function outputToScreen($postCount, $postId, $message, $createdTime)
{
//echo $post_number . '.';
//echo '<br>';
//echo 'ID: ' . $post_id;
//echo '<br>';
$message = strip_tags($message);
//echo 'Original text: ' . $message;
//echo '<br>';
$message = cleanPost($message);
//echo 'Cleaned text: ' . $message;
echo $message;
// echo '<br>';
// echo "Posted at: " . $created_time;
// echo '<br>';
echo '<br>';
/*echo '<br>';
echo "Link: ".$link;
echo '<br>';
echo "Posted at: " . $created_time;
echo '<br>';
echo "Updated at: " . $updated_time;
*/
/*$hasComments = true;
if($dTime != $dTime1)
{
$hasComments = true;
//handleComments($id)
}
else
{
$hasComments = false;
}*/
echo '<br>';
}
function insertPostIntoCleanTable($mysqli, $debugFlag, $selectTable, $insertTable)
{
// Get 'dirty' posts
$query_string = "SELECT id,message FROM " . $selectTable;
$i = 0;
// Attempt select query execution
if ($result = mysqli_query($mysqli, $query_string)) {
if (mysqli_num_rows($result) > 0) {
while ($row = mysqli_fetch_array($result)) {
if (!helpInsertPostIntoClean($mysqli, $row["id"], cleanPost($row["message"]), $insertTable, $debugFlag)) {
echo "<p>Error: with " . $i . " record.</p>";
break;
}
$i++;
}
// Close result set
mysqli_free_result($result);
} else {
echo "<p>Error: No records matching your query were found.</p>";
return false;
}
} else {
echo "<p>Error: Not able to execute " . $query_string . mysqli_error($mysqli) . "</p>";
return false;
}
echo "<p>Successfully inserted " . $i . " posts into " . $insertTable . " </p>";
// Close connection
//mysqli_close($mysqli);
return true;
}
function filter_to_db($s, $iAllowHTML = 0)
{
if ($iAllowHTML) {
cleanPost($s);
// if html is allowed than we will not run it through process_db_input
// cuz are using PDO bindings and don't want to run escape on it
return $s;
} else {
return process_db_input($s, BX_TAGS_STRIP);
}
}
} elseif (isset($_GET['down'])) {
$mitemid = cleanGet($_GET['down']);
editWebsiteMenuOrder($siteid, $mitemid, 'down');
} elseif (isset($_GET['addpage']) && isset($_POST['page_title']) && strlen($_POST['page_title']) > 1) {
$page_title = cleanGet($_POST['page_title']);
if (isActive($userid)) {
if (maxSitePages($siteid) == false) {
addPage($siteid, $page_title);
} else {
sysMsg(MSG00119);
}
} else {
demoMsg();
}
} elseif (isset($_GET['changetitle']) && isset($_POST['old_page_id'])) {
$pageid = cleanPost($_POST['old_page_id']);
$title = cleanPost($_POST['new_page_title']);
if (isActive($userid)) {
changePageTitle($pageid, $title);
} else {
demoMsg();
}
}
if ($siteid != 0 && $showmenu == true) {
editWebsiteMenu($siteid);
}
} else {
giveWarning();
}
//END MENU
include_once 'admin_template/footer.php';
function filter_to_db($s, $iAllowHTML = 0)
{
if ($iAllowHTML) {
cleanPost($s);
return process_db_input($s, BX_TAGS_NO_ACTION);
} else {
return process_db_input($s, BX_TAGS_STRIP);
}
}
function prepare_to_db(&$s, $iAllowHTML = 1)
{
if ($iAllowHTML) {
cleanPost($s);
}
}
show_page('terms');
break;
case 'user':
if ($index_page[1] == 'register') {
if (isset($_POST['account_active'])) {
if (!$_POST['account_active'] != 0) {
//0 = Demo account
$newuser = array();
$newuser['id'] = NULL;
$newuser['username'] = cleanPost($_POST['username']);
$newuser['fullnames'] = cleanPost($_POST['fullnames']);
$newuser['group'] = cleanPost($_POST['group']);
$newuser['phone'] = cleanPost($_POST['phone']);
$newuser['user_website'] = cleanPost($_POST['user_website']);
$newuser['email'] = cleanPost($_POST['email']);
$newuser['referred_by'] = cleanPost($_POST['referred_by']);
$regmsg = '';
if (strlen($_POST['username']) < 3) {
$regmsg = translate('The username that you have entered is too short.', sz_config('language'));
} elseif (isValidUsername($_POST['username']) == false) {
$regmsg = translate('The username that you have entered is invalid or already exists.', sz_config('language'));
} elseif (isValid($_POST['fullnames'], 'names') == false) {
$regmsg = translate('Your full names should only contain alphabetic characters.', sz_config('language'));
} elseif ($_POST['account_active'] != 0) {
$regmsg = translate('Hack attempt detected. Data logged and submitted to administrators.', sz_config('language'));
} elseif (isValid($_POST['group'], 'number') == false) {
$regmsg = translate('Hack attempt detected. Data logged and submitted to administrators.', sz_config('language'));
} elseif (isValid($_POST['phone'], 'phone') == false) {
$regmsg = translate('The phone number that you\'ve entered is invalid.', sz_config('translate'));
} elseif (strlen($_POST['user_website']) > 0 && isValid($_POST['user_website'], 'website') == false) {
$regmsg = translate('The website that you\'ve entered is invalid. Please do not add http:// to the address.', sz_config('language'));
$websitedata['error'] = MSG00006;
}
if (isValid($_POST['website_url'], 'website')) {
$websitedata['website_url'] = cleanPost($_POST['website_url']);
} else {
$websitedata['website_url'] = cleanPost($_POST['website_url']);
$haserrors = true;
$websitedata['error'] = MSG00005;
}
$websitedata['website_description'] = cleanPost($_POST['website_description']);
$websitedata['website_keywords'] = cleanPost($_POST['website_keywords']);
$websitedata['creator_name'] = cleanPost($_POST['creator_name']);
if (isValid($_POST['creator_website'], 'website')) {
$websitedata['creator_website'] = cleanPost($_POST['creator_website']);
} else {
$websitedata['creator_website'] = cleanPost($_POST['creator_website']);
$haserrors = true;
$websitedata['error'] = MSG00004;
}
if (isActive($userid)) {
if ($haserrors == false) {
saveWebsiteSettings($websitedata);
}
} else {
demoMsg();
}
}
if ($haserrors) {
editWebsiteSettings($siteid, $websitedata);
} else {
editWebsiteSettings($siteid);
header("Location: index.php");
}
include_once 'functions/functions.php';
include_once 'functions/page_functions.php';
$userid = checkSession();
$siteid = checkSiteId();
include_once 'admin_template/header.php';
//START PAGES
if ($siteid != 0) {
if (isset($_GET['pages']) && is_numeric($_GET['pages']) && $_GET['pages'] > '0') {
$pageid = cleanGet($_GET['pages']);
if (pageBelongsTo($pageid, $siteid) == false) {
$pageid = NULL;
} elseif (isset($_POST['TextAreaData'])) {
$page = array();
$page['id'] = cleanPost($_POST['id']);
$page['content'] = $_POST['TextAreaData'];
if (!isContactPage($page['id'])) {
if (isActive($userid)) {
savePage($page);
// $_POST['TextAreaData'] = NULL;
// $page['content'] = NULL;
} else {
demoMsg();
}
}
}
editWebsitePage($siteid, $pageid);
} else {
editWebsitePage($siteid, NULL);
}
}
if (isset($_GET['items_per_page'])) {
if (is_numeric($_GET['items_per_page'])) {
$_SESSION['items_per_page'] = $_GET['items_per_page'];
}
}
include_once 'functions/functions.php';
include_once 'functions/template_functions.php';
$userid = checkSession();
$siteid = checkSiteId();
include_once 'admin_template/header.php';
if ($siteid != 0) {
if (isset($_GET['action'])) {
$taction = cleanGet($_GET['action']);
if ($taction == 'save' && isset($_POST['website_template'])) {
$template = cleanPost($_POST['website_template']);
if (isActive($userid)) {
saveWebsiteTemplate($siteid, $template);
} else {
demoMsg();
}
}
}
if (isset($_GET['tview']) && is_numeric($_GET['tview'])) {
$view = $_GET['tview'];
} else {
$view = 0;
}
$_SESSION['website'] = $siteid;
showTemplates($siteid, $view, 0, 'select');
} else {
$userdata['email'] = cleanPost($_POST['email']);
$userdata['language'] = cleanPost($_POST['language']);
$userdata['password'] = NULL;
//check if password was changed and update
if ($_POST['passw1'] != "" or $_POST['passw2'] != "") {
if (strlen($_POST['passw1']) < 5) {
$savedetails = false;
$showindex = false;
$userdata['password'] = NULL;
sysMsg(MSG00182);
userForm($userdata);
} else {
$passw1 = cleanPost($_POST['passw1']);
$passw2 = cleanPost($_POST['passw2']);
if ($passw1 == $passw2) {
$password = cleanPost($_POST['passw1']);
$newuserpass = md5($password);
$userdata['password'] = $newuserpass;
$_SESSION['user'] = md5($newuserpass);
$passw_changed = true;
} else {
$savedetails = false;
$showindex = false;
$userdata['password'] = NULL;
sysMsg(MSG00181);
userForm($userdata);
}
}
}
if ($savedetails == true) {
saveUser($userdata);
