Location: PHPKode > projects > YW-GuestBook > YW Guestbook 1.45/YW Guestbook/ywgb/admin.php
<?php
  //-------------------------------------------------------------------------
  //                             YW Guestbook
  //                                admin.php
  //
  //                              
  //-------------------------------------------------------------------------
  //                   Copyright (c) 2006 Vortex Solutions
  //                        http://www.yahoowebs.tk
  //-------------------------------------------------------------------------
  //  This program is free software. You can redistribute it and/or modify
  //  it under the terms of the License that was distributed with this file!
  //-------------------------------------------------------------------------

  define ( "IPBYTES" , "3" ); 
  define ( "LOGOUTAFTERMINUTE" , "45" );
  define ( "MAILSPERPAGE" , "10" );
  define ( "BROADCASTWAITTIME" , "2" );
  define ( "REDIRECTWAITTIME" , "1" );
  define ( "HOSTNAMERESOLVING" , "1" ); // try to set this constant to 0 
                                        // if your guestbook is too slow

  //*********************************************************************
  //                          main-routine
  //*********************************************************************

  include("functions.php");

  // include the language-package
  if (!file_exists("lang/langadmin.inc"))
    die("<center>Missing file: <b>lang/langadmin.inc</b> !</center>");
  @include("lang/langadmin.inc");
  if (!file_exists("lang/langcountry.inc"))
    die("<center>Missing file: <b>lang/langcountry.inc</b> !</center>");
  @include("lang/langcountry.inc");
  if (file_exists("lang/langspecial.inc"))
    include("lang/langspecial.inc");

  vgb_connectDB();
  if ($settings['ENCODING'] != "") {
    header("Content-Type: text/html; charset=".$settings['ENCODING']);
    echo "<?xml version='1.0' encoding='".$settings['ENCODING']."'?>\n";
  }

  echo '<!DOCTYPE html 
     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "DTD/xhtml1-transitional.dtd">

<html>
  <head>
    <title>Administration</title>
    <link rel="stylesheet" type="text/css" href="admin.css" />'."\n";
  if ($settings['ENCODING'] != "")
    echo "    <meta http-equiv='Content-Type' content='text/html; charset=".$settings['ENCODING']."' />\n";
  echo '    <script type="text/javascript">
      <!--
      function COMMENTicon(zeichen,field) {
        document.form.COMMENT.value += zeichen;
        document.form.COMMENT.focus();
      }

      function TEXTicon(zeichen,field) {
        document.form.TEXT.value += zeichen;
        document.form.TEXT.focus();
      }
      -->
    </script>'."\n";

  // set some important variables
  $query = vgb_query("select * from VGB_ENTRY where UNMODERATED = 0");
  if (($maxEntry=(vgb_numrows($query))) == 0)
    $maxPage = 0;
  else {
    $maxPage = (int)($maxEntry/$settings['MAXENTRIESPERPAGE']);
    if ($maxEntry%$settings['MAXENTRIESPERPAGE'] != 0)
      $maxPage++;
  }

  $query = vgb_query("select * from VGB_ENTRY where UNMODERATED = 1");
  $newentries = vgb_numrows($query);
  $query = vgb_query("select * from VGB_COMMENT where UNMODERATED = 1");
  $newcomments = vgb_numrows($query);

  // which skins are available ?
  $skins = array();
  $dir = @opendir("skins/")
    or error($lang['noSkinDir']);
  while ($name = readdir($dir)) {
    if (($name != ".") && ($name != ".."))
      $skins[$name] = $name;
  }
  closedir($dir);

  vgb_getParameters();
  // check session
  $IP = vgb_getIP();
  $_p = explode(".",$IP);
  $sessionIP = $_p[0];
  for ($i=1;$i<IPBYTES;$i++)
    $sessionIP .= ".".$_p[$i];

  vgb_query("delete from VGB_SESSION where date_add(TIMESTAMP,interval ".LOGOUTAFTERMINUTE." minute) < now()");

  if (!isset($arg['sessionID']))
    getSessionID();
  else {
    $query = vgb_query("select * from VGB_SESSION where SESSIONID = '".addSlashes($arg['sessionID'])."' and IP = '".$sessionIP."'");
    if (vgb_numrows($query) > 0)
      $sessionID = $arg['sessionID'];
    else
      getSessionID();
  }
  vgb_query("update VGB_SESSION set TIMESTAMP = now() where SESSIONID = '".addSlashes($sessionID)."'");
  $query = vgb_query("select * from VGB_SESSION where SESSIONID = '".addSlashes($sessionID)."'");
  $_session = vgb_result($query);

  if (isset($arg['LOGIN'])) {
    // check login password
    if ($_session['TRY'] < 6) {
      $password = strtoupper($arg['LOGIN']);
      if ($password == strtoupper($settings['ADMINPASSWORD'])) {
        vgb_query("update VGB_SESSION set TRY = 0 where SESSIONID = '".addSlashes($sessionID)."'");
        $_session['TRY'] = 0;
        vgb_query("update VGB_SETTINGS set ENTRYSENT = 0, COMMENTSENT = 0");
        if (($newcomments > 0) || ($newentries > 0))
          $arg['show'] = 1;
      }
      else {
        vgb_query("update VGB_SESSION set TRY = TRY + 1 where SESSIONID = '".addSlashes($sessionID)."'");
        $errorMSG = $lang['wrongPassword'];
        $_session['TRY']++;
      }
    }
    else
      $errorMSG = $lang['noLogin']."<center>(password hacker protection)</center>";
  }
  elseif (isset($arg['LOGOUT'])) {
    // reset session
    if ($_session['TRY'] == 0) {
      vgb_query("update VGB_SESSION set TRY = 1 where SESSIONID = '".addSlashes($sessionID)."'");
      $statusMSG = $lang['afterLogout'];
      $_session['TRY'] = 1;
    }
  }
  elseif (isset($arg['SENDMAIL']) && (!is_null($settings['ADMINEMAIL']))) {
    // send password in mail if possible
    $today = getdate(time());
    if ($settings['LASTSENDMAIL'] !=
        ($newDate = $today['year']."-".$today['mon']."-".$today['mday'])) {
      $_goto = (!is_null($settings['INDEXURL'])) ?
               "\n\nhttp://".$settings['INDEXURL']."admin.".EXT : "";
      if (vgb_mail($settings['ADMINEMAIL'],$lang['sendMailSubject'],
        $lang['sendMailText'].$settings['ADMINPASSWORD'].$_goto)) {
        $statusMSG = $lang['sendMailDone'];
        $query = vgb_query("update VGB_SETTINGS set LASTSENDMAIL = '$newDate'");
        $settings['LASTSENDMAIL'] = $newDate;
      }
      else
        $errorMSG = $lang['sendMailError'];
    }
  }

  if ($_session['TRY'] > 0) {
    // not logged-in => print login-screen
    echo "</head><body onload='document.FORM.LOGIN.focus()'>".
         "<table class='fullscreen'><tr><td valign='middle' align='center'>".
         "<table width='450' class='bgright'><tr><td align='center'>".
         "<span class='title'>".$lang['admin']."</span>";
    printMSG();
    echo "<p></p><span class='menu'>".
         $lang['enterPassword']."</span><br /><br />".
         "<form method='post' name='FORM' action='admin.".EXT."?sessionID=$sessionID'>".
         "<input type='password' size='15' name='LOGIN' class='input' />";
    Submit(" Login ","");
    echo "</form>";
    // is there an administrator-emailadress defined ?
    if (!is_null($settings['ADMINEMAIL'])) {
      // if not already used today print the send-mail link
      $today = getdate(time());
      if ($settings['LASTSENDMAIL'] !=
          $today['year']."-".$today['mon']."-".$today['mday']) {
        echo "<script type='text/javascript'>
              <!--
              document.write(\"<a href='admin.".EXT."?sessionID=$sessionID&amp;\"+\"SENDMAIL=0'>&raquo; ".
        $lang['sendMail']."</a><br /><br />\");
              -->
              </script>";
      }
    }
    echo "<span class='info'>".$lang['requirements']."</span><br />&nbsp;";
    echo "</td></tr></table></td></tr></table>";
  }
  else {
    // user is logged-in => reset the last sendmail date
    vgb_query("update VGB_SETTINGS set LASTSENDMAIL = '2000-1-1'");

    // execute commands
    if (isset($arg['savesetup'])) {
      // try to save the setup
      $screen = 0;
      initSetup();

      // are all parameters given ?
      setParameters(array("ENCODING","PASSWORD","PASSWORD2","ENTRIESPERPAGE","INDEXURL",
        "MAXSPAMTIME","MAXENTRIES","FORCEBREAK","ADMINEMAIL","PRIVPARAMETER",
        "ACTIVESKIN","USEUSDATE","DAY","MONTH","YEAR","HOURS","MINUTES",
        "SECONDS","BACKURL","BANLIST","MAXEMPTYLINES","EMAILTOOLTIP"));

      // preset the input fields
      $preENCODING = strtolower(trim($arg['ENCODING']));
      $preUSEFRAMES = (isset($arg['USEFRAMES'])) ? 1 : 0;
      $preUSEJAVASCRIPT = (isset($arg['USEJAVASCRIPT'])) ? 1 : 0;
      $preUSEUSDATE = $arg['USEUSDATE'];
      $preACTIVATELINKS = (isset($arg['ACTIVATELINKS'])) ? 1 : 0;
      $preMODERATEDMODE = (isset($arg['MODERATEDMODE'])) ? 1 : 0;
      $preHIDEIP = (isset($arg['HIDEIP'])) ? 1 : 0;
      $preBANROBOTS = (isset($arg['BANROBOTS'])) ? 1 : 0;
      $preUSEWBR = (isset($arg['USEWBR'])) ? 1 : 0;
      $preHIDEHOST = (isset($arg['HIDEHOST'])) ? 1 : 0;
      $preUSEBROWSCAP = (isset($arg['USEBROWSCAP'])) ? 1 : 0;
      $preASKPRIVATE = (isset($arg['ASKPRIVATE'])) ? 1 : 0;
      $preALLOWCOMMENTS = (isset($arg['ALLOWCOMMENTS'])) ? 1 : 0;
      $preALLOWSEARCH = (isset($arg['ALLOWSEARCH'])) ? 1 : 0;
      $preENTRIESPERPAGE = trim($arg['ENTRIESPERPAGE']);
      $preMAXSPAMTIME = trim($arg['MAXSPAMTIME']);
      $preMAXEMPTYLINES = trim($arg['MAXEMPTYLINES']);
      $b = array();
      $banlist = explode("\n",trim($arg['BANLIST']));
      foreach ($banlist as $ban) {
        $ban = ereg_replace("\.\$","",trim($ban));
        if ($ban != "")
          $b[] = $ban;
      }
      $preBANLIST = implode("\n",$b);
      $preEMAILTOOLTIP = trim($arg['EMAILTOOLTIP']);
      $preMAXENTRIES = trim($arg['MAXENTRIES']);
      $preFORCEBREAK = trim($arg['FORCEBREAK']);
      $preADMINEMAIL = trim($arg['ADMINEMAIL']);
      $prePASSWORD = strtoupper($arg['PASSWORD']);
      $prePASSWORD2 = strtoupper($arg['PASSWORD2']);
      $preACTIVESKIN = $arg['ACTIVESKIN'];
      $prePRIVPARAMETER = trim($arg['PRIVPARAMETER']);
      $preINDEXURL = trim($arg['INDEXURL']);
      if ($preINDEXURL == "")
        $preINDEXURL = "http://";
      $preBACKURL = trim($arg['BACKURL']);
      if ($preBACKURL == "")
        $preBACKURL = "http://";
      $preYEAR = trim($arg['YEAR']);
      $preMONTH = trim($arg['MONTH']);
      $preDAY = trim($arg['DAY']);
      $preHOURS = intval(trim($arg['HOURS']));
      $preMINUTES = intval(trim($arg['MINUTES']));
      $preSECONDS = intval(trim($arg['SECONDS']));
      setDatetime($settings['ONLINEDATE']);
      $query = vgb_query("select * from VGB_ENTRY");
      if (vgb_numrows($query) == 0) {
        $_today = getdate(time());
        $firstdate = array($_today['year'],$_today['mon'],$_today['mday']);
      }
      else {
        $entry = vgb_result($query);
        $firstdate = explode("-",$entry['DATE']);
      }

      // check the inputs
      if ((($preYEAR == "") || ($preMONTH == "") || ($preDAY == ""))
         || (!vgb_isNumber($preDAY,1,31))
         || (!vgb_isNumber($preMONTH,1,12))
         || (!vgb_isNumber($preYEAR,1980,9999)))
        $errorMSG = $lang['wrongDate'];
      elseif (vgb_daysPast(array($preYEAR,$preMONTH,$preDAY)) < vgb_daysPast($firstdate)) {
        $preYEAR = $firstdate[0];
        $preMONTH = $firstdate[1];
        $preDAY = $firstdate[2];
      }
      if (($preHOURS < -99) || ($preMINUTES < -99) || ($preSECONDS < -99)
           || ($preHOURS > 99) || ($preMINUTES > 99) || ($preSECONDS > 99))
        $errorMSG = $lang['wrongTime'];
      elseif (!vgb_isNumber($preENTRIESPERPAGE,1,999999))
        $errorMSG = $lang['wrongNumber'].$lang['entriesPage'];
      elseif (!vgb_isNumber($preMAXSPAMTIME,0,999999))
        $errorMSG = $lang['wrongNumber'].$lang['maxSpamtime'];
      elseif (!vgb_isNumber($preMAXENTRIES,0,999999))
        $errorMSG = $lang['wrongNumber'].$lang['maxEntries'];
      elseif (!vgb_isNumber($preFORCEBREAK,0,999999))
        $errorMSG = $lang['wrongNumber'].$lang['forceBreak'];
      elseif (!vgb_isNumber($preMAXEMPTYLINES,0,999999))
        $errorMSG = $lang['wrongNumber'].$lang['maxEmptyLines'];
      elseif (sizeof($skins) == 0)
        $errorMSG = $lang['emptySkinDir'];
      elseif (!isset($skins[$preACTIVESKIN]))
        $errorMSG = $lang['wrongSkin'];
      elseif (($x = vgb_noASCII(array($lang['password'] => $prePASSWORD, 
                                      $lang['adminEmail'] => $preADMINEMAIL,
                                      $lang['privParameter'] => $prePRIVPARAMETER,
                                      $lang['backURL'] => $preBACKURL,
                                      $lang['indexURL'] => $preINDEXURL,
                                      "Encoding" => $preENCODING))) != "")
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      elseif ($prePASSWORD != $prePASSWORD2)
        $errorMSG = $lang['passwordError'];
      elseif ($preASKPRIVATE && ($prePRIVPARAMETER == ""))
        $errorMSG = $lang['noPrivParam'];
      elseif (($preASKPRIVATE != "") && (!eregi("^([A-Za-z0-9])+=([A-Za-z0-9])+\$",$prePRIVPARAMETER)))
        $errorMSG = $lang['wrongPrivParam'];
      elseif (($preINDEXURL != "") &&
        (strtolower(substr($preINDEXURL,0,7)) != "http://"))
        $errorMSG = $lang['wrongIndexURL'];
      elseif (($preBACKURL != "") &&
        (strtolower(substr($preBACKURL,0,7)) != "http://"))
        $errorMSG = $lang['wrongBackURL'];
      elseif (($preASKPRIVATE || $preALLOWSEARCH) && (strtolower($preINDEXURL) == "http://"))
        $errorMSG = $lang['noURL'];
      elseif (($preMODERATEDMODE == 0) && (($newentries > 0) || ($newcomments > 0)))
        $errorMSG = $lang['checkEntries'];
      if (!isset($errorMSG)) {
        // the inputs are okay, save the settings in database
        $q = "update VGB_SETTINGS set ".
              "ENCODING = '".addSlashes($preENCODING)."', ".
              "USEFRAMES = ".$preUSEFRAMES.", ".
              "USEJAVASCRIPT = ".$preUSEJAVASCRIPT.", ".
              "USEUSDATE = ".$preUSEUSDATE.", ".
              "ACTIVATELINKS = ".$preACTIVATELINKS.", ".
              "HIDEIP = ".$preHIDEIP.", ".
              "HIDEHOST = ".$preHIDEHOST.", ".
              "USEBROWSCAP = ".$preUSEBROWSCAP.", ".
              "ACTIVESKIN = '$preACTIVESKIN',".
              "MAXENTRIESPERPAGE = ".$preENTRIESPERPAGE.", ".
              "MAXSPAMTIME = ".$preMAXSPAMTIME.", ".
              "MAXENTRIES = ".$preMAXENTRIES.", ".
              "ASKPRIVATE = ".$preASKPRIVATE.", ".
              "ALLOWCOMMENTS = ".$preALLOWCOMMENTS.", ".
              "ALLOWSEARCH = ".$preALLOWSEARCH.", ".
              "FORCEBREAK = ".$preFORCEBREAK.", ".
              "USEWBR = ".$preUSEWBR.", ".
              "BANLIST = '".addSlashes($preBANLIST)."', ".
              "BANROBOTS = $preBANROBOTS, ".
              "EMAILTOOLTIP = '".addSlashes($preEMAILTOOLTIP)."', ".
              "MAXEMPTYLINES = $preMAXEMPTYLINES, ".
              "ONLINEDATE = '".$preYEAR."-".$preMONTH."-".$preDAY."', ".
              "MODERATEDMODE = ".$preMODERATEDMODE.", ".
              "ADDHOURS = ".$preHOURS.", ".
              "ADDMINUTES = ".$preMINUTES.", ".
              "ADDSECONDS = ".$preSECONDS.", ".
              "PRIVPARAMETER = ";
        $q .= ($prePRIVPARAMETER == "") ? "null, " : "'".$prePRIVPARAMETER."', ";
        $q .= "INDEXURL = ";
        $q .= (strtolower($preINDEXURL) != "http://") ? "'".substr($preINDEXURL,7)."', " : "null, ";
        $q .= "BACKURL = ";
        $q .= (strtolower($preBACKURL) != "http://") ? "'".substr($preBACKURL,7)."', " : "null, ";
        if ($prePASSWORD != "") {
          $q .= "ADMINPASSWORD = '$prePASSWORD', ";
          if (isset($_SESSION))
            $_SESSION['PASSWORD'] = $prePASSWORD;
          else
            $HTTP_SESSION_VARS['PASSWORD'] = $prePASSWORD;
        }
        $q .= "ADMINEMAIL = ";
        $q .= ($preADMINEMAIL == "") ? "NULL" : "'$preADMINEMAIL'";
        vgb_query($q);

        // do we have to delete some of the entries ?
        if ($preMAXENTRIES != 0) {
          $x = ($preMODERATEDMODE) ? "where UNMODERATED = 0" : "";
          $query = vgb_query("select ID from VGB_ENTRY $x order by DATE asc, SIGNTIME asc, ID asc");
          $max = vgb_numrows($query)-$preMAXENTRIES;
          if ($max > 0) {
            for ($i=0;$i<$max;$i++) {
              // delete entry with ratings and field-entries
              $row = vgb_result($query);
              deleteEntry($row['ID']);
            }
            // update pastentries
            $query = vgb_query("update VGB_SETTINGS set ".
                     "PASTENTRIES = ".($settings['PASTENTRIES']+$max));
          }
        }
        
        // check for encoding change
        switch ($preENCODING) {
          case "utf-8": $new_lenfactor = 3; $new_maxlen = 85; break;
          default: $new_lenfactor = 1; $new_maxlen = 127; break;
        }
        if ($new_lenfactor != vgb_lenfactor()) {
          // settings
          $cols = array( "BADWORDSTRING" => $new_maxlen, 
                         "COMMENTNAME" => $settings['MAXLENNAME'],
                         "EMAILTOOLTIP" => $new_maxlen);
          foreach ($cols as $col => $len) 
            vgb_query("alter table VGB_SETTINGS change $col $col varchar(".
               ($len*$new_lenfactor).") not null");
          
          // entry
          $cols = array( "NAME" => $settings['MAXLENNAME'],
                         "PICTEXT" => $new_maxlen);
          foreach ($cols as $col => $len) 
            vgb_query("alter table VGB_ENTRY change $col $col varchar(".
               ($len*$new_lenfactor).")");

          // user
          $cols = array( "NAME" => $settings['MAXLENNAME'],
                         "PICTEXT" => $new_maxlen);
          foreach ($cols as $col => $len) 
            vgb_query("alter table VGB_USER change $col $col varchar(".
               ($len*$new_lenfactor).") not null");
        
          // comment
          $cols = array( "NAME" => $settings['MAXLENNAME'] );
          foreach ($cols as $col => $len) 
            vgb_query("alter table VGB_COMMENT change $col $col varchar(".
               ($len*$new_lenfactor).") not null");
        
        }
        if ($new_maxlen < vgb_maxlen()) {
          // change maxlens
          if ($settings['MAXLENNAME'] > $new_maxlen) {
            vgb_query("update VGB_SETTINGS set MAXLENNAME = ".$new_maxlen);
          }
          
          // change maxlen of customfields
          $query = vgb_query("select * from VGB_CUSTOMFIELD where TYPE = 0");
          while ($f = vgb_result($query)) 
            if (intval($f['RULES']) > $new_maxlen) 
              vgb_query("update VGB_CUSTOMFIELD set RULES = '".$new_maxlen."' where ID = ".$f['ID']);
        }
        
        $statusMSG = $lang['savedSetup'];
        $redirect = (($preENCODING != $settings['ENCODING'])  
                      && (($new_lenfactor != 1) || (vgb_lenfactor() != 1))) ?
             "refresh=0" : "setup=0";
      }
    }
    elseif (isset($arg['refresh'])) {
      vgb_query("update VGB_SETTINGS set ".
                "BADWORDSTRING = '".addSlashes(vgb_substr($settings['BADWORDSTRING'],vgb_maxlen()))."',".
                "COMMENTNAME = '".addSlashes(vgb_substr($settings['COMMENTNAME'],$settings['MAXLENNAME']))."',".
                "EMAILTOOLTIP = '".addSlashes(vgb_substr($settings['EMAILTOOLTIP'],vgb_maxlen()))."'");
      refresh("VGB_ENTRY",array("NAME" => $settings['MAXLENNAME'],
                                "PICTEXT" => vgb_maxlen(),
                                "ENTRY" => $settings['MAXLENENTRY']));
      refresh("VGB_CUSTOMFIELD",array("NAME" => vgb_maxlen(),
                                      "FORMTEXT" => vgb_maxlen(),
                                      "PREALLOCATE" => vgb_maxlen()));
      refresh("VGB_RATINGBOX",array("NAME" => vgb_maxlen(),
                                    "FORMTEXT" => vgb_maxlen()));
      refresh("VGB_COUNTRY",array("NAME" => vgb_maxlen()));
      refresh("VGB_COMMENT",array("NAME" => $settings['MAXLENNAME'],
                                  "TEXT" => $settings['MAXLENENTRY']));
      refresh("VGB_USER",array("NAME" => $settings['MAXLENNAME'],
                               "PICTEXT" => vgb_maxlen()));

      $qc = vgb_query("select * from VGB_CUSTOMFIELD where TYPE = 0");
      while ($field = vgb_result($qc)) {
        $rules = explode("\n",$field['RULES'],2);
        $max = (($rules[0]!="") && ($rules[0] != 0)) ?
           $rules[0] : "".vgb_maxlen();
  
        $query = vgb_query("select ENTRY_ID, CONTENT from VGB_CUSTOMENTRY where FIELD_ID = ".$field['ID']);
        $se = array();
        while ($e = vgb_result($query)) 
          $se[$e['ENTRY_ID']] = vgb_substr($e['CONTENT'],$max);
          
        foreach ($se as $id => $t) 
          vgb_query("update VGB_CUSTOMENTRY set CONTENT = '".addSlashes($t)."' where ENTRY_ID = $id and FIELD_ID = ".$field['ID']);
                
        $query = vgb_query("select USER_ID, CONTENT from VGB_CUSTOMUSER where FIELD_ID = ".$field['ID']);
          $se = array();
        while ($e = vgb_result($query)) 
          $se[$e['USER_ID']] = vgb_substr($e['CONTENT'],$max);
          
        foreach ($se as $id => $t) 
          vgb_query("update VGB_CUSTOMUSER set CONTENT = '".addSlashes($t)."' where USER_ID = $id and FIELD_ID = ".$field['ID']);
      }

      $redirect = "setup=0";
    }
    elseif (isset($arg['input'])) {
      // show the manage inputfields screen
      initInput();
      resetRatingForm();
      resetCustomForm();
      initRatings();
      initCustoms();
      $screen = 1;
    }
    elseif (isset($arg['saveinput'])) {
      // try to save the settings for the input-fields
      $screen = 1;

      // are all parameters given ?
      setParameters(array("MAXLENTEXT","MAXLENNAME","MAXLENEMAIL",
        "MAXLENHOMEPAGE","MAXLENAIM","MAXLENMSN","MAXLENYAHOO",
        "RANGEX","RANGEY","THUMBNAILX","THUMBNAILY","PRECOUNTRY"));

      // preset the input fields
      $preASKEMAIL = (isset($arg['ASKEMAIL'])) ? 1 : 0;
      $preASKHOMEPAGE = (isset($arg['ASKHOMEPAGE'])) ? 1 : 0;
      $preASKICQ = (isset($arg['ASKICQ'])) ? 1 : 0;
      $preASKAIM = (isset($arg['ASKAIM'])) ? 1 : 0;
      $preASKMSN = (isset($arg['ASKMSN'])) ? 1 : 0;
      $preASKYAHOO = (isset($arg['ASKYAHOO'])) ? 1 : 0;
      $preASKCOUNTRY = (isset($arg['ASKCOUNTRY'])) ? 1 : 0;
      $preASKPICTURE = (isset($arg['ASKPICTURE'])) ? 1 : 0;
      $preASKPICTEXT = (isset($arg['ASKPICTEXT'])) ? 1 : 0;
      $preFORCECOUNTRY = (isset($arg['FORCECOUNTRY'])) ? 1 : 0;
      $preFORCEEMAIL = (isset($arg['FORCEEMAIL'])) ? 1 : 0;
      $preASKHIDEEMAIL = (isset($arg['ASKHIDEEMAIL'])) ? 1 : 0;
      $preUSEMAILER = (isset($arg['USEMAILER'])) ? 1 : 0;
      $preMAXLENNAME = trim($arg['MAXLENNAME']);
      $preMAXLENTEXT = trim($arg['MAXLENTEXT']);
      $preMAXLENEMAIL = trim($arg['MAXLENEMAIL']);
      $preMAXLENHOMEPAGE = trim($arg['MAXLENHOMEPAGE']);
      $preMAXLENAIM = trim($arg['MAXLENAIM']);
      $preMAXLENMSN = trim($arg['MAXLENMSN']);
      $preMAXLENYAHOO = trim($arg['MAXLENYAHOO']);
      $prePRECOUNTRY = trim($arg['PRECOUNTRY']);
      $preTHUMBNAILX = trim($arg['THUMBNAILX']);
      $preTHUMBNAILY = trim($arg['THUMBNAILY']);
      $preX = explode("-",trim($arg['RANGEX']),2);
      if (sizeof($preX) == 1)
        $preX[1] = $preX[0];
      $preX[0] = trim($preX[0]);
      $preX[1] = trim($preX[1]);
      $preY = explode("-",trim($arg['RANGEY']),2);
      if (sizeof($preY) == 1)
        $preY[1] = $preY[0];
      $preY[0] = trim($preY[0]);
      $preY[1] = trim($preY[1]);
      $preRANGEX = ($preX[0] == $preX[1]) ?
        $preX[0] : $preX[0]."-".$preX[1];
      $preRANGEY = ($preY[0] == $preY[1]) ?
        $preY[0] : $preY[0]."-".$preY[1];


      resetRatingForm();
      resetCustomForm();
      initRatings();
      initCustoms();

      // are the inputs valid ?
      if (!vgb_isNumber($preMAXLENNAME,1,vgb_maxlen()))
        $errorMSG = $lang['wrongLength'].$lang['name'];
      elseif ($preMAXLENTEXT == "")
        $errorMSG = $lang['wrongLength'].$lang['text'];
      elseif (!vgb_isNumber($preMAXLENTEXT,0,999999))
        $errorMSG = $lang['wrongLength'].$lang['text'];
      elseif (!vgb_isNumber($preMAXLENEMAIL,1,127))
        $errorMSG = $lang['wrongLength'].$lang['email'];
      elseif (!vgb_isNumber($preMAXLENHOMEPAGE,1,127))
        $errorMSG = $lang['wrongLength'].$lang['homepage'];
      elseif (!vgb_isNumber($preMAXLENAIM,1,127))
        $errorMSG = $lang['wrongLength'].$lang['aim'];
      elseif (!vgb_isNumber($preMAXLENMSN,1,127))
        $errorMSG = $lang['wrongLength'].$lang['msn'];
      elseif (!vgb_isNumber($preMAXLENYAHOO,1,127))
        $errorMSG = $lang['wrongLength'].$lang['yahoo'];
      elseif (!vgb_isNumber($preX[0],1,999999) || !vgb_isNumber($preX[1],1,999999))
        $errorMSG = $lang['wrongRangeX'];
      elseif (!vgb_isNumber($preY[0],1,999999) || !vgb_isNumber($preY[1],1,999999))
        $errorMSG = $lang['wrongRangeY'];
      elseif (!vgb_isNumber($preTHUMBNAILX,0,999999))
        $errorMSG = $lang['wrongNumber'].$lang['thumbnailX'];
      elseif (!vgb_isNumber($preTHUMBNAILY,0,999999))
        $errorMSG = $lang['wrongNumber'].$lang['thumbnailY'];
      elseif ($preX[1] < $preX[0])
        $errorMSG = $lang['wrongRangeX'];
      elseif ($preY[1] < $preY[0])
        $errorMSG = $lang['wrongRangeY'];

      if (!isset($errorMSG)) {
        // the inputs are okay, save the settings in database
        $q = "update VGB_SETTINGS set ".
              "ASKEMAIL = ".$preASKEMAIL.", ".
              "ASKHOMEPAGE = ".$preASKHOMEPAGE.", ".
              "ASKICQ = ".$preASKICQ.", ".
              "ASKAIM = ".$preASKAIM.", ".
              "ASKMSN = ".$preASKMSN.", ".
              "ASKYAHOO = ".$preASKYAHOO.", ".
              "ASKCOUNTRY = ".$preASKCOUNTRY.", ".
              "ASKPICTURE = ".$preASKPICTURE.", ".
              "ASKPICTEXT = ".$preASKPICTEXT.", ".
              "FORCECOUNTRY = ".$preFORCECOUNTRY.", ".
              "FORCEEMAIL = ".$preFORCEEMAIL.", ".
              "ASKHIDEEMAIL = ".$preASKHIDEEMAIL.", ".
              "USEMAILER = ".$preUSEMAILER.", ".
              "MAXLENNAME = ".$preMAXLENNAME.", ".
              "MAXLENENTRY = ".$preMAXLENTEXT.", ".
              "MAXLENEMAIL = ".$preMAXLENEMAIL.", ".
              "MAXLENHOMEPAGE = ".$preMAXLENHOMEPAGE.", ".
              "MAXLENAIM = ".$preMAXLENAIM.", ".
              "MAXLENMSN = ".$preMAXLENMSN.", ".
              "MAXLENYAHOO = ".$preMAXLENYAHOO.", ".
              "THUMBNAILX = ".$preTHUMBNAILX.", ".
              "THUMBNAILY = ".$preTHUMBNAILY.", ".
              "MINX = ".$preX[0].", ".
              "MAXX = ".$preX[1].", ".
              "MINY = ".$preY[0].", ".
              "MAXY = ".$preY[1].", PRECOUNTRY = ";
        $q .= ($prePRECOUNTRY == "") ? "null" : $prePRECOUNTRY;
        vgb_query($q);

        // set the new column types
        if ((($preMAXLENTEXT < $settings['MAXLENENTRY']) ||
            ($settings['MAXLENENTRY'] == 0)) &&
            ($preMAXLENTEXT > 0)) {
          refresh("VGB_ENTRY",array("ENTRY" => $preMAXLENTEXT));
          refresh("VGB_COMMENT",array("TEXT" => $preMAXLENTEXT));
        }

        $q = "alter table VGB_ENTRY change ";
        $c = "alter table VGB_COMMENT change ";
        $u = "alter table VGB_USER change ";
        if ($preMAXLENNAME != $settings['MAXLENNAME']) {
          vgb_query($q."NAME NAME varchar(".($preMAXLENNAME*vgb_lenfactor()).")");
          vgb_query($c."NAME NAME varchar(".($preMAXLENNAME*vgb_lenfactor()).") not null");
          vgb_query($u."NAME NAME varchar(".($preMAXLENNAME*vgb_lenfactor()).") not null");
          vgb_query("alter table VGB_SETTINGS change COMMENTNAME COMMENTNAME varchar(".
            ($preMAXLENNAME*vgb_lenfactor()).") not null");
          vgb_query("update VGB_SETTINGS set COMMENTNAME = '".
                     addSlashes(vgb_substr($settings['COMMENTNAME'],$preMAXLENNAME))."'");

          refresh("VGB_ENTRY",array("NAME" => $preMAXLENNAME));
          refresh("VGB_COMMENT",array("NAME" => $preMAXLENNAME));          
          refresh("VGB_USER",array("NAME" => $preMAXLENNAME));
        }
        if ($preMAXLENHOMEPAGE != $settings['MAXLENHOMEPAGE']) {
          vgb_query($q."HOMEPAGE HOMEPAGE varchar(".$preMAXLENHOMEPAGE.")");
          vgb_query($u."HOMEPAGE HOMEPAGE varchar(".$preMAXLENHOMEPAGE.") not null");
        }
        if ($preMAXLENEMAIL != $settings['MAXLENEMAIL']) {
          vgb_query($q."EMAIL EMAIL varchar(".$preMAXLENEMAIL.")");
          vgb_query($c."EMAIL EMAIL varchar(".$preMAXLENEMAIL.")");
          vgb_query($u."EMAIL EMAIL varchar(".$preMAXLENEMAIL.") not null");
          vgb_query("alter table VGB_SETTINGS change COMMENTEMAIL COMMENTEMAIL varchar(".
            $preMAXLENEMAIL.") not null");
        }
        if ($preMAXLENAIM != $settings['MAXLENAIM']) {
          vgb_query($q."AIM AIM varchar(".$preMAXLENAIM.")");
          vgb_query($u."AIM AIM varchar(".$preMAXLENAIM.") not null");
        }
        if ($preMAXLENMSN != $settings['MAXLENMSN']) {
          vgb_query($q."MSN MSN varchar(".$preMAXLENMSN.")");
          vgb_query($u."MSN MSN varchar(".$preMAXLENMSN.") not null");
        }
        if ($preMAXLENYAHOO != $settings['MAXLENYAHOO']) {
          vgb_query($q."YAHOO YAHOO varchar(".$preMAXLENYAHOO.")");
          vgb_query($u."YAHOO YAHOO varchar(".$preMAXLENYAHOO.") not null");
        }
          
        $query = vgb_query("select * from VGB_SETTINGS");
        $settings = vgb_result($query);
        $statusMSG = $lang['savedChanges'];
        $redirect = "input=0";
      }
      else {
        initCountries();
      }
    }
    elseif (isset($arg['loadrating'])) {
      // load a rating-box into the edit-screen
      $preID = $arg['loadrating'];
      $query = vgb_query("select * from VGB_RATINGBOX where ID = ".$preID);
      $box = vgb_result($query);
      $preNAME = $box['NAME'];
      $prePRIORITY = $box['PRIORITY'];
      $preFORCE = $box['FRCE'];
      $preSTATS = $box['STATS'];
      $preFORMTEXT = $box['FORMTEXT'];
      $screen = 3;
    }
    elseif (isset($arg['loadcustom'])) {
      // load a custom-field into the edit-screen
      $preID = $arg['loadcustom'];
      $query = vgb_query("select * from VGB_CUSTOMFIELD where ID = ".$preID);
      $field = vgb_result($query);
      $preCUSTOMNAME = $field['NAME'];
      $preCUSTOMTYPE = $field['TYPE'];
      $preCUSTOMPRIORITY = $field['PRIORITY'];
      $preCUSTOMRULES = $field['RULES'];
      $preCUSTOMFORCE = $field['FRCE'];
      $preCUSTOMSTATS = $field['STATS'];
      $preCUSTOMALLOC = $field['PREALLOCATE'];
      $preCUSTOMFORM = $field['FORMTEXT'];
      $screen = 4;
    }
    elseif (isset($arg['loadcountry'])) {
      // load a country into the edit screen
      $preID = $arg['loadcountry'];
      $query = vgb_query("select * from VGB_COUNTRY where ID = ".$preID);
      $country = vgb_result($query);
      $preNAME = $country['NAME'];
      $preICON = $country['FLAGICON'];
      $preTRANSLATE = $country['TRANSLATE'];
      $screen = 7;
    }
    elseif (isset($arg['loademoticon'])) {
      // load an Emoticon into the edit screen
      $preID = $arg['loademoticon'];
      $query = vgb_query("select * from VGB_EMOTICON where ID = ".$preID);
      $emoticon = vgb_result($query);
      $preCODE = $emoticon['CODE'];
      $preFILENAME = $emoticon['FILENAME'];
      $prePRIORITY = $emoticon['PRIORITY'];
      $screen = 10;
      setValidSkin();
    }
    elseif (isset($arg['saverating'])) {
      // try to save the changes into the rating-box
      setParameters(array("NAME","PRIORITY","ID","FORMTEXT"));
      $preID = $arg['ID'];
      $preNAME = trim($arg['NAME']);
      $prePRIORITY = trim($arg['PRIORITY']);
      $preFORMTEXT = trim($arg['FORMTEXT']);
      $preSTATS = (isset($arg['STATS'])) ? 1 : 0;
      $preFORCE = (isset($arg['FRCE'])) ? 1 : 0;

      // check parameters
      if ($preNAME == "")
        $errorMSG = $lang['noName'];
      elseif (!vgb_isNumber($prePRIORITY,0,127) ||
              ($prePRIORITY == ""))
        $errorMSG = $lang['wrongNumber'].$lang['priority'];

      if (!isset($errorMSG)) {
        // save the changes
        $screen = 1;
        vgb_query("update VGB_RATINGBOX set NAME = '".AddSlashes($preNAME)."', ".
              "PRIORITY = $prePRIORITY, FRCE = $preFORCE, ".
              "STATS = $preSTATS, FORMTEXT = '".AddSlashes($preFORMTEXT).
              "' where ID = ".$preID);
        resetRatingForm();
        resetCustomForm();
        initInput();
        initRatings();
        initCustoms();
        $statusMSG = $lang['savedChanges'];
        $redirect = "input=0" ;
      }
      else
        $screen = 3;
    }
    elseif (isset($arg['savecustom'])) {
      // try to save the changes into a custom-field
      setParameters(array("CUSTOMNAME","CUSTOMRULES","CUSTOMTYPE",
                            "CUSTOMALLOC", "CUSTOMPRIORITY","ID","CUSTOMFORM"));
      $preID = $arg['ID'];
      $preCUSTOMNAME = trim($arg['CUSTOMNAME']);
      $preCUSTOMRULES = trim($arg['CUSTOMRULES']);
      $preCUSTOMFORM = trim($arg['CUSTOMFORM']);
      $preCUSTOMALLOC = trim($arg['CUSTOMALLOC']);
      $preCUSTOMTYPE = trim($arg['CUSTOMTYPE']);
      $preCUSTOMPRIORITY = trim($arg['CUSTOMPRIORITY']);
      $preCUSTOMSTATS = (isset($arg['CUSTOMSTATS'])) ? 1 : 0;
      $preCUSTOMFORCE = (isset($arg['CUSTOMFORCE'])) ? 1 : 0;

      // check parameters
      checkCustom();

      if (!isset($errorMSG)) {
        // save changes
        $screen = 1;

        $query = vgb_query("select * from VGB_CUSTOMFIELD where ID=$preID");
        $field = vgb_result($query);

        $q = "update VGB_CUSTOMFIELD set NAME = '".addSlashes($preCUSTOMNAME).
             "', TYPE = $preCUSTOMTYPE, PRIORITY = $preCUSTOMPRIORITY, ".
             "RULES = '";
        switch ($preCUSTOMTYPE) {
          case 0: $q .= $max;
                  break;
          case 1: $q .= $min."-".$max;
                  break;
          case 2: foreach ($options as $option => $value) {
                    $q .= addSlashes($option)."=".addSlashes($value)."\n";
                  }
        }
        $q .= "', FRCE = $preCUSTOMFORCE, FORMTEXT = '".
                addSlashes($preCUSTOMFORM).
              "', STATS = $preCUSTOMSTATS, PREALLOCATE = ";
        $q .= ($preCUSTOMALLOC == "") ? "null" : "'".addSlashes($preCUSTOMALLOC)."'";
        $q .=  " where ID = ".$preID;
        vgb_query($q);

        if ($field['TYPE'] != $preCUSTOMTYPE) {
          // the type of the field has changed => delete old entries
          vgb_query("delete from VGB_CUSTOMENTRY where FIELD_ID = $preID");
          vgb_query("delete from VGB_CUSTOMUSER where FIELD_ID = $preID");
        }
        else {
          // no change
          if ($preCUSTOMTYPE < 2) {
            if ($preCUSTOMTYPE == 0) {
              // check the inputfield for text
              $rules = explode("\n",$field['RULES'],2);
              $oldMax = (($rules[0]!="") && ($rules[0] != 0)) ?
                $rules[0] : "".vgb_maxlen();
              // is the new maximum smaller ?
              if (($max < $oldMax) && ($max != 0)) {
                // we have to shorten all of the saved entries
                $query = vgb_query("select ENTRY_ID, CONTENT from VGB_CUSTOMENTRY where FIELD_ID = ".$preID);
                $se = array();
                while ($e = vgb_result($query)) 
                  $se[$e['ENTRY_ID']] = vgb_substr($e['CONTENT'],$max);
          
                foreach ($se as $id => $t) 
                  vgb_query("update VGB_CUSTOMENTRY set CONTENT = '".addSlashes($t)."' where ENTRY_ID = $id and FIELD_ID = ".$preID);
                
                $query = vgb_query("select USER_ID, CONTENT from VGB_CUSTOMUSER where FIELD_ID = ".$preID);
                $se = array();
                while ($e = vgb_result($query)) 
                  $se[$e['USER_ID']] = vgb_substr($e['CONTENT'],$max);
          
                foreach ($se as $id => $t) 
                  vgb_query("update VGB_CUSTOMUSER set CONTENT = '".addSlashes($t)."' where USER_ID = $id and FIELD_ID = ".$preID);
              }
            }
            else {
              // delete numbers that are out of boundaries
              vgb_query("delete from VGB_CUSTOMENTRY where ".
                "(CONTENT < $min or CONTENT > $max) and FIELD_ID = $preID");
              vgb_query("delete from VGB_CUSTOMUSER where ".
                "(CONTENT < $min or CONTENT > $max) and FIELD_ID = $preID");
            }
          }
        }
        resetRatingForm();
        resetCustomForm();
        initInput();
        initRatings();
        initCustoms();
        $statusMSG = $lang['savedChanges'];
        $redirect = "input=0";
      }
      else
        $screen = 4;
    }
    elseif (isset($arg['savecountry'])) {
      // try to save the changes into a country
      setParameters(array("NAME","ICON","ID"));
      $preID = $arg['ID'];
      $preNAME = trim($arg['NAME']);
      $preICON = trim($arg['ICON']);
      $preTRANSLATE = (isset($arg['TRANSLATE'])) ? 1 : 0;
      if ($preTRANSLATE) {
        $preNAME = strtoupper($preNAME);
        if ($preNAME[0] == '.')
          $preNAME = substr($preNAME,1);
      }

      // check parameters
      if ($preNAME == "")
        $errorMSG = $lang['noName'];
      elseif (($x = vgb_noASCII(array($lang['icon'] => $preICON))) != "")
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      elseif (($preTRANSLATE) && (!isset($langC[$preNAME])))
        $errorMSG = $lang['noCode'];
      elseif (($preNAME != "") && !file_exists("flags/$preICON"))
        $errorMSG = $lang['noIcon']."flags/$preICON";
      else {
        $query = vgb_query("select * from VGB_COUNTRY where NAME = '".
        addSlashes($preNAME)."' and id != $preID");
        if (vgb_numrows($query) != 0)
          $errorMSG = $lang['existsCountry'];
      }

      if (!isset($errorMSG)) {
        // save changes
        vgb_query("update VGB_COUNTRY set NAME = '$preNAME', FLAGICON = ".
              "'$preICON', TRANSLATE = $preTRANSLATE where ID = $preID");
        resetCountryForm();
        $statusMSG = $lang['savedChanges'];
        $redirect = "countries=0";
      }
      else
        $screen = 7;
    }
    elseif (isset($arg['saveemoticon'])) {
      // try to save the changes into an emoticon
      setParameters(array("CODE","FILENAME","PRIORITY","ID"));
      $preID = $arg['ID'];
      $preCODE = trim($arg['CODE']);
      $preFILENAME = trim($arg['FILENAME']);
      $prePRIORITY = trim($arg['PRIORITY']);
      setValidSkin();

      // check parameters
      if ($preCODE == "")
        $errorMSG = $lang['noString'];
      elseif ($preFILENAME == "")
        $errorMSG = $lang['noFilename'];
      elseif (!vgb_isNumber($prePRIORITY,0,127) ||
              ($prePRIORITY == ""))
        $errorMSG = $lang['wrongNumber'].$lang['priority'];
      elseif (($x = vgb_noASCII(array($lang['filename'] => $preFILENAME, $lang['code'] => $preCODE))) != "")
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      elseif (($settings['ACTIVESKIN'] != "") &&
        (!file_exists("skins/".$settings['ACTIVESKIN']."/emoticons/$preFILENAME")))
        $errorMSG = $lang['noIcon']."skins/".$settings['ACTIVESKIN'].
                    "/emoticons/$preFILENAME";
      else {
        $query = vgb_query("select ID from VGB_EMOTICON where CODE = '".
        addSlashes($preCODE)."' and ID != ".$preID);
        if (vgb_numrows($query) != 0)
          $errorMSG = $lang['existsEmoticon'];
      }

      if (!isset($errorMSG)) {
        // save changes
        vgb_query("update VGB_EMOTICON set CODE = '".AddSlashes($preCODE).
              "', FILENAME = '".AddSlashes($preFILENAME)."', PRIORITY = ".
              $prePRIORITY." where ID = $preID");
        resetEmoticonForm();
        $statusMSG = $lang['savedChanges'];
        $redirect = "emoticons=0";
      }
      else
        $screen = 10;
    }
    elseif (isset($arg['delrating'])) {
      // delete the rating-box from database
      resetRatingForm();
      resetCustomForm();
      initInput();
      vgb_query("delete from VGB_RATINGBOX where ID = ".$arg['delrating']);
      vgb_query("delete from VGB_RATING where BOX_ID = ".$arg['delrating']);
      initRatings();
      initCustoms();
      $statusMSG = $lang['deletedRating'];
      $redirect = "input=0";
    }
    elseif (isset($arg['delcustom'])) {
      // delete the custom-field from database
      resetRatingForm();
      resetCustomForm();
      initInput();
      vgb_query("delete from VGB_CUSTOMFIELD where ID = ".
        $arg['delcustom']);
      vgb_query("delete from VGB_CUSTOMENTRY where FIELD_ID = ".
        $arg['delcustom']);
      vgb_query("delete from VGB_CUSTOMUSER where FIELD_ID = ".
        $arg['delcustom']);
      initRatings();
      initCustoms();
      $statusMSG = $lang['deletedCustom'];
      $redirect = "input=0";
    }
    elseif (isset($arg['delcountry'])) {
      // delete the country from database
      resetCountryForm();
      vgb_query("delete from VGB_COUNTRY where ID = ".
        $arg['delcountry']);
      vgb_query("update VGB_ENTRY set COUNTRY = null where COUNTRY = ".
        $arg['delcountry']);
      $statusMSG = $lang['deletedCountry'];
      $redirect = "countries=0";
    }
    elseif (isset($arg['delemoticon'])) {
      // delete the Emoticon from database
      resetEmoticonForm();
      vgb_query("delete from VGB_EMOTICON where ID = ".
        $arg['delemoticon']);
      $statusMSG = $lang['deletedEmoticon'];
      $redirect = "emoticons=0";
      setValidSkin();
    }
    elseif (isset($arg['newrating'])) {
      // try to add a new ratingbox
      $preRATINGNAME = (isset($arg['RATINGNAME'])) ?
        trim($arg['RATINGNAME']) : "";
      $preFORMTEXT = (isset($arg['FORMTEXT'])) ?
        trim($arg['FORMTEXT']) : "";
      $preRATINGPRIORITY = (isset($arg['RATINGPRIORITY'])) ?
        trim($arg['RATINGPRIORITY']) : "";
      $preRATINGFORCE = (isset($arg['RATINGFORCE'])) ?
        trim($arg['RATINGFORCE']) : 0;
      $preRATINGSTATS = (isset($arg['RATINGSTATS'])) ?
        trim($arg['RATINGSTATS']) : 0;
      initInput();

      // check parameters
      if ($preRATINGNAME == "")
        $errorMSG = $lang['noName'];
      elseif (!vgb_isNumber($preRATINGPRIORITY,0,127) ||
              ($preRATINGPRIORITY == ""))
        $errorMSG = $lang['wrongNumber'].$lang['priority'];

      if (!isset($errorMSG)) {
        // create new ratingbox
        vgb_query("insert into VGB_RATINGBOX (ID,NAME,PRIORITY,FRCE,STATS,FORMTEXT)".
              " values (null,'".addSlashes($preRATINGNAME).
              "',$preRATINGPRIORITY,".
              "$preRATINGFORCE,$preRATINGSTATS,'".AddSlashes($preFORMTEXT)."');");
        resetRatingForm();
        $statusMSG = $lang['ratingSuccess'];
        $redirect = "input=0";
      }
      resetCustomForm();
      initRatings();
      initCustoms();
      $screen = 1;
    }
    elseif (isset($arg['newcustom'])) {
      // try to add a new custom-field
      setParameters(array("CUSTOMNAME","CUSTOMTYPE","CUSTOMALLOC",
                               "CUSTOMPRIORITY","CUSTOMRULES","CUSTOMFORM"));
      $preCUSTOMNAME = trim($arg['CUSTOMNAME']);
      $preCUSTOMTYPE = trim($arg['CUSTOMTYPE']);
      $preCUSTOMRULES = trim($arg['CUSTOMRULES']);
      $preCUSTOMPRIORITY = trim($arg['CUSTOMPRIORITY']);
      $preCUSTOMFORM = trim($arg['CUSTOMFORM']);
      $preCUSTOMFORCE = (isset($arg['CUSTOMFORCE'])) ? 1 : 0;
      $preCUSTOMALLOC = trim($arg['CUSTOMALLOC']);
      $preCUSTOMSTATS = (isset($arg['CUSTOMSTATS'])) ? 1 : 0;
      initInput();

      // check parameters
      checkCustom();

      if (!isset($errorMSG)) {
        // create new custom-field
        $q = "insert into VGB_CUSTOMFIELD (ID,NAME,TYPE,PRIORITY,RULES,".
             "FRCE,STATS,LIMITSTATS,FORMTEXT,PREALLOCATE) values (null,'".
             addSlashes($preCUSTOMNAME).
             "',$preCUSTOMTYPE,$preCUSTOMPRIORITY,'";
        switch ($preCUSTOMTYPE) {
          case 0: $q .= $max;
                  break;
          case 1: $q .= $min."-".$max;
                  break;
          case 2: foreach ($options as $option => $value) {
                    $q .= addSlashes($option)."=".addSlashes($value)."\n";
                  }
        }
        $q .= "',$preCUSTOMFORCE,$preCUSTOMSTATS,0,'".
              addSlashes($preCUSTOMFORM)."',";
        $q .= ($preCUSTOMALLOC == "") ? "null" : "'".addSlashes($preCUSTOMALLOC)."'";
        $q .= ")";
        vgb_query($q);
        resetCustomForm();
        $statusMSG = $lang['customSuccess'];
        $redirect = "input=0";
      }
      resetRatingForm();
      initRatings();
      initCustoms();
      $screen = 1;
    }
    elseif (isset($arg['newcountry'])) {
      // try to add a new country
      setParameters(array("NAME","ICON"));
      $preNAME = trim($arg['NAME']);
      $preICON = trim($arg['ICON']);
      $preTRANSLATE = (isset($arg['TRANSLATE'])) ? 1 : 0;
      if ($preTRANSLATE) {
        $preNAME = strtoupper($preNAME);
        if ($preNAME[0] == '.')
          $preNAME = substr($preNAME,1);
      }

      // check parameters
      if ($preNAME == "")
        $errorMSG = $lang['noName'];
      elseif (($x = vgb_noASCII(array($lang['icon'] => $preICON))) != "")
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      elseif (($preTRANSLATE) && (!isset($langC[$preNAME])))
        $errorMSG = $lang['noCode'];
      elseif (($preNAME != "") && !file_exists("flags/$preICON"))
        $errorMSG = $lang['noIcon']."flags/$preICON";
      else {
        $query = vgb_query("select id from VGB_COUNTRY where NAME = '".
        addSlashes($preNAME)."'");
        if (vgb_numrows($query) != 0)
          $errorMSG = $lang['existsCountry'];
      }

      if (!isset($errorMSG)) {
        // create a new country
        vgb_query("insert into VGB_COUNTRY (ID,NAME,FLAGICON,TRANSLATE)".
              " values (null,'$preNAME','$preICON',$preTRANSLATE)");
        resetCountryForm();
        $statusMSG = $lang['countrySuccess'];
        $redirect = "countries=0";
      }
      else {
        $screen = 6;
      }
    }
    elseif (isset($arg['newemoticon'])) {
      // try to add a new emoticon
      setParameters(array("CODE","FILENAME","PRIORITY"));
      $preCODE = trim($arg['CODE']);
      $preFILENAME = trim($arg['FILENAME']);
      $prePRIORITY = trim($arg['PRIORITY']);
      setValidSkin();

      // check parameters
      if ($preCODE == "")
        $errorMSG = $lang['noString'];
      elseif ($preFILENAME == "")
        $errorMSG = $lang['noFilename'];
      elseif (!vgb_isNumber($prePRIORITY,0,127) ||
              ($prePRIORITY == ""))
        $errorMSG = $lang['wrongNumber'].$lang['priority'];
      elseif (($x = vgb_noASCII(array($lang['filename'] => $preFILENAME, $lang['code'] => $preCODE))) != "")
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      elseif (($settings['ACTIVESKIN'] != "") &&
        (!file_exists("skins/".$settings['ACTIVESKIN']."/emoticons/$preFILENAME")))
        $errorMSG = $lang['noIcon']."skins/".$settings['ACTIVESKIN'].
                    "/emoticons/$preFILENAME";
      else {
        $query = vgb_query("select ID from VGB_EMOTICON where CODE = '".
        addSlashes($preCODE)."'");
        if (vgb_numrows($query) != 0)
          $errorMSG = $lang['existsEmoticon'];
      }

      if (!isset($errorMSG)) {
        // create a new country

        vgb_query("insert into VGB_EMOTICON (ID,CODE,FILENAME,PRIORITY)".
              " values (null,'".AddSlashes($preCODE)."','".
                AddSlashes($preFILENAME)."',$prePRIORITY)");
        resetEmoticonForm();
        $statusMSG = $lang['emoticonSuccess'];
        $redirect = "emoticons=0";
      }
      initEmoticons();
      $screen = 9;
    }
    elseif (isset($arg['show'])) {
      // show the page in the manage entries screen
      $page = ($arg['show'] == "") ? 1 : $arg['show'];
      initShow($page);
      $screen = 2;
    }
    elseif (isset($arg['stats'])) {
      $preHIDESTATS = $settings['HIDESTATS'];
      $limits = array(
                  array("Browser","BROWSER",$settings['LIMITBROWSER']),
                  array("OS","OS",$settings['LIMITOS'])
                );
      if ($settings['ASKCOUNTRY']) {
        $limits[] = array($lang['country'],"COUNTRY",$settings['LIMITCOUNTRY']);
      }
      $query = vgb_query("select * from VGB_CUSTOMFIELD where TYPE = 2 and STATS = 1");
      while ($field = vgb_result($query)) {
        $limits[] = array($field['NAME'],"CUSTOM".$field['ID'],
                          $field['LIMITSTATS']);
      };

      $screen = 8;
    }
    elseif (isset($arg['savestats'])) {

      $params = array( "LIMITBROWSER", "LIMITOS" );
      if ($settings['ASKCOUNTRY']) {
        $params[] = "LIMITCOUNTRY";
      };
      $query = vgb_query("select * from VGB_CUSTOMFIELD where TYPE = 2 and STATS = 1");
      while ($field = vgb_result($query)) {
        $params[] = 'LIMITCUSTOM'.$field['ID'];
      };
      setParameters($params);
      $preHIDESTATS = (isset($arg['HIDESTATS'])) ? 1 : 0;
      $limits = array(
                  array("Browser","BROWSER",trim($arg['LIMITBROWSER'])),
                  array("OS","OS",trim($arg['LIMITOS']))
                );
      if ($settings['ASKCOUNTRY']) {
        $limits[] = array($lang['country'],"COUNTRY",trim($arg['LIMITCOUNTRY']));
      }
      $query = vgb_query("select * from VGB_CUSTOMFIELD where TYPE = 2 and STATS = 1");
      while ($field = vgb_result($query)) {
        $limits[] = array($field['NAME'],"CUSTOM".$field['ID'],
                          trim($arg['LIMITCUSTOM'.$field['ID']]));
      };

      foreach ($limits as $field) {
        if ((!vgb_isNumber($field[2],0,999999)) || ($field[2] == "")) {
          $errorMSG = $lang['wrongNumber'].$lang['limit']." ".$field[0];
          break;
        }
      }

      if (!isset($errorMSG)) {
        // the inputs are okay, save the settings in database
        $q = "update VGB_SETTINGS set ".
              "HIDESTATS = ".$preHIDESTATS.", ".
              "LIMITBROWSER = ".$limits[0][2].", ".
              "LIMITOS = ".$limits[1][2];
        if ($settings['ASKCOUNTRY'])
              $q .= ", LIMITCOUNTRY = ".$limits[2][2];
        vgb_query($q);
        for ($i=3;$i<sizeof($limits);$i++) {
          vgb_query("update VGB_CUSTOMFIELD set LIMITSTATS = ".$limits[$i][2].
                " where ID = ".substr($limits[$i][1],6));
        }

        $query = vgb_query("select * from VGB_SETTINGS");
        $settings = vgb_result($query);
        $statusMSG = $lang['savedChanges'];
        $redirect = "stats=0";
      }
      $screen = 8;
    }
    elseif (isset($arg['countries'])) {
      // show the manage countries screen
      $screen = 6;
      resetCountryForm();
    }
    elseif (isset($arg['emoticons'])) {
      // show the manage Emoticons screen
      $screen = 9;
      initEmoticons();
      resetEmoticonForm();
      setValidSkin();
    }
    elseif (isset($arg['delall'])) {
      // delete all entries from database
      vgb_query("delete from VGB_ENTRY");
      vgb_query("delete from VGB_CUSTOMENTRY");
      vgb_query("delete from VGB_RATING");
      vgb_query("delete from VGB_COMMENT");
      vgb_query("update VGB_SETTINGS set PASTENTRIES = 0");
       // delete all uploaded pictures
      $_handle = opendir("upload");
      while ($_filename = readdir($_handle))
        if (($_filename != ".") && ($_filename != "..") &&
            ($_filename != "preview") && (ereg(".(gif|jpg|jpeg)\$",$_filename)))
          @unlink("upload/".$_filename);
      closedir($_handle);
      $maxPage = 0;
      $maxEntry = 0;
      $page = 1;
      initShow($page);
      $redirect = "show=1";
      $screen = 2;
    }
    elseif (isset($arg['delpics'])) {
      // delete all invalid pictures
      $screen = 1;
      $files = getInvalidPics();
      foreach ($files as $file) {
        vgb_query("update VGB_ENTRY set PICTURE = null where PICTURE = '$file'");
        unlink("upload/".$file);
      }
      initInput();
      resetRatingForm();
      resetCustomForm();
      initRatings();
      initCustoms();
      $statusMSG = $lang['invalidDeleted'];
      $redirect = "input=0";
    }
    elseif (isset($arg['delcountries'])) {
      // delete all countries from database
      $screen = 6;
      $redirect = "countries=0";
      vgb_query("delete from VGB_COUNTRY where ID > 1");
      vgb_query("update VGB_ENTRY set COUNTRY = null");
      resetCountryForm();
    }
    elseif (isset($arg['delemoticons'])) {
      // delete all Emoticons from database
      $redirect = "emoticons=0";
      vgb_query("delete from VGB_EMOTICON");
      resetEmoticonForm();
    }
    elseif (isset($arg['delentry'])) {
      // delete the entry from database
      deleteEntry($arg['delentry']);
      // refresh variables
      $query = vgb_query("select * from VGB_ENTRY");
      if (($maxEntry=(vgb_numrows($query))) == 0)
        $maxPage = 0;
      else {
        $maxPage = (int)($maxEntry/$settings['MAXENTRIESPERPAGE']);
        if ($maxEntry%$settings['MAXENTRIESPERPAGE'] != 0)
          $maxPage++;
      }
      $page = 1;
      initShow($page);
      $screen = 2;
      $redirect = "show=1";
    }
    elseif (isset($arg['loadentry'])) {
      // load an entry into the edit-screen
      $query = vgb_query("select * from VGB_ENTRY where ID = ".
               $arg['loadentry']);
      $entry = vgb_result($query);
      $preID = $arg['loadentry'];
      $preNAME = $entry['NAME'];
      $preTEXT = $entry['ENTRY'];
      $preCOMMENT = (is_null($entry['COMMENT'])) ? "" : $entry['COMMENT'];
      $preEMAIL = (is_null($entry['EMAIL'])) ? "" : $entry['EMAIL'];
      $preHOMEPAGE = (is_null($entry['HOMEPAGE'])) ? "" : $entry['HOMEPAGE'];
      $preICQ = (is_null($entry['ICQ'])) ? "" : $entry['ICQ'];
      $preAIM = (is_null($entry['AIM'])) ? "" : $entry['AIM'];
      $preMSN = (is_null($entry['MSN'])) ? "" : $entry['MSN'];
      $preYAHOO = (is_null($entry['YAHOO'])) ? "" : $entry['YAHOO'];
      $preCOUNTRY = (is_null($entry['COUNTRY'])) ? "" : $entry['COUNTRY'];
      $prePICTEXT = (is_null($entry['PICTEXT'])) ? "" : $entry['PICTEXT'];
      $prePRIVATE = (is_null($entry['PRIVATE'])) ? "" : $entry['PRIVATE'];
      $preHIDEEMAIL = $entry['HIDEEMAIL'];
      $preFILENAME = (is_null($entry['PICTURE'])) ? "" : $entry['PICTURE'];
      initEditEntry();
      if (is_null($entry['SIGNTIME'])) {
        $preHOURS = "";
        $preMINUTES = "";
        $preSECONDS = "";
      }
      else {
        $_time = explode(":",$entry['SIGNTIME']);
        $preHOURS = $_time[0];
        $preMINUTES = $_time[1];
        $preSECONDS = $_time[2];
      }
      setDatetime($entry['DATE'],false);
      foreach ($ratings as $rating) {
        $query = vgb_query("select RATING from VGB_RATING where BOX_ID = ".
                    $rating['ID']." and ENTRY_ID = ".$preID);
        if (vgb_numrows($query) == 0)
        $preRating[$rating['ID']] = "";
        else {
          $row = vgb_result($query);
          $preRating[$rating['ID']] = $row['RATING'];
        }
      }
      foreach ($customs as $custom) {
        $query = vgb_query("select CONTENT from VGB_CUSTOMENTRY where ".
                 "FIELD_ID = ".$custom['ID']." and ENTRY_ID = ".$preID);
        if (vgb_numrows($query) == 0)
        $preCustom[$custom['ID']] = "";
        else {
          $row = vgb_result($query);
          $preCustom[$custom['ID']] = $row['CONTENT'];
        }
      }

      $screen = 5;
    }
    elseif (isset($arg['saveentry'])) {
      // try to save the changes into setup
      $preID = $arg['ID'];
      $preNAME = trim($arg['NAME']);
      $preTEXT = trim($arg['TEXT']);
      $preCOMMENT = trim($arg['COMMENT']);
      $preEMAIL = trim($arg['EMAIL']);
      $preHOMEPAGE = trim($arg['HOMEPAGE']);
      if (strtoupper(substr($preHOMEPAGE,0,7)) == "HTTP://")
        $preHOMEPAGE = trim(substr($preHOMEPAGE,7));
      $preICQ = trim($arg['ICQ']);
      $preAIM = trim($arg['AIM']);
      $preMSN = trim($arg['MSN']);
      $preYAHOO = trim($arg['YAHOO']);
      $prePRIVATE = trim($arg['PRIVATE']);
      $prePICTEXT = trim($arg['PICTEXT']);
      $preHIDEEMAIL = (isset($arg['HIDEEMAIL'])) ? 1 : 0;
      $preFILENAME = trim($arg['FILENAME']);
      $preCOUNTRY = $arg['COUNTRY'];
      $preYEAR = trim($arg['YEAR']);
      $preMONTH = trim($arg['MONTH']);
      $preDAY = trim($arg['DAY']);
      $preHOURS = trim($arg['HOURS']);
      $preMINUTES = trim($arg['MINUTES']);
      $preSECONDS = trim($arg['SECONDS']);
      initEditEntry();
      $query = vgb_query("select PICTURE from VGB_ENTRY where ID = ".$preID);
      $entry = vgb_result($query);
      $oldpicture = (is_null($entry['PICTURE'])) ? "" : $entry['PICTURE'];

      foreach ($ratings as $rating) {
        $preRating[$rating['ID']] = $arg["RATING".$rating['ID']];
      }
      foreach ($customs as $custom) {
        $preCustom[$custom['ID']] = trim($arg["CUSTOM".$custom['ID']]);
      }

      // do we have to send a mail because of a new comment ?
      $query = vgb_query("select COMMENT from VGB_ENTRY where ID = ".$preID);
      $data = vgb_result($query);
      $inform = (is_null($data['COMMENT']) && ($preCOMMENT != "")
                 && ($preEMAIL != "")) ? 1 : 0;
      $nulltime = (($preHOURS == "") && ($preMINUTES == "") && ($preSECONDS == "")) ? 1 : 0;

      // check the inputs
      if (!vgb_isNumber($preYEAR,1980,3000))
        $errorMSG = $lang['wrongNumber'].$lang['year'];
      elseif (!vgb_isNumber($preMONTH,1,12))
        $errorMSG = $lang['wrongNumber'].$lang['month'];
      elseif (!vgb_isNumber($preDAY,1,31))
        $errorMSG = $lang['wrongNumber'].$lang['day'];
      elseif (!$nulltime && (!vgb_isNumber($preHOURS,0,23) || ($preHOURS == "")))
        $errorMSG = $lang['wrongNumber']."h";
      elseif (!$nulltime && (!vgb_isNumber($preMINUTES,0,59) || ($preMINUTES == "")))
        $errorMSG = $lang['wrongNumber']."min";
      elseif (!$nulltime && (!vgb_isNumber($preSECONDS,0,59) || ($preSECONDS == "")))
        $errorMSG = $lang['wrongNumber']."sec";
      elseif ($preNAME == "")
        $errorMSG = $lang['noName'];
      elseif ($preTEXT == "")
        $errorMSG = $lang['noEntry'];
      elseif ((vgb_strlen($preTEXT) > $settings['MAXLENENTRY']) &&
             ($settings['MAXLENENTRY'] > 0))
        $errorMSG = $lang['tooLongEntry'].
          (vgb_strlen($preTEXT)-$settings['MAXLENENTRY']);
      elseif (($x = vgb_noASCII(array($lang['email'] => $preEMAIL, 
                                      $lang['homepage'] => $preHOMEPAGE,
                                      $lang['aim'] => $preAIM,
                                      $lang['msn'] => $preMSN,
                                      $lang['yahoo'] => $preYAHOO,
                                      $lang['privPassword'] => $prePRIVATE,
                                      $lang['filename'] => $preFILENAME))) != "")
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      elseif (($preEMAIL != "") &&
            (!vgb_isValidEmail($preEMAIL)))
        $errorMSG = $lang['wrongEmail'];
      elseif (($preHOMEPAGE != "") &&
            (!vgb_isValidURL($preHOMEPAGE)))
        $errorMSG = $lang['wrongURL'];
      elseif (!vgb_isNumber("".$preICQ,100000,2147483647) && ($preICQ != ""))
        $errorMSG = $lang['wrongICQ'];
      elseif (($prePRIVATE != "") && (!ereg("^([a-zA-Z0-9])+\$",$prePRIVATE)))
        $errorMSG = $lang['wrongPrivate'];
      foreach ($customs as $custom) {
        if (($custom['TYPE'] == 1) &&
            ($preCustom[$custom['ID']] != "")) {
          $rules = explode("\n",$custom['RULES'],2);
          if (substr_count($rules[0],"-") == 0) {
            $min = 0;
            $max = 999999999;
          }
          else {
            $rule = explode("-",$rules[0],2);
            $min = ($rule[0] == "") ? 0 : $rule[0];
            $max = ($rule[1] == "") ? 999999999 : $rule[1];
          }
          if (!vgb_isNumber($preCustom[$custom['ID']],$min,$max))
            $errorMSG = $lang['wrongNumber'].$custom['NAME'];
        }
      }

      if ((!isset($errorMSG)) && (($preFILENAME != $oldpicture)))
        if ($preFILENAME == "")
          unlink("upload/".$oldpicture);
        elseif (!file_exists("upload/".$preFILENAME))
          $errorMSG = $lang['noIcon']."upload/".$preFILENAME;
        elseif ($oldpicture != "")
          unlink("upload/".$oldpicture);

      // are all of the inputs valid ?
      if (isset($errorMSG)) {
        $screen = 5;
        setDatetime($preYEAR."-".$preMONTH."-".$preDAY,false);
      }
      else {
        // save changes
        $q =  "update VGB_ENTRY set ".
              "NAME = '".addslashes($preNAME)."' ".
              ", ENTRY = '".addslashes($preTEXT)."' ".
              ", EMAIL = ";
        $q .= ($preEMAIL == "") ?
              "null" : "'".addslashes($preEMAIL)."'";
        $q .= ", COMMENT = ";
        $q .= ($preCOMMENT == "") ?
              "null" : "'".addSlashes($preCOMMENT)."'";
        $q .= ", HOMEPAGE = ";
        $q .= ($preHOMEPAGE == "") ?
              "null" : "'".addslashes($preHOMEPAGE)."'";
        $q .= ", ICQ = ";
        $q .= ($preICQ == "") ?
              "null" : addslashes($preICQ);
        $q .= ", AIM = ";
        $q .= ($preAIM == "") ?
              "null" : "'".addslashes($preAIM)."'";
        $q .= ", MSN = ";
        $q .= ($preMSN == "") ?
              "null" : "'".addslashes($preMSN)."'";
        $q .= ", YAHOO = ";
        $q .= ($preYAHOO == "") ?
              "null" : "'".addslashes($preYAHOO)."'";
        $q .= ", PRIVATE = ";
        $q .= ($prePRIVATE == "") ?
              "null" : "'".strtolower(addslashes($prePRIVATE))."'";
        $q .= ", HIDEEMAIL = ".$preHIDEEMAIL;
        $q .= ", DATE = '".$preYEAR."-".$preMONTH."-".$preDAY."'";
        $q .= ", SIGNTIME = ";
        $q .= ($nulltime) ? "null" : "'".$preHOURS.":".$preMINUTES.":".$preSECONDS."'";
        $q .= ", PICTURE = ";
        $q .= ($preFILENAME == "") ?
              "null" : "'".addslashes($preFILENAME)."'";
        $q .= ", PICTEXT = ";
        $q .= ($prePICTEXT == "") ?
              "null" : "'".addslashes($prePICTEXT)."'";
        $q .= ", COUNTRY = ";
        $q .= ($preCOUNTRY == "") ?
              "null" : addslashes($preCOUNTRY);
        $q .= " where ID = ".$preID;
        vgb_query($q);
        foreach ($ratings as $rating) {
          vgb_query("delete from VGB_RATING where ENTRY_ID = $preID and ".
                "BOX_ID = ".$rating['ID']);
          if ($preRating[$rating['ID']] != "")
            vgb_query("insert into VGB_RATING (ENTRY_ID,BOX_ID,RATING) values ".
            "($preID,".$rating['ID'].",".$preRating[$rating['ID']].")");
        }
        foreach ($customs as $custom) {
          vgb_query("delete from VGB_CUSTOMENTRY where ENTRY_ID = $preID and ".
                "FIELD_ID = ".$custom['ID']);
          if ($preCustom[$custom['ID']] != "")
            vgb_query("insert into VGB_CUSTOMENTRY (ENTRY_ID,FIELD_ID,CONTENT)".
            " values ($preID,".$custom['ID'].",'".
            addSlashes($preCustom[$custom['ID']])."')");
        }

        $_date = explode("-",$settings['ONLINEDATE']);
        if (vgb_daysPast(array($preYEAR,$preMONTH,$preDAY)) > vgb_daysPast($_date))
          vgb_query("update VGB_SETTINGS set ONLINEDATE = '".$preYEAR."-".$preMONTH."-".$preDAY."'");

        // send mail if we have the first comment for this entry
        if ($inform)
          vgb_notification(3,$preEMAIL,$preNAME,
                         array("url" => $settings['INDEXURL'],
                               "comment" => $preCOMMENT),
                         $lang['mailComment'],$lang['mailComment']);

        $statusMSG = $lang['savedChanges'];
        $redirect = "show=1";
        $page = 1;
        initShow($page);
        $screen = 2;
      }
    }
    elseif (isset($arg['delpic'])) {
      setParameters(array("ID"));
      $preID = $arg['ID'];
      $query = vgb_query("select * from VGB_ENTRY where ID = ".$preID);
      $entry = vgb_result($query);
      vgb_query("update VGB_ENTRY set PICTURE = null where ID = ".$preID);
      unlink("upload/".$entry['PICTURE']);
      $entry['PICTURE'] = null;
      $preNAME = $entry['NAME'];
      $preTEXT = $entry['ENTRY'];
      $preCOMMENT = (is_null($entry['COMMENT'])) ? "" : $entry['COMMENT'];
      $preEMAIL = (is_null($entry['EMAIL'])) ? "" : $entry['EMAIL'];
      $preHOMEPAGE = (is_null($entry['HOMEPAGE'])) ? "" : $entry['HOMEPAGE'];
      $preICQ = (is_null($entry['ICQ'])) ? "" : $entry['ICQ'];
      $preAIM = (is_null($entry['AIM'])) ? "" : $entry['AIM'];
      $preMSN = (is_null($entry['MSN'])) ? "" : $entry['MSN'];
      $preYAHOO = (is_null($entry['YAHOO'])) ? "" : $entry['YAHOO'];
      $preCOUNTRY = (is_null($entry['COUNTRY'])) ? "" : $entry['COUNTRY'];
      initEditEntry();
      foreach ($ratings as $rating) {
        $query = vgb_query("select RATING from VGB_RATING where BOX_ID = ".
                    $rating['ID']." and ENTRY_ID = ".$preID);
        if (vgb_numrows($query) == 0)
        $preRating[$rating['ID']] = "";
        else {
          $row = vgb_result($query);
          $preRating[$rating['ID']] = $row['RATING'];
        }
      }
      foreach ($customs as $custom) {
        $query = vgb_query("select CONTENT from VGB_CUSTOMENTRY where ".
                 "FIELD_ID = ".$custom['ID']." and ENTRY_ID = ".$preID);
        if (vgb_numrows($query) == 0)
        $preCustom[$custom['ID']] = "";
        else {
          $row = vgb_result($query);
          $preCustom[$custom['ID']] = $row['CONTENT'];
        }
      }
      $statusMSG = $lang['deletedPicture'];
      $redirect = "loadentry=".$preID;
      $screen = 5;
    }
    elseif (isset($arg['badword'])) {
      $preUSEFILTER = $settings['USEFILTER'];
      $preFILTERNAME = $settings['FILTERNAME'];
      $preFILTEREMAIL = $settings['FILTEREMAIL'];
      $preFILTERHOMEPAGE = $settings['FILTERHOMEPAGE'];
      $preFILTERAIM = $settings['FILTERAIM'];
      $preFILTERMSN = $settings['FILTERMSN'];
      $preFILTERYAHOO = $settings['FILTERYAHOO'];
      $preFILTERPICTEXT = $settings['FILTERPICTEXT'];
      $preBADWORDSTRING = $settings['BADWORDSTRING'];
      $customFilter = array();
      $query = vgb_query("select * from VGB_CUSTOMFIELD where TYPE = 0");
      while ($field = vgb_result($query)) {
        $customFilter[] = array($field['NAME'],"CUSTOM".$field['ID'],
                          $field['FILTER']);
      };
      if (!file_exists("ht_badwords.".EXT)) {
        if (!($handle = @fopen("ht_badwords.".EXT,"a-")))
          Error($lang['ht_badwords']);
        fclose($handle);
      }
      $badwords = file("ht_badwords.".EXT);
      $preBADWORDS = "";
      foreach ($badwords as $badword) {
        $preBADWORDS .= $badword;
      };
      $screen = 11;
    }
    elseif (isset($arg['bbcode'])) {
      $preUSEBBCODE = $settings['USEBBCODE'];
      $preUSECSS    = $settings['USECSS'];
      $preSTRIPCODE = $settings['STRIPCODE'];;
      $preUSEBOLD = $settings['USEBOLD'];
      $preUSEITALIC = $settings['USEITALIC'];
      $preUSEUNDERLINE = $settings['USEUNDERLINE'];
      $preUSECODE = $settings['USECODE'];
      $preUSEQUOTE = $settings['USEQUOTE'];
      $preUSELEFT = $settings['USELEFT'];
      $preUSECENTER = $settings['USECENTER'];
      $preUSERIGHT = $settings['USERIGHT'];
      $preUSEIMAGE = $settings['USEIMAGE'];
      $preUSELINK = $settings['USELINK'];
      $preUSELIST = $settings['USELIST'];
      $preUSESIZE = $settings['USESIZE'];
      $preUSECOLORHEX = $settings['USECOLORHEX'];
      $preUSECOLORPRE = $settings['USECOLORPRE'];
      $preUSEFONT = $settings['USEFONT'];
      $preUSERFONTS = $settings['USERFONTS'];
      $preUSERCOLORS = $settings['USERCOLORS'];
      $preALLOWEDSIZE = $settings['SIZEMIN']."-".$settings['SIZEMAX'];
      $screen = 12;
    }
    elseif (isset($arg['emosetup'])) {
      $preUSEEMOTICONS = (isset($arg['USEEMOTICONS'])) ? 1 : 0;
      $preUSEADMINEMO = (isset($arg['USEADMINEMO'])) ? 1 : 0;
      $preUSEIFRAME = (isset($arg['USEIFRAME'])) ? 1 : 0;
      vgb_query("update VGB_SETTINGS set ".
      "USEEMOTICONS = ".$preUSEEMOTICONS.", ".
      "USEADMINEMO = ".$preUSEADMINEMO.", ".
      "USEIFRAME = ".$preUSEIFRAME);
      $statusMSG = $lang['savedSetup'];
      $redirect = "emoticons=0";
    }
    elseif (isset($arg['savebadword'])) {
      setParameters(array("BADWORDSTRING","BADWORDS"));
      $preBADWORDSTRING = trim($arg['BADWORDSTRING']);
      $preBADWORDS = $arg['BADWORDS'];
      $preUSEFILTER = (isset($arg['USEFILTER'])) ? 1 : 0;
      $preFILTERNAME = (isset($arg['FILTERNAME'])) ? 1 : 0;
      $preFILTEREMAIL = (isset($arg['FILTEREMAIL'])) ? 1 : 0;
      $preFILTERHOMEPAGE = (isset($arg['FILTERHOMEPAGE'])) ? 1 : 0;
      $preFILTERAIM = (isset($arg['FILTERAIM'])) ? 1 : 0;
      $preFILTERMSN = (isset($arg['FILTERMSN'])) ? 1 : 0;
      $preFILTERYAHOO = (isset($arg['FILTERYAHOO'])) ? 1 : 0;
      $preFILTERPICTEXT = (isset($arg['FILTERPICTEXT'])) ? 1 : 0;
      $customFilter = array();
      $query = vgb_query("select * from VGB_CUSTOMFIELD where TYPE = 0");
      while ($field = vgb_result($query)) {
        $customFilter[$field['ID']] =
          (isset($arg['CUSTOM'.$field['ID']])) ? 1 : 0;
      }

      
      vgb_query("update VGB_SETTINGS set ".
      "USEFILTER = ".$preUSEFILTER.",".
      "FILTERNAME = ".$preFILTERNAME.",".
      "FILTEREMAIL = ".$preFILTEREMAIL.",".
      "FILTERHOMEPAGE = ".$preFILTERHOMEPAGE.",".
      "FILTERAIM = ".$preFILTERAIM.",".
      "FILTERMSN = ".$preFILTERMSN.",".
      "FILTERYAHOO = ".$preFILTERYAHOO.",".
      "FILTERPICTEXT = ".$preFILTERPICTEXT.",".
      " BADWORDSTRING = '".$preBADWORDSTRING."'");

      foreach ($customFilter as $id => $bool) {
        vgb_query("update VGB_CUSTOMFIELD set FILTER = $bool where ID = $id");
      }
      if (!($handle = @fopen("ht_badwords.".EXT,"w-")))
        Error($lang['ht_badwords']);
      @fputs($handle,$preBADWORDS);
      @fclose($handle);
      $statusMSG = $lang['savedSetup'];
      $redirect = "badword=0";
    }
    elseif (isset($arg['savebbcode'])) {
      setParameters(array("USERFONTS","USERCOLORS","ALLOWEDSIZE"));
      $preUSEBBCODE = (isset($arg['USEBBCODE'])) ? 1 : 0;
      $preUSECSS = (isset($arg['USECSS'])) ? 1 : 0;
      $preSTRIPCODE = (isset($arg['STRIPCODE'])) ? 1 : 0;
      $preUSEBOLD = (isset($arg['USEBOLD'])) ? 1 : 0;
      $preUSEITALIC = (isset($arg['USEITALIC'])) ? 1 : 0;
      $preUSEUNDERLINE = (isset($arg['USEUNDERLINE'])) ? 1 : 0;
      $preUSELINK = (isset($arg['USELINK'])) ? 1 : 0;
      $preUSELEFT = (isset($arg['USELEFT'])) ? 1 : 0;
      $preUSECENTER = (isset($arg['USECENTER'])) ? 1 : 0;
      $preUSERIGHT = (isset($arg['USERIGHT'])) ? 1 : 0;
      $preUSECODE = (isset($arg['USECODE'])) ? 1 : 0;
      $preUSEQUOTE = (isset($arg['USEQUOTE'])) ? 1 : 0;
      $preUSELIST = (isset($arg['USELIST'])) ? 1 : 0;
      $preUSEIMAGE = (isset($arg['USEIMAGE'])) ? 1 : 0;
      $preUSESIZE = (isset($arg['USESIZE'])) ? 1 : 0;
      $preUSECOLORHEX = (isset($arg['USECOLORHEX'])) ? 1 : 0;
      $preUSECOLORPRE = (isset($arg['USECOLORPRE'])) ? 1 : 0;
      $preUSEFONT = (isset($arg['USEFONT'])) ? 1 : 0;
      $fonts = explode("\n",trim($arg['USERFONTS']));
      $prefonts = array();
      foreach ($fonts as $font) {
        $font = trim($font);
        if ($font != "")
          $prefonts[] = $font;
      }
      $preUSERFONTS = implode("\n",$prefonts);
      $preUSERCOLORS = trim($arg['USERCOLORS']);
      $preALLOWEDSIZE = trim($arg['ALLOWEDSIZE']);
      $sizes = explode("-",$preALLOWEDSIZE,2);
      if ((sizeof($sizes) != 2) ||
          (!vgb_isNumber($sizes[0],1,7)) ||
          (!vgb_isNumber($sizes[1],1,7)) ||
          (strval($sizes[0]) > strval($sizes[1])))
         $errorMSG = $lang['invalidSize'];

      $colors = explode("\n",trim($arg['USERCOLORS']));
      $precolors = array();
      $names = array();
      $line = 1;
      foreach($colors as $color) {
        $color = trim($color);
        if ($color != "") {
          $a = explode("=",$color,2);
          if (sizeof($a) != 2) {
            $precolors[] = $color;
            $errorMSG = $lang['invalidPrecolor'].$line;
          }
          else {
            $name = trim($a[0]);
            if (ereg("[^a-zA-Z0-9]",$name)) {
              $errorMSG = $lang['invalidIdent'].$line;
              $precolors[] = $color;
            }
            else {
              $hex = trim($a[1]);
              if ((strlen($hex)!=7) || (!eregi("#([0-9A-F]){6}",$hex))) {
                $errorMSG = $lang['invalidHexval'].$line;
                $precolors[] = $color;
              }
              elseif (in_array($name,$names)) {
                $errorMSG = $lang['existingIdent'].$line;
                $precolors[] = $color;
              }
              else {
                $precolors[] = $name."=".$hex;
                $names[] = $name;
              }
            }
          }
          $line++;
        }
      }
      $preUSERCOLORS = implode("\n",$precolors);

      if (isset($errorMSG))
        $screen = 12;
      else {
        vgb_query("update VGB_SETTINGS set ".
              "USEBBCODE = ".$preUSEBBCODE.",".
              "STRIPCODE = ".$preSTRIPCODE.",".
              "USEBOLD = ".$preUSEBOLD.",".
              "USEITALIC = ".$preUSEITALIC.",".
              "USEUNDERLINE = ".$preUSEUNDERLINE.",".
              "USELINK = ".$preUSELINK.",".
              "USELEFT = ".$preUSELEFT.",".
              "USECENTER = ".$preUSECENTER.",".
              "USERIGHT = ".$preUSERIGHT.",".
              "USECODE = ".$preUSECODE.",".
              "USEQUOTE = ".$preUSEQUOTE.",".
              "USELIST = ".$preUSELIST.",".
              "USEIMAGE = ".$preUSEIMAGE.",".
              "USESIZE = ".$preUSESIZE.",".
              "USECOLORHEX = ".$preUSECOLORHEX.",".
              "USECOLORPRE = ".$preUSECOLORPRE.",".
              "USEFONT = ".$preUSEFONT.",".
              "USECSS = ".$preUSECSS.",".
              "SIZEMIN = ".$sizes[0].",".
              "SIZEMAX = ".$sizes[1].",".
              "USERCOLORS = \"".AddSlashes($preUSERCOLORS)."\",".
              "USERFONTS = \"".AddSlashes($preUSERFONTS)."\""
              );
        $redirect = "bbcode=0";
      }
    }
    elseif (isset($arg['resetcounter'])) {
      $_today = getdate(time());
      $_onlineDate = $_today['year']."-".$_today['mon']."-".
                     $_today['mday'];
      vgb_query("UPDATE VGB_SETTINGS set VISITORS = 0, VISITORSSINCE = '$_onlineDate'");
      $redirect = "stats=0";
    }
    elseif (isset($arg['showcomment'])) {
      $preENTRYID = $arg['showcomment'];
      $preNAME = $settings['COMMENTNAME'];
      $preEMAIL = $settings['COMMENTEMAIL'];
      $preTEXT = "";
      initComments($preENTRYID);
      $screen = 13;
    }
    elseif (isset($arg['delcomment'])) {
      $query = vgb_query("select ENTRYID from VGB_COMMENT where ID = ".$arg['delcomment']);
      if (vgb_numrows($query) > 0) {
        $_e = vgb_result($query);
        vgb_query("delete from VGB_COMMENT where ID = ".$arg['delcomment']);
        $redirect = "showcomment=".$_e['ENTRYID'];
      }
    }
    elseif (isset($arg['delcomments'])) {
      vgb_query("delete from VGB_COMMENT where ENTRYID = ".$arg['ENTRYID']);
      $redirect = "showcomment=".$arg['ENTRYID'];
    }
    elseif (isset($arg['addcomment'])) {
      $preNAME = trim($arg['NAME']);
      $preEMAIL = trim($arg['EMAIL']);
      $preTEXT = trim($arg['TEXT']);
      if ($preNAME == "")
        $errorMSG = $lang['noName'];
      elseif ($preTEXT == "")
        $errorMSG = $lang['noEntry'];
      elseif ((vgb_strlen($preTEXT) > $settings['MAXLENENTRY']) &&
             ($settings['MAXLENENTRY'] > 0))
        $errorMSG = $lang['tooLongEntry'].
          (vgb_strlen($preTEXT)-$settings['MAXLENENTRY']);
      elseif (($x = vgb_noASCII(array($lang['email'] => $preEMAIL))) != "")
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      elseif (($preEMAIL != "") &&
          (!vgb_isValidEmail($preEMAIL)))
        $errorMSG = $lang['wrongEmail'];

      if (!isset($errorMSG)) {
        $today = getdate(time());
        if (strlen($today['mon']) == 1)
          $today['mon'] = "0".$today['mon'];
        $date = $today['year']."-".$today['mon']."-".
                       $today['mday'];
        $now = localtime(time(),1);
        if (strlen($now['tm_sec']) == 1)
          $now['tm_sec'] = "0".$now['tm_sec'];
        if (strlen($now['tm_min']) == 1)
          $now['tm_min'] = "0".$now['tm_min'];
        if (strlen($now['tm_hour']) == 1)
          $now['tm_hour'] = "0".$now['tm_hour'];
        $time = $now['tm_hour'].":".$now['tm_min'].":".$now['tm_sec'];
        $IP = vgb_getIP();
        if (($IP == "0.0.0.0") || !HOSTNAMERESOLVING)
          $hostname = "unknown";
        else
          $hostname = gethostbyaddr($IP);
        $q = "insert into VGB_COMMENT values (null,".$arg['ENTRYID'].",".
               "'".addSlashes($preNAME)."',";
        $q .= ($preEMAIL == "") ?
               "null," : "'".addSlashes($preEMAIL)."',";
        $q .= "'".addSlashes($preTEXT)."','".$IP."','".$hostname."','".
               $date."','".$time."',1,0)";
        vgb_query($q);
        vgb_query("update VGB_SETTINGS set COMMENTNAME = '".addSlashes($preNAME)."', COMMENTEMAIL = '".addSlashes($preEMAIL)."'");
        $redirect = "showcomment=".$arg['ENTRYID'];
      }
      else {
        $preENTRYID = $arg['ENTRYID'];
        initComments($preENTRYID);
        $screen = 13;
      }
    }
    elseif (isset($arg['loadcomment'])) {
      $query = vgb_query("select * from VGB_COMMENT where ID = ".$arg['loadcomment']);
      if (vgb_numrows($query) > 0) {
        $comment = vgb_result($query);
        $preTEXT = $comment['TEXT'];
        $preNAME = $comment['NAME'];
        $preEMAIL = $comment['EMAIL'];
        $preENTRYID = $comment['ENTRYID'];
        $preID = $comment['ID'];
        $preADMIN = $comment['ADMIN'];
        $_time = explode(":",$comment['SIGNTIME']);
        $preHOURS = $_time[0];
        $preMINUTES = $_time[1];
        $preSECONDS = $_time[2];
        setDatetime($comment['DATE'],false);
        $screen = 14;
      }
    }
    elseif (isset($arg['savecomment'])) {
      $preNAME = trim($arg['NAME']);
      $preEMAIL = trim($arg['EMAIL']);
      $preTEXT = trim($arg['TEXT']);
      $preADMIN = (isset($arg['ADMIN'])) ? 1 : 0;
      $preYEAR = trim($arg['YEAR']);
      $preMONTH = trim($arg['MONTH']);
      $preDAY = trim($arg['DAY']);
      $preHOURS = trim($arg['HOURS']);
      $preMINUTES = trim($arg['MINUTES']);
      $preSECONDS = trim($arg['SECONDS']);
      if (!vgb_isNumber($preYEAR,1980,3000))
        $errorMSG = $lang['wrongNumber'].$lang['year'];
      elseif (!vgb_isNumber($preMONTH,1,12))
        $errorMSG = $lang['wrongNumber'].$lang['month'];
      elseif (!vgb_isNumber($preDAY,1,31))
        $errorMSG = $lang['wrongNumber'].$lang['day'];
      elseif (!vgb_isNumber($preHOURS,0,23))
        $errorMSG = $lang['wrongNumber']."h";
      elseif (!vgb_isNumber($preMINUTES,0,59))
        $errorMSG = $lang['wrongNumber']."min";
      elseif (!vgb_isNumber($preSECONDS,0,59))
        $errorMSG = $lang['wrongNumber']."sec";
      elseif ($preNAME == "")
        $errorMSG = $lang['noName'];
      elseif ($preTEXT == "")
        $errorMSG = $lang['noEntry'];
      elseif ((vgb_strlen($preTEXT) > $settings['MAXLENENTRY']) &&
             ($settings['MAXLENENTRY'] > 0))
        $errorMSG = $lang['tooLongEntry'].
          (vgb_strlen($preTEXT)-$settings['MAXLENENTRY']);
      elseif (($x = vgb_noASCII(array($lang['email'] => $preEMAIL))) != "")
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      elseif (($preEMAIL != "") &&
          (!vgb_isValidEmail($preEMAIL)))
        $errorMSG = $lang['wrongEmail'];

      if (!isset($errorMSG)) {
        $q = "update VGB_COMMENT set ".
               "NAME = '".addSlashes($preNAME)."', EMAIL = ";
        $q .= ($preEMAIL == "") ?
               "null, " : "'".addSlashes($preEMAIL)."',";
        $q .= "TEXT = '".addSlashes($preTEXT)."',";
        $q .= "DATE = '".$preYEAR."-".$preMONTH."-".$preDAY."',";
        $q .= "SIGNTIME = '".$preHOURS.":".$preMINUTES.":".$preSECONDS."'";
        $q .= ", ADMIN = ".$preADMIN." where ID = ".$arg['ID'];
        vgb_query($q);
        $redirect = "showcomment=".$arg['ENTRYID'];
      }
      else {
        $preENTRYID = $arg['ENTRYID'];
        $preID = $arg['ID'];
        setDatetime($preYEAR."-".$preMONTH."-".$preDAY,false);
        $screen = 14;
      }
    }
    elseif (isset($arg['acceptentry'])) {
      vgb_query("update VGB_ENTRY set UNMODERATED = 0 where ID = ".$arg['acceptentry']);
      $query = vgb_query("select * from VGB_ENTRY where ID = ".$arg['acceptentry']);
      if (vgb_numrows($query) > 0) {
        $entry = vgb_result($query);
        if (!is_null($entry['EMAIL']))
          vgb_notification(4,$entry['EMAIL'],$entry['NAME'],
                       array("url" => $settings['INDEXURL']),
                       $lang['mailAccepted'],$lang['mailAccepted']);

      }
      
      // do we have to delete some of the entries ?
      if ($settings['MAXENTRIES'] != 0) {
        $query = vgb_query("select ID from VGB_ENTRY where UNMODERATED = 0 order by DATE asc, SIGNTIME asc, ID asc");
        $max = vgb_numrows($query)-$settings['MAXENTRIES'];
        if ($max > 0) {
          for ($i=0;$i<$max;$i++) {
            // delete entry with ratings and field-entries
            $row = vgb_result($query);
            deleteEntry($row['ID']);
          }
          // update pastentries
          $query = vgb_query("update VGB_SETTINGS set ".
                   "PASTENTRIES = ".($settings['PASTENTRIES']+$max));
        }
      }
      $redirect = "show=1";
    }
    elseif (isset($arg['rejectentry'])) {
      $query = vgb_query("select * from VGB_ENTRY where ID = ".$arg['rejectentry']);
      if (vgb_numrows($query) > 0) {
        $entry = vgb_result($query);
        if (!is_null($entry['EMAIL'])) {
          $_reason = isset($arg['reason']) ? trim($arg['reason']) : $lang['noReason'];
          vgb_notification(5,$entry['EMAIL'],$entry['NAME'],
                       array("url" => $settings['INDEXURL'],
                             "reason" => $_reason),
                       $lang['mailRejected'],$lang['mailRejected']);
        }
      }
      deleteEntry($arg['rejectentry']);
      $redirect = "show=1";
    }
    elseif (isset($arg['acceptcomment'])) {
      vgb_query("update VGB_COMMENT set UNMODERATED = 0 where ID = ".$arg['acceptcomment']);
      $_q = vgb_query("select * from VGB_COMMENT where ID = ".$arg['acceptcomment']);
      $c = vgb_result($_q);
      $_q = vgb_query("select * from VGB_ENTRY where ID = ".$c['ENTRYID']);
      $e = vgb_result($_q);
      if (!is_null($e['EMAIL']))
         vgb_notification(7,$e['EMAIL'],$e['NAME'],
                    array("comment" => $c['TEXT'],
                          "url" => $settings['INDEXURL'],
                          "from" => $c['NAME']),
                          $lang['commentSubject'],$lang['commentSubject']);
      if (!is_null($c['EMAIL']))
          vgb_notification(8,$c['EMAIL'],$e['NAME'],
                       array("url" => $settings['INDEXURL'],
                             "from" => $c['NAME'] ),
                       $lang['commentAccepted'],$lang['commentAccepted']);
      $redirect = "show=1";
    }
    elseif (isset($arg['rejectcomment'])) {
      $_q = vgb_query("select * from VGB_COMMENT where ID = ".$arg['rejectcomment']);
      $c = vgb_result($_q);
      $_q = vgb_query("select * from VGB_ENTRY where ID = ".$c['ENTRYID']);
      $e = vgb_result($_q);
      if (!is_null($c['EMAIL'])) {
        $_reason = isset($arg['reason']) ? trim($arg['reason']) : $lang['noReason'];
        vgb_notification(9,$c['EMAIL'],$e['NAME'],
                   array("url" => $settings['INDEXURL'],
                         "from" => $c['NAME'],
                         "reason" => $_reason),
                         $lang['commentRejected'],$lang['commentRejected']);
        }
      vgb_query("delete from VGB_COMMENT where ID = ".$arg['rejectcomment']);
      $redirect = "show=1";
    }
    elseif (isset($arg['deactivate'])) {
      vgb_query("update VGB_SETTINGS set DEACTIVATED = 1");
      $redirect  = "";
    }
    elseif (isset($arg['activate'])) {
      vgb_query("update VGB_SETTINGS set DEACTIVATED = 0");
      $redirect  = "";
    }
    elseif (isset($arg['mails'])) {
      $preACTIVE = array("");
      $preSUBJECT = array("");
      $preMESSAGE = array("");
      $preADMINEMAIL = $settings['ADMINEMAIL'];
      $preHTMLEMAIL = $settings['HTMLEMAIL'];
      $preFIRSTENTRY = $settings['FIRSTENTRY'];
      $preFROM = $settings['EMAILFROM'];
      $preFIRSTCOMMENT = $settings['FIRSTCOMMENT'];
      $preBSUBJECT = "";
      $preBMESSAGE = "";
      $query = vgb_query("select * from VGB_EMAIL");
      while($mail = vgb_result($query)) {
        $preACTIVE[] = $mail['ACTIVE'];
        $preSUBJECT[] = (is_null($mail['SUBJECT'])) ? "" : $mail['SUBJECT'];
        $preMESSAGE[] = (is_null($mail['MESSAGE'])) ? "" : $mail['MESSAGE'];
      }
      $screen = 15;
    }
    elseif (isset($arg['savemails'])) {
      $preACTIVE = array("");
      $preSUBJECT = array("");
      $preMESSAGE = array("");
      $preFIRSTENTRY = (isset($arg['FIRSTENTRY'])) ? 1 : 0;
      $preFIRSTCOMMENT = (isset($arg['FIRSTCOMMENT'])) ? 1 : 0;
      for ($i=1;$i<10;$i++) {
        $preACTIVE[] = (isset($arg['ACTIVE'.$i])) ? 1 : 0;
        $preSUBJECT[] = trim($arg['SUBJECT'.$i]);
        $preMESSAGE[] = trim($arg['MESSAGE'.$i]);
//
//
      }

      if (($preACTIVE[1] || $preACTIVE[6]) && (is_null($settings['ADMINEMAIL'])))
        $errorMSG = $lang['missingMail'];

      if (isset($errorMSG)) {
        $preADMINEMAIL = $settings['ADMINEMAIL'];
        $preHTMLEMAIL = $settings['HTMLEMAIL'];
        $preFROM = $settings['EMAILFROM'];
        $preBSUBJECT = "";
        $preBMESSAGE = "";
        $screen = 15;
      }
      else {
        for ($i=1;$i<10;$i++) {
          $q = "update VGB_EMAIL set ACTIVE = ".$preACTIVE[$i].", SUBJECT = ";
          $q .= ($preSUBJECT[$i] == "") ? "null" : "'".addSlashes($preSUBJECT[$i])."'";
          $q .= ", MESSAGE = ";
          $q .= ($preMESSAGE[$i] == "") ? "null" : "'".addSlashes($preMESSAGE[$i])."'";
          $q .= " where ID = ".$i;
          vgb_query($q);
        }
        vgb_query("update VGB_SETTINGS set FIRSTENTRY = $preFIRSTENTRY, FIRSTCOMMENT = $preFIRSTCOMMENT, ENTRYSENT = 0, COMMENTSENT = 0");
        $redirect = "mails=0";
      }
    }
    elseif (isset($arg['savemailsetup'])) {
      $preADMINEMAIL = trim($arg['ADMINEMAIL']);
      $preFROM = trim($arg['FROM']);
      $preHTMLEMAIL = (isset($arg['HTMLEMAIL'])) ? 1 : 0;
      if (($x = vgb_noASCII(array($lang['adminEmail'] => $preADMINEMAIL, $lang['emailFrom'] => $preFROM))) != "") 
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      
      if (!isset($errorMSG)) {
        $statusMSG = $lang['savedSetup'];
        $q = "update VGB_SETTINGS set HTMLEMAIL = $preHTMLEMAIL, EMAILFROM = '".addSlashes($preFROM)."', ADMINEMAIL = ";
        $q .= ($preADMINEMAIL == "") ? "null" : "'".addSlashes($preADMINEMAIL)."'";
        vgb_query($q);
        $redirect = "mails=0";
      }
      else {
        $preACTIVE = array("");
        $preSUBJECT = array("");
        $preMESSAGE = array("");
        $preFIRSTENTRY = $settings['FIRSTENTRY'];
        $preFIRSTCOMMENT = $settings['FIRSTCOMMENT'];
        $preBSUBJECT = "";
        $preBMESSAGE = "";
        $query = vgb_query("select * from VGB_EMAIL");
        while($mail = vgb_result($query)) {
          $preACTIVE[] = $mail['ACTIVE'];
          $preSUBJECT[] = (is_null($mail['SUBJECT'])) ? "" : $mail['SUBJECT'];
          $preMESSAGE[] = (is_null($mail['MESSAGE'])) ? "" : $mail['MESSAGE'];
        }
        $screen = 15;
      }
    }
    elseif (isset($arg['broadcast'])) {
      $_subject = trim($arg['BSUBJECT']);
      $_message = trim($arg['BMESSAGE']);
      if (($x = vgb_noASCII(array($lang['subject'] => $_subject))) != "") 
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      
      if (isset($errorMSG)) {
        unset($arg['broadcast']);
        $preACTIVE = array("");
        $preSUBJECT = array("");
        $preMESSAGE = array("");
        $preADMINEMAIL = $settings['ADMINEMAIL'];
        $preHTMLEMAIL = $settings['HTMLEMAIL'];
        $preFIRSTENTRY = $settings['FIRSTENTRY'];
        $preFROM = $settings['EMAILFROM'];
        $preFIRSTCOMMENT = $settings['FIRSTCOMMENT'];
        $preBSUBJECT = $_subject;
        $preBMESSAGE = $_message;
        $query = vgb_query("select * from VGB_EMAIL");
        while($mail = vgb_result($query)) {
          $preACTIVE[] = $mail['ACTIVE'];
          $preSUBJECT[] = (is_null($mail['SUBJECT'])) ? "" : $mail['SUBJECT'];
          $preMESSAGE[] = (is_null($mail['MESSAGE'])) ? "" : $mail['MESSAGE'];
        }
        $screen = 15;
      }
      else {
        $query = vgb_query("SELECT EMAIL FROM VGB_ENTRY where not isnull(EMAIL) group by EMAIL");
        $_max = vgb_numrows($query);
        $_maxpage = ($_max == 0) ? 0 : ceil($_max/MAILSPERPAGE);

        if (($arg['broadcast']+1) > $_maxpage) {
          $redirect = "mails=0";
          $statusMSG = $lang['broadcastDone'];
        }
      
        else {
          $query = vgb_query("select EMAIL from VGB_ENTRY where not isnull(EMAIL) and UNMODERATED = 0 group by EMAIL LIMIT ".($arg['broadcast']*MAILSPERPAGE).",".MAILSPERPAGE);
          $h = array();
          if ($settings['HTMLEMAIL']) {
            $h['Content-Type'] = "text/html; charset=";
            $h['Content-Type'] .= ($settings['ENCODING'] != "") ? $settings['ENCODING'] : "iso-8859-1";
          }
          while ($email = vgb_result($query))
            vgb_mail($email['EMAIL'],$_subject,$_message,$h);
        }
      }
    }
    elseif(isset($arg['users'])) {
      $prePASSPREFIX = $settings['PASSPREFIX'];
      $preNAME = "";
      $preSIGNATURE = "";
      $preRESERVED = 0;
      $prePASSWORD = "";
      $preEMAIL = "";
      $preHIDEEMAIL = 0;
      $preHOMEPAGE = "";
      $preICQ = "";
      $preAIM = "";
      $preMSN = "";
      $preYAHOO = "";
      $preFILENAME = "";
      $prePICTEXT = "";
      $preCOUNTRY = 0;
      initCountries();
      initCustoms();
      foreach ($customs as $custom)
        $preCustom[$custom['ID']] = "";
      $screen = 16;
    }
    elseif (isset($arg['saveusersetup'])) {
      $prePASSPREFIX = trim($arg['PASSPREFIX']);
      if ($prePASSPREFIX == "") 
        $errorMSG = $lang['noPrefix'];
      elseif (($x = vgb_noASCII(array($lang['passwordPrefix'] => $prePASSPREFIX))) != "")
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
             
      if (isset($errorMSG)) {
        $preNAME = "";
        $preSIGNATURE = "";
        $preRESERVED = 0;
        $prePASSWORD = "";
        $preEMAIL = "";
        $preHIDEEMAIL = 0;
        $preHOMEPAGE = "";
        $preICQ = "";
        $preAIM = "";
        $preMSN = "";
        $preYAHOO = "";
        $preFILENAME = "";
        $prePICTEXT = "";
        $preCOUNTRY = 0;
        initCountries();
        initCustoms();
        foreach ($customs as $custom)
          $preCustom[$custom['ID']] = "";
        $screen = 16;
      }
      else {
        vgb_query("update VGB_SETTINGS set PASSPREFIX = '".addSlashes($prePASSPREFIX)."'");
        $statusMSG = $lang['savedSetup'];
        $redirect = "users=0";
      }
    }
    elseif (isset($arg['newuser'])) {
      $preNAME = trim($arg['NAME']);
      $preSIGNATURE = trim($arg['SIGNATURE']);
      $prePASSWORD = trim($arg['PASSWORD']);
      $preEMAIL = trim($arg['EMAIL']);
      $preHOMEPAGE = trim($arg['HOMEPAGE']);
      if (strtoupper(substr($preHOMEPAGE,0,7)) == "HTTP://")
        $preHOMEPAGE = trim(substr($preHOMEPAGE,7));
      $preICQ = trim($arg['ICQ']);
      $preAIM = trim($arg['AIM']);
      $preMSN = trim($arg['MSN']);
      $preYAHOO = trim($arg['YAHOO']);
      $preRESERVED = (isset($arg['RESERVED'])) ? 1 : 0;
      $prePICTEXT = trim($arg['PICTEXT']);
      $preHIDEEMAIL = (isset($arg['HIDEEMAIL'])) ? 1 : 0;
      $preFILENAME = trim($arg['FILENAME']);
      $preCOUNTRY = $arg['COUNTRY'];
      initCountries();
      initCustoms();
      $preCustom = array();
      foreach ($customs as $custom) {
        $preCustom[$custom['ID']] = $arg["CUSTOM".$custom['ID']];
      }
      $query = vgb_query("select * from VGB_USER where PASSWORD = '".strtolower(addSlashes($prePASSWORD))."'");
      if ((vgb_numrows($query) > 0) || ($prePASSWORD == ""))
        $errorMSG = $lang['invalidPassword'];
      elseif ($preNAME == "")
        $errorMSG = $lang['noName'];
      elseif (($x = vgb_noASCII(array($lang['email'] => $preEMAIL, 
                                      $lang['homepage'] => $preHOMEPAGE,
                                      $lang['aim'] => $preAIM,
                                      $lang['msn'] => $preMSN,
                                      $lang['yahoo'] => $preYAHOO,
                                      $lang['userPassword'] => $prePASSWORD,
                                      $lang['filename'] => $preFILENAME))) != "")
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      elseif (($preEMAIL != "") &&
            (!vgb_isValidEmail($preEMAIL)))
        $errorMSG = $lang['wrongEmail'];
      elseif (($preHOMEPAGE != "") &&
            (!vgb_isValidURL($preHOMEPAGE)))
        $errorMSG = $lang['wrongURL'];
      elseif (!vgb_isNumber("".$preICQ,100000,2147483647) && ($preICQ != ""))
        $errorMSG = $lang['wrongICQ'];
      foreach ($customs as $custom) {
        if (($custom['TYPE'] == 1) &&
            ($preCustom[$custom['ID']] != "")) {
          $rules = explode("\n",$custom['RULES'],2);
          if (substr_count($rules[0],"-") == 0) {
            $min = 0;
            $max = 999999999;
          }
          else {
            $rule = explode("-",$rules[0],2);
            $min = ($rule[0] == "") ? 0 : $rule[0];
            $max = ($rule[1] == "") ? 999999999 : $rule[1];
          }
          if (!vgb_isNumber($preCustom[$custom['ID']],$min,$max))
            $errorMSG = $lang['wrongNumber'].$custom['NAME'];
        }
      }

      if ((!isset($errorMSG)) && (($preFILENAME != "")))
        if (!file_exists("upload/".$preFILENAME))
          $errorMSG = $lang['noIcon']."upload/".$preFILENAME;

      if (isset($errorMSG)) {
        $prePASSPREFIX = $settings['PASSPREFIX'];
        $screen = 16;
      }
      else {
        $prePASSWORD = strtolower($prePASSWORD);
        $q = "insert into VGB_USER values(null
                     ,'".addSlashes($preNAME)."'
                     ,$preRESERVED
                     ,'".addSlashes($prePASSWORD)."'
                     ,'".addSlashes($preSIGNATURE)."'
                     ,'".addSlashes($preEMAIL)."'
                     ,$preHIDEEMAIL
                     ,'".addSlashes($preHOMEPAGE)."'
                     ,";
        $q .= ($preICQ != "") ? $preICQ : "0";
        $q .= "      ,'".addSlashes($preAIM)."'
                     ,'".addSlashes($preMSN)."'
                     ,'".addSlashes($preYAHOO)."'
                     ,";
        $q .= ($preCOUNTRY != "") ? $preCOUNTRY : "0";
        $q .= "      ,'".addSlashes($prePICTEXT)."'
                     ,'".addSlashes($preFILENAME)."')";
        vgb_query($q);
        $query = vgb_query("select * from VGB_USER where PASSWORD = '".addSlashes($prePASSWORD)."'");
        $u = vgb_result($query);
        foreach ($preCustom as $key => $val) {
          if ($val != "")
            vgb_query("insert into VGB_CUSTOMUSER values (".$u['ID'].",$key,'".addSlashes($val)."')");
        }
        $redirect = "users=0";
      }
    }
    elseif(isset($arg['loaduser'])) {
      $query = vgb_query("select * from VGB_USER where ID = ".$arg['loaduser']);
      $u = vgb_result($query);
      $preID = $arg['loaduser'];
      $preNAME = $u['NAME'];
      $prePASSWORD = $u['PASSWORD'];
      $preHIDEEMAIL = $u['HIDEEMAIL'];
      $preEMAIL = $u['EMAIL'];
      $preSIGNATURE = $u['SIGNATURE'];
      $preHOMEPAGE = $u['HOMEPAGE'];
      $preRESERVED = $u['RESERVED'];
      $preICQ = ($u['ICQ'] == 0) ? "" : $u['ICQ'];
      $preCOUNTRY = $u['COUNTRY'];
      $prePICTEXT = $u['PICTEXT'];
      $preFILENAME = $u['PICTURE'];
      $preAIM = $u['AIM'];
      $preMSN = $u['MSN'];
      $preYAHOO = $u['YAHOO'];
      initCountries();
      initCustoms();
      $preCustom = array();
      foreach ($customs as $custom) {
        $query = vgb_query("select * from VGB_CUSTOMUSER where USER_ID = ".$arg['loaduser']." and FIELD_ID = ".$custom['ID']);
        if (vgb_numrows($query) > 0) {
          $c = vgb_result($query);
          $preCustom[$custom['ID']] = $c['CONTENT'];
        }
        else
          $preCustom[$custom['ID']] = "";
      }
      $screen = 17;
    }
    elseif(isset($arg['saveuser'])) {
      $preID = trim($arg['ID']);
      $preNAME = trim($arg['NAME']);
      $preSIGNATURE = trim($arg['SIGNATURE']);
      $prePASSWORD = trim($arg['PASSWORD']);
      $preEMAIL = trim($arg['EMAIL']);
      $preHOMEPAGE = trim($arg['HOMEPAGE']);
      if (strtoupper(substr($preHOMEPAGE,0,7)) == "HTTP://")
        $preHOMEPAGE = trim(substr($preHOMEPAGE,7));
      $preICQ = trim($arg['ICQ']);
      $preAIM = trim($arg['AIM']);
      $preMSN = trim($arg['MSN']);
      $preYAHOO = trim($arg['YAHOO']);
      $preRESERVED = (isset($arg['RESERVED'])) ? 1 : 0;
      $prePICTEXT = trim($arg['PICTEXT']);
      $preHIDEEMAIL = (isset($arg['HIDEEMAIL'])) ? 1 : 0;
      $preFILENAME = trim($arg['FILENAME']);
      $preCOUNTRY = $arg['COUNTRY'];
      initCountries();
      initCustoms();
      $preCustom = array();
      foreach ($customs as $custom) {
        $preCustom[$custom['ID']] = $arg["CUSTOM".$custom['ID']];
      }
      $query = vgb_query("select * from VGB_USER where PASSWORD = '".
         addSlashes(strtolower($prePASSWORD))."' and ID != $preID");
      if ((vgb_numrows($query) > 0) || ($prePASSWORD == ""))
        $errorMSG = $lang['invalidPassword'];
      elseif ($preNAME == "")
        $errorMSG = $lang['noName'];
      elseif (($x = vgb_noASCII(array($lang['email'] => $preEMAIL, 
                                      $lang['homepage'] => $preHOMEPAGE,
                                      $lang['aim'] => $preAIM,
                                      $lang['msn'] => $preMSN,
                                      $lang['yahoo'] => $preYAHOO,
                                      $lang['userPassword'] => $prePASSWORD,
                                      $lang['filename'] => $preFILENAME))) != "")
        $errorMSG = "Only ASCII characters are allowed in the field: ".$x; 
      elseif (($preEMAIL != "") &&
            (!vgb_isValidEmail($preEMAIL)))
        $errorMSG = $lang['wrongEmail'];
      elseif (($preHOMEPAGE != "") &&
            (!vgb_isValidURL($preHOMEPAGE)))
        $errorMSG = $lang['wrongURL'];
      elseif (!vgb_isNumber("".$preICQ,100000,2147483647) && ($preICQ != ""))
        $errorMSG = $lang['wrongICQ'];
      foreach ($customs as $custom) {
        if (($custom['TYPE'] == 1) &&
            ($preCustom[$custom['ID']] != "")) {
          $rules = explode("\n",$custom['RULES'],2);
          if (substr_count($rules[0],"-") == 0) {
            $min = 0;
            $max = 999999999;
          }
          else {
            $rule = explode("-",$rules[0],2);
            $min = ($rule[0] == "") ? 0 : $rule[0];
            $max = ($rule[1] == "") ? 999999999 : $rule[1];
          }
          if (!vgb_isNumber($preCustom[$custom['ID']],$min,$max))
            $errorMSG = $lang['wrongNumber'].$custom['NAME'];
        }
      }

      if ((!isset($errorMSG)) && (($preFILENAME != "")))
        if (!file_exists("upload/".$preFILENAME))
          $errorMSG = $lang['noIcon']."upload/".$preFILENAME;

      if (isset($errorMSG)) {
        initCountries();
        $screen = 17;
      }
      else {
        $prePASSWORD = strtolower($prePASSWORD);
        $q = "update VGB_USER set
                     NAME = '".addSlashes($preNAME)."'
                     ,RESERVED = $preRESERVED
                     ,PASSWORD = '".addSlashes($prePASSWORD)."'
                     ,SIGNATURE = '".addSlashes($preSIGNATURE)."'
                     ,EMAIL = '".addSlashes($preEMAIL)."'
                     ,HIDEEMAIL = $preHIDEEMAIL
                     ,HOMEPAGE = '".addSlashes($preHOMEPAGE)."'
                     ,ICQ = ";
        $q .= ($preICQ != "") ? $preICQ : "0";
        $q .= "      ,AIM = '".addSlashes($preAIM)."'
                     ,MSN = '".addSlashes($preMSN)."'
                     ,YAHOO = '".addSlashes($preYAHOO)."'
                     ,COUNTRY = ";
        $q .= ($preCOUNTRY != "") ? $preCOUNTRY : "0";
        $q .= "      ,PICTEXT = '".addSlashes($prePICTEXT)."'
                     ,PICTURE = '".addSlashes($preFILENAME)."' where ID = $preID";
        vgb_query($q);
        $query = vgb_query("select * from VGB_USER where PASSWORD = '".addSlashes($prePASSWORD)."'");
        $u = vgb_result($query);
        vgb_query("delete from VGB_CUSTOMUSER where USER_ID = $preID");
        foreach ($preCustom as $key => $val) {
          if ($val != "")
            vgb_query("insert into VGB_CUSTOMUSER values (".$u['ID'].",$key,'".addSlashes($val)."')");
        }
        $statusMSG = $lang['savedChanges'];
        $redirect = "users=0";
      }
    }
    elseif(isset($arg['deluser'])) {
      vgb_query("delete from VGB_USER where ID = ".$arg['deluser']);
      vgb_query("delete from VGB_CUSTOMUSER where USER_ID = ".$arg['deluser']);
      $redirect = "users=0";
    }
    elseif(isset($arg['delmarkentry'])) {
      if (isset($arg["entry"]))
        foreach ($arg["entry"] as $key => $val) {
          deleteEntry($key);
        }
      $redirect = "show=1";
    }
    elseif (isset($arg['delmarkemoticon'])) {
      if (isset($arg['emoticon']))
        foreach ($arg['emoticon'] as $key => $val) {
          vgb_query("delete from VGB_EMOTICON where ID = ".$key);
        }
      $redirect = "emoticons=0";
    }
    elseif (isset($arg['delmarkcountry'])) {
      if (isset($arg['country']))
        foreach($arg['country'] as $key => $val) {
          vgb_query("delete from VGB_COUNTRY where ID = ".$key);
          vgb_query("update VGB_ENTRY set COUNTRY = null where COUNTRY = ".$key);
        }
      $redirect = "countries=0";
    }
    elseif (isset($arg['delmarkcomment'])) {
      if (isset($arg['comment']))
        foreach($arg['comment'] as $key => $val) {
          vgb_query("delete from VGB_COMMENT where ID = ".$key);
        }
      $redirect = "showcomment=".$arg['ENTRYID'];
    }
    elseif (isset($arg['editstyle'])) {
      $editfile = "style.inc";
    }
    elseif (isset($arg['editlang'])) {
      $editfile = "lang.inc";
    }
    elseif (isset($arg['savefile'])) {
      $editfile = $arg['EDITFILE'];
      vgb_setSkinDir();
      if (isset($arg['FILE'])) {
        $fp = fopen ($skinDir.$editfile,"w");
        if ($fp == false)
          $errorMSG = $lang['fileError'];
        else {
          fwrite($fp,$arg['FILE']);
          fclose($fp);
        }
      }
      else {
        $edit = file($skinDir.$editfile);
        $fp = fopen ($skinDir.$editfile,"w");
        if ($fp == false)
          $errorMSG = $lang['fileError'];
        else {
          $n = 0;
          for ($i=0;$i<count($edit);$i++) {
            $d = getDefine($edit[$i]);
            if (is_null($d)) {
              fwrite($fp,$edit[$i]);
            }
            else {
              $_o = $arg['FIELD'][$n];
              if (($d[0] == "VGBCOPYRIGHTFONT") || ($d[0] == "VGBLINKFONT")) {
                $sizes = array();
                eregi("font-size( )*:( )*([0-9])+( )*((pt)|(pc)|(in)|(mm)|(cm)|(px)|(em)|(ex)|%)",$arg['FIELD'][$n],$s);
                foreach ($s as $_s)
                  if (strtolower(substr($_s,0,9)) == "font-size") {
                    $j = 0;
                    while (($_s[$j] < '0') || ($_s[$j] > '9'))
                      $j++;
                    $_num = "";
                    while (($_s[$j] >= '0') && ($_s[$j] <= '9')) {
                      $_num .= $_s[$j];
                      $j++;
                    }
                    while (vgb_isWhitespace($_s[$j]))
                      $j++;
                    $_unit = "";
                    while ($j < strlen($_s)) {
                      $_unit .= $_s[$j];
                      $j++;
                    }
                    $sizes[] = array( $_num , strtolower($_unit), $_s);
                  }
                foreach ($sizes as $size) {
                  switch ($size[1]) {
                    case "px": if (doubleval($size[0]) < 9) {
                                 $_o = str_replace($size[2],"font-size: 9px",$_o);
                               }
                               break;
                    case "pt": if (doubleval($size[0]) < 7) {
                                 $_o = str_replace($size[2],"font-size: 7pt",$_o);
                               }
                               break;
                    case "pc": if (doubleval($size[0]) < 0.6) {
                                 $_o = str_replace($size[2],"font-size: 0.6pc",$_o);
                               }
                               break;
                    case "in": if (doubleval($size[0]) < 0.1) {
                                 $_o = str_replace($size[2],"font-size: 0.1in",$_o);
                               }
                               break;
                    case "mm": if (doubleval($size[0]) < 3) {
                                 $_o = str_replace($size[2],"font-size: 3mm",$_o);
                               }
                               break;
                    case "cm": if (doubleval($size[0]) < 0.3) {
                                 $_o = str_replace($size[2],"font-size: 0.3cm",$_o);
                               }
                               break;
                    case "em": if (doubleval($size[0]) < 0.7) {
                                 $_o = str_replace($size[2],"font-size: 0.7em",$_o);
                               }
                               break;
                    case "ex": if (doubleval($size[0]) < 1.2) {
                                 $_o = str_replace($size[2],"font-size: 1.2ex",$_o);
                               }
                               break;
                    case "%": if (doubleval($size[0]) < 75) {
                                 $_o = str_replace($size[2],"font-size: 75%",$_o);
                               }
                               break;
                  }
                }
              }
              fwrite($fp,"define ( \"".addSlashes($d[0])."\" , \"".str_replace("\$","\\\$",str_replace("\"","\\\"",str_replace("\\","\\\\",trim(str_replace("\n"," ",str_replace("\r\n"," ",$_o))))))."\" );\r\n");
            }
            $n++;
          }
          fclose($fp);
        }
      }

      if (!isset($errorMSG))
        $statusMSG = $lang['savedChanges'];
    }
    else {
      // show the setup screen
      initSetup();

      $preENCODING = $settings['ENCODING'];
      $preUSEFRAMES = $settings['USEFRAMES'];
      $preUSEJAVASCRIPT = $settings['USEJAVASCRIPT'];
      $preUSEUSDATE = $settings['USEUSDATE'];
      $preACTIVATELINKS = $settings['ACTIVATELINKS'];
      $preUSEWBR = $settings['USEWBR'];
      $preHIDEIP = $settings['HIDEIP'];
      $preHIDEHOST = $settings['HIDEHOST'];
      $preUSEBROWSCAP = $settings['USEBROWSCAP'];
      $preSENDNOTICE = $settings['SENDNOTICE'];
      $preENTRIESPERPAGE = $settings['MAXENTRIESPERPAGE'];
      $preMAXSPAMTIME = $settings['MAXSPAMTIME'];
      $preMAXENTRIES = $settings['MAXENTRIES'];
      $preFORCEBREAK = $settings['FORCEBREAK'];
      $preADMINEMAIL = $settings['ADMINEMAIL'];
      $preMODERATEDMODE = $settings['MODERATEDMODE'];
      $preACTIVESKIN = $settings['ACTIVESKIN'];
      $preINDEXURL = "http://";
      $preBACKURL = "http://";
      if (!is_null($settings['INDEXURL']))
        $preINDEXURL .= $settings['INDEXURL'];
      if (!is_null($settings['BACKURL']))
        $preBACKURL .= $settings['BACKURL'];
      $preASKPRIVATE = $settings['ASKPRIVATE'];
      $preALLOWCOMMENTS = $settings['ALLOWCOMMENTS'];
      $preALLOWSEARCH = $settings['ALLOWSEARCH'];
      $prePRIVPARAMETER = (is_null($settings['PRIVPARAMETER'])) ?
        "" : $settings['PRIVPARAMETER'];
      $prePASSWORD = "";
      $prePASSWORD2 = "";
      $preBANLIST = $settings['BANLIST'];
      $preBANROBOTS = $settings['BANROBOTS'];
      $preMAXEMPTYLINES = $settings['MAXEMPTYLINES'];
      $preEMAILTOOLTIP = $settings['EMAILTOOLTIP'];
      $preHOURS = $settings['ADDHOURS'];
      $preMINUTES = $settings['ADDMINUTES'];
      $preSECONDS = $settings['ADDSECONDS'];
      setDatetime($settings['ONLINEDATE']);
      $screen = 0;
    }

    if (isset($redirect)) {
       if (!isset($statusMSG)) $statusMSG = "";
       echo "<meta http-equiv='refresh' content='".REDIRECTWAITTIME."; URL=admin.".EXT."?sessionID=$sessionID&amp;".$redirect.
            "' /></head><body>".
            "<table class='fullscreen'>".
            "<tr><td align='center' valign='middle'>".
            "<table class='bgright' width='400'><tr><td align='center'>".
            "<span class='status'><br />".
            $statusMSG."</span>".
            "<p></p><a href='admin.".EXT."?sessionID=$sessionID&amp;".$redirect."' class='error'>".$lang['continue']."...</a><br />&nbsp;</td>".
            "</tr></table></td></tr></table>";
    }
    elseif(isset($arg['broadcast'])) {
       echo "<meta http-equiv='refresh' content='".BROADCASTWAITTIME."; URL=admin.".EXT."?sessionID=$sessionID&amp;broadcast=".($arg['broadcast']+1).
            "&amp;BSUBJECT=".urlencode($_subject)."&amp;BMESSAGE=".urlencode($_message).
            "' /></head><body>".
            "<table class='fullscreen'>".
            "<tr><td align='center' valign='middle'>".
            "<table class='bgright' width='400'><tr><td align='center'>".
            "<span class='status'><br />".
            "Broadcast in process (".($arg['broadcast']+1)."/".$_maxpage.")</span>".
            "<p></p><a href='admin.".EXT."?sessionID=$sessionID&amp;mails=0' class='error'>".$lang['abort']."</a><br />&nbsp;</td>".
            "</tr></table></td></tr></table>";
    }
    elseif(isset($editfile)) {
      echo "  </head>\n
            <body>\n
            <br />
            <table align='center'>
            <tr>
              <td align='left' valign='top' class='bgright' width='770'>";
      vgb_setSkinDir();
      $edit = file($skinDir.$editfile);
      Title($editfile,750);
      echo "  <br />
              <form action='admin.".EXT."' method='post'>
              <input type='hidden' name='EDITFILE' value='".$editfile."' />
              <input type='hidden' name='sessionID' value='".$sessionID."' />";
      PrintMSG();
      if ((substr($edit[0],0,15) != "<? //* editable") &&
          (substr($edit[0],0,18) != "<?php //* editable")) {
        editarea("FILE",implode("",$edit));
      }
      else {
        $n = 0;
        $no = 0;
        $info = "";
        for ($i=0;$i<count($edit);$i++) {
          $d = getDefine($edit[$i]);
          if (is_null($d)) {
            if (substr($edit[$i],0,4) == "//+ ") {
              echo "<br />";
              Category(trim(substr($edit[$i],4)));
              $info = "";
            }
            elseif (substr($edit[$i],0,4) == "//* ") {
              $info = trim(substr($edit[$i],4));
            }
            else
              $info = "";
          }
          else {
            $no++; 
            editfield("FIELD[".$n."]",stripSlashes($d[1]),"<span class='info' style='color: #BCCFFA'>".$no.".</span> ".$d[0],$info);
          }
          $n++;
        }
      }
      echo "<center><br />";
      Submit($lang['saveChanges'],"savefile");
      echo "</center><br />";

      echo "  </form>
              </td>
            </tr>
            </table>";
    }
    else {

    // print the current screen
    if (($newentries == 0) && ($newcomments == 0))
      $menuinfo = null;
    else {
      $menuinfo = "";
      if ($newentries > 0)
        $menuinfo .= $lang['newEntries'].": ".$newentries;
      if ($newcomments > 0) {
        if ($menuinfo != "")
          $menuinfo .= "<br />";
        $menuinfo .= $lang['newComments'].": ".$newcomments;
      }
    }
    echo "  </head>\n\n".
         "  <body>\n".
         "<script type='text/javascript'><!--\n".
         "  function del( inLocation ) {\n".
         "    sure = confirm('".vgb_JSout($lang['sure'])."');\n".
         "    if (sure) {\n".
         "      document.location.href='admin.".EXT."?sessionID=$sessionID&'+inLocation;\n".
         "    };\n".
         "    return sure;\n".
         "  };\n".
         "  function reject( inLocation ) {\n".
         "    sure = confirm('".vgb_JSout($lang['rejectConfirm'])."');\n".
         "    if (sure) {\n".
         "      document.location.href='admin.".EXT."?sessionID=$sessionID&'+inLocation;\n".
         "    };\n".
         "    return sure;\n".
         "  };\n".
         "  function reject2( inLocation ) {\n".
         "    sure = confirm('".vgb_JSout($lang['rejectConfirm'])."');\n".
         "    if (sure) {\n".
         "      reason = prompt('".vgb_JSout($lang['enterReason'])."','');\n".
         "      if (reason == null)\n".
         "        reason = \"\";\n".
         "      if (reason != \"\")\n".
         "        reason = \"reason=\"+encodeURI(reason)+\"&amp;\";\n".
         "      document.location.href='admin.".EXT."?sessionID=$sessionID&'+reason+inLocation;\n".
         "    };\n".
         "    return sure;\n".
         "  };\n".
         "//-->\n</script>".
         "<br /><table width='750' border='0' cellspacing='5' cellpadding='0' ".
         "align='center'><tr><td width='200' align='center' valign='top' ".
         "class='bgleft'><img alt='' src='logo.gif' /><br />".
         "<hr class='smallrule' noshade='noshade' />".
         "<span class='option'>&raquo; ".$lang['admin']." &laquo;</span>".
         "<hr class='smallrule' noshade='noshade' />".
         "<table align='center' cellpadding='2' cellspacing='3' width='180'>";
         Menu("setup","",array(0));
         Menu("manageInputs","input=0",array(1,3,4));
         Menu("manageEntries","show=1",array(2,5,13,14),$menuinfo);
         Menu("manageStats","stats=0",array(8));
         Menu("manageEmoticons","emoticons=0",array(9,10));
         Menu("manageCountries","countries=0",array(6,7));
         Menu("manageUsers","users=0",array(16,17));
         Menu("bbcode","bbcode=0",array(12));
         Menu("badwordFilter","badword=0",array(11));
         Menu("mailsNotification","mails=0",array(15));
         Menu("logout","LOGOUT=0",array());
    echo "</table>".
         "<hr class='smallrule' noshade='noshade' />".
         "<span class='option'>&raquo; ".$lang['navigation']." &laquo;</span>".
         "<hr class='smallrule' noshade='noshade' />".
         "<table cellspacing='4' cellpadding='0' border='0'>";
         NaviLink($lang['showGuestbook'],$settings['INDEXURL'],!is_null($settings['INDEXURL']));
         $url = $settings['INDEXURL'];
         if ($settings['ASKPRIVATE'] && ($url != "")) {
           if ($url[strlen($url)-1] == "/")
             $url .= "index.".EXT;

           if (strpos($settings['INDEXURL'],"?") != 0)
            $url .= "&amp;";
           else
            $url .= "?";
           NaviLink($lang['showPrivGuestbook'],$url.$settings['PRIVPARAMETER']);
         }
         NaviLink("YW Guestbook Website","www.yahoowebs.tk");

    echo "</table>";

    echo "<hr class='smallrule' noshade='noshade' />".
         "<span class='leftinfo'>&copy; 2005 by YahooWebs<br />&nbsp;</span>".
         "</td>".
         "<td align='left' valign='top' class='bgright' width='550'>";

    switch ($screen) {
      case 0:  // print the setup-screen
               echo "<script type='text/javascript'><!--\n".
                    "function enc_check() {\n".
                    "  if ('".$settings['ENCODING']."' == document.FORM.ENCODING.value.toLowerCase())\n".
                    "    return true;\n".
                    "  else\n".
                    "    return confirm('If you change between single and multibyte encodings or different multibyte encodings you can loose datas !\\nAre you sure that you want to change the encoding ?');\n".
                    "}\n".
                    "//-->\n".
                    "</script>\n";
               vgb_setSkinDir();
               if (file_exists($skinDir."skininfo.php"))
                 include($skinDir."skininfo.php");

               if (!isset($skininfo['MODE']))
                 $skininfo['MODE'] = 0;

               $_skininfo = array();
               $_skininfo[$lang['name']] = (isset($skininfo['NAME'])) ?
                 $skininfo['NAME'] : $skinDir;
               if (isset($skininfo['REVISION']))
                 $_skininfo[$lang['name']] .= " (".$lang['revision']." ".$skininfo['REVISION'].")";
               if (isset($skininfo['LANGUAGE'])) {
                 $_skininfo[$lang['language']] = $skininfo['LANGUAGE'];
               }
               $_skininfo[$lang['artist']] = (isset($skininfo['ARTIST'])) ? $skininfo['ARTIST'] : "";
               if (isset($skininfo['ARTISTEMAIL'])) {
                 if ($_skininfo[$lang['artist']] != "") $_skininfo[$lang['artist']] .= "<br />";
                 $_skininfo[$lang['artist']] .= "<a class='infolink' href='mailto:".$skininfo['ARTISTEMAIL']."'>".$skininfo['ARTISTEMAIL']."</a>";
               }
               if (isset($skininfo['ARTISTHOME'])) {
                 if (strtolower(substr($preBACKURL,0,7)) != "http://")
                   $skininfo['ARTISTHOME'] = substr($skininfo['ARTISTHOME'],7);
                 if ($_skininfo[$lang['artist']] != "") $_skininfo[$lang['artist']] .= "<br />";
                 $_skininfo[$lang['artist']] .= "<a class='infolink' href='http://".$skininfo['ARTISTHOME']."' target='_blank'>".$skininfo['ARTISTHOME']."</a>";
               }
               switch ($skininfo['MODE']) {
                 case 0: $_skininfo[$lang['modes']] = $lang['framemode']." / ".$lang['nonFramemode'];
                         break;
                 case 1: $_skininfo[$lang['modes']] = $lang['framemode'];
                         break;
                 case 2: $_skininfo[$lang['modes']] = $lang['nonFramemode'];
                         break;
                 case 3: $_skininfo[$lang['modes']] = $lang['singlePagemode'];
               }
               if (isset($skininfo['NOTES'])) {
                 $_skininfo[$lang['notes']] = $skininfo['NOTES'];
               }

               $_today = getdate(time());
               $_date = vgb_dateOut(array($_today['year'],$_today['mon'],$_today['mday']));

               echo "<form method='post' action='admin.".EXT."?sessionID=$sessionID'>";

               Title($lang['setup']);
               echo "<center>";
               printMSG();
               echo "</center><br />";
               InfoBox($lang['guestbookInfo'],
                       array(
                         "Version"         => $settings['VERSION'],
                         $lang['database'] => "<table align='center'><tr><td>".
                                              "<span class='info'>".$lang['usageDatabase']." '".
                                              $mySQL_Database."':</span></td><td align='right'>".
                                              "<span class='info'> <b>$databasesize $totalunit</b></span>".
                                              "</td></tr><tr><td><span class='info'>- ".$lang['usageVGB'].
                                              ":</span></td><td align='right'><span class='info'><b>$vgbsize".
                                              " $vgbunit</b></span></td></tr></table>",
                         $lang['servertime'] => $_date." - ".$_today['hours'].":".$_today['minutes'].":".$_today['seconds']));

               Category($lang['guestbookStatus']);
               echo "<p></p><center>";
               if ($settings['DEACTIVATED']) {
                 echo "<span class='error'>".$lang['deactivatedInfo']."<br /><br /></span>";
                 submit($lang['activate'],"activate");
               }
               else
                 submit($lang['deactivate'],"deactivate");
               echo "<br />&nbsp;</center></form><form method='post' name='FORM' onsubmit='return enc_check()' action='admin.".EXT."?sessionID=$sessionID'>";


               Category($lang['dateTime']);
               selection("USEUSDATE",$dateFormats,$preUSEUSDATE,
                         $lang['useUSDate']);
               multiInputfield($dateFields,$lang['onlineDate']." <span class='info'>".$dateinfo."</span>");
               multiInputfield($timeFields,$lang['timeAdjustment'],
                        $lang['timeAdjustInfo']);

               Category($lang['generalSetup']);
               inputfield("ENCODING",$preENCODING,25,30,
                    "Encoding","You can enter an encoding for your language here if you don't want to use the standard encoding of your webserver.<br /><br />See <b>readme.txt</b> for possible encodings !");
               checkbox("USEJAVASCRIPT",$preUSEJAVASCRIPT,
                        $lang['useJava'],$lang['useJavaInfo']);
               checkbox("ACTIVATELINKS",$preACTIVATELINKS,
                        $lang['activLinks'],$lang['activLinksInfo']);
               checkbox("HIDEIP",$preHIDEIP,
                        $lang['hideIP'],$lang['hideIPInfo']);
               checkbox("HIDEHOST",$preHIDEHOST,
                        $lang['hideHost'],$lang['hideHostInfo']);
               checkbox("USEBROWSCAP",$preUSEBROWSCAP,
                        $lang['useBrowscap'],$lang['useBrowscapInfo']);
               checkbox("MODERATEDMODE",$preMODERATEDMODE,
                        $lang['moderatedMode'],$lang['moderatedModeInfo']);
               checkbox("ALLOWCOMMENTS",$preALLOWCOMMENTS,
                        $lang['allowComments'],$lang['allowCommentsInfo']);
               checkbox("ALLOWSEARCH",$preALLOWSEARCH,
                        $lang['allowSearch'],$lang['allowSearchInfo']);
               checkbox("ASKPRIVATE",$preASKPRIVATE,
                        $lang['askPrivate'],$lang['askPrivateInfo']);
               inputfield("PRIVPARAMETER",$prePRIVPARAMETER,25,30,
                    $lang['privParameter'],$lang['privParameterInfo']);
               inputfield("ENTRIESPERPAGE",$preENTRIESPERPAGE,6,6,
                    $lang['entriesPage'],$lang['entriesPageInfo']);
               inputfield("INDEXURL",$preINDEXURL,25,127,
                    $lang['indexURL'],$lang['indexURLInfo']);
               inputfield("BACKURL",$preBACKURL,25,127,
                    $lang['backURL'],$lang['backURLInfo']);

               Category($lang['skin']);
               $skinedit = "";
               if (file_exists($skinDir."style.inc"))
                 $skinedit .= "<input type='button' name='".$lang['editStyle']."' value='".$lang['editStyle']."' class='button' onclick='w=window.open(\"admin.".EXT."?editstyle=0&amp;sessionID=$sessionID\",\"_blank\",\"width=800,resizable=yes,scrollbars=yes\"); if (window.focus) w.focus(); return false;' />";
               if (file_exists($skinDir."lang.inc"))
                 $skinedit .= "<input type='button' name='lang' value='".$lang['editLang']."' class='button'  onclick='w=window.open(\"admin.".EXT."?editlang=0&amp;sessionID=$sessionID\",\"_blank\",\"width=800,resizable=yes,scrollbars=yes\"); if (window.focus) w.focus(); return false;' />";
               InfoBox($lang['activeSkin'],$_skininfo,$skinedit);
               echo "<br />";
               if (sizeof($skins) != 0)
                 selection("ACTIVESKIN",$skins,$preACTIVESKIN,
                          $lang['useSkin'],$lang['useSkinInfo']);
               else {
                 textfield($lang['useSkin'],$lang['noSkins'],
                           $lang['useSkinInfo']);
                 echo "<input type='hidden' name='ACTIVESKIN' />";
               }
               if ($skininfo['MODE'] == 0)
                 checkbox("USEFRAMES",$preUSEFRAMES,
                        $lang['useFrames'],$lang['useFramesInfo']);


               Category($lang['securitySetup']);
               inputfield("MAXSPAMTIME",$preMAXSPAMTIME,6,6,
                    $lang['maxSpamtime'],$lang['maxSpamtimeInfo']);
               inputfield("MAXENTRIES",$preMAXENTRIES,6,6,
                    $lang['maxEntries'],$lang['maxEntriesInfo']);
               inputfield("FORCEBREAK",$preFORCEBREAK,6,6,
                    $lang['forceBreak'],$lang['forceBreakInfo']);
               checkbox("USEWBR",$preUSEWBR,$lang['useWbr'],
                    $lang['useWbrInfo']);
               inputfield("MAXEMPTYLINES",$preMAXEMPTYLINES,6,6,
                    $lang['maxEmptyLines'],$lang['maxEmptyLinesInfo']);
               inputfield("EMAILTOOLTIP",$preEMAILTOOLTIP,25,vgb_maxlen(),
                    $lang['emailTooltip'],$lang['emailTooltipInfo']);
               textarea("BANLIST",$preBANLIST,30,5,
                    $lang['banlist'],$lang['banlistInfo']);
               checkbox("BANROBOTS",$preBANROBOTS,$lang['banRobots'],
                    $lang['banRobotsInfo']);

               Category($lang['accessData']);
               inputfield("ADMINEMAIL",$preADMINEMAIL,25,127,
                    $lang['adminEmail'],$lang['adminEmailInfo']);
               password("PASSWORD",$prePASSWORD,
                        $lang['password'],$lang['passwordInfo']);
               password("PASSWORD2",$prePASSWORD2,
                        $lang['password2'],$lang['password2Info']);
               echo "<p></p><center>";
               submit($lang['saveSetup'],"savesetup");
               echo "<br />&nbsp;</center></form>";
               break;
      case 1:  // print the screen for the management of input-fields
               echo "<script type='text/javascript'><!--\n".
                    "function check() {\n";
               maxlenCheck("NAME");
               maxlenCheck("TEXT");
               maxlenCheck("EMAIL");
               maxlenCheck("HOMEPAGE");
               maxlenCheck("AIM");
               maxlenCheck("MSN");
               maxlenCheck("YAHOO");
               echo "  q = '';\n";
               addWarning("NAME");
               echo "  if ((document.form.MAXLENTEXT.value > 0) &&".
                          "((".$settings['MAXLENENTRY']." == 0) ||".
                          "(document.form.MAXLENTEXT.value < ".
                           $settings['MAXLENENTRY']."))) {\n".
                    "    q += '".vgb_JSout($lang['text'])."\\n';".
                    "  }\n";
               addWarning("EMAIL");
               addWarning("HOMEPAGE");
               addWarning("AIM");
               addWarning("MSN");
               addWarning("YAHOO");
               echo "  if (q != '') {\n".
                    "    q = '".vgb_JSout($lang['warn'])."\\n\\n'+q; ".
                    "    return confirm(q); }\n".
                    "  return true;\n".
                    "}\n".
                    "//--></script>\n".
                    "<form method='post' name='form' action='admin.".EXT."' ".
                    "onsubmit='return check()'><input type='hidden' name='sessionID' value='$sessionID' />";
               Title($lang['manageInputs']);
               echo "<center>";
               printMSG();
               echo "</center>";

               Category($lang['name']);
               inputfield("MAXLENNAME",$preMAXLENNAME,6,3,
                    $lang['maxLength'],str_replace("127",vgb_maxlen(),$lang['maxLengthInfo']));

               Category($lang['text']);
               inputfield("MAXLENTEXT",$preMAXLENTEXT,6,6,
                    $lang['maxLength'],$lang['maxLengthInfo2']);

               Category($lang['email']);
               checkbox("ASKEMAIL",$preASKEMAIL,
                        $lang['actField']);
               checkbox("FORCEEMAIL",$preFORCEEMAIL,
                        $lang['forceInput'],$lang['forceInputInfo']);
               inputfield("MAXLENEMAIL",$preMAXLENEMAIL,6,3,
                    $lang['maxLength'],$lang['maxLengthInfo']);
               checkbox("ASKHIDEEMAIL",$preASKHIDEEMAIL,
                        $lang['hideEmail'],$lang['hideEmailInfo']);
               checkbox("USEMAILER",$preUSEMAILER,
                        $lang['useMailer'],$lang['useMailerInfo']);

               Category($lang['homepage']);
               checkbox("ASKHOMEPAGE",$preASKHOMEPAGE,
                        $lang['actField']);
               inputfield("MAXLENHOMEPAGE",$preMAXLENHOMEPAGE,6,3,
                    $lang['maxLength'],$lang['maxLengthInfo']);

               Category($lang['icq']);
               checkbox("ASKICQ",$preASKICQ,
                        $lang['actField']);

               Category($lang['aim']);
               checkbox("ASKAIM",$preASKAIM,
                        $lang['actField']);
               inputfield("MAXLENAIM",$preMAXLENAIM,6,3,
                    $lang['maxLength'],$lang['maxLengthInfo']);

               Category($lang['msn']);
               checkbox("ASKMSN",$preASKMSN,
                        $lang['actField']);
               inputfield("MAXLENMSN",$preMAXLENMSN,6,3,
                    $lang['maxLength'],$lang['maxLengthInfo']);

               Category($lang['yahoo']);
               checkbox("ASKYAHOO",$preASKYAHOO,
                        $lang['actField']);
               inputfield("MAXLENYAHOO",$preMAXLENYAHOO,6,3,
                    $lang['maxLength'],$lang['maxLengthInfo']);

               Category($lang['country']);
               checkbox("ASKCOUNTRY",$preASKCOUNTRY,
                        $lang['actField']);
               checkbox("FORCECOUNTRY",$preFORCECOUNTRY,
                        $lang['forceInput'],$lang['forceInputInfo']);
               selection("PRECOUNTRY",$countries,$prePRECOUNTRY,
                          $lang['preAllocWith']);

               Category($lang['picture']);
               checkbox("ASKPICTURE",$preASKPICTURE,
                        $lang['actField']);
               checkbox("ASKPICTEXT",$preASKPICTEXT,
                        $lang['pictureText']);
               inputfield("RANGEX",$preRANGEX,12,12,
                    $lang['rangeX'],$lang['rangeXInfo']);
               inputfield("RANGEY",$preRANGEY,12,12,
                    $lang['rangeY'],$lang['rangeYInfo']);
               inputfield("THUMBNAILX",$preTHUMBNAILX,12,12,
                    $lang['thumbnailX'],$lang['thumbnailXInfo']);
               inputfield("THUMBNAILY",$preTHUMBNAILY,12,12,
                    $lang['thumbnailY'],$lang['thumbnailYInfo']);
               echo "<p></p><center>";
               submit($lang['saveInputs'],"saveinput");
               echo "<br /><br /></center></form>";
               if (($_pics = sizeof(getInvalidPics())) > 0) {
                 echo "<form method='post' action='admin.".EXT."' ".
                      "onsubmit='return confirm(\"".$lang['sure']."\")'><input type='hidden' name='sessionID' value='$sessionID' />";
                 InfoBox($lang['savedPictures'],array($lang['invalidPics'] => $_pics));
                 echo "<p></p><center>";
                 submit($lang['delInvalid'],"delpics");
                 echo "</center></form><br />";
               }
               echo "<hr class='bigrule' />";
               echo "<form method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";
               Category($lang['ratings']);
               if (sizeof($ratings) == 0)
                 echo "<center><span class='info'>".$lang['noRatings'].
                      "</span></center>";
               else {
                 $list = array();
                 foreach($ratings as $rating) {
                   $q = "<table width='340'><tr><td width='50'><span class='name'>".
                     $lang['name'].":</span></td><td width='290'><span class='head'>".
                     vgb_removeHTML(vgb_string($rating['NAME'])).
                     "</span></td></tr>".
                     "<tr><td><span class='name'>".
                     vgb_removeHTML(vgb_string($lang['form'])).
                     ":</span></td>".
                     "<td><span class='content'>";
                   $q .= ($rating['FORMTEXT'] == '') ?
                     vgb_removeHTML(vgb_string($rating['NAME'])) :
                     vgb_removeHTML(vgb_string($rating['FORMTEXT']));
                   $q .= "</span></td></tr>".
                     "<tr><td><span class='name'>".
                     $lang['priority'].":</span></td>".
                     "<td><span class='content'>".$rating['PRIORITY'].
                     "</span></td></tr>";
                   if ($rating['FRCE'])
                     $q .= "<tr><td colspan='2'><span class='set'> - ".
                           $lang['forceInput']."</span></td></tr>";
                   if ($rating['STATS'])
                     $q .= "<tr><td colspan='2'><span class='set'> - ".
                           $lang['actStats']."</span></td></tr>";
                   $q .=  "</table>";
                   $list[$rating['ID']] = $q;
                 }
                 makeList("rating",$list,false);
               }

               Category($lang['newRating']);
               inputfield("RATINGNAME",$preRATINGNAME,25,vgb_maxlen(),
                    $lang['name']);
               inputfield("FORMTEXT",$preFORMTEXT,25,vgb_maxlen(),
                    $lang['formText'],$lang['formTextInfo']);
               inputfield("RATINGPRIORITY",$preRATINGPRIORITY,6,3,
                    $lang['priority'],$lang['priorityInfo']);
               checkbox("RATINGFORCE",$preRATINGFORCE,
                        $lang['forceInput'],$lang['forceInputInfo']);
               checkbox("RATINGSTATS",$preRATINGSTATS,
                        $lang['actStats'],$lang['actStatsInfo']);
               echo "<p></p><center>";
               submit($lang['addRating'],"newrating");
               echo "</center><br />".
                    "</form><hr class='bigrule' />".
                    "<form method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";
               $type = array( 0 => $lang['textInput'],
                              1 => $lang['numberInput'],
                              2 => $lang['selectInput']);

               Category($lang['customFields']);
               if (sizeof($customs) == 0)
                 echo "<center><span class='info'>".$lang['noCustoms'].
                      "</span></center>";
               else {
                 $list = array();
                 foreach($customs as $custom) {
                   $q = "<table width='340'><tr><td width='50'>".
                     "<span class='name'>".
                     $lang['name'].":</span></td><td width='290'>".
                     "<span class='head'>".
                     vgb_removeHTML(vgb_string($custom['NAME'])).
                     "</span></td></tr>".
                     "<tr><td><span class='name'>".
                     vgb_removeHTML(vgb_string($lang['form'])).
                     ":</span></td>".
                     "<td><span class='content'>";
                   $q .= ($custom['FORMTEXT'] == '') ?
                     vgb_removeHTML(vgb_string($custom['NAME'])) :
                     vgb_removeHTML(vgb_string($custom['FORMTEXT']));
                   $q .= "</span></td></tr>".
                     "<tr><td><span class='name'>".
                     vgb_removeHTML(vgb_string($lang['type'])).
                     ":</span></td>".
                     "<td><span class='content'>".
                     $type[$custom['TYPE']]."</span></td></tr>".
                     "<tr><td><span class='name'>".$lang['priority'].
                     ":</span></td>".
                     "<td><span class='content'>".
                     $custom['PRIORITY']."</span></td></tr>";
                   if ($custom['FRCE'])
                     $q .= "<tr><td colspan='2'><span class='set'> - ".
                     $lang['forceInput']."</span></td></tr>";
                   if (($custom['STATS']) && ($custom['TYPE'] != 0))
                     $q .= "<tr><td colspan='2'><span class='set'> - ".
                     $lang['actStats']."</span></td></tr>";
                   $q .=  "</table>";
                   $list[$custom['ID']] = $q;
                 }
                 makeList("custom",$list,false);
               }

               Category($lang['newCustom']);
               CustomFields();
               echo "<p></p><center>";
               submit($lang['addCustom'],"newcustom");
               echo "</center></form><br />";
                break;

      case 2:  // print the screen for the management of entries
               echo "<form method='post' action='admin.".EXT."' ".
                    "onsubmit='return confirm(\"".$lang['really']."\")'><input type='hidden' name='sessionID' value='$sessionID' />";
               Title($lang['manageEntries']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               if ($newentries > 0) {
                 Category($lang['newEntries']);
                 echo "<br /><table width='460' align='center' bgcolor='#6A72BB'>".
                      "<tr><td align='left'>";
                 makeModlist("entry",$modentries);
                 echo "</td></tr></table>";
               }

               if ($newcomments > 0) {
                 Category($lang['newComments']);
                 echo "<br /><table width='460' align='center' bgcolor='#6A72BB'>".
                      "<tr><td align='left'>";
                 makeModlist("comment",$modcomments);
                 echo "</td></tr></table>";
               }

               Category($lang['options']);
               echo "<center>";
               submit($lang['deleteAll'],"delall");
               echo "</center><p></p></form>";

               Category($lang['entries']);
               echo "<form method='post' action='admin.".EXT."' ".
                    "onsubmit='return confirm(\"".$lang['really']."\")'><input type='hidden' name='sessionID' value='$sessionID' />";
               if (sizeof($entries)==0)
                 echo "<center><span class='info'>".$lang['noEntries'].
                      "</span></center>";
               else {
                 echo "<br /><table width='460' align='center' bgcolor='#6A72BB'>".
                      "<tr><td align='left'><table><tr><td valign='top'><span class='option'> &nbsp;".
                      $lang['page']." : </span></td><td valign='top'>";
                 for ($i=1;$i<=$maxPage;$i++) {
                   if ($i != $page)
                     echo "<a href='admin.".EXT."?sessionID=$sessionID&amp;show=$i' class='blink'>$i</a>";
                   else
                     echo "<span class='active'>".$i."</span>";
                   echo "<span class='option'> | </span>";
                 }
                 echo "</td></tr></table>";
                 makeList("entry",$entries);
                 echo "<table width='460'><tr>";
                 if ($page > 1)
                   echo "<td align='left'>".
                        "<a href='admin.".EXT."?sessionID=$sessionID&amp;show=".
                        ($page-1)."'>&laquo; ".$lang['prev']."</a></td>";
                 if ($page < $maxPage)
                   echo "<td align='right'><a href='admin.".EXT."?sessionID=$sessionID&amp;show=".
                        ($page+1)."'>".$lang['next']." &raquo;</a>".
                        "</td>";
                 echo "</tr></table></td></tr></table>";
                 echo "<center><br />";
                 Submit($lang['delMarkEntries'],"delmarkentry");
                 echo "</center>";
               }
               echo "</form><br />";
               break;

       case 3: // print the edit screen for a ratingbox
               echo "<form method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />".
                    "<input type='hidden' name='ID' value='".$preID."' />";
               Title($lang['editRating']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['inputs']);
               inputfield("NAME",$preNAME,25,vgb_maxlen(),
                    $lang['name']);
               inputfield("FORMTEXT",$preFORMTEXT,25,vgb_maxlen(),
                    $lang['formText'],$lang['formTextInfo']);
               inputfield("PRIORITY",$prePRIORITY,6,3,
                    $lang['priority'],$lang['priorityInfo']);
               checkbox("FRCE",$preFORCE,
                        $lang['forceInput']);
               checkbox("STATS",$preSTATS,
                        $lang['actStats'],$lang['actStatsInfo']);
               echo "<p></p><center>";
               cancel("input=0");
               submit($lang['saveChanges'],"saverating");
               echo "</center></form><br />";
               break;

       case 4: // print the edit screen for a custom-field
               echo "<form method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />".
                    "<input type='hidden' name='ID' value='".$preID."' />";
               Title($lang['editCustom']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['inputs']);
               CustomFields();
               echo "<p></p><center>";
               cancel("input=0");
               submit($lang['saveChanges'],"savecustom");
               echo "</center></form><br />";
               break;

       case 5: // print the edit screen for an entry
               echo "<form method='post' name='form' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />".
                    "<input type='hidden' name='ID' value='".$preID."' />";
               Title($lang['editEntry']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['inputs']);
               multiInputfield($dateFields,$lang['date']." <span class='info'>".$dateinfo."</span>");
               multiInputfield($timeFields,"Time <span class='info'>( h / min / sec )</span>");
               inputfield("NAME",$preNAME,
                          25,$settings['MAXLENNAME'],$lang['name']);
               textarea("TEXT",$preTEXT,30,10,$lang['text']);
               textarea("COMMENT",$preCOMMENT,30,5,$lang['comment'],
                        $lang['commentInfo'],$settings['USEADMINEMO']);
               inputfield("PRIVATE",$prePRIVATE,
                          25,20,$lang['privPassword']);
               inputfield("EMAIL",$preEMAIL,
                          25,$settings['MAXLENEMAIL'],$lang['email']);
               checkbox("HIDEEMAIL",$preHIDEEMAIL,$lang['hiddenEmail']);
               inputfield("HOMEPAGE",
                    "http://".$preHOMEPAGE,
                    25,$settings['MAXLENHOMEPAGE'],$lang['homepage']);
               inputfield("ICQ",$preICQ,
                          25,10,$lang['icq']);
               inputfield("AIM",$preAIM,
                          25,$settings['MAXLENAIM'],$lang['aim']);
               inputfield("MSN",$preMSN,
                          25,$settings['MAXLENMSN'],$lang['msn']);
               inputfield("YAHOO",$preYAHOO,
                          25,$settings['MAXLENYAHOO'],$lang['yahoo']);
               selection("COUNTRY",$countries,$preCOUNTRY,
                          $lang['country']);
               inputfield("PICTEXT",$prePICTEXT,
                          25,vgb_maxlen(),$lang['pictureText']);
               inputfield("FILENAME",$preFILENAME,
                          25,32,$lang['picFilename']);
               echo "<p></p>";
               if (sizeof($ratings) > 0) {
                 Category($lang['ratings']);
                 foreach ($ratings as $rating) {
                   selection("RATING".$rating['ID'],
                     array("" => "", "1" => "1", "2" => "2",
                           "3" => "3", "4" => "4", "5" => "5"),
                     $preRating[$rating['ID']],$rating['NAME']);
                 }
                 echo "<p></p>";
               }
               if (sizeof($customs) > 0) {
                 Category($lang['customs']);
                 foreach ($customs as $custom) {
                   if ($custom['TYPE'] == 2) {
                     // this field is a selection
                     $options = array("" => "");
                     $rules = explode("\n",$custom['RULES']);
                     foreach ($rules as $rule) {
                       if (substr_count($rule,"=") != 0) {
                         $option = explode("=",$rule,2);
                         $options[$option[0]] = $option[1];
                       }
                     }
                     selection("CUSTOM".$custom['ID'],$options,
                       $preCustom[$custom['ID']],$custom['NAME']);
                   }
                   else {
                     // get the maximum number of letters for this field
                     if ($custom['TYPE'] == 0) {
                       $rule = explode("\n",$custom['RULES'],2);
                       $max = ($rule[0] != "") ? $rule[0] : vgb_maxlen();
                     }
                     else {
                       $rule = explode("\n",$custom['RULES'],2);
                       if ($rule[0] == "") {
                         $max = 9;
                       }
                       else {
                         $rules = explode("-",$rule[0]);
                         $max = ($rules[1] != "") ? strlen($rules[1]) : 9;
                       }
                     }
                     inputfield("CUSTOM".$custom['ID'],
                       $preCustom[$custom['ID']],
                       25,$max,$custom['NAME']);
                   }
                 }
                 echo "<p></p>";
               }
               echo "<center>";
               cancel("show=1");
               submit($lang['saveChanges'],"saveentry");
               echo "</center></form><br />";
               if (!is_null($entry['PICTURE'])) {
                 echo "<form method='post' action='admin.".EXT."' ".
                      "onsubmit='return confirm(\"".$lang['sure']."\")'><input type='hidden' name='sessionID' value='$sessionID' />".
                      "<input type='hidden' name='ID' value='".$preID."' />";
                      Category($lang['pic']);
                 echo "<center>".
                      "<img alt='' src='upload/".$entry['PICTURE']."' /><br />".
                      "<span class='info'>".$entry['PICTURE'].
                      "</span><p></p>";
                 submit($lang['deletePicture'],"delpic");
                 echo "</center></form><br />";
               }
               break;

       case 6: // print the screen for the management of countries
               echo "<form method='post' action='admin.".EXT."' ".
                    "onsubmit='return confirm(\"".$lang['really2']."\")'><input type='hidden' name='sessionID' value='$sessionID' />";
               Title($lang['manageCountries']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['options']);
               echo "<center>";
               submit($lang['deleteCountries'],"delcountries");
               echo "</center></form>".
                    "<form method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";

               Category($lang['newCountry']);
               inputfield("NAME",$preNAME,25,vgb_maxlen(),
                    $lang['name']);
               inputfield("ICON",$preICON,25,127,
                    $lang['icon'],$lang['iconInfo']);
               checkbox("TRANSLATE",$preTRANSLATE,
                    $lang['translate'],$lang['translateInfo']);
               echo "<p></p><center>";
               submit($lang['addCountry'],"newcountry");
               echo "</center><br /></form>";

               Category($lang['savedCountries']);
               $countries = array();
               $query = vgb_query("select * from VGB_COUNTRY where NAME != '0'");
               while ($country = vgb_result($query)) {
                  $name = ($country['TRANSLATE']) ?
                    $langC[$country['NAME']] : $country['NAME'];
                  $countries[$name] = $country;
               }
               uksort($countries,"vgb_stringsort");
               $list = array();
               foreach ($countries as $Name => $country) {
                 $q = "<table width='320'><tr><td valign='top' width='50'>".
                      "<span class='name'>".
                      $lang['name']." :</span></td><td width='270'>".
                      "<span class='head'>";
                 $q .= ($country['TRANSLATE']) ?
                       vgb_removeHTML($langC[$country['NAME']])."</span><br />".
                       "<span class='content'>"." = ".vgb_removeHTML(vgb_string($country['NAME']))
                       : vgb_removeHTML(vgb_string($country['NAME']));
                 $q .=  "</span></td></tr>";
                 if ($country['FLAGICON'] != "")
                   $q .= "<tr><td valign='top'><span class='name'>".
                         $lang['icon']." :</span></td>".
                         "<td><span class='content'><img alt='' src='flags/".
                         $country['FLAGICON']."' /> ".$country['FLAGICON'].
                         "</span></td></tr>";
                 $q .= "</table>";
                 $list[$country['ID']] = $q;
               }
               if (sizeof($list) > 0) {
                 echo "<form method='post' action='admin.".EXT."' ".
                      "onsubmit='return confirm(\"".$lang['really2']."\")'><input type='hidden' name='sessionID' value='$sessionID' />";
                 makeList("country",$list);
                 echo "<center><br />";
                 Submit($lang['delMarkCountries'],"delmarkcountry");
                 echo "</center></form>";
               }
               else
                 echo "<center><span class='info'>".$lang['noCountries'].
                      "</span><p></p>&nbsp;</center>";
               echo "<br />";
               break;

       case 7: // print the edit screen for a country
               echo "<form method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />".
                    "<input type='hidden' name='ID' value='".$preID."' />";
               Title($lang['editCountry']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['inputs']);
               inputfield("NAME",$preNAME,25,vgb_maxlen(),
                    $lang['name']);
               inputfield("ICON",$preICON,25,127,
                    $lang['icon'],$lang['iconInfo']);
               checkbox("TRANSLATE",$preTRANSLATE,
                    $lang['translate'],$lang['translateInfo']);
               echo "<p></p><center>";
               cancel("countries=0");
               submit($lang['saveChanges'],"savecountry");
               echo "</center></form><br />";
               break;

       case 8: // print the screen for the management of statistics
               echo "<form method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";
               Title($lang['manageStats']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['general']);
               $_date = explode("-",$settings['VISITORSSINCE']);
               InfoBox($lang['visitorCounter'],
                       array(
                         $lang['visitors'] => $settings['VISITORS'],
                         $lang['since'] => vgb_dateOut($_date)));
               echo "<br /><center>";
               submit($lang['resetCounter'],"resetcounter");
               echo "</center>";
               echo "</form>";
               echo "<form method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";
               checkbox("HIDESTATS",$preHIDESTATS,
                    $lang['hideStats'],$lang['hideStatsInfo']);
               echo "<ul type='square' class='menu'><li>".$lang['limitations'].
                    " :</li></ul>";
               foreach ($limits as $field) {
                 inputfield("LIMIT".$field[1],$field[2],6,6,
                   $lang['limit']." ".$field[0],$lang['limitInfo']);
               }
               echo "<p></p><center>";
               submit($lang['saveChanges'],"savestats");
               echo "</center></form><br />";
               break;

      case 9:  // print the screen for the management of Emoticons
               echo "<form method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";
               Title($lang['manageEmoticons']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['setup']);
               checkbox("USEEMOTICONS",$preUSEEMOTICONS,
                        $lang['useEmoticons'],$lang['useEmoticonsInfo']);
               checkbox("USEADMINEMO",$preUSEADMINEMO,
                        $lang['useAdminEmo']);
               checkbox("USEIFRAME",$preUSEIFRAME,
                        $lang['useIFrame'],$lang['useIFrameInfo']);
               echo "<p></p><center>";
               submit($lang['saveSetup'],"emosetup");
               echo "</center><br /><hr class='bigrule' /></form>";
               echo "<form method='post' action='admin.".EXT."' ".
                    "onsubmit='return confirm(\"".$lang['really3']."\")'><input type='hidden' name='sessionID' value='$sessionID' />";

               Category($lang['options']);
               echo "<center>";
               submit($lang['deleteEmoticons'],"delemoticons");
               echo "</center></form>".
                    "<form method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";

               Category($lang['newEmoticon']);
               inputfield("CODE",$preCODE,25,32,
                    $lang['code'],$lang['codeInfo']);
               inputfield("FILENAME",$preFILENAME,25,127,
                    $lang['filename'],$lang['filenameInfo']);
               inputfield("PRIORITY",$prePRIORITY,6,3,
                    $lang['priority'],$lang['priorityInfo2']);
               echo "<p></p><center>";
               submit($lang['addEmoticon'],"newemoticon");
               echo "</center><br /></form>";

               Category($lang['savedEmoticons']);
               $query = vgb_query("select * from VGB_EMOTICON order by PRIORITY asc");
               $list = array();

               while ($emoticon = vgb_result($query)) {
                 $q = "<table width='320'><tr><td valign='top' width='50'>".
                      "<span class='name'>".$lang['code'].
                      " :</span></td><td width='270'><span class='head'>".
                      vgb_removeHTML(vgb_string($emoticon['CODE']),false).
                      "</span></td></tr>".
                      "<tr><td valign='top' width='50'>".
                      "<span class='name'>".$lang['priority'].
                      " :</span></td><td width='270'><span class='content'>".
                      $emoticon['PRIORITY']."</span></td></tr>".
                      "<tr><td valign='top'><span class='name'>".
                         $lang['emoticon']." :</span></td>".
                         "<td><span class='content'>";
                 if ($settings['ACTIVESKIN'] != "")
                   $q .= "<img alt='' src='skins/".
                         $settings['ACTIVESKIN']."/emoticons/".
                         $emoticon['FILENAME']."' align='middle' /> ";
                 $q .= $emoticon['FILENAME'].
                       "</span></td></tr>".
                       "</table>";
                 $list[$emoticon['ID']] = $q;
               }
               if (sizeof($list) > 0) {
                 echo "<form method='post' action='admin.".EXT."' ".
                      "onsubmit='return confirm(\"".$lang['really3']."\")'><input type='hidden' name='sessionID' value='$sessionID' />";
                 makeList("emoticon",$list);
                 echo "<center><br />";
                 Submit($lang['delMarkEmoticons'],"delmarkemoticon");
                 echo "</center></form>";
               }
               else
                 echo "<center><span class='info'>".$lang['noEmoticons'].
                      "</span></center><p></p>&nbsp;";
               echo "<br />";
               break;

       case 10:// print the edit screen for an Emoticon
               echo "<form method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />".
                    "<input type='hidden' name='ID' value='".$preID."' />";
               Title($lang['editEmoticon']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['inputs']);
               inputfield("CODE",$preCODE,25,32,
                    $lang['code'],$lang['codeInfo']);
               inputfield("FILENAME",$preFILENAME,25,127,
                    $lang['filename'],$lang['filenameInfo']);
               inputfield("PRIORITY",$prePRIORITY,6,3,
                    $lang['priority'],$lang['priorityInfo']);
               echo "<p></p><center>";
               cancel("emoticons=0");
               submit($lang['saveChanges'],"saveemoticon");
               echo "</center></form><br />";
               break;

       case 11:// print the screen for the Badword-Filter
               echo "<form method='post' action='admin.".EXT."?sessionID=$sessionID'>";
               Title($lang['badwordFilter']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['filterSetup']);
               checkbox("USEFILTER",$preUSEFILTER,
                        $lang['useFilter']);
               checkbox("FILTERNAME",$preFILTERNAME,
                        $lang['name']);
               checkbox("FILTEREMAIL",$preFILTEREMAIL,
                        $lang['email']);
               checkbox("FILTERHOMEPAGE",$preFILTERHOMEPAGE,
                        $lang['homepage']);
               checkbox("FILTERAIM",$preFILTERAIM,
                        $lang['aim']);
               checkbox("FILTERMSN",$preFILTERMSN,
                        $lang['msn']);
               checkbox("FILTERYAHOO",$preFILTERYAHOO,
                        $lang['yahoo']);
               checkbox("FILTERPICTEXT",$preFILTERPICTEXT,
                        $lang['pictureText']);
               foreach ($customFilter as $custom) {
                 checkbox($custom[1],$custom[2],
                          $custom[0]);
               }
               inputfield("BADWORDSTRING",$preBADWORDSTRING,25,vgb_maxlen(),
                    $lang['badwordString'],$lang['badwordStringInfo']);
               textarea("BADWORDS",$preBADWORDS,40,15,$lang['badwords'],
                        $lang['badwordsInfo']);
               echo "<p></p><center>";
               submit($lang['saveSetup'],"savebadword");
               echo "</center></form><br />";
               break;

       case 12:// print the screen for BBCode Setup
               echo "<form method='post' action='admin.".EXT."?sessionID=$sessionID'>";
               Title($lang['bbcode']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['bbcodeSetup']);
               checkbox("USEBBCODE",$preUSEBBCODE,
               $lang['activateBBCode'],$lang['bbcodeInfo']);
               checkbox("STRIPCODE",$preSTRIPCODE,
               $lang['stripCode'],$lang['stripCodeInfo']);
               checkbox("USECSS",$preUSECSS,
               $lang['useCSS'],$lang['useCSSInfo']);

               Category($lang['allowedCode']);
               checkbox("USEBOLD",$preUSEBOLD,
               $lang['bold']);
               checkbox("USEITALIC",$preUSEITALIC,
               $lang['italic']);
               checkbox("USEUNDERLINE",$preUSEUNDERLINE,
               $lang['underline']);
               checkbox("USELINK",$preUSELINK,
               $lang['link']);
               checkbox("USELEFT",$preUSELEFT,
               $lang['divLeft'],$lang['codeWarn']);
               checkbox("USECENTER",$preUSECENTER,
               $lang['divCenter'],$lang['codeWarn']);
               checkbox("USERIGHT",$preUSERIGHT,
               $lang['divRight'],$lang['codeWarn']);
               checkbox("USEQUOTE",$preUSEQUOTE,
               $lang['quote'],$lang['codeWarn']);
               checkbox("USECODE",$preUSECODE,
               $lang['code'],$lang['codeWarn']);
               checkbox("USELIST",$preUSELIST,
               $lang['list'],$lang['codeWarn']);
               checkbox("USEIMAGE",$preUSEIMAGE,
               $lang['image'],$lang['imageInfo']);
               checkbox("USESIZE",$preUSESIZE,
               $lang['size']);
               inputfield("ALLOWEDSIZE",$preALLOWEDSIZE,6,3,
                    $lang['allowedSize'],$lang['allowedSizeInfo']);
               checkbox("USECOLORHEX",$preUSECOLORHEX,
               $lang['colorHex']);
               checkbox("USECOLORPRE",$preUSECOLORPRE,
               $lang['colorPredefined']);
               textarea("USERCOLORS",$preUSERCOLORS,40,10,$lang['userColors'],
                        $lang['userColorsInfo']);
               checkbox("USEFONT",$preUSEFONT,
               $lang['font']);
               textarea("USERFONTS",$preUSERFONTS,40,6,$lang['allowedFonts'],
                        $lang['allowedFontsInfo']);
               echo "<p></p><center>";
               submit($lang['saveChanges'],"savebbcode");
               echo "</center></form><br />";

               break;

      case 13: // print the screen for the management of comments
               echo "<form method='post' action='admin.".EXT."' ".
                    "onsubmit='return confirm(\"".$lang['really4']."\")'><input type='hidden' name='sessionID' value='$sessionID' />";
               Title($lang['visitComments']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['options']);
               echo "<center>";
               echo "<input type='hidden' name='ENTRYID' value='".$preENTRYID."' />";
               submit($lang['deleteComments'],"delcomments");
               echo "</center><p></p></form>";

               Category($lang['savedComments']);
               if (sizeof($comments)==0)
                 echo "<center><span class='info'>".$lang['noComments'].
                      "</center>";
               else {
                 echo "<form method='post' action='admin.".EXT."' ".
                      "onsubmit='return confirm(\"".$lang['really4']."\")'><input type='hidden' name='sessionID' value='$sessionID' />";
                 echo "<input type='hidden' name='ENTRYID' value='".$preENTRYID."' />";
                 echo "<br /><table width='460' align='center' bgcolor='#6A72BB'>".
                      "<tr><td align='left'>";
                 makeList("comment",$comments);
                 echo "</td></tr></table>";
                 echo "<center><br />";
                 Submit($lang['delMarkComments'],"delmarkcomment");
                 echo "</center></form>";
               }
               echo "<br />";

               echo "<form method='post' name='form' action='admin.".EXT."?sessionID=$sessionID'>";
               Category($lang['newComment']);
               echo "<input type='hidden' name='ENTRYID' value='".$preENTRYID."' />";
               inputfield("NAME",$preNAME,25,$settings['MAXLENNAME'],$lang['name']);
               inputfield("EMAIL",$preEMAIL,25,$settings['MAXLENEMAIL'],$lang['email']);
               textarea("TEXT",$preTEXT,40,10,$lang['text'],null,$settings['USEADMINEMO']);
               echo "<p></p><center>";
               submit($lang['addComment'],"addcomment");
               echo "</center></form><br />";
               break;

      case 14: // print the edit screen for a visitor comment
               echo "<form name='form' method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";
               Title($lang['editVisitComment']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['comment']);
               multiInputfield($dateFields,$lang['date']." <span class='info'>".$dateinfo."</span>");
               multiInputfield($timeFields,"Time <span class='info'>( h / min / sec )</span>");
               echo "<input type='hidden' name='ENTRYID' value='".$preENTRYID."' />";
               echo "<input type='hidden' name='ID' value='".$preID."' />";
               inputfield("NAME",$preNAME,25,$settings['MAXLENNAME'],
                    $lang['name']);
               inputfield("EMAIL",$preEMAIL,25,$settings['MAXLENEMAIL'],
                    $lang['email']);
               textarea("TEXT",$preTEXT,40,10,$lang['text'],null,$settings['USEADMINEMO']);
               checkbox("ADMIN",$preADMIN,$lang['adminComment']);
               echo "<p></p><center>";
               cancel("showcomment=".$preENTRYID);
               submit($lang['saveChanges'],"savecomment");
               echo "</center></form><br />";
               break;

      case 15: // print the mails/notification screen
               echo "<form name='form' method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";
               Title($lang['mailsNotification']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['notificationSetup']);
               inputfield("ADMINEMAIL",$preADMINEMAIL,25,127,$lang['adminEmail']);
               inputfield("FROM",$preFROM,25,127,$lang['emailFrom'],
                    $lang['emailFromInfo']);
               checkbox("HTMLEMAIL",$preHTMLEMAIL,$lang['htmlEmail'],
                    $lang['htmlEmailInfo']);
               echo "<center><br />";
               submit($lang['saveSetup'],"savemailsetup");
               echo "</center></form>";

               echo "<form name='form' method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";
               Category($lang['broadcast']);
               inputfield("BSUBJECT",$preBSUBJECT,25,127,$lang['subject']);
               textarea("BMESSAGE",$preBMESSAGE,40,5,$lang['message']);
               echo "<center><br />";
               submit($lang['sendBroadcast'],"broadcast");
               echo "</center><p></p>";

               echo "</form><form name='form' method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";
               $info = array("",$lang['replaceText'],"",$lang['replaceComment'],"",$lang['replaceReason'],
                             $lang['replaceComment'].$lang['replaceFrom'],$lang['replaceComment'].$lang['replaceFrom'],$lang['replaceFrom'],$lang['replaceFrom'].$lang['replaceReason']);
               for ($i=1;$i<10;$i++) {
                 Category($lang['email'.$i]);
                 $comment = ($i>5) ? $lang['replaceFrom'] : "";
                 checkbox("ACTIVE".$i,$preACTIVE[$i],$lang['activateEmail']);
                 if ($i == 1) {
                   checkbox("FIRSTENTRY",$preFIRSTENTRY,$lang['onlyFirstEntry']);
                 }
                 elseif ($i == 6) {
                   checkbox("FIRSTCOMMENT",$preFIRSTCOMMENT,$lang['onlyFirstComment']);
                 }
                 inputfield("SUBJECT".$i,$preSUBJECT[$i],25,127,$lang['subject'],$lang['emailInfo'].$comment.$lang['emailInfo2']);
                 textarea("MESSAGE".$i,$preMESSAGE[$i],40,5,$lang['message'],$lang['emailInfo'].$info[$i].$lang['replaceURL'].$lang['emailInfo2']);
               }

               echo "<p></p><center>";
               submit($lang['saveChanges'],"savemails");
               echo "</center></form><br />";
               break;

      case 16: // print the screen for the management of users
               echo "<form name='form' method='post' action='admin.".EXT."'><input type='hidden' name='sessionID' value='$sessionID' />";
               Title($lang['manageUsers']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               Category($lang['userSetup']);
               inputfield("PASSPREFIX",$prePASSPREFIX,25,20,$lang['passwordPrefix'],
                     $lang['passPrefixInfo']);
               echo "<center><br />";
               submit($lang['saveSetup'],"saveusersetup");
               echo "</center></form>";

               echo "<form name='form' method='post' action='admin.".EXT."?sessionID=$sessionID'>";
               Category($lang['newUser']);
               inputfield("NAME",$preNAME,25,$settings['MAXLENNAME'],$lang['name']);
               checkbox("RESERVED",$preRESERVED,$lang['reserveName'],$lang['reserveNameInfo']);
               inputfield("PASSWORD",$prePASSWORD,25,30,$lang['userPassword']);
               textarea("SIGNATURE",$preSIGNATURE,40,5,$lang['signature'],$lang['signatureInfo']);
               inputfield("EMAIL",$preEMAIL,
                          25,$settings['MAXLENEMAIL'],$lang['email']);
               checkbox("HIDEEMAIL",$preHIDEEMAIL,$lang['hiddenEmail']);
               inputfield("HOMEPAGE",
                    "http://".$preHOMEPAGE,
                    25,$settings['MAXLENHOMEPAGE'],$lang['homepage']);
               inputfield("ICQ",$preICQ,
                          25,10,$lang['icq']);
               inputfield("AIM",$preAIM,
                          25,$settings['MAXLENAIM'],$lang['aim']);
               inputfield("MSN",$preMSN,
                          25,$settings['MAXLENMSN'],$lang['msn']);
               inputfield("YAHOO",$preYAHOO,
                          25,$settings['MAXLENYAHOO'],$lang['yahoo']);
               selection("COUNTRY",$countries,$preCOUNTRY,
                          $lang['country']);
               inputfield("PICTEXT",$prePICTEXT,
                          25,vgb_maxlen(),$lang['pictureText']);
               inputfield("FILENAME",$preFILENAME,
                          25,32,$lang['picFilename']);
               if (sizeof($customs) > 0) {
                 foreach ($customs as $custom) {
                   if ($custom['TYPE'] == 2) {
                     // this field is a selection
                     $options = array("" => "");
                     $rules = explode("\n",$custom['RULES']);
                     foreach ($rules as $rule) {
                       if (substr_count($rule,"=") != 0) {
                         $option = explode("=",$rule,2);
                         $options[$option[0]] = $option[1];
                       }
                     }
                     selection("CUSTOM".$custom['ID'],$options,
                       $preCustom[$custom['ID']],$custom['NAME']);
                   }
                   else {
                     // get the maximum number of letters for this field
                     if ($custom['TYPE'] == 0) {
                       $rule = explode("\n",$custom['RULES'],2);
                       $max = ($rule[0] != "") ? $rule[0] : vgb_maxlen();
                     }
                     else {
                       $rule = explode("\n",$custom['RULES'],2);
                       if ($rule[0] == "") {
                         $max = 9;
                       }
                       else {
                         $rules = explode("-",$rule[0]);
                         $max = ($rules[1] != "") ? strlen($rules[1]) : 9;
                       }
                     }
                     inputfield("CUSTOM".$custom['ID'],
                       $preCustom[$custom['ID']],
                       25,$max,$custom['NAME']);
                   }
                 }
               }
               echo "<center><br />";
               Submit($lang['addUser'],"newuser");
               echo "</center><p></p>";

               $rusers = array();
               $query = vgb_query("select * from VGB_USER");
               while ($u = vgb_result($query)) {
                 $q = "<table width='340'><tr><td width='50'><span class='name'>".
                     $lang['name'].":</span></td><td width='290'><span class='head'>".
                     vgb_removeHTML(vgb_string($u['NAME']),false).
                     "</span>";
                 if ($u['RESERVED'])
                   $q .= " <span class='content'>(".$lang['reserved'].")</span>";
                 $q .= "</td></tr>".
                     "<tr><td><span class='name'>".
                     vgb_removeHTML(vgb_string($lang['userPassword']),false).
                     ":</span></td>".
                     "<td><span class='content'>".
                     vgb_removeHTML(vgb_string($u['PASSWORD']),false).
                     "</span></td></tr></table>";
                 $rusers[$u['ID']] = $q;
               }

               Category($lang['savedUsers']);
               if (sizeof($rusers)==0)
                 echo "<center><span class='info'>".$lang['noUsers'].
                      "</span></center>";
               else {
                 makeList("user",$rusers,false);
               }
               echo "</form><br />";
               break;

      case 17: // print the edit screen for an user
               echo "<form name='form' method='post' action='admin.".EXT."?sessionID=$sessionID'>";
               Title($lang['editUser']);
               echo "<center><br />";
               printMSG();
               echo "</center>";

               echo "<input type='hidden' name='ID' value='$preID' />";
               inputfield("NAME",$preNAME,25,$settings['MAXLENNAME'],$lang['name']);
               checkbox("RESERVED",$preRESERVED,$lang['reserveName'],$lang['reserveNameInfo']);
               inputfield("PASSWORD",$prePASSWORD,25,30,$lang['userPassword']);
               textarea("SIGNATURE",$preSIGNATURE,40,5,$lang['signature'],$lang['signatureInfo']);
               inputfield("EMAIL",$preEMAIL,
                          25,$settings['MAXLENEMAIL'],$lang['email']);
               checkbox("HIDEEMAIL",$preHIDEEMAIL,$lang['hiddenEmail']);
               inputfield("HOMEPAGE",
                    "http://".$preHOMEPAGE,
                    25,$settings['MAXLENHOMEPAGE'],$lang['homepage']);
               inputfield("ICQ",$preICQ,
                          25,10,$lang['icq']);
               inputfield("AIM",$preAIM,
                          25,$settings['MAXLENAIM'],$lang['aim']);
               inputfield("MSN",$preMSN,
                          25,$settings['MAXLENMSN'],$lang['msn']);
               inputfield("YAHOO",$preYAHOO,
                          25,$settings['MAXLENYAHOO'],$lang['yahoo']);
               selection("COUNTRY",$countries,$preCOUNTRY,
                          $lang['country']);
               inputfield("PICTEXT",$prePICTEXT,
                          25,vgb_maxlen(),$lang['pictureText']);
               inputfield("FILENAME",$preFILENAME,
                          25,32,$lang['picFilename']);
               if (sizeof($customs) > 0) {
                 foreach ($customs as $custom) {
                   if ($custom['TYPE'] == 2) {
                     // this field is a selection
                     $options = array("" => "");
                     $rules = explode("\n",$custom['RULES']);
                     foreach ($rules as $rule) {
                       if (substr_count($rule,"=") != 0) {
                         $option = explode("=",$rule,2);
                         $options[$option[0]] = $option[1];
                       }
                     }
                     selection("CUSTOM".$custom['ID'],$options,
                       $preCustom[$custom['ID']],$custom['NAME']);
                   }
                   else {
                     // get the maximum number of letters for this field
                     if ($custom['TYPE'] == 0) {
                       $rule = explode("\n",$custom['RULES'],2);
                       $max = ($rule[0] != "") ? $rule[0] : vgb_maxlen();
                     }
                     else {
                       $rule = explode("\n",$custom['RULES'],2);
                       if ($rule[0] == "") {
                         $max = 9;
                       }
                       else {
                         $rules = explode("-",$rule[0]);
                         $max = ($rules[1] != "") ? strlen($rules[1]) : 9;
                       }
                     }
                     inputfield("CUSTOM".$custom['ID'],
                       $preCustom[$custom['ID']],
                       25,$max,$custom['NAME']);
                   }
                 }
               }
               echo "<center><br />";
               Cancel("users=0");
               Submit($lang['saveChanges'],"saveuser");
               echo "</center></form><p></p>";
               break;
    }
    echo "</td></tr></table>";

    }
  }

// ************************************************************************
//                              sub-routines
// ************************************************************************

  function getSessionID() {
    global $sessionID,$sessionIP;

    $query = vgb_query("select * from VGB_SESSION where IP = '".$sessionIP."'");
    if (vgb_numrows($query) > 0) {
      $_session = vgb_result($query);
      $sessionID = $_session['SESSIONID'];
      vgb_query("update VGB_SESSION set TRY = TRY + 1 where SESSIONID = '".addSlashes($sessionID)."'");
    }
    else {
      $sessionID = substr(md5(uniqid(rand())),0,20);
      vgb_query("insert into VGB_SESSION values ('".
                   $sessionIP."',now(),'".$sessionID."',1)");
    }
  }

  function setParameters ( $inParameters ) {
    // returns if all of the given parameters are set or exit with an error
    global $arg,$lang;

    foreach ($inParameters as $_parameter) {
      if (!isset($arg[$_parameter]))
        error($lang['missingParameter'].$_parameter);
    }
  }

  function refresh( $t, $c ) {
    $q = "select ID ";
    foreach ($c as $k => $m) 
      $q .= ", $k";
    $q .= " from $t ";
    $se = array();
    $query = vgb_query($q);
    while ($e = vgb_result($query)) 
      $se[] = $e;
    
    foreach ($se as $e) {
      $q =  "update $t set ";
      foreach ($c as $k => $m) {
        $q .= $k." = ";
        $q .= is_null($e[$k]) ? "null, " : "'".addSlashes(vgb_substr($e[$k],$m))."', ";
      }
      $q = substr($q,0,strlen($q)-2);
      $q .= " where ID = ".$e['ID'];
      vgb_query($q);
    }  
          
  }
  
  function getDefine ( $line ) {
    $line = trim($line);
    if (!(strtolower(substr($line,0,6)) == "define"))
      return null;
    $line = trim(substr($line,6));
    if (($line == "") || ($line[0] != "("))
      return null;
    $line = trim(substr($line,1));
    if (($line == "") || !($line[0] == '"'))
      return null;
    $_q = $line[0];
    $line = substr($line,1);
    $_name = "";
    $escaped = false;
    while (!(($line == "") || (!$escaped && ($line[0] == $_q)))) {
      $_name .= $line[0];
      if ($escaped)
        $escaped = false;
      elseif ($line[0] == "\\")
        $escaped = true;
      $line = substr($line,1);
    }
    if ($line == "")
      return null;
    $line = trim(substr($line,1));
    if (($line == "") || ($line[0] != ","))
      return null;
    $line = trim(substr($line,1));

    if (($line == "") || !($line[0] == '"'))
      return null;
    $_q = $line[0];
    $line = substr($line,1);
    $_val = "";
    $escaped = false;
    while (!(($line == "") || (!$escaped && ($line[0] == $_q)))) {
      $_val .= $line[0];
      if ($escaped)
        $escaped = false;
      elseif ($line[0] == "\\")
        $escaped = true;
      $line = substr($line,1);
    }
    if ($line == "")
      return null;
    $line = trim(substr($line,1));
    if (($line == "") || ($line[0] != ")"))
      return null;
    $line = trim(substr($line,1));
    if (($line == "") || ($line[0] != ";"))
      return null;
    $line = trim(substr($line,1));
    if ($line != "")
      return null;
    return array($_name,$_val);
  }

  function getInvalidPics() {
    // searchs for pictures with invalid size
    $_query = vgb_query("select MINX, MAXX, MINY, MAXY, ASKPICTURE from VGB_SETTINGS");
    $_limit = vgb_result($_query);
    $_query = vgb_query("select PICTURE from VGB_ENTRY where not isnull(PICTURE)");

    $_piclist = array();
    if ($_limit[4])
      while ($f = vgb_result($_query)) {
        if (@file_exists("upload/".$f['PICTURE'])) {
          $_size = @GetImageSize("upload/".$f['PICTURE']);
          if (($_size[0] < $_limit[0]) || ($_size[0] > $_limit[1]) ||
              ($_size[1] < $_limit[2]) || ($_size[1] > $_limit[3]))
            $_piclist[] = $f['PICTURE'];
        }
      }
    return $_piclist;
  }

  function deleteEntry( $inID ) {
    // deletes the entry and the picture if available
    $_q = vgb_query("select PICTURE from VGB_ENTRY where ID = ".$inID);
    $_en = vgb_result($_q);

    if (!is_null($_en['PICTURE'])) {
      if (is_file('upload/'.$_en['PICTURE'])) {
        @unlink('upload/'.$_en['PICTURE']);
      }
    }

    vgb_query("delete from VGB_ENTRY where ID = ".$inID);
    vgb_query("delete from VGB_RATING where ENTRY_ID = ".$inID);
    vgb_query("delete from VGB_CUSTOMENTRY where ENTRY_ID = ".$inID);
    vgb_query("delete from VGB_COMMENT where ENTRYID = ".$inID);
  }

  function setValidSkin() {
    // set a valid skin-directory
    global $settings,$lang;

    // which skins are available ?
    $_skins = array();
    $_dir = @opendir("skins/")
      or error($lang['noSkinDir']);
    while ($_name = readdir($_dir)) {
    if (($_name != ".") && ($_name != ".."))
      $_skins[$_name] = $_name;
    }
    closedir($_dir);
    // is the skindir empty ?
    if (sizeof($_skins) == 0)
      $settings['ACTIVESKIN'] = "";
    // selected skin available ?
    elseif (!isset($_skins[$settings['ACTIVESKIN']]))
    // no => set first skin as active skin
    foreach ($_skins as $_skin => $_name) {
      $settings['ACTIVESKIN'] = $_name;
      break;
    }
  }

  function checkCustom() {
    // check the rules of the field
    global $preCUSTOMTYPE,$lang,$preCUSTOMRULES,$errorMSG,$preCUSTOMALLOC,
           $preCUSTOMNAME,$preCUSTOMPRIORITY,$options,$min,$max;

    $foundalloc = false;
    if ($preCUSTOMTYPE < 2) {
      $_rule = explode("\n",$preCUSTOMRULES,2);
      if ($preCUSTOMTYPE == 0)
        $max = (trim($_rule[0]) != "") ? trim($_rule[0]) : "".vgb_maxlen();
      else {
        $_rule2 = explode("-",$_rule[0],3);
        $min = (trim($_rule2[0]) != "") ? trim($_rule2[0]) : "0";
        if (!isset($_rule2[1]))
          $max = "999999";
        else
          $max = (trim($_rule2[1]) != "") ? trim($_rule2[1]) : "999999";
      }
    }
    else {
      $options = array();
      $_rules = explode("\n",$preCUSTOMRULES);
      foreach ($_rules as $_rule) {
        if (substr_count($_rule,"=") != 0) {
          $_option = explode("=",$_rule,2);
          if (trim($_option[0]) == "")
            $errorMSG = $lang['emptyIndex'];
          elseif (isset($options[trim($_option[0])]))
            $errorMSG = $lang['indexError'];
          else {
            $options[trim($_option[0])] = trim($_option[1]);
            if (trim($_option[0]) == trim($preCUSTOMALLOC))
              $foundalloc = true;
          }
        }
      }
      if (sizeof($options) == 0)
        $errorMSG = $lang['noOptions'];
    }
    if ($preCUSTOMNAME == "")
      $errorMSG = $lang['noName'];
    elseif (!vgb_isNumber($preCUSTOMPRIORITY,0,127) ||
            ($preCUSTOMPRIORITY == ""))
      $errorMSG = $lang['wrongNumber'].$lang['priority'];
    elseif (($preCUSTOMTYPE == 0) && !vgb_isNumber($max,1,vgb_maxlen()))
      $errorMSG = $lang['wrongMaxlen'];
    elseif (($preCUSTOMTYPE == 1) && !vgb_isNumber($max,0,999999))
      $errorMSG = $lang['wrongMax'];
    elseif (($preCUSTOMTYPE == 1) && !vgb_isNumber($min,0,999999))
      $errorMSG = $lang['wrongMin'];
    elseif (($preCUSTOMTYPE == 1) && ($min > $max))
      $errorMSG = $lang['wrongLimits'];
    elseif (($preCUSTOMTYPE == 0) && (strlen($preCUSTOMALLOC) > $max))
      $errorMSG = $lang['wrongAlloc'];
    elseif (($preCUSTOMTYPE == 1) && ($preCUSTOMALLOC != "") && !vgb_isNumber($preCUSTOMALLOC,$min,$max))
      $errorMSG = $lang['wrongAlloc'];
    elseif (($preCUSTOMTYPE == 2) && ($preCUSTOMALLOC != "") && !$foundalloc)
      $errorMSG = $lang['wrongAlloc'];
  }

  function setDatetime( $inDate, $inAdd = true ) {
   global $dateFields,$dateinfo,$dateFormats,$preYEAR,$preMONTH,$preDAY,
          $preHOURS,$preMINUTES,$preSECONDS,$lang,$timeFields,$settings;

      $info1 = ($inAdd) ? "+/-" : "";
      $info2 = ($inAdd) ? "+/-" : ":";
      $maxl = ($inAdd) ? 3 : 2;
      $timeFields = array (
        array("HOURS",$preHOURS,$maxl,$maxl,$info1),
        array("MINUTES",$preMINUTES,$maxl,$maxl,$info2),
        array("SECONDS",$preSECONDS,$maxl,$maxl,$info2)
      );

      $dateFormats = array(
       0 => $lang['day']." / ".$lang['month']." / ".$lang['year'],
       1 => $lang['year']." / ".$lang['month']." / ".$lang['day'],
       2 => $lang['month']." / ".$lang['day']." / ".$lang['year'] );

      $onDate = explode("-",$inDate);
      $_dateFields = array(
        array("YEAR",$onDate[0],4,4,""),
        array("MONTH",$onDate[1],2,2,""),
        array("DAY",$onDate[2],2,2,"")
      );
      if (isset($preYEAR))
        $_dateFields[0][1] = $preYEAR;
      if (isset($preMONTH))
        $_dateFields[1][1] = $preMONTH;
      if (isset($preDAY))
        $_dateFields[2][1] = $preDAY;


      $dateFields = array();
      $dateinfo = "( ".$dateFormats[$settings['USEUSDATE']]." )";
      switch ($settings['USEUSDATE']) {
        case 0: $i = 2; break;
        case 1: $i = 0; break;
        case 2: $i = 1;
      }
      $dateFields[] = $_dateFields[$i];
      switch ($settings['USEUSDATE']) {
        case 0: $i = 1; break;
        case 1: $i = 1; break;
        case 2: $i = 2;
      }
      $_dateFields[$i][4] = "/";
      $dateFields[] = $_dateFields[$i];
      switch ($settings['USEUSDATE']) {
        case 0: $i = 0; break;
        case 1: $i = 2; break;
        case 2: $i = 0;
      }
      $_dateFields[$i][4] = "/";
      $dateFields[] = $_dateFields[$i];
  }

  function initSetup() {
    // get the size of the MySQL-Database
    global $vgbsize,$vgbunit,$databasesize,$totalunit,$mySQL_Database,$Prefix;

      // is the status query working ?
      if (!($_query = vgb_query("show table status from ".$mySQL_Database,false))) {
        $databasesize = "unknown";
        $totalunit = "";
        $vgbsize = "unknown";
        $vgbunit = "";
      }
      else {
        // calculate the memory usages
        $_size = 0;
        $_vgbsize = 0;
        $_names = array( "_SETTINGS",
                         "_ENTRY",
                         "_EMOTICON",
                         "_CUSTOMFIELD",
                         "_CUSTOMENTRY",
                         "_RATINGBOX",
                         "_COMMENT",
                         "_COMMENTSPAM",
                         "_RATING",
                         "_LOGIN",
                         "_EMAIL",
                         "_SPAM",
                         "_USER",
                         "_COUNTRY",
                         "_CUSTOMUSER",
                         "_VISITOR",
                         "_COUNTRY" );
        $_vgbnames = array();
        foreach ($_names as $_name) {
          $_vgbnames[] = strtolower($Prefix.$_name);
        }

        while ($_table = vgb_result($_query)) {
          $_size += $_table['Data_length'];
          if (in_array(strtolower($_table['Name']),$_vgbnames)) {
              $_vgbsize += $_table['Data_length'];
          }
        }
        $databasesize = round($_size/1024,2);
        if ($databasesize >= 1024) {
          $databasesize = round($databasesize/1024,2);
          $totalunit = "MB";
        }
        else
          $totalunit = "KB";
        $vgbsize = round($_vgbsize/1024,2);
        if ($vgbsize >= 1024) {
          $vgbsize = round($vgbsize/1024,2);
          $vgbunit = "MB";
        }
        else
          $vgbunit = "KB";
      }
  }

  function initComments( $inENTRYID ) {
    global $lang,$sessionID,$comments;

    $_query = vgb_query("select * from VGB_COMMENT where UNMODERATED = 0 and ENTRYID = ".$inENTRYID." order by DATE asc, SIGNTIME asc, ID asc");

    $_no = 1;
    while ($_comment = vgb_result($_query)) {
      $_q = "<table width='100%' border='0'";
      if ($_comment['ADMIN'])
        $_q .= "bgcolor='#CCCCFF'><tr><td colspan='2' align='center'>".
             "</td></tr";
      $_date = explode("-",$_comment['DATE']);
      $_q .= "><tr><td width='40' valign='top'><span class='name'>".
            $lang['number'].":</span></td>".
            "<td width='230'>".
            "<table cellspacing='0' cellpadding='0' border='0' width='270'><tr><td align='left'>".
            "<span class='content'>$_no</span></td><td align='right'><span class='name'>".vgb_dateOut($_date)." - ".$_comment['SIGNTIME']."</span></td></tr></table></td>".
            "</tr><tr><td valign='top'><span class='name'>".
            $lang['name'].":</span></td><td><span class='head'>".
            vgb_removeHTML(vgb_string($_comment['NAME']),false).
            "</span><br /><span class='name'>".$_comment['IP']." (";
            $_q .= ($_comment['HOSTNAME'] != '') ? $_comment['HOSTNAME'] :
              $lang['unknown'];
            $_q .= ")".
            "</span></td></tr><tr><td valign='top'><span class='name'>".
            $lang['text'].":</span></td><td><span class='content'>".
            nl2br(vgb_wrapWords(vgb_removeHTML(vgb_limitEmptyLines(vgb_string($_comment['TEXT'])),false)));
      $_q .= "</span></td></tr>";
      $_q .= "</table>";
      $comments[$_comment['ID']] = $_q;
      $_no++;
    }
  }

  function initShow( $inPage ) {
    // initialize array entries for the given page
    global $settings,$maxEntry,$entries,$lang,$sessionID,
           $modentries,$modcomments;

    // load the entries of the active page from the database
      $entryfilter = ($settings['MODERATEDMODE']) ? "where UNMODERATED = 0" : "";
      $_query = vgb_query("select * from VGB_ENTRY e $entryfilter order by e.DATE desc, e.SIGNTIME desc, e.ID desc limit ".
                    (($inPage-1)*$settings['MAXENTRIESPERPAGE']).",".
                    $settings['MAXENTRIESPERPAGE']);

    // where to start with the numbering ?
    $_number = $maxEntry-($inPage-1)*$settings['MAXENTRIESPERPAGE']
                + $settings['PASTENTRIES'];

    // build up the list of datas we must display
    $entries = array();
    while ($_entry = vgb_result($_query)) {
      $_q = "<table width='100%' border='0'";
      $_date = explode("-",$_entry['DATE']);
      if ($_entry['PRIVATE'] && $settings['ASKPRIVATE'])
        $_q .= "bgcolor='#CCCCFF'><tr><td colspan='2' align='center'>".
             "<span class='name'>- private -</span><br /></td></tr";
      $_q .= "><tr><td width='40' valign='top'><span class='name'>".
            $lang['entry'].":</span></td>".
            "<td width='270'><table cellspacing='0' cellpadding='0' border='0' width='270'><tr><td align='left'>".
            "<span class='content'>$_number</span></td><td align='right'><span class='name'>".vgb_dateOut($_date)." - ".$_entry['SIGNTIME']."</span></td></tr></table></td>".
            "</tr><tr><td valign='top'><span class='name'>".
            $lang['name'].":</span></td><td><span class='head'>".
            vgb_removeHTML(vgb_string($_entry['NAME']),false).
            "</span><br /><span class='name'>".$_entry['IP']." (";
            $_q .= ($_entry['HOSTNAME'] != '') ? $_entry['HOSTNAME'] :
              $lang['unknown'];
            $_q .= ")".
            "</span></td></tr><tr><td valign='top'><span class='name'>".
            $lang['text'].":</span></td><td><span class='content'>".
            nl2br(vgb_wrapWords(vgb_removeHTML(vgb_string(vgb_limitEmptyLines($_entry['ENTRY'])),false)));
      if (!is_null($_entry['COMMENT']))
        $_q .= "</span><hr /><center><span class='content'><b>".$lang['comment']." :</b></span></center>".
              "<hr /><span class='content'>".
              (nl2br(vgb_wrapWords(vgb_removeHTML(vgb_string($_entry['COMMENT']),false))));
      $_q .= "</span></td></tr>";
      if (!is_null($_entry['PICTURE'])) {
        unset($_w);
        $_value = "<img src='upload/".$_entry['PICTURE']."' ";
        $_value .= (is_null($_entry['PICTEXT'])) ? "alt=''" :
                   "alt='".vgb_removeHTML(vgb_string($_entry['PICTEXT']),false)."' title='".vgb_removeHTML(vgb_string($_entry['PICTEXT']),false)."'";
        $size = @getImageSize("upload/".$_entry['PICTURE']);
        if (count($size) > 1) {
          $_x = (($size[0]-200) <= 0) ? 0 : 1;
          $_y = (($size[1]-100) <= 0) ? 0 : 1;

          if (($_x > 0) || ($_y > 0)) {
            $_w = true;
            if (($_x == 0) || (($_y > 0) && (($size[1]/$size[0]*200) > 100)))
              $_w = false;
            $_value .= ($_w) ? "width='200' " : "height='100' ";
            $url = "screen.".EXT."?vgbxiferp=";
            if (!is_null($_entry['PRIVATE']))
              $url .= "&amp;decode=".$sessionID;
            $url .= "&amp;vgberutcip=".$_entry['ID'];
            $_value = "<a href='".$url."' target='_blank' onclick=\"pic=window.open('".$url.
                "','_blank','width=".$size[0].",height=".$size[1].",resizable=no,scrollbars=no'); if (window.focus)".
                " pic.focus(); return false;\">".$_value." /></a>";

          }
        }
        if (!isset($_w))
          $_value .= " />";

        $_q .= "<tr><td width='40' valign='top'><span class='name'>".
               $lang['pic'].":</span></td>".
               "<td width='230'><center>$_value<br /><span class='content'><b>".$_entry['PICTURE'].
               "</b></span></center></td></tr>";
      }
      if ($settings['ALLOWCOMMENTS']) {
        $_query2 = vgb_query("select * from VGB_COMMENT where UNMODERATED = 0 and ENTRYID = ".$_entry['ID']);
        $_q .= "<tr><td colspan='2' bgcolor='#4A529B'><a href='admin.".EXT."?sessionID=$sessionID&amp;showcomment=".$_entry['ID']."' class='blink'>&nbsp; ".
               $lang['visitComments'].": ".vgb_numrows($_query2)."</a></td></tr>";
      }
      $_q .= "</table>";
      $entries[$_entry['ID']] = $_q;
      $_number--;
    }

    // build up the list of datas we must display
    $_query = vgb_query("select * from VGB_ENTRY where UNMODERATED = 1 order by ID asc");
    $modentries = array();
    while ($_entry = vgb_result($_query)) {
      $_q = "<table width='100%' border='0'";
      $_date = explode("-",$_entry['DATE']);
      if ($_entry['PRIVATE'] && $settings['ASKPRIVATE'])
        $_q .= "bgcolor='#CCCCFF'><tr><td colspan='2' align='center'>".
             "<span class='name'>- private -</span><br /></td></tr";
      $_q .= "><tr><td width='40' valign='top'><span class='name'>".
            $lang['date'].":</span></td>".
            "<td width='230'>".
            "<span class='content'>".vgb_dateOut($_date)." - ".$_entry['SIGNTIME']."</span></td>".
            "</tr><tr><td valign='top'><span class='name'>".
            $lang['name'].":</span></td><td><span class='head'>".
            vgb_removeHTML(vgb_string($_entry['NAME']),false).
            "</span><br /><span class='name'>".$_entry['IP']." (";
            $_q .= ($_entry['HOSTNAME'] != '') ? $_entry['HOSTNAME'] :
              $lang['unknown'];
            $_q .= ")".
            "</span></td></tr><tr><td valign='top'><span class='name'>".
            $lang['text'].":</span></td><td><span class='content'>".
            nl2br(vgb_wrapWords(vgb_removeHTML(vgb_string(vgb_limitEmptyLines($_entry['ENTRY'])),false)));
      if (!is_null($_entry['COMMENT']))
        $_q .= "</span><hr /><center><span class='content'><b>".$lang['comment']." :</b></span></center>".
              "<hr /><span class='content'>".
              (nl2br(vgb_wrapWords(vgb_removeHTML(vgb_string($_entry['COMMENT']),false))));
      $_q .= "</span></td></tr>";
      if (!is_null($_entry['PICTURE'])) {
        unset($_w);
        $_value = "<img src='upload/".$_entry['PICTURE']."' ";
        $_value .= (is_null($_entry['PICTEXT'])) ? "alt=''" :
                   "alt='".vgb_removeHTML(vgb_string($_entry['PICTEXT']),false)."' title='".vgb_removeHTML(vgb_string($_entry['PICTEXT']),false)."'";
        $size = @getImageSize("upload/".$_entry['PICTURE']);
        if (count($size) > 1) {
          $_x = (($size[0]-200) <= 0) ? 0 : 1;
          $_y = (($size[1]-100) <= 0) ? 0 : 1;

          if (($_x > 0) || ($_y > 0)) {
            $_w = true;
            if (($_x == 0) || (($_y > 0) && (($size[1]/$size[0]*200) > 100)))
              $_w = false;
            $_value .= ($_w) ? "width='200' " : "height='100' ";
            $url = "screen.".EXT."?vgbxiferp=";
            if (!is_null($_entry['PRIVATE']))
              $url .= "&amp;decode=".$sessionID;
            $url .= "&amp;vgberutcip=".$_entry['ID'];
            $_value = "<a href='".$url."' target='_blank' onclick=\"pic=window.open('".$url.
                "','_blank','width=".$size[0].",height=".$size[1].",resizable=no,scrollbars=no'); if (window.focus)".
                " pic.focus(); return false;\">".$_value." /></a>";

          }
        }
        if (!isset($_w))
          $_value .= " />";

        $_q .= "<tr><td width='40' valign='top'><span class='name'>".
               $lang['pic'].":</span></td>".
               "<td width='230'><center>$_value<br /><span class='content'><b>".$_entry['PICTURE'].
               "</b></span></center></td></tr>";
      }
      $_q .= "</table>";
      $modentries[$_entry['ID']] = $_q;
    }

    $_query = vgb_query("select * from VGB_COMMENT where UNMODERATED = 1 order by ID asc");
    while ($_comment = vgb_result($_query)) {
      $_q = "<table width='100%' border='0'";
      $_date = explode("-",$_comment['DATE']);
      if ($_comment['ADMIN'])
        $_q .= "bgcolor='#CCCCFF'><tr><td colspan='2' align='center'>".
             "</td></tr";
      $_q .= "><tr><td width='40' valign='top'><span class='name'>".
            $lang['date'].":</span></td>".
            "<td width='230'>".
            "<span class='content'>".vgb_dateOut($_date)." - ".$_comment['SIGNTIME']."</span></td>".
            "</tr><tr><td valign='top'><span class='name'>".
            $lang['name'].":</span></td><td><span class='head'>".
            vgb_removeHTML(vgb_string($_comment['NAME']),false).
            "</span><br /><span class='name'>".$_comment['IP']." (";
            $_q .= ($_comment['HOSTNAME'] != '') ? $_comment['HOSTNAME'] :
              $lang['unknown'];
            $_q .= ")".
            "</span></td></tr><tr><td valign='top'><span class='name'>".
            $lang['text'].":</span></td><td><span class='content'>".
            nl2br(vgb_wrapWords(vgb_removeHTML(vgb_limitEmptyLines(vgb_string($_comment['TEXT'])),false)));
      $_q .= "</span></td></tr>";
      $_q .= "</table>";
      $modcomments[$_comment['ID']] = $_q;
    }

  }

  function initRatings() {
    // initialize the ratings array
    global $ratings;

    $ratings = array();
    $_query = vgb_query("select * from VGB_RATINGBOX order by PRIORITY asc");
    while ($_box = vgb_result($_query)) {
      $ratings[] = $_box;
    }
  }

  function initCustoms() {
    // initialize the custom-fields array
    global $customs;

    $customs = array();
    $_query = vgb_query("select * from VGB_CUSTOMFIELD order by PRIORITY asc");
    while ($_field = vgb_result($_query)) {
      $customs[] = $_field;
    }
  }

  function initCountries() {
    global $countries,$langC;

    $countries = array( "" => "" );
    $_query = vgb_query("select * from VGB_COUNTRY where ID > 1");
    while ($_country = vgb_result($_query)) {
      $countries[$_country['ID']] = ($_country['TRANSLATE']) ?
        $langC[$_country['NAME']] : $_country['NAME'];
    }
    uasort($countries,"vgb_stringsort");
    $countries[1] = $langC["0"];

  }

  function initEditEntry () {
    // initialize the countries array
    global $customs,$lang;

    initCountries();
    initRatings();
    initCustoms();
  }

  function initEmoticons() {
    global $settings,$preUSEEMOTICONS,$preUSEADMINEMO,
           $preUSEIFRAME;

    $preUSEEMOTICONS = $settings['USEEMOTICONS'];
    $preUSEADMINEMO = $settings['USEADMINEMO'];
    $preUSEIFRAME = $settings['USEIFRAME'];
  }

  function initInput() {
    // initializes the presets for the input screen
    global $preMAXLENNAME,$preMAXLENTEXT,$preMAXLENEMAIL,
           $preMAXLENHOMEPAGE,$preMAXLENAIM,$preMAXLENMSN,
           $preMAXLENYAHOO,$preASKEMAIL,$preASKHOMEPAGE,
           $preASKICQ,$preASKAIM,$preASKMSN,$preASKPICTURE,
           $preASKYAHOO,$preASKCOUNTRY,$preFORCECOUNTRY,
           $preFORCEEMAIL,$preRANGEX,$preRANGEY,$preASKPICTEXT,
           $preTHUMBNAILX,$preTHUMBNAILY,
           $preUSEMAILER,$preASKHIDEEMAIL,$prePRECOUNTRY ,$settings;

    initCountries();
    $preMAXLENNAME = $settings['MAXLENNAME'];
    $preMAXLENTEXT = $settings['MAXLENENTRY'];
    $preMAXLENEMAIL = $settings['MAXLENEMAIL'];
    $preMAXLENHOMEPAGE = $settings['MAXLENHOMEPAGE'];
    $preMAXLENAIM = $settings['MAXLENAIM'];
    $preMAXLENMSN = $settings['MAXLENMSN'];
    $preMAXLENYAHOO = $settings['MAXLENYAHOO'];
    $preASKEMAIL = $settings['ASKEMAIL'];
    $preASKHIDEEMAIL = $settings['ASKHIDEEMAIL'];
    $preUSEMAILER = $settings['USEMAILER'];
    $preASKHOMEPAGE = $settings['ASKHOMEPAGE'];
    $preASKICQ = $settings['ASKICQ'];
    $preASKAIM = $settings['ASKAIM'];
    $preASKMSN = $settings['ASKMSN'];
    $preASKYAHOO = $settings['ASKYAHOO'];
    $preASKCOUNTRY = $settings['ASKCOUNTRY'];
    $preFORCECOUNTRY = $settings['FORCECOUNTRY'];
    $preFORCEEMAIL = $settings['FORCEEMAIL'];
    $preASKPICTURE = $settings['ASKPICTURE'];
    $preASKPICTEXT = $settings['ASKPICTEXT'];
    $prePRECOUNTRY = $settings['PRECOUNTRY'];
    $preTHUMBNAILX = $settings['THUMBNAILX'];
    $preTHUMBNAILY = $settings['THUMBNAILY'];
    $preRANGEX = $settings['MINX'];
    if ($settings['MINX'] != $settings['MAXX'])
      $preRANGEX .= "-".$settings['MAXX'];
    $preRANGEY = $settings['MINY'];
    if ($settings['MINY'] != $settings['MAXY'])
      $preRANGEY .= "-".$settings['MAXY'];
  }

  function resetRatingForm() {
    // reset the form for the new ratingbox
    global $preRATINGNAME,$preRATINGPRIORITY,$preRATINGFORCE,
           $preRATINGSTATS,$preFORMTEXT;

    $preRATINGNAME = "";
    $preRATINGPRIORITY = "";
    $preFORMTEXT = "";
    $preRATINGFORCE = 0;
    $preRATINGSTATS = 1;
  }

  function resetCustomForm() {
    // resets the form for the new customfield
    global $preCUSTOMNAME,$preCUSTOMPRIORITY,$preCUSTOMFORCE,$preCUSTOMALLOC,
           $preCUSTOMSTATS,$preCUSTOMTYPE,$preCUSTOMRULES,$preCUSTOMFORM;

    $preCUSTOMNAME = "";
    $preCUSTOMPRIORITY = "";
    $preCUSTOMFORCE = 0;
    $preCUSTOMSTATS = 1;
    $preCUSTOMTYPE = 0;
    $preCUSTOMRULES = "";
    $preCUSTOMFORM = "";
    $preCUSTOMALLOC = "";
  }

  function resetCountryForm() {
    // resets the form for the new country
    global $preNAME,$preICON,$preTRANSLATE;

    $preNAME = "";
    $preICON = "";
    $preTRANSLATE = 0;
  }

  function resetEmoticonForm() {
    // resets the form for the new emoticon
    global $preCODE,$preFILENAME,$prePRIORITY;

    $preCODE = "";
    $preFILENAME = "";
    $prePRIORITY = "";
  }

  function vgb_refreshStrings() {
    // refreshs the length of strings in database
    global $settings;
    
    // settings
    $cols = array( 
              "PASSPREFIX" => 20,
              "BADWORDSTRING" => 127 );
    foreach ($cols as $col => $len) 
      vgb_query("update VGB_SETTINGS set $col = '".addSlashes(vgb_substr($settings[$col],$len))."'");
    $query = vgb_query("select * from VGB_ENTRY");
    while ($e = vgb_result($query)) {
      vgb_query("update VGB_ENTRY set ENTRY = '".addSlashes(vgb_substr($e['ENTRY'],$settings['MAXLEN']))."' where ID = ".$e['ID']);
    }
    $query = vgb_query("select * from VGB_SETTINGS");
    $settings = vgb_result($query);
  }

// ************************************************************************
//                              print-routines
// ************************************************************************

  function printMSG() {
    // prints an error- or statusmessage if defined
    global $lang,$errorMSG,$statusMSG;

    if (isset($errorMSG))
      echo "<center><br /><span class='show'>".$lang['errorOccured'].
           "</span><br /><span class='error'>".$errorMSG.
           "</b></span></center><p></p>";
    elseif (isset($statusMSG))
      echo "<center><br /><span class='status'><b>".$statusMSG.
           "</b></span></center><p></p>";
  }

  function maxlenCheck ( $inString ) {
    // insert a check for the given string into check() routine
    global $lang;

    echo "  if (isNaN(document.form.MAXLEN$inString.value) ||\n".
         "     (document.form.MAXLEN$inString.value == '')) {\n".
         "    alert('".vgb_JSout($lang['wrongLength']).
                 vgb_JSout($lang[strtolower($inString)])."');\n".
         "    return false;\n".
         "  }\n";
  }

  function Title ( $inText, $inSize = 490 ) {
    global $lang;

    echo "<br /><table align='center' cellspacing='0' cellpadding='0' border='0' bgcolor='#8382CA'>".
         "<tr><td>".
         "<table cellspacing='2' cellpadding='0' border='0' width='$inSize'>".
         "<tr><td align='center' class='titlebg'><span class='title'>".$inText."</span></td></tr>".
         "</table></td></tr></table>";
  }

  function Category ( $inText ) {
    echo "<ul type='square' class='menu'><li>".$inText." :</li></ul>";
  }

  function Menu( $inText, $inParam, $inScreens, $inInfo = null ) {
    global $screen,$lang,$sessionID;

    if (in_array($screen,$inScreens)) {
      echo "<tr><td class='bgamenu' align='center'>".
           "<a href='admin.".EXT."?sessionID=$sessionID&amp;$inParam'>".$lang[$inText];
      if (!is_null($inInfo))
        echo "<br /><span class='menuinfo'>".$inInfo."</span>";
      echo "</a><br />".
           "</td></tr>";
    }
    else {
      echo "<tr><td class='bgmenu' align='center'>".
           "<a href='admin.".EXT."?sessionID=$sessionID&amp;$inParam' class='blink'>".$lang[$inText];
      if (!is_null($inInfo))
        echo "<br /><span class='menuinfo'>".$inInfo."</span>";
      echo "</a><br />".
           "</td></tr>";
    }
  }

  function NaviLink( $inName, $inURL, $inBool = true) {

    if ($inBool) {
      echo "<tr><td><table bgcolor='#8392DA' cellspacing='0' cellpadding='0' border='0'>".
           "<tr><td><table width='170' border='0' cellspacing='2'><tr>".
           "<td valign='top' width='20' align='center'><span class='option'>&raquo;</span></td>".
           "<td class='navibg' align='center'>".
           "<a href='http://$inURL' target='_blank' class='navi'>".$inName."</a>".
           "</td></tr></table></td></tr></table></td></tr>";
    }
  }

  function addWarning ( $inString ) {
    // inserts a warning for the given field into the check() routine
    global $lang,$settings;

    echo "  if (document.form.MAXLEN$inString.value < ".
            $settings["MAXLEN".$inString].") {\n".
         "    q += '".vgb_JSout($lang[strtolower($inString)])."\\n';".
         "  }\n";
  }

  function CustomFields() {
    // prints the input-fields for a custom-field
    global $preCUSTOMNAME,$preCUSTOMTYPE,$preCUSTOMPRIORITY,$preCUSTOMFORM,
           $preCUSTOMRULES,$preCUSTOMFORCE,$preCUSTOMSTATS,$preCUSTOMALLOC,$lang;

    $type = array( 0 => $lang['textInput'],
                   1 => $lang['numberInput'],
                   2 => $lang['selectInput']);
    inputfield("CUSTOMNAME",$preCUSTOMNAME,30,vgb_maxlen(),
      $lang['name']);
    inputfield("CUSTOMFORM",$preCUSTOMFORM,30,vgb_maxlen(),
      $lang['formText'],$lang['formTextInfo2']);
    selection("CUSTOMTYPE",$type,$preCUSTOMTYPE,
      $lang['type']);
    inputfield("CUSTOMPRIORITY",$preCUSTOMPRIORITY,6,3,
      $lang['priority'],$lang['priorityInfo']);
    textarea("CUSTOMRULES",
      $preCUSTOMRULES,35,6,
      $lang['rules'],str_replace("127",vgb_maxlen(),$lang['rulesInfo']));
    inputfield("CUSTOMALLOC",$preCUSTOMALLOC,30,vgb_maxlen(),
      $lang['preAllocWith'],$lang['preAllocWithInfo']);
    checkbox("CUSTOMFORCE",$preCUSTOMFORCE,
      $lang['forceInput'],$lang['forceInputInfo']);
    checkbox("CUSTOMSTATS",$preCUSTOMSTATS,
      $lang['actStats'],$lang['actStatsInfo'].$lang['actNoStats']);
  }

  function submit( $inText, $inName, $inQuestion = null ) {
    // print a submit button
    echo "<input class='button' type='submit' value='$inText' name='$inName'";
    if (!is_null($inQuestion)) {
      echo " onclick=\"confirm('$inQuestion')\"";
    }
    echo " />";
  }

  function cancel ( $inLocation ) {
    // print a cancel button
    global $lang,$sessionID;

    echo "<input type='button' class='button' value='".$lang['cancel']."' ".
         "onclick=\"document.location.href='admin.".EXT."?sessionID=$sessionID&amp;$inLocation'\" />";
  }

  function infobox ( $inName , $inFields, $inInfo = "" ) {
    echo "<table border='0' cellspacing='0' cellpadding='0' class='border' width='450' align='center'>
          <tr>
            <td style='background-color: #8392DA'>
            <span class='option'> &nbsp;<b> $inName</b></span>
            <table border='0' cellspacing='2' cellpadding='4' width='100%'>
            <tr>
              <td style='background-color: #445588'>
              <table>";
   foreach ($inFields as $key => $val) {
     if ($val != "") {
       echo "<tr>
               <td valign='top'><span class='info'><b>&raquo; ".vgb_string($key)."</b> : </span></td>
               <td valign='top'>";
       if (substr($val,0,6) == "<table")
         echo $val;
       else
         echo "<span class='info'>".vgb_string($val)."</span>";
       echo "</td>
             </tr>";
     }
   }
   echo "     </table>";
   if ($inInfo != "")
     echo "<div align='center'><br />$inInfo
           </div>";
   echo "
              </td>
            </tr>
            </table>
            </td>
          </tr>
          </table> ";
  }

  function checkbox ( $inName, $inValue, $inText, $inInfo = null ) {
    // prints a checkbox
    echo "<table width='450' align='center'>".
         "<tr><td align='left' class='bgoption'><span class='option'>".
         "<input name='$inName' value='1'";
    if ($inValue)
      echo " checked='checked'";
    echo " type='checkbox' />".
         " ".vgb_removeHTML(vgb_string($inText))."</span></td></tr>";
    if (!is_null($inInfo))
      echo "<tr><td class='bginfo'><blockquote><span class='info'>$inInfo".
           "</span></blockquote></td></tr>";
    echo "</table>";
  }

  function textarea ( $inName, $inValue, $inCols, $inRows,
                      $inText, $inInfo = null, $inEmoticons = false) {
    global $skinDir;

    // prints a textarea
    echo "<table width='450' align='center' cellpadding='2'>".
         "<tr><td align='left' valign='top' class='bgoption'>".
         "<table cellspacing='0' width='100%'><tr><td valign='top'>".
         "<span class='option'> &nbsp; $inText".
         " </span></td><td align='right'>".
         "<textarea class='input' cols='$inCols' ".
         "rows='$inRows' name='$inName'>".
         vgb_formdata($inValue).
         "</textarea> &nbsp;";
    if ($inEmoticons) {
      echo "<table width='300' cellspacing='0' cellpadding='0' border='0' bgcolor='#000000'>
            <tr>
              <td><table width='100%' cellspacing='1' cellpadding='2' border='0'>
                  <tr>
                    <td align='center' bgcolor='#CCCCCC'>";
      vgb_setSkinDir();
      $query = vgb_query("select * from VGB_EMOTICON");
      while ($emoticon = vgb_result($query)) {
        echo "<a href='javascript:".$inName."icon(\"".$emoticon['CODE']."\")'><img src='".$skinDir."emoticons/".$emoticon['FILENAME']."' border='0' alt='' /></a> ";
      }
      echo "</td></tr></table></td></tr></table>";
    }
    echo "</td></tr></table></td></tr>";
    if (!is_null($inInfo))
      echo "<tr><td colspan='2' class='bginfo'><blockquote><span class='info'>".
           "$inInfo</span></blockquote></td></tr>";
    echo "</table>";
  }

  function editarea ( $inName, $inValue) {

    // prints a textarea
    echo "<table width='750' align='center' cellpadding='2'>".
         "<tr><td align='left' valign='top' class='bgoption'>".
         "<table cellspacing='0' width='100%'><tr><td valign='top' align='center'>".
         "<textarea style='background-image: url(edit.gif); line-height: 15px; background-attachment: scroll; font-family: courier new, courier; font-size: 12px; font-weight: normal; color: #000000; width: 730px' cols='85' wrap='off' rows='20' name='$inName'>".
         vgb_formdata($inValue).
         "</textarea> &nbsp;".
         "</td></tr></table></td></tr>";
    echo "</table>";
  }

  function editfield ( $inName, $inValue,
                        $inText, $inInfo = "" ) {
    // prints an inputfield for text
    echo "<table width='720' align='center' cellpadding='2'>".
         "<tr><td align='left' valign='top' class='bgoption'><span class='option'> &nbsp; $inText:</span>".
         "<table cellspacing='0' width='100%'><tr><td valign='top' align='center'>".
         "<textarea style='background-image: url(edit.gif); line-height: 15px; background-attachment: scroll; font-family: courier new, courier; font-size: 12px; font-weight: normal; color: #000000; width: 700px' cols='85' wrap='off' rows='2' name='$inName'>".
         vgb_formdata($inValue).
         "</textarea> ".
         "</td></tr></table></td></tr>";
    if ($inInfo != "")
      echo "<tr><td class='bginfo'><blockquote><span class='info'>".
           vgb_removeHTML($inInfo)."</span>".
           "</blockquote></td></tr>";
    echo "</table>";
  }

  function textfield ( $inText, $inValue = null, $inInfo = null ) {
    // prints a textfield
    echo "<table width='450' align='center' cellpadding='2'>".
         "<tr><td align='left' class='bgoption'>".
         "<table cellspacing='0' width='100%'><tr><td>".
         vgb_removeHTML(vgb_string($inText)).
         " </td><td align=right>";
    if (!is_null($inValue))
      echo "<span class='error'>".$inValue."</span>";
    echo "</td></tr></table></td></tr>";
    if (!is_null($inInfo))
      echo "<tr><td colspan='2' class='bginfo'><blockquote><span class='info'>".
           vgb_removeHTML(vgb_string($inInfo))."</span>".
           "</blockquote></td></tr>";
    echo "</table>";
  }

  function inputfield ( $inName, $inValue, $inLen, $inMaxlen,
                        $inText, $inInfo = null ) {
    // prints an inputfield for text
    echo "<table width='450' align='center' cellpadding='2'>".
         "<tr><td class='bgoption'>".
         "<table cellspacing='0' width='100%'>".
         "<tr><td align='left'><span class='option'> &nbsp; ".vgb_string($inText)." </span>".
         "</td><td align='right'>".
         "<input class='input' name='$inName' value='".
         vgb_formdata($inValue)."' maxlength='$inMaxlen'".
         " size='$inLen' type='text' /> &nbsp; ".
         "</td></tr></table></td></tr>";
    if (!is_null($inInfo))
      echo "<tr><td colspan='2' class='bginfo'><blockquote><span class='info'>".
           $inInfo."</span>".
           "</blockquote></td></tr>";
    echo "</table>";
  }

  function multiInputfield ( $fields , $inText, $inInfo = null ) {
    // prints an inputfield for text
    echo "<table width='450' align='center' cellpadding='2'>".
         "<tr><td class='bgoption'>".
         "<table cellspacing='0' width='100%'>".
         "<tr><td align='left'><span class='option'> &nbsp; $inText </span>".
         "</td><td align='right'>";
    foreach ($fields as $field) {
      echo "<span class='info'> ".$field[4]." </span><input class='input' name='".$field[0]."' value='".
         vgb_formdata($field[1])."' maxlength='".$field[3]."'".
         " size='".$field[2]."' type='text' />";
    }
    echo " &nbsp; ".
         "</td></tr></table></td></tr>";
    if (!is_null($inInfo))
      echo "<tr><td colspan='2' class='bginfo'><blockquote><span class='info'>".
           vgb_removeHTML($inInfo)."</span>".
           "</blockquote></td></tr>";
    echo "</table>";
  }

  function selection ( $inName, $inOptions, $inSelected,
                        $inText, $inInfo = null ) {
    // prints a selection
    echo "<table width='450' cellpadding='2' align='center'>".
         "<tr><td class='bgoption'>".
         "<table cellspacing='0' width='100%'>".
         "<tr><td align='left'><span class='option'>".
         " &nbsp; ".vgb_string($inText)." </span>".
         "</td><td align='right'>".
         "<select class='input' name='$inName'> ";
    foreach ($inOptions as $_index => $_text) {

      echo "<option value='".vgb_removeHTML(vgb_string($_index))."'";
      if ($inSelected == $_index)
        echo " selected='selected'";
      echo "> ".vgb_removeHTML(vgb_string($_text))." </option>";
    }
    echo "</select> &nbsp; </td></tr></table></td></tr>";
    if (!is_null($inInfo))
      echo "<tr><td colspan='2' class='bginfo'><blockquote><span class='info'>".
           vgb_removeHTML($inInfo)."</span>".
           "</blockquote></td></tr>";
    echo "</table>";
  }

  function password ( $inName, $inValue, $inText, $inInfo = null ) {
    // prints a password-input-field
    echo "<table width='450' align='center' cellpadding='2'>".
         "<tr><td align='left' class='bgoption'>".
         "<table width='100%' cellspacing='0'>".
         "<tr><td>".
         "<span class='option'>".
         " &nbsp; $inText </span>".
         "</td><td align='right'>".
         "<input class='input' name='$inName' value='".vgb_string($inValue)."' maxlength='127'".
         " size='20' type='password' /> &nbsp; ".
         "</td></tr></table></td></tr>";
    if (!is_null($inInfo))
      echo "<tr><td colspan='2' class='bginfo'><blockquote><span class='info'>".
      vgb_removeHTML($inInfo)."</span>".
           "</blockquote></td></tr>";
    echo "</table>";
  }

  function makeList ( $inName, $inList, $delmark = true ) {
    // prints a list of tables with delete- and edit-buttons
    global $lang,$sessionID;

    echo "<table align='center'>";
    foreach ($inList as $_ID => $_content) {
      $_x = ($delmark) ? "<table><tr><td valign='top'><input type='checkbox' name='".$inName."[".$_ID."]' value='1' /></td><td>" : "";
      $_y = ($delmark) ? "</td></tr></table>" : "";
      echo "<tr><td>$_x<table border='2' cellpadding='0' cellspacing='0'".
           " bgcolor='#FFFFFF' width='430'>".
           "<tr><td width='350' valign='top' align='left'>".
           $_content."</td><td width='100' valign='top' class='bglist' align='center'>".
           "<input type='button' class='button' style='width:100px'".
           " value='";
      if ($inName == "entry")
        echo $lang['editComment'];
      else
        echo $lang['edit'];
      echo "' ".
           "onclick=\"document.location.href='admin.".EXT."?sessionID=$sessionID&amp;".
           "load".$inName."=".$_ID."'\" />".
           "<input type='button' class='button' style='width:100px'".
           " value='".$lang['delete']."' ".
           "onclick=\"del('del".$inName."=".$_ID."')\" />$_y</td></tr></table>".
           "</td></tr>";
    }
    echo "</table>";
  }

  function makeModlist ( $inName, $inList ) {
    // prints a list of tables with delete- and edit-buttons
    global $lang,$sessionID;

    $reason = 0;
    if ($inName == "entry") {
      $query = vgb_query("select * from VGB_EMAIL where ID = 5");
      $mail = vgb_result($query);
      if ($mail['ACTIVE'] && (!is_null($mail['MESSAGE'])))
        $reason = (eregi("::reason::",$mail['MESSAGE']) > 0) ? 1 : 0;
    }
    echo "<table align='center'>";
    foreach ($inList as $_ID => $_content) {
      echo "<tr><td><table border='2' cellpadding='0' cellspacing='0'".
           " bgcolor='#FFFFFF' width='450'>".
           "<tr><td width='350' valign='top' align='left'>".
           $_content."</td><td width='100' valign='top' class='bglist' align='center'>".
           "<input type='button' class='button' style='width:100px'".
           " value='".$lang['accept']."' ".
           "onclick=\"document.location.href='admin.".EXT."?sessionID=$sessionID&amp;".
           "accept".$inName."=".$_ID."'\" />".
           "<input type='button' class='button' style='width:100px'".
           " value='";
           if ($inName == "entry")
             echo $lang['editComment'];
           else
             echo $lang['edit'];
           echo "' ";
      echo "onclick=\"document.location.href='admin.".EXT."?sessionID=$sessionID&amp;".
           "load".$inName."=".$_ID."'\" />".
           "<input type='button' class='button' style='width:100px'".
           " value='".$lang['reject']."' ".
           "onclick=\"reject";
      if ($reason) {
        $query = vgb_query("select * from VGB_ENTRY where ID = ".$_ID);
        if (vgb_numrows($query) > 0) {
          $entry = vgb_result($query);
          if (!is_null($entry['EMAIL']))
            echo "2";
        }
      }
      echo "('reject".$inName."=".$_ID."')\" /></td></tr></table>".
           "</td></tr>";
    }
    echo "</table>";
  }
?>
  </body>
</html>
Return current item: YW-GuestBook