PHP Code:
<?
require_once("include/bittorrent.php");
dbconn(false);
loggedinorreturn();
if (isset($_GET['torles']))
{
if (is_numeric($_GET['torles']))
{
$query = "SELECT * FROM shoutbox WHERE id=".sqlesc($_GET['torles']);
$result = mysql_query($query);
}
else {
echo "<center>Valótlan üzenet ID</center>";
exit;}
$row = mysql_fetch_row($result);
{
$query = "DELETE FROM shoutbox WHERE id=".sqlesc($_GET['torles']);
mysql_query($query);
}
}
if (isset($_GET['szerkeztes']))
{
if (is_numeric($_GET['szerkeztes']))
{
$sql=mysql_query("SELECT id,text FROM shoutbox WHERE id=".sqlesc($_GET['szerkeztes']));
$res=mysql_fetch_array($sql);
echo '<br><center>';
echo '<form method=post action=shoutbox.php>';
echo '<input type=hidden name=id value='.(int)$res['id'].'>';
echo '<textarea name=text id=specialbox >'.htmlspecialchars_my($res['text']).'</textarea>';
echo '<input type=submit name=save value=Mentés class=btn>';
echo'<input type="reset" value="Alaphelyzet" name="B3">';
echo '</form></center>';
} }
if (isset($_POST['text']) && is_valid_id($_POST['id']))
{
$text = trim($_POST['text']);
$id = (int)$_POST['id'];
if (isset($text) && isset($id) && is_valid_id($id))
mysql_query("UPDATE shoutbox SET text = ".sqlesc($text)." WHERE id=".sqlesc($id));
}
?>
<html><head>
<title>Üzenőfal</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2" />
<META HTTP-EQUIV=REFRESH CONTENT="120; URL=shoutbox.php">
<style type="text/css">
A {color: white ; font-weight: bold; }
A:hover {color: #FF0000;}
.small {font-size: 8pt; font-family: tahoma; color: white; }
.date {font-size: 7pt; color: balack; }
</style>
<STYLE>BODY {
<?
if ($CURUSER["stylesheet"] == 1){
?>
BACKGROUND: #383838; fixed repeat-x center bottom;
<?
}
if ($CURUSER["stylesheet"] == 2){
?>
background-image: url(tablahatter2.png);fixed repeat-x center bottom;
<?
}
?>
background-position: left;
SCROLLBAR-3DLIGHT-COLOR: #004E98;
SCROLLBAR-ARROW-COLOR: #004E98;
SCROLLBAR-DARKSHADOW-COLOR: white;
SCROLLBAR-BASE-COLOR: white;
}
textarea {
font-family: tahoma, sans-serif;
font-size: 10pt;
background-color: #d8f4fd;
padding: 2px;
outline-style: none;
border-color: 1px solid #8fc6ff;
color: #1c00ac;
width: 600;
height: 20
}
textarea { background-color: #292929;
font-weight: bold;
font-size: 12px;
color: white;
border: 1px dashed #000000;
border-collapse: collapse;
width: 600;
height: 20
}
input {
font-family: tahoma, sans-serif;
font-size: 10pt;
background-color: #d8f4fd;
padding: 2px;
outline-style: none;
border-color: 1px solid #8fc6ff;
color: #1c00ac;
}
input { background-color: #292929;
font-weight: bold;
font-size: 12px;
color: white;
border: 1px dashed #000000;
border-collapse: collapse;
}
a {
color: lime;
text-decoration:none;
}
</STYLE>
</head>
<body>
<?
if (!$_GET['edit'])
echo "<meta http-equiv=refresh content=\"65; URL=shoutbox.php".($_GET['page']?"?page=".$_GET['page']:"")."\" />\n";
?>
</STYLE>
</head>
<body>
<?
if ($CURUSER["uzifaljog"] == 'no')
{
print("<h2><br><center>Az üzifalra írási jogodat felfüggesztették.Nem írhatsz ide míg a STAFF vissza nem adja a jogot.2 hét lejárta után ha megtanultad a leckéd szólj egy STAFF-nak!</center></h2>");
exit;
}
else
{
$izeww = $CURUSER["username"];
$kerdeskviz=$_GET["kerdes_kviz"];
$nyeremenykviz=$_GET["nyeremeny_kviz"];
$duma="";
$nyeremeny=$_GET["nyeremeny"];
$vege=" [/color] || [color=yellow] Kérdezte $izeww [/color] ";
$eleje="[b][color=gray] Kérdés: [/color][/b] [color=red] $kerdeskviz [/color]- [color=white]Nyeremény: ";
$ido=sqlesc(time());
if($_GET["kviz"]!=""){
if(!$_GET["kerdes_kviz"]){
}else{
mysql_query("INSERT INTO shoutbox (userid, username, date, text) VALUES
('-1', 'Kvíz', $ido, '$eleje$ize$nyeremenykviz$nyeremeny$vege')") or sqlerr(__FILE__, __LINE__);
}
}
$nyertes_neve=$_GET["nyertes_neve"];
$nyeremeny2=$_GET["nyeremeny2"];
$nyeremeny3=$_GET["nyeremeny3"];
$duma="";
$ize="{";
$ize2="}";
$vege="}[/color]";
$eleje="[b][color=gray] Nyertes: [/color][/b][color=red] $nyertes_neve válaszolta meg a leggyorsabban! [/color] [color=white] Gratulálunk! [ $nyeremeny2 $nyeremeny3] [/color]";
$ido=sqlesc(time());
if($_GET["nyertes"]!=""){
if(!$_GET["nyertes"]){
}else{
mysql_query("INSERT INTO shoutbox (userid, username, date, text) VALUES
('-1', 'Kvíz', $ido, '$eleje')") or sqlerr(__FILE__, __LINE__);
if($nyeremeny3=='MB'){
$nyeremeny4='1048576';
}if($nyeremeny3=='GB'){
$nyeremeny4='1073741824';
}
$nyertes_neve2=sqlesc($HTTP_POST_VARS["nyertes_neve"]);
$nyeremenye = $nyeremeny2*$nyeremeny4;
}
}
if($_GET["rendszeruzi"]!=""){
if(!$_GET["rendszeruzenet"]){}
else{
$uzenetee=$_GET["rendszeruzenet"];
$eleje=" [b][color=red] üzenet: [/color][color=white] ";
$vege="[/color][/b][color=white][/color] - [color=yellow] $izeww [/color] ";
mysql_query("INSERT INTO shoutbox (userid, username, date, text) VALUES
('-1', 'Rendszerüzenet', $ido, '$eleje$uzenetee$vege')") or sqlerr(__FILE__, __LINE__);
}
}
}
if ($CURUSER["chatpost"] == 'no')
{
print("<h2><br><center>Az üzifalazási jogodat felfüggesztették!</center></h2>");
exit;
}
else
{
if($_GET["sent"]=="yes" && $_GET["shbox_text"])
{
$userid=$CURUSER["id"];
$username=$CURUSER["username"];
$date=time();
$text=trim($_GET["shbox_text"]);
mysql_query("INSERT INTO shoutbox (id, userid, username, date, text) VALUES ('id'," . sqlesc($userid) . ", " . sqlesc($username) . ", $date, " . sqlesc($text) . ")") or sqlerr(__FILE__, __LINE__);
}
$res = mysql_query("SELECT * FROM shoutbox ORDER BY date DESC LIMIT 35") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0)
print("\n");
else
{
print("<table border=0 cellspacing=0 cellpadding=2 width='100%' align='left' class='small'>\n");
while ($arr = mysql_fetch_assoc($res)){
$res2 = mysql_query("SELECT username,class,donor,enabled,warned FROM users WHERE id=$arr[userid]") or sqlerr(__FILE__, __LINE__);
$arr2 = mysql_fetch_assoc($res2);
$resowner = mysql_query("SELECT id, username, class FROM users WHERE id=$arr[userid]") or print(mysql_error());
$rowowner = mysql_fetch_array($resowner);
if ($rowowner["class"] == "8")
$usercolor= "<font color=darkred>" .htmlspecialchars_my($rowowner["username"]). "</font><b><font color=dodgerblue>";
elseif ($rowowner["class"] == "7")
$usercolor= "<font color=lime>" .htmlspecialchars_my($rowowner["username"]). "</font><b><font color=dodgerblue>";
elseif ($rowowner["class"] == "6")
$usercolor= "<font color=red>" .htmlspecialchars_my($rowowner["username"]). "</font><b><font color=dodgerblue>";
elseif ($rowowner["class"] == "5")
$usercolor= "<font color=blue>" .htmlspecialchars_my($rowowner["username"]). "</font><b><font color=dodgerblue>";
elseif ($rowowner["class"] == "4")
$usercolor= "<font color=navy>" .htmlspecialchars_my($rowowner["username"]). "</font><b><font color=dodgerblue>";
elseif ($rowowner["class"] == "3")
$usercolor= "<font color=#9400D3>" .htmlspecialchars_my($rowowner["username"]). "</font><b><font color=dodgerblue>";
elseif ($rowowner["class"] == "2")
$usercolor= "<font color=yellow>" .htmlspecialchars_my($rowowner["username"]). "</font><b><font color=dodgerblue>";
elseif ($rowowner["class"] == "1")
$usercolor= "<font color=green>" .htmlspecialchars_my($rowowner["username"]). "</font><b><font color=dodgerblue>";
elseif ($rowowner["class"] == "0")
$usercolor= "<font color=gray>" .htmlspecialchars_my($rowowner["username"]). "</font><b><font color=dodgerblue>";
if ($arr["userid"] == "0")
$usercolor= "<font color=LightBlue]Rendszer:</color>" .htmlspecialchars_my(Rendszer)."</font>";
if ($rowowner["class"] == "8")
$usercolor2= "[color=Darkred]";
if ($rowowner["class"] == "7")
$usercolor2= "[color=lime]";
elseif ($rowowner["class"] == "6")
$usercolor2= "[color=red]";
elseif ($rowowner["class"] == "5")
$usercolor2= "[color=blue]";
elseif ($rowowner["class"] == "4")
$usercolor2= "[color=navy]";
elseif ($rowowner["class"] == "3")
$usercolor2= "[color=#9400D3]";
elseif ($rowowner["class"] == "2")
$usercolor2= "[color=yellow]";
elseif ($rowowner["class"] == "1")
$usercolor2= "[color=green]";
elseif ($rowowner["class"] == "0")
$usercolor2= " [color=gray]";
if (get_user_class() >= UC_MODERATOR) {
$del="<span class='date'><font color='white'>[<a href=/shoutbox.php?torles=".$arr[id].">T</a>]</font></font></span>";
$edit="<span class='date'><font color='white'>[<a href=shoutbox.php?szerkeztes=".$arr[id].">Sz</a>]</font></font></span>\n";
}
$szama = $arr["userid"];
print("<tr><td>");
print("<b><font color=black>[".strftime("%H:%M",$arr["date"])."]</b></font>");
if($szama !== '0' && $szama !=='-1'){?>
<img onclick="javascript: window.top.SmileIT('[b]<?=$usercolor2?> :neki: <?=$rowowner["username"]?> [/b][/color][b][/b]','shbox','shbox_text')" title="[V]" src=pic/jobbra.gif border=0>
<?}
print(" $del $edit </span>");
if($szama !== '0' && $szama !=='-1'){
print"<a href='userdetails.php?id=".$szama."' target='_blank'>$usercolor</a>";}
print(
($arr2["donor"] == "yes" ? "<img src=pic/star.gif alt='Támogató'>" : "") .
($arr2["warned"] == "yes" ? "<img src=pic/warned.gif alt='Figyelmeztetett'>": "") .
" :".format_comment($arr["text"])."
</font><br/>");
print("
</td></tr>\n");
}
print("</table>");
/*
print("<tr><td>[".strftime("%H:%M",$arr["date"])."]
$del");
echo "
<a href='sendmessage.php?receiver=".$arr["userid"]."' target=_blank title='PM ".$rowowner["username"]." nevű felhasználónak'><img src=pn_inbox_new.gif height=14px border=0></a>
<a title=\"válasz\" href=\"javascript: window.top.SmileIT('$usercolor_sbox','shbox','shbox_text')\"> <img src='pic/valasz.gif' border='0' alt='[Válasz]'></a>";
print("
<a href='userdetails.php?id=".$arr["userid"]."' target=_blank>$usercolor</a>" .
($arr2["donor"] == "yes" ? "<img src=pic/star.gif alt='Támogató'>" : "") .
($arr2["warned"] == "yes" ? "<img src=pic/warned.gif alt='Figyelmeztetett'>" : "") .
" : ".format_comment($arr["text"])."
</td></tr>\n");
}
print("</table>");
*/
}
}
if ($CURUSER["slight"] == no) {
$res = mysql_query("SELECT * FROM shoutbox ORDER BY date DESC LIMIT 0, 20") or sqlerr(__FILE__,__LINE__);
} else {
$res = mysql_query("SELECT * FROM shoutbox ORDER BY date DESC LIMIT 0, 100") or sqlerr(__FILE__,__LINE__);
}
if (mysql_num_rows($res) == 0)
die("<b>Nincsenek üzenetek!</b>");
?>
</body>
</html>