probleme bei der teambox - NetVision-Technik

D@rk-€vil™ · 01.08.2009, 13:33

dann nimm die teambox.php mal

Code:

<?
/**********************************

ShoutBox
by GhostHunter

**********************************/
require_once("include/functions.php");
dbconn(false);

loggedinorreturn();

if ($CURUSER) {
        $ss_a = @mysql_fetch_assoc(@mysql_query("SELECT `uri` FROM `stylesheets` WHERE `id`=" . $CURUSER["stylesheet"]));
        if ($ss_a) $GLOBALS["ss_uri"] = $ss_a["uri"];
    }

    if (!$GLOBALS["ss_uri"]) {
        ($r = mysql_query("SELECT `uri` FROM `stylesheets` WHERE `default`='yes'")) or die(mysql_error());
        ($a = mysql_fetch_assoc($r)) or die(mysql_error());
        $GLOBALS["ss_uri"] = $a["uri"];
        }

if ($CURUSER["shoutboxpos"] == 'no')
stderr("Sorry...", "You are not authorized to post in the shoutbox.  (<a href=\"inbox.php#up\">Read Your Inbox</a>)");

if (isset($_GET['del']))
{
if (is_numeric($_GET['del']))
{
$query = "SELECT * FROM teambox WHERE id=".$_GET['del'];
$result = mysql_query($query);
}
else {
echo "<center>Invalid message ID</center>";
exit;}

$row = mysql_fetch_row($result);

if ( (get_user_class() >= UC_ADMINISTRATOR) )
{
$query = "DELETE FROM teambox WHERE id=".$_GET['del'];
mysql_query($query);
}
}

?>
<head>

<title>Die TeamBox</title>
<style type="text/css">
A {color: #000000; font-weight: bold; }
A:hover {color: #9966FF;}
.small {font-size: 8.89pt; font-family: tahoma; }
.date {font-size: 7pt;}
</style>
<link rel="stylesheet" href="<?=$GLOBALS["PIC_BASE_URL"] . $GLOBALS["ss_uri"] . "/" . $GLOBALS["ss_uri"]?>.css" type="text/css">
<META HTTP-EQUIV=REFRESH CONTENT="90; URL=teambox.php">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body background="/pic/back2.jpg" style="background-attachment: fixed;"">
<?
if ($CURUSER["shoutpost"] != "yes")
{
         stdmsg("Sorry...", "Es ist Dir nicht gestattet, in der Shoutbox zu posten!");
         stdfoot();
         exit;
}

$text=trim($_GET["tbox_text"]);
if($_GET["sent"]=="yes" && $text !="")
{
$userid=$CURUSER["id"];
$username=$CURUSER["username"];
$date=time();
$text=trim($_GET["tbox_text"]);



if ($CURUSER["username"] == "Dragon1979")
$text= "". $text ."";


if ($CURUSER["username"] == "samhawkins")
$text= "". $text ."";

if ($CURUSER["username"] == "sunrise")
$text= "". $text ."";

if ($CURUSER["username"] == "OneOfSix")
$text= "". $text ."";


if ($CURUSER["username"] == "Kingqool")
$text= "". $text ."";


if ($CURUSER["username"] == "coverjaeger")
$text= "". $text ."";

mysql_query("INSERT INTO teambox (id, userid, username, date, text) VALUES ('id', $userid, " . sqlesc($username) . ", $date, " . sqlesc($text) . ")") or sqlerr(__FILE__, __LINE__);
}

$res = mysql_query("SELECT * FROM teambox ORDER BY date DESC LIMIT 70") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0)
print("\n");
else
{
print("<table border=0 cellspacing=0 cellpadding=2 width='100%' align='left' class='small'>\n");

while ($arr = mysql_fetch_assoc($res))
{
$res2 = mysql_query("SELECT username,class,avatar,donor,title,enabled,warned FROM users WHERE id=$arr[userid]") or sqlerr(__FILE__, __LINE__);
$arr2 = mysql_fetch_assoc($res2);

if (get_user_class() >= UC_ADMINISTRATOR) {
$del="[<a href=/teambox.php?del=".$arr[id].">del</a>]";
}

print("<tr><td><a href='userdetails.php?id=".$arr["userid"]."' target='_top'><font class=".get_class_color($arr2["class"]).">".$arr["username"]."</font></a> <span class='date'>(".strftime("%d.%m. %H:%M",$arr["date"]).")</span>: ".format_comment($arr["text"])." $del</td></tr>\n");}
print("</table>");
}
?>
</body>
</html>

und das nächste mal bitte dran denken das du mit keine nv am rumbasteln bist grins

lg darki

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, G?ste: 1)