News Extended 1.4c Backend Fehler

Gehe zu Seite:

Geschlossen

Do. 28.07.2016 00:47 Uhr #1

CiSeN Mitglied

Mal wieder ein freundliches Hallo meinerseits in die Runde,

mir ist ein kleiner Fehler im News Extended 1.4c aufgefallen. Hab auch schon die SuFu missbraucht, die mir aber nichts passendes ausgespuckt hatte.
Und zwar geht es darum wenn man versucht eine News zu erstellen, die im Titel ein Apostroph oder auch ' genannt versucht zu verwenden; dann kommt nach dem absenden folgende Fehlermeldung:

MySQL Error:
1064 : You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 's',1,FROM_UNIXTIME(1469658903),1023,0,'','','0',1469658840,0,NULL)' at line 2
in Query:
INSERT INTO `ic1_news` (news_title,user_id,news_time,news_recht,news_groups,news_kat,news_text,html,`show`,archiv,endtime) VALUES ('Assassin's',1,FROM_UNIXTIME(1469658903),1023,0,'','','0',1469658840,0,NULL)

Debug backtrace:
	@ mysql.php:46 -- debug_bt()
	@ mysql.php:64 -- db_check_error(...)
	@ news.php:191 -- db_query(...)
	@ admin.php:20 -- require_once(...)

Wenn man die news ohne ' schreibt und anschließend über "bearbeiten" den Titel anpasst funktioniert es einwandfrei; auch wenn man eine News einsendet kann man das Sonderzeichen verwenden. Nur halt nicht bei direkter Newserstellung.

Vielleicht weiß ja einer unter euch Rat, wie man das Problem gelöst bekommt. Meine php-Kenntnisse sind in der Hinsicht leider einfach zu bescheiden.

ich poste einfach mal die admin/news.php, um den Code direkt vor Augen zu haben:

<?php
// Copyright by: Manuel Staechele
// Support: www.ilch.de
// Modded by Mairu für News Extended
defined ('main') or die ('no direct access');
defined ('admin') or die ('only admin access');

if (!isset($_SESSION['allowFCKUpload'])) {
	$_SESSION['allowFCKUpload'] = true;
}

// -----------------------------------------------------------|
// #
// ##
// ###
// #### F u n k t i o n e n
function dz_timestamp($d, $t = '00:00') {
    $d = trim($d);
    $t = trim($t);
    if (preg_match('/^\d{1,2}.\d{1,2}.(\d{2}|\d{4})$/', $d) == false OR preg_match('/^\d{1,2}:\d\d$/', $t) == false) {
        return false;
    }
    $d = explode('.', $d);
    $t = explode(':', $t);
    if ($o = mktime($t[0], $t[1], 0, $d[1], $d[0], $d[2])) {
        return $o;
    } else {
        return false;
    }
}

function getKats ($akt , $addkat = '', $self = false) {
    $katAr = array();
    if ($self) {
        $katAr['#0#'] = 'selbst w&auml;hlen';
    }
    $katAr['Allgemein'] = 'Allgemein';

    $kats = '';
    $erg = db_query("SELECT DISTINCT news_kat FROM `prefix_news`");
    while ($row = db_fetch_object($erg)) {
        $katAr[$row->news_kat] = $row->news_kat;
    }
    if (!empty($addkat) AND $addkat != '#0#') {
        $katAr[$addkat] = $addkat;
    }
    $katAr = array_unique($katAr);

    foreach($katAr as $k => $a) {
        if (trim($k) == trim($akt)) {
            $sel = 'selected="selected"';
        } else {
            $sel = '';
        }
        $kats .= '<option value="' . $k . '" ' . $sel . '>' . $a . '</option>';
    }
    return ($kats);
}

function vorschau($form) {
    global $info;
    $resp = new xajaxResponse();
    $txt = bbcode($form['txt']);
    $resp->assign('vorschau_td', 'innerHTML' , $txt);
    $resp->script("document.getElementById('vorschau').style.display = 'block';");
    if (isset($info['ImgMaxBreite'])) {
        $resp->script("ResizeBBCodeImages()");
    }
    return $resp;
}

function vorschau_id($id) {
    global $info;
    $resp = new xajaxResponse();
    $txt = @db_result($q = db_query("SELECT news_text, html FROM prefix_news WHERE news_id = '$id'"), 0, 0);
    if (@db_result($q, 0, 1) == 0) {
        $txt = bbcode($txt);
    }
    $resp->assign('vorschau_td', 'innerHTML' , $txt);
    $resp->script("document.getElementById('vorschau').style.display = 'block';");
    if (isset($info['ImgMaxBreite'])) {
        $resp->script("ResizeBBCodeImages()");
    }
    return $resp;
}

function tn_koms() {
    $resp = new xajaxResponse();
    $now = @db_result(db_query('SELECT v2 FROM prefix_allg WHERE k = "news"'), 0);
    db_query('UPDATE prefix_allg SET v2 = IF(v2=1,0,1) WHERE k = "news"');
    $linktxt = $now == '0' ? 'ja' : 'nein';
    $resp->assign('tn_koms', 'innerHTML' , $linktxt);
    return $resp;
}

function saveopts($newsempf, $kat) {
    $resp = new xajaxResponse();
    if (!db_query("UPDATE prefix_allg SET v3 = '$newsempf', v4 = '$kat' WHERE k = 'News'")) {
        $resp->alert("Fehler aufgetreten:\n" . mysql_error());
    }
    return $resp;
}

function setArchiv($id, $old) {
    $resp = new xajaxResponse();
    $new = $old == 'A' ? 0 : 1;
    if (db_query("UPDATE prefix_news SET archiv = $new WHERE news_id = '$id'")) {
        $resp->assign('archiv_link_' . $id, 'innerHTML' , $old == 'A' ? 'N' : 'A');
    } else {
        $resp->alert("Fehler:\n" . mysql_error());
    }
    return $resp;
}
// xajax für vorschau
$xajax = new xajax();
$xajax->configureMany(array('decodeUTF8Input' => true ,'characterEncoding' => 'ISO-8859-1', 'requestURI' => 'admin.php?news-ajax'));

$xajax->register(XAJAX_FUNCTION, 'vorschau');
$xajax->register(XAJAX_FUNCTION, 'vorschau_id');
$xajax->register(XAJAX_FUNCTION, 'tn_koms');
$xajax->register(XAJAX_FUNCTION, 'saveopts');
$xajax->register(XAJAX_FUNCTION, 'setArchiv');
$xajax->processRequest();
// #### F u n k t i o n
// ###
// ##
// #

// #
// ##
// ###
// #### A k t i o n e n
$design = new design ('Admins Area', 'Admins Area', 2);
$design->header();

if (!empty($_REQUEST['um'])) {
    $um = $_REQUEST['um'];
    $newscreatetime = time();
    $newschangesqladd = '';
    $archiv = 0;
    // Sperre
    if ($_POST['gesperrt'] != 'on') {
        $show = dz_timestamp($_POST['datum'], $_POST['zeit']);
        if (!$show) {
            $show = 1;
        } elseif (isset($_POST['set_time'])) {
            $newscreatetime = $show;
            $newschangesqladd .= ',news_time = FROM_UNIXTIME(' . $show . '), editor_id  = NULL, edit_time  = NULL';
            debug('TEST: ' . $newscreatetimech);
        }
    } else {
        $show = 0;
    }
    // Enddatum
    if ($_POST['close'] == '0') {
        $endtime = 'NULL';
    } elseif ($_POST['close'] == '1') {
        $endtime = dz_timestamp($_POST['cdatum'], $_POST['czeit']);
    } else {
        $endtime = dz_timestamp($_POST['cdatum'], $_POST['czeit']);
        $archiv = 2;
    }

	//Grundrechte + Gruppen
	if ($um == 'insert' or $um == 'change') {
		$grecht = 0;
		for($i=0; $i<10; $i++) {
			if (isset($_POST['grecht_'.$i])) {
				$grecht = $grecht | pow(2, $i);
			}
		}

		$groups = 0;
		$sql = db_query("SELECT id FROM prefix_groups");
		while ($r = db_fetch_assoc($sql)){
			if (isset($_POST['groups_'.$r['id']])) {
				$groups = $groups | pow(2, $r['id']);
			}
		}
	}


    if ($um == 'insert') {
        // insert
        $text = escape($_POST['txt'], 'textarea');
        if ($_POST['katLis'] == 'neu') {
            $_POST['katLis'] = $_POST['kat'];
        }

        db_query("INSERT INTO `prefix_news` (news_title,user_id,news_time,news_recht,news_groups,news_kat,news_text,html,`show`,archiv,endtime)
		VALUES ('" . $_POST['titel'] . "'," . $_SESSION['authid'] . ",FROM_UNIXTIME(".$newscreatetime.")," . $grecht . "," . $groups . ",'" . $_POST['katLis'] . "','" . $text . "','" . $_POST['html'] . "',$show,$archiv,$endtime)");
        // insert
    } elseif ($um == 'change') {
        // edit
        $text = escape($_POST['txt'], 'textarea');

        if ($_POST['katLis'] == 'neu') {
            $_POST['katLis'] = $_POST['kat'];
        }
        db_query('UPDATE `prefix_news` SET
				news_title = "' . escape($_POST['titel'], 'string') . '",
				editor_id  = "' . $_SESSION['authid'] . '",
				edit_time  = NOW(),
				news_recht = "' . $grecht . '",
				news_groups = "' . $groups . '",
				news_kat   = "' . $_POST['katLis'] . '",
				html       = "' . $_POST['html'] . '",
				`show`     = ' . $show . ',
				archiv     = ' . $archiv . ',
				endtime     = ' . $endtime . ',
                news_text  = "' . $text . '"' . $newschangesqladd . ' WHERE news_id = "' . $_POST['newsID'] . '" LIMIT 1');
        $edit = $_POST['newsID'];
    }
}
// edit
// del
if ($menu->get(1) == 'del') {
    db_query('DELETE FROM `prefix_news` WHERE news_id = "' . $menu->get(2) . '" LIMIT 1');
}
// del
// Sperren/Freischalten
if ($menu->getA(1) == 's') {
    db_query('UPDATE `prefix_news` SET `show` = IF(`show`>0,0,1) WHERE news_id = "' . $menu->getE(1) . '" LIMIT 1');
}
// Sperren/Freischalten
// Topnews
if ($menu->getA(1) == 't') {
    db_query('UPDATE `prefix_allg` SET `v1` = "' . $menu->getE(1) . '" WHERE k = "news" LIMIT 1');
}
// Topnews
// #### A k t i o n e n
// ###
// ##
// #

// #
// ##
// ###
// #### h t m l   E i n g a b e n
if (empty ($doNoIn)) {
    $limit = 20; // Limit
    $page = ($menu->getA(1) == 'p' ? $menu->getE(1) : 1);
    $MPL = db_make_sites ($page , '' , $limit , "?news" , 'news');
    $anfang = ($page - 1) * $limit;
    if ($menu->get(1) != 'edit') {
        $FnewsID = '';
        $Faktion = 'insert';
        $Fueber = '';
        $Fstext = '';
        $Ftxt = '';
        $Fgrecht = 1023;
        $Fgroups = 0;
        $FkatLis = '';
        $Fsub = 'Eintragen';
        $Fhtml = '';
        $sel0 = 'checked="checked"';
        $sel1 = '';
        $sel_show = 'checked="checked"';
        $datum = date('d.m.Y');
        $zeit = date('H:i');
        $csel0 = 'checked="checked"';
        $csel1 = '';
        $csel2 = '';
        $cdatum = date('d.m.Y', time() + 604800);
        $czeit = date('H:i');
    } else {
        $row = db_fetch_object(db_query("SELECT * FROM `prefix_news` WHERE news_id = " . $menu->get(2)));
        $FnewsID = $row->news_id;
        $Faktion = 'change';
        $Fueber = str_replace('"', '&quot;', $row->news_title);
        $Ftxt = stripslashes($row->news_text);
        $Fgrecht = $row->news_recht;
        $Fgroups = $row->news_groups;
        $FkatLis = $row->news_kat;
        $Fsub = '&Auml;ndern';
        $Fhtml = $row->html == 1 ? 'switch_html();' : '';
        if ($row->show == 0) {
            $sel_gesperrt = 'checked="checked"';
            $datum = '';
            $zeit = '';
        } else {
            $sel_gesperrt = '';
            $row->show = $row->show < 10000 ? time() : $row->show;
            $datum = date('d.m.Y', $row->show);
            $zeit = date('H:i', $row->show);
        }
        $sel0 = $sel1 = '';
        if ($row->html) {
            $sel1 = 'checked="checked"';
        } else {
            $sel0 = 'checked="checked"';
        }
        $csel0 = $csel1 = $csel2 = '';
        if ($row->archiv == 1) {
            $csel2 = 'checked="checked"';
            $row->endtime = time() - 1000;
        } elseif (is_null($row->endtime)) {
            $csel0 = 'checked="checked"';
            $row->endtime = time() + 604800;
        } elseif ($row->archiv == 2) {
            $csel2 = 'checked="checked"';
        } else {
            $csel1 = 'checked="checked"';
        }
        $cdatum = date('d.m.Y', $row->endtime);
        $czeit = date('H:i', $row->endtime);
    }
    $tpl = new tpl ('news', 1);

    $ar = array (
        'NEWSID' => $FnewsID,
        'AKTION' => $Faktion,
        'MPL' => $MPL,
        'UEBER' => $Fueber,
        'txt' => $Ftxt,
        'SMILIS' => getsmilies(),
        // 'grecht' => dbliste($Fgrecht,$tpl,'grecht',"SELECT id,name FROM prefix_grundrechte ORDER BY id DESC"),
        'KATS' => getKats($FkatLis),
        'FSUB' => $Fsub,
        'sel0' => $sel0,
        'sel1' => $sel1,
        'sel_gesperrt' => $sel_gesperrt,
        'datum' => $datum,
        'zeit' => $zeit,
        'csel0' => $csel0,
        'csel1' => $csel1,
        'csel2' => $csel2,
        'cdatum' => $cdatum,
        'czeit' => $czeit,
        'xajax' => $xajax->getJavascript()
        );
    // Grundrechte
    $ar['grecht'] = '';
    $qry = db_query('SELECT ABS(id) as id, name FROM prefix_grundrechte ORDER BY id');
    while ($r = db_fetch_assoc($qry)) {
        $ar['grecht'] .= '<span style="white-space: nowrap; margin-right: 5px;"><input type="checkbox" id="grecht_' . $r['id'] . '" name="grecht_' . $r['id'] . '" ' .
        (($Fgrecht == ($Fgrecht | pow(2, $r['id']))) ? 'checked="checked"' : '') . ' />' .
        '<label for="grecht_' . $r['id'] . '">' . $r['name'] . "</label></span>\n";
    }
    // Groups
    $ar['groups'] = '';
    $qry = db_query('SELECT id, name FROM prefix_groups ORDER BY id');
    while ($r = db_fetch_assoc($qry)) {
        $ar['groups'] .= '<span style="white-space: nowrap; margin-right: 5px;"><input type="checkbox" id="groups_' . $r['id'] . '" name="groups_' . $r['id'] . '" ' .
        (($Fgroups == ($Fgroups | pow(2, $r['id']))) ? 'checked="checked"' : '') . ' />' .
        '<label for="groups_' . $r['id'] . '">' . $r['name'] . "</label></span>\n";
    }

    $tpl->set_ar_out($ar, 0);
    if (isset($info['ImgMaxBreite'])) {
        $tpl->out(2); //BBCode 2.0 Modul
    } else {
        $tpl->out(1); //BBCode vom Ilchscript
    }
    $tpl->set_ar_out($ar, 3);
    // e d i t , d e l e t e
    $abf = 'SELECT *
	        FROM `prefix_news`
					ORDER BY news_time DESC
					LIMIT ' . $anfang . ',' . $limit;

    $erg = db_query($abf);
    $class = '';
    $opts = db_fetch_object(db_query("SELECT v1 as topnews, v2 as koms,v3 as pmempf,v4 as kat FROM prefix_allg WHERE k = 'news'"));

    while ($row = db_fetch_object($erg)) {
        $class = ($class == 'Cmite' ? 'Cnorm' : 'Cmite');

        $tpl->set_ar_out(array ('ID' => $row->news_id,
                'class' => $class,
                'TITEL' => $row->news_title,
                'sperre' => $row->show >= 1 ? 'jep' : 'nop',
                'sperren' => $row->show >= 1 ? 'Sperren' : 'Freischalten',
                'title' => "Ersteller: " . get_n($row->user_id) . " ($row->news_time)" . (is_null($row->editor_id) ? '' : "\nGe&auml;ndert von: " . get_n($row->editor_id) . " ($row->edit_time)"),
                'topnews' => $row->news_id == $opts->topnews ? 'ok' : 'leer',
                'archiv' => (($row->archiv == 1) OR ($row->archiv == 2 AND $row->endtime < time())) ? 'A' : 'N'
                ) , 4);
    }
    // e d i t , d e l e t e
    // Mögliche PM-Empfänger
    $pmq = db_query("SELECT a.id, a.name FROM prefix_user a LEFT JOIN prefix_modulerights b ON b.mid = 2 AND b.uid = a.id WHERE a.recht <= -8 OR b.mid IS NOT NULL");
    $pmempf = '';
    $pmar = explode('#', $opts->pmempf);
    while ($r = db_fetch_object($pmq)) {
        $sel = in_array($r->id, $pmar) ? 'selected="selected"' : '';
        $pmempf .= "<option value=\"$r->id\" $sel>$r->name</option>";
    } // while
    $tpl->set_ar_out(array (
            'MPL' => $MPL,
            'html' => $Fhtml,
            'tn_koms' => $opts->koms == '1' ? 'ja' : 'nein',
            'nadd_kat' => getKats($opts->kat, $opts->kat , true),
            'pmempf' => $pmempf
            ) , 5);
}

$design->footer();

?>

verwendete ilch Version: 1.1 P

betroffene Homepage: externer Link

Zuletzt modifiziert von CiSeN am 28.07.2016 - 01:04:00

Bombing For Peace Is Like Fu**ing For Virginity !!!

0 Mitglieder finden den Beitrag gut.

zitieren

Do. 28.07.2016 01:13 Uhr #2

Siggi Hall Of Fame

Registriert seit
08.02.2007

Beiträge
6.558

Beitragswertungen

Könnte daran liegen weil es beim Update escapet wird und beim einfügen also into nicht

Wie poste ich falsch?
0 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 12:33 Uhr #3

CiSeN Mitglied

Registriert seit
06.01.2010

Beiträge
58

Beitragswertungen

Hallo Siggi,

danke für die richtungsweisung... Heißt das, dass ich die dazugehörigen values angleichen muss oder wie muss ich das machen?

Bombing For Peace Is Like Fu**ing For Virginity !!!
0 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 12:36 Uhr #4

Siggi Hall Of Fame

Registriert seit
08.02.2007

Beiträge
6.558

Beitragswertungen

Du änderst einfach in Zeile 191 $_POST['titel'] zu escape($_POST['titel'], 'string')

Wie poste ich falsch?
1 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 12:45 Uhr #5

CiSeN Mitglied

Registriert seit
06.01.2010

Beiträge
58

Beitragswertungen

Danke dir.

Da war ich ja beim richtigen Ansatz. Allerdings hätte ich jetzt alle angepasst.

Vielen Dank!

Bombing For Peace Is Like Fu**ing For Virginity !!!
0 Mitglieder finden den Beitrag gut.
- zitieren

Do. 28.07.2016 13:30 Uhr #6

CiSeN Mitglied

Jetzt hätte ich nochmal ein kleine Zusatzfrage, möchte dafür jetzt aber nicht extra einen neuen Thread eröffnen; deswegen knalle ich es einfach mal hier mit rein.
Und zwar habe ich "ein wenig" am News Script rumgebastelt und daraus ein zusätzliches Artikelsystem gemacht.
Nun habe ich darin ein Feld eingebaut, das einem anzeigen soll, ob ein Text zum Download bereit steht oder nicht.
Was ich genau meine kann man hier sehen.

Die Sache würde ich gerne per if-Abfrage einbauen, der (ich hoffe, dass er korrekt ist) so aussehen soll:

if (!empty($row['articles_download']))
{
    $download = "<a href="?downloads-show-'.$row['articles_download'].'">vorhanden</a>";
}
else
{
	$download = "nicht vorhanden";

Jetzt stellt sich mir nur die Frage, an welcher Stelle ich in contents/articles/articles.php einbauen muss.

<?php
// Copyright by: Manuel Staechele
// Support: www.ilch.de
// Modded by Mairu für News Extended
defined ('main') or die ('no direct access');

$title = $allgAr['title'] . ' :: Artikel';
$hmenu = 'Artikel';
$design = new design ($title , $hmenu);
$design->addheader('<link rel="alternate" type="application/atom+xml" title="Artikel (Atom)" href="index.php?articles-atom" />
<link rel="alternate" type="application/rss+xml" title="Artikel (RSS)" href="index.php?articles-rss" />');

function articles_find_kat ($kat) {
    $katpfad = 'include/images/articles/';
    $katjpg = $katpfad . $kat . '.jpg';
    $katgif = $katpfad . $kat . '.gif';
    $katpng = $katpfad . $kat . '.png';

    if (file_exists($katjpg)) {
        $pfadzumBild = $katjpg;
    } elseif (file_exists ($katgif)) {
        $pfadzumBild = $katgif;
    } elseif (file_exists ($katpng)) {
        $pfadzumBild = $katpng;
    }

    if (!empty($pfadzumBild)) {
        $kategorie = '<img style="" src="' . $pfadzumBild . '" alt="' . $kat . '">';
    } else {
        $kategorie = ' ' . $kat . ' ';
    }

    return ($kategorie);
}
// Schaut ob ein Name so oder ähnlich in der Datenbank vorhanden ist
// gibt true zurück falls der Name noch nicht verwendet ist
function checkName($name) {
    if (db_count_query("SELECT COUNT(name) FROM prefix_user WHERE name LIKE '$name'")) {
        return false;
    } else {
        return true;
    }
}

function checkKomName($name) {
    $resp = new xajaxResponse();
    if (checkName($name) OR loggedin()) {
        $resp->script('document.forms["komform"].submit();');
    } else {
        $resp->assign('komname', 'value' , '');
        $resp->alert('Dieser Name ist bereits an einen User vergeben, benutze bitte einen anderen.');
        $resp->script("document.getElementById('komname').focus();");
    }
    return $resp;
}
// xajax für namencheck
$xajax = new xajax();
$xajax->configureMany(array('decodeUTF8Input' => true ,'characterEncoding' => 'ISO-8859-1', 'requestURI' => 'admin.php?articles-ajax'));
$xajax->register(XAJAX_FUNCTION, 'checkKomName');
$xajax->processRequest();

if ($menu->get(1) == 'ajax') {
    exit();
}

if (!is_numeric($menu->get(1))) {
    if ($menu->get(1) == 'rss' || $menu->get(1) == 'atom') {
        // ob_clean();
        $feed_type = $menu->get(1);

        $abf = "SELECT MAX(articles_time) AS last_update FROM prefix_articles";
        $erg = db_query($abf);
        $row = db_fetch_assoc($erg);
        $last_update = str_replace(' ', 'T', $row['last_update']) . 'Z';

        $tn_id = intval(@db_result($articles_opts = db_query("SELECT v1 FROM prefix_allg WHERE k = 'articles' LIMIT 1"), 0));

        $abf = "SELECT
      a.articles_title as title,
      a.articles_id as id,";
        $abf .= ($feed_type == 'atom') ? 'a.articles_time as datum,' : "DATE_FORMAT(a.articles_time,'%a, %e %b %y %H:%i:%s') as datum,";
        $abf .=
        "a.articles_kat as kate,
		a.articles_kat2 as kate2,
      a.articles_text as text,
      b.name as username,
      a.html
    FROM prefix_articles as a
    LEFT JOIN prefix_user as b ON a.user_id = b.id
    WHERE (a.articles_recht | 1) = a.articles_recht AND a.`show` > 0 AND a.`show` <= UNIX_TIMESTAMP() AND a.articles_id != $tn_id AND a.`archiv` != 1 AND (a.endtime IS NULL OR a.endtime > UNIX_TIMESTAMP())
    ORDER BY articles_title LIMIT 15";
        $erg = db_query($abf);
        $tpl = new tpl('articles_' . $menu->get(1) . '.htm');

        header('Content-type: application/' . $menu->get(1) . '+xml');

        $tpl->set_ar_out(array('FEEDTITLE' => $allgAr['title'],
                'UPDATED' => $last_update,
                'SITEURL' => 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF'])), 0);
        while ($row = db_fetch_assoc($erg)) {
            if ($feed_type == 'atom') {
                $Z = (date('Z') > 0 ? '+' : '') . date('H:i:s', date('Z') + 23 * 3600);
                $row['datum'] = str_replace(' ', 'T', $row['datum']) . $Z;
            }

            $a = explode('[PREVIEWENDE]', $row['text']);
            $tpl->set_ar_out(array(
					'TITLE' 	=> $row['title'],
					'TXT' 		=> $row['html'] ? $a[0] : bbcode($a[0]),
					'LINK' 		=> 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php?articles-' . $row['id'],
					'AUTHOR' 	=> $row['username'],
					'DATE' 		=> $row['datum']
                    ), 1);
        }
        $tpl->out(2);
        exit;
    } else {
        $design->header();
        $limit = $allgAr['Nlimit'];
        $page = ($menu->getA(1) == 'p' ? $menu->getE(1) : 1);

        //Gruppenrechte
        $groups = getGroupRights();

        // Topartikel ausgeben
        $tn_id = intval(@db_result($articles_opts = db_query("SELECT v1, v2 FROM prefix_allg WHERE k = 'articles' LIMIT 1"), 0, 0));
        $tn_koms = @db_result($articles_opts, 0, 1);
        $tn_sql = db_query("SELECT a.articles_title as title, a.articles_text, a.articles_kat, a.articles_kat2, a.articles_recht, a.articles_groups, a.html,
                DATE_FORMAT(a.articles_time,'%d. %m. %Y - %H:%i Uhr') as datum,
                DATE_FORMAT(a.articles_time,'%W') as dayofweek,
                b.name as username,
                c.name as editorname,
                a.html,
                a.edit_time,
                a.klicks,
                b.id as uid
            FROM prefix_articles a
            LEFT JOIN prefix_user as b ON a.user_id = b.id
            LEFT JOIN prefix_user as c ON a.editor_id = c.id
            WHERE a.articles_id = $tn_id AND a.`show` > 0 AND a.`show` <= UNIX_TIMESTAMP() AND (a.endtime IS NULL OR a.endtime > UNIX_TIMESTAMP()) AND
            (((" . pow(2, abs($_SESSION['authright'])) . " | a.articles_recht) = a.articles_recht) OR
	        (a.articles_groups != 0 AND ((a.articles_groups ^ $groups) != (a.articles_groups | $groups))))");
        if (db_num_rows($tn_sql) > 0) {
            $tn_r = db_fetch_assoc($tn_sql);

			$dontShow = false;
			if ((pow(2, abs($_SESSION['authright'])) | $tn_r['articles_recht']) != $tn_r['articles_recht']) {
				$dontShow = true;
			}
			if ($dontShow) {
				foreach($_SESSION['authgrp'] as $id => $bool) {
					if ($bool and (pow(2, abs($id)) | $tn_r['articles_groups'] == $tn_r['articles_groups'])) {
						$dontShow = false;
						break;
					}
				}
			}
        	if (!$dontShow) {
				$tn_tpl = new tpl ('articles/top');
                if ($tn_koms) {
                    $tn_r['kom'] = db_count_query("SELECT COUNT(id) FROM prefix_koms WHERE uid = $tn_id AND cat = 'ARTICLES'");
                }
        	    $tn_r['showkom'] = $tn_koms;
                if (strpos ($tn_r['articles_text'], '[PREVIEWENDE]') !== false) {
                    $a = explode('[PREVIEWENDE]' , $tn_r['articles_text']);
                    $tn_r['articles_text']= $a[0];
                    $tn_r['readwholearticles'] = '<a href="index.php?articles-' . $tn_id . '" alt="mehr lesen" title="mehr lesen"><img src="include/images/icons/articles/more.gif" alt="mehr lesen" border="0"></a>';
                } else {
                     $tn_r['readwholearticles'] = '';
                }
                $tn_r['id'] = $tn_id;
        	    $tn_r['klicks'] = '<img src="include/images/icons/articles/counter.gif" alt="' . $tn_r['klicks']. ' mal gelesen" title="' . $tn_r['klicks']. ' mal gelesen" border="0">';
                $tn_r['datum']  = $lang[$tn_r['dayofweek']] . ' ' . $tn_r['datum'];
        	    $tn_r['edit']   = is_null($tn_r['edit_time']) ? '' : '<br /><i>zuletzt ge&auml;ndert am ' . date('d.m.Y - H:i', strtotime($tn_r['edit_time'])) . '&nbsp;Uhr';
        	    if (!empty($tn_r['edit']) and $tn_r['editorname'] != $tn_r['username']) {
        	        $tn_r['edit'].= ' von ' . $tn_r['editorname']. '</i>';
        	    } elseif (!empty($tn_r['edit'])) {
        	        $tn_r['edit'].= '</i>';
        	    }

                $tn_r['kate'] = articles_find_kat($tn_r['articles_kat']);
        	    $tn_r['text'] = $tn_r['html']? $tn_r['articles_text']: bbcode($tn_r['articles_text']);
                $tn_tpl->set_ar_out($tn_r, 0);
				unset($tn_tpl);
        	}
        }

		//Kategorie einschränken
		if ($menu->get(1) != '' and ($menu->getA(1) != 'p' or $menu->getE(1) == 0)) {
			$kats = $katssql = array();  #collect given kats
			$i = 1;
			while($kat = escape($menu->get($i), 'string')){
				$kats[] = $kat;
				$katssql[] = '"' . $kat . '"';
				$i++;
			}
			$articles_kat = 'articles_kat IN ('.implode(',', $katssql).') AND';
			$katmpl = '-'.implode('-', $kats);
			$page = $menu->getE('p');
			if ($page < 1) {
				$page = 1;
			}
			$katmpl = str_replace('-p'.$page, '', $katmpl);
		} else {
			$articles_kat = $katmpl = '';
			$page = ($menu->getA(1) == 'p' ? $menu->getE(1) : 1);
		}

        $anfang = ($page - 1) * $limit;

		$MPL = db_make_sites ($page , "WHERE (((" . pow(2, abs($_SESSION['authright'])) . " | articles_recht) = articles_recht) OR
			(articles_groups != 0 AND ((articles_groups ^ $groups) != (articles_groups | $groups)))) AND $articles_kat `show` > 0 AND `show` <= UNIX_TIMESTAMP() AND articles_id != $tn_id AND archiv != 1 AND (endtime IS NULL OR endtime > UNIX_TIMESTAMP())" , $limit , '?articles'.$katmpl , 'articles');
        // Normale Artikel
        $tpl = new tpl ('articles/articles.htm');

        $abf = "SELECT
      a.articles_title as title,
      a.articles_id as id,
      DATE_FORMAT(a.articles_time,'%d. %m. %Y - %H:%i Uhr') as datum,
      DATE_FORMAT(a.articles_time,'%W') as dayofweek,
      a.articles_kat as kate,
		a.articles_kat2 as kate2,
      a.articles_text as text,
      b.name as username,
      c.name as editorname,
      a.html,
      a.edit_time,
      a.klicks,
      b.id as uid
    FROM prefix_articles as a
    LEFT JOIN prefix_user as b ON a.user_id = b.id
    LEFT JOIN prefix_user as c ON a.editor_id = c.id
    WHERE (((" . pow(2, abs($_SESSION['authright'])) . " | a.articles_recht) = a.articles_recht) OR
	      (a.articles_groups != 0 AND ((a.articles_groups ^ $groups) != (a.articles_groups | $groups)))) AND $articles_kat
		a.`show` > 0 AND a.`show` <= UNIX_TIMESTAMP() AND articles_id != $tn_id AND a.`archiv` != 1 AND
		(a.endtime IS NULL OR a.endtime > UNIX_TIMESTAMP())
    ORDER BY a.articles_title, articles_kat2
    LIMIT " . $anfang . "," . $limit;

        // echo '<pre>'.$abf.'</pre>';
        $erg = db_query($abf);
    	if (db_num_rows($erg) == 0 and !empty($articles_kat)) {
    		echo 'Keinen Artikel in dieser Kategorie gefunden.<br />
    			<a href="index.php?articles">Artikel&uuml;bersichtsseite aufrufen</a>';
    		$design->footer(1);
    	}
        while ($row = db_fetch_assoc($erg)) {
            $k0m = db_query("SELECT COUNT(ID) FROM `prefix_koms` WHERE uid = " . $row['id'] . " AND cat = 'ARTICLES'");
            $row['kom'] = db_result($k0m, 0);

            $row['kate'] = articles_find_kat($row['kate']);
            $row['datum'] = $lang[$row['dayofweek']] . ' ' . $row['datum'];
            if (strpos ($row['text'] , '[PREVIEWENDE]') !== false) {
                $a = explode('[PREVIEWENDE]' , $row['text']);
                $row['text'] = $a[0];
                $row['readwholearticles'] = '<a href="index.php?articles-' . $row['id'] . '" alt="mehr lesen" title="mehr lesen"><img src="include/images/icons/articles/more.gif" alt="mehr lesen" border="0"></a>';
            } else {
                $row['readwholearticles'] = '';
            }
            $row['klicks'] = '<img src="include/images/icons/articles/counter.gif" alt="' . $row['klicks'] . ' mal gelesen" title="' . $row['klicks'] . ' mal gelesen" border="0">';
            if (!$row['html']) {
                $row['text'] = bbcode($row['text']);
            }
            $row['edit'] = is_null($row['edit_time']) ? '' : '<br /><i>zuletzt ge&auml;ndert am ' . date('d.m.Y - H:i', strtotime($row['edit_time'])) . '&nbsp;Uhr';
            if (!empty($row['edit']) and $row['editorname'] != $row['username']) {
                $row['edit'] .= ' von ' . $row['editorname'] . '</i>';
            } elseif (!empty($row['edit'])) {
                $row['edit'] .= '</i>';
            }
            $tpl->set_ar_out($row, 0);
        }
        $tpl->set_out('SITELINK', $MPL, 1);
        unset($tpl);
    }
} else {
    $design->header();
    $xajax->printJavascript();

    $nid = escape($menu->get(1), 'integer');
    $erg = db_query("SELECT a.articles_title, a.articles_kat2, a.articles_release, a.articles_publisher, a.articles_developer1, a.articles_developer2, a.articles_developer3, a.articles_developer4, a.articles_developer5, a.articles_usk, a.articles_download, a.articles_id, DATE_FORMAT(a.articles_time,'%d. %m. %Y - %H:%i Uhr') as datum,DATE_FORMAT(a.articles_time,'%W') as dayofweek,a.articles_kat,a.articles_text,b.name as username,c.name as editorname,a.html,a.edit_time,a.klicks,b.id as uid,a.articles_recht,a.articles_groups FROM prefix_articles as a LEFT JOIN prefix_user as b ON a.user_id = b.id LEFT JOIN prefix_user as c ON a.editor_id = c.id WHERE a.`show` > 0 AND a.`show` <= UNIX_TIMESTAMP() AND a.articles_id = '" . $nid . "'");
    if (db_num_rows($erg) == 0) {
        $dontShow = true;
	} else {
		$dontShow = false;
		$row = db_fetch_object($erg);
		if ((pow(2, abs($_SESSION['authright'])) | $row->articles_recht) != $row->articles_recht) {
			$dontShow = true;
		}
		if ($dontShow) {
			foreach($_SESSION['authgrp'] as $id => $bool) {
				if ($bool and (pow(2, abs($id)) | $row->articles_groups) == $row->articles_groups) {
					$dontShow = false;
					break;
				}
			}
		}
	}

	if ($dontShow) {
		echo 'Artikel existiert nicht oder Sie haben keine Rechte ihn zu sehen.  <a href="javascript:history.back();">zur&uuml;ck</a>';
		$design->footer(1);
	}

    $komsOK = true;
    if ($allgAr['Ngkoms'] == 0) {
        if (loggedin()) {
            $komsOK = true;
        } else {
            $komsOK = false;
        }
    }
    if ($allgAr['Nukoms'] == 0) {
        $komsOK = false;
    }

    $kom_info = '';
    // kommentar add
    if ((loggedin() OR chk_antispam ('articleskom')) AND $komsOK AND !empty($_POST['name']) AND !empty($_POST['txt'])) {
        $_POST['txt'] = escape($_POST['txt'], 'string');
        $_POST['name'] = escape($_POST['name'], 'string');
        if (checkName($_POST['name']) or loggedin()) {
            if (loggedin()) {
                $_POST['name'] = $_SESSION['authname'];
            }
            db_query("INSERT INTO `prefix_koms` (`uid`,`cat`,`name`,`text`) VALUES (" . $nid . ",'ARTICLES','" . $_POST['name'] . "','" . $_POST['txt'] . "')");
        } else {
            $kom_info = '<span style="color:red;">Dieser Name ist bereits an einen User vergeben, benutze bitte einen anderen.</span><br />';
        }
    }
    // kommentar add
    // kommentar loeschen
    if ($menu->getA(2) == 'd' AND is_numeric($menu->getE(2)) AND has_right(- 7, 'articles')) {
        $kommentar_id = escape($menu->getE(2), 'integer');
        db_query("DELETE FROM prefix_koms WHERE uid = " . $nid . " AND cat = 'ARTICLES' AND id = " . $kommentar_id);
    }
    // kommentar loeschen
    $kategorie = articles_find_kat($row->articles_kat);

    $textToShow = $row->html ? $row->articles_text : bbcode($row->articles_text);
    $textToShow = str_replace('[PREVIEWENDE]', '', $textToShow);
    if (!empty($such)) {
        $textToShow = markword($textToShow, $such);
    }
    // klicks zaehlen
    db_query("UPDATE prefix_articles SET klicks = klicks + 1 WHERE articles_id = " . $nid);	
	
    $tpl = new tpl ('articles/articles.htm');
    $ar = array (
        'TEXT' 				=> $textToShow,
        'KATE' 				=> $kategorie,
        'NID' 				=> $nid,
        'uname' 			=> $_SESSION['authname'],
        'ANTISPAM' 			=> (loggedin()?'':get_antispam ('articleskom', 0)),
        'NAME' 				=> $row->articles_title,
        'info'				=> $kom_info,
		'KATE2' 			=> $row->articles_kat2,
		'RELEASE' 			=> $row->articles_release,
		'PUBLISHER' 		=> $row->articles_publisher,
		'DEVELOPER1' 		=> $row->articles_developer1,
		'DEVELOPER2' 		=> $row->articles_developer2,
		'DEVELOPER3' 		=> $row->articles_developer3,
		'DEVELOPER4' 		=> $row->articles_developer4,
		'DEVELOPER5' 		=> $row->articles_developer5,
		'ID' 				=> $row->user_id,
		'USERNAME' 			=> $row->username,
		'DOWNLOAD' 			=> $download,
		'USK' 				=> $row->articles_usk,
        );
    $tpl->set_ar_out($ar, 2);

    if ($komsOK) {
        $tpl->set_ar_out (array ('NAME' => $row->articles_title , 'NID' => $nid, 'style' => loggedin() ? 'style="display:none;"' : ''), 3);
    }
    $erg1 = db_query("SELECT text, name, id FROM `prefix_koms` WHERE uid = " . $nid . " AND cat = 'ARTICLES' ORDER BY id DESC");
    $ergAnz1 = db_num_rows($erg1);
    if ($ergAnz1 == 0) {
        echo '<b>' . $lang['nocomments'] . '</b>';
    } else {
        $zahl = $ergAnz1;
        while ($row1 = db_fetch_assoc($erg1)) {
            $row1['text'] = bbcode(trim($row1['text']));
            if (has_right(- 7, 'articles')) {
                $row1['text'] .= '<a href="javascript:delkom(' . $nid . ',' . $row1['id'] . ')"><img src="include/images/icons/del.gif" alt="l&ouml;schen" border="0" title="l&ouml;schen" /></a>';
            }
            $tpl->set_ar_out(array('NAME' => $row1['name'], 'TEXT' => $row1['text'], 'ZAHL' => $zahl) , 4);
            $zahl--;
        }
    }
    $tpl->out(5);
}

$design->footer();

?>

Erneute Hilfe dazu wäre echt klasse. Danke schonmal

Bombing For Peace Is Like Fu**ing For Virginity !!!

0 Mitglieder finden den Beitrag gut.

zitieren

Do. 28.07.2016 13:43 Uhr #7

Siggi Hall Of Fame

Registriert seit
08.02.2007

Beiträge
6.558

Beitragswertungen

Ich würde es mal vor Zeile 347 einfügen, dadrunter im array gibt er es ja aus

Wie poste ich falsch?
0 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 13:47 Uhr #8

CiSeN Mitglied

Registriert seit
06.01.2010

Beiträge
58

Beitragswertungen

Jetzt habe ich Parse error:

Parse error: syntax error, unexpected 'articles_download' (T_STRING) in /users/cisen/www/include/contents/articles/articles.php on line 349

Bombing For Peace Is Like Fu**ing For Virginity !!!
0 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 13:52 Uhr #9

Siggi Hall Of Fame

Registriert seit
08.02.2007

Beiträge
6.558

Beitragswertungen
Und wenn du es hiermit versuchst?
```
if (!empty($row->articles_download)) {
    $download = '<a href="?downloads-show-'.$row->articles_download.'"vorhanden</a>';
} else {
    $download = 'nicht vorhanden';
}
```
Zuletzt modifiziert von Siggi am 28.07.2016 - 13:54:23
Wie poste ich falsch?
1 Mitglieder finden den Beitrag gut.
- zitieren
Do. 28.07.2016 14:02 Uhr #10

CiSeN Mitglied

Registriert seit
06.01.2010

Beiträge
58

Beitragswertungen

Das hat geklappt.

Vielen lieben Dank!!!

Bombing For Peace Is Like Fu**ing For Virginity !!!
0 Mitglieder finden den Beitrag gut.
- zitieren

Beitrag zur Merkliste hinzufügen

ilch Forum » Ilch Clan 1.1 » Fehlersuche und Probleme » News Extended 1.4c Backend Fehler