2) {
$guestbook['post']['show'] = 0;
}
// email error
if(!is_valid_email($guestbook['post']['email'])) {
$guestbook['error']['email'] = 'Proof the email address: it is empty or false.';
}
// name error
if(empty($guestbook['post']['name'])) {
$guestbook['error']['name'] = 'Don't forget to insert your name.';
}
// banned stuff
$guestbook['ban_count'] = 0;
if($guestbook['ban']) {
$guestbook['ban'] = convertStringToArray($guestbook['ban'], ' ');
if(is_array($guestbook['ban']) && count($guestbook['ban'])) {
foreach($guestbook['ban'] as $key => $value) {
$value = preg_quote(trim($value));
$guestbook['ban'][$key] = '/'.$value.'/i';
$guestbook['ban_count']++;
}
}
if($guestbook['ban_count']) {
$guestbook['post']['msg'] = preg_replace($guestbook['ban'], $guestbook['replace'], $guestbook['post']['msg']);
}
}
// processing image upload
if(!empty($guestbook["image_upload"])) {
$guestbook['error']['image'] = array();
// guestbook image
if(is_uploaded_file($_FILES['guestbook_image']['tmp_name']) && !$_FILES['guestbook_image']['error']) {
$guestbook['image']['info'] = @getimagesize($_FILES['guestbook_image']['tmp_name']);
if(is_array($guestbook['image']['info'])) {
// check if it is GIF, JPG or PNG
if($guestbook['image']['info'][2] == 1 || $guestbook['image']['info'][2] == 2 || $guestbook['image']['info'] == 3) {
$guestbook["max_image_filesize"] = return_bytes($guestbook["max_image_filesize"]);
if($_FILES['guestbook_image']['size'] > $guestbook["max_image_filesize"]) {
$guestbook['error']['image']['size'] = 'File size of uploaded image (';
$guestbook['error']['image']['size'] .= return_bytes_shorten($_FILES['guestbook_image']['size']);
$guestbook['error']['image']['size'] .= ') is larger than allowed (max.';
$guestbook['error']['image']['size'] .= return_bytes_shorten($guestbook["max_image_filesize"]);
$guestbook['error']['image']['size'] .= ').';
} else {
$guestbook['image']['name'] = $_FILES['guestbook_image']['name'];
$guestbook['image']['hash'] = md5($_FILES['guestbook_image']['name'].$_FILES['guestbook_image']['size'].$guestbook['image']['info'][3]);
$guestbook['image']['file'] = $guestbook['image']['hash'].'.';
switch($guestbook['image']['info'][2]) {
case 1: $guestbook['image']['file'] .= 'gif'; break; //GIF
case 2: $guestbook['image']['file'] .= 'jpg'; break; //JPG
case 3: $guestbook['image']['file'] .= 'png'; break; //PNG
}
// create neccessary guestbook image directory
if(!is_dir($guestbook['image_dir'])) {
$old_umask = umask(0);
$guestbook['owner'] = fileowner(PHPWCMS_ROOT.'/'.PHPWCMS_FILES);
@mkdir($guestbook['image_dir'], 0777);
@chmod($guestbook['image_dir'], 0777);
@chown($guestbook['image_dir'], intval($guestbook['owner']));
umask($old_umask);
}
if(is_writable($guestbook['image_dir'])) {
if(!move_uploaded_file($_FILES['guestbook_image']['tmp_name'], $guestbook['image_dir'].'/'.$guestbook['image']['file'])) {
$guestbook['error']['image']['move'] = 'Image '.html_specialchars($guestbook['image']['name']).' could not be stored. Try again!';
$guestbook['image']['name'] = '';
$guestbook['image']['hash'] = '';
$guestbook['image']['file'] = '';
unlink($_FILES['guestbook_image']['tmp_name']);
} else {
chmod($guestbook['image_dir'].'/'.$guestbook['image']['file'], 0666);
}
} else {
$guestbook['error']['image']['writable'] = "Image directory is not writable. Send a notice to the webmaster of this site.";
}
}
} else {
$guestbook['error']['image']['format'] = "Proof image format: only JPG, GIF, PNG allowed.";
}
} else {
if($_FILES['guestbook_image']['error']) {
$guestbook['error']['image']['system'] = return_upload_errormsg($_FILES['guestbook_image']['error']);
}
$guestbook['error']['image']['general'] = "Proof uploaded image file (only JPG, GIF, PNG allowed).";
}
} elseif(!empty($_POST['guestbook_hiddenfile'])) { //same file was just uploaded
$guestbook['hidden'] = unserialize(base64_decode($_POST['guestbook_hiddenfile']));
$guestbook['image']['name'] = $guestbook['hidden']['name'];
$guestbook['image']['hash'] = $guestbook['hidden']['hash'];
$guestbook['image']['file'] = $guestbook['hidden']['file'];
if(!file_exists($guestbook['image_dir'].'/'.$guestbook['image']['file'])) {
$guestbook['image']['name'] = '';
$guestbook['image']['hash'] = '';
$guestbook['image']['file'] = '';
}
}
$guestbook['image_error_count'] = count($guestbook['error']['image']);
if(!$guestbook['image_error_count'] && isset($guestbook['image']['file']) && file_exists($guestbook['image_dir'].'/'.$guestbook['image']['file'])) {
$guestbook['hidden'] = '';
} else {
$guestbook['hidden'] = '';
}
if($guestbook['image_error_count']) {
$guestbook['error'] = array_merge($guestbook['error'], $guestbook['error']['image']);
}
unset($guestbook['error']['image']);
}
// end of image upload
} else {
if(_getFeUserLoginStatus() && isset($_SESSION[ session_id().'_userdata'])) {
$guestbook['post']['email'] = $_SESSION[ session_id().'_userdata']['email'];
$guestbook['post']['name'] = $_SESSION[ session_id().'_userdata']['login'];
$guestbook['post']['url'] = $_SESSION[ session_id().'_userdata']['url'];
} else {
$guestbook['post']['email'] = '';
$guestbook['post']['name'] = '';
$guestbook['post']['url'] = '';
}
$guestbook['post']['msg'] = '';
$guestbook['post']['show'] = 0;
}
// set data for image
if(empty($guestbook["image_upload"])) {
$guestbook['form'] = replace_tmpl_section('IMAGE_UPLOAD', $guestbook['form']);
} else {
$guestbook['imgdata'] = '';
$guestbook['entry'] = preg_replace_callback('/{IMAGE:(.*)}/i', create_function('$matches', '$GLOBALS["guestbook"]["imgdata"]=$matches[1]; return "{IMAGE}";'), $guestbook['entry']);
$guestbook['imgdata'] = explode('x', strtolower($guestbook['imgdata']));
// image width
$guestbook['imgdata'][0] = empty($guestbook['imgdata'][0]) ? '' : intval($guestbook['imgdata'][0]);
if(!$guestbook['imgdata'][0]) $guestbook['imgdata'][0] = '';
// image height
$guestbook['imgdata'][1] = empty($guestbook['imgdata'][1]) ? '' : intval($guestbook['imgdata'][1]);
if(!$guestbook['imgdata'][1]) $guestbook['imgdata'][1] = '';
// image zoom
$guestbook['imgdata'][2] = empty($guestbook['imgdata'][2]) ? 0 : 1;
}
$guestbook['readform'] = 0;
$guestbook['flooding'] = 0;
$guestbook['spamalert'] = '';
// flooding check (cookie and time)
if(!empty($guestbook['cookie']) && !empty($guestbook['time'])) {
if(isset($_COOKIE['phpwcms_guestbook'.$guestbook['cid']])) {
if($_COOKIE['phpwcms_guestbook'.$guestbook['cid']]+$guestbook['time'] >= time()) {
$guestbook['flooding'] = 1;
$guestbook['readform'] = 1;
}
}
if(!$guestbook['flooding']) {
$guestbook['sql'] = "SELECT MAX(guestbook_created) FROM ".DB_PREPEND."phpwcms_guestbook WHERE ";
$guestbook['sql'] .= "guestbook_cid='".$guestbook['cid']."' AND ";
$guestbook['sql'] .= "guestbook_trashed != '9' AND ";
$guestbook['sql'] .= "guestbook_ip='".aporeplace(getRemoteIP())."' AND ";
$guestbook['sql'] .= "guestbook_useragent=MD5('".aporeplace($_SERVER['HTTP_USER_AGENT'])."')";
if($guestbook['result'] = mysql_query($guestbook['sql'], $db)) {
if($guestbook['row'] = mysql_fetch_row($guestbook['result'])) {
if($guestbook['row'][0]+$guestbook['time'] >= time()) {
$guestbook['flooding'] = 1;
$guestbook['readform'] = 1;
}
}
mysql_free_result($guestbook['result']);
}
}
}
// Captcha check
if(empty($guestbook['captcha'])) {
$guestbook['form'] = replace_tmpl_section('CAPTCHA', $guestbook['form']);
} else {
$guestbook['captcha_maxchar'] = empty($guestbook['captcha_maxchar']) ? 5 : $guestbook['captcha_maxchar'];
$guestbook['form'] = str_replace('{CAPTCHA}', '', $guestbook['form']);
}
if(isset($_POST['guestbook_email']) && !empty($guestbook['captcha'])) {
include_once (PHPWCMS_ROOT.'/include/inc_ext/SOLMETRA_FormValidator/SPAF_FormValidator.class.php');
// instantiate the object
$spaf_obj = new SPAF_FormValidator();
$guestbook['post']['captcha'] = isset($_POST['guestbook_captcha']) ? clean_slweg($_POST['guestbook_captcha']) : '';
if ($spaf_obj->validRequest($guestbook['post']['captcha'])) {
// destroy successful code
$spaf_obj->destroy();
} else {
$guestbook['error']['captcha'] = 'Fill in the correct captcha code. Proof it twice!';
}
}
if(isset($_POST['guestbook_email']) && !$guestbook['flooding']) {
// make global spam check
if(!checkFormTrackingValue()) {
$guestbook['flooding'] = 1;
$guestbook['readform'] = 1;
$guestbook['spamalert'] = '
Your IP '.getRemoteIP().' is not allowed to send form!
';
}
}
// final guestbook form check and insert into db
if(isset($_POST['guestbook_email']) && !$guestbook['flooding']) {
// check URL and try to connect - if fails set to ''
if($guestbook['post']['url']) {
$guestbook['post']['url'] = preg_replace('/(mailto|http|https):{0,1}/i', '', $guestbook['post']['url']);
list($guestbook['post']['url']) = explode('?', $guestbook['post']['url'], 2);
$guestbook['post']['url'] = str_replace('//', '', trim($guestbook['post']['url']));
if($content["guestbook"]["gb_urlcheck"] && @ini_get('allow_url_fopen')) {
if($guestbook['fp'] = @fopen('http://'.$guestbook['post']['url'], 'r')) {
@fclose($guestbook['fp']);
}
if(empty($guestbook['fp'])) {
$guestbook['error']['url'] = 'The given URL could not be verified.';
}
}
}
if(!count($guestbook['error'])) {
$guestbook['sql'] = "INSERT INTO ".DB_PREPEND."phpwcms_guestbook SET ";
$guestbook['sql'] .= "guestbook_cid='".$guestbook['cid']."', ";
$guestbook['sql'] .= "guestbook_msg='".aporeplace($guestbook['post']['msg'])."', ";
$guestbook['sql'] .= "guestbook_name='".aporeplace($guestbook['post']['name'])."', ";
$guestbook['sql'] .= "guestbook_email='".aporeplace($guestbook['post']['email'])."', ";
$guestbook['sql'] .= "guestbook_created='".time()."', ";
$guestbook['sql'] .= "guestbook_url='".aporeplace($guestbook['post']['url'])."', ";
$guestbook['sql'] .= "guestbook_show='".$guestbook['post']['show']."', ";
$guestbook['sql'] .= "guestbook_ip='".aporeplace(getRemoteIP())."', ";
$guestbook['sql'] .= "guestbook_useragent=MD5('".aporeplace($_SERVER['HTTP_USER_AGENT'])."')";
if(!empty($guestbook["image_upload"]) && !empty($guestbook['image']['file']) && !empty($guestbook['image']['name'])) {
$guestbook['sql'] .= ', ';
$guestbook['sql'] .= "guestbook_image='".aporeplace($guestbook['image']['file'])."', ";
$guestbook['sql'] .= "guestbook_imagename='".aporeplace($guestbook['image']['name'])."'";
}
mysql_query($guestbook['sql'], $db);
if($guestbook['new_entry_id'] = mysql_insert_id($db)) {
$guestbook['readform'] = 1;
if($guestbook['cookie'] && $guestbook['time']) {
setcookie('phpwcms_guestbook'.$guestbook['cid'], time(), time()+intval($guestbook['time']));
}
// check if notify email should be sent
if(!empty($guestbook['notify'])) {
//http://dev.phpwcms.org/x/
//$guestbook['image_dir'].'/'.$guestbook['image']['file']
$guestbook['notify'] = @file_get_contents(PHPWCMS_TEMPLATE.'inc_cntpart/guestbook/notify_email.txt');
if(!$guestbook['notify']) {
$guestbook['notify'] = 'New entry - please proof:'.LF.PHPWCMS_URL.'index.php?id='.implode(',', $aktion);
}
$guestbook['notify'] = str_replace( array( '{FE_URL}', '{BE_URL}', '{IP}', '{BROWSER}', '{DATE}', '{NAME}',
'{EMAIL}', '{URL}', '{MESSAGE}', '{IMG_NAME}', '{IMG_URL}'
)
,
array( PHPWCMS_URL.'index.php?id='.implode(',', $aktion),
PHPWCMS_URL.'phpwcms.php?do=articles&p=2&s=1&aktion=2&id='.$aktion[1].'&acid='.$guestbook['cid'],
getRemoteIP(), $_SERVER['HTTP_USER_AGENT'], date('Y/m/d H:i:s'),
$guestbook['post']['name'], $guestbook['post']['email'],
$guestbook['post']['url'], $guestbook['post']['msg'],
empty($guestbook['image']['name']) ? '' : $guestbook['image']['name'],
empty($guestbook['image']['file']) ? '' : PHPWCMS_URL.PHPWCMS_FILES.'guestbook_'.$guestbook['cid'].'/'.$guestbook['image']['file']
)
,
$guestbook['notify']);
sendEmail( array(
'recipient' => $guestbook['notify_email'],
'subject' => 'New guestbook/comment entry',
'isHTML' => 0,
'text' => $guestbook['notify'],
'from' => $phpwcms["admin_email"],
'sender' => $phpwcms["admin_email"]
));
}
$GLOBALS['_getVar']['guestbookentry'] = $guestbook['new_entry_id'];
// to avoid double Post
headerRedirect(PHPWCMS_URL.'index.php'.returnGlobalGET_QueryString());
} else {
$guestbook['readform'] = 0;
$CNT_TMP .= 'A technical problem occured while signing to the guestbook
';
}
}
}
// do this after new gb entry was created
if(isset($GLOBALS['_getVar']['guestbookentry'])) {
$guestbook['sql'] = 'SELECT * FROM '.DB_PREPEND.'phpwcms_guestbook ';
$guestbook['sql'] .= 'WHERE guestbook_id='.intval($GLOBALS['_getVar']['guestbookentry']);
$guestbook['sql'] .= " AND guestbook_ip='".aporeplace(getRemoteIP())."'";
$guestbook['new_entry'] = _dbQuery($guestbook['sql']);
if(!empty($guestbook['new_entry'][0])) {
$guestbook['readform'] = 1;
$guestbook['post']['email'] = $guestbook['new_entry'][0]['guestbook_email'];
$guestbook['post']['name'] = $guestbook['new_entry'][0]['guestbook_name'];
$guestbook['post']['url'] = $guestbook['new_entry'][0]['guestbook_url'];
$guestbook['post']['msg'] = $guestbook['new_entry'][0]['guestbook_msg'];
}
unset($GLOBALS['_getVar']['guestbookentry']);
}
// start guestbook form
if(empty($guestbook['gb_login_post'])) {
$guestbook['show_postform'] = true;
} elseif(_getFeUserLoginStatus()) {
$guestbook['show_postform'] = true;
} else {
$guestbook['show_postform'] = false;
$guestbook['form'] = get_tmpl_section('LOGIN_INFO', $guestbook['template']);
}
if($guestbook['show_postform']) {
if(!$guestbook['readform']) {
if(!count($guestbook['error'])) {
// remove post form error part
$guestbook['form'] = replace_tmpl_section('FORM_ERROR', $guestbook['form'], '');
}
//try to replace all error messages first
$guestbook['form'] = render_cnt_template($guestbook['form'], 'ERROR_EMAIL', empty($guestbook['error']['email']) ? '' : $guestbook['error']['email']);
$guestbook['form'] = render_cnt_template($guestbook['form'], 'ERROR_NAME', empty($guestbook['error']['name']) ? '' : $guestbook['error']['name']);
$guestbook['form'] = render_cnt_template($guestbook['form'], 'ERROR_IMGSIZE', empty($guestbook['error']['size']) ? '' : $guestbook['error']['size']);
$guestbook['form'] = render_cnt_template($guestbook['form'], 'ERROR_IMGSAVE', empty($guestbook['error']['move']) ? '' : $guestbook['error']['move']);
$guestbook['form'] = render_cnt_template($guestbook['form'], 'ERROR_IMGWRITE', empty($guestbook['error']['writable']) ? '' : $guestbook['error']['writable']);
$guestbook['form'] = render_cnt_template($guestbook['form'], 'ERROR_IMGFORMAT', empty($guestbook['error']['format']) ? '' : $guestbook['error']['format']);
$guestbook['form'] = render_cnt_template($guestbook['form'], 'ERROR_IMGUPLOAD', empty($guestbook['error']['system']) ? '' : $guestbook['error']['system']);
$guestbook['form'] = render_cnt_template($guestbook['form'], 'ERROR_IMG', empty($guestbook['error']['general']) ? '' : $guestbook['error']['general']);
$guestbook['form'] = render_cnt_template($guestbook['form'], 'ERROR_URL', empty($guestbook['error']['url']) ? '' : $guestbook['error']['url']);
$guestbook['form'] = render_cnt_template($guestbook['form'], 'ERROR_CAPTCHA', empty($guestbook['error']['captcha']) ? '' : $guestbook['error']['captcha']);
$guestbook['form'] = render_cnt_template($guestbook['form'], 'EMAIL', html_specialchars($guestbook['post']['email']));
$guestbook['form'] = render_cnt_template($guestbook['form'], 'NAME', html_specialchars($guestbook['post']['name']));
$guestbook['form'] = render_cnt_template($guestbook['form'], 'URL', html_specialchars($guestbook['post']['url']));
$guestbook['form'] = render_cnt_template($guestbook['form'], 'MSG', html_specialchars($guestbook['post']['msg']));
$guestbook['GBSHOW_0'] = '';
$guestbook['GBSHOW_1'] = '';
$guestbook['GBSHOW_2'] = '';
switch($guestbook['post']['show']) {
case 0: $guestbook['GBSHOW_0'] = ' checked="checked"'; break;
case 1: $guestbook['GBSHOW_1'] = ' checked="checked"'; break;
case 2: $guestbook['GBSHOW_2'] = ' checked="checked"'; break;
}
$guestbook['form'] = str_replace('{GBSHOW_0}', $guestbook['GBSHOW_0'], $guestbook['form']);
$guestbook['form'] = str_replace('{GBSHOW_1}', $guestbook['GBSHOW_1'], $guestbook['form']);
$guestbook['form'] = str_replace('{GBSHOW_2}', $guestbook['GBSHOW_2'], $guestbook['form']);
// build sign guestbook form
$guestbook['form'] = '';
} else {
if(!$guestbook['flooding']) {
// if successfully signed show signed info
$guestbook['signed'] = render_cnt_template($guestbook['signed'], 'EMAIL', html_specialchars($guestbook['post']['email']));
$guestbook['signed'] = render_cnt_template($guestbook['signed'], 'NAME', html_specialchars($guestbook['post']['name']));
$guestbook['signed'] = render_cnt_template($guestbook['signed'], 'URL', html_specialchars($guestbook['post']['url']));
$guestbook['signed'] = render_cnt_template($guestbook['signed'], 'MSG', html_specialchars($guestbook['post']['msg']));
$guestbook['form'] = $guestbook['signed'];
} else {
$guestbook['form'] = $guestbook['spamalert'];
}
}
}
// end guestbook form
// start guestbook listing
// first check for all available related guestbook entries
$guestbook['archivedate'] = false;
$guestbook['archiveselect'] = false;
$guestbook['sql'] = "SELECT * FROM ".DB_PREPEND."phpwcms_guestbook WHERE guestbook_cid=";
$guestbook['sql'] .= $guestbook['cid']." AND guestbook_trashed=0 ";
if(isset($_GET['gbd']) && $_GET['gbs']) {
//$aktion[5] = 0;
$guestbook['archivedate'] = $_GET['gbd'];
$guestbook['archiveselect'] = $_GET['gbs'];
$guestbook['sql'] .= "AND FROM_UNIXTIME(guestbook_created,'".aporeplace($guestbook['archivedate']);
$guestbook['sql'] .= "')='".aporeplace($guestbook['archiveselect'])."' ";
}
if(isset($_POST['showarchive']) && $_POST['showarchive']) {
//$aktion[5] = 0;
$guestbook['archivedate'] = $_POST['archivedate'];
$guestbook['archiveselect'] = $_POST['showarchive'];
$guestbook['sql'] .= "AND FROM_UNIXTIME(guestbook_created,'".aporeplace($guestbook['archivedate']);
$guestbook['sql'] .= "')='".aporeplace($guestbook['archiveselect'])."' ";
}
$guestbook['sql'] .= "AND guestbook_msg NOT LIKE '%[url%' ";
$guestbook['sql'] .= "ORDER BY guestbook_created ";
$guestbook['sql'] .= empty($guestbook['sorting']) ? 'DESC' : 'ASC';
$guestbook['counter'] = 1;
if($guestbook['listing'] && $guestbook['listcount']) {
if($guestbook['result'] = mysql_query($guestbook['sql'].';', $db)) {
$guestbook['count'] = mysql_num_rows($guestbook['result']);
mysql_free_result($guestbook['result']);
}
$guestbook['pagecount'] = ceil($guestbook['count'] / $guestbook['listcount']);
if($guestbook['pagecount'] > 1 || $guestbook['archivedate']) {
if(isset($_POST['showguestbookpage'])) $aktion[5] = intval($_POST['showguestbookpage'])-1;
$guestbook['start_entry'] = $aktion[5] * $guestbook['listcount'];
$guestbook['sql'] .= ' LIMIT '.$guestbook['start_entry'].','.$guestbook['listcount'];
$guestbook['link_to'] = 'index.php?';
$guestbook['link_to'] .= 'id='.$aktion[0].','.$aktion[1].','.$aktion[2].','.$aktion[3].','.$aktion[4].',';
$guestbook['link_add'] = '';
if($guestbook['archivedate']) {
$guestbook['link_add'] .= '&gbd='.html_specialchars(urlencode($guestbook['archivedate']));
$guestbook['link_add'] .= '&gbs='.html_specialchars(urlencode($guestbook['archiveselect']));
}
// goto previous guestbook page
if($aktion[5] > 0) {
$guestbook['prev_replace'] = '$1';
$guestbook['first_replace'] = '$1';
} else {
$guestbook['prev_replace'] = '$1';
$guestbook['first_replace'] = $guestbook['prev_replace'];
}
$guestbook['nav'] = preg_replace('/{BACK:(.*?)}/s', $guestbook['prev_replace'], $guestbook['nav']);
$guestbook['nav'] = preg_replace('/{FIRST:(.*?)}/s', $guestbook['first_replace'], $guestbook['nav']);
// goto next guestbook page
if($aktion[5]+1 < $guestbook['pagecount']) {
$guestbook['next_replace'] = '$1';
$guestbook['last_replace'] = '$1';
} else {
$guestbook['next_replace'] = '$1';
$guestbook['last_replace'] = $guestbook['next_replace'];
}
$guestbook['nav'] = preg_replace('/{NEXT:(.*?)}/s', $guestbook['next_replace'], $guestbook['nav']);
$guestbook['nav'] = preg_replace('/{LAST:(.*?)}/s', $guestbook['last_replace'], $guestbook['nav']);
$guestbook['nav'] = preg_replace('/{PAGE:(\d+):(.*?)}/se', 'guestbook_pages($1, "$2", '.$aktion[5].', '.$guestbook['pagecount'].', "'.$guestbook['link_to'].'", "'.$guestbook['link_add'].'")', $guestbook['nav']);
// archive (form)
if( ! ( strpos($guestbook['nav'],'{ARCHIVE')===false ) ) {
preg_match('/{ARCHIVE:(.*?)}/s', $guestbook['nav'], $guestbook['archiveval']);
$guestbook['archiveval'] = explode('|', $guestbook['archiveval'][1]);
$guestbook['archive'] = '';
$guestbook['nav'] = preg_replace('/{ARCHIVE:(.*?)}/s', $guestbook['archive'], $guestbook['nav']);
}
// jump to menu (form)
if( ! ( strpos($guestbook['nav'],'{JUMP')===false ) ) {
preg_match('/{JUMP:(.*?)}/s', $guestbook['nav'], $guestbook['jumpval']);
$guestbook['jumpval'] = explode('|', $guestbook['jumpval'][1]);
$guestbook['jump'] = '';
$guestbook['nav'] = preg_replace('/{JUMP:(.*?)}/s', $guestbook['jump'], $guestbook['nav']);
}
$guestbook['counter'] = $guestbook['start_entry']+1;
} else {
// no navigation neccessary
$guestbook['nav'] = '';
}
} else {
// no navigation neccessary
$guestbook['nav'] = '';
}
$guestbook['entry_list'] = '';
if($guestbook['result'] = mysql_query($guestbook['sql'], $db)) {
while($guestbook['row'] = mysql_fetch_assoc($guestbook['result'])) {
/*
if($guestbook['ban_count']) {
$guestbook['row']['guestbook_msg'] = preg_replace($guestbook['ban'], $guestbook['replace'], $guestbook['row']['guestbook_msg']);
}
*/
$guestbook['row']['guestbook_msg'] = html_specialchars($guestbook['row']['guestbook_msg']);
$guestbook['c'] = str_replace('{ID}', $guestbook['counter'], $guestbook['entry']);
$guestbook['c'] = str_replace('{DBID}', $guestbook['row']['guestbook_id'], $guestbook['c']);
$guestbook['c'] = render_cnt_template($guestbook['c'], 'URL', empty($guestbook['row']['guestbook_url']) ? '' : html_specialchars('http://'.$guestbook['row']['guestbook_url']));
switch($guestbook['row']['guestbook_show']) {
case 1: $guestbook['row']['guestbook_email'] = '';
//$guestbook['c'] = preg_replace('/(.*?)<\/a>/is', "$3", $guestbook['c']);
break;
case 2: $guestbook['row']['guestbook_email'] = preg_replace('/(.*?)@(.*?)\.([a-zA-Z]+)$/i', "$1 at $2 dot $3", $guestbook['row']['guestbook_email']);
$guestbook['c'] = preg_replace('/\[EMAIL\](.*?){0,1}(.*?)<\/a>(.*?){0,1}\[\/EMAIL\]/is', "[EMAIL]$1".$guestbook['row']['guestbook_email']."$4[/EMAIL]", $guestbook['c']); //"$3"
break;
}
$guestbook['c'] = render_cnt_template($guestbook['c'], 'EMAIL', html_specialchars($guestbook['row']['guestbook_email']));
$guestbook['c'] = render_cnt_template($guestbook['c'], 'NAME', html_specialchars($guestbook['row']['guestbook_name']));
$guestbook['c'] = render_cnt_template($guestbook['c'], 'MSG', nl2br($guestbook['row']['guestbook_msg']));
$guestbook['c'] = preg_replace('/{TIMESTAMP:(.*)}/e', "date('$1',\$guestbook['row']['guestbook_created'])", $guestbook['c']);
// do gb image ;-)
$guestbook['entry_image'] = '';
if(isset($guestbook['imgdata']) && !empty($guestbook['row']['guestbook_image'])) {
if(file_exists($guestbook['image_dir'].'/'.$guestbook['row']['guestbook_image'])) {
$thumb_image = false;
$thumb_img = '';
$thumb_image = get_cached_image(
array( "target_ext" => which_ext($guestbook['row']['guestbook_image']),
"image_name" => $guestbook['row']['guestbook_image'],
"image_dir" => $guestbook['image_dir'].'/',
"max_width" => $guestbook['imgdata'][0],
"max_height" => $guestbook['imgdata'][1],
"thumb_name" => md5($guestbook['row']['guestbook_image'].$guestbook['imgdata'][0].$guestbook['imgdata'][1].$GLOBALS['phpwcms']["sharpen_level"])
));
if($thumb_image != false) {
$guestbook['entry_image'] = '';
//zoom
if($guestbook['imgdata'][2]) {
$zoominfo = get_cached_image(
array( "target_ext" => which_ext($guestbook['row']['guestbook_image']),
"image_name" => $guestbook['row']['guestbook_image'],
"image_dir" => $guestbook['image_dir'].'/',
"max_width" => $GLOBALS['phpwcms']["img_prev_width"],
"max_height" => $GLOBALS['phpwcms']["img_prev_height"],
"thumb_name" => md5($guestbook['row']['guestbook_image'].$GLOBALS['phpwcms']["img_prev_width"].$GLOBALS['phpwcms']["img_prev_height"].$GLOBALS['phpwcms']["sharpen_level"])
));
if($zoominfo != false) {
$popup_img = 'image_zoom.php?'.getClickZoomImageParameter($zoominfo[0].'?'.$zoominfo[3]);
$guestbook['entry_image'] = ''.$guestbook['entry_image'].'';
}
}
}
}
}
$guestbook['c'] = render_cnt_template($guestbook['c'], 'IMAGE', $guestbook['entry_image']);
$guestbook['entry_list'] .= $guestbook['c'];
$guestbook['counter']++;
}
mysql_free_result($guestbook['result']);
// initialize lightbox
if($thumb_image != false) {
initSlimbox();
}
// comments
$guestbook['entry_list'] = preg_replace('/\[c\](.*?)\[\/c\]/is', $guestbook['comment'][0]."$1".$guestbook['comment'][1], $guestbook['entry_list']);
}
$guestbook['list'] = str_replace('{NAV}', $guestbook['nav'], $guestbook['list']);
$guestbook['list'] = str_replace('{FORM}', $guestbook['form'], $guestbook['list']);
$guestbook['list'] = replace_tmpl_section('GUESTBOOK_ENTRY', $guestbook['list'], $guestbook['entry_list']);
$CNT_TMP .= $guestbook['list'];
}
// delete guetbook array
unset($guestbook);
?>