File: /var/www/web37/htdocs/0900topliste/add.php
<?php
############################################
### Top-XL V.1.24 Free - Add user add.php ######
############################################
/// 1. You are NOT entiteld to rent, lease, transfer, reproduce or distribute this Software.
/// 2. You are entiteld to adapt, and modify the Software to your need.
/// 3. You can use this Script on all of YOUR Domains.
/// 4. Any modification or removal to the links in the footer and member area shall terminate this license immediately .
/// 5. The Script has been tested on different Servers and found free of any notable errors by the author. The Author shall not in any case be liable for any special, incidental indirect or other similar damages arising from the use of this Script.
/// 6. Author: Simon Zehender - Contact: http://www.derwebgestalter.de or http://www.paddelberg.de
////////////////////////////////////////////
////////////////////////////////////////////
@ini_set ('error_reporting', 0);
@error_reporting (0);
$scriptpath=$_SERVER['DOCUMENT_ROOT'];
////////////////////////////////////////
/// add.php - add new entry
///////////////////////////////////////
include("inc/sql.php");
include("inc/vars.php");
include("inc/functions.php");
$langget=get_lang($stanlang);
include("lang/members-".get_lang_file($langget,$stanlang,$langarray,$langdetect).".php");
$do = safety($_GET["do"]);
////////////////////////////////////////
/// if submit
///////////////////////////////////////
if ($addvalicode=="yes") {session_start();}
if ($do == "changeadd" or $do == "submitter")
{
if ($refereraddcheck=="yes")
{
$ref=$_SERVER["HTTP_REFERER"];
if (!$ref or $ref=="" or !eregi("http://",$ref))
{echo "No valid referer";exit;}
$topsiteurl1=get_dom($topsiteurl);
$ref=get_dom($ref);
if ($ref!=$topsiteurl1)
{echo "No valid referer";exit;}
}
if ($do == "submitter" and $addperget=="yes")
{
$name=safety($_GET["name"]);
$email=safety($_GET["email"]);
$url=safety($_GET["url"]);
$reciprocal=safety($_GET["reciprocal"]);
$bannerurl=safety($_GET["bannerurl"]);
$title=safety($_GET["title"]);
$description=safety($_GET["description"]);
$notes=safety($_GET["notes"]);
$pass=safety($_GET["pass"]);
$pass2=safety($_GET["pass2"]);
$rulechecker="yes";
}
else
{
$name=safety($_POST["name"]);
$email=safety($_POST["email"]);
$url=safety($_POST["url"]);
$reciprocal=safety($_POST["reciprocal"]);
$bannerurl=safety($_POST["bannerurl"]);
$title=safety($_POST["title"]);
$description=safety($_POST["description"]);
$notes=safety($_POST["notes"]);
$pass=safety($_POST["pass"]);
$pass2=safety($_POST["pass2"]);
$rulechecker=safety($_POST["rulechecker"]);
}
if ($addvalicode=="yes")
{
if ($_POST['valicode'] != $_SESSION['code'])
{$error32 = $errortext32;}
}
$urlslash = slashcheck($url);
if($urlslash == 3)
{$url = $url."/";}
$recislash = slashcheck($reciprocal);
if($recislash == 3)
{$reciprocal = $reciprocal."/";}
$urlcheckquery = mysql_query("SELECT url,reciprocal FROM $topxl_user_table WHERE reciprocal='$reciprocal' or url='$url'") or die ("mysql_error");
$urlcheck = @mysql_fetch_array($urlcheckquery);
$urlchkeckurl = $urlcheck[url];
$urlchkeckreciprocal = $urlcheck[reciprocal];
if (!$name)
{$error1 = $errortext1;}
if (strlen($name) > 60)
{$error1 = $errortext1b;}
if (!$email)
{$error2 = $errortext2;}
if (!eregi("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,4})$", trim($email)))
{$error2 = $errortext2a;}
if (strlen($email) > 255)
{$error2 = $errortext5b;}
if (!$url || strpos($url, 'http://') === false)
{$error3 = $errortext3;}
if (strlen($url) > 255)
{$error3 = $errortext5b;}
if ($urlchkeckurl == $url and $url and $url != "")
{$error3 = $errortext3a;}
if (!$reciprocal || strpos($reciprocal, 'http://') === false)
{$error4 = $errortext4;}
if (strlen($reciprocal) > 255)
{$error4 = $errortext5b;}
if ($urlchkeckreciprocal == $reciprocal and $reciprocal and $reciprocal != "")
{$error4 = $errortext4a;}
if ($showbanner == "yes")
{
if (!$bannerurl || strpos($bannerurl, 'http://') === false)
{$error5 = $errortext5;}
else
{
if (strlen($bannerurl) > 255)
{$error5 = $errortext5b;}
$sqlholder = ",bannerurl='$bannerurl'";
$extens = ereg_replace('http://', ' ',$bannerurl);
$ext = strrchr($extens,'.');
$limitedext=array(".gif",".jpg",".jpeg",".png");
if (!in_array($ext,$limitedext))
{$error5 = $errortext5a;}
}
}
if (!$title)
{$error6 = $errortext6;}
if (strlen($title) > $maxsigntitle)
{$error6 = $errortext6a;}
if (!$description)
{$error7 = $errortext7;}
if (strlen($description) > $maxsigndesc)
{$error7 = $errortext7a;}
if ($pass and $pass != "")
{
if (ereg("[^a-zA-Z0-9]",$pass))
{$error8 = $errortext8;}
if ($pass != $pass2)
{$error8 = $errortext8a;}
if (strlen($pass)< 8)
{$error8 = $errortext8b;}
if (strlen($pass)> 60)
{$error8 = $errortext1b;}
}
else /// if no pass was entered
{$error8 = $errortext8c;}
if (!$rulechecker or $rulechecker != "yes")
{$error24 = $errortext24;}
//// if an error happens
if ($error1 || $error2 || $error3 || $error4 || $error5 || $error6 || $error7 || $error8 || $error24 || $error32)
{$message = $messageerror;}
else
{
if(getenv("HTTP_X_FORWARDED_FOR"))
{$signupip = getenv("HTTP_X_FORWARDED_FOR");}
else
{$signupip = getenv("REMOTE_ADDR");}
$title = rtrim($title);
$description = rtrim($description);
$mailpass = $pass;
$pass = md5($pass);
$timestamp = time();
$joindate = date("Y-m-d-H-i-s");
if ($validatesites == "yes")
{$sqlholder2 = ",active='no'";}
else
{$sqlholder2 = ",active='yes',newentry='no',validationdate='$timestamp'";}
mysql_query("INSERT INTO $topxl_user_table SET joindate='$joindate',timestamp='$timestamp',name='$name',email='$email',url='$url'$sqlholder,reciprocal='$reciprocal',title='$title',description='$description',notes='$notes',pass='$pass',lang='$lang',signupip='$signupip'$sqlholder2") or die ("mysql_error");
$idgetquery = mysql_query("SELECT id,url,reciprocal FROM $topxl_user_table WHERE reciprocal='$reciprocal' or url='$url'") or die ("mysql_error");
$idget = @mysql_fetch_array($idgetquery);
$id = $idget[id];
/// Html Codes to show on the success site
if ($mailtouser == "yes" or $mailtoadmin == "yes")
{$htmlcode2 = "$bodycode_text\n";}
$htmlcodescript1 = htmlentities($htmlcodescript);
$htmlcode = "<b>$bodycode_text</b><br>";
$htmlcode3="";
if ($reftype=="textlink" or $reftype=="textban")
{
if ($mailtouser=="yes")
{
$recicodetext=recipcodetext($id,$topxl_admin_table,$topsiteurl,$linktitle,$filename);
$htmlcode3="\n".$text_textlink."\n";
$htmlcode3.=$htmlcodescript."\n".$recicodetext."\n";
}
$htmlcode.=texthtmlgen($id,$topxl_admin_table,$topsiteurl,$linktitle,$filename,$text_textlink,$htmlcodescript,$text_preview);
}
if ($reftype=="banner" or $reftype=="textban")
{
$recicodebanner=recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurl,$linktitle,$filename);
if ($mailtouser=="yes" or $mailtoadmin=="yes")
{
$htmlcode3.="\n".$text_banner." 1\n".$htmlcodescript."\n".recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurl,$linktitle,$filename)."\n";
if ($topbannerurla!="")
{$htmlcode3.="\n".$text_banner." 2\n".$htmlcodescript."\n".recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurla,$linktitle,$filename)."\n";}
if ($topbannerurlb!="")
{$htmlcode3.="\n".$text_banner." 3\n".$htmlcodescript."\n".recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurlb,$linktitle,$filename)."\n";}
if ($topbannerurlc!="")
{$htmlcode3.="\n".$text_banner." 4\n".$htmlcodescript."\n".recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurlc,$linktitle,$filename)."\n";}
if ($topbannerurld!="")
{$htmlcode3.="\n".$text_banner." 5\n".$htmlcodescript."\n".recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurld,$linktitle,$filename)."\n";}
}
$htmlcode.=bannerhtmlgen($id,$topxl_admin_table,$topsiteurl,$topbannerurl,$linktitle,$filename,$text_banner,$htmlcodescript,$text_preview);
if ($topbannerurla!="")
{$htmlcode.=bannerhtmlgen($id,$topxl_admin_table,$topsiteurl,$topbannerurla,$linktitle,$filename,$text_banner,$htmlcodescript,$text_preview);}
if ($topbannerurlb!="")
{$htmlcode.=bannerhtmlgen($id,$topxl_admin_table,$topsiteurl,$topbannerurlb,$linktitle,$filename,$text_banner,$htmlcodescript,$text_preview);}
if ($topbannerurlc!="")
{$htmlcode.=bannerhtmlgen($id,$topxl_admin_table,$topsiteurl,$topbannerurlc,$linktitle,$filename,$text_banner,$htmlcodescript,$text_preview);}
if ($topbannerurld!="")
{$htmlcode.=bannerhtmlgen($id,$topxl_admin_table,$topsiteurl,$topbannerurld,$linktitle,$filename,$text_banner,$htmlcodescript,$text_preview);}
}
$htmlcodemail = $htmlcode2." ".$htmlcode3;
if ($validatesites == "yes")
{$message = $messagesuccess;$bodytextx=$bodytext1;$bodytexty=$bodytext2;}
else{$message = $messagesuccess1;$bodytextx=$bodytext3;$bodytexty=$bodytext4;}
if ($mailtouser == "yes")
{
/// send mail to user
$subject = $subjecttext." ".$topsitename;
$body1 = $bodytextx."\n\n".$bodytexty."\n\n";
$body2 = $htmlcodemail;
$body3 = "\n\nLogin Data\n".$text_loginid." ".$id."\n".$text_pass." ".$mailpass."\n\n".$text_account_information."\n".$text_name." ".$name."\n".$text_email." ".$email."\n".$text_url." ".$url."\n".$text_bannerurl." ".$bannerurl."\n".$text_reciprocal." ".$reciprocal."\n".$text_title." ".$title."\n".$text_description." ".$description."\n".$text_notes." ".$notes."\n".$text_signupip." ".$signupip."\n".$text_joindate." ".$joindate."\n\n".$mailpromo."\n\n".$commercialmailtext;
$body .= strip_tags($body1);
$body .= $body2;
$body .= strip_tags($body3);
mail($email,$subject,$body,"From: $adminmail\nReply-To: $adminmail");
}
if ($mailtoadmin == "yes")
{
include("lang/members-".$stanlang.".php");
$validateurl = $topsiteurl."/admin/index.php?do=validate";
/// send mail to admin
$subject2 = $subjecttextadmin;
$body2 = $validateurl."\n\n".$text_name." ".$name."\n".$text_email." ".$email."\n".$text_pass." ".$mailpass."\n".$text_url." ".$url."\n".$text_bannerurl." ".$bannerurl."\n".$text_reciprocal." ".$reciprocal."\n".$text_title." ".$title."\n".$text_description." ".$description."\n".$text_notes." ".$notes."\n".$text_adminsignupip." ".$signupip."\n".$text_joindate." ".$joindate."\n\n";
$body2 = strip_tags($body2);
mail($adminmail2,$subject2,$body2,"From: $email\nReply-To: $email");
include("lang/members-".get_lang_file($langget,$stanlang,$langarray,$langdetect).".php");
}
$htmlcode = stripslashes($htmlcode);
/// Template
if(!file_exists("html/".$design."/add.html"))
{echo "The template file html/".$design."/add.html does not exist.";exit;}
$fp1 = fopen("html/".$design."/added.html","r");
$zeile = fread ($fp1, filesize ("html/".$design."/added.html"));
$zeile = ereg_replace("{text_loginname}", $text_loginname,$zeile);
$zeile = ereg_replace("{text_htmlcode}", $bodytexty,$zeile);
$zeile = ereg_replace("{text_pass}", $text_pass,$zeile);
$zeile = ereg_replace("{text_name}", $text_loginname,$zeile);
$zeile = ereg_replace("{message}", $message,$zeile);
$zeile = ereg_replace("{name}", $id,$zeile);
$zeile = ereg_replace("{pass}", $mailpass,$zeile);
$zeile = ereg_replace("{text_logindata}", $text_logindata,$zeile);
$zeile = ereg_replace("{htmlcode}", $exp_javascript_backlink."<br><br>".$htmlcode,$zeile);
$zeile = ereg_replace("{text_signup}", $text_signup,$zeile);
echo $zeile;
exit;
}
}
/////////////////////////////////////
//// Alles ohne do
/////////////////////////////////////
$prevhtmlcode = "<strong>".$text_previewhtmlcode."</strong><br><br>";
if ($reftype=="textlink" or $reftype=="textban")
{
$recicodetext=recipcodetext("none",$topxl_admin_table,$topsiteurl,$linktitle,$filename);
$prevhtmlcode.="<strong>".$text_textlink."</strong><br>".$recicodetext."<br>";
}
if ($reftype=="banner" or $reftype=="textban")
{
$prevhtmlcode.="<br><strong>".$text_banner." 1</strong><br>".recipcodebanner("none",$topxl_admin_table,$topsiteurl,$topbannerurl,$linktitle,$filename)."<br>";
if ($topbannerurla!="")
{$prevhtmlcode.="<br><strong>".$text_banner." 2</strong><br>".recipcodebanner("none",$topxl_admin_table,$topsiteurl,$topbannerurla,$linktitle,$filename)."<br>";}
if ($topbannerurlb!="")
{$prevhtmlcode.="<br><strong>".$text_banner." 3</strong><br>".recipcodebanner("none",$topxl_admin_table,$topsiteurl,$topbannerurlb,$linktitle,$filename)."<br>";}
if ($topbannerurlc!="")
{$prevhtmlcode.="<br><strong>".$text_banner." 4</strong><br>".recipcodebanner("none",$topxl_admin_table,$topsiteurl,$topbannerurlc,$linktitle,$filename)."<br>";}
if ($topbannerurld!="")
{$prevhtmlcode.="<br><strong>".$text_banner." 5</strong><br>".recipcodebanner("none",$topxl_admin_table,$topsiteurl,$topbannerurld,$linktitle,$filename)."<br>";}
}
if ($showbanner == "yes")
{
if(!file_exists("html/".$design."/add_banner_row.html"))
{echo "The template file html/".$design."/add_banner_row.html does not exist.";exit;}
$fp1 = fopen("html/".$design."/add_banner_row.html","r");
$zeile = fread ($fp1, filesize ("html/".$design."/add_banner_row.html"));
$zeile = ereg_replace("{text_bannerurl}",$text_bannerurl,$zeile);
$zeile = ereg_replace("{bannerurl}",$bannerurl,$zeile);
$bannerbox = ereg_replace("{error5}",$error5,$zeile);
}
else
{$bannerbox = "";}
if ($addvalicode=="yes")
{
$_SESSION['code'] = rand(10000, 99999);
if(!file_exists("html/".$design."/add_save_row.html"))
{echo "The template file html/".$design."/add_save_row.html does not exist.";exit;}
$fp1 = fopen("html/".$design."/add_save_row.html","r");
$zeile = fread ($fp1, filesize ("html/".$design."/add_save_row.html"));
$zeile = ereg_replace("{text_valicode}",$text_valicode,$zeile);
$saveadd_html = ereg_replace("{error32}",$error32,$zeile);
}
/// Template
if(!file_exists("html/".$design."/add.html"))
{echo "The template file html/".$design."/add.html does not exist.";exit;}
$fp1 = fopen("html/".$design."/add.html","r");
$zeile = fread ($fp1, filesize ("html/".$design."/add.html"));
$zeile = ereg_replace("{text_name}",$text_name,$zeile);
$zeile = ereg_replace("{saveadd_html}",$saveadd_html,$zeile);
$zeile = ereg_replace("{text_email}",$text_email,$zeile);
$zeile = ereg_replace("{text_url}",$text_url,$zeile);
$zeile = ereg_replace("{text_reciprocal}",$text_reciprocal,$zeile);
$zeile = ereg_replace("{text_title}",$text_title,$zeile);
$zeile = ereg_replace("{text_description}",$text_description,$zeile);
$zeile = ereg_replace("{text_notes}",$text_notes,$zeile);
$zeile = ereg_replace("{error1}",$error1,$zeile);
$zeile = ereg_replace("{error2}",$error2,$zeile);
$zeile = ereg_replace("{error3}",$error3,$zeile);
$zeile = ereg_replace("{error4}",$error4,$zeile);
$zeile = ereg_replace("{error6}",$error6,$zeile);
$zeile = ereg_replace("{error7}",$error7,$zeile);
$zeile = ereg_replace("{error8}",$error8,$zeile);
$zeile = ereg_replace("{error24}",$error24,$zeile);
$zeile = ereg_replace("{ip}",$ip,$zeile);
$zeile = ereg_replace("{datum}",$datum,$zeile);
$zeile = ereg_replace("{message}",$message,$zeile);
$zeile = ereg_replace("{bannerbox}",$bannerbox,$zeile);
$zeile = ereg_replace("{name}",$name,$zeile);
$zeile = ereg_replace("{email}",$email,$zeile);
$zeile = ereg_replace("{url}",$url,$zeile);
$zeile = ereg_replace("{reciprocal}",$reciprocal,$zeile);
$zeile = ereg_replace("{title}",$title,$zeile);
$zeile = ereg_replace("{description}",$description,$zeile);
$zeile = ereg_replace("{notes}",$notes,$zeile);
$zeile = ereg_replace("{text_pass}",$text_pass,$zeile);
$zeile = ereg_replace("{pass}",$pass,$zeile);
$zeile = ereg_replace("{pass2}",$pass2,$zeile);
$zeile = ereg_replace("{text_signup}",$text_signup,$zeile);
$zeile = ereg_replace("{prevhtmlcode}",$prevhtmlcode,$zeile);
$zeile = ereg_replace("{text_rules}",$text_rules,$zeile);
$zeile = ereg_replace("{text_exp_rules}",$text_exp_rules,$zeile);
$zeile = ereg_replace("{text_stats}",$text_stats,$zeile);
$zeile = ereg_replace("{hitstoday}",$hitstoday,$zeile);
$zeile = ereg_replace("{text_hitstoday}",$text_viewstoday,$zeile);
$zeile = ereg_replace("{hitsyesterday}",$hitsyesterday,$zeile);
$zeile = ereg_replace("{text_hitsyesterday}",$text_viewsyesterday,$zeile);
$zeile = ereg_replace("{hitstotal}",$hitstotal,$zeile);
$zeile = ereg_replace("{text_hitstotal}",$text_viewstotal,$zeile);
$zeile = ereg_replace("{loadstotal}",$loadstotal,$zeile);
$zeile = ereg_replace("{text_loadstotal}",$text_loadstotal,$zeile);
$zeile = ereg_replace("{text_acceptrules}",$text_acceptrules,$zeile);
echo $zeile;
exit;
?>