here.
If MGB is already installed, try copy your 'config.inc.php' from root directory into 'includes/config.inc.php'.";
die();
}
}
else
{
echo "The config file could not be found. If you haven't installed the MGB yet, you can do that here.
If MGB is already installed, try copy your 'config.inc.php' from root directory into 'includes/config.inc.php'.";
die();
}
// load config, settings, language files and necessary templates
require ("includes/config.inc.php");
require ("includes/functions.inc.php");
require ("includes/load_settings.inc.php");
require ("language/".$settings['language_path']."/lang_main.php");
require ("language/".$settings['language_path']."/settings.php");
require ("includes/load_templates.inc.php");
$captcha_generated = 0;
// load user data
if ($_GET['id'] == "denied")
{
$errorcode = 8;
$_POST['sent'] = 1;
}
elseif ($_GET['id'] != "admin")
{
$sql = "SELECT name, email, user_show_email FROM ".$db['prefix']."entries WHERE id=".secure_value($_GET['id']);
$link = @mysql_connect($db['hostname'], $db['username'], $db['password']) or die ("(email.php) Error, line 66: ".mysql_error());
@mysql_select_db($db['dbname'], $link) or die ("(email.php) Error, line 67 ".mysql_error());
$result = @mysql_query($sql, $link) or die ("(email.php) Error, line 68: ".mysql_error());
$sendemail = @mysql_fetch_array($result);
$sendemail_name = $sendemail['name'];
$sendemail_email = $sendemail['email'];
$sendemail_user_show_email = $sendemail['user_show_email'];
if ($sendemail_user_show_email == 0) { $errorcode = 8; $_POST['sent'] = 1; }
}
else
{
$sendemail_email = $settings['admin_email'];
$sendemail_name = $settings['admin_name'];
}
if (isset($_POST['sent']) AND $_POST['sent'] == 1)
{
// delete html, php code and white spaces
if(!isset($_POST['user_sendcopytome'])) { $_POST['user_sendcopytome'] = 0; }
if(!isset($_POST['name'])) { $_POST['name'] = NULL; }
if(!isset($_POST['email'])) { $_POST['email'] = NULL; }
if(!isset($_POST['message'])) { $_POST['message'] = NULL; }
$_POST['name'] = cleanstr($_POST['name']);
$_POST['email'] = cleanstr($_POST['email']);
$_POST['message'] = cleanstr($_POST['message']);
$_POST['user_sendcopytome'] = cleanstr($_POST['user_sendcopytome']);
// include akismet if it exists
if (file_exists("plugins/akismet/akismet.class.php") AND (isset($settings['akismet_api'])) AND ($settings['akismet_api'] != "") AND ($_POST['name'] != "") AND ($_POST['email'] != "") AND ($_POST['message'] != ""))
{
include ("plugins/akismet/akismet.class.php");
$akismet_author = bbcode_delete($_POST['name']);
$akismet_email = bbcode_delete($_POST['email']);
$akismet_website = bbcode_delete($_POST['hp']);
$akismet_body = bbcode_delete($_POST['message']);
// check for spam
// Load array with comment data.
$comment = array(
'author' => $akismet_author,
'email' => $akismet_email,
'website' => $akismet_website,
'body' => $akismet_body,
'permalink' => 'http://'.$settings['h_domain'].$settings['gb_path'],
'user_ip' => $_SERVER['REMOTE_ADDR'], // Optional, if not in array defaults to $_SERVER['REMOTE_ADDR'].
'user_agent' => $_SERVER['HTTP_USER_AGENT'], // Optional, if not in array defaults to $_SERVER['HTTP_USER_AGENT'].
);
// Instantiate an instance of the class.
$akismet = new Akismet('http://'.$settings['h_domain'].$settings['gb_path'], $settings['akismet_api'], $comment);
// Test for errors.
if($akismet->errorsExist())
{ // Returns true if any errors exist.
if($akismet->isError('AKISMET_INVALID_KEY'))
{
echo "AKISMET API KEY INVALID";
}
elseif($akismet->isError('AKISMET_RESPONSE_FAILED'))
{
echo "AKISMET RESPONSE FAILED";
}
elseif($akismet->isError('AKISMET_SERVER_NOT_FOUND'))
{
echo "AKISMET_SERVER_NOT_FOUND";
}
}
else
{
// No errors, check for spam.
if ($akismet->isSpam())
{ // Returns true if Akismet thinks the comment is spam.
// outcomment the following line if you want to know when AKISMET blocks spam.
// mail($settings['admin_email'], "AKISMET: Spam-Eintrag erfolgreich abgewehrt.", "Soeben wurde ein Spam-Eintrag von ".$_SERVER["REMOTE_ADDR"]." mit folgendem Inhalt von AKISMET abgewehrt:\n\n".$_POST['message'], $mail_header);
die();
}
}
}
// search for content to identify spam
$string = bbcode_delete($_POST['message']);
$searchstring = "Hi there, very nice homepage :-)";
$pos = strpos($string, $searchstring);
if ($pos !== false)
{
// mail($settings['admin_email'], "Spam-Eintrag erfolgreich abgewehrt.", "Soeben wurde ein Spam-Eintrag von ".$_SERVER["REMOTE_ADDR"]." mit folgendem Inhalt abgewehrt:\n\n".$_POST['message'], $mail_header);
die();
}
// following IP adresses will be blocked. Add desired IPs to the array.
// NOTE: the last entry has to be without a comma at the end like here:
//
// $string = array(
// 'xxx.xxx.xxx.xxx',
// 'xxx.xxx.xxx.xxx',
// 'xxx.xxx.xxx.xxx' <-- see? no comma :)
// );
// Array for blocked IPs
$blocked_ips = array(
'xxx.xxx.xxx.xxx',
'xxx.xxx.xxx.xxx',
'xxx.xxx.xxx.xxx'
);
foreach ($blocked_ips as $ip)
{
if ($_SERVER["REMOTE_ADDR"] == $ip)
{
// mail($settings['admin_email'], "Spam-Eintrag erfolgreich abgewehrt.", "Soeben wurde ein Spam-Eintrag von ".$_SERVER["REMOTE_ADDR"]." mit folgendem Inhalt abgewehrt:\n\n".$_POST['message'], $mail_header);
echo "Are you a spammer? Not? Your IP was blocked. If that happened by mistake report it to the admin.";
die();
}
}
// form was sent and is ok!
if (!isset($errorcode) OR $errorcode != 8)
{
// check if captcha is correct
if ($settings['captcha'] == 1)
{
if ($settings['captcha_method'] == 0)
{
$sql = "SELECT `code` FROM ".$db['prefix']."captcha LIMIT 1";
$link = @mysql_connect($db['hostname'], $db['username'], $db['password']) or die ("(email.php) Error, line 147: ".mysql_error());
mysql_select_db($db['dbname'], $link) or die ("(email.php) Error, line 148: ".mysql_error());
$result = mysql_query($sql, $link) or die ("(email.php) Error, line 149: ".mysql_error());
$saved_code = @mysql_fetch_array($result);
$captcha_code = $saved_code['code'];
if ($captcha_code != $_POST['captcha']) { $errorcode = 7; }
}
elseif ($settings['captcha_method'] == 1)
{
$sql = "SELECT `sum` FROM ".$db['prefix']."captcha_math LIMIT 1";
$link = @mysql_connect($db['hostname'], $db['username'], $db['password']) or die ("(email.php) Error, line 159: ".mysql_error());
mysql_select_db($db['dbname'], $link) or die ("(email.php) Error, line 160: ".mysql_error());
$result = mysql_query($sql, $link) or die ("(email.php) Error, line 161: ".mysql_error());
$saved_code = @mysql_fetch_array($result);
$captcha_code = $saved_code['sum'];
if ($captcha_code != $_POST['captcha']) { $errorcode = 7; }
}
}
// check email
if (!check_mail($_POST['email'])) { $errorcode = 4; }
// check necessary fields
if (!$_POST['message']) { $errorcode = 1; }
if (!$_POST['email']) { $errorcode = 2; }
if (!$_POST['name']) { $errorcode = 3; }
if (!isset($errorcode))
{
// delete bbcode
$_POST['name'] = bbcode_delete($_POST['name']);
$_POST['message'] = bbcode_delete($_POST['message']);
$_POST['message'] = nl2br($_POST['message']);
$t1 = chr(10);
$t2 = chr(13);
$_POST['message'] = str_replace($t1,'', $_POST['message']);
$_POST['message'] = str_replace($t2,'', $_POST['message']);
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$url_to_gb = "http://".$settings['h_domain'].$settings['gb_path']."index.php";
$date = date("d"."/"."m"."/"."Y");
$time = date("H".":"."i");
$mail_header = "content-type: text/plain; charset=".$charset."\n";
$mail_header .= "from: ".$_POST['email'];
if (mail($sendemail_email,
format_mail(repl_uml($lang['email_caption'], $charset), $name, $date, $time, xhtmlbr2nl($message), $settings['h_domain'], $url_to_gb, "", "", "", "", "", ""),
format_mail(repl_uml($settings['sendmail_contactmail_text'], $charset), $name, $date, $time, xhtmlbr2nl($message), $settings['h_domain'], $url_to_gb, "", "", "", "", "", ""),
$mail_header) == TRUE)
{
$sendemail_successfull = 1;
if ($_POST['user_sendcopytome'] == 1)
{
mail($email,
format_mail(repl_uml($lang['email_caption'], $charset), $name, $date, $time, xhtmlbr2nl($message), $settings['h_domain'], $url_to_gb, "", "", "", "", "", ""),
format_mail(repl_uml($settings['sendmail_contactmail_text'], $charset), $name, $date, $time, xhtmlbr2nl($message), $settings['h_domain'], $url_to_gb, "", "", "", "", "", ""),
$mail_header);
}
// refresh site
$refresh = "";
}
else
{
unset($sendemail_successfull);
$errorcode = 9;
$refresh = NULL;
}
}
else
{
if ($errorcode == 1) { $errormessage = $lang['errormessage1']; }
if ($errorcode == 2) { $errormessage = $lang['errormessage2']; }
if ($errorcode == 3) { $errormessage = $lang['errormessage3']; }
if ($errorcode == 4) { $errormessage = $_POST['email']." ".$lang['errormessage4']; }
if ($errorcode == 7) { $errormessage = $lang['errormessage7']; }
if ($errorcode == 8) { $errormessage = $lang['errormessage8']; }
// do not refresh site
$refresh = NULL;
// generate new captchacode if activated
if (($settings['captcha'] == 1) AND ($captcha_generated != 1))
{
generate_captcha($settings['captcha_method']);
$captcha = "";
$captcha = preg_replace("/\{CAPTCHA_IMG\}/", $captcha, $content_captcha);
$captcha_generated = 1;
}
}
}
else
{
// user don't wants to receive emails over guestbook
$errormessage = $lang['errormessage8'];
$refresh = NULL;
$sendemail_name = "-";
// generate new captchacode if activated
if (($settings['captcha'] == 1) AND ($captcha_generated != 1))
{
generate_captcha($settings['captcha_method']);
$captcha = "";
$captcha = preg_replace("/\{CAPTCHA_IMG\}/", $captcha, $content_captcha);
$captcha_generated = 1;
}
}
}
else
{
// form was not sent
// do not refresh site
$refresh = NULL;
}
// Generate Page
// fill header template with content
$page_header = $content_header;
// check if "install" directory has been deleted
if (file_exists("install"))
{
$page_header = preg_replace("/\{INSTALL_DIRECTORY_EXISTS\}/", "