</toplist/?php 
############################################
### Top-XL V.1.23 Free  -  Add user add.php ######
############################################
/// 1. You are NOT entiteld to rent, lease, transfer, reproduce or distribute this Software.
/// 2. You are entiteld to adapt, and modify the Software to your need.
/// 3. You can use this Script on all of YOUR Domains.
/// 4. Any modification or removal to the links in the footer and member area shall terminate this license immediately .
/// 5. The Script has been tested on different Servers and found free of any notable errors by the author. The Author shall not in any case be liable for any special, incidental indirect or other similar damages arising from the use of this Script.
/// 6. Author: Simon Zehender - Contact: http://www.derwebgestalter.de or http://www.paddelberg.de
////////////////////////////////////////////
////////////////////////////////////////////
$scriptpath=$_SERVER['DOCUMENT_ROOT'];
////////////////////////////////////////
/// add.php - add new entry
///////////////////////////////////////
include("inc/sql.php");
include("inc/vars.php");
include("inc/functions.php");
$langget=get_lang($stanlang);
include("lang/members-".get_lang_file($langget,$stanlang,$langarray,$langdetect).".php");
$do = safety($_GET["do"]); 

////////////////////////////////////////
/// if submit
///////////////////////////////////////

if ($addvalicode=="yes") {session_start();}
if ($do == "changeadd" or $do == "submitter")
	{
	if ($refereraddcheck=="yes")
		{
		$ref=$_SERVER["HTTP_REFERER"];
		if (!$ref or $ref=="" or !eregi("http://",$ref))
			{echo "No valid referer";exit;}
		$topsiteurl1=get_dom($topsiteurl);
		$ref=get_dom($ref);
		if ($ref!=$topsiteurl1)
			{echo "No valid referer";exit;}
		}
	if ($do == "submitter" and $addperget=="yes")
		{
		$name=safety($_GET["name"]);
		$email=safety($_GET["email"]);
		$url=safety($_GET["url"]);
		$reciprocal=safety($_GET["reciprocal"]);
		$bannerurl=safety($_GET["bannerurl"]);
		$title=safety($_GET["title"]);
		$description=safety($_GET["description"]);
		$notes=safety($_GET["notes"]);
		$pass=safety($_GET["pass"]);
		$pass2=safety($_GET["pass2"]);
		$rulechecker="yes";
		}
	else
		{
		$name=safety($_POST["name"]);
		$email=safety($_POST["email"]);
		$url=safety($_POST["url"]);
		$reciprocal=safety($_POST["reciprocal"]);
		$bannerurl=safety($_POST["bannerurl"]);
		$title=safety($_POST["title"]);
		$description=safety($_POST["description"]);
		$notes=safety($_POST["notes"]);
		$pass=safety($_POST["pass"]);
		$pass2=safety($_POST["pass2"]);
		$rulechecker=safety($_POST["rulechecker"]);
		}
	if ($addvalicode=="yes")
		{
		if ($_POST['valicode'] != $_SESSION['code'])
			{$error32 = $errortext32;}
		}
	$urlslash = slashcheck($url);
	if($urlslash == 3)
		{$url = $url."/";}
	$recislash = slashcheck($reciprocal);
	if($recislash == 3)
		{$reciprocal = $reciprocal."/";}
	$urlcheckquery = mysql_query("SELECT url,reciprocal FROM $topxl_user_table WHERE reciprocal='$reciprocal' or url='$url'") or die ("mysql_error");
	$urlcheck = @mysql_fetch_array($urlcheckquery);	
	$urlchkeckurl = $urlcheck[url];
	$urlchkeckreciprocal = $urlcheck[reciprocal];
	if (!$name)
		{$error1 = $errortext1;}
	if (strlen($name) > 60)
			{$error1 = $errortext1b;}
	if (!$email) 
		{$error2 = $errortext2;}
	if (!eregi("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,4})$", trim($email))) 
		{$error2 = $errortext2a;}
	if (strlen($email) > 255)
			{$error2 = $errortext5b;}
	if (!$url || strpos($url, 'http://') === false)
		{$error3 = $errortext3;}
	if (strlen($url) > 255)
			{$error3 = $errortext5b;}
	if ($urlchkeckurl == $url and $url and $url != "")
		{$error3 = $errortext3a;}
	if (!$reciprocal || strpos($reciprocal, 'http://') === false)
		{$error4 = $errortext4;}
	if (strlen($reciprocal) > 255)
			{$error4 = $errortext5b;}
	if ($urlchkeckreciprocal == $reciprocal and $reciprocal and $reciprocal != "")
		{$error4 = $errortext4a;}
	if ($showbanner == "yes")
		{
		if (!$bannerurl || strpos($bannerurl, 'http://') === false)
			{$error5 = $errortext5;}
		else 
			{
			if (strlen($bannerurl) > 255)
				{$error5 = $errortext5b;}
			$sqlholder = ",bannerurl='$bannerurl'";
			$extens = ereg_replace('http://', ' ',$bannerurl);
			$ext = strrchr($extens,'.');
			$limitedext=array(".gif",".jpg",".jpeg",".png"); 
			if (!in_array($ext,$limitedext))
				{$error5 = $errortext5a;}
			}
		}
	if (!$title)
		{$error6 = $errortext6;}
	if (strlen($title) > $maxsigntitle)
		{$error6 = $errortext6a;}
	if (!$description)
		{$error7 = $errortext7;}
	if (strlen($description) > $maxsigndesc)
		{$error7 = $errortext7a;}
	if ($pass and $pass != "") 
		{
		if (ereg("[^a-zA-Z0-9]",$pass)) 
		{$error8 = $errortext8;}
		if ($pass != $pass2)		 
			{$error8 = $errortext8a;}    
	  	if (strlen($pass)< 8)
	     	{$error8 = $errortext8b;}
		if (strlen($pass)> 60)
			{$error8 = $errortext1b;}
	  	}
	else 	/// if no pass was entered
      {$error8 = $errortext8c;}	
	if (!$rulechecker or $rulechecker != "yes")
		{$error24 = $errortext24;}
	//// if an error happens
	if ($error1 || $error2 || $error3 || $error4 || $error5 || $error6 || $error7 || $error8 || $error24 || $error32)
		{$message = $messageerror;}
	else
		{
		 if(getenv("HTTP_X_FORWARDED_FOR"))
		 	{$signupip = getenv("HTTP_X_FORWARDED_FOR");}   
		 else
		 	{$signupip = getenv("REMOTE_ADDR");}
		$title = rtrim($title);
		$description = rtrim($description);
		$mailpass = $pass;
		$pass = md5($pass);
		$timestamp = time();
		$joindate = date("Y-m-d-H-i-s");
		if ($validatesites == "yes")
			{$sqlholder2 = ",active='no'";}
		else
			{$sqlholder2 = ",active='yes',newentry='no',validationdate='$timestamp'";}
		mysql_query("INSERT INTO $topxl_user_table SET joindate='$joindate',timestamp='$timestamp',name='$name',email='$email',url='$url'$sqlholder,reciprocal='$reciprocal',title='$title',description='$description',notes='$notes',pass='$pass',lang='$lang',signupip='$signupip'$sqlholder2") or die ("mysql_error");
		$idgetquery = mysql_query("SELECT id,url,reciprocal FROM $topxl_user_table WHERE reciprocal='$reciprocal' or url='$url'") or die ("mysql_error");
		$idget = @mysql_fetch_array($idgetquery);	
		$id = $idget[id];
		/// Html Codes to show on the success site
		if ($mailtouser == "yes" or $mailtoadmin == "yes")
			{$htmlcode2 = "$bodycode_text\n";}
		$htmlcodescript1 = htmlentities($htmlcodescript);
		$htmlcode = "<b>$bodycode_text</b><br>";
		$htmlcode3="";
		if ($reftype=="textlink" or $reftype=="textban")
			{
			if ($mailtouser=="yes")
				{
				$recicodetext=recipcodetext($id,$topxl_admin_table,$topsiteurl,$linktitle,$filename);
				$htmlcode3="\n".$text_textlink."\n";
				$htmlcode3.=$htmlcodescript."\n".$recicodetext."\n";
				}
			$htmlcode.=texthtmlgen($id,$topxl_admin_table,$topsiteurl,$linktitle,$filename,$text_textlink,$htmlcodescript,$text_preview);
			}
		if ($reftype=="banner" or $reftype=="textban")
			{
			$recicodebanner=recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurl,$linktitle,$filename);
			if ($mailtouser=="yes" or $mailtoadmin=="yes")
				{
				$htmlcode3.="\n".$text_banner." 1\n".$htmlcodescript."\n".recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurl,$linktitle,$filename)."\n";
			if ($topbannerurla!="")
				{$htmlcode3.="\n".$text_banner." 2\n".$htmlcodescript."\n".recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurla,$linktitle,$filename)."\n";}
			if ($topbannerurlb!="")
				{$htmlcode3.="\n".$text_banner." 3\n".$htmlcodescript."\n".recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurlb,$linktitle,$filename)."\n";}
			if ($topbannerurlc!="")
				{$htmlcode3.="\n".$text_banner." 4\n".$htmlcodescript."\n".recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurlc,$linktitle,$filename)."\n";}
			if ($topbannerurld!="")
				{$htmlcode3.="\n".$text_banner." 5\n".$htmlcodescript."\n".recipcodebanner($id,$topxl_admin_table,$topsiteurl,$topbannerurld,$linktitle,$filename)."\n";}
				}
			$htmlcode.=bannerhtmlgen($id,$topxl_admin_table,$topsiteurl,$topbannerurl,$linktitle,$filename,$text_banner,$htmlcodescript,$text_preview);
		if ($topbannerurla!="")
			{$htmlcode.=bannerhtmlgen($id,$topxl_admin_table,$topsiteurl,$topbannerurla,$linktitle,$filename,$text_banner,$htmlcodescript,$text_preview);}
		if ($topbannerurlb!="")
			{$htmlcode.=bannerhtmlgen($id,$topxl_admin_table,$topsiteurl,$topbannerurlb,$linktitle,$filename,$text_banner,$htmlcodescript,$text_preview);}
		if ($topbannerurlc!="")
			{$htmlcode.=bannerhtmlgen($id,$topxl_admin_table,$topsiteurl,$topbannerurlc,$linktitle,$filename,$text_banner,$htmlcodescript,$text_preview);}
		if ($topbannerurld!="")
			{$htmlcode.=bannerhtmlgen($id,$topxl_admin_table,$topsiteurl,$topbannerurld,$linktitle,$filename,$text_banner,$htmlcodescript,$text_preview);}
			}
		$htmlcodemail = $htmlcode2." ".$htmlcode3;
		if ($validatesites == "yes")
			{$message = $messagesuccess;$bodytextx=$bodytext1;$bodytexty=$bodytext2;}
		else{$message = $messagesuccess1;$bodytextx=$bodytext3;$bodytexty=$bodytext4;}
		if ($mailtouser == "yes")
			{
			/// send mail to user
			$subject = $subjecttext." ".$topsitename;
			$body1 = $bodytextx."\n\n".$bodytexty."\n\n";
			$body2 = $htmlcodemail;
			$body3 = "\n\nLogin Data\n".$text_loginid." ".$id."\n".$text_pass." ".$mailpass."\n\n".$text_account_information."\n".$text_name." ".$name."\n".$text_email." ".$email."\n".$text_url." ".$url."\n".$text_bannerurl." ".$bannerurl."\n".$text_reciprocal." ".$reciprocal."\n".$text_title." ".$title."\n".$text_description." ".$description."\n".$text_notes." ".$notes."\n".$text_signupip." ".$signupip."\n".$text_joindate." ".$joindate."\n\n".$mailpromo."\n\n".$commercialmailtext;
			$body  .= strip_tags($body1);
			$body  .= $body2;
			$body  .= strip_tags($body3);
			mail($email,$subject,$body,"From: $adminmail\nReply-To: $adminmail");
			}		
		if ($mailtoadmin == "yes")
			{
			include("lang/members-".$stanlang.".php");
			$validateurl = $topsiteurl."/admin/index.php?do=validate";
			/// send mail to admin
			$subject2 = $subjecttextadmin;
			$body2 = $validateurl."\n\n".$text_name." ".$name."\n".$text_email." ".$email."\n".$text_pass." ".$mailpass."\n".$text_url." ".$url."\n".$text_bannerurl." ".$bannerurl."\n".$text_reciprocal." ".$reciprocal."\n".$text_title." ".$title."\n".$text_description." ".$description."\n".$text_notes." ".$notes."\n".$text_adminsignupip." ".$signupip."\n".$text_joindate." ".$joindate."\n\n";
			$body2  = strip_tags($body2);
			mail($adminmail2,$subject2,$body2,"From: $email\nReply-To: $email");
			include("lang/members-".get_lang_file($langget,$stanlang,$langarray,$langdetect).".php");
			}
		$htmlcode = stripslashes($htmlcode);
		/// Template 
		if(!file_exists("html/".$design."/add.html"))
			{echo "The template file html/".$design."/add.html does not exist.";exit;}
		$fp1 = fopen("html/".$design."/added.html","r");  
		$zeile = fread ($fp1, filesize ("html/".$design."/added.html"));
		$zeile = ereg_replace("{text_loginname}", $text_loginname,$zeile);
		$zeile = ereg_replace("{text_htmlcode}", $bodytexty,$zeile);
		$zeile = ereg_replace("{text_pass}", $text_pass,$zeile);
		$zeile = ereg_replace("{text_name}", $text_loginname,$zeile);
		$zeile = ereg_replace("{message}", $message,$zeile);
		$zeile = ereg_replace("{name}", $id,$zeile);
		$zeile = ereg_replace("{pass}", $mailpass,$zeile);
		$zeile = ereg_replace("{text_logindata}", $text_logindata,$zeile);
		$zeile = ereg_replace("{htmlcode}", $exp_javascript_backlink."<br><br>".$htmlcode,$zeile);
		$zeile = ereg_replace("{text_signup}", $text_signup,$zeile);
		echo $zeile;
		exit;
		}
	}
	
/////////////////////////////////////
//// Alles ohne do
/////////////////////////////////////

$prevhtmlcode = "<strong>".$text_previewhtmlcode."</strong><br><br>";
if ($reftype=="textlink" or $reftype=="textban")
	{
	$recicodetext=recipcodetext("none",$topxl_admin_table,$topsiteurl,$linktitle,$filename);
	$prevhtmlcode.="<strong>".$text_textlink."</strong><br>".$recicodetext."<br>";
	}
if ($reftype=="banner" or $reftype=="textban")
	{
	$prevhtmlcode.="<br><strong>".$text_banner." 1</strong><br>".recipcodebanner("none",$topxl_admin_table,$topsiteurl,$topbannerurl,$linktitle,$filename)."<br>";
	if ($topbannerurla!="")
		{$prevhtmlcode.="<br><strong>".$text_banner." 2</strong><br>".recipcodebanner("none",$topxl_admin_table,$topsiteurl,$topbannerurla,$linktitle,$filename)."<br>";}
	if ($topbannerurlb!="")
		{$prevhtmlcode.="<br><strong>".$text_banner." 3</strong><br>".recipcodebanner("none",$topxl_admin_table,$topsiteurl,$topbannerurlb,$linktitle,$filename)."<br>";}
	if ($topbannerurlc!="")
		{$prevhtmlcode.="<br><strong>".$text_banner." 4</strong><br>".recipcodebanner("none",$topxl_admin_table,$topsiteurl,$topbannerurlc,$linktitle,$filename)."<br>";}
	if ($topbannerurld!="")
		{$prevhtmlcode.="<br><strong>".$text_banner." 5</strong><br>".recipcodebanner("none",$topxl_admin_table,$topsiteurl,$topbannerurld,$linktitle,$filename)."<br>";}
	}
if ($showbanner == "yes")
	{
	if(!file_exists("html/".$design."/add_banner_row.html"))
		{echo "The template file html/".$design."/add_banner_row.html does not exist.";exit;}
	$fp1 = fopen("html/".$design."/add_banner_row.html","r");
	$zeile = fread ($fp1, filesize ("html/".$design."/add_banner_row.html"));
	$zeile = ereg_replace("{text_bannerurl}",$text_bannerurl,$zeile);
	$zeile = ereg_replace("{bannerurl}",$bannerurl,$zeile);
	$bannerbox = ereg_replace("{error5}",$error5,$zeile);
	}
else
	{$bannerbox = "";}
if ($addvalicode=="yes")
	{
	$_SESSION['code'] = rand(10000, 99999);	
	if(!file_exists("html/".$design."/add_save_row.html"))
		{echo "The template file html/".$design."/add_save_row.html does not exist.";exit;}
	$fp1 = fopen("html/".$design."/add_save_row.html","r");
	$zeile = fread ($fp1, filesize ("html/".$design."/add_save_row.html"));
	$zeile = ereg_replace("{text_valicode}",$text_valicode,$zeile);
	$saveadd_html = ereg_replace("{error32}",$error32,$zeile);
	}
/// Template
if(!file_exists("html/".$design."/add.html"))
	{echo "The template file html/".$design."/add.html does not exist.";exit;}
$fp1 = fopen("html/".$design."/add.html","r");
$zeile = fread ($fp1, filesize ("html/".$design."/add.html"));
$zeile = ereg_replace("{text_name}",$text_name,$zeile);
$zeile = ereg_replace("{saveadd_html}",$saveadd_html,$zeile);
$zeile = ereg_replace("{text_email}",$text_email,$zeile);
$zeile = ereg_replace("{text_url}",$text_url,$zeile);
$zeile = ereg_replace("{text_reciprocal}",$text_reciprocal,$zeile);
$zeile = ereg_replace("{text_title}",$text_title,$zeile);
$zeile = ereg_replace("{text_description}",$text_description,$zeile);
$zeile = ereg_replace("{text_notes}",$text_notes,$zeile);
$zeile = ereg_replace("{error1}",$error1,$zeile);
$zeile = ereg_replace("{error2}",$error2,$zeile);
$zeile = ereg_replace("{error3}",$error3,$zeile);
$zeile = ereg_replace("{error4}",$error4,$zeile);
$zeile = ereg_replace("{error6}",$error6,$zeile);
$zeile = ereg_replace("{error7}",$error7,$zeile);
$zeile = ereg_replace("{error8}",$error8,$zeile);
$zeile = ereg_replace("{error24}",$error24,$zeile);
$zeile = ereg_replace("{ip}",$ip,$zeile);
$zeile = ereg_replace("{datum}",$datum,$zeile);
$zeile = ereg_replace("{message}",$message,$zeile);
$zeile = ereg_replace("{bannerbox}",$bannerbox,$zeile);
$zeile = ereg_replace("{name}",$name,$zeile);
$zeile = ereg_replace("{email}",$email,$zeile);
$zeile = ereg_replace("{url}",$url,$zeile);
$zeile = ereg_replace("{reciprocal}",$reciprocal,$zeile);
$zeile = ereg_replace("{title}",$title,$zeile);
$zeile = ereg_replace("{description}",$description,$zeile);
$zeile = ereg_replace("{notes}",$notes,$zeile);
$zeile = ereg_replace("{text_pass}",$text_pass,$zeile);
$zeile = ereg_replace("{pass}",$pass,$zeile);
$zeile = ereg_replace("{pass2}",$pass2,$zeile);
$zeile = ereg_replace("{text_signup}",$text_signup,$zeile);
$zeile = ereg_replace("{prevhtmlcode}",$prevhtmlcode,$zeile);
$zeile = ereg_replace("{text_rules}",$text_rules,$zeile);
$zeile = ereg_replace("{text_exp_rules}",$text_exp_rules,$zeile);
$zeile = ereg_replace("{text_stats}",$text_stats,$zeile);
$zeile = ereg_replace("{hitstoday}",$hitstoday,$zeile);
$zeile = ereg_replace("{text_hitstoday}",$text_viewstoday,$zeile);
$zeile = ereg_replace("{hitsyesterday}",$hitsyesterday,$zeile);
$zeile = ereg_replace("{text_hitsyesterday}",$text_viewsyesterday,$zeile);
$zeile = ereg_replace("{hitstotal}",$hitstotal,$zeile);
$zeile = ereg_replace("{text_hitstotal}",$text_viewstotal,$zeile);
$zeile = ereg_replace("{loadstotal}",$loadstotal,$zeile);
$zeile = ereg_replace("{text_loadstotal}",$text_loadstotal,$zeile);
$zeile = ereg_replace("{text_acceptrules}",$text_acceptrules,$zeile);
echo $zeile;
exit;
?>