";
}

if ($properties['guestbook_status']) {
if (isset($_POST['send']) OR isset($_POST['preview'])) {
$error_msg = "";

if ($_POST['name'] == "") {
$error_msg .= "- ".$ms[3]."
";
}

if ($_POST['text'] == "") {
$error_msg .= "- ".$ms[4]."
";
}

if ($properties['check_email'] AND !checkMail($_POST['email'])) {
$error_msg .= "- ".$ms[5]."
";
}

if ($properties['check_homepage']) {
if ($_POST['homepage'] == "" OR $_POST['homepage'] == "http://") {
$error_msg .= "- ".$ms[24]."
";
} else if (!checkHomepage($_POST['homepage'])){
$error_msg .= "- ".$ms[217]."
";
}
}

if ($properties['check_icq']) {
if (!preg_match("/^[0-9]*$/is", $_POST['icq']) OR $_POST['icq'] == "") {
$error_msg .= "- ".$ms[208]."
";
}
}

if (isset($_POST['icq']) AND $_POST['icq'] != "") {
if (!preg_match("/^[0-9]*$/is", $_POST['icq'])) {
$error_msg .= "- ".$ms[208]."
";
}
}

if ($properties['entry_length_limit']) {
$text_length = strlen($_POST['text']);

if ($text_length > $properties['entry_length_maximum']) {
$error_msg .= "- ".$ms[187]." ".$properties['entry_length_maximum']."
";
}

if ($text_length < $properties['entry_length_minimum']) {
$error_msg .= "- ".$ms[188]." ".$properties['entry_length_minimum']."
";
}
}

if (extension_loaded("gd") AND $properties['captcha'] == 1 AND isset($_POST['send'])) {
if ($_POST['captcha'] == "") {
$error_msg .= "- ".$ms[223]."
";
} else {
if (strtoupper($_POST['captcha']) != $_SESSION['captcha']) {
$error_msg .= "- ".$ms[224]."
";
}
}
}

if (!$error_msg == "") {
echo "".$error_msg."
";
} else {
if (isset($_POST['send'])) {
$_POST['email'] = mysql_escape_string($_POST['email']);
$_POST['name'] = mysql_escape_string($_POST['name']);
$_POST['text'] = mysql_escape_string($_POST['text']);

$time = time();
$old_time = $time-$properties['antiflood_ban'];

mysql_query("DELETE FROM
".$table."_ip_ban
WHERE
time <= '$old_time' AND type='entry'");

$sql_select_ip = mysql_query("SELECT
ip
FROM
".$table."_ip_ban
WHERE
ip='".$_SERVER['REMOTE_ADDR']."' AND type='entry'");

$select_ip = mysql_num_rows($sql_select_ip);

if ($select_ip > 0) {
echo "".$ms[15]."";
} else {
mysql_query("INSERT INTO
".$table."_ip_ban (ip, time, type)
VALUES
('".$_SERVER['REMOTE_ADDR']."',
'$time',
'entry')");

mt_srand((double)microtime()*1000000);
$activation_code = mt_rand(1000000,9999999);
$activation_hashcode = md5($activation_code);

if ($properties['notification_entries'] == 1 OR $properties['thanks_email'] == 1) {
$header = "MIME-Version: 1.0\n";
$header .= "Content-type: text/plain; charset=iso-8859-1\n";
$header .= "Content-Transfer-Encoding: 8bit\n";
$header .= "X-Mailer: PHP\n";
$header .= "From: \"".$properties['guestbook_title']."\" <".$properties['admin_email'].">\n";

if ($properties['notification_entries'] == 1) {
if ($properties['release_entries']) {
$release_text = "\n\n".$ms['222']."\n".$url."/admin/admin.php?action=activate_entry&code=".$activation_hashcode."";
} else {
$release_text = "";
}

mail($properties['admin_email'], $ms['7'], "".$ms['8']."\n\n".$ms['9']." ".$_POST['name']."\n".$ms['10']." ".$_POST['email']."\n".$ms['11']." ".$_POST['homepage']."\nICQ: ".$_POST['icq']."\n\n".$ms['12']."\n".$_POST['text']."\n".$release_text."", $header);
}

if ($properties['thanks_email'] == 1) {
mail($_POST['email'], $ms['220'], $ms['221'], $header);
}
}

$sql_insert_entry = mysql_query("INSERT INTO
".$table."_entries (activation_code, date, email, homepage, icq, id, ip, name, status, text, time)
VALUES
('$activation_hashcode',
'".date("d.m.Y")."',
'".$_POST['email']."',
'',
'".$_SERVER['REMOTE_ADDR']."',
'".$_POST['name']."',
'0',
'".$_POST['text']."',
'".date("H:i")."')");

if ($sql_insert_entry AND !$properties['release_entries']) {
echo "
if (isset($get_lang)) {
echo "?lang=".$_GET['lang']."";
}

echo "\">";
} elseif ($properties['release_entries']) {
echo "
if (isset($get_lang)) {
echo "?lang=".$_GET['lang']."";
}

echo "\">".$ms['13']."";
} else {
echo "".$ms[14]."";
}
}
}

if (isset($_POST['preview'])) {
$text = $_POST['text'];

if ($properties['deactivate_html']) {
$text = htmlentities($text);
}

$_POST['email'] = htmlentities($_POST['email']);
$_POST['email'] = stripslashes($_POST['email']);
$_POST['email'] = strip_tags($_POST['email']);
$_POST['name'] = htmlentities($_POST['name']);
$_POST['name'] = stripslashes($_POST['name']);
$_POST['name'] = strip_tags($_POST['name']);
$text = badwords($text);
$text = shortWords($text, $properties['max_word_length']);
$text = nl2br($text);
$text = stripslashes($text);

if ($properties['bbcode']) {
$text = bbcode($text);
}

if ($properties['smilies']) {
$text = smilies($text);
}

if (isset($properties['release_entries']) AND $properties['release_entries'] == 1) {
$sql_count_entries = mysql_query("SELECT
id
FROM
".$table."_entries
WHERE
status='1'");
} else {
$sql_count_entries = mysql_query("SELECT
id
FROM
".$table."_entries");
}

$count_entries = mysql_num_rows($sql_count_entries);
$count_entries = $count_entries+1;
$template_data = $template['html'];
$template_data = str_replace("<\$border\$>", $template['border'], $template_data);
$template_data = str_replace("<\$cellpadding\$>", $template['cellpadding'], $template_data);
$template_data = str_replace("<\$cellspacing\$>", $template['cellspacing'], $template_data);
$template_data = str_replace("<\$comment\$>", "", $template_data);
$template_data = str_replace("<\$date\$>", date("d.m.Y"), $template_data);
$template_data = str_replace("<\$id\$>", $count_entries, $template_data);
$template_data = str_replace("<\$name\$>", $_POST['name'], $template_data);
$template_data = str_replace("<\$tablealign\$>", $template['tablealign'], $template_data);
$template_data = str_replace("<\$tablewidth\$>", $template['tablewidth'], $template_data);
$template_data = str_replace("<\$tdcolor\$>", $template['tdcolor'], $template_data);
$template_data = str_replace("<\$td2color\$>", $template['td2color'], $template_data);
$template_data = str_replace("<\$text\$>", $text, $template_data);
$template_data = str_replace("<\$time\$>", date("H:i"), $template_data);

if ($properties['show_ip']) {
$template_data = str_replace("<\$ip\$>", "IP: ".$_SERVER['REMOTE_ADDR']."
", $template_data);
} else {
$template_data = str_replace("<\$ip\$>", "", $template_data);
}

if ($_POST['email'] == "") {
$template_data = str_replace("<\$email\$>", "", $template_data);
$template_data = str_replace("<\$email_icon\$>", "", $template_data);
} else {
$template_data = str_replace("<\$email\$>", "".$_POST['email']."", $template_data);
$template_data = str_replace("<\$email_icon\$>", "", $template_data);
}

echo "";
}
}
}

echo "

if (isset($get_lang)) {
echo "?lang=".$_GET['lang']."";
}

echo "\" method=\"post\">

".$ms[9]."*	if (isset($_COOKIE['name']) AND $_COOKIE['name'] != "") { echo "".$_COOKIE['name'].""; } elseif (isset($_POST['name']) AND $_POST['name'] != "") { echo "".$_POST['name'].""; } echo "\" tabindex=\"1\" />	"; if ($properties['bbcode']) { echo " "; } if ($properties['smilies']) { $sql_smilies_count = mysql_query("SELECT id FROM ".$table."_smilies"); $count_smilies = mysql_num_rows($sql_smilies_count); if ($count_smilies > 0) { echo " "; } $sql_smilies = mysql_query("SELECT bbcode, filename, height, name, width FROM ".$table."_smilies LIMIT 0,5"); while ($smilies = mysql_fetch_assoc($sql_smilies)) { echo ""; } if ($count_smilies > 0) { echo ""; } $sql_smilies = mysql_query("SELECT bbcode, filename, height, name, width FROM ".$table."_smilies LIMIT 5,5"); while ($smilies = mysql_fetch_assoc($sql_smilies)) { echo ""; } if ($count_smilies > 0) { echo ""; } $sql_smilies = mysql_query("SELECT bbcode, filename, height, name, width FROM ".$table."_smilies LIMIT 10,5"); while ($smilies = mysql_fetch_assoc($sql_smilies)) { echo ""; } if ($count_smilies >= 10) { echo ""; } if ($count_smilies > 15) { echo " "; } } echo " BBCodes: Text = Text Text = Text Text = Text if (isset($get_lang)) { echo "?lang=".$_GET['lang'].""; } echo "','BBCodes','260','495','custom','front');\">".$ms[19]."   ".$ms[46].": if (isset($get_lang)) { echo "?lang=".$_GET['lang'].""; } echo "','Smilies','215','200','custom','front');\">".$ms[19]."
".$ms[10].""; if (isset($properties['check_email']) AND $properties['check_email'] == 1) { echo "*"; } echo "	if (isset($_COOKIE['email']) AND $_COOKIE['email'] != "") { echo "".$_COOKIE['email'].""; } elseif (isset($_POST['email']) AND $_POST['email'] != "") { echo "".$_POST['email'].""; } echo"\" tabindex=\"2\" />
";<br /> <br /> if (isset($_POST['text'])) {<br /> echo stripslashes($_POST['text']);<br /> }<br /> <br /> echo "
if (isset($_COOKIE['save_settings']) AND $_COOKIE['save_settings'] == 1) { echo " checked=\"checked\""; } echo " value=\"1\" /> ".$ms[205].""; if (extension_loaded("gd") AND $properties['captcha'] == 1) { echo "  "; } echo "

";
} else {
echo "".$ms[34]."";
}

echo "