<?php include("auth.php");
$writer = $_SESSION['username'];
$ur1 = $_SESSION['ur1'];
$ur2 = $_SESSION['ur2'];
$ur3 = $_SESSION['ur3'];
$ur4 = $_SESSION['ur4'];
$section = htmlentities($HTTP_POST_VARS["s"]);
if ($section =="")
{$section = htmlentities($HTTP_GET_VARS["s"]);}
if ($section =="")
{$section =3;}
$sectxt ="com00$section";
echo "<H2>$lg[nav07] $lg[$sectxt]</H2><P>";
$fb=2;
$zufile = "zuordnung.txt";
@$zaehlzu = fopen("$zufile","r");
@$inhalt_zufile = fgets($zaehlzu);
@fclose($zaehlzu);
$zuord = unserialize($inhalt_zufile);
$gnc = $HTTP_POST_VARS["gerds_nc"];
$aktion = $HTTP_POST_VARS["aktion"];
##################################
function raeumen($x_meld,$x_nc,$x_speich){
unset($x_meld[$x_nc][date],$x_meld[$x_nc][writer],$x_meld[$x_nc][kommentar],$x_meld[$x_nc][ori_writer],$x_meld[$x_nc][gerds_nc],$x_meld[$x_nc][nid],$x_meld[$x_nc]);
$neu = $x_meld;
$loglink2 = serialize($neu);
$loglinkfile2 = "$x_speich";
$logger2 = fopen("$loglinkfile2","w");
fputs($logger2, $loglink2);
fclose($logger2);
}
####################################
if($aktion =="editiert_alt"){
$nid = $HTTP_POST_VARS["gerds_nid"];
$altfile = "../coms/nid_$nid.txt";
$zaehlfile = fopen("$altfile","r");
$inhalt_zaehlfile = fgets($zaehlfile);
fclose($zaehlfile);
$coms = unserialize($inhalt_zaehlfile);
$coms[$gnc][writer] =htmlentities($HTTP_POST_VARS["schreiber"]);
$nachricht= $HTTP_POST_VARS["nachricht"];
foreach($checks as $ch){
$pos = strpos($nachricht, $ch);
if($pos !="" && $gefunden == "")
{
$nachricht = htmlentities($nachricht);
$gefunden ="ja";
}else{
$nachricht = stripcslashes($nachricht);
}}
$nachricht = stripcslashes($nachricht);
$nachricht = urlencode($nachricht);
$nachricht = str_replace("%0D%0A", "", $nachricht);
$coms[$gnc][kommentar] =$nachricht;
$loglink = serialize($coms);
$loglinkfile = "$altfile";
$logger = fopen("$loglinkfile","w");
fputs($logger, $loglink);
fclose($logger);
}
##########################################
if($section == 3 || $section == 5)
{
if ($section == 5){
$nid = htmlentities($HTTP_GET_VARS["nid"]);
$speicher = "../coms/nid_$nid.txt";
}else{
$speicher = "../coms/meldung.txt";
}
if(file_exists($speicher))
{
$zaehlfile = fopen("$speicher","r");
$inhalt_zaehlfile = fgets($zaehlfile);
fclose($zaehlfile);
$meldungen = unserialize($inhalt_zaehlfile);
$nid = $meldungen[$gnc][nid];
##############################################
if($aktion == "freischalten" || $aktion == "editiert")
{
$n_store = "../coms/nid_$nid.txt";
if(file_exists($n_store)){
$n_file = fopen("$n_store","r+");}else{$n_tfile = fopen("$n_store","w+"); }
@$inhalt_n_file = fgets($n_file);
@fclose($n_file);
$coms = unserialize($inhalt_n_file);
$coms[$gnc][date] =$meldungen[$gnc][date];
$coms[$gnc][ori_writer] =$meldungen[$gnc][ori_writer];
$coms[$gnc][gerds_nc] =$meldungen[$gnc][gerds_nc];
if($aktion == "freischalten"){
$coms[$gnc][writer] =$meldungen[$gnc][writer];
$coms[$gnc][kommentar] =$meldungen[$gnc][kommentar];
$coms[$gnc][nid] =$meldungen[$gnc][nid];
}else{
$coms[$gnc][writer] =htmlentities($HTTP_POST_VARS["schreiber"]);
$nachricht= $HTTP_POST_VARS["nachricht"];
foreach($checks as $ch){
$pos = strpos($nachricht, $ch);
if($pos !="" && $gefunden == "")
{
$nachricht = htmlentities($nachricht);
$gefunden ="ja";
}else{
$nachricht = stripcslashes($nachricht);
}
}
$nachricht = stripcslashes($nachricht);
$nachricht = urlencode($nachricht);
$nachricht = str_replace("%0D%0A", "", $nachricht);
$coms[$gnc][kommentar] =$nachricht;
$aktion = "freischalten";
}
$loglink = serialize($coms);
$loglinkfile = "$n_store";
$logger = fopen("$loglinkfile","w");
fputs($logger, $loglink);
fclose($logger);
}
###################################################
if($aktion == 'freischalten' || $aktion == 'loeschen')
{
call_user_func('raeumen',$meldungen,"$gnc","$speicher");
$zaehlfile = fopen("$speicher","r");
$inhalt_zaehlfile = fgets($zaehlfile);
fclose($zaehlfile);
$meldungen = unserialize($inhalt_zaehlfile);
}
##############################################
if($aktion == "edit")
{
$nid = $meldungen[$gnc][nid];
$schreiber = $meldungen[$gnc][writer];
$kommentar = $meldungen[$gnc][kommentar];
$kommentar = str_replace("%0D%0A", "", $kommentar);
$kommentar = urldecode($kommentar);
$kommentar = stripcslashes($kommentar);
$datum_ag= strftime($domains[outform_time] , $meldungen[$gnc][date]);
echo"<CENTER><TABLE width=\"860\" cellpadding=\"3\" cellspacing=\"0\">";?>
<TR>
<TD class=td_l<? echo "$fb";?>>
<TABLE width="100%" cellpadding="3" cellspacing="3">
<TR>
<TD colspan="2"><? echo "<A HREF=\"../$zuord[$nid]\" TARGET=\"_blank\"><B>$zuord[$nid]</B></A>";?> </TD>
</TR>
<TR>
<TD class=td_l>
<? echo"$lg[p1_009]:";?> <form name="freischalten" method="post" action="" enctype="multipart/form-data"><input type="text" size="15" name="schreiber" value="<? echo "$schreiber";?>"></TD>
<TD class=td_r><? echo "<B><I>$datum_ag</I></B>"?> </TD>
</TR>
<TR>
<TD colspan="2">
<?
if($domains[editor] == "CKEditor"){
?>
<textarea cols="90" id="editor_kama" name="nachricht" rows="10"><? echo "$kommentar";?></textarea>
<script type="text/javascript">
//<![CDATA[
CKEDITOR.replace( 'editor_kama',
{
skin : 'kama'
});
//]]>
</script>
<?
}
if($domains[editor] == "OpenWYSIWYG"){
echo"<textarea id=\"textarea1\" name=\"nachricht\" style=\"width:856px;height:300px;\">$kommentar</textarea>";
}
?>
<TABLE>
<TR>
<TD valign="top">
<?
if($section == 5){
echo"<input type=\"hidden\" name=\"gerds_nc\" value=\"$gnc\"><input type=\"hidden\" name=\"gerds_nid\" value=\"$nid\"><input type=\"hidden\" name=\"s\" value=\"4\"><input type=\"hidden\" name=\"aktion\" value=\"editiert_alt\"><input type=\"image\" name=\"edit\" src=\"../templates/ok.gif\" /></form> ";
}else{
echo"<input type=\"hidden\" name=\"gerds_nc\" value=\"$gnc\"><input type=\"hidden\" name=\"aktion\" value=\"editiert\"><input type=\"image\" name=\"edit\" src=\"../templates/ok.gif\" /></form> ";}?>
</TD>
<TD>
<? echo"<form name=\"loeschen\" method=\"post\" action=\"\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"gerds_nc\" value=\"$gnc\"><input type=\"hidden\" name=\"aktion\" value=\"loeschen\"><input type=\"image\" onClick=\"if(confirm('$lg[q_010] "$key[writer]" $lg[q_011]')) this.form.submit(); else return false;\" name=\"edit\" src=\"../templates/delete.gif\" /></form> "; ?>
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</TD>
</TR>
<?
}else{
$was_gibts = count($meldungen);
if($was_gibts < 1 && $section==3){
echo"$lg[com001]";}else{
echo"$lg[com002]<CENTER><TABLE width=\"860\" cellpadding=\"3\" cellspacing=\"0\">";
foreach($meldungen as $key){
if ($fb > 2){$fb = 1;}
$ori_writer=$key[ori_writer];
if (($ur2 == "1" && $writer == $ori_writer) || $ur3=="1" || $ur4 == "1"){
$nid = $key[nid];
$datum_ag= strftime($domains[outform_time] , $key[date]);
$kommentar = $key[kommentar];
$kommentar = str_replace("%0D%0A", "<br>", $kommentar);
$kommentar = urldecode($kommentar);
$kommentar = stripcslashes($kommentar);
?>
<TR>
<TD class=td_l<? echo "$fb";?>>
<TABLE width="100%" cellpadding="3" cellspacing="3">
<TR>
<TD colspan="2"><? echo "<A HREF=\"../$zuord[$nid]\" TARGET=\"_blank\"><B>$zuord[$nid]</B></A>";?> </TD>
</TR>
<TR>
<TD class=td_l><? echo"<I>$lg[p1_009] <B>$key[writer]</B></I>";?> </TD>
<TD class=td_r><? echo "<B><I>$datum_ag</I></B>"?> </TD>
</TR>
<TR>
<TD colspan="2" style="border-top-width: 1px;
border-top-style: solid;"><? echo "$kommentar <P>"; ?>
<TABLE>
<TR>
<TD>
<? echo"<form name=\"freischalten\" method=\"post\" action=\"\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"gerds_nc\" value=\"$key[gerds_nc]\"><input type=\"hidden\" name=\"aktion\" value=\"freischalten\"><input type=\"image\" name=\"edit\" src=\"../templates/ok.gif\" /></form> ";?>
</TD>
<TD>
<? echo"<form name=\"edit\" method=\"post\" action=\"\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"gerds_nc\" value=\"$key[gerds_nc]\"><input type=\"hidden\" name=\"aktion\" value=\"edit\"><input type=\"hidden\" name=\"call_eddi\" value=\"ja\"><input type=\"image\" name=\"edit\" src=\"../templates/edit.gif\" /></form> "; ?>
</TD>
<TD>
<? echo"<form name=\"loeschen\" method=\"post\" action=\"?p=coments&s=3\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"gerds_nc\" value=\"$key[gerds_nc]\"><input type=\"hidden\" name=\"aktion\" value=\"loeschen\"><input type=\"image\" onClick=\"if(confirm('$lg[q_010] "$key[writer]" $lg[q_011]')) this.form.submit(); else return false;\" name=\"edit\" src=\"../templates/delete.gif\" /></form> "; ?>
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</TD>
</TR>
<?
$fb++;
}}}}}else{
if($section == "3")
{
echo "$lg[com001]";
}}
echo "</TABLE></CENTER>";
}
###############################################################################################################################################
if ($section ==4)
{
$zufile = "zuordnung.txt";
$nid = htmlentities($HTTP_GET_VARS["nid"]);
$comfile = "../coms/nid_$nid.txt";
$zaehlcom = fopen("$comfile","r");
$inhalt_comfile = fgets($zaehlcom);
fclose($zaehlcom);
$coms = unserialize($inhalt_comfile);
###################################################
if($aktion == 'loeschen'){
call_user_func('raeumen',$coms,"$gnc","$comfile");
$comfile = "../coms/nid_$nid.txt";
$zaehlcom = fopen("$comfile","r");
$inhalt_comfile = fgets($zaehlcom);
fclose($zaehlcom);
$coms = unserialize($inhalt_comfile);
}
rsort($coms);
##############################################
foreach($coms as $key){
$datum_ag= strftime($domains[outform_time] , $key[date]);
if ($fb > 2){$fb = 1;}
$kommentar = $key[kommentar];
$kommentar = str_replace("%0D%0A", "<br>", $kommentar);
$kommentar = urldecode($kommentar);
$kommentar = stripcslashes($kommentar);
?>
<TR>
<TD class=td_l<? echo "$fb";?>>
<TABLE width="100%" cellpadding="3" cellspacing="3">
<TR>
<TD class=td_l><? echo"<I>$lg[p1_009] <B>$key[writer]</B></I>";?> </TD>
<TD class=td_r><? echo "<B><I>$datum_ag</I></B>"?> </TD>
</TR>
<TR>
<TD colspan="2" style="border-top-width: 1px; border-top-style: solid;"><? echo "$kommentar<P>"; ?>
<TABLE>
<TR>
<TD>
<? echo"<form name=\"edit\" method=\"post\" action=\"?p=coments&s=5&nid=$nid\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"gerds_nc\" value=\"$key[gerds_nc]\"><input type=\"hidden\" name=\"aktion\" value=\"edit\"><input type=\"hidden\" name=\"call_eddi\" value=\"ja\"><input type=\"image\" name=\"edit\" src=\"../templates/edit.gif\" /></form> "; ?>
</TD>
<TD>
<? echo"<form name=\"loeschen\" method=\"post\" action=\"?p=coments&s=4&nid=$nid\" enctype=\"multipart/form-data\"><input type=\"hidden\" name=\"gerds_nc\" value=\"$key[gerds_nc]\"><input type=\"hidden\" name=\"aktion\" value=\"loeschen\"><input type=\"image\" onClick=\"if(confirm('$lg[q_010] "$key[writer]" $lg[q_011]')) this.form.submit(); else return false;\" name=\"edit\" src=\"../templates/delete.gif\" /></form> "; ?>
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</TD>
</TR>
<?
$fb++;
}
?>
</TABLE>
<?
}
?>