Файл: sources/add.php
Строк: 196
<?php
if (!defined('VAPHP'))
{
die("Этот файл недоступен.");
}
class add extends add_edit
{
function add() {
global $FORM, $LNG, $TMPL;
$TMPL['header'] = $LNG['add_header'];
$TMPL['error_style_top'] = '';
$TMPL['error_top'] = '';
$TMPL['error_url'] = '';
$TMPL['error_style_url'] = '';
$TMPL['error_urlbl'] = '';
$TMPL['error_style_urlbl'] = '';
$TMPL['error_name'] = '';
$TMPL['error_style_name'] = '';
$TMPL['error_description'] = '';
$TMPL['error_style_description'] = '';
$TMPL['error_category'] = '';
$TMPL['error_style_category'] = '';
$TMPL['error_email'] = '';
$TMPL['error_style_email'] = '';
$TMPL['error_banner_url'] = '';
$TMPL['error_style_banner_url'] = '';
$TMPL['error_captcha'] = '';
$TMPL['error_style_captcha'] = '';
if (!isset($FORM['submit']))
{
$this->form();
}
else
{
$this->process();
}
}
function form() {
global $CONF, $FORM, $LNG, $TMPL;
$TMPL['backlink_view'] = $CONF['backlink_view'];
// Отображать защиту картинкой?
if ($CONF['captcha'])
{
$TMPL['rand'] = rand(1, 1000000);
$TMPL['add_captcha'] = $this->do_skin('add_captcha');
}
else {
$TMPL['add_captcha'] = '';
}
if ($CONF['backlink_require'])
{
$TMPL['add_bl_view'] = $this->do_skin('add_bl_view');
if (!isset($TMPL['urlbl'])) { $TMPL['urlbl'] = 'http://'; }
if (isset($TMPL['urlbl'])) { $TMPL['urlbl'] = stripslashes($TMPL['urlbl']); }
$TMPL['add_urlbl'] = $this->do_skin('add_urlbl');
}
else
{
$TMPL['add_bl_view'] = '';
$TMPL['add_urlbl'] = '';
}
$TMPL['categories_menu'] = "<select name="category" class="LongInput">n";
foreach ($CONF['categories'] as $idcat => $cat)
{
$TMPL['categories_menu'] .= "<option value="">{$cat}</option>n";
if(!isset($CONF['subcategories'][$idcat])) continue;
foreach ($CONF['subcategories'][$idcat] as $id => $subcat)
{
if (isset($TMPL['category']) && $TMPL['category'] == $id)
{
$TMPL['categories_menu'] .= "<option value="{$id}" selected="selected"> - {$subcat}</option>n"; "<option value="{$cat}" selected="selected">{$cat}</option>n";
}
else {
$TMPL['categories_menu'] .= "<option value="{$id}"> - {$subcat}</option>n";
}
}
}
$TMPL['categories_menu'] .= "</select>";
if ($CONF['max_banner_width'] && $CONF['max_banner_height'])
{
$TMPL['add_banner_size'] = sprintf($LNG['add_banner_size'], $CONF['max_banner_width'], $CONF['max_banner_height']);
}
else {
$TMPL['add_banner_size'] = '';
}
if (!isset($TMPL['url'])) { $TMPL['url'] = 'http://'; }
if (!isset($TMPL['name'])) { $TMPL['name'] = ''; }
if (!isset($TMPL['description'])) { $TMPL['description'] = ''; }
if (!isset($TMPL['banner_url'])) { $TMPL['banner_url'] = 'http://'; }
if (!isset($TMPL['email'])) { $TMPL['email'] = ''; }
if (isset($TMPL['url'])) { $TMPL['url'] = stripslashes($TMPL['url']); }
if (isset($TMPL['name'])) { $TMPL['name'] = stripslashes($TMPL['name']); }
if (isset($TMPL['description'])) { $TMPL['description'] = stripslashes($TMPL['description']); }
if (isset($TMPL['category'])) { $TMPL['category'] = stripslashes($TMPL['category']); }
if (isset($TMPL['banner_url'])) { $TMPL['banner_url'] = stripslashes($TMPL['banner_url']); }
if (isset($TMPL['banner_url']) && $TMPL['banner_url'] == "{$CONF['skins_image']}/nobanner.gif") { $TMPL['banner_url'] = $TMPL['banner_url'] = 'http://'; }
if (isset($TMPL['email'])) { $TMPL['email'] = stripslashes($TMPL['email']); }
$LNG['g_name'] = sprintf($LNG['g_name'], $CONF['max_name']);
if($CONF['min_descr'])
{
$LNG['add_description'] = sprintf($LNG['add_description_min'], $CONF['min_descr'], $CONF['max_descr']);
}else
{
$LNG['add_description'] = sprintf($LNG['add_description'], $CONF['max_descr']);
}
$TMPL['content'] = $this->do_skin('add_form');
}
function process()
{
global $CONF, $DB, $FORM, $LNG, $TMPL;
$TMPL['url'] =trim($FORM['url']);
$TMPL['urlbl'] =trim($FORM['urlbl']);
$TMPL['name'] =trim($FORM['name']);
$TMPL['description'] =trim($FORM['description']);
$TMPL['banner_url'] =trim($FORM['banner_url']);
$TMPL['email'] =trim($FORM['email']);
// Фильтруем URLы и e-mail
$TMPL['url'] = ereg_replace("[^a-zA-Z0-9_=?&./:-]", "", $TMPL['url']);
$TMPL['urlbl'] = ereg_replace("[^a-zA-Z0-9_=?&./:-]", "", $TMPL['urlbl']);
$TMPL['banner_url'] = ereg_replace("[^a-zA-Z0-9_=?&./:-]", "", $TMPL['banner_url']);
$TMPL['email'] = ereg_replace("[^a-zA-Z0-9_@.-]", "", $TMPL['email']);
$TMPL['url'] = $DB->escape($TMPL['url'], 1);
$TMPL['urlbl'] = $DB->escape($TMPL['urlbl'], 1);
$TMPL['name'] = $DB->escape($TMPL['name'], 1);
$TMPL['description'] = str_replace(array("rn","r","n"), ' ', $TMPL['description']);
$TMPL['description'] = $DB->escape($TMPL['description'], 1);
$TMPL['category'] = intval($FORM['category']);
$TMPL['banner_url'] = $DB->escape($TMPL['banner_url'], 1);
$TMPL['email'] = $DB->escape($TMPL['email'], 1);
$TMPL['name'] = $this->bad_words($TMPL['name']);
$TMPL['description'] = $this->bad_words($TMPL['description']);
if ($this->check_ban('add'))
{
if ($this->check_input('add'))
{
$URL_host=parse_url($TMPL['url']);
$URL_host=$URL_host['host'];
$timecheck_next=time()+86400*$CONF['backlink_check'];
$user_ip = $_SERVER['REMOTE_ADDR'];
$add_date = date('Y-m-d', time());
if ($CONF['backlink_require']==0 or $CONF['active_default']==0) $check_flag=0;
else $check_flag=1;
$DB->query("INSERT INTO {$CONF['sql_prefix']}_sites (idsubcat, URL_host, URL, banner_url, URL_backlink, name, description, email, visib, timecheck_next, check_flag, check_possible, check_admin, add_date, user_ip)
VALUES ('{$TMPL['category']}', '{$URL_host}', '{$TMPL['url']}', '{$TMPL['banner_url']}', '{$TMPL['urlbl']}', '{$TMPL['name']}', '{$TMPL['description']}', '{$TMPL['email']}', '{$CONF['active_default']}', '{$timecheck_next}', '{$check_flag}', '{$CONF['backlink_require']}', '{$CONF['active_default']}', '{$add_date}', '{$user_ip}')", __FILE__, __LINE__);
$id=mysql_insert_id();
$TMPL['static_url_href'] = "<a href="{$CONF['site_url']}/site/$id">{$CONF['site_url']}/site/$id</a>";
$TMPL['static_url'] = "{$CONF['site_url']}/site/$id";
$LNG['add_welcome'] = sprintf($LNG['add_welcome'], $TMPL['list_name']);
if ($CONF['mail_to_admin'])
{
$LNG['add_welcome_admin'] = sprintf($LNG['add_welcome_admin'], $TMPL['site_url']);
list($TMPL['subcatname']) = $DB->fetch("SELECT name FROM {$CONF['sql_prefix']}_subcat WHERE id = '{$TMPL['category']}'", __FILE__, __LINE__);
$add_email_admin = new skin('add_email_admin');
$add_email_admin->send_email($CONF['your_email']);
}
if ($CONF['active_default'])
{
if($CONF['mail_to_user'])
{
$add_email = new skin('add_email');
$add_email->send_email($TMPL['email']);
}
$TMPL['content'] = $this->do_skin('add_finish');
}
else {
$TMPL['content'] = $this->do_skin('add_finish_approve');
}
}else {
$this->form();
}
}else {
$this->form();
}
}
}
?>