File size: 6.63Kb
<?php
/*-----------------------------------------------------------------------------------------
mcGalleryPRO
All code is © 2003 Marc Cagninacci.
No files may be redistributed in whole or significant part.
----------------- mcgalleryPRO IS NOT FREE SOFTWARE -------------------
You should have receive a file called license.txt in this package
--------------------------------------------------------------------------------------------*/
session_start();
include './header_pop.php';
if (!empty($valid))
{
$connect = mysql_connect($host,$login,$pass);
mysql_select_db($base, $connect);
$query = "SELECT login, level FROM mcgallery_members WHERE login='$private_login' AND password='$private_pass'";
$res = mysql_query($query);
$rep = mysql_fetch_row($res);
if ($rep[0] != '')
{
$_SESSION['private_login'] = $rep[0];
$_SESSION['level'] = $rep[1];
$_SESSION['private_pass'] = $private_pass;
}
else $again = 1;
}
if ((($l == 3 || $l == 2) && empty($_SESSION['private_login'])) || $again == 1)
{
echo '<br><form method="post" name="form" action="add.php">';
echo '<table border="0" cellspacing="1" cellpadding="2" width="200" align="center">';
echo '<tr><td class="td0" align="center"><font size="2">'.$l_Restricted.'</font></td></tr>';
echo '<tr><td class="td2" align="right"><font size="2">'.$l_Login.'</font> <input type="text" name ="private_login" size="10"> </td></tr>';
echo '<tr><td class="td2" align="right"><font size="2">'.$l_Pass.'</font> <input type="password" name ="private_pass" size="10"> </td></tr>';
echo '<tr><td class="td2" align="center"><font size="1"><a href="select.php?l=1" class="lien1">'.$l_Perdu.' ?</a></font></td></tr>';
echo '<tr><td class="td1" align="center"><input type="submit" value="OK" name="valid">';
echo '<input type="hidden" name="id" value="'.$id.'"><input type="hidden" name="l" value="'.$l.'"><input type="hidden" name="t" value="'.$t.'"></td></tr>';
echo '</table></form>';
echo '<p align="center"><font size="1">'.$l_sel_restrict.' <a href="mailto:'.$email_admin.'" class="lien1"><b>'.$l_contact.'</b></a>.</font></p>';
echo '</body></html>';
exit();
}
if ($l == 1)
{
include 'passpop.php';
echo '</body></html>';
exit();
}
if (!empty($_SESSION['private_login']))
{
$connect = mysql_connect($host,$login,$pass);
mysql_select_db($base, $connect);
$private_login = $_SESSION['private_login'];
$query = "SELECT login, email FROM mcgallery_members WHERE login='$private_login'";
$res = mysql_query($query);
$row = mysql_fetch_row($res);
$field1 = '<font size="1">: <b>'.$row[0].'</b></font><input type="hidden" name="nom_exp" value="'.$row[0].'">';
$field2 = '<font size="1">: <b>'.$row[1].'</b></font><input type="hidden" name="email_exp" value="'.$row[1].'">';
}
else
{
$field1 = '<input type="text" size="15" name="nom_exp">';
$field2 = '<input type="text" size="15" name="email_exp">';
}
if ($submit == 'OK')
{
$email_ok = eregi("^[_\.0-9a-z-]+@([0-9a-z-]+\.)+[a-z]{2,4}$", $email_exp);
if ( !$email_ok )
{
$bad_email = '<br>'.$l_EmailNo;
}
if ($nom_exp == '' || $email_exp == '' || $text == '' || $bad_email != '')
{
$l_add_comment = $l_ecard_verif . $bad_email;
}
else
{
// if ($comment_allowed == 1 || ($comment_allowed == 2 && !session_is_registered('private_login')))
if ($l == 2 || $l == 4 || ($l == 5 && empty($_SESSION['private_login'])))
{
$l_comment_sent = $l_comment_sent.$l_comment_valid;
$mod = 'N';
if ($mail_function == 1)
{
email("mcgallerypro", $email_admin,"mcgallerypro - $l_comnew1","$l_comnew2\n\n$l_Auteur: $nom_exp - $email_exp\n$l_Message: $text\n\n$site/admin");
}
else
{
mail($email_admin, "mcgallerypro - $l_comnew1", "$l_comnew2\n\n$l_Auteur: $nom_exp - $email_exp\n$l_Message: $text\n\n$site/admin", "From: $email_admin");
}
}
elseif ($l == 6 || ($l == 3 && !empty($_SESSION['private_login']))|| ($l == 5 && !empty($_SESSION['private_login']))) { $mod = 'Y'; }
$connect = mysql_connect($host,$login,$pass);
mysql_select_db($base, $connect);
$date = date("Y-m-d");
$nom_exp = addslashes($nom_exp);
$text = addslashes($text);
$query = "INSERT INTO mcgallery_comment VALUES ('', '$id', '$t', '$date', '$email_exp', '$nom_exp', '$text', '$rate', '$mod')";
mysql_query($query);
echo '<p align="center"><br><br><br><br><font size="1">'.$l_comment_sent.'</font></p>';
echo '<p align="center"><a href="#" onclick="javascript:window.close()" class="lien1"><b>OK</b></a></p>';
echo '</body></html>';
exit();
}
}
?>
<form method="post" action="add.php" name="formcom">
<table border="0" align="center" class="td1"><tr><td>
<table border="0" cellspacing="0" align="center">
<tr>
<td align="center" class="td0" colspan="2"><font size="1"><?php echo $l_add_comment; ?></font></td>
</tr>
<tr>
<td align="right" class="td2"><font size="1"><?php echo $l_your_name; ?> </font></td>
<td class="td2"><?php echo $field1; ?></td>
</tr>
<tr>
<td align="right" class="td2"><font size="1"><?php echo $l_your_email; ?> </font></td>
<td class="td2"><?php echo $field2; ?></td>
</tr>
<tr>
<td align="right" class="td2"><font size="1"><?php echo $l_your_comment; ?></font></td>
<td class="td2"> </td>
</tr>
<tr>
<td align="center" class="td2" colspan="2"><font size="1"><b>
<?php
include 'smilies.php';
$ns = 0;
while (list($key, $val) = each($smilies))
{
echo '<a href="#" onclick="smiley(\' '.$key.' \'); return false">'.$val.'</a> ';
$ns++;
if ($ns % 8 == 0) echo '<br>';
}
?>
</b></font></td>
</tr>
<tr>
<td align="center" class="td2" colspan="2"><textarea cols="30" rows="6" name="text"></textarea></td>
</tr>
<tr>
<td class="td2" align="right"><font size="1"><?php echo $l_rateit; ?> </font></td>
<td class="td2">
<select name="rate">
<option value=""></option>
<option value="10">10</option>
<option value="9">9</option>
<option value="8">8</option>
<option value="7">7</option>
<option value="6">6</option>
<option value="5">5</option>
<option value="4">4</option>
<option value="3">3</option>
<option value="2">2</option>
<option value="1">1</option>
<option value="0">0</option>
</select>
</td>
</tr>
<tr>
<td align="center" class="td1" colspan="2"><input type="submit" name="submit" value="OK">
<input type="hidden" name="t" value="<?php echo $t; ?>">
<input type="hidden" name="id" value="<?php echo $id; ?>">
<input type="hidden" name="l" value="<?php echo $l; ?>">
</td>
</tr>
</table>
</tr>
<tr>
<td align="center" class="td0"> </td></tr>
</table>
</form>
</body>
</html>