$user_arr[4]"; }
else{ $my_names[$user_arr[2]] = "$user_arr[4]"; }
$name_to_nick[$user_arr[2]] = $user_arr[4];
}
else
{
if($user_arr[7] != 1 and $user_arr[5] != ""){ $my_names[$user_arr[2]] = "$user_arr[2]"; }
else{ $my_names[$user_arr[2]] = "$user_arr[2]"; }
$name_to_nick[$user_arr[2]] = $user_arr[2];
}
if($user_arr[7] != 1){ $my_mails[$user_arr[2]] = $user_arr[5]; }
else{ $my_mails[$user_arr[2]] = ""; }
$my_passwords[$user_arr[2]] = $user_arr[3];
$my_users[] = $user_arr[2];
}
}
//####################################################################################################################
// Add Comment
//####################################################################################################################
if($allow_add_comment){
$name = trim($name);
if(!$ip){
if(isset($HTTP_X_FORWARDED_FOR)){ $ip = $HTTP_X_FORWARDED_FOR; }
elseif(isset($HTTP_CLIENT_IP)) { $ip = $HTTP_CLIENT_IP; }
if($ip == "") { $ip = $REMOTE_ADDR; }
if($ip == "") { $ip = "not detected";}
}
// Check Flood Protection
if($config_flood_time != 0 and $config_flood_time != "" ){
if(flooder($ip, $id) == TRUE ){
echo("
Включена защита от флуда!!!
Подождите $config_flood_time сек. после Вашей последней публикации.
");
$CN_HALT = TRUE;
break 1;
}
}
// Check if IP is banned
$blockip = FALSE;
$old_ips = file("$cutepath/data/ipban.db.php");
$new_ips = fopen("$cutepath/data/ipban.db.php", "w");
@flock ($new_ips,2);
foreach($old_ips as $old_ip_line){
$ip_arr = explode("|", $old_ip_line);
if($ip_arr[0] != $ip){
fwrite($new_ips, $old_ip_line);
}else{
$countblocks = $ip_arr[1] = $ip_arr[1] + 1;
fwrite($new_ips, "$ip|$countblocks||\n"); $blockip = TRUE;
}
}
@flock ($new_ips,3);
fclose($new_ips);
if($blockip){
echo("Извините, но Вам запрещено публиковать комментарии!
");
$CN_HALT = TRUE;
break 1;
}
// Check if name is Protected
$is_member = FALSE;
foreach($all_users as $member_db_line)
{
if(!eregi("<\?",$member_db_line) and $member_db_line != ""){
$user_arr = explode("|",$member_db_line);
//if the name is protected
if((strtolower($user_arr[2]) == strtolower($name) or strtolower($user_arr[4]) == strtolower($name)) and $user_arr[3] != md5($password) and $name != "")
{
// $comments = replace_comment("add", $comments); //commented because will mess up the
$comments = preg_replace(array("'\"'", "'\''", "''"), array(""", "'", ""), $comments);
$name = replace_comment("add", preg_replace("/\n/", "",$name));
$mail = replace_comment("add", preg_replace("/\n/", "",$mail));
echo"Пользователь с таким именем зарегистрирован в системе. Введите пароль:
";
$CN_HALT = TRUE;
break 2;
// exit();
}
if(strtolower($user_arr[2]) == strtolower($name)) $is_member = TRUE;
}
}
// Check if only members can post comments
if($config_only_registered_comment == "yes" and !$is_member){
echo"Извините, '$name', только зарегистрированные пользователи могут оставлять комментарии.
";
$CN_HALT = TRUE;
break 1;
}
//* Wrap long words
if($config_auto_wrap > 1){
$comments_arr = explode("\n", $comments);
foreach($comments_arr as $line){
$wraped_comm .= ereg_replace("([^ \/\/]{".$config_auto_wrap."})","\\1\n", $line) ."\n";
}
if(strlen($name) > $config_auto_wrap){ $name = substr($name, 0, $config_auto_wrap)." ..."; }
$comments = $wraped_comm;
}
//*/
$comments = replace_comment("add", $comments);
$name = replace_comment("add", preg_replace("/\n/", "",$name));
$mail = replace_comment("add", preg_replace("/\n/", "",$mail));
if($name == " " or $name == ""){
echo("");
$CN_HALT = TRUE;
break 1;
}
if($mail == " " or $mail == ""){ $mail = "none"; }
else{ $ok = FALSE;
if(preg_match("/^[\.A-z0-9_\-]+[@][A-z0-9_\-]+([.][A-z0-9_\-]+)+[A-z]{1,4}$/", $mail)) $ok = TRUE;
elseif($config_allow_url_instead_mail == "yes" and preg_match("/((http(s?):\/\/)|(www\.))([\w\.]+)([\/\w+\.-?]+)/", $mail)) $ok = TRUE;
elseif($config_allow_url_instead_mail != "yes"){
echo("");
$CN_HALT = TRUE;
break 1;
}
else{
echo("");
$CN_HALT = TRUE;
break 1;
}
}
if($comments == ""){
echo("");
$CN_HALT = TRUE;
break 1;
}
// Added by avz 20090823
@session_start();
if (! (isset($_SESSION["captcha"]) && $_SESSION["captcha"]===$_POST["captcha"]) ) {
echo "";
$CN_HALT = TRUE;
break 1;
}
unset($_SESSION["captcha"]);
$time = time()+($config_date_adjust*60);
// Add the Comment
$old_comments = file("$comm_file");
$new_comments = fopen("$comm_file", "w");
@flock ($new_comments,2);
$found = FALSE;
foreach($old_comments as $old_comments_line)
{
$old_comments_arr = explode("|>|", $old_comments_line);
if($old_comments_arr[0] == $id)
{
$old_comments_arr[1] = trim($old_comments_arr[1]);
fwrite($new_comments, "$old_comments_arr[0]|>|$old_comments_arr[1]$time|$name|$mail|$ip|$comments||\n");
$found = TRUE;
}else{
fwrite($new_comments, $old_comments_line);
}
}
if(!$found){ fwrite($new_comments, "$id|>|$time|$name|$mail|$ip|$comments||\n"); }
@flock ($new_comments,3);
fclose($new_comments);
// Add Flood Protection
if($config_flood_time != "0" and $config_flood_time != "" ){
$flood_file = fopen("$cutepath/data/flood.db.php", "a");
@flock ($flood_file,2);
fwrite($flood_file, time()."|$ip|$id|\n");
@flock ($flood_file,3);
fclose($flood_file);
}
// Email upon comment posting
$mailto="webmaster@somesite.ua";
$subject="New comment from $name";
$body="Имя: $name\nIP: $ip\nE-mail: $mail\n\nКомментарий к новостям:\n$comments";
$headers = "From: $mail\n";
$headers .= "X-Mailer: PHP\n";
$headers .= "Content-Type: text/plain; charset=windows-1251";
mail($mailto, $subject, $body, $headers);
// Email thx to visitor who send comment
$mailto="$mail";
$subject="Your comment received";
$body="Уважаемый, $name.\nСпасибо, что оставили комментарий к новостям на нашем сайте.\nНадеемся, что Вам понравился наш сайт и Вы еще зайдете на него ;)\n\nВаш комментарий:\n$comments";
$headers = "From: webmaster@somesite.ua\n";
$headers .= "X-Mailer: PHP\n";
$headers .= "Content-Type: text/plain; charset=windows-1251";
mail($mailto, $subject, $body, $headers);
}
//####################################################################################################################
// Show Full Story
//####################################################################################################################
if($allow_full_story){
$all_active_news = file("$news_file");
foreach($all_active_news as $active_news)
{
$news_arr = explode("|", $active_news);
if($news_arr[0] == $id and (!$catid or $catid == $news_arr[6]))
{
$found = TRUE;
/* Counter of views */
$article_counter = file("$cutepath/data/counter.txt");
$article_counteradd = fopen("$cutepath/data/counter.txt", w);
foreach ($article_counter as $counter_line)
{
$count_arr = explode("|", $counter_line);
if ($count_arr[0] != $news_arr[0])
{
fwrite($article_counteradd, $counter_line);
}
else
{
$foundcount = 1;
$count=$count_arr[1];
$count++;
fwrite ($article_counteradd, "$count_arr[0]|$count|\n");
}
}
if ($foundcount != 1)
{
$foundcount = 1;
fwrite ($article_counteradd, "$news_arr[0]|1|\n");
}
fclose ($article_counteradd);
/* Counter of views */
if($news_arr[4] == "" and (!eregi("\{short-story\}", $template_full)) ){ $news_arr[4] = $news_arr[3]; }
if($my_names[$news_arr[1]]){ $my_author = $my_names[$news_arr[1]]; }
else{ $my_author = $news_arr[1]; }
$output = str_replace("{title}", $news_arr[2], $template_full);
$output = str_replace("{date}", langdate($config_timestamp_active, $news_arr[0]), $output);
$output = str_replace("{author}", $my_author, $output);
$output = str_replace("{short-story}", $news_arr[3], $output);
$output = str_replace("{full-story}", $news_arr[4], $output);
if($news_arr[5] != ""){$output = str_replace("{avatar}", "", $output); }
else{ $output = str_replace("{avatar}", "", $output); }
$output = str_replace("{avatar-url}", "$news_arr[5]", $output);
$output = str_replace("{comments-num}", countComments($news_arr[0], $archive), $output);
$output = str_replace("{category}", $cat[$news_arr[6]], $output);
$output = str_replace("{category-id}", $news_arr[6], $output);
if($cat_icon[$news_arr[6]] != ""){ $output = str_replace("{category-icon}", "", $output); }
else{ $output = str_replace("{category-icon}", "", $output); }
if($config_comments_popup == "yes"){
$output = str_replace("[com-link]","", $output);
}else{
$output = str_replace("[com-link]","", $output);
}
$output = str_replace("[/com-link]","", $output);
$output = str_replace("{author-name}", $name_to_nick[$news_arr[1]], $output);
if($my_mails[$news_arr[1]] != ""){
$output = str_replace("[mail]","", $output);
$output = str_replace("[/mail]","", $output);
}else{
$output = str_replace("[mail]","", $output);
$output = str_replace("[/mail]","", $output);
}
$output = str_replace("{news-id}", $news_arr[0], $output);
$output = str_replace("{archive-id}", $archive, $output);
$output = str_replace("{php-self}", $PHP_SELF, $output);
$output = str_replace("{cute-http-path}", $config_http_script_dir, $output);
// XFields Call
$xfieldsaction = "templatereplace";
$xfieldsinput = $output;
$xfieldsid = $news_arr[0];
include("xfields.mdu");
$output = $xfieldsoutput;
// End XFields Call
$output = replace_news("show", $output);
echo $output;
}
}
if(!$found){
echo("Не найдена новость с таким id: $id
");
$CN_HALT = TRUE;
break 1;
}
}
//####################################################################################################################
// Show Comments
//####################################################################################################################
if($allow_comments){
$all_comments = file("$comm_file");
foreach($all_comments as $comment_line)
{
$comment_line = trim($comment_line);
$comment_line_arr = explode("|>|", $comment_line);
if($id == $comment_line_arr[0])
{
$individual_comments = explode("||", $comment_line_arr[1]);
if($config_reverse_comments == "yes"){ $individual_comments = array_reverse($individual_comments); }
foreach($individual_comments as $comment)
{
$comment_arr = explode("|", $comment);
if($comment_arr[0] != "")
{
$comment_arr[4] = stripslashes(rtrim($comment_arr[4]));
if($comment_arr[2] != "none"){
if( preg_match("/^[\.A-z0-9_\-]+[@][A-z0-9_\-]+([.][A-z0-9_\-]+)+[A-z]{1,4}$/", $comment_arr[2])){ $url_target = "";$mail_or_url = "mailto:"; }
else{
$url_target = "target=\"_blank\"";
$mail_or_url = "";
if(substr($comment_arr[2],0,3) == "www"){ $mail_or_url = "http://"; }
}
$output = str_replace("{author}", "".stripslashes($comment_arr[1])."", $template_comment);
}
else{ $output = str_replace("{author}", $comment_arr[1], $template_comment); }
$comment_arr[4] = preg_replace("/\b((http(s?):\/\/)|(www\.))([\w\.]+)([\/\w+\.-?]+)\b/i", "$2$4$5$6", $comment_arr[4]);
$comment_arr[4] = preg_replace("/([\w\.]+)(@)([\w\.]+)/i", "$0", $comment_arr[4]);
$output = str_replace("{mail}", "$comment_arr[2]",$output);
$output = str_replace("{date}", langdate($config_timestamp_comment, $comment_arr[0]),$output);
$output = str_replace("{comment-id}", $comment_arr[0],$output);
$output = str_replace("{comment}", "$comment_arr[4]",$output);
$output = replace_comment("show", $output);
echo $output;
}
}
}
}
$template_form = str_replace("{config_http_script_dir}", "$config_http_script_dir", $template_form);
$smilies_form = "\n
".insertSmilies('short', FALSE);
$template_form = str_replace("{smilies}", $smilies_form, $template_form);
echo"";
}
//####################################################################################################################
// Active News
//####################################################################################################################
if($allow_active_news){
$all_news = file("$news_file");
if($reverse == TRUE){ $all_news = array_reverse($all_news); }
$count_all = 0;
if(isset($category) and $category != ""){
foreach($all_news as $news_line){
$news_arr = explode("|", $news_line);
if($requested_cats and $requested_cats[$news_arr[6]] == TRUE){ $count_all ++; }
else{ continue; }
}
}else{ $count_all = count($all_news); }
$i = 0;
$showed = 0;
$repeat = TRUE;
$url_archive = $archive;
while($repeat != FALSE){
foreach($all_news as $news_line){
$news_arr = explode("|", $news_line);
if($category and $requested_cats[$news_arr[6]] != TRUE){ continue; }
if(isset($start_from) and $start_from != ""){
if($i < $start_from){ $i++; continue; }
elseif($showed == $number){ break; }
}
if($my_names[$news_arr[1]]){ $my_author = $my_names[$news_arr[1]]; }
else{ $my_author = $news_arr[1]; }
$output = $template_active;
/* Counter of views */
$article_counter = file("$cutepath/data/counter.txt");
foreach ($article_counter as $counter_line)
{
$count_arr = explode("|", $counter_line);
if ($count_arr[0] == $news_arr[0])
{
$output = str_replace ("{views}", $count_arr[1], $output);
}
}
$output = str_replace ("{views}", "0", $output);
/* Counter of views */
$output = str_replace("{title}", $news_arr[2], $output);
$output = str_replace("{date}", langdate($config_timestamp_active, $news_arr[0]), $output);
$output = str_replace("{author}", $my_author, $output);
if($news_arr[5] != ""){$output = str_replace("{avatar}", "", $output); }
else{ $output = str_replace("{avatar}", "", $output); }
$output = str_replace("{avatar-url}", "$news_arr[5]", $output);
$output = str_replace("[link]","", $output);
$output = str_replace("[/link]","", $output);
$output = str_replace("{comments-num}", countComments($news_arr[0], $archive), $output);
$output = str_replace("{short-story}", $news_arr[3], $output);
$output = str_replace("{full-story}", $news_arr[4], $output);
$output = str_replace("{category}", $cat[$news_arr[6]], $output);
$output = str_replace("{category-id}", $news_arr[6], $output);
if($cat_icon[$news_arr[6]] != ""){ $output = str_replace("{category-icon}", "", $output); }
else{ $output = str_replace("{category-icon}", "", $output); }
$output = str_replace("{author-name}", $name_to_nick[$news_arr[1]], $output);
if($my_mails[$news_arr[1]] != ""){
$output = str_replace("[mail]","", $output);
$output = str_replace("[/mail]","", $output);
}else{
$output = str_replace("[mail]","", $output);
$output = str_replace("[/mail]","", $output);
}
$output = str_replace("{news-id}", $news_arr[0], $output);
$output = str_replace("{archive-id}", $archive, $output);
$output = str_replace("{php-self}", $PHP_SELF, $output);
$output = str_replace("{cute-http-path}", $config_http_script_dir, $output);
$output = replace_news("show", $output);
if($news_arr[4] != "" or $action == "showheadlines"){//if full story
if($config_full_popup == "yes"){
$output = preg_replace("/\\[full-link\\]/","", $output);
}else{
$output = str_replace("[full-link]","", $output);
}
$output = str_replace("[/full-link]","", $output);
}else{
$output = preg_replace("'\\[full-link\\].*?\\[/full-link\\]'si","", $output);
}
if($config_comments_popup == "yes"){
$output = str_replace("[com-link]","", $output);
}else{
$output = str_replace("[com-link]","", $output);
}
$output = str_replace("[/com-link]","", $output);
echo $output;
$showed++;
$i++;
if($number != 0 and $number == $i){ break; }
}
$used_archives[$archive] = TRUE;
// Archives Looop
if($i < $number and $only_active != TRUE){
if(!$handle = opendir("$cutepath/data/archives")){ die("Невозможно открыть папку $cutepath/data/archives
"); }
while (false !== ($file = readdir($handle)))
{
if($file != "." and $file != ".." and eregi("news.arch", $file))
{
$file_arr = explode(".",$file);
$archives_arr[$file_arr[0]] = $file_arr[0];
}
}
closedir($handle);
$archives_arr[$in_use]="";
$in_use = max($archives_arr);
if($in_use != "" and !$used_archives[$in_use]){
$all_news = file("$cutepath/data/archives/$in_use.news.arch");
$archive = $in_use;
$used_archives[$in_use] = TRUE;
}else{ $repeat = FALSE; }
}else{ $repeat = FALSE; }
}
// << Previous & Next >>
$prev_next_msg = $template_prev_next;
//----------------------------------
// Previous link
//----------------------------------
if(isset($start_from) and $start_from != "" and $start_from > 0){
$prev = $start_from - $number;
$prev_next_msg = preg_replace("'\[prev-link\](.*?)\[/prev-link\]'si", "\\1", $prev_next_msg);
}else{ $prev_next_msg = preg_replace("'\[prev-link\](.*?)\[/prev-link\]'si", "\\1", $prev_next_msg); $no_prev = TRUE; }
//----------------------------------
// Pages
//----------------------------------
if($number){
$pages_count = @ceil($count_all/$number);
$pages_start_from = 0;
$pages = "";
for($j=1;$j<=$pages_count;$j++){
if($pages_start_from != $start_from){ $pages .= "$j "; }
else{ $pages .= " $j "; }
$pages_start_from += $number;
}
$prev_next_msg = str_replace("{pages}", $pages, $prev_next_msg);
}
//----------------------------------
// News link
//----------------------------------
if($number < $count_all and $i < $count_all){
$prev_next_msg = preg_replace("'\[next-link\](.*?)\[/next-link\]'si", "\\1", $prev_next_msg);
}else{ $prev_next_msg = preg_replace("'\[next-link\](.*?)\[/next-link\]'si", "\\1", $prev_next_msg); $no_next = TRUE;}
if (!$no_prev or !$no_next){ echo $prev_next_msg; }
}
}while(0);
?>