sTinyMceEditorJS; $period = 1; // time period before user can add another record (in minutes) $records_on_page = 16; // number of records at the page $record_maxlength = 1600; // max length of record $record_limit = 100; // maximum number of records in the guest book $_page['header'] = _t("_guestbook"); /* $_page['header_text'] = ('g4' != $tmpl) ? _t("_guestbook") : ""; */ $_page['header_text'] =_t("_guestbook"); // --------------- page components //$w_ex = 20; $_ni = $_page['name_index']; $_page_cont[$_ni]['page_main_code'] = ThisPageMainCode(); // --------------- [END] page components PageCode(); // --------------- page components functions /** * page code function */ function ThisPageMainCode() { global $logged; $ret = ""; $member['ID'] = (int)$_COOKIE['memberID']; $owner = $_REQUEST['owner'] ? (int)$_REQUEST['owner'] : (int)$_COOKIE['memberID']; // Check if membership allows this action $check_res = checkAction( $member['ID'], ACTION_ID_VIEW_GUESTBOOK ); if ( $check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] && $member['ID'] != $owner ) { $ret .= "

". $check_res[CHECK_ACTION_MESSAGE] ."
\n"; return $ret; } $check_res = checkAction( $owner, ACTION_ID_USE_GUESTBOOK ); if( $check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] ) { $ret .= $member['ID'] == $owner ? $check_res[CHECK_ACTION_MESSAGE] : _t_err("_This guestbook disabled by it's owner"); return $ret; } if( $_GET['action'] == 'show_add' && $_GET['owner'] ) { $ret .= ShowAddRecord(); return $ret; } if( $_POST['action'] == 'new' && $_POST['owner'] && strlen($_POST['newrecord']) ) $ret .= AddRecord(); if( $_GET['action'] == 'delete' && $_GET['owner'] && (int)$_GET['delete_id'] != 0 ) $ret .= DeleteRecord(); $ret .= PrintGuestbook(); return $ret; } function PrintGuestbook() { global $logged; global $site; global $records_on_page; global $date_format; global $oTemplConfig; $ret = ""; $owner = $_REQUEST['owner'] ? (int)$_REQUEST['owner'] : (int)$_COOKIE['memberID']; $id = ($_COOKIE['memberID'] ? $_COOKIE['memberID'] : 0); $from = (int)$_REQUEST['from']; if ( !$owner ) return $ret; // Print owner's information $ret .= "
" . ProfileDetails( $owner ) . "
\n"; // Print page controls $records_num = db_arr("SELECT COUNT( * ) AS `rec_num` FROM `Guestbook` WHERE `Recipient` = '{$owner}'"); if ( $records_num['rec_num'] > $records_on_page ) { $ret .= "
"; if( $from >= $records_on_page ) { $nfrom = (0 < ($from - $records_on_page)) ? ($from - $records_on_page) : 0; $ret .= " << "; } $i = 0; $pages = 1; while ( $i < $records_num['rec_num'] ) { if ($i == $from) $ret .= " {$pages} "; else $ret .= " {$pages} "; $i = $i + $records_on_page; $pages++; } if ( $records_num['rec_num'] > ($from + $records_on_page) ) { $nfrom = $from + $records_on_page; $ret .= "  >>"; } $ret .= "
\n"; } // Print guestbook entries $query = " SELECT `Guestbook`.`ID`, DATE_FORMAT(`Date`, '$date_format' ) AS 'Date', `IP`, `Sender`, `Profiles`.`NickName`, `Recipient`, `Text`, `New` FROM `Guestbook` LEFT JOIN `Profiles` ON `Profiles`.`ID` = `Sender` WHERE `Recipient`='{$owner}' ORDER BY `Date` DESC LIMIT {$from}, {$records_on_page} "; $records_res = db_res( $query ); if ( $records_num['rec_num'] > 0 ) { $ret .= "
"; $tr_class = 'odd'; while ( $records_arr = mysql_fetch_array($records_res) ) { $record_text = $records_arr['Text'] ; $ret .= " "; $tr_class = ($tr_class == 'odd') ? 'even' : 'odd'; } $ret .= "
" . _t( "_From") . " " . _t( "_Text") . "
" . get_member_thumbnail($records_arr['Sender'], 'none' ) . ''.$records_arr['NickName'].'
'. $records_arr['Date'] . "		 "; if ( $owner == $id || $logged['admin'] ) { $ret .= "
". _t("_Delete") . "
"; } $ret .= "
{$record_text}
"; } // Print add new entry link $ret .= "
" . _t( "_Add record") . "
"; return $ret; } // Print add new entry form function ShowAddRecord() { member_auth( 0); $owner = $_REQUEST['owner'] ? (int)$_REQUEST['owner'] : (int)$_COOKIE['memberID']; $ret = "
" . _t( "_Add record") . "
\n"; return $ret; } function AddRecord() { member_auth( 0); global $record_maxlength; global $period; global $record_limit; global $logged; $ret = ""; $record_text = addslashes(clear_xss( process_pass_data($_POST['newrecord']))); $record_sender = strlen($_COOKIE['memberID']) ? (int)$_COOKIE['memberID'] : ""; $record_recipient = (int)$_REQUEST['owner']; $ip = ( getenv('HTTP_CLIENT_IP') ? getenv('HTTP_CLIENT_IP') : getenv('REMOTE_ADDR') ); if ( !$record_recipient) return $ret; // Test if IP is defined if ( !$ip || !$record_sender ) { $ret .= "

". _t_err("_sorry, i can not define you ip adress. IT'S TIME TO COME OUT !") ."
\n"; return $ret; } // Test if last message is old enough $last_count = db_arr( "SELECT COUNT( * ) AS `last_count` FROM `Guestbook` WHERE `IP` = '{$ip}' AND (UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(`Date`) < {$period}*60)" ); if ( $last_count['last_count'] != 0 ) { $ret .= "

". _t_err("_You have to wait for PERIOD minutes before you can write another message!", $period) ."
\n"; return $ret; } // Restrict with total records count $total_count = db_arr( "SELECT COUNT(*) AS `total_count` FROM `Guestbook` WHERE `Recipient` = '{$record_recipient}'" ); if ( ($total_count['total_count'] - 1) > $record_limit ) { $del_res = db_res( "SELECT `ID` FROM `Guestbook` WHERE `Recipient` = '{$record_recipient}' ORDER BY `Date` ASC LIMIT ". ($total_count['total_count'] - $record_limit + 1) ); while ( $del_arr = mysql_fetch_array($del_res) ) db_res( "DELETE FROM `Guestbook` WHERE `ID` = {$del_arr['ID']}" ); } // Perform insertion db_res( "INSERT INTO `Guestbook` SET `Date` = NOW(), `IP` = '{$ip}', `Sender` = '{$record_sender}', `Recipient` = '{$record_recipient}', `Text` = '{$record_text}', `New` = '1'" ); return $ret; } function DeleteRecord() { global $logged; $ret = ""; $owner = (int)$_REQUEST['owner']; $id = ($_COOKIE['memberID'] ? $_COOKIE['memberID'] : 0); $delete_id = (int)$_GET['delete_id']; if ( !$owner || !($owner == $id || $logged['admin']) ) return $ret; db_res( "DELETE FROM `Guestbook` WHERE `ID` = '$delete_id'" ); return $ret; } function PrintInfo( $id = 0 ) { if ( $id > 0 ) { $info_arr = getProfileInfo( $id ); $info_sex = _t( "_{$info_arr['Sex']}" ); $info_age = age( $info_arr['DateOfBirth'] ); $ret = "

". _t("_Nickname") .": {$info_arr['NickName']}
". _t("_Sex") .": {$info_sex}
". _t("_DateOfBirth") .": {$info_age}

"; } else { $ret = _t("_no_info"); } return $ret; } ?>