<?php
/*
CREATIVE COMMONS - Attribution-No Derivative Works 3.0 Germany:
- You may not alter, transform, or build upon this work.
- Dieses Werk darf nicht bearbeitet oder in anderer Weise verändert werden.
*/
header("content-type: text/html; charset=utf-8");
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html;charset=utf-8" />
<link rel="stylesheet" type="text/css" media="screen, print" href="../styles/gigkalender.css" />
<title></title>
</head>
<body>';
// Pfad definieren
$Path = str_replace('\\','/', __FILE__);
$Path = str_replace('guestbook/guestbook_edit.php', '', $Path);
// Funktionen inkludieren
include_once ($Path."gigkalender.ini.php");
include_once ($Path."functions/standard.php");
include_once ("functions.php");
include_once($Path."includes/frontend_language_selector.php");
if (isset($_REQUEST['http-equiv'])) $http_equiv = $_REQUEST['http-equiv'];
else $http_equiv = '';
// Inhalt-Anfang
// Variablen definieren
if (isset($_POST['gb_name'])) {$gb_name = $_POST['gb_name'];} else {$gb_name = '';}
if (isset($_POST['gb_ort'])) {$gb_ort = $_POST['gb_ort'];} else {$gb_ort = '';}
if (isset($_POST['gb_email'])) {$gb_email = $_POST['gb_email'];} else {$gb_email = '';}
if (isset($_POST['gb_url'])) {$URL = $_POST['gb_url'];} else {$URL = '';}
if (isset($_POST['gb_icq'])) {$gb_icq = $_POST['gb_icq'];} else {$gb_icq = '';}
if (isset($_POST['gb_text'])) {$gb_text = $_POST['gb_text'];} else {$gb_text = '';}
if (isset($_POST['gb_kommentar'])) {$gb_kommentar = $_POST['gb_kommentar'];} else {$gb_kommentar = '';}
if (isset($_POST['senden'])) {$senden = $_POST['senden'];} else {$senden = '';}
$gb_ip = $_SERVER['REMOTE_ADDR'];
$Code = $_REQUEST['code'];
echo '<div id="GigKalender"><div class="Guestbook">';
if ( $_REQUEST['code']!="" )
{
if ( isGuestbookEntryPresent( $_REQUEST['code']) )
{
if
(
($senden!="")
&& ($gb_name!="")
&& ($gb_text!="")
&&
(
( ($gb_email!="") && checkEmail ($gb_email) )
OR
( ($gb_email=="") )
)
&&
(
( ($URL!="") && checkURL ($URL) )
OR
( ($URL=="http://") )
OR
( ($URL=="") )
)
&&
(
( ($gb_icq!="") && checkICQNumber ($gb_icq) )
OR
( ($gb_icq=="") )
)
&& (!messageIsSpam ($gb_text, $gb_ip, $URL, ''))
)
{
if ( $URL=="http://" ) { $URL=""; }
$gb_kommentar = strip_tags($gb_kommentar);
$sql = "UPDATE ".$prefix."guestbook SET
Name = '".$gb_name."',
Email = '".$gb_email."',
URL = '".$URL."',
ICQ = '".$gb_icq."',
Nachricht = '".$gb_text."',
Kommentar = '".$gb_kommentar."',
Ort = '".$gb_ort."'
WHERE Code = '".$Code."'
LIMIT 1";
$resultat = mysql_query($sql);
if ($resultat) { echo $L_165.'<br />'; }
else { echo $L_166.'<br />'; }
// URL bestimmen
if ( $SetupGuestbookURL=='' ) $URL = $http_equiv;
else $URL = $SetupGuestbookURL;
$URL = str_replace("&","&",$URL);
echo '<br /><br /><br /><a href="'.$URL.'">'.$L_155.'</a>';
}
else
{
if ( $senden=="" ) // nicht gesendet
{
// Datensatz-Ausgabe festlegen
$Code = $_REQUEST['code'];
$sql = "SELECT * FROM ".$prefix."guestbook WHERE Code = '$Code'";
$resultat = mysql_query($sql);
while ( $row = mysql_fetch_array($resultat))
{
extract($row);
$Name = $Name;
$Ort = $Ort;
$Email = $Email;
$URL = $URL;
$ICQ = $ICQ;
$Nachricht = $Nachricht;
$Kommentar = $Kommentar;
}
if ( $ICQ=='0' ) { $ICQ=''; }
}
else // gesendet
{
$Name = stripslashes($_POST['gb_name']);
$Ort = stripslashes($_POST['gb_ort']);
$Email = $_POST['gb_email'];
$URL = $_POST['gb_url'];
$ICQ = $_POST['gb_icq'];
$Nachricht = stripslashes($_POST['gb_text']);
$Kommentar = stripslashes($_POST['gb_kommentar']);
}
echo '<div id="GuestbookEntryForm">
<form method="post" action="'.$_SERVER['PHP_SELF'].'?page=edit&code='.$_REQUEST['code'].'">
<table summary="Formular">';
// Name
if (isset($_POST['senden']) && ($_POST['gb_name']==""))
{ echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_121.'</td></tr>'; }
$Name = htmlspecialchars($Name);
echo '<tr>
<td align="right" valign="top">'.$L_114.':</td>
<td><input type="text" name="gb_name" value="'.$Name.'" /></td>
<td valign="top">*</td>
</tr>';
// Ort
$Ort = htmlspecialchars($Ort);
echo '<tr>
<td align="right" valign="top">'.$L_GuestbookLocation.':</td>
<td><input type="text" name="gb_ort" value="'.$Ort.'" /></td>
<td valign="top"> </td>
</tr>';
// Email
if (isset($_POST['senden']) && $_POST['gb_email']!="" && !checkEmail ($_POST['gb_email']))
{ echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_122.'</td></tr>'; }
echo '<tr>
<td align="right" valign="top">'.$L_115.':</td>
<td><input type="text" name="gb_email" value="'.$Email.'" /></td>
<td valign="top"> </td>
</tr>';
// URL
if ( $URL=="" ) { $URL = "http://"; }
if ( !stristr($URL, "http://" ) ) { $URL = "http://".$URL; }
if (isset($_POST['senden']) && $_POST['gb_url']!="" && !checkURL ($URL))
{ echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_123.'</td></tr>'; }
echo '<tr>
<td align="right" valign="top">'.$L_116.':</td>
<td><input type="text" name="gb_url" value="'.$URL.'" /></td>
<td valign="top"> </td>
</tr>';
// ICQ
// ICQ-Nummer überprüfen
if ($senden!="" && $_POST['gb_icq']!="" && !checkICQNumber($gb_icq) )
{ echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_164.'</td><td></td></tr>'; }
echo '<tr>
<td align="right" valign="top">'.$L_118.':</td>
<td><input type="text" name="gb_icq" value="'.$ICQ.'" /></td>
<td valign="top"> </td>
</tr>';
// Nachricht
// Spamtest
if ($senden!='' && ((messageIsSpam ($gb_text, $gb_ip, $URL, '')=='word')))
{ echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_124.'</td><td></td></tr>'; }
if (isset($_POST['senden']) && ($_POST['gb_text']==""))
{ echo '<tr><td></td><td class="GuestbookErrorMessages">'.$L_125.'</td></tr>'; }
$Nachricht = htmlspecialchars($Nachricht);
echo '<tr>
<td align="right" valign="top">'.$L_026.':</td>
<td><textarea name="gb_text" rows="6" cols="">'.$Nachricht.'</textarea></td>
<td valign="top">*</td>
</tr>';
// Kommentar
$Kommentar = htmlspecialchars($Kommentar);
echo '<tr>
<td align="right" valign="top">'.$L_138.':</td>
<td><textarea name="gb_kommentar" rows="6" cols="">'.$Kommentar.'</textarea></td>
<td valign="top"> </td>
</tr>';
// Button
$SCRIPT_URI = str_replace("&","&",$_SERVER['HTTP_REFERER']);
echo '<tr>
<td> </td>
<td>
<input type="submit" value="'.$L_Button01.'" name="senden" class="button" />
<input type="hidden" name="http-equiv" value="'.$SCRIPT_URI.'" />
</td>
<td> </td>
</tr>
</table>
</form>
</div>';
}
}
else echo '<span class="ERROR">'.$L_217.' (Code: '.$_REQUEST['code'].')</span><br />';
}
else { echo '<span class="ERROR">'.$L_133.'</span>'; }
echo '</div></div>';
echo '</body>
</html>';
?>