home *** CD-ROM | disk | FTP | other *** search
/ PC World 2005 April / PCWorld_2005-04_cd.bin / akce / web / phpnuke / PHP-Nuke-7.5.exe / html / modules / News / friend.php < prev    next >
PHP Script  |  2004-08-23  |  5KB  |  105 lines
  1. <?php
  2.  
  3. /************************************************************************/
  4. /* PHP-NUKE: Web Portal System                                          */
  5. /* ===========================                                          */
  6. /*                                                                      */
  7. /* Copyright (c) 2002 by Francisco Burzi                                */
  8. /* http://phpnuke.org                                                   */
  9. /*                                                                      */
  10. /* This program is free software. You can redistribute it and/or modify */
  11. /* it under the terms of the GNU General Public License as published by */
  12. /* the Free Software Foundation; either version 2 of the License.       */
  13. /************************************************************************/
  14. /*         Additional security & Abstraction layer conversion           */
  15. /*                           2003 chatserv                              */
  16. /*      http://www.nukefixes.com -- http://www.nukeresources.com        */
  17. /************************************************************************/
  18.  
  19. if (!eregi("modules.php", $_SERVER['PHP_SELF'])) {
  20.     die ("You can't access this file directly...");
  21. }
  22. require_once("mainfile.php");
  23. if (stristr($_SERVER["QUERY_STRING"],'%25')) header("Location: index.php");
  24. $module_name = basename(dirname(__FILE__));
  25. get_lang($module_name);
  26. $pagetitle = "- "._RECOMMEND."";
  27.  
  28. function FriendSend($sid) {
  29.     global $user, $cookie, $prefix, $db, $user_prefix, $module_name;
  30.     $sid = intval($sid);
  31.     if(!isset($sid)) { exit(); }
  32.     include ("header.php");
  33.     $row = $db->sql_fetchrow($db->sql_query("SELECT title FROM ".$prefix."_stories WHERE sid='$sid'"));
  34.     $title = stripslashes(check_html($row['title'], "nohtml"));
  35.     title(""._FRIEND."");
  36.     OpenTable();
  37.     echo "<center><font class=\"content\"><b>"._FRIEND."</b></font></center><br><br>"
  38.         .""._YOUSENDSTORY." <b>$title</b> "._TOAFRIEND."<br><br>"
  39.         ."<form action=\"modules.php?name=$module_name&file=friend\" method=\"post\">"
  40.         ."<input type=\"hidden\" name=\"sid\" value=\"$sid\">";
  41.     if (is_user($user)) {
  42.         $row2 = $db->sql_fetchrow($db->sql_query("SELECT name, user_email FROM ".$user_prefix."_users WHERE username='$cookie[1]'"));
  43.         $yn = stripslashes($row2['name']);
  44.         $ye = stripslashes($row2['user_email']);
  45.     }
  46.     echo "<b>"._FYOURNAME." </b> <input type=\"text\" name=\"yname\" value=\"$yn\"><br><br>\n"
  47.         ."<b>"._FYOUREMAIL." </b> <input type=\"text\" name=\"ymail\" value=\"$ye\"><br><br><br>\n"
  48.         ."<b>"._FFRIENDNAME." </b> <input type=\"text\" name=\"fname\"><br><br>\n"
  49.         ."<b>"._FFRIENDEMAIL." </b> <input type=\"text\" name=\"fmail\"><br><br>\n"
  50.         ."<input type=\"hidden\" name=\"op\" value=\"SendStory\">\n"
  51.         ."<input type=\"submit\" value="._SEND.">\n"
  52.         ."</form>\n";
  53.     CloseTable();
  54.     include ('footer.php');
  55. }
  56.  
  57. function SendStory($sid, $yname, $ymail, $fname, $fmail) {
  58.     global $sitename, $nukeurl, $prefix, $db, $module_name;
  59.     $fname = stripslashes(removecrlf($fname));
  60.     $fmail = stripslashes(removecrlf($fmail));
  61.     $yname = stripslashes(removecrlf($yname));
  62.     $ymail = stripslashes(removecrlf($ymail));    
  63.     $sid = intval($sid);
  64.     $row = $db->sql_fetchrow($db->sql_query("SELECT title, time, topic FROM ".$prefix."_stories WHERE sid='$sid'"));
  65.     $title = stripslashes(check_html($row['title'], "nohtml"));
  66.     $time = $row['time'];
  67.     $topic = intval($row['topic']);
  68.     $row2 = $db->sql_fetchrow($db->sql_query("SELECT topictext FROM ".$prefix."_topics WHERE topicid='$topic'"));
  69.     $topictext = stripslashes(check_html($row2['topictext'], "nohtml"));
  70.     $subject = ""._INTERESTING." $sitename";
  71.     $message = ""._HELLO." $fname:\n\n"._YOURFRIEND." $yname "._CONSIDERED."\n\n\n$title\n("._FDATE." $time)\n"._FTOPIC." $topictext\n\n"._URL.": $nukeurl/modules.php?name=$module_name&file=article&sid=$sid\n\n"._YOUCANREAD." $sitename\n$nukeurl";
  72.     mail($fmail, $subject, $message, "From: \"$yname\" <$ymail>\nX-Mailer: PHP/" . phpversion());
  73.     update_points(6);
  74.     $title = urlencode($title);
  75.     $fname = urlencode($fname);
  76.     Header("Location: modules.php?name=$module_name&file=friend&op=StorySent&title=$title&fname=$fname");
  77. }
  78.  
  79. function StorySent($title, $fname) {
  80.     include ("header.php");
  81.     $title = htmlspecialchars(urldecode(check_html($title, "nohtml")));
  82.     $fname = htmlspecialchars(urldecode($fname));
  83.     OpenTable();
  84.     echo "<center><font class=\"content\">"._FSTORY." <b>$title</b> "._HASSENT." $fname... "._THANKS."</font></center>";
  85.     CloseTable();
  86.     include ("footer.php");
  87. }
  88.  
  89. switch($op) {
  90.  
  91.     case "SendStory":
  92.     SendStory($sid, $yname, $ymail, $fname, $fmail);
  93.     break;
  94.     
  95.     case "StorySent":
  96.     StorySent($title, $fname);
  97.     break;
  98.  
  99.     case "FriendSend":
  100.     FriendSend($sid);
  101.     break;
  102.  
  103. }
  104.  
  105. ?>