also hier:
function.php (die ersten ca50 zeilen)
<?
$offtime = "5";
if(!isset($_GET["tid"]) && !isset($_GET["lang"])) { $tid = 1; }
$wsql = mysql_query("select * from system where id=$tid limit 1");
$row = mysql_fetch_array($wsql);
$templatedir = "./templates/".$wrow["lang"]."/".$row["templatedir"];
include("languages/".$wrow["lang"].".php");
$newspersite = $wrow["news_per_site"];
$language = $wrow["lang"];
$smsdienst = $wrow["smsdienst"];
$current = "start";
$userid = $_SESSION["userid"];
$loggedin = $_SESSION["loggedin"];
$usernick = $_SESSION["username"];
$username = $_SESSION["username"];
$msdate = date("d.m.y h:i");
## Rating "funktion" ##
if(isset($_POST["rating"]) && $_POST["rating"] == 1 || $_POST["rating"] == 2 || $_POST["rating"] == 3 || $_POST["rating"] == 4 || $_POST["rating"] == 5 ) {
if(isset($_SESSION["loggedin"])){
$userid = $_SESSION["userid"];
if($_POST["ref"] == "vote"){
## FÜRS VOTE ##
if($_POST["id"] == "" || !isset($_POST["id"])) { $rid = "$userid"; } else { $rid = $_POST["id"]; }
$cams = "SELECT * FROM userwertungen WHERE userid = $rid AND rater = $userid";
$camsrow = mysql_query($cams) or die(mysql_error());
$catchcams = mysql_num_rows($camsrow);
if($catchcams == "0") {
$querycams = "INSERT INTO userwertungen (userid, rating, rater) VALUES ('$rid', '".$_POST["rating"]."', '$userid')";
$resultcams = mysql_query($querycams)or die(mysql_error());
}else{
mysql_query("UPDATE userwertungen SET rating='".$_POST["rating"]."' WHERE userid = $rid AND rater = $userid");
}
## WEITER LEITUNG ##
mysql_query("UPDATE users SET points=points+1 WHERE id = $userid");
header("LOCATION: index.php?site=vote&lastid=$rid");
}else{
--------------------------------------
index.php
<?php
ob_start("ob_gzhandler");
session_start();
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?".">";
include 'system/config.php';
include 'system/functions.php';
include("$templatedir/main_header.php");
if(isset($_SESSION["username"])) {
$usernick = $_SESSION["username"];
$username = $_SESSION["username"];
$userid = $_SESSION["userid"];
$loggedin = $_SESSION["loggedin"];
}
$site = $_GET["site"];
if (file_exists('content/'.$_GET["site"].'.php')) { include 'content/'.$site.'.php'; } elseif(!isset($site)) { include("content/start.php"); $current = "start"; } else { include 'content/fehler_404.php'; }
include("$templatedir/main_footer.php");
ob_end_flush();
exit();
?>
------------------------------
start.php
<?
if(isset($_GET['news_id']) && !isset($_POST['addcomment'])) {
$abfrage = "SELECT * FROM news WHERE id = ".$_GET['news_id']."";
$abfragen = mysql_query($abfrage) or die(mysql_error());
$i = mysql_num_rows($abfragen);
while($row = mysql_fetch_array($abfragen))
{
$uresult = @mysql_query("SELECT * FROM users WHERE id='".$row['id']."'");
$user = @mysql_fetch_array($uresult); $autor = $user['username'];
$cresult = mysql_query("SELECT * FROM news_comments WHERE news_id='".$_GET['news_id']."'");
#$cmts = mysql_fetch_array($cresult);
$comments = mysql_num_rows($cresult);
include("$templatedir/main/news.php");
while($crow = mysql_fetch_array($cresult))
{
include("$templatedir/main/news_comments.php");
}
include("$templatedir/main/news_comment_add.php");
}
}
elseif(isset($_POST['addcomment']) && isset($_GET['news_id'])) {
$date = date("d. M Y - H:i");
$query = "INSERT INTO news_comments (news_id, nachricht, autor, datum) VALUES ('$addcomment', '$nachricht', '$userid', '$date')";
$result = mysql_query($query)or die(mysql_error());
linkindex("?site=sys_msg&ms=newcomment&news_id=$addcomment");
exit;
}
else {
$abfrage = "SELECT * FROM news ORDER BY id DESC LIMIT 10";
$abfragen = mysql_query($abfrage) or die(mysql_error());
$fdate = date("YmdHi");
$ndate = $fdate-30;
$abfrage2 = "SELECT * FROM users ORDER BY id DESC LIMIT 5";
$abfragen2 = mysql_query($abfrage2) or die(mysql_error());
$abfrage3 = "SELECT * FROM users ORDER BY points DESC LIMIT 5";
$abfragen3 = mysql_query($abfrage3) or die(mysql_error());
include("$templatedir/main/start.php");
}
?>
als Antwort auf: [#277581]