get("a_headinclude")."\";"); if($action == "welcome") { $postcount = $db->query_first("SELECT COUNT(postid) AS posts FROM bgb_posts"); $postcount = $postcount[posts]; $commentcount = $db->query_first("SELECT COUNT(postid) AS posts FROM bgb_posts WHERE comment <> ''"); $commentcount = $commentcount[posts]; $days = ceil((time()-$installtime)/(3600*24)); $perday = number_format($postcount/$days,2); eval("\$template->output(\"".$template->get("a_welcome")."\",1);"); } if($action == "switch_onoff") { if($send=="send") { $offline=$onoff; $offlinemessage=trim($offline_message); $db->query("UPDATE bgb_settings SET offline='$offline', offlinemessage='".addslashes($offlinemessage)."'"); } if($offline==1) $selected = " selected"; eval("\$template->output(\"".$template->get("a_switch_onoff")."\",1);"); } if($action == "options_generell") { if($send=="send") { while(list($key,$val)=each($HTTP_POST_VARS)) { if($key[0]!='n') continue; if(is_string($val)) $HTTP_POST_VARS[$key]=trim($val); $key=substr($key, 1); $$key=$val; } $db->query("UPDATE bgb_settings SET booktitle = '".addslashes($booktitle)."', homepagetitle = '".addslashes($homepagetitle)."', homepageurl = '".addslashes($homepageurl)."', adminemail = '".addslashes($adminemail)."', password = '".addslashes($password)."', gzip = '$gzip'"); } if($gzip==0) $selected=" selected"; eval("\$template->output(\"".$template->get("a_options_generell")."\",1);"); } if($action == "options_postview") { if($send=="send") { while(list($key,$val)=each($HTTP_POST_VARS)) { if($key[0]!='n') continue; if(is_string($val)) $HTTP_POST_VARS[$key]=trim($val); $key=substr($key, 1); $$key=$val; } $db->query("UPDATE bgb_settings SET perpage = '".intval($perpage)."', displayorder = '".$displayorder."', timeformat = '".addslashes($timeformat)."', timezoneoffset = '".addslashes($timezoneoffset)."'"); } $timezones = explode("\r\n", $template->get("timezones")); for($i=0;$i(GMT".ifelse($parts[1]," ".$parts[1],"").") $parts[2]\n"; } if($displayorder==1) $selected=" selected"; eval("\$template->output(\"".$template->get("a_options_postview")."\",1);"); } if($action == "options_postcreate") { if($send=="send") { while(list($key,$val)=each($HTTP_POST_VARS)) { if($key[0]!='n') continue; if(is_string($val)) $HTTP_POST_VARS[$key]=trim($val); $key=substr($key, 1); $$key=$val; } $db->query("UPDATE bgb_settings SET allowemail = '$allowemail', allowhomepage = '$allowhomepage', allowicq = '$allowicq', allowaim = '$allowaim', allowyim = '$allowyim', allowmsn = '$allowmsn', allowbbcode = '$allowbbcode', allowsmilies = '$allowsmilies', allowicons = '$allowicons', allowhtml = '$allowhtml', allowimages = '$allowimages', ch_parseurl = '$ch_parseurl', ch_nosmilies = '$ch_nosmilies', smilie_view = '".intval($smilie_view)."', smilie_view_cols = '".intval($smilie_view_cols)."'"); } if($allowemail==0) $selected[0]=" selected"; if($allowhomepage==0) $selected[1]=" selected"; if($allowicq==0) $selected[2]=" selected"; if($allowaim==0) $selected[3]=" selected"; if($allowyim==0) $selected[4]=" selected"; if($allowmsn==0) $selected[5]=" selected"; if($allowbbcode==0) $selected[6]=" selected"; if($allowsmilies==0) $selected[7]=" selected"; if($allowicons==0) $selected[8]=" selected"; if($allowhtml==0) $selected[9]=" selected"; if($allowimages==0) $selected[10]=" selected"; if($ch_parseurl==0) $selected[11]=" selected"; if($ch_nosmilies==0) $selected[12]=" selected"; eval("\$template->output(\"".$template->get("a_options_postcreate")."\",1);"); } if($action == "options_ban") { if($send=="send") { while(list($key,$val)=each($HTTP_POST_VARS)) { if($key[0]!='n') continue; if(is_string($val)) $HTTP_POST_VARS[$key]=trim($val); $key=substr($key, 1); $$key=$val; } $searcharray[]="/\r\n\s+/"; $replacearray[]="\r\n"; $searcharray[]="/\r\n$/"; $replacearray[]=""; $censorwords=preg_replace($searcharray,$replacearray,$censorwords); $banname=preg_replace($searcharray,$replacearray,$banname); $banip=preg_replace($searcharray,$replacearray,$banip); $db->query("UPDATE bgb_settings SET banip = '".addslashes($banip)."', banname = '".addslashes($banname)."', floodtime = '".intval($floodtime)."', docensor = '$docensor', censorwords = '".addslashes($censorwords)."', censorcover = '".addslashes($censorcover)."'"); } if($docensor==0) $selected[0]=" selected"; eval("\$template->output(\"".$template->get("a_options_ban")."\",1);"); } if($action == "options_misc") { if($send=="send") { while(list($key,$val)=each($HTTP_POST_VARS)) { if($key[0]!='n') continue; if(is_string($val)) $HTTP_POST_VARS[$key]=trim($val); $key=substr($key, 1); $$key=$val; } $db->query("UPDATE bgb_settings SET mail_newentry = '$mail_newentry', mail_thanks = '$mail_thanks'"); } if($mail_newentry==0) $selected[0]=" selected"; if($mail_thanks==0) $selected[1]=" selected"; eval("\$template->output(\"".$template->get("a_options_misc")."\",1);"); } if($action == "mass_del") { if($send=="send" && count($postids)>0) { $postids=implode("','", $postids); $db->query("DELETE FROM bgb_posts WHERE postid IN ('$postids')"); $db->query("DELETE FROM bgb_fields WHERE postid IN ('$postids')"); } if(!isset($page) || $page=="" || $page==0) $page=1; $result=$db->query_first("SELECT COUNT(postid) FROM bgb_posts"); $totalposts=$result[0]; if($totalposts>0) { $pages=ceil($totalposts/$perpage); if($page>$pages) $page=$pages; $result=$db->query("SELECT postid, authorname, posttime, message, nosmilies FROM bgb_posts ORDER BY posttime ".ifelse($displayorder,"ASC","DESC")." LIMIT ".($page-1)*$perpage.",".$perpage); while($row=$db->fetch_array($result)) { $row[posttime]=formatdate($timeformat,$row[posttime]); $row[abstract]=doabstract($row[message], 100); $row[abstract]=parse($row[abstract],$row[nosmilies],"../"); eval ("\$postbit .= \"".$template->get("a_mass_delbit")."\";"); } $pagelink=makepagelink("admin.php?action=$action",$page,$pages,'&'); } eval("\$template->output(\"".$template->get("a_mass_del")."\",1);"); } if($action == "addfield") { if($send=="send") { $db->query("UPDATE bgb_fieldsettings SET displayorder=displayorder+1 WHERE displayorder >= '$display_order'"); $db->query("INSERT INTO bgb_fieldsettings VALUES (NULL,'".addslashes(htmlspecialchars(trim($title)))."','".addslashes(trim($description))."','".intval($maxlength)."','".intval($size)."','".intval($display_order)."')"); $fieldid=$db->insert_id(); $db->query("ALTER TABLE bgb_fields ADD field".$fieldid." varchar(250) NOT NULL"); header("Location: admin.php?action=editfields"); exit(); } $count = $db->query_first("SELECT COUNT(fieldid) FROM bgb_fieldsettings"); for($i=1;$i<=$count[0];$i++) $displayorder_options.="".$i."\n"; $displayorder_options.="".$i."\n"; eval("\$template->output(\"".$template->get("a_addfield")."\",1);"); } if($action == "editfields") { if($send=="send") { header("Location: admin.php?action=editfield&fieldid=$fieldid"); exit(); } $result = $db->query("SELECT fieldid, title FROM bgb_fieldsettings ORDER BY displayorder ASC"); while($row=$db->fetch_array($result)) eval ("\$fieldbit .= \"".$template->get("a_editfieldbit")."\";"); eval("\$template->output(\"".$template->get("a_editfields")."\",1);"); } if($action == "editfield") { if($send=="send") { if($old_order>$display_order) $db->query("UPDATE bgb_fieldsettings SET displayorder=displayorder+1 WHERE displayorder >= '$display_order' AND displayorder < '$old_order'"); elseif($old_order<$display_order) $db->query("UPDATE bgb_fieldsettings SET displayorder=displayorder-1 WHERE displayorder <= '$display_order' AND displayorder > '$old_order'"); $db->query("UPDATE bgb_fieldsettings SET title = '".addslashes(htmlspecialchars(trim($title)))."', description = '".addslashes(trim($description))."', maxlength = '".intval($maxlength)."', size = '".intval($size)."', displayorder = '".intval($display_order)."' WHERE fieldid = '$fieldid'"); header("Location: admin.php?action=editfields"); exit(); } $field = $db->query_first("SELECT * FROM bgb_fieldsettings WHERE fieldid = '$fieldid'"); $count = $db->query_first("SELECT COUNT(fieldid) FROM bgb_fieldsettings"); for($i=1;$i<=$count[0];$i++) $displayorder_options.="".$i."\n"; eval("\$template->output(\"".$template->get("a_editfield")."\",1);"); } if($action == "delfields") { if($send=="send") { for($i=0;$iquery("ALTER TABLE bgb_fields DROP field".$fieldid[$i]); $fieldids=implode("','", $fieldid); if($fieldids) $db->query("DELETE FROM bgb_fieldsettings WHERE fieldid IN ('$fieldids')"); } $result = $db->query("SELECT fieldid, title FROM bgb_fieldsettings ORDER BY displayorder ASC"); while($row=$db->fetch_array($result)) eval ("\$fieldbit .= \"".$template->get("a_delfieldbit")."\";"); eval("\$template->output(\"".$template->get("a_delfields")."\",1);"); } if($action == "style") { if($send=="send") { $db->query("UPDATE bgb_replace SET replaces = 'query("UPDATE bgb_replace SET replaces = 'query("UPDATE bgb_replace SET replaces = 'query("UPDATE bgb_replace SET replaces = '".addslashes($tablea)."' WHERE replaceid = 4"); $db->query("UPDATE bgb_replace SET replaces = '".addslashes($tableb)."' WHERE replaceid = 5"); $db->query("UPDATE bgb_replace SET replaces = '".addslashes($tablehead)."' WHERE replaceid = 6"); $db->query("UPDATE bgb_replace SET replaces = '".addslashes($tablebordercolor)."' WHERE replaceid = 11"); $db->query("UPDATE bgb_replace SET replaces = '".addslashes($fontcolorsecond)."' WHERE replaceid = 7"); $db->query("UPDATE bgb_replace SET replaces = '".addslashes($fontcolorthird)."' WHERE replaceid = 8"); $db->query("UPDATE bgb_replace SET replaces = '".addslashes($css)."' WHERE replaceid = 9"); $db->query("UPDATE bgb_replace SET replaces = '".ifelse(trim($booklogo),"","")."' WHERE replaceid = 10"); } $result=$db->query("SELECT * FROM bgb_replace"); while($row=$db->fetch_array($result)) $style[$row[replaceid]]=$row[replaces]; preg_match("//", $style[10], $match); $booklogo=$match[1]; eval("\$template->output(\"".$template->get("a_style")."\",1);"); } if($action == "style_dl") { unset($style); $result = $db->query("SELECT replaceid, variable, replaces FROM bgb_replace ORDER BY replaceid ASC"); while($row=$db->fetch_array($result)) $style.=$row[replaceid]."~~~".$row[variable]."~~~".$row[replaces]."~~~"; $result = $db->query("SELECT templatename, template FROM bgb_templates ORDER BY templateid ASC"); while($row=$db->fetch_array($result)) $style.="~~~".$row[templatename]."~~~".$row[template]; header("Content-disposition: filename=burningbook.style"); header("Content-type: application/octet-stream"); header("Pragma: no-cache"); header("Expires: 0"); print($style); } if($action == "style_ul") { if($send=="send") { if(@file_exists($uploadfile)) { $style = implode("", file($uploadfile)); $style = explode("~~~~~~", $style); $db->query("DELETE FROM bgb_replace"); $replace = explode("~~~",$style[0]); for($i=0;$iquery("INSERT INTO bgb_replace (replaceid,variable,replaces) VALUES ('".addslashes($replace[$i*3])."','".addslashes($replace[$i*3+1])."','".addslashes($replace[$i*3+2])."')"); $db->query("DELETE FROM bgb_templates"); $templates = explode("~~~",$style[1]); for($i=0;$iquery("INSERT INTO bgb_templates (templatename,template) VALUES ('".addslashes($templates[$i*2])."','".addslashes($templates[$i*2+1])."')"); } } eval("\$template->output(\"".$template->get("a_style_upload")."\",1);"); } if($action == "addbbcode") { if($send=="send") { if($params==1) $replaces = str_replace("{param1}","\\1",$replaces); if($params>1) { $replaces = str_replace("{param1}","\\2",$replaces); $replaces = str_replace("{param2}","\\3",$replaces); } if($params==3) $replaces = str_replace("{param3}","\\4",$replaces); $db->query("INSERT INTO bgb_codes VALUES (NULL,'".addslashes(trim($codetag))."','".addslashes(trim($replaces))."','".addslashes(trim($example))."','".addslashes(trim($description))."','$params')"); header("Location: admin.php?action=editbbcodes"); exit(); } eval("\$template->output(\"".$template->get("a_addbbcode")."\",1);"); } if($action == "editbbcodes") { if($send=="send") { header("Location: admin.php?action=editbbcode&codeid=$codeid"); exit(); } $result = $db->query("SELECT codeid, codetag, params FROM bgb_codes"); while($row=$db->fetch_array($result)) eval ("\$bbcodebit .= \"".$template->get("a_editbbcodebit")."\";"); eval("\$template->output(\"".$template->get("a_editbbcodes")."\",1);"); } if($action == "editbbcode") { if($send=="send") { $replaces=rehtmlchars($replaces); if($params==1) $replaces = str_replace("{param1}","\\1",$replaces); if($params>1) { $replaces = str_replace("{param1}","\\2",$replaces); $replaces = str_replace("{param2}","\\3",$replaces); } if($params==3) $replaces = str_replace("{param3}","\\4",$replaces); $db->query("UPDATE bgb_codes SET codetag = '".addslashes(trim($codetag))."', replaces = '".addslashes(trim($replaces))."', example = '".addslashes(trim($example))."', description = '".addslashes(trim($description))."', params = '$params' WHERE codeid = '$codeid'"); } $code = $db->query_first("SELECT * FROM bgb_codes WHERE codeid = '$codeid'"); if($code[params]>1) { $code[replaces]=str_replace("\\2","{param1}",$code[replaces]); $code[replaces] = str_replace("\\3","{param2}",$code[replaces]); } if($code[params]==1) { $code[replaces]=str_replace("\\1","{param1}",$code[replaces]); $selected[1]=" selected"; } if($code[params]==2) $selected[2]=" selected"; if($code[params]==3) { $code[replaces] = str_replace("\\4","{param3}",$code[replaces]); $selected[3]=" selected"; } $code[replaces]=htmlchars($code[replaces]); eval("\$template->output(\"".$template->get("a_editbbcode")."\",1);"); } if($action == "delbbcodes") { if($send=="send") { $codeids=implode("','", $codeid); if($codeids) $db->query("DELETE FROM bgb_codes WHERE codeid IN ('$codeids')"); } $result = $db->query("SELECT codeid, codetag, params FROM bgb_codes"); while($row=$db->fetch_array($result)) eval ("\$bbcodebit .= \"".$template->get("a_delbbcodebit")."\";"); eval("\$template->output(\"".$template->get("a_delbbcodes")."\",1);"); } if($action == "addicon") { if($send=="send") { if(@file_exists($uploadfile)) { if(preg_match("/(.+)\.([^\.]+)/", $uploadfile_name, $match)) { $db->query("INSERT INTO bgb_icons VALUES (NULL,'$match[1]','$match[2]','".addslashes(trim($icontitle))."')"); $iconid=$db->insert_id(); if(!@copy($uploadfile,"../images/icons/icon-".$iconid.".".$match[2])) $db->query("DELETE FROM bgb_icons WHERE iconid = '$iconid'"); } } header("Location: admin.php?action=editicons"); exit(); } eval("\$template->output(\"".$template->get("a_addicon")."\",1);"); } if($action == "editicons") { if($send=="send") { header("Location: admin.php?action=editicon&iconid=$iconid"); exit(); } $result = $db->query("SELECT * FROM bgb_icons"); while($row=$db->fetch_array($result)) eval ("\$iconbit .= \"".$template->get("a_editiconbit")."\";"); eval("\$template->output(\"".$template->get("a_editicons")."\",1);"); } if($action == "editicon") { if($send=="send") $db->query("UPDATE bgb_icons SET icontitle = '".addslashes(trim($icontitle))."' WHERE iconid = '$iconid'"); $icon = $db->query_first("SELECT * FROM bgb_icons WHERE iconid = '$iconid'"); eval("\$template->output(\"".$template->get("a_editicon")."\",1);"); } if($action == "delicons") { if($send=="send") { $iconids=implode("','", $iconid); if($iconids) { $result = $db->query("SELECT iconid, iconextension FROM bgb_icons WHERE iconid IN ('$iconids')"); while($row=$db->fetch_array($result)) @unlink("../images/icons/icon-".$row[iconid].".".$row[iconextension]); $db->query("DELETE FROM bgb_icons WHERE iconid IN ('$iconids')"); } } $result = $db->query("SELECT * FROM bgb_icons"); while($row=$db->fetch_array($result)) eval ("\$iconbit .= \"".$template->get("a_deliconbit")."\";"); eval("\$template->output(\"".$template->get("a_delicons")."\",1);"); } if($action == "addsmilie") { if($send=="send") { if(@file_exists($uploadfile)) { if(preg_match("/(.+)\.([^\.]+)/", $uploadfile_name, $match)) { $db->query("INSERT INTO bgb_smilies VALUES (NULL,'$match[1]','$match[2]','".addslashes(trim($smilietitle))."','".addslashes(trim($smiliecode))."')"); $smilieid=$db->insert_id(); if(!@copy($uploadfile,"../images/smilies/smilie-".$smilieid.".".$match[2])) $db->query("DELETE FROM bgb_smilies WHERE smilieic = '$smilieid'"); } } header("Location: admin.php?action=editsmilies"); exit(); } eval("\$template->output(\"".$template->get("a_addsmilie")."\",1);"); } if($action == "editsmilies") { if($send=="send") { header("Location: admin.php?action=editsmilie&smilieid=$smilieid"); exit(); } $result = $db->query("SELECT * FROM bgb_smilies"); while($row=$db->fetch_array($result)) eval ("\$smiliebit .= \"".$template->get("a_editsmiliebit")."\";"); eval("\$template->output(\"".$template->get("a_editsmilies")."\",1);"); } if($action == "editsmilie") { if($send=="send") $db->query("UPDATE bgb_smilies SET smilietitle = '".addslashes(trim($smilietitle))."', smiliecode = '".addslashes(trim($smiliecode))."' WHERE smilieid = '$smilieid'"); $smilie = $db->query_first("SELECT * FROM bgb_smilies WHERE smilieid = '$smilieid'"); eval("\$template->output(\"".$template->get("a_editsmilie")."\",1);"); } if($action == "delsmilies") { if($send=="send") { $smilieids=implode("','", $smilieid); if($smilieids) { $result = $db->query("SELECT smilieid, smilieextension FROM bgb_smilies WHERE smilieid IN ('$smilieids')"); while($row=$db->fetch_array($result)) @unlink("../images/smilies/smilie-".$row[smilieid].".".$row[smilieextension]); $db->query("DELETE FROM bgb_smilies WHERE smilieid IN ('$smilieids')"); } } $result = $db->query("SELECT * FROM bgb_smilies"); while($row=$db->fetch_array($result)) eval ("\$smiliebit .= \"".$template->get("a_delsmiliebit")."\";"); eval("\$template->output(\"".$template->get("a_delsmilies")."\",1);"); } # template editierung if($action == "template_edit") { $count=0; $result = $db->query("SELECT templateid, templatename FROM bgb_templates ORDER BY templatename ASC"); while($row = $db->fetch_array($result)) { $template_options .= "$row[templatename]\n"; $count++; } eval("\$template->output(\"".$template->get("template_edit")."\",1);"); } if($action == "template_del") { if($send == "send") { $db->query("DELETE FROM bgb_templates WHERE templateid='$templateid'"); eval("\$template->output(\"".$template->get("template_closewindow")."\",1);"); exit(); } $result = $db->query_first("SELECT templatename FROM bgb_templates WHERE templateid='$templateid'"); eval("\$template->output(\"".$template->get("template_del")."\",1);"); } if($action=="template_add") { if($send=="send") { $templatename=trim($templatename); if($templatedata && $templatename) { $check = $db->query_first("SELECT COUNT(*) FROM bgb_templates WHERE templatename='".addslashes($templatename)."'"); if($check[0]>=1) eval ("\$error = \"".$template->get("template_error1")."\";"); else { $db->query("INSERT INTO bgb_templates VALUES (NULL,'".addslashes($templatename)."','".addslashes($templatedata)."')"); eval("\$template->output(\"".$template->get("template_closewindow")."\",1);"); exit(); } } else eval ("\$error = \"".$template->get("template_error2")."\";"); } eval("\$template->output(\"".$template->get("template_add")."\",1);"); } if($action=="template_change") { if($send=="send") { $templatename=trim($templatename); if($templatedata && $templatename) { $check = $db->query_first("SELECT COUNT(*) FROM bgb_templates WHERE templatename='".addslashes($templatename)."' AND templateid<>'$templateid'"); if($check[0]>=1) eval ("\$error = \"".$template->get("template_error1")."\";"); else { $templatedata=str_replace("<","<",$templatedata); $templatedata=str_replace(">",">",$templatedata); $templatedata=str_replace("&","&",$templatedata); $db->query("UPDATE bgb_templates SET templatename = '".addslashes($templatename)."', template = '".addslashes($templatedata)."' WHERE templateid = '$templateid'"); eval("\$template->output(\"".$template->get("template_closewindow")."\",1);"); exit; } } else eval ("\$error = \"".$template->get("template_error2")."\";"); } $result = $db->query_first("SELECT templatename, template FROM bgb_templates WHERE templateid = '$templateid'"); $result[template]=str_replace("&","&",$result[template]); $result[template]=str_replace("<","<",$result[template]); $result[template]=str_replace(">",">",$result[template]); eval("\$template->output(\"".$template->get("template_change")."\",1);"); } if($action=="template_deluxe") { if($send=="send") { $templatedata=str_replace("<","<",$templatedata); $templatedata=str_replace(">",">",$templatedata); $templatedata=str_replace("&","&",$templatedata); $db->query("UPDATE bgb_templates SET template = '".addslashes($templatedata)."', templatename='".addslashes($templatename)."' WHERE templateid = '$templateid'"); eval("\$template->output(\"".$template->get("template_closewindow")."\",1);"); exit; } $result = $db->query_first("SELECT templatename, template FROM bgb_templates WHERE templateid = '$templateid'"); $result[template]=str_replace("&","&",$result[template]); $result[template]=str_replace("<","<",$result[template]); $result[template]=str_replace(">",">",$result[template]); eval("\$template->output(\"".$template->get("template_deluxe")."\",1);"); } ?>