monat $jahr " . (date ("H:i:s")); $tpl->setVariable('ename', $gbe['st_gb_name'] ); $tpl->setVariable('dater', $gbe['st_gb_datum'] ); if ($gbe['st_gb_mailad'] != '') { $tpl->setVariable('email', $gbe['st_gb_mailad'] ); $tpl->touchBlock('mail'); } if ($gbe['st_gb_page'] != '') { $tpl->setVariable('hpage', $gbe['st_gb_page'] ); $tpl->touchBlock('web'); } $tpl->setVariable('Kommentar', $gbe['st_gb_comment'] ); // $tpl->setVariable('ename', $gbe[''] ); $tpl->parse('book'); } $tpl->touchBlock('po'); $tpl->touchBlock('pu'); $tpl->hideBlock('responder'); } $tpl->show(); ?>