Rev 2 | Rev 5 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 2 | Rev 4 | ||
---|---|---|---|
Line 1... | Line 1... | ||
1 | <?php |
1 | <?php |
2 | 2 | ||
3 | # ViaThinkSoft PHP Guestbook 2.8.1 |
3 | # ViaThinkSoft PHP Guestbook 2.8.2 |
4 | # (C) 2003-2017 ViaThinkSoft, Daniel Marschall |
4 | # (C) 2003-2022 ViaThinkSoft, Daniel Marschall |
5 | # Licensed under GPL v3 |
5 | # Licensed under the Apache 2.0 License |
6 | 6 | ||
7 | // Version des Gästebuchs |
7 | // Version des Gästebuchs |
8 | $version = '2.8.1'; |
8 | $version = '2.8.1'; |
9 | 9 | ||
- | 10 | // START DEFAULT WERTE |
|
- | 11 | ||
- | 12 | $charset = 'ISO-8859-1'; |
|
- | 13 | ||
- | 14 | // Der Titel der Seite |
|
- | 15 | $seitentitel = 'Mein Gästebuch'; |
|
- | 16 | ||
- | 17 | // Seitenkopf |
|
- | 18 | $seitenkopf = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" |
|
- | 19 | "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
|
- | 20 | ||
- | 21 | <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> |
|
- | 22 | ||
- | 23 | <head> |
|
- | 24 | <meta http-equiv="Content-Type" content="text/html; charset={CHARSET}" /> |
|
- | 25 | <title>'.htmlentities($seitentitel).' Gästebuch</title> |
|
- | 26 | </head> |
|
- | 27 | ||
- | 28 | <body>'; |
|
- | 29 | ||
- | 30 | // Seitenfuß |
|
- | 31 | $seitenfuss = '</body></html>'; |
|
- | 32 | ||
- | 33 | // Farben |
|
- | 34 | $farbe1 = '#505080'; // Rand eines Eintrags |
|
- | 35 | $farbe2 = '#D2DAF0'; // Eintrag Segment 2 (Text) BG |
|
- | 36 | $farbe3 = '#A0B1E0'; // Eintrag Segment 1 (Kopfzeile) BG |
|
- | 37 | $farbe4 = '#333333'; // Erstellungsdatum Schrift |
|
- | 38 | $farbe5 = '#E2E7F5'; // Eintrag Segment 3 (Admin-Kommentar, optional) BG |
|
- | 39 | $farbe6 = 'red'; // Fehlermeldung |
|
- | 40 | $farbe7 = 'blue'; // Pflichtfeld-Stern |
|
- | 41 | $farbe8 = 'green'; // Erfolgsmeldung |
|
- | 42 | $farbe9 = 'black'; // Segment 1 (Kopfzeile) Text |
|
- | 43 | $farbe10 = 'black'; // Segment 2 (Text) Text |
|
- | 44 | $farbe11 = 'black'; // Segment 3 (Admin-Kommentar, optional) Text |
|
- | 45 | ||
- | 46 | // Die MySQL-Zugangsdaten |
|
- | 47 | $mysql_server = 'localhost'; |
|
- | 48 | $mysql_user = 'root'; |
|
- | 49 | $mysql_pass = ''; |
|
- | 50 | $mysql_database = 'guestbook'; |
|
- | 51 | ||
- | 52 | // Die Datenbanktabellennamen |
|
- | 53 | $table_entries = 'gaestebuch_entries'; |
|
- | 54 | $table_smileys = 'gaestebuch_smileys'; |
|
- | 55 | ||
- | 56 | // E-Mail-Adresse |
|
- | 57 | $adminmail = 'your_email_address@example.com'; |
|
- | 58 | $adminmail_cc = ''; |
|
- | 59 | ||
- | 60 | // Einträge pro Seite |
|
- | 61 | $eintraege_proseite = 10; |
|
- | 62 | ||
- | 63 | // Vorsicht: Der Server muss autorisiert sein, eine E-Mail zu über diese Domain zu senden (SPF/DKIM) |
|
- | 64 | $cfg_from_email = 'noreply@example.com'; |
|
- | 65 | ||
- | 66 | // Features |
|
- | 67 | $cfg_feature_simple_antispam = true; |
|
- | 68 | $cfg_automatisch_freischalten = false; |
|
- | 69 | $cfg_unfreigeschaltete_anzegen = false; |
|
- | 70 | $cfg_vorschau = true; |
|
- | 71 | ||
- | 72 | // Recaptcha - This is the most secure Captcha |
|
- | 73 | // It also helps against "F5" spamming! |
|
- | 74 | // Get a FREE API key here: https://www.google.com/recaptcha/admin/create |
|
- | 75 | $cfg_recaptcha_enabled = false; |
|
- | 76 | $cfg_recaptcha_pubkey = ''; |
|
- | 77 | $cfg_recaptcha_privkey = ''; |
|
- | 78 | ||
- | 79 | // see https://daniel-lange.com/archives/66-ICQ-web-status-icons.html |
|
- | 80 | $cfg_icq_statusicon = 5; |
|
- | 81 | ||
- | 82 | // ENDE DEFAULT WERTE |
|
- | 83 | ||
10 | if (!file_exists(__DIR__ . '/config/config.inc.php')) { |
84 | if (!file_exists(__DIR__ . '/config/config.inc.php')) { |
11 | die('ERROR: File <b>config/config.inc.php</b> does not exist. Please create it using <b>config/config.original.inc.php</b>'); |
85 | die('ERROR: File <b>config/config.inc.php</b> does not exist. Please create it using <b>config/config.original.inc.php</b>'); |
12 | } |
86 | } |
13 | require_once __DIR__ . '/config/config.inc.php'; |
87 | require_once __DIR__ . '/config/config.inc.php'; |
14 | 88 | ||
15 | if (!isset($cfg_recaptcha_enabled)) $cfg_recaptcha_enabled = false; |
- | |
16 | if ($cfg_recaptcha_enabled) $cfg_feature_simple_antispam = false; |
89 | if ($cfg_recaptcha_enabled) $cfg_feature_simple_antispam = false; |
17 | if (!isset($cfg_icq_statusicon)) $cfg_icq_statusicon = 5; |
- | |
18 | 90 | ||
19 | require_once __DIR__ . '/includes/database.inc.php'; |
91 | require_once __DIR__ . '/includes/database.inc.php'; |
20 | verbinden(); |
92 | verbinden(); |
21 | 93 | ||
22 | require_once __DIR__ . '/includes/SecureMailer.class.php'; |
94 | require_once __DIR__ . '/includes/SecureMailer.class.php'; |
Line 74... | Line 146... | ||
74 | function parse_html($nachricht, $loc_dir = '') { |
146 | function parse_html($nachricht, $loc_dir = '') { |
75 | global $table_smileys; |
147 | global $table_smileys; |
76 | 148 | ||
77 | // Smiley pre-parsing |
149 | // Smiley pre-parsing |
78 | $uid = uniqid(); |
150 | $uid = uniqid(); |
79 | $result = mysql_query("SELECT `zeichen`, `image`, `beschreibung`, `id` FROM `".mysql_real_escape_string($table_smileys)."` WHERE `enabled` = '1' ORDER BY `id` ASC"); |
151 | $result = db_query("SELECT `zeichen`, `image`, `beschreibung`, `id` FROM `".db_real_escape_string($table_smileys)."` WHERE `enabled` = '1' ORDER BY `id` ASC"); |
80 | while ($row = mysql_fetch_object($result)) { |
152 | while ($row = db_fetch_object($result)) { |
81 | # $nachricht = str_replace($row->zeichen, '<img src="images/smileys/'.$row->image.'" alt="'.myhtmlentities($row->beschreibung).'" title="'.myhtmlentities($row->beschreibung).'" />', $nachricht); |
153 | # $nachricht = str_replace($row->zeichen, '<img src="images/smileys/'.$row->image.'" alt="'.myhtmlentities($row->beschreibung).'" title="'.myhtmlentities($row->beschreibung).'" />', $nachricht); |
82 | $nachricht = str_replace($row->zeichen, "\nSMILEY${uid}:".$row->id.":${uid}YELIMS\n", $nachricht); |
154 | $nachricht = str_replace($row->zeichen, "\nSMILEY${uid}:".$row->id.":${uid}YELIMS\n", $nachricht); |
83 | } |
155 | } |
84 | 156 | ||
85 | // HTML Parsing |
157 | // HTML Parsing |
Line 97... | Line 169... | ||
97 | $nachricht = preg_replace("#([\t\r\n ])(www|ftp)\.(([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*)?)#i", '\1<a href="http://\2.\3" target="_blank">\2.\3</a>', $nachricht); |
169 | $nachricht = preg_replace("#([\t\r\n ])(www|ftp)\.(([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*)?)#i", '\1<a href="http://\2.\3" target="_blank">\2.\3</a>', $nachricht); |
98 | $nachricht = preg_replace("#([\n ])([a-z0-9\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>", $nachricht); |
170 | $nachricht = preg_replace("#([\n ])([a-z0-9\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>", $nachricht); |
99 | $nachricht = substr($nachricht, 1); |
171 | $nachricht = substr($nachricht, 1); |
100 | 172 | ||
101 | // Final smiley parsing |
173 | // Final smiley parsing |
102 | $result = mysql_query("SELECT `zeichen`, `image`, `beschreibung`, `id` FROM `".mysql_real_escape_string($table_smileys)."` WHERE `enabled` = '1' ORDER BY `id` ASC"); |
174 | $result = db_query("SELECT `zeichen`, `image`, `beschreibung`, `id` FROM `".db_real_escape_string($table_smileys)."` WHERE `enabled` = '1' ORDER BY `id` ASC"); |
103 | while ($row = mysql_fetch_object($result)) { |
175 | while ($row = db_fetch_object($result)) { |
104 | $nachricht = str_replace("<br />\nSMILEY${uid}:".$row->id.":${uid}YELIMS<br />\n", '<img src="'.$loc_dir.'images/smileys/'.$row->image.'" alt="'.myhtmlentities($row->beschreibung).'" title="'.myhtmlentities($row->beschreibung).'" />', $nachricht); |
176 | $nachricht = str_replace("<br />\nSMILEY${uid}:".$row->id.":${uid}YELIMS<br />\n", '<img src="'.$loc_dir.'images/smileys/'.$row->image.'" alt="'.myhtmlentities($row->beschreibung).'" title="'.myhtmlentities($row->beschreibung).'" />', $nachricht); |
105 | } |
177 | } |
106 | 178 | ||
107 | return $nachricht; |
179 | return $nachricht; |
108 | } |
180 | } |
Line 198... | Line 270... | ||
198 | 270 | ||
199 | if (($id == '') || ($md5 == '')) { |
271 | if (($id == '') || ($md5 == '')) { |
200 | die('<p><font color="'.$farbe6.'">Ein Fehler ist aufgetreten. Fehler in den Parametern.</font></p>'.$seitenfuss); |
272 | die('<p><font color="'.$farbe6.'">Ein Fehler ist aufgetreten. Fehler in den Parametern.</font></p>'.$seitenfuss); |
201 | } |
273 | } |
202 | 274 | ||
203 | $result = mysql_query("SELECT `show`, MD5(`nachricht`) AS `md5` FROM `".mysql_real_escape_string($table_entries)."` WHERE `id` = '".mysql_real_escape_string($id)."'"); |
275 | $result = db_query("SELECT `show`, MD5(`nachricht`) AS `md5` FROM `".db_real_escape_string($table_entries)."` WHERE `id` = '".db_real_escape_string($id)."'"); |
204 | $row = mysql_fetch_array($result); |
276 | if ($row = db_fetch_object($result)) { |
205 | if ($row['show'] == 1) { |
277 | if ($row->show == 1) { |
206 | echo '<p><font color="'.$farbe8.'">Eintrag ist bereits freigeschaltet!</font></p>'; |
278 | echo '<p><font color="'.$farbe8.'">Eintrag ist bereits freigeschaltet!</font></p>'; |
207 | } else { |
279 | } else { |
208 | $md5_valid = md5_valid($id, $row['md5']); |
280 | $md5_valid = md5_valid($id, $row->md5); |
209 | if (strtolower($md5) == strtolower($md5_valid)) { |
281 | if (strtolower($md5) == strtolower($md5_valid)) { |
210 | mysql_query("UPDATE `".mysql_real_escape_string($table_entries)."` SET `show` = '1' WHERE `id` = '".mysql_real_escape_string($id)."'"); |
282 | db_query("UPDATE `".db_real_escape_string($table_entries)."` SET `show` = '1' WHERE `id` = '".db_real_escape_string($id)."'"); |
211 | echo '<p><font color="'.$farbe8.'">Eintrag erfolgreich freigeschaltet!</font></p>'; |
283 | echo '<p><font color="'.$farbe8.'">Eintrag erfolgreich freigeschaltet!</font></p>'; |
212 | } else { |
284 | } else { |
213 | echo '<p><font color="'.$farbe6.'">Keine Berechtigung, den Eintrag freizuschalten!</font></p>'; |
285 | echo '<p><font color="'.$farbe6.'">Keine Berechtigung, den Eintrag freizuschalten!</font></p>'; |
214 | } |
286 | } |
215 | } |
287 | } |
- | 288 | } |
|
216 | 289 | ||
217 | die($seitenfuss); |
290 | die($seitenfuss); |
218 | } |
291 | } |
219 | 292 | ||
220 | if ($cfg_feature_simple_antispam) { |
293 | if ($cfg_feature_simple_antispam) { |
Line 330... | Line 403... | ||
330 | echo "<input type=\"hidden\" name=\"nachricht\" value=\"".myhtmlentities($nachricht)."\" />\n"; |
403 | echo "<input type=\"hidden\" name=\"nachricht\" value=\"".myhtmlentities($nachricht)."\" />\n"; |
331 | if ($cfg_feature_simple_antispam) echo "<input type=\"hidden\" name=\"antispam\" value=\"".myhtmlentities($antispam)."\" />\n"; |
404 | if ($cfg_feature_simple_antispam) echo "<input type=\"hidden\" name=\"antispam\" value=\"".myhtmlentities($antispam)."\" />\n"; |
332 | echo "<a href=\"javascript:document.frm1.submit()\"><img src=\"images/buttons/abschicken.gif\" border=\"0\" height=\"31\" width=\"146\" alt=\"Abschicken\" title=\"Abschicken\" /></a>"; |
405 | echo "<a href=\"javascript:document.frm1.submit()\"><img src=\"images/buttons/abschicken.gif\" border=\"0\" height=\"31\" width=\"146\" alt=\"Abschicken\" title=\"Abschicken\" /></a>"; |
333 | echo "</form>"; |
406 | echo "</form>"; |
334 | } else { |
407 | } else { |
335 | $daten = "'".mysql_real_escape_string($name)."'"; |
408 | $daten = "'".db_real_escape_string($name)."'"; |
336 | $felder = '`name`'; |
409 | $felder = '`name`'; |
337 | 410 | ||
338 | if ($ort != '') { |
411 | if ($ort != '') { |
339 | $daten .= ", '".mysql_real_escape_string($ort)."'"; |
412 | $daten .= ", '".db_real_escape_string($ort)."'"; |
340 | $felder .= ', `ort`'; |
413 | $felder .= ', `ort`'; |
341 | } |
414 | } |
342 | 415 | ||
343 | if ($email != '') { |
416 | if ($email != '') { |
344 | $daten .= ", '".mysql_real_escape_string($email)."'"; |
417 | $daten .= ", '".db_real_escape_string($email)."'"; |
345 | $felder .= ', `email`'; |
418 | $felder .= ', `email`'; |
346 | } |
419 | } |
347 | 420 | ||
348 | if ($homepage != '') { |
421 | if ($homepage != '') { |
349 | $daten .= ", '".mysql_real_escape_string($homepage)."'"; |
422 | $daten .= ", '".db_real_escape_string($homepage)."'"; |
350 | $felder .= ', `homepage`'; |
423 | $felder .= ', `homepage`'; |
351 | } |
424 | } |
352 | 425 | ||
353 | if ($icq != '') { |
426 | if ($icq != '') { |
354 | $daten .= ", '".mysql_real_escape_string($icq)."'"; |
427 | $daten .= ", '".db_real_escape_string($icq)."'"; |
355 | $felder .= ', `icq`'; |
428 | $felder .= ', `icq`'; |
356 | } |
429 | } |
357 | 430 | ||
358 | $daten .= ", '".mysql_real_escape_string("$datum $zeit")."'"; |
431 | $daten .= ", '".db_real_escape_string("$datum $zeit")."'"; |
359 | $felder .= ', `timestamp`'; |
432 | $felder .= ', `timestamp`'; |
360 | 433 | ||
361 | $daten .= ", '".mysql_real_escape_string($ip)."'"; |
434 | $daten .= ", '".db_real_escape_string($ip)."'"; |
362 | $felder .= ', `ip`'; |
435 | $felder .= ', `ip`'; |
363 | 436 | ||
364 | $daten .= ", '".mysql_real_escape_string($nachricht)."'"; |
437 | $daten .= ", '".db_real_escape_string($nachricht)."'"; |
365 | $felder .= ', `nachricht`'; |
438 | $felder .= ', `nachricht`'; |
366 | 439 | ||
367 | $show = $cfg_automatisch_freischalten ? '1' : '0'; |
440 | $show = $cfg_automatisch_freischalten ? '1' : '0'; |
368 | $daten .= ", '".mysql_real_escape_string($show)."'"; |
441 | $daten .= ", '".db_real_escape_string($show)."'"; |
369 | $felder .= ', `show`'; |
442 | $felder .= ', `show`'; |
370 | 443 | ||
371 | $result = mysql_query("INSERT INTO `".mysql_real_escape_string($table_entries)."` ($felder) VALUES ($daten)"); |
444 | $result = db_query("INSERT INTO `".db_real_escape_string($table_entries)."` ($felder) VALUES ($daten)"); |
372 | $id = mysql_insert_id(); |
445 | $id = db_insert_id(); |
373 | 446 | ||
374 | $md5 = md5($nachricht); |
447 | $md5 = md5($nachricht); |
375 | $md5_valid = md5_valid($id, $md5); |
448 | $md5_valid = md5_valid($id, $md5); |
376 | 449 | ||
377 | // Send mail |
450 | // Send mail |
Line 440... | Line 513... | ||
440 | } |
513 | } |
441 | if ($email != '') { |
514 | if ($email != '') { |
442 | $h->addHeader('Reply-To', $email); |
515 | $h->addHeader('Reply-To', $email); |
443 | } |
516 | } |
444 | 517 | ||
445 | if ((isset($adminmail_cc)) && ($adminmail_cc != '')) { |
518 | if ($adminmail_cc != '') { |
446 | $h->addHeader('CC', $adminmail_cc); |
519 | $h->addHeader('CC', $adminmail_cc); |
447 | } |
520 | } |
448 | 521 | ||
449 | $h->addHeader('X-Mailer', 'PHP/'.phpversion()); |
522 | $h->addHeader('X-Mailer', 'PHP/'.phpversion()); |
450 | 523 | ||
Line 470... | Line 543... | ||
470 | <p><a href="'.$inphp.'"><img src="images/buttons/zurueck.gif" alt="Zurück" title="Zurück" height="31" width="146" border="0" /></a></p> |
543 | <p><a href="'.$inphp.'"><img src="images/buttons/zurueck.gif" alt="Zurück" title="Zurück" height="31" width="146" border="0" /></a></p> |
471 | 544 | ||
472 | </div>'; |
545 | </div>'; |
473 | 546 | ||
474 | } else { |
547 | } else { |
475 | echo "<p>".mysql_error()."</p>"; |
548 | echo "<p>".db_error()."</p>"; |
476 | echo '<p><font color="'.$farbe6.'">Es ist ein schwerer Fehler aufgetreten. Versuchen Sie es nocheinmal.</font></p>'; |
549 | echo '<p><font color="'.$farbe6.'">Es ist ein schwerer Fehler aufgetreten. Versuchen Sie es nocheinmal.</font></p>'; |
477 | } |
550 | } |
478 | } |
551 | } |
479 | } |
552 | } |
480 | } |
553 | } |
Line 487... | Line 560... | ||
487 | Felder müssen ausgefüllt werden! Um Missbrauch zu vermeiden, wird die |
560 | Felder müssen ausgefüllt werden! Um Missbrauch zu vermeiden, wird die |
488 | IP-Adresse gespeichert.'; |
561 | IP-Adresse gespeichert.'; |
489 | echo ' Die Einträge werden erst nach einer Prüfung veröffentlicht.'; |
562 | echo ' Die Einträge werden erst nach einer Prüfung veröffentlicht.'; |
490 | echo '</p>'; |
563 | echo '</p>'; |
491 | 564 | ||
492 | if (isset($relfehler)) { |
565 | if ($relfehler != '') { |
493 | echo "<p>$relfehler</p>"; |
566 | echo "<p>$relfehler</p>"; |
494 | } |
567 | } |
495 | 568 | ||
496 | echo '<br /> |
569 | echo '<br /> |
497 | 570 | ||
Line 589... | Line 662... | ||
589 | frm.nachricht.value = frm.nachricht.value + smiley; |
662 | frm.nachricht.value = frm.nachricht.value + smiley; |
590 | } |
663 | } |
591 | // --> |
664 | // --> |
592 | </script>'; |
665 | </script>'; |
593 | 666 | ||
594 | $result = mysql_query("SELECT `zeichen`, `image`, `beschreibung` FROM `".mysql_real_escape_string($table_smileys)."` WHERE `enabled` = '1' AND `show_in_editor` = '1' ORDER BY `id` ASC"); |
667 | $result = db_query("SELECT `zeichen`, `image`, `beschreibung` FROM `".db_real_escape_string($table_smileys)."` WHERE `enabled` = '1' AND `show_in_editor` = '1' ORDER BY `id` ASC"); |
595 | while ($row = mysql_fetch_object($result)) { |
668 | while ($row = db_fetch_object($result)) { |
596 | echo "<a href=\"javascript:setsmiley(' ".addslashes(myhtmlentities($row->zeichen))." ')\">". |
669 | echo "<a href=\"javascript:setsmiley(' ".addslashes(myhtmlentities($row->zeichen))." ')\">". |
597 | '<img src="images/smileys/'.$row->image.'" border="0" alt="'.myhtmlentities($row->beschreibung).'" title="'.myhtmlentities($row->beschreibung).'" /></a> '; |
670 | '<img src="images/smileys/'.$row->image.'" border="0" alt="'.myhtmlentities($row->beschreibung).'" title="'.myhtmlentities($row->beschreibung).'" /></a> '; |
598 | } |
671 | } |
599 | 672 | ||
600 | echo '</td> |
673 | echo '</td> |
Line 643... | Line 716... | ||
643 | <tr> |
716 | <tr> |
644 | <td align="center">[ <a href="'.$inphp.'?action=eintrag">Neuen Eintrag hinzufügen</a> ]</td></tr></table><br />'; |
717 | <td align="center">[ <a href="'.$inphp.'?action=eintrag">Neuen Eintrag hinzufügen</a> ]</td></tr></table><br />'; |
645 | 718 | ||
646 | $cond = ($cfg_unfreigeschaltete_anzegen) ? '' : " WHERE `show` = '1'"; |
719 | $cond = ($cfg_unfreigeschaltete_anzegen) ? '' : " WHERE `show` = '1'"; |
647 | 720 | ||
648 | $result = mysql_query("SELECT * FROM `".mysql_real_escape_string($table_entries)."`$cond"); |
721 | $result = db_query("SELECT * FROM `".db_real_escape_string($table_entries)."`$cond"); |
649 | if ($result) $number = mysql_num_rows($result); else $number = 0; |
722 | if ($result) $number = db_num_rows($result); else $number = 0; |
650 | $max_page = ceil($number / $eintraege_proseite); |
723 | $max_page = ceil($number / $eintraege_proseite); |
651 | 724 | ||
652 | $seiten = isset($_REQUEST['seiten']) ? $_REQUEST['seiten'] : 1; |
725 | $seiten = isset($_REQUEST['seiten']) ? $_REQUEST['seiten'] : 1; |
653 | if (!isset($seiten) || ($seiten > $max_page) || ($seiten < 0)) $seiten = '1'; |
726 | if (!isset($seiten) || ($seiten > $max_page) || ($seiten < 0)) $seiten = '1'; |
654 | 727 | ||
655 | $result = mysql_query("SELECT * FROM `".mysql_real_escape_string($table_entries)."`$cond ORDER BY `id` DESC LIMIT ".($seiten-1)*$eintraege_proseite.",".$eintraege_proseite); |
728 | $result = db_query("SELECT * FROM `".db_real_escape_string($table_entries)."`$cond ORDER BY `id` DESC LIMIT ".($seiten-1)*$eintraege_proseite.",".$eintraege_proseite); |
656 | 729 | ||
657 | $keineeintraege = true; |
730 | $keineeintraege = true; |
658 | 731 | ||
659 | if ($result) { |
732 | if ($result) { |
660 | while ($row = mysql_fetch_object($result)) { |
733 | while ($row = db_fetch_object($result)) { |
661 | $xry = explode(' ', $row->timestamp); |
734 | $xry = explode(' ', $row->timestamp); |
662 | $datum = $xry[0]; |
735 | $datum = $xry[0]; |
663 | $zeit = $xry[1]; |
736 | $zeit = $xry[1]; |
664 | anznachricht($row->name, $row->ort, $row->email, $row->homepage, $row->icq, $row->nachricht, $row->kommentar, $zeit, $datum); |
737 | anznachricht($row->name, $row->ort, $row->email, $row->homepage, $row->icq, $row->nachricht, $row->kommentar, $zeit, $datum); |
665 | $keineeintraege = false; |
738 | $keineeintraege = false; |