Location: PHPKode > projects > MGB OpenSource Guestbook > newentry.php
<?php
	/*
	MGB 0.6.x - OpenSource PHP and MySql Guestbook
	Copyright (C) 2004 - 2011 Juergen Grueneisl - http://www.m-gb.org/

	This program is free software; you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation; either version 2 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program; ifnot, write to the Free Software
	Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
	*/

	// ============ //
	// newentry.php //
	// ============ //
	//
	// ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ //

	// show all errors
	error_reporting(E_ALL & ~E_NOTICE);

	header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
	header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Datum in der Vergangenheit

	$site_name = "newentry.php";

	// load config, settings, language files and necessary templates
	require ("includes/functions.inc.php");
	// check if MGB has been already installed or updated
	mgb_iou_check("");
	require ("includes/config.inc.php");
	require ("includes/load_settings.inc.php");
	if(isset($settings['allow_user_change_language']) AND $settings['allow_user_change_language'] == 1)
		{
		include_once ("language/".$_POST['user_language']."/lang_main.php");
		include_once ("language/".$_POST['user_language']."/settings.php");
		}
	else
		{
		include_once ("language/".$settings['language_path']."/lang_main.php");
		include_once ("language/".$settings['language_path']."/settings.php");
		}

	// ============
	$settings['wrong_captcha_count'] = "3";			// durch richtige settings ersetzen
	// ============

	// set timezone
	date_default_timezone_set($settings['timezone']);

	if($settings['banlist_ips'] == 1)
		{
		if(mgb_check_banlist_ips($_SERVER['REMOTE_ADDR'], $settings['blocktime']) == TRUE)
			{
			echo "<b>ERROR</b><br><br>You have been banned!<br><br>If this is a mistake, please contact the Administrator of this website.";
			if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
				{
				$header = 'Content-Type: text/html; charset='.$charset."\r\n".'From: '.$settings['admin_gbemail']."\r\n".'Reply-To: '.$settings['spam_mail']."\r\n".'X-Mailer: PHP/'.phpversion();
				$caption = "newentry.php: ".$_SERVER['REMOTE_ADDR']." kam wieder!";
				$mailtext = $_SERVER['REMOTE_ADDR']." Wurde erfolgreich durch die permanente Blockliste abgewehrt!<br><br>\n\n";
				$mailtext.= "IP: ".$_SERVER['REMOTE_ADDR']."<br>\n";
				$mailtext.= "User-Agent: ".$_SERVER['HTTP_USER_AGENT'];
				if(!mail($settings['spam_mail'], $caption, $mailtext, $header))
					{
					echo "<br>Script is unable to send mail to administrator.";
					}
				}
			if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "")
				{
				mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
					ID ,
					ip ,
					email ,
					user_agent ,
					message ,
					type ,
					site ,
					timestamp
					) values (
					NULL ,
					'".$_SERVER['REMOTE_ADDR']."' ,
					'' ,
					'".$_SERVER['HTTP_USER_AGENT']."' ,
					'' ,
					'1' ,
					'".$site_name."' ,
					'".time()."')", "ERROR while saving data into spam_log.", 0);
				}
			die();
			}
		}

	// load general templates
	$content_header = mgb_load_template("user", $settings['template_path'], "general/header");
	$content_footer = mgb_load_template("user", $settings['template_path'], "general/footer");
	$content_copyright = mgb_load_template("user", $settings['template_path'], "general/copyright");
	$content_scrolling_function = mgb_load_template("user", $settings['template_path'], "general/scrolling_function");
	$content_errormessage = mgb_load_template("user", $settings['template_path'], "general/errormessage");
	$content_captcha = mgb_load_template("user", $settings['template_path'], "general/captcha");
	// load main templates
	$content_newentry_body = mgb_load_template("user", $settings['template_path'], "main/newentry_body");
	$content_newentry_bbcodes = mgb_load_template("user", $settings['template_path'], "main/newentry_bbcodes");
	$content_newentry_bbcodes_flash = mgb_load_template("user", $settings['template_path'], "main/newentry_bbcodes_flash");
	$content_newentry_bbcodes_img = mgb_load_template("user", $settings['template_path'], "main/newentry_bbcodes_img");
	$content_newentry_body_entry_success = mgb_load_template("user", $settings['template_path'], "main/newentry_body_entry_success");
	$content_newentry_preview = mgb_load_template("user", $settings['template_path'], "main/newentry_preview");
	$content_newentry_smileys = mgb_load_template("user", $settings['template_path'], "main/newentry_smileys");
	$content_newentry_user_accept_akismet_service = mgb_load_template("user", $settings['template_path'], "main/newentry_user_accept_akismet_service");
	$content_newentry_user_notification = mgb_load_template("user", $settings['template_path'], "main/newentry_user_notification");
	$content_newentry_user_show_email = mgb_load_template("user", $settings['template_path'], "main/newentry_user_show_email");

	// start session for anti-spam-time-lock
	@session_name("time_lock");
	ini_set('url_rewriter.tags', '');
	@session_start();
	@session_regenerate_id();

	// set start time
	if(isset($_SESSION['start_time']))
		{
		if(time() > ($_SESSION['start_time'] + $settings['time_lock_maxtime']))
			{
			$_SESSION['blocktime_spam_count'] = 0;
			$_SESSION['spam_count'] = 0;
			$_SESSION['start_time'] = time();
			}
		}
	else
		{
		$_SESSION['start_time'] = time();
		}
	if(!isset($_SESSION['spam_count']))
		{
		$_SESSION['spam_count'] = 0;
		}
	if(!isset($_SESSION['blocktime_spam_count']))
		{
		$_SESSION['blocktime_spam_count'] = 0;
		}

	// check if user has too many counts in trying to make a guestbook entry
	$result = mgb_sql_connect("SELECT COUNT(ID) FROM ".$db['prefix']."spam", "Error while counting entries in spam table.", 1);
	$total = @mysql_result($result, 0);

	$result = mgb_sql_connect("SELECT id, ip, email, counter, timestamp FROM ".$db['prefix']."spam", "Error while loading entries from spam table.", 1);

	for ($i = 0; $i < $total; $i++)
		{
		$spam[$i] = mysql_fetch_array($result);
		if($_SERVER['REMOTE_ADDR'] == $spam[$i]['ip'])
			{
			$counter = $spam[$i]['counter'];
			if($counter == 3)
				{
				if($settings['blocktime'] != 9999999)
					{
					$blocktime = time() - $spam[$i]['timestamp'];
					// 99999999 = forever
					// 6480000 = 1 month
					// 216000 = 1 day
					// 3600 = 1 hour
					// 60 = 1 minute
					// 0 = never
					if($blocktime <= $settings['blocktime'])
						{
						$rest = $settings['blocktime'] - $blocktime;
						echo "<b>ERROR</b><br><br>Due to some reason you have been banned. Wait ".$rest." more seconds.<br><br>ifthis is a mistake, please contact the Administrator of this website.";
						if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
							{
							$header = 'Content-Type: text/html; charset='.$charset."\r\n".'From: '.$settings['admin_gbemail']."\r\n".'Reply-To: '.$settings['spam_mail']."\r\n".'X-Mailer: PHP/'.phpversion();
							$caption = "newentry.php: ".$_SERVER['REMOTE_ADDR']." kam wieder!";
							$mailtext = $_SERVER['REMOTE_ADDR']." ist geblockt und hat nochmal versucht das G&auml;stebuch zu erreichen!<br><br>\n\n";
							$mailtext.= "IP: ".$_SERVER['REMOTE_ADDR']."<br>\n";
							$mailtext.= "User-Agent: ".$_SERVER['HTTP_USER_AGENT'];
							mail($settings['spam_mail'], $caption, $mailtext, $header);
							}
						if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // user is on spamlist but not permanently blocked
							{
							mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
								ID ,
								ip ,
								email ,
								user_agent ,
								message ,
								type ,
								site ,
								timestamp
								) values (
								NULL ,
								'".$_SERVER['REMOTE_ADDR']."' ,
								'' ,
								'".$_SERVER['HTTP_USER_AGENT']."' ,
								'' ,
								'2' ,
								'".$site_name."' ,
								'".time()."')", "ERROR while saving data into spam_log.", 0);
							}
						die();
						}
					}
				else
					{
					echo "<b>ERROR</b><br><br>You have been banned!<br><br>If this is a mistake, please contact the Administrator of this website.";
					if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
						{
						$header = 'Content-Type: text/html; charset='.$charset."\r\n".'From: '.$settings['admin_gbemail']."\r\n".'Reply-To: '.$settings['spam_mail']."\r\n".'X-Mailer: PHP/'.phpversion();
						$caption = "newentry.php: ".$_SERVER['REMOTE_ADDR']." kam wieder!";
						$mailtext = $_SERVER['REMOTE_ADDR']." ist geblockt und hat nochmal versucht das G&auml;stebuch zu erreichen!<br><br>\n\n";
						$mailtext.= "IP: ".$_SERVER['REMOTE_ADDR']."<br>\n";
						$mailtext.= "User-Agent: ".$_SERVER['HTTP_USER_AGENT'];
						mail($settings['spam_mail'], $caption, $mailtext, $header);
						}
					if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // user is on spam-list but not permanently blocked
						{
						mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
							ID ,
							ip ,
							email ,
							user_agent ,
							message ,
							type ,
							site ,
							timestamp
							) values (
							NULL ,
							'".$_SERVER['REMOTE_ADDR']."' ,
							'' ,
							'".$_SERVER['HTTP_USER_AGENT']."' ,
							'' ,
							'2' ,
							'".$site_name."' ,
							'".time()."')", "ERROR while saving data into spam_log.", 0);
						}
					die();
					}
				}
			}
		}

	if(isset($_POST['send']) AND $_POST['send'] == $lang['send'])
		{
		// delete html, php code and white spaces
		if(!isset($_POST['user_notification'])) { $_POST['user_notification'] = 0; }
		if(!isset($_POST['user_show_email'])) { $_POST['user_show_email'] = 0; }

		// check email and domain with banlists
		if($settings['banlist_emails'] == 1)
			{
			if(mgb_check_banlist_mails($_POST['email'], $settings['blocktime']) == TRUE)
				{
				$errorcode = 12;
				$block_code = 1;
				if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
					{
					$header = 'Content-Type: text/html; charset='.$charset."\r\n".'From: '.$settings['admin_gbemail']."\r\n".'Reply-To: '.$settings['spam_mail']."\r\n".'X-Mailer: PHP/'.phpversion();
					$caption = "newentry.php: ".$_SERVER['REMOTE_ADDR']." wurde durch eMail geblockt!";
					$mailtext = $_SERVER['REMOTE_ADDR']." wurde durch eMail Bannliste geblockt!<br><br>\n\n";
					$mailtext.= "IP: ".$_SERVER['REMOTE_ADDR']."<br>\n";
					$mailtext.= "eMail: ".$_POST['email']."<br>\n";
					$mailtext.= "User-Agent: ".$_SERVER['HTTP_USER_AGENT'];
					mail($settings['spam_mail'], $caption, $mailtext, $header);
					}
				if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // user was blocked by email banlist
					{
					mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
						ID ,
						ip ,
						email ,
						user_agent ,
						message ,
						type ,
						site ,
						timestamp
						) values (
						NULL ,
						'".$_SERVER['REMOTE_ADDR']."' ,
						'".cleanstr($_POST['email'])."' ,
						'".$_SERVER['HTTP_USER_AGENT']."' ,
						'".cleanstr($_POST['message'])."' ,
						'3' ,
						'".$site_name."' ,
						'".time()."')", "ERROR while saving data into spam_log.", 0);
					}
				}
			}
		if($settings['banlist_domains'] == 1)
			{
			if(mgb_check_banlist_domains($_POST['email'], $settings['blocktime']) == TRUE)
				{
				$errorcode = 13;
				$block_code = 2;
				if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
					{
					$header = 'Content-Type: text/html; charset='.$charset."\r\n".'From: '.$settings['admin_gbemail']."\r\n".'Reply-To: '.$settings['spam_mail']."\r\n".'X-Mailer: PHP/'.phpversion();
					$caption = "newentry.php: ".$_SERVER['REMOTE_ADDR']." wurde durch Domain geblockt!";
					$mailtext = $_SERVER['REMOTE_ADDR']." wurde durch Domain Bannliste geblockt!<br><br>\n\n";
					$mailtext.= "IP: ".$_SERVER['REMOTE_ADDR']."<br>\n";
					$mailtext.= "eMail: ".$_POST['email']."<br>\n";
					$mailtext.= "User-Agent: ".$_SERVER['HTTP_USER_AGENT'];
					mail($settings['spam_mail'], $caption, $mailtext, $header);
					}
				if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // user was blocked by domain banlist
					{
					mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
						ID ,
						ip ,
						email ,
						user_agent ,
						message ,
						type ,
						site ,
						timestamp
						) values (
						NULL ,
						'".$_SERVER['REMOTE_ADDR']."' ,
						'".cleanstr($_POST['email'])."' ,
						'".$_SERVER['HTTP_USER_AGENT']."' ,
						'".cleanstr($_POST['message'])."' ,
						'4' ,
						'".$site_name."' ,
						'".time()."')", "ERROR while saving data into spam_log.", 0);
					}
				}
			}

		// Check for time lock
		if(isset($settings['time_lock']) AND $settings['time_lock'] == 1 AND $_POST['name'] != "" AND $_POST['email'] != "" AND $_POST['message'] != "")
			{
			// time check for formular load
			$actual_time = time();
			$difference = $actual_time - $_SESSION['start_time'];
			if($difference < $settings['time_lock_value'])
				{
				$errorcode = 10;
				$rest = $settings['time_lock_value'] - $difference;
				$_SESSION['blocktime_spam_count'] = $_SESSION['blocktime_spam_count'] + 1;
				if($_SESSION['blocktime_spam_count'] >= $settings['time_lock_spam_count'])
					{
					if(mgb_sql_connect("INSERT INTO ".$db['prefix']."spam (
						name,
						ip,
						email,
						city,
						icq,
						aim,
						msn,
						hp,
						message,
						user_notification,
						user_show_email,
						captcha,
						sent_captcha,
						counter,
						timestamp
						) values (
						'".cleanstr($_POST['name'])."',
						'".cleanstr($_SERVER['REMOTE_ADDR'])."',
						'".cleanstr($_POST['email'])."',
						'".cleanstr($_POST['city'])."',
						'".cleanstr($_POST['icq'])."',
						'".cleanstr($_POST['aim'])."',
						'".cleanstr($_POST['msn'])."',
						'".cleanstr($_POST['hp'])."',
						'".cleanstr($_POST['message'])."',
						'".cleanstr($_POST['user_notification'])."',
						'".cleanstr($_POST['user_show_email'])."',
						'".$captcha_code."',
						'".cleanstr($_POST['captcha'])."',
						'5',
						'".time()."'
						)", "Error while saving data into ".$db['prefix']."spam", 0))
							{
							if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
								{
								$type = 5; // 5 = Neueintrag durch Absendesperre
								mgb_spam_mail($charset, $settings['admin_gbemail'], $settings['spam_mail'], $_SERVER['REMOTE_ADDR'], $_POST['name'], $_POST['email'], $_POST['hp'], $_SERVER['HTTP_USER_AGENT'], "", "", $_POST['message'], $site_name, $type);
								}
							if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // user hits flood barrier
								{
								mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
									ID ,
									ip ,
									email ,
									user_agent ,
									message ,
									type ,
									site ,
									timestamp
									) values (
									NULL ,
									'".$_SERVER['REMOTE_ADDR']."' ,
									'".cleanstr($_POST['email'])."' ,
									'".$_SERVER['HTTP_USER_AGENT']."' ,
									'".cleanstr($_POST['message'])."' ,
									'5' ,
									'".$site_name."' ,
									'".time()."')", "ERROR while saving data into spam_log.", 0);
								}
							}
					session_unset();
					session_destroy();
					$_SESSION = array();
					die();
					}
				}
			}

		// include akismet if it exists
		if(file_exists("plugins/akismet/akismet.class.php") AND (isset($settings['akismet_api'])) AND ($settings['akismet_api'] != "") AND (isset($_POST['user_accept_akismet_service']) AND $_POST['user_accept_akismet_service'] == 1) AND ($_POST['name'] != "") AND ($_POST['email'] != "") AND ($_POST['message'] != ""))
			{
			include ("plugins/akismet/akismet.class.php");

			$akismet_author = bbcode_delete($_POST['name']);
			$akismet_email = bbcode_delete($_POST['email']);
			$akismet_website = bbcode_delete($_POST['hp']);
			$akismet_body = bbcode_delete($_POST['message']);

			// check for spam
			// Load array with comment data.
			$comment = array(
				'author' => $akismet_author,
				'email' => $akismet_email,
				'website' => $akismet_website,
				'body' => $akismet_body,
				'permalink' => 'http://'.$settings['h_domain'].$settings['gb_path'],
				'user_ip' => $_SERVER['REMOTE_ADDR'], // Optional, ifnot in array defaults to $_SERVER['REMOTE_ADDR'].
				'user_agent' => $_SERVER['HTTP_USER_AGENT'], // Optional, ifnot in array defaults to $_SERVER['HTTP_USER_AGENT'].
				);

			// Instantiate an instance of the class.
			$akismet = new Akismet('http://'.$settings['h_domain'].$settings['gb_path'], $settings['akismet_api'], $comment);

			// Test for errors.
			if($akismet->errorsExist())
				{ // Returns true ifany errors exist.
				if($akismet->isError('AKISMET_INVALID_KEY'))
					{
					echo "AKISMET API KEY INVALID";
					}
				elseif($akismet->isError('AKISMET_RESPONSE_FAILED'))
					{
					echo "AKISMET RESPONSE FAILED";
					}
				elseif($akismet->isError('AKISMET_SERVER_NOT_FOUND'))
					{
					echo "AKISMET_SERVER_NOT_FOUND";
					}
				}
			else
				{
				// No errors, check for spam.
				if($akismet->isSpam())
					{
					// ifis set in the admin panel, mark the entry as spam
					if(isset($settings['akismet_mark_as_spam']) AND ($settings['akismet_mark_as_spam'] == 1))
						{
						$tracker = 0;
						for ($i = 0; $i < $total; $i++)
							{
							if($_SERVER['REMOTE_ADDR'] == $spam[$i]['ip'] OR $_POST['email'] == $spam[$i]['email'])
								{
								$counter = $spam[$i]['counter'];
								if($counter <= 3)
									{
									$counter = $counter + 1;
									if(mgb_sql_connect("UPDATE `".$db['prefix']."spam` SET `counter` = '".$counter."', `timestamp` = '".time()."' WHERE ID='".$spam[$i]['id']."' LIMIT 1", "Error while saving data into ".$db['prefix']."spam", 0))
										{
										if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
											{
											$type = 6; // 6 = Update durch Akismet
											mgb_spam_mail($charset, $settings['admin_gbemail'], $settings['spam_mail'], $_SERVER['REMOTE_ADDR'], $_POST['name'], $_POST['email'], $_POST['hp'], $_SERVER['HTTP_USER_AGENT'], $counter, $spam[$i]['id'], $_POST['message'], $site_name, $type);
											if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // user updated by akismet
												{
												mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
													ID ,
													ip ,
													email ,
													user_agent ,
													message ,
													type ,
													site ,
													timestamp
													) values (
													NULL ,
													'".$_SERVER['REMOTE_ADDR']."' ,
													'".cleanstr($_POST['email'])."' ,
													'".$_SERVER['HTTP_USER_AGENT']."' ,
													'".cleanstr($_POST['message'])."' ,
													'6' ,
													'".$site_name."' ,
													'".time()."')", "ERROR while saving data into spam_log.", 0);
												}
											}
										}
									}
								$tracker++;
								}
							}
						if($tracker == 0)
							{
							if(mgb_sql_connect("INSERT INTO ".$db['prefix']."spam (
								name,
								ip,
								email,
								city,
								icq,
								aim,
								msn,
								hp,
								message,
								user_notification,
								user_show_email,
								captcha,
								sent_captcha,
								counter,
								timestamp
								) values (
								'".cleanstr($_POST['name'])."',
								'".cleanstr($_SERVER['REMOTE_ADDR'])."',
								'".cleanstr($_POST['email'])."',
								'".cleanstr($_POST['city'])."',
								'".cleanstr($_POST['icq'])."',
								'".cleanstr($_POST['aim'])."',
								'".cleanstr($_POST['msn'])."',
								'".cleanstr($_POST['hp'])."',
								'".cleanstr($_POST['message'])."',
								'".cleanstr($_POST['user_notification'])."',
								'".cleanstr($_POST['user_show_email'])."',
								'".$captcha_code."',
								'".cleanstr($_POST['captcha'])."',
								'1',
								'".time()."'
								)", "Error while saving data into ".$db['prefix']."spam", 0))
									{
									if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
										{
										$type = 7; // 7 = Neueintrag durch Akismet
										mgb_spam_mail($charset, $settings['admin_gbemail'], $settings['spam_mail'], $_SERVER['REMOTE_ADDR'], $_POST['name'], $_POST['email'], $_POST['hp'], $_SERVER['HTTP_USER_AGENT'], "", "", $_POST['message'], $site_name, $type);
										if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // new entry by akismet
											{
											mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
												ID ,
												ip ,
												email ,
												user_agent ,
												message ,
												type ,
												site ,
												timestamp
												) values (
												NULL ,
												'".$_SERVER['REMOTE_ADDR']."' ,
												'".cleanstr($_POST['email'])."' ,
												'".$_SERVER['HTTP_USER_AGENT']."' ,
												'".cleanstr($_POST['message'])."' ,
												'7' ,
												'".$site_name."' ,
												'".time()."')", "ERROR while saving data into spam_log.", 0);
											}
										}
									}
							die();
							}
						}
					else
						{
						$mark_as_spam = 0;
						$noemail = 0;
						}
					}
				}
			}

		// THE CAKE IS A LIE!

		// form was sent and is ok!
		// check ifcaptcha is correct
		if($settings['captcha'] == 1 AND $errorcode == 0)
			{
			if($settings['captcha_method'] == 0)
				{
				if($_POST['captcha'] != "") // captcha is not empty
					{
					$result = mgb_sql_connect("SELECT `code` FROM ".$db['prefix']."captcha LIMIT 1", "Error while checking ifcaptcha is correct.", 1);
					$saved_code = @mysql_fetch_array($result);
					$captcha_code = $saved_code['code'];
					if($captcha_code != $_POST['captcha']) // captcha is wrong
						{
						$errorcode = 7; // captcha is not empty, it's invalid
						$_SESSION['spam_count'] = $_SESSION['spam_count'] + 1;
						if($_SESSION['spam_count'] >= $settings['wrong_captcha_count'])
							{
							$tracker = 0;
							for ($i = 0; $i < $total; $i++)
								{
								if($_SERVER['REMOTE_ADDR'] == $spam[$i]['ip'] OR $_POST['email'] == $spam[$i]['email'])
									{
									$counter = $spam[$i]['counter'];
									if($counter <= 3)
										{
										$counter = $counter + 1;
										if(mgb_sql_connect("UPDATE `".$db['prefix']."spam` SET `counter` = '".$counter."', `timestamp` = '".time()."' WHERE ID='".$spam[$i]['id']."' LIMIT 1", "Error while saving data into ".$db['prefix']."spam", 0))
											{
											if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
												{
												$type = 8; // 8 = Update durch falsch eingegebenes Captcha
												mgb_spam_mail($charset, $settings['admin_gbemail'], $settings['spam_mail'], $_SERVER['REMOTE_ADDR'], $_POST['name'], $_POST['email'], $_POST['hp'], $_SERVER['HTTP_USER_AGENT'], $counter, $spam[$i]['id'], $_POST['message'], $site_name, $type);
												if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // update by wrong captcha
													{
													mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
														ID ,
														ip ,
														email ,
														user_agent ,
														message ,
														type ,
														site ,
														timestamp
														) values (
														NULL ,
														'".$_SERVER['REMOTE_ADDR']."' ,
														'".cleanstr($_POST['email'])."' ,
														'".$_SERVER['HTTP_USER_AGENT']."' ,
														'".cleanstr($_POST['message'])."' ,
														'8' ,
														'".$site_name."' ,
														'".time()."')", "ERROR while saving data into spam_log.", 0);
													}
												}
											}
										}
									$tracker++;
									}
								}
							if($tracker == 0)
								{
								if(mgb_sql_connect("INSERT INTO ".$db['prefix']."spam (
									name,
									ip,
									email,
									city,
									icq,
									aim,
									msn,
									hp,
									message,
									user_notification,
									user_show_email,
									captcha,
									sent_captcha,
									counter,
									timestamp
									) values (
									'".cleanstr($_POST['name'])."',
									'".cleanstr($_SERVER['REMOTE_ADDR'])."',
									'".cleanstr($_POST['email'])."',
									'".cleanstr($_POST['city'])."',
									'".cleanstr($_POST['icq'])."',
									'".cleanstr($_POST['aim'])."',
									'".cleanstr($_POST['msn'])."',
									'".cleanstr($_POST['hp'])."',
									'".cleanstr($_POST['message'])."',
									'".cleanstr($_POST['user_notification'])."',
									'".cleanstr($_POST['user_show_email'])."',
									'".$captcha_code."',
									'".cleanstr($_POST['captcha'])."',
									'1',
									'".time()."'
									)", "Error while saving data into ".$db['prefix']."spam", 0))
									{
									if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
										{
										$type = 9; // 9 = Neueintrag durch falsch eingegebenes Captcha
										mgb_spam_mail($charset, $settings['admin_gbemail'], $settings['spam_mail'], $_SERVER['REMOTE_ADDR'], $_POST['name'], $_POST['email'], $_POST['hp'], $_SERVER['HTTP_USER_AGENT'], "", "", $_POST['message'], $site_name, $type);
										if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // new entry by wrong captcha
											{
											mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
												ID ,
												ip ,
												email ,
												user_agent ,
												message ,
												type ,
												site ,
												timestamp
												) values (
												NULL ,
												'".$_SERVER['REMOTE_ADDR']."' ,
												'".cleanstr($_POST['email'])."' ,
												'".$_SERVER['HTTP_USER_AGENT']."' ,
												'".cleanstr($_POST['message'])."' ,
												'9' ,
												'".$site_name."' ,
												'".time()."')", "ERROR while saving data into spam_log.", 0);
											}
										}
									}
								}
							}
						}
					else // captcha is valid
						{
						for ($i = 0; $i < $total; $i++)
							{
							if($_SERVER['REMOTE_ADDR'] == $spam[$i]['ip'] OR $_POST['email'] == $spam[$i]['email'])
								{
								$counter = $spam[$i]['counter'];
								if($counter <= 3)
									{
									$counter = $counter + 1;
									if(mgb_sql_connect("UPDATE `".$db['prefix']."spam` SET `counter` = '".$counter."', `timestamp` = '".time()."' WHERE ID='".$spam[$i]['id']."' LIMIT 1", "Error while saving data into ".$db['prefix']."spam", 0))
										{
										if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
											{
											$type = 10; // 10 = Update durch richtig eingegebenes Captcha (Eintrag war bereits vorhanden)
											mgb_spam_mail($charset, $settings['admin_gbemail'], $settings['spam_mail'], $_SERVER['REMOTE_ADDR'], $_POST['name'], $_POST['email'], $_POST['hp'], $_SERVER['HTTP_USER_AGENT'], $counter, $spam[$i]['id'], $_POST['message'], $site_name, $type);
											if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // captcha right, but was on spam-list
												{
												mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
													ID ,
													ip ,
													email ,
													user_agent ,
													message ,
													type ,
													site ,
													timestamp
													) values (
													NULL ,
													'".$_SERVER['REMOTE_ADDR']."' ,
													'".cleanstr($_POST['email'])."' ,
													'".$_SERVER['HTTP_USER_AGENT']."' ,
													'".cleanstr($_POST['message'])."' ,
													'10' ,
													'".$site_name."' ,
													'".time()."')", "ERROR while saving data into spam_log.", 0);
												}
											}
										}
									}
								}
							}
						}
					}
				else
					{
					$errorcode = 7; // empty captcha
					}
				}
			elseif($settings['captcha_method'] == 1)
				{
				if($_POST['captcha'] != "") // captcha is not empty
					{
					$result = mgb_sql_connect("SELECT `sum` FROM ".$db['prefix']."captcha_math LIMIT 1", "Error while checking ifcaptcha is correct.", 1);
					$saved_code = @mysql_fetch_array($result);
					$captcha_code = $saved_code['sum'];
					if($captcha_code != $_POST['captcha']) // captcha is invalid
						{
						$errorcode = 7;  // captcha is not empty, but invalid
						$_SESSION['spam_count'] = $_SESSION['spam_count'] + 1;
						if($_SESSION['spam_count'] >= $settings['wrong_captcha_count'])
							{
							$tracker = 0;
							for ($i = 0; $i < $total; $i++)
								{
								if($_SERVER['REMOTE_ADDR'] == $spam[$i]['ip'] OR $_POST['email'] == $spam[$i]['email'])
									{
									$counter = $spam[$i]['counter'];
									if($counter <= 3)
										{
										$counter = $counter + 1;
										if(mgb_sql_connect("UPDATE `".$db['prefix']."spam` SET `counter` = '".$counter."', `timestamp` = '".time()."' WHERE ID='".$spam[$i]['id']."' LIMIT 1", "Error while saving data into ".$db['prefix']."spam", 0))
											{
											if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
												{
												$type = 8; // 8 = Update durch falsch eingegebenes Captcha
												mgb_spam_mail($charset, $settings['admin_gbemail'], $settings['spam_mail'], $_SERVER['REMOTE_ADDR'], $_POST['name'], $_POST['email'], $_POST['hp'], $_SERVER['HTTP_USER_AGENT'], $counter, $spam[$i]['id'], $_POST['message'], $site_name, $type);
												if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // update by wrong captcha
													{
													mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
														ID ,
														ip ,
														email ,
														user_agent ,
														message ,
														type ,
														site ,
														timestamp
														) values (
														NULL ,
														'".$_SERVER['REMOTE_ADDR']."' ,
														'".cleanstr($_POST['email'])."' ,
														'".$_SERVER['HTTP_USER_AGENT']."' ,
														'".cleanstr($_POST['message'])."' ,
														'8' ,
														'".$site_name."' ,
														'".time()."')", "ERROR while saving data into spam_log.", 0);
													}
												}
											}
										}
									$tracker++;
									}
								}
							if($tracker == 0)
								{
								if(mgb_sql_connect("INSERT INTO ".$db['prefix']."spam (
									name,
									ip,
									email,
									city,
									icq,
									aim,
									msn,
									hp,
									message,
									user_notification,
									user_show_email,
									captcha,
									sent_captcha,
									counter,
									timestamp
									) values (
									'".cleanstr($_POST['name'])."',
									'".cleanstr($_SERVER['REMOTE_ADDR'])."',
									'".cleanstr($_POST['email'])."',
									'".cleanstr($_POST['city'])."',
									'".cleanstr($_POST['icq'])."',
									'".cleanstr($_POST['aim'])."',
									'".cleanstr($_POST['msn'])."',
									'".cleanstr($_POST['hp'])."',
									'".cleanstr($_POST['message'])."',
									'".cleanstr($_POST['user_notification'])."',
									'".cleanstr($_POST['user_show_email'])."',
									'".$captcha_code."',
									'".cleanstr($_POST['captcha'])."',
									'1',
									'".time()."'
									)", "Error while saving data into ".$db['prefix']."spam", 0))
									{
									if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
										{
										$type = 9; // 9 = Neueintrag durch falsch eingegebenes Captcha
										mgb_spam_mail($charset, $settings['admin_gbemail'], $settings['spam_mail'], $_SERVER['REMOTE_ADDR'], $_POST['name'], $_POST['email'], $_POST['hp'], $_SERVER['HTTP_USER_AGENT'], "", "", $_POST['message'], $site_name, $type);
										if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // new entry through wrong captcha
											{
											mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
												ID ,
												ip ,
												email ,
												user_agent ,
												message ,
												type ,
												site ,
												timestamp
												) values (
												NULL ,
												'".$_SERVER['REMOTE_ADDR']."' ,
												'".cleanstr($_POST['email'])."' ,
												'".$_SERVER['HTTP_USER_AGENT']."' ,
												'".cleanstr($_POST['message'])."' ,
												'9' ,
												'".$site_name."' ,
												'".time()."')", "ERROR while saving data into spam_log.", 0);
											}
										}
									}
								}
							}
						}
					else // captcha is valid
						{
						for ($i = 0; $i < $total; $i++)
							{
							if($_SERVER['REMOTE_ADDR'] == $spam[$i]['ip'] OR $_POST['email'] == $spam[$i]['email'])
								{
								$counter = $spam[$i]['counter'];
								if($counter <= 3)
									{
									$counter = $counter + 1;
									if(mgb_sql_connect("UPDATE `".$db['prefix']."spam` SET `counter` = '".$counter."', `timestamp` = '".time()."' WHERE ID='".$spam[$i]['id']."' LIMIT 1", "Error while saving data into ".$db['prefix']."spam", 0))
										{
										if(isset($settings['spam_mail']) AND $settings['spam_mail'] != "")
											{
											$type = 10; // 10 = Update durch richtig eingegebenes Captcha (Eintrag war bereits vorhanden)
											mgb_spam_mail($charset, $settings['admin_gbemail'], $settings['spam_mail'], $_SERVER['REMOTE_ADDR'], $_POST['name'], $_POST['email'], $_POST['hp'], $_SERVER['HTTP_USER_AGENT'], $counter, $spam[$i]['id'], $_POST['message'], $site_name, $type);
											if(isset($settings['banlist_log']) AND $settings['banlist_log'] != "") // captcha right, but was in spam-list
												{
												mgb_sql_connect("INSERT INTO ".$db['prefix']."spam_log (
													ID ,
													ip ,
													email ,
													user_agent ,
													message ,
													type ,
													site ,
													timestamp
													) values (
													NULL ,
													'".$_SERVER['REMOTE_ADDR']."' ,
													'".cleanstr($_POST['email'])."' ,
													'".$_SERVER['HTTP_USER_AGENT']."' ,
													'".cleanstr($_POST['message'])."' ,
													'10' ,
													'".$site_name."' ,
													'".time()."')", "ERROR while saving data into spam_log.", 0);
												}
											}
										}
									}
								}
							}
						}
					}
				else
					{
					$errorcode = 7; // empty captcha
					}
				}
			}

		if($_POST['icq'])
			{
			if(!check_number($_POST['icq'])) { $errorcode = 5; }
			}

		if(!preg_match("/http:\/\//i", $_POST['hp']))
			{
			$_POST['hp'] = "http://".$_POST['hp'];
			}

		// set the next variable to "0" if you want the email field not to be necessary
		$email_is_necessary = 1;

		// check necessary fields
		if(!$_POST['message']) { $errorcode = 1; }
		if(!$_POST['email'])
			{
			if($email_is_necessary == 1)
				{
				$errorcode = 2;
				}
			}
		elseif($_POST['email'])
			{
			if(!check_mail($_POST['email'])) { $errorcode = 4; }
			}
		if(!$_POST['name']) { $errorcode = 3; }
		if((isset($settings['akismet_plugin'])) AND ($settings['akismet_plugin'] == 1) AND $_POST['user_accept_akismet_service'] != 1) { $errorcode = 11; }

		if(!isset($errorcode))
			{
			$_POST['name'] = cleanstr($_POST['name']);
			$_POST['city'] = cleanstr($_POST['city']);
			$_POST['message'] = cleanstr($_POST['message']);
			$_POST['email'] = cleanstr($_POST['email']);
			$_POST['icq'] = cleanstr($_POST['icq']);
			$_POST['aim'] = cleanstr($_POST['aim']);
			$_POST['msn'] = cleanstr($_POST['msn']);
			$_POST['hp'] = cleanstr($_POST['hp']);
			$_POST['user_notification'] = cleanstr($_POST['user_notification']);
			$_POST['user_show_email'] = cleanstr($_POST['user_show_email']);
			$_POST['user_accept_akismet_service'] = cleanstr($_POST['user_accept_akismet_service']);

			// delete bbcode except from message
			$_POST['name'] = bbcode_delete($_POST['name']);
			$_POST['city'] = bbcode_delete($_POST['city']);
			$_POST['aim'] = bbcode_delete($_POST['aim']);
			$_POST['msn'] = bbcode_delete($_POST['msn']);
			$_POST['hp'] = bbcode_delete($_POST['hp']);

			$_POST['message'] = nl2br($_POST['message']);
			$t1 = chr(10);
			$t2 = chr(13);
			$_POST['message'] = str_replace($t1,'', $_POST['message']);
			$_POST['message'] = str_replace($t2,'', $_POST['message']);
			if($_POST['hp'] == "http://"){ $_POST['hp'] = ""; }

			// check if"moderated gb" and "user email notification" is on
			if(($settings['moderated'] == 1) OR ($mark_as_spam == 1)) { $checked = 0; } else { $checked = 1; }
			if($settings['user_notification'] == 0 OR empty($_POST['email'])) { $_POST['user_notification'] = 0; }
			if($settings['user_show_email'] == 0 OR empty($_POST['email'])) { $_POST['user_show_email'] = 0; }

			// Write data into database
			$sql = "INSERT INTO ".$db['prefix']."entries (
								name,
								city,
								email,
								icq,
								aim,
								msn,
								hp,
								message,
								ip,
								timestamp,
								user_notification,
								user_show_email,
								checked,
								isspam
							   ) values (
								'".$_POST['name']."',
								'".$_POST['city']."',
								'".$_POST['email']."',
								'".$_POST['icq']."',
								'".$_POST['aim']."',
								'".$_POST['msn']."',
								'".$_POST['hp']."',
								'".$_POST['message']."',
								'".$_SERVER['REMOTE_ADDR']."',
								'".time()."',
								'".$_POST['user_notification']."',
								'".$_POST['user_show_email']."',
								'".$checked."',
								'".$mark_as_spam."'
							   )";

			// saving entry
			mgb_sql_connect($sql, "Error while saving a new guestbook entry.", 0);

			// turn xhtml breaks into new lines
			$_POST['message'] = xhtmlbr2nl($_POST['message']);

			// send an email to admin
			if(($settings['sendmail_admin'] == 1) AND ($noemail == 0))
				{
				$date = date("d"."/"."m"."/"."Y");
				$time = date("H".":"."i");

				$url_to_gb = "http://".$settings['h_domain'].$settings['gb_path']."admin/admin.php";

				$lang['sendmail_admin_title'] = format_mail(repl_uml($lang['sendmail_admin_title'], $charset), $_POST['name'], $date, $time, xhtmlbr2nl($_POST['message']), $settings['h_domain'], $url_to_gb, "", "", "", "", "", "");
				$settings['sendmail_admin_text'] = format_mail(repl_uml($settings['sendmail_admin_text'], $charset), $_POST['name'], $date, $time, xhtmlbr2nl($_POST['message']), $settings['h_domain'], $url_to_gb, "", "", "", "", "", "");

				$mail_header = "Content-Type: text/plain; charset=".$charset."\r\n";
				$mail_header.= "From: ".$_POST['email']."\r\n";
				$mail_header.= "Reply-To: ".$settings['admin_gbemail']."\r\n";
				$mail_header.= "X-Mailer: PHP/".phpversion();

				if(@mail($settings['admin_email'], $lang['sendmail_admin_title'], $settings['sendmail_admin_text'], $mail_header) )
					{
					$sendemail_successfull = 1;
					}
				else
					{
					$sendemail_successfull = 0;
					}
				}
			
			// send an email to user
			if($settings['sendmail_user'] == 1 AND isset($_POST['email']) AND ($noemail == 0))
				{
				$date = date("d"."/"."m"."/"."Y");
				$time = date("H".":"."i");

				$url_to_gb = "http://".$settings['h_domain'].$settings['gb_path']."index.php";

				$lang['sendmail_user_title'] = format_mail(repl_uml($lang['sendmail_user_title'], $charset), $_POST['name'], $date, $time, xhtmlbr2nl($_POST['message']), $settings['h_domain'], $url_to_gb, "", "", "", "", "", "");
				$settings['sendmail_user_text'] = format_mail(repl_uml($settings['sendmail_user_text'], $charset), $_POST['name'], $date, $time, xhtmlbr2nl($_POST['message']), $settings['h_domain'], $url_to_gb, "", "", "", "", "", "");

				$mail_header = "Content-Type: text/plain; charset=".$charset."\r\n";
				$mail_header.= "From: ".$_POST['email']."\r\n";
				$mail_header.= "Reply-To: ".$settings['admin_gbemail']."\r\n";
				$mail_header.= "X-Mailer: PHP/".phpversion();

				if(@mail($_POST['email'], $lang['sendmail_user_title'], $settings['sendmail_user_text'], $mail_header) )
					{
					$sendemail_successfull = 1;
					}
				else
					{
					$sendemail_successfull = 0;
					}
				}

			$entry_successfull = 1;

			if(isset($settings['time_lock']) AND $settings['time_lock'] == 1)
				{
				session_unset();
				session_destroy();
				$_SESSION = array();
				}

			// refresh site
			$refresh = "<meta http-equiv='refresh' content='5; URL=index.php'>";
			}
		else
			{
			if($errorcode == 1) { $errormessage = $lang['errormessage1']; } // empty message
			if($errorcode == 2) { $errormessage = $lang['errormessage2']; } // empty email
			if($errorcode == 3) { $errormessage = $lang['errormessage3']; } // empty name
			if($errorcode == 4) { $errormessage = $_POST['email']."&nbsp;".$lang['errormessage4']; } // email not valid
			if($errorcode == 5) { $errormessage = $_POST['icq']."&nbsp;".$lang['errormessage5']; } // icq# not valid
			if($errorcode == 7) { $errormessage = $lang['errormessage7']; } // captcha not valid
			if($errorcode == 10) { $errormessage = $lang['errormessage10']; } // flood protection
			if($errorcode == 11) { $errormessage = $lang['errormessage11']; } // akismet
			if($errorcode == 12) { $errormessage = $lang['errormessage12']; } // domain blocked
			if($errorcode == 13) { $errormessage = $lang['errormessage13']; } // email blocked
			if($errorcode == 14) { $errormessage = $lang['errormessage14']; } // ip blocked

			// do not refresh site
			$refresh = "";

			// generate captchacode ifactivated
			if(($settings['captcha'] == 1) AND ($captcha_generated != 1))
				{
				generate_captcha($settings['captcha_method'], $settings['captcha_length'], $settings['captcha_double_hash']);
				$captcha_img = "<img src=''includes/captcha.inc.php'' class=''captcha'' title=''".$lang['security_code']."'' alt=''".$lang['security_code']."''>";
				$captcha_img = template("CAPTCHA_IMG", $captcha, $content_captcha);
				$captcha_generated = 1;
				}
			elseif($settings['captcha'] == 0)
				{
				$captcha_img = "";
				}
			}
		// don't show preview here
		$content_newentry_preview = "";
		}
	else
		{
		// maybe preview button has been pushed instead?
		if(isset($_POST['preview']) AND $_POST['preview'] == $lang['preview'] AND $_POST['message'] != "")
			{
			$preview_message = nl2br($_POST['message']);
			$t1 = chr(10);
			$t2 = chr(13);
			$preview_message = str_ireplace($t1, '', $preview_message);
			$preview_message = str_ireplace($t2, '', $preview_message);

			if(!$settings['wordwrap'] == 0)
				{
				$preview_message = textWrap($preview_message, $settings['wordwrap']);
				}

			// set smilies
			if($settings['smileys'] == 1)
				{
				$preview_message = set_smilies($preview_message);
				}
			else
				{
				$preview_message = delete_smilies($preview_message);
				}

			// set bbcode
			if($settings['bbcode'] == 1)
				{
				$preview_message = bbcode_format($preview_message, "");
				}
			else
				{
				$preview_message = bbcode_delete($preview_message);
				}

			$content_newentry_preview = template("TEMPLATE_ENTRY_MESSAGE", $preview_message, $content_newentry_preview);
			}
		else
			{
			$content_newentry_preview = "";
			}

		// do not refresh site
		$refresh = "";

		// generate captchacode ifactivated
		if(($settings['captcha'] == 1) AND ($captcha_generated != 1))
			{
			generate_captcha($settings['captcha_method'], $settings['captcha_length'], $settings['captcha_double_hash']);
			$captcha_img = "<img src=''includes/captcha.inc.php'' class=''captcha'' title=''".$lang['security_code']."'' alt=''".$lang['security_code']."''>";
			$captcha_img = template("CAPTCHA_IMG", $captcha, $content_captcha);
			$captcha_generated = 1;
			}
		elseif($settings['captcha'] == 0)
			{
			$captcha_img = "";
			}
		}

	// Generate Page

	// fill header template with content
	$page_header = $content_header;

	// check if"install" directory has been deleted
	if(file_exists("install"))
		{
		$page_header = template("INSTALL_DIRECTORY_EXISTS", "<div style='background-color: white; padding: 3px; border: 2px solid black; width: 500px;'><span style='color: red; font-size: 12px; font-weight: bold;'>".$lang['install_directory_exists']."</span></div>", $page_header);
		}
	else
		{
		$page_header = template("INSTALL_DIRECTORY_EXISTS", "", $page_header);
		}

	$page_header = template("LANGUAGE_SHORT", $language_short, $page_header);
	$page_header = template("DOMAIN", $settings['h_domain'], $page_header);
	$page_header = template("AUTHOR", $settings['h_author'], $page_header);
	$page_header = template("KEYWORDS", $settings['h_keywords'], $page_header);
	$page_header = template("DESCRIPTION", $settings['h_description'], $page_header);
	$page_header = template("CHARSET", $charset, $page_header);
	$page_header = template("REFRESH", $refresh, $page_header);

	if(!isset($errorcode))
		{
		$content_errormessage = NULL;
		}

	// Add smilies ifactivated
	if($settings['smileys'] == 1)
		{
		$result = mgb_sql_connect("SELECT * FROM ".$db['prefix']."smilies ORDER BY ID ".$settings['smileys_order'], "Error while loading smilies.", 1);

		for($i = 0; $i < mysql_num_rows($result); $i++)
			{
			$smilies[$i] = mysql_fetch_array($result);
			}

		if(!isset($smilies)) { $smilies = NULL; }

		$smiley_counter = 0;

		for($i = 0; $i < count($smilies); $i++)
			{
			$smiley_counter++;
			$smiley_counter_2++;
			if(($smiley_counter == $settings['smileys_break']) AND ($smiley_counter_2 != count($smilies)))
				{
				if(preg_match("/,/is", $smilies[$i]['replacement'], $treffer))
					{
					$repl = explode(", ", $smilies[$i]['replacement']);
					$smilies[$i]['replacement'] = $repl[0];
					}
				$smilies_loop = "<a href='javascript&#058;AddSmiley(\"".$smilies[$i]['replacement']."\")'><img src='images/smilies/".$smilies[$i]['path']."' width='".$smilies[$i]['width']."' height='".$smilies[$i]['height']."' alt='".$smilies[$i]['replacement']."' title='".$smilies[$i]['replacement']."'></a><br>&nbsp;";
				$smiley_counter = 0;
				}
			else
				{
				if(preg_match("/,/is", $smilies[$i]['replacement'], $treffer))
					{
					$repl = explode(", ", $smilies[$i]['replacement']);
					$smilies[$i]['replacement'] = $repl[0];
					}
				$smilies_loop = "<a href='javascript&#058;AddSmiley(\"".$smilies[$i]['replacement']."\")'><img src='images/smilies/".$smilies[$i]['path']."' width='".$smilies[$i]['width']."' height='".$smilies[$i]['height']."' alt='".$smilies[$i]['replacement']."' title='".$smilies[$i]['replacement']."'></a>&nbsp;";
				}
			$smilies_replace .= $smilies_loop;
			}

		$content_newentry_smileys = template("SMILIES", $smilies_replace, $content_newentry_smileys);
		}
	else
		{
		$content_newentry_smileys = NULL;
		}

	if($settings['bbcode'] == 1)
		{
		if(isset($settings['allow_img_tag']) AND $settings['allow_img_tag'] == 1)
			{
			$content_newentry_bbcodes = template("TEMPLATE_BBCODE_IMG", $content_newentry_bbcodes_img, $content_newentry_bbcodes);
			}
		else
			{
			$content_newentry_bbcodes = template("TEMPLATE_BBCODE_IMG", "", $content_newentry_bbcodes);
			}
		if(isset($settings['allow_flash_tag']) AND $settings['allow_flash_tag'] == 1)
			{
			$content_newentry_bbcodes = template("TEMPLATE_BBCODE_FLASH", $content_newentry_bbcodes_flash, $content_newentry_bbcodes);
			}
		else
			{
			$content_newentry_bbcodes = template("TEMPLATE_BBCODE_FLASH", "", $content_newentry_bbcodes);
			}
		$bbcodes = $content_newentry_bbcodes;
		}
	else
		{
		$bbcodes = NULL;
		}

	// insert template ifuser_notification == 1
	if($settings['user_notification'] == 1)
		{
		$user_notification = $content_newentry_user_notification;
		}
	else
		{
		$user_notification = NULL;
		}

	// insert template ifuser_show_email == 1
	if($settings['user_show_email'] == 1)
		{
		$user_show_email = $content_newentry_user_show_email;
		}
	else
		{
		$user_show_email = NULL;
		}

	// insert template ifakismet is acitvated
	if(file_exists("plugins/akismet/akismet.class.php") AND (isset($settings['akismet_plugin'])) AND ($settings['akismet_plugin'] == 1))
		{
		$user_accept_akismet_service = $content_newentry_user_accept_akismet_service;
		}
	else
		{
		$user_accept_akismet_service = NULL;
		}

	// fill template with captcha
	if(($settings['captcha'] == 1) AND ($captcha_generated != 1))
		{
		generate_captcha($settings['captcha_method'], $settings['captcha_length'], $settings['captcha_double_hash']);
		$captcha_img = "<img src='includes/captcha.inc.php' class='captcha' title='".$lang['security_code']."' alt='".$lang['security_code']."'>";
		$captcha_img = template("CAPTCHA_IMG", $captcha, $content_captcha);
		$captcha_generated = 1;
		}
	elseif($settings['captcha'] == 0)
		{
		$captcha_img = "";
		}

	 // entry was not successfull or it is the first time the site was loaded
	if(!isset($entry_successfull))
		{
		// get data from template
		$page_newentry_body = $content_newentry_body;

		// fill template with other templates ifset
		$page_newentry_body = template("HEADER", $page_header, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_ERRORMESSAGE", $content_errormessage, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_PREVIEW", $content_newentry_preview, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_SMILEYS", $content_newentry_smileys, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_BBCODES", $bbcodes, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_USER_NOTIFICATION", $user_notification, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_USER_SHOW_EMAIL", $user_show_email, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_USER_ACCEPT_AKISMET_SERVICE", $user_accept_akismet_service, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_CAPTCHA", $captcha_img, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_COPYRIGHT", $content_copyright, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_FOOTER", $content_footer, $page_newentry_body);
		$page_newentry_body = template("MGB_VERSION", $settings['version'], $page_newentry_body);
		$page_newentry_body = template("COPYRIGHT_DATE", date("Y"), $page_newentry_body);
		$page_newentry_body = template("ICONSET_PATH", $settings['iconset_path'], $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_PATH", "templates/".$settings['template_path'], $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_STYLE_PATH", $settings['template_style_path'], $page_newentry_body);

		// fill template with language strings
		if(!isset($errormessage)) { $errormessage = NULL; }
		$page_newentry_body = template("ERRORMESSAGE", $errormessage, $page_newentry_body);
		$page_newentry_body = template("TIME_LOCK_REST", $rest, $page_newentry_body);
		$page_newentry_body = template("TITLE", $settings['title'], $page_newentry_body);

		$page_newentry_body = mgb_template_language($page_newentry_body, "language/".$settings['language_path']."/lang_main.php", $settings['debug_mode']); // last number defines debug mode

		// fill template with sent strings
		if(!isset($_POST['sent']))
			{
			$_POST['name'] = "";
			$_POST['city'] = "";
			$_POST['email'] = "";
			$_POST['icq'] = "";
			$_POST['aim'] = "";
			$_POST['msn'] = "";
			$_POST['hp'] = "http://";
			$_POST['message'] = "";
			}

		$page_newentry_body = template("POST_NAME", cleanstr($_POST['name']), $page_newentry_body);
		$page_newentry_body = template("POST_CITY", cleanstr($_POST['city']), $page_newentry_body);
		$page_newentry_body = template("POST_EMAIL", cleanstr($_POST['email']), $page_newentry_body);
		$page_newentry_body = template("POST_ICQ", cleanstr($_POST['icq']), $page_newentry_body);
		$page_newentry_body = template("POST_AIM", cleanstr($_POST['aim']), $page_newentry_body);
		$page_newentry_body = template("POST_MSN", cleanstr($_POST['msn']), $page_newentry_body);
		$page_newentry_body = template("POST_HP", cleanstr($_POST['hp']), $page_newentry_body);
		$page_newentry_body = template("POST_MESSAGE", cleanstr($_POST['message']), $page_newentry_body);

		// fill template with general data
		$page_newentry_body = template("FORM_ACTION", "newentry.php", $page_newentry_body);

		}
	else
		{
		// entry was successfull, load success template
		$page_newentry_body = $content_newentry_body_entry_success;

		// fill template with other templates and load them first
		$page_newentry_body = template("HEADER", $page_header, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_PATH", "templates/".$settings['template_path'], $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_STYLE_PATH", $settings['template_style_path'], $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_COPYRIGHT", $content_copyright, $page_newentry_body);
		$page_newentry_body = template("TEMPLATE_FOOTER", $content_footer, $page_newentry_body);

		// then strings
		$page_newentry_body = template("TITLE", $settings['title'], $page_newentry_body);
		if($settings['moderated'] == 1) { $page_newentry_body = template("LANG_ENTRY_SUCCESS", $lang['entry_success_mod'], $page_newentry_body); } else { $page_newentry_body = template("LANG_ENTRY_SUCCESS", $lang['entry_success'], $page_newentry_body); }
		$page_newentry_body = template("MGB_VERSION", $settings['version'], $page_newentry_body);
		$page_newentry_body = template("COPYRIGHT_DATE", date("Y"), $page_newentry_body);
		$page_newentry_body = template("ICONSET_PATH", $settings['iconset_path'], $page_newentry_body);

		$page_newentry_body = mgb_template_language($page_newentry_body, "language/".$settings['language_path']."/lang_main.php", $settings['debug_mode']); // last number defines debug mode
		}

	echo $page_newentry_body;
?>
Return current item: MGB OpenSource Guestbook