*/ if (!class_exists('guestbook_database')) { class guestbook_database { var $db = null; var $direct_post = null; var $notify = false; var $parent = null; var $show_max = 10; function guestbook_database($parent=NULL) { //$this->direct_post = 1; // uncomment if you want the posts to be directly visible if ( !is_null($parent) ) { $this->parent = $parent; $this->direct_post = $parent->getConf('direct_post'); $this->notify = $parent->getConf('notify'); $this->post_url = $parent->getConf('post_url'); $this->show_max = $parent->getConf('show_max'); } } function connect_db($parent=NULL, $admin=NULL) { if ( is_null($this->parent) && !is_null($parent)) $this->parent = $parent; $db_server = $this->parent->getConf('db_server'); $db_user = $this->parent->getConf('db_user'); $db_name = $this->parent->getConf('db_name'); $db_password = $this->parent->getConf('db_passwd'); $this->direct_post = $this->parent->getConf('direct_post'); $this->notify = $this->parent->getConf('notify'); $this->post_url = $parent->getConf('post_url'); $this->db = @mysql_connect($db_server, $db_user, $db_password) or die ("Konnte keine Verbindung zur Datenbank herstellen"); @mysql_select_db($db_name, $this->db); } function close_db() { @mysql_close($this->db); $this->db = null; } function quote_smart($value) { // stripslashes, falls nötig if (get_magic_quotes_gpc()) { $value = stripslashes($value); } // quotieren, falls kein integer if (!is_numeric($value)) { $value = "'" . mysql_real_escape_string($value) . "'"; } return $value; } function checkStatus($parent) { global $INFO; if ( $INFO['perm'] == AUTH_ADMIN) { $name="wiki_guestbook"; if ( !empty($name) ) { $this->connect_db($parent); $sql = "SHOW TABLES"; $result = mysql_query($sql); $tables = array(); $guestbookExists = NULL; while ($data=mysql_fetch_row($result)) if ($data[0] == $name) $guestbookExists = 1; if ( is_null($guestbookExists) ) { $sql1 = "CREATE TABLE `wiki_guestbook` (". "`ID` int(11) NOT NULL auto_increment,". "`messagehead` varchar(50) default NULL,". "`messagetext` longtext,". "`name` varchar(50) default NULL,". // "`url` varchar(255) default NULL,". "`date` datetime NOT NULL default '0000-00-00 00:00:00',". "`active` tinyint(1) default 0,". "PRIMARY KEY (`ID`)". ") ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=70 ;"; mysql_query($sql1); } $this->close_db(); } } else { $name = ereg_replace("[ \t\r.]", "_", htmlentities($_SERVER['REMOTE_USER'])); } return $name; } } } if (!class_exists('guestbook')) { class guestbook { var $admin; function guestbook($admin=false) { $this->admin = $admin; } function html($parent) { global $ID; $output = ""; $nav = $this->navBar($parent); $output .= '
' . (!$this->admin?'':'') .'
'; $output .= $nav[0]; $start = $nav[1]; $row = $nav[2]; $guestbook_database = new guestbook_database($parent); $guestbook_database->connect_db($parent, TRUE); $sql="SELECT messagehead, messagetext, name, date, ID, active FROM wiki_guestbook " . (!$this->admin?'WHERE active=1 ':'') . "ORDER BY date DESC LIMIT $start, " . intval($guestbook_database->show_max); $result = mysql_query($sql); while($data = mysql_fetch_array($result)) { $output .= '
'; if ($this->admin) { $output .= '
'; $output .= '
'; if ( intval($data['active']) == 0 ) $output .= '
'; } $output .= '

'. $data['messagehead'] .'

'; $output .= '

' . nl2br($data['messagetext']) . '

'; $output .= 'eingetragen von: ' . $data['name']. ' (' . date("d.m.Y H:i", strtotime($data['date'])) . ')'; // if ( $guestbook_database->post_url ) // $output .= 'URL/Mail: ' . $data['url']. ''; $output .= '
'; } $guestbook_database->close_db; $output .= $nav[0]; if ( mysql_num_rows($result)>0 ) $output .= '
' . (!$this->admin?'':'') .'
'; else $output .= '
Es sind noch keine Einträge vorhanden.
'; return $output; } function form($parent, $admin=NULL) { global $ID; $guestbook_database = new guestbook_database($parent); if ($this->admin && intval($admin)>0) { $guestbook_database->connect_db($parent, TRUE); $sql = "SELECT * FROM wiki_guestbook WHERE ID=" . intval($admin) . "; "; $data=mysql_fetch_array(mysql_query($sql)); $_POST['name'] = $data['name']; $_POST['subject'] = $data['messagehead']; $_POST['body'] = $data['messagetext']; $_POST['mailurl'] = $data['url']; $guestbook_database->close_db; } $output = "

Neuer Gästebucheintrag

"; $output .= '
'; if ($this->admin) $output .= ''; $output .= '
'; $output .= $this->error_handle(); $output .= '
'; // $output .= '
'; $output .= '
'; $output .= '

'; $output .= ''; if ($this->admin && intval($admin)>0) $output .= ''; $output .= ''; if (is_null($guestbook_database->direct_post) || intval($guestbook_database->direct_post)==0 || !$guestbook_database->direct_post) $output .= '
Um Spam zu vermeiden wird der Eintrag erst freigeschaltet, wenn er als unbedenklich eingestuft wurde. Wir bitten um Ihr Verständnis.
'; return $output; } function navBar($parent) { global $ID; if(!isset($_SESSION['showmax'])) { $guestbook_database = new guestbook_database($parent); $guestbook_database->connect_db($parent, TRUE); $result = mysql_query("SELECT ID FROM wiki_guestbook ORDER BY date DESC"); if(isset($result)) { $_SESSION['showmax'] = mysql_num_rows($result); }else{ $_SESSION['showmax'] = 0; } $guestbook_database->close_db(); } if(!isset($_REQUEST['startcount'])) { $startzahl = 0; }else{ $startzahl=(ceil($_REQUEST['startcount'])-1)*$guestbook_database->show_max; } $pages = ceil($_SESSION['showmax']/ $guestbook_database->show_max); $output=""; if($pages>1) { $output .= '

'; // for ($i=1; $i<=$pages; $i++) { $startcount = ($i-1)*$guestbook_database->show_max; $output .= ''; if ($i != $pages) $output .= "-"; } $output .= '

'; } return array($output, $startzahl, $pages); } function deleteEntry($parent) { if(intval($_POST['guestDelete'])>0 && $this->admin) { $guestbook_database = new guestbook_database(); $guestbook_database->connect_db($parent); $sql = "DELETE FROM wiki_guestbook WHERE ID=" . intval($_POST['guestDelete']) . ";"; mysql_query($sql); $guestbook_database->close_db; } } function guestActivate($parent) { if(intval($_POST['guestActivate']) > 0 && $this->admin) { $guestbook_database = new guestbook_database(); $guestbook_database->connect_db($parent); $sql = "UPDATE wiki_guestbook SET active=NOT active WHERE ID=" . intval($_POST['guestActivate']) . ";"; mysql_query($sql); $guestbook_database->close_db; } } function guestActivateViaMail($parent) { if(intval($_GET['activate']) > 0 && $this->admin) { $guestbook_database = new guestbook_database(); $guestbook_database->connect_db($parent); $sql = "UPDATE wiki_guestbook SET active=NOT active WHERE ID=" . intval($_GET['activate']) . ";"; mysql_query($sql); $guestbook_database->close_db; } } function newEntry($parent, $admin=NULL) { global $conf; if(empty($_POST['name']) || preg_match("/<[^>]*>/", $_POST['name'])) $error['name']="Bitte geben Sie Ihren Namen an."; if(empty($_POST['subject']) || preg_match("/<[^>]*>/", $_POST['subject'])) $error['subject']="Bitte geben Sie einen Betreff an."; if(empty($_POST['body']) || preg_match("/<[^>]*>/", $_POST['body'])) $error['body']="Bitte geben Sie den Text ein."; if(preg_match("/<[^>]*>/", $_POST['name']) || preg_match("/<[^>]*>/", $_POST['subject']) || preg_match("/<[^>]*>/", $_POST['body'])) $error['html']="HTML ist nicht erlaubt!."; $spam = is_array($conf['plugin']['guestbook']['spam_array']) ? $conf['plugin']['guestbook']['spam_array'] : array('http', 'www', '@'); foreach ( $spam AS $check ) if (strstr($_POST['name'], $check) || strstr($_POST['subject'], $check) || strstr($_POST['body'], $check) ) $error['spam']="Es scheint Sie wollen Spam verbreiten ... nicht mit uns!"; if (empty($error)) { $guestbook_database = new guestbook_database(); $guestbook_database->connect_db($parent); if (intval($admin) > 0 && $this->admin) { $sql="UPDATE wiki_guestbook SET messagehead=".$guestbook_database->quote_smart($_POST['subject']).", messagetext=".$guestbook_database->quote_smart($_POST['body']).", name=".$guestbook_database->quote_smart($_POST['name'])." WHERE ID=".intval($admin).";"; } else { $sql="INSERT INTO wiki_guestbook (messagehead, messagetext, name, date" . ($guestbook_database->direct_post?', active':'') . ") VALUES(".$guestbook_database->quote_smart($_POST['subject']).", ".$guestbook_database->quote_smart($_POST['body']).", ".$guestbook_database->quote_smart($_POST['name']).", ".$guestbook_database->quote_smart(date("Y-m-d H:i:s")) . ($guestbook_database->direct_post?', 1':'') . ");"; } mysql_query($sql); if ( $guestbook_database->notify && strstr($sql, 'INSERT') ) { $email_to = !empty($conf['plugin']['guestbook']['mail_to'])? $conf['plugin']['guestbook']['mail_to'] : "root@localhost"; $header="From: DokuWiki Guestbook \n"; $header .= "Subject: new entry in guestbook\n"; $header .= "Content-Type: text/html"; mail($email_to, $subject, $this->emailbody($guestbook_database->quote_smart($_POST['subject']), $guestbook_database->quote_smart($_POST['body']), $guestbook_database->quote_smart($_POST['name']), mysql_insert_id()), $header); } $guestbook_database->close_db(); $_POST['name'] = null; $_POST['subject'] = null; $_POST['body'] = null; $_POST['newEntry'] = null; $_POST['createEntry'] = null; $_POST['guestEdit'] = null; $_POST['oldID'] = null; } else { session_start(); $_SESSION['error']=$error; if (intval($admin) > 0 && $this->admin) $_POST['guestEdit'] = $_POST['oldID']; else $_POST['createEntry']=1; } return ((is_null($guestbook_database->direct_post) || intval($guestbook_database->direct_post)==0)?'
Bitte bedenken Sie, dass der Eintrag erst nach einem Check von unserem Adminstrator freigeschaltet wird.
':null); } function error_handle() { $error = $_SESSION['error']; if(!empty($error)) { if (!is_array($error)) $error=array($error); array_unique($error); $output = '
Es ist ein Fehler aufgetreten:
    '; foreach($error as $err) $output .= '
  • ' . wordwrap($err, 70, '
    ') . '
    • '; $output .= '
'; $_SESSION['error']=null; return $output; } } function emailBody($subject, $body, $name, $id) { $emailbody=' new entry in guestbook
' . $name . ' says: ' . $subject . '
' . $body . '
activate this message
'; return $emailbody; } } } if (!class_exists('timing_handler')) { class timing_handler { var $actualDate = null; var $actualTime = null; var $actualTimestamp = null; function timing_handler() { $this->actualDate = !empty($_POST['oldDate'])?date("Y-m-d", strtotime($_POST['oldDate'])):(empty($_POST['date'])?date("Y-m-d"):date("Y-m-d", (strtotime($_POST['date'])>0?strtotime($_POST['date']):$_POST['date']))); $this->actualTime = (empty($_POST['date'])?date("H:i", time()):date("H:i", $_POST['date'])); $this->actualTimestamp = !empty($_POST['oldDate'])?strtotime($_POST['oldDate']):(empty($_POST['date'])?time():(strtotime($_POST['date'])>0?strtotime($_POST['date']):$_POST['date'])); } function timingDate() { return $this->actualDate; } function timingTime() { return $this->actualTime; } function timingTimestamp() { return $this->actualTimestamp; } function map_month($month) { switch($month) { case "January": return "Januar"; case "February": return "Februar"; case "March": return "März"; case "May": return "Mai"; case "June": return "Juni"; case "July": return "Juli"; case "October": return "Oktober"; case "December": return "Dezember"; default: return $month; } } function map_day($day) { switch($day) { case "Monday": return "Montag"; case "Tuesday": return "Dienstag"; case "Wednesday": return "Mittwoch"; case "Thursday": return "Donnerstag"; case "Friday": return "Freitag"; case "Saturday": return "Samstag"; case "Sunday": return "Sonntag"; case 1: return "Montag"; case 2: return "Dienstag"; case 3: return "Mittwoch"; case 4: return "Donnerstag"; case 5: return "Freitag"; case 6: return "Samstag"; case 0: return "Sonntag"; default: return $day; } } } }