/**
  * Standard modular run function for snippet hooks. Generates XHTML to insert into a page using AJAX.
  *
  * @return tempcode  The snippet
  */
 function run()
 {
     $type = get_param('type');
     if (!has_zone_access(get_member(), 'adminzone')) {
         return new ocp_tempcode();
     }
     decache('main_staff_checklist');
     require_lang('staff_checklist');
     switch ($type) {
         case 'add':
             $recurinterval = get_param_integer('recurinterval', 0);
             $task_title = get_param('tasktitle', false, true);
             $id = $GLOBALS['SITE_DB']->query_insert('customtasks', array('tasktitle' => $task_title, 'datetimeadded' => time(), 'recurinterval' => $recurinterval, 'recurevery' => get_param('recurevery'), 'taskisdone' => NULL), true);
             require_code('notifications');
             $subject = do_lang('CT_NOTIFICATION_MAIL_SUBJECT', get_site_name(), $task_title);
             $mail = do_lang('CT_NOTIFICATION_MAIL', comcode_escape(get_site_name()), comcode_escape($task_title));
             dispatch_notification('checklist_task', NULL, $subject, $mail);
             return do_template('BLOCK_MAIN_STAFF_CHECKLIST_CUSTOM_TASK', array('TASKTITLE' => comcode_to_tempcode(get_param('tasktitle', false, true)), 'DATETIMEADDED' => display_time_period(time()), 'RECURINTERVAL' => $recurinterval == 0 ? '' : integer_format($recurinterval), 'RECUREVERY' => get_param('recurevery'), 'TASKDONE' => 'not_completed', 'ID' => strval($id)));
         case 'delete':
             $GLOBALS['SITE_DB']->query_delete('customtasks', array('id' => get_param_integer('id')), '', 1);
             break;
         case 'mark_done':
             $GLOBALS['SITE_DB']->query_update('customtasks', array('taskisdone' => time()), array('id' => get_param_integer('id')), '', 1);
             break;
         case 'mark_undone':
             $GLOBALS['SITE_DB']->query_update('customtasks', array('taskisdone' => NULL), array('id' => get_param_integer('id')), '', 1);
             break;
     }
     return new ocp_tempcode();
 }
Beispiel #2
0
/**
 * Check the Comcode is valid.
 *
 * @param  LONG_TEXT		The comcode to convert
 * @param  ?MEMBER		The member the evaluation is running as. This is a security issue, and you should only run as an administrator if you have considered where the comcode came from carefully (NULL: current member)
 * @param  boolean		Whether to explicitly execute this with admin rights. There are a few rare situations where this should be done, for data you know didn't come from a member, but is being evaluated by one.
 * @param  ?object		The database connection to use (NULL: standard site connection)
 * @param  boolean		Whether there might be new attachments. If there are, we will check as lax- as attachments are always preserved by forcing lax parsing.
 */
function check_comcode($comcode, $source_member = NULL, $as_admin = false, $connection = NULL, $attachment_possibility = false)
{
    if (running_script('stress_test_loader')) {
        return;
    }
    global $LAX_COMCODE;
    $temp = $LAX_COMCODE;
    if ($attachment_possibility) {
        $has_one = false;
        foreach ($_POST as $key => $value) {
            if (preg_match('#^hidFileID\\_#i', $key) != 0) {
                require_code('uploads');
                $has_one = is_swf_upload();
            }
        }
        foreach ($_FILES as $key => $file) {
            $matches = array();
            if (is_uploaded_file($file['tmp_name']) && preg_match('#file(\\d)#', $key, $matches) != 0) {
                $has_one = true;
            }
        }
        if ($has_one) {
            $LAX_COMCODE = true;
        }
        // We don't want a simple syntax error to cause us to lose our attachments
    }
    comcode_to_tempcode($comcode, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, true);
    $LAX_COMCODE = $temp;
}
Beispiel #3
0
 /**
  * Standard modular run function for preview hooks.
  *
  * @return array			A pair: The preview, the updated post Comcode
  */
 function run()
 {
     require_code('comcode_add');
     $comcode = _get_preview_environment_comcode(post_param('tag'));
     $temp_tpl = comcode_to_tempcode($comcode[0]);
     return array($temp_tpl, NULL);
 }
Beispiel #4
0
 /**
  * Standard modular run function for preview hooks.
  *
  * @return array			A pair: The preview, the updated post Comcode
  */
 function run()
 {
     if (!has_specific_permission(get_member(), 'comcode_dangerous')) {
         exit;
     }
     require_code('zones2');
     require_code('zones3');
     $bparameters = '';
     $bparameters_xml = '';
     $block = post_param('block');
     $parameters = get_block_parameters($block);
     $parameters[] = 'failsafe';
     $parameters[] = 'cache';
     $parameters[] = 'quick_cache';
     foreach ($parameters as $parameter) {
         $value = post_param($parameter, NULL);
         if (is_null($value)) {
             if (post_param_integer('tick_on_form__' . $parameter, NULL) === NULL) {
                 continue;
             }
             // If not on form, continue, otherwise must be 0
             $value = '0';
         }
         if ($value != '' && ($parameter != 'failsafe' || $value == '1') && ($parameter != 'cache' || $value != block_cache_default($block)) && ($parameter != 'quick_cache' || $value == '1')) {
             $bparameters .= ' ' . $parameter . '="' . str_replace('"', '\\"', $value) . '"';
             $bparameters_xml = '<blockParam key="' . escape_html($parameter) . '" val="' . escape_html($value) . '" />';
         }
     }
     $comcode = '[block' . $bparameters . ']' . $block . '[/block]';
     $preview = comcode_to_tempcode($comcode);
     return array($preview, NULL);
 }
Beispiel #5
0
 /**
  * Standard modular run function.
  *
  * @param  array		A map of parameters.
  * @return tempcode	The result of execution.
  */
 function run($map)
 {
     unset($map);
     $forum = get_forum_type();
     $out = new ocp_tempcode();
     if ($forum != 'none') {
         // Standard welcome back vs into greeting
         $member = get_member();
         if (is_guest($member)) {
             $redirect = get_self_url(true, true);
             $login_url = build_url(array('page' => 'login', 'type' => 'misc', 'redirect' => $redirect), get_module_zone('login'));
             $join_url = $GLOBALS['FORUM_DRIVER']->join_url();
             $join_bits = do_template('JOIN_OR_LOGIN', array('LOGIN_URL' => $login_url, 'JOIN_URL' => $join_url));
             $p = do_lang_tempcode('WELCOME', $join_bits);
             $out->attach(paragraph($p, 'hhrt4dsgdsgd'));
         } else {
             $out->attach(paragraph(do_lang_tempcode('WELCOME_BACK', escape_html($GLOBALS['FORUM_DRIVER']->get_username($member))), 'gfgdf9gjd'));
         }
     }
     $message = get_option('welcome_message');
     if (has_actual_page_access(get_member(), 'admin_config')) {
         if ($message != '') {
             $message .= ' [[page="_SEARCH:admin_config:category:SITE#group_GENERAL"]' . do_lang('EDIT') . '[/page]]';
         }
     }
     $out->attach(comcode_to_tempcode($message, NULL, true));
     return $out;
 }
Beispiel #6
0
 /**
  * Standard modular run function for preview hooks.
  *
  * @return array			A pair: The preview, the updated post Comcode
  */
 function run()
 {
     require_code('uploads');
     $urls = get_url('', 'file', 'uploads/iotds', 0, OCP_UPLOAD_IMAGE, true, '', 'file2');
     if ($urls[0] == '') {
         if (!is_null(post_param_integer('id', NULL))) {
             $rows = $GLOBALS['SITE_DB']->query_select('iotds', array('url', 'thumb_url'), array('id' => post_param_integer('id')), '', 1);
             $urls = $rows[0];
             $url = $urls['url'];
             $thumb_url = $urls['thumb_url'];
         } else {
             warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN_UPLOAD'));
         }
     } else {
         $url = $urls[0];
         $thumb_url = $urls[1];
     }
     $caption = comcode_to_tempcode(post_param('caption', ''));
     $title = comcode_to_tempcode(post_param('title', ''));
     require_code('images');
     $thumb = do_image_thumb(url_is_local($thumb_url) ? get_custom_base_url() . '/' . $thumb_url : $thumb_url, $caption, true);
     $url = url_is_local($url) ? get_custom_base_url() . '/' . $url : $url;
     $preview = do_template('IOTD', array('ID' => '', 'IMAGE_URL' => $url, 'SUBMITTER' => strval(get_member()), 'VIEW_URL' => $url, 'IMAGE' => $thumb, 'CAPTION' => $title));
     return array($preview, NULL);
 }
Beispiel #7
0
 function testHtml()
 {
     $expectations = array(" - foo" => "<ul><li>foo</li></ul>");
     foreach ($expectations as $comcode => $html) {
         $actual = comcode_to_tempcode($comcode);
         assertTrue(preg_replace('#\\s#', '', $html) == preg_replace('#\\s#', '', $actual->evaluate()));
     }
 }
Beispiel #8
0
 function testComcode()
 {
     $expectations = array(" - foo  " => "<ul><li>foo</li></ul>", " - foo\n - bar" => "<ul><li>foo</li><li>bar</li></ul>", " - foo - bar" => " - foo - bar", "" => " ", " -foo" => "-foo", "-foo" => "-foo", "--foo" => "--foo", "[b]bar[/b]" => "<strongclass=\"comcode_bold\">bar</strong>");
     foreach ($expectations as $comcode => $html) {
         $actual = comcode_to_tempcode($comcode, NULL, false, 60, NULL, NULL, false, false, false, false, false, NULL, NULL);
         $matches = preg_replace('#\\s#', '', $html) == str_replace("&nbsp;", "", preg_replace('#\\s#', '', $actual->evaluate()));
         //			if (!$matches)
         //				exit(preg_replace('#\s#','',$html).' vs '.str_replace("&nbsp;","",preg_replace('#\s#','',$actual->evaluate())));
         $this->assertTrue($matches);
     }
 }
 /**
  * Standard modular run function.
  *
  * @param  array		A map of parameters.
  * @return tempcode	The result of execution.
  */
 function run($map)
 {
     if (!array_key_exists('param', $map)) {
         return new ocp_tempcode();
     }
     if (match_key_match($map['param'])) {
         $caption = array_key_exists('caption', $map) ? $map['caption'] : '';
         return comcode_to_tempcode($caption, get_member(), true);
     }
     return new ocp_tempcode();
 }
Beispiel #10
0
/**
 * Show a download licence for display
 */
function download_licence_script()
{
    $id = get_param_integer('id');
    $rows = $GLOBALS['SITE_DB']->query_select('download_licences', array('*'), array('id' => $id), '', 1);
    if (!array_key_exists(0, $rows)) {
        warn_exit(do_lang_tempcode('MISSING_RESOURCE'));
    }
    $licence_title = $rows[0]['l_title'];
    $licence_text = $rows[0]['l_text'];
    $echo = do_template('POPUP_HTML_WRAP', array('_GUID' => 'd8f60d5f6f56b08589ed6f4b874dad85', 'TITLE' => $licence_title, 'CONTENT' => comcode_to_tempcode($licence_text, $GLOBALS['FORUM_DRIVER']->get_guest_id(), false)));
    $echo->evaluate_echo();
}
Beispiel #11
0
 /**
  * Standard modular run function for preview hooks.
  *
  * @return array			A pair: The preview, the updated post Comcode
  */
 function run()
 {
     // Find review, if there is one
     $individual_review_ratings = array();
     $review_rating = post_param('review_rating', '');
     if ($review_rating != '') {
         $individual_review_ratings[''] = array('REVIEW_TITLE' => '', 'REVIEW_RATING' => $review_rating);
     }
     $poster_name = $GLOBALS['FORUM_DRIVER']->get_username(get_member());
     $post = comcode_to_tempcode(post_param('post'));
     // OCF renderings of poster
     static $hooks = NULL;
     if (is_null($hooks)) {
         $hooks = find_all_hooks('modules', 'topicview');
     }
     static $hook_objects = NULL;
     if (is_null($hook_objects)) {
         $hook_objects = array();
         foreach (array_keys($hooks) as $hook) {
             require_code('hooks/modules/topicview/' . filter_naughty_harsh($hook));
             $object = object_factory('Hook_' . filter_naughty_harsh($hook), true);
             if (is_null($object)) {
                 continue;
             }
             $hook_objects[$hook] = $object;
         }
     }
     if (!is_guest()) {
         require_code('ocf_members2');
         $poster_details = ocf_show_member_box(get_member(), false, $hooks, $hook_objects, false);
     } else {
         $custom_fields = new ocp_tempcode();
         $poster_details = new ocp_tempcode();
     }
     if (addon_installed('ocf_forum')) {
         if (!is_guest()) {
             $poster = do_template('OCF_POSTER_MEMBER', array('ONLINE' => true, 'ID' => strval(get_member()), 'POSTER_DETAILS' => $poster_details, 'PROFILE_URL' => $GLOBALS['FORUM_DRIVER']->member_profile_url(get_member(), false, true), 'POSTER_USERNAME' => $poster_name));
         } else {
             $poster = do_template('OCF_POSTER_GUEST', array('IP_LINK' => '', 'POSTER_DETAILS' => $poster_details, 'POSTER_USERNAME' => $poster_name));
         }
     } else {
         $poster = make_string_tempcode(escape_html($poster_name));
         // Should never happen actually, as applies discounts hook from even running
     }
     $highlight = false;
     $datetime_raw = time();
     $datetime = get_timezoned_date(time());
     $poster_url = $GLOBALS['FORUM_DRIVER']->member_profile_url(get_member());
     $title = post_param('title', '');
     $tpl = do_template('POST', array('INDIVIDUAL_REVIEW_RATINGS' => $individual_review_ratings, 'HIGHLIGHT' => $highlight, 'TITLE' => $title, 'TIME_RAW' => strval($datetime_raw), 'TIME' => $datetime, 'POSTER_URL' => $poster_url, 'POSTER_NAME' => $poster_name, 'POST' => $post, 'POSTER_ID' => strval(get_member()), 'POSTER' => $poster, 'POSTER_DETAILS' => $poster_details, 'ID' => '', 'CHILDREN' => '', 'RATING' => '', 'EMPHASIS' => '', 'BUTTONS' => '', 'TOPIC_ID' => '', 'UNVALIDATED' => '', 'IS_SPACER_POST' => false, 'NUM_TO_SHOW_LIMIT' => '0'));
     return array($tpl, NULL);
 }
Beispiel #12
0
 /**
  * Standard modular run function.
  *
  * @param  array		A map of parameters.
  * @return tempcode	The result of execution.
  */
 function run($map)
 {
     require_lang('quotes');
     $file = array_key_exists('param', $map) ? $map['param'] : 'quotes';
     $title = array_key_exists('title', $map) ? $map['title'] : do_lang('QUOTES');
     require_code('textfiles');
     $place = _find_text_file_path($file, '');
     if (!file_exists($place)) {
         warn_exit(do_lang_tempcode('DIRECTORY_NOT_FOUND', escape_html($place)));
     }
     $edit_url = new ocp_tempcode();
     if ($file == 'quotes' && has_actual_page_access(get_member(), 'quotes', 'adminzone')) {
         $edit_url = build_url(array('page' => 'quotes'), 'adminzone');
     }
     return do_template('BLOCK_MAIN_QUOTES', array('_GUID' => '7cab7422f603f7b1197c940de48b99aa', 'TITLE' => $title, 'EDIT_URL' => $edit_url, 'FILE' => $file, 'CONTENT' => comcode_to_tempcode($this->get_random_line($place), NULL, true)));
 }
Beispiel #13
0
 /**
  * Standard modular run function for preview hooks.
  *
  * @return array			A pair: The preview, the updated post Comcode
  */
 function run()
 {
     $original_comcode = post_param('post');
     $posting_ref_id = post_param_integer('posting_ref_id', mt_rand(0, 100000));
     $post_bits = do_comcode_attachments($original_comcode, 'news', strval(-$posting_ref_id), true, $GLOBALS['SITE_DB']);
     $post_comcode = $post_bits['comcode'];
     $post_html = $post_bits['tempcode'];
     $view_space_map = array();
     $view_space_map[post_param('label_for__title')] = escape_html(post_param('title'));
     $view_space_map[post_param('label_for__post')] = $post_html;
     $view_space_map[post_param('label_for__news')] = comcode_to_tempcode(post_param('news', ''));
     require_code('templates_view_space');
     $view_space_fields = new ocp_tempcode();
     foreach ($view_space_map as $key => $val) {
         $view_space_fields->attach(view_space_field($key, $val, true));
     }
     $output = do_template('VIEW_SPACE', array('WIDTH' => '170', 'FIELDS' => $view_space_fields));
     return array($output, $post_comcode);
 }
function activities_ajax_submit_handler()
{
    header('Content-Type: text/xml');
    //	header('HTTP/1.0 200 Ok');
    header("Cache-Control: no-cache, must-revalidate");
    // HTTP/1.1
    header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
    // Date in the past
    $response = '<' . '?xml version="1.0" encoding="' . get_charset() . '" ?' . '>';
    $response .= '<response><content>';
    $map = array();
    $guest_id = intval($GLOBALS['FORUM_DRIVER']->get_guest_id());
    if (!is_guest(get_member())) {
        $map['STATUS'] = trim(either_param('status', ''));
        if (post_param('zone', '') != '' && $map['STATUS'] != '' && $map['STATUS'] != do_lang('activities:TYPE_HERE')) {
            comcode_to_tempcode($map['STATUS'], $guest_id, false, NULL);
            $map['PRIVACY'] = either_param('privacy', 'private');
            if (strlen(strip_tags($map['STATUS'])) < strlen($map['STATUS'])) {
                $cc_guide = build_url(array('page' => 'userguide_comcode'), 'site');
                $response .= '<success>0</success><feedback><![CDATA[No HTML allowed. See <a href="' . $cc_guide->evaluate() . '">Comcode Help</a> for info on the alternative.]]></feedback>';
            } else {
                if (strlen($map['STATUS']) > 255) {
                    $response .= '<success>0</success><feedback>Message is ' . strval(strlen($map['STATUS']) - 255) . ' characters too long</feedback>';
                } else {
                    $stored_id = activities_addon_syndicate_described_activity('RAW_DUMP', $map['STATUS'], '', '', '', '', '', '', $map['PRIVACY'] == 'public' ? 1 : 0);
                    if ($stored_id > 0) {
                        $response .= '<success>1</success><feedback>Message received.</feedback>';
                    } elseif ($stored_id == -1) {
                        $response .= '<success>0</success><feedback>Message already received.</feedback>';
                    }
                }
            }
        }
    } else {
        $response .= '<success>0</success><feedback>' . do_lang('LOGIN_EXPIRED_POST') . '</feedback>';
    }
    $response .= '</content></response>';
    echo $response;
}
Beispiel #15
0
 /**
  * Standard modular run function for preview hooks.
  *
  * @return array			A pair: The preview, the updated post Comcode
  */
 function run()
 {
     require_code('uploads');
     require_lang('banners');
     // Check according to banner type
     $title_text = post_param('title_text', '');
     $direct_code = post_param('direct_code', '');
     $url_param_name = 'image_url';
     $file_param_name = 'file';
     require_code('uploads');
     $is_upload = is_swf_upload() || array_key_exists($file_param_name, $_FILES) && (array_key_exists('tmp_name', $_FILES[$file_param_name]) && is_uploaded_file($_FILES[$file_param_name]['tmp_name']));
     $_banner_type_rows = $GLOBALS['SITE_DB']->query_select('banner_types', array('*'), array('id' => post_param('b_type')), '', 1);
     if (!array_key_exists(0, $_banner_type_rows)) {
         warn_exit(do_lang_tempcode('MISSING_RESOURCE'));
     }
     $banner_type_row = $_banner_type_rows[0];
     if ($banner_type_row['t_is_textual'] == 0) {
         if ($direct_code == '') {
             $urls = get_url($url_param_name, $file_param_name, 'uploads/banners', 0, $is_upload ? OCP_UPLOAD_IMAGE : OCP_UPLOAD_ANYTHING);
             $img_url = fixup_protocolless_urls($urls[0]);
             if ($img_url == '') {
                 warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN_UPLOAD_BANNERS'));
             }
         } else {
             $img_url = '';
         }
     } else {
         $img_url = '';
         if ($title_text == '') {
             warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN_BANNERS'));
         }
         if (strlen($title_text) > $banner_type_row['t_max_file_size']) {
             warn_exit(do_lang_tempcode('BANNER_TOO_LARGE_2', integer_format(strlen($title_text)), integer_format($banner_type_row['t_max_file_size'])));
         }
     }
     require_code('banners');
     $preview = show_banner(post_param('name'), post_param('title_text', ''), comcode_to_tempcode(post_param('caption')), $img_url, '', post_param('site_url'), post_param('b_type'));
     return array($preview, NULL);
 }
Beispiel #16
0
/**
 * Output the ocWorld messages script.
 */
function ocworld_messages_script()
{
    require_lang('ocworld');
    require_lang('chat');
    $member_id = get_member();
    $rows = $GLOBALS['SITE_DB']->query_select('w_members', array('location_realm', 'location_x', 'location_y'), array('id' => $member_id), '', 1);
    if (!array_key_exists(0, $rows)) {
        warn_exit(do_lang_tempcode('MISSING_RESOURCE'));
    }
    list($realm, $x, $y) = array($rows[0]['location_realm'], $rows[0]['location_x'], $rows[0]['location_y']);
    $rows = $GLOBALS['SITE_DB']->query('SELECT * FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'w_messages WHERE location_x=' . strval((int) $x) . ' AND location_y=' . strval((int) $y) . ' AND location_realm=' . strval((int) $realm) . ' AND (destination=' . strval((int) $member_id) . ' OR destination IS NULL OR originator_id=' . strval((int) $member_id) . ') ORDER BY m_datetime DESC');
    $messages = new ocp_tempcode();
    foreach ($rows as $myrow) {
        $message_sender = $GLOBALS['FORUM_DRIVER']->get_username($myrow['originator_id']);
        if (is_null($message_sender)) {
            $message_sender = do_lang('UNKNOWN');
        }
        $messages->attach(do_template('W_MESSAGE_' . (is_null($myrow['destination']) ? 'ALL' : 'TO'), array('MESSAGESENDER' => $message_sender, 'MESSAGE' => comcode_to_tempcode($myrow['m_message'], $myrow['originator_id']), 'DATETIME' => get_timezoned_date($myrow['m_datetime']))));
    }
    $css = do_template('CSS_NEED', array('_GUID' => '0c2b42583214051a3841d4654537b16f', 'CODE' => 'ocworld'));
    $tpl = do_template('W_MESSAGES', array('_GUID' => '05b40c794578d3221e2775895ecf8dbb', 'MESSAGES' => $messages, 'CSS' => $css));
    $tpl->evaluate_echo();
}
Beispiel #17
0
 /**
  * Standard modular run function for preview hooks.
  *
  * @return array			A pair: The preview, the updated post Comcode
  */
 function run()
 {
     // Our questions templated
     $tpl = new ocp_tempcode();
     $i = 1;
     do {
         $answer_plain = post_param('option' . strval($i));
         if ($answer_plain != '') {
             $answer = comcode_to_tempcode($answer_plain);
             $votes = 0;
             $width = 0;
             $tpl->attach(do_template('POLL_ANSWER_RESULT', array('PID' => '', 'I' => strval($i), 'VOTE_URL' => '', 'ANSWER' => $answer, 'ANSWER_PLAIN' => $answer_plain, 'WIDTH' => strval($width), 'VOTES' => integer_format($votes))));
             $i++;
         }
     } while ($answer_plain != '');
     $submit_url = new ocp_tempcode();
     // Do our final template
     $question_plain = post_param('question');
     $question = comcode_to_tempcode($question_plain);
     $archive_url = build_url(array('page' => 'polls', 'type' => 'misc'), get_module_zone('polls'));
     $map2 = array('VOTE_URL' => '', 'SUBMITTER' => strval(get_member()), 'PID' => '', 'FULL_URL' => '', 'CONTENT' => $tpl, 'QUESTION' => $question, 'QUESTION_PLAIN' => $question_plain, 'SUBMIT_URL' => $submit_url, 'ARCHIVE_URL' => $archive_url, 'RESULT_URL' => '', 'ZONE' => '');
     $output = do_template('POLL', $map2);
     return array($output, NULL);
 }
Beispiel #18
0
 /**
  * Makes a post in the specified forum, in the specified topic according to the given specifications. If the topic doesn't exist, it is created along with a spacer-post.
  * Spacer posts exist in order to allow staff to delete the first true post in a topic. Without spacers, this would not be possible with most forum systems. They also serve to provide meta information on the topic that cannot be encoded in the title (such as a link to the content being commented upon).
  *
  * @param  SHORT_TEXT	The forum name
  * @param  SHORT_TEXT	The topic identifier (usually <content-type>_<content-id>)
  * @param  MEMBER			The member ID
  * @param  LONG_TEXT		The post title
  * @param  LONG_TEXT		The post content in Comcode format
  * @param  string			The topic title; must be same as content title if this is for a comment topic
  * @param  string			This is put together with the topic identifier to make a more-human-readable topic title or topic description (hopefully the latter and a $content_title title, but only if the forum supports descriptions)
  * @param  ?URLPATH		URL to the content (NULL: do not make spacer post)
  * @param  ?TIME			The post time (NULL: use current time)
  * @param  ?IP				The post IP address (NULL: use current members IP address)
  * @param  ?BINARY		Whether the post is validated (NULL: unknown, find whether it needs to be marked unvalidated initially). This only works with the OCF driver.
  * @param  ?BINARY		Whether the topic is validated (NULL: unknown, find whether it needs to be marked unvalidated initially). This only works with the OCF driver.
  * @param  boolean		Whether to skip post checks
  * @param  SHORT_TEXT	The name of the poster
  * @param  ?AUTO_LINK	ID of post being replied to (NULL: N/A)
  * @param  boolean		Whether the reply is only visible to staff
  * @return array			Topic ID (may be NULL), and whether a hidden post has been made
  */
 function make_post_forum_topic($forum_name, $topic_identifier, $member, $post_title, $_post, $content_title, $topic_identifier_encapsulation_prefix, $content_url = NULL, $time = NULL, $ip = NULL, $validated = NULL, $topic_validated = 1, $skip_post_checks = false, $poster_name_if_guest = '', $parent_id = NULL, $staff_only = false)
 {
     $__post = comcode_to_tempcode($_post);
     $post = $__post->evaluate();
     if (is_null($time)) {
         $time = time();
     }
     if (is_null($ip)) {
         $ip = get_ip_address();
     }
     $forum_id = $this->forum_id_from_name($forum_name);
     if (is_null($forum_id)) {
         warn_exit(do_lang_tempcode('MISSING_FORUM', escape_html($forum_name)));
     }
     $username = $this->get_username($member);
     $topic_id = $this->find_topic_id_for_topic_identifier($forum_name, $topic_identifier);
     $is_new = is_null($topic_id);
     if ($is_new) {
         $topic_id = $this->connection->query_insert('topics', array('title' => $this->ipb_escape($content_title . ', ' . $topic_identifier_encapsulation_prefix . ': #' . $topic_identifier), 'state' => 'open', 'posts' => 1, 'starter_id' => $member, 'start_date' => $time, 'icon_id' => 0, 'starter_name' => $username, 'poll_state' => 0, 'last_vote' => 0, 'forum_id' => $forum_id, 'approved' => 1, 'author_mode' => 1), true);
         $home_link = hyperlink($content_url, escape_html($content_title));
         $this->connection->query_insert('posts', array('author_id' => 0, 'author_name' => do_lang('SYSTEM', '', '', '', get_site_default_lang()), 'ip_address' => '127.0.0.1', 'post_date' => $time, 'icon_id' => 0, 'post' => do_lang('SPACER_POST', $home_link->evaluate(), '', '', get_site_default_lang()), 'queued' => 0, 'topic_id' => $topic_id, 'forum_id' => $forum_id, 'attach_id' => '', 'attach_hits' => 0, 'attach_type' => '', 'attach_file' => '', 'post_title' => '', 'new_topic' => 1));
         $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'forums SET topics=(topics+1) WHERE id=' . strval((int) $forum_id), 1);
     }
     $GLOBALS['LAST_TOPIC_ID'] = $topic_id;
     $GLOBALS['LAST_TOPIC_IS_NEW'] = $is_new;
     if ($post == '') {
         return array($topic_id, false);
     }
     $this->connection->query_insert('posts', array('author_id' => $member, 'author_name' => $this->ipb_escape($username), 'ip_address' => $ip, 'post_date' => $time, 'icon_id' => 0, 'post' => $post, 'queued' => 0, 'topic_id' => $topic_id, 'forum_id' => $forum_id, 'attach_id' => '', 'attach_hits' => 0, 'attach_type' => '', 'attach_file' => '', 'post_title' => $this->ipb_escape($post_title), 'new_topic' => 0));
     $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'forums SET posts=(posts+1), last_post=' . strval($time) . ', last_poster_id=' . strval((int) $member) . ', last_poster_name=\'' . db_escape_string($this->ipb_escape($username)) . '\', last_id=' . strval((int) $topic_id) . ', last_title=\'' . db_escape_string($this->ipb_escape($post_title)) . '\' WHERE id=' . strval((int) $forum_id), 1);
     $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'topics SET posts=(posts+1), last_post=' . strval($time) . ', last_poster_id=' . strval((int) $member) . ', last_poster_name=\'' . db_escape_string($this->ipb_escape($username)) . '\' WHERE tid=' . strval((int) $topic_id), 1);
     return array($topic_id, false);
 }
Beispiel #19
0
 /**
  * Standard stage of pointstore item purchase.
  *
  * @return tempcode		The UI
  */
 function __text()
 {
     if (get_option('is_on_flagrant_buy') == '0') {
         return new ocp_tempcode();
     }
     $title = get_page_title('TITLE_NEWTEXT');
     //So we don't need to call this big long ugly name...
     $days = post_param_integer('days');
     $message = post_param('message');
     $member_id = get_member();
     $pointsleft = available_points($member_id);
     //First we need to know the price of the number of days we ordered. After that, compare that price
     //with our users current number of points.
     $dayprice = intval(get_option('text'));
     $total = $dayprice * $days;
     if (!($days >= 1)) {
         return warn_screen($title, do_lang_tempcode('FLAGRANT_POSITIVE_DAYS'));
     }
     if ($pointsleft < $total && !has_specific_permission(get_member(), 'give_points_self')) {
         return warn_screen($title, do_lang_tempcode('FLAGRANT_LACK_POINTS', integer_format($days), integer_format($total), array(integer_format($pointsleft))));
     }
     // the order screen...
     $action = do_lang_tempcode('CONFIRM_FLAGRANT', integer_format($days));
     $keep = form_input_hidden('message', $message);
     $keep->attach(form_input_hidden('days', strval($days)));
     $proceed_url = build_url(array('page' => '_SELF', 'type' => '___text', 'id' => 'flagrant'), '_SELF');
     return do_template('POINTSTORE_CONFIRM_SCREEN', array('_GUID' => 'e2b139122d95af6a1930e84b41609145', 'TITLE' => $title, 'KEEP' => $keep, 'ACTION' => $action, 'COST' => integer_format($total), 'POINTS_AFTER' => integer_format($pointsleft - $total), 'PROCEED_URL' => $proceed_url, 'MESSAGE' => comcode_to_tempcode($message), 'CANCEL_URL' => build_url(array('page' => '_SELF'), '_SELF')));
 }
Beispiel #20
0
/**
 * Get tempcode for a Comcode rich-media attachment.
 *
 * @param  ID_TEXT		The attachment tag
 * @set attachment attachment_safe attachment2
 * @param  array			A map of the attributes (name=>val) for the tag
 * @param  array			A map of the attachment properties (name=>val) for the attachment
 * @param  string			A special identifier to mark where the resultant tempcode is going to end up (e.g. the ID of a post)
 * @param  MEMBER			The member who is responsible for this Comcode
 * @param  boolean		Whether to check as arbitrary admin
 * @param  object			The database connection to use
 * @param  ?array			A list of words to highlight (NULL: none)
 * @param  ?MEMBER		The member we are running on behalf of, with respect to how attachments are handled; we may use this members attachments that are already within this post, and our new attachments will be handed to this member (NULL: member evaluating)
 * @param  boolean		Whether to parse so as to create something that would fit inside a semihtml tag. It means we generate HTML, with Comcode written into it where the tag could never be reverse-converted (e.g. a block).
 * @return tempcode		The tempcode for the attachment
 */
function render_attachment($tag, $attributes, $attachment, $pass_id, $source_member, $as_admin, $connection, $highlight_bits = NULL, $on_behalf_of_member = NULL, $semiparse_mode = false)
{
    require_code('comcode_renderer');
    $extension = get_file_extension($attachment['a_original_filename']);
    require_code('mime_types');
    $mime_type = get_mime_type($extension);
    $attachment['CLEAN_SIZE'] = clean_file_size($attachment['a_file_size']);
    $attachment['MIME_TYPE'] = $mime_type;
    $attachment['PASS_ID'] = intval($pass_id) < 0 ? strval(mt_rand(0, 10000)) : $pass_id;
    $attachment['SCRIPT'] = find_script('attachment');
    $attachment['RAND'] = strval(mt_rand(0, 32000));
    if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) {
        $attachment['SUP_PARAMS'] = '&forum_db=1';
        $attachment['FORUM_DB_BIN'] = '1';
    } else {
        $attachment['SUP_PARAMS'] = '';
        $attachment['FORUM_DB_BIN'] = '';
    }
    $type = trim(array_key_exists('type', $attributes) ? $attributes['type'] : 'auto');
    $attachment['id'] = strval($attachment['id']);
    $attachment['a_member_id'] = strval($attachment['a_member_id']);
    $attachment['a_file_size'] = strval($attachment['a_file_size']);
    $attachment['a_last_downloaded_time'] = is_null($attachment['a_last_downloaded_time']) ? '' : strval($attachment['a_last_downloaded_time']);
    $attachment['a_add_time'] = strval($attachment['a_add_time']);
    $attachment['a_num_downloads'] = integer_format($attachment['a_num_downloads']);
    require_code('images');
    $attachment['a_width'] = array_key_exists('width', $attributes) ? strval(intval($attributes['width'])) : '';
    $attachment['a_height'] = array_key_exists('height', $attributes) ? strval(intval($attributes['height'])) : '';
    if ($attachment['a_width'] == '' || $attachment['a_height'] == '') {
        if (addon_installed('galleries') && is_video($attachment['a_original_filename']) && url_is_local($attachment['a_url'])) {
            require_code('galleries2');
            $vid_details = get_video_details(get_custom_file_base() . '/' . rawurldecode($attachment['a_url']), $attachment['a_original_filename'], true);
            if ($vid_details !== false) {
                list($_width, $_height, ) = $vid_details;
                if ($attachment['a_width'] == '') {
                    $attachment['a_width'] = strval($_width);
                }
                if ($attachment['a_height'] == '') {
                    $attachment['a_height'] = strval($_height);
                }
            }
        }
        if ($attachment['a_width'] == '' || $attachment['a_height'] == '') {
            if ($attachment['a_width'] == '') {
                $attachment['a_width'] = '240';
            }
            if ($attachment['a_height'] == '') {
                $attachment['a_height'] = '216';
            }
        }
    }
    $attachment['a_align'] = array_key_exists('align', $attributes) ? $attributes['align'] : 'left';
    if (!array_key_exists('a_description', $attachment)) {
        if (array_key_exists('description', $attributes)) {
            $attachment['description'] = $attributes['description'];
        }
        if (!array_key_exists('description', $attachment)) {
            $attachment['description'] = '';
        }
        $attachment['a_description'] = is_object($attachment['description']) ? $attachment['description'] : comcode_to_tempcode($attachment['description'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, NULL, $on_behalf_of_member);
    } else {
        $attachment['a_description'] = comcode_to_tempcode($attachment['a_description'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, NULL, $on_behalf_of_member);
    }
    $attachment['a_type'] = $type;
    $attachment['a_thumb'] = array_key_exists('thumb', $attributes) ? $attributes['thumb'] : '1';
    if ($attachment['a_thumb'] != '0') {
        $attachment['a_thumb'] = '1';
    }
    $attachment['a_thumb_url'] = array_key_exists('thumb_url', $attributes) ? $attributes['thumb_url'] : $attachment['a_thumb_url'];
    switch ($type) {
        case 'email':
            require_code('mail');
            global $EMAIL_ATTACHMENTS;
            if (url_is_local($attachment['a_url'])) {
                $attachment['a_url'] = get_custom_base_url() . '/' . $attachment['a_url'];
            }
            $EMAIL_ATTACHMENTS[$attachment['a_url']] = $attachment['a_original_filename'];
            $temp_tpl = new ocp_tempcode();
            break;
        case 'code':
            $url = $attachment['a_url'];
            if (url_is_local($url)) {
                $url = get_custom_base_url() . '/' . $url;
            }
            $file_contents = http_download_file($url, 1024 * 1024 * 20);
            list($_embed, $title) = do_code_box($extension, make_string_tempcode($file_contents));
            if ($attachment['a_original_filename'] != '') {
                $title = escape_html($attachment['a_original_filename']);
            }
            $temp_tpl = do_template('COMCODE_CODE', array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true, 'STYLE' => '', 'TYPE' => $extension, 'CONTENT' => $_embed, 'TITLE' => $title));
            break;
        case 'hyperlink':
            if ($tag == 'attachment') {
                $keep = symbol_tempcode('KEEP');
                $_url = new ocp_tempcode();
                $_url->attach(find_script('attachment') . '?id=' . urlencode($attachment['id']) . $keep->evaluate());
                if (get_option('anti_leech') == '1') {
                    $_url->attach('&for_session=');
                    $_url->attach(symbol_tempcode('SESSION_HASHED'));
                }
            } else {
                $url = $attachment['a_url'];
                if (url_is_local($url)) {
                    $url = get_custom_base_url() . '/' . $url;
                }
                $_url = make_string_tempcode($url);
            }
            $temp_tpl = hyperlink($_url, is_object($attachment['a_description']) ? $attachment['a_description']->evaluate() : $attachment['a_description'] != '' ? $attachment['a_description'] : $attachment['a_original_filename'], true);
            break;
        default:
            if (is_image($attachment['a_original_filename'])) {
                if ($type == 'inline' || $type == 'left_inline' || $type == 'right_inline') {
                    $attachment['mini'] = '1';
                }
                require_code('images');
                ensure_thumbnail($attachment['a_url'], $attachment['a_thumb_url'], 'attachments', 'attachments', intval($attachment['id']), 'a_thumb_url');
                $temp_tpl = do_template('ATTACHMENT_IMG' . (array_key_exists('mini', $attachment) && $attachment['mini'] == '1' ? '_MINI' : ''), map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true));
                if ($type == 'left' || $type == 'left_inline') {
                    $temp_tpl = do_template('ATTACHMENT_LEFT', array('_GUID' => 'aee2a6842d369c8dae212c3478a3a3e9', 'WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true, 'CONTENT' => $temp_tpl));
                }
                if ($type == 'right' || $type == 'right_inline') {
                    $temp_tpl = do_template('ATTACHMENT_RIGHT', array('_GUID' => '1a7209d67d91db740c86e7a331720195', 'WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true, 'CONTENT' => $temp_tpl));
                }
                break;
            } elseif ($extension == 'swf') {
                $temp_tpl = do_template('ATTACHMENT_SWF', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true));
                break;
            } elseif (addon_installed('jwplayer') && ($mime_type == 'video/x-flv' || $mime_type == 'video/mp4' || $mime_type == 'video/webm')) {
                $temp_tpl = do_template('ATTACHMENT_FLV', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true));
                break;
            } elseif ($mime_type == 'video/quicktime') {
                $temp_tpl = do_template('ATTACHMENT_QT', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true));
                break;
            } elseif ($mime_type == 'audio/x-pn-realaudio') {
                $temp_tpl = do_template('ATTACHMENT_RM', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true));
                break;
            } elseif (substr($mime_type, 0, 5) == 'video' || substr($mime_type, 0, 5) == 'audio') {
                $temp_tpl = do_template('ATTACHMENT_MEDIA', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true));
                break;
            }
            // Continues on, as it's not a media type...
        // Continues on, as it's not a media type...
        case 'download':
            if (is_null($attachment['a_file_size'])) {
                $temp_tpl = do_template('ATTACHMENT_DOWNLOAD_REMOTE', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true));
            } else {
                $temp_tpl = do_template('ATTACHMENT_DOWNLOAD', map_keys_to_upper($attachment) + array('WYSIWYG_SAFE' => $tag == 'attachment' ? NULL : true));
            }
            break;
    }
    return $temp_tpl;
}
Beispiel #21
0
 /**
  * Makes a post in the specified forum, in the specified topic according to the given specifications. If the topic doesn't exist, it is created along with a spacer-post.
  * Spacer posts exist in order to allow staff to delete the first true post in a topic. Without spacers, this would not be possible with most forum systems. They also serve to provide meta information on the topic that cannot be encoded in the title (such as a link to the content being commented upon).
  *
  * @param  SHORT_TEXT	The forum name
  * @param  SHORT_TEXT	The topic identifier (usually <content-type>_<content-id>)
  * @param  MEMBER			The member ID
  * @param  LONG_TEXT		The post title
  * @param  LONG_TEXT		The post content in Comcode format
  * @param  string			The topic title; must be same as content title if this is for a comment topic
  * @param  string			This is put together with the topic identifier to make a more-human-readable topic title or topic description (hopefully the latter and a $content_title title, but only if the forum supports descriptions)
  * @param  ?URLPATH		URL to the content (NULL: do not make spacer post)
  * @param  ?TIME			The post time (NULL: use current time)
  * @param  ?IP				The post IP address (NULL: use current members IP address)
  * @param  ?BINARY		Whether the post is validated (NULL: unknown, find whether it needs to be marked unvalidated initially). This only works with the OCF driver.
  * @param  ?BINARY		Whether the topic is validated (NULL: unknown, find whether it needs to be marked unvalidated initially). This only works with the OCF driver.
  * @param  boolean		Whether to skip post checks
  * @param  SHORT_TEXT	The name of the poster
  * @param  ?AUTO_LINK	ID of post being replied to (NULL: N/A)
  * @param  boolean		Whether the reply is only visible to staff
  * @return array			Topic ID (may be NULL), and whether a hidden post has been made
  */
 function make_post_forum_topic($forum_name, $topic_identifier, $member, $post_title, $_post, $content_title, $topic_identifier_encapsulation_prefix, $content_url = NULL, $time = NULL, $ip = NULL, $validated = NULL, $topic_validated = 1, $skip_post_checks = false, $poster_name_if_guest = '', $parent_id = NULL, $staff_only = false)
 {
     $__post = comcode_to_tempcode($_post);
     $post = $__post->evaluate();
     if (is_null($time)) {
         $time = time();
     }
     if (is_null($ip)) {
         $ip = get_ip_address();
     }
     $forum_id = $this->forum_id_from_name($forum_name);
     if (is_null($forum_id)) {
         warn_exit(do_lang_tempcode('MISSING_FORUM', escape_html($forum_name)));
     }
     $test = $this->connection->query_select('forums', array('*'), NULL, '', 1);
     $fm = array_key_exists('status', $test[0]);
     $ip_address = $ip;
     $local_ip_address = '127.0.0.1';
     $topic_id = $this->find_topic_id_for_topic_identifier($forum_name, $topic_identifier);
     $is_new = is_null($topic_id);
     if ($is_new) {
         $map = array('t_bid' => $forum_id, 'topic' => $content_title, 't_mem_id' => $member, 'n_views' => 0, 'n_posts' => 0, 't_status' => 1, 'type_image' => 0, 'first_post_id' => 0, 'last_post_id' => 0, 't_description' => $topic_identifier_encapsulation_prefix . ': #' . $topic_identifier_encapsulation_prefix . ': ' . $topic_identifier);
         if ($fm) {
             $map = array_merge($map, array('t_status' => 0));
         }
         $topic_id = $this->connection->query_insert('topics', $map, true);
     }
     $GLOBALS['LAST_TOPIC_ID'] = $topic_id;
     $GLOBALS['LAST_TOPIC_IS_NEW'] = $is_new;
     if ($post == '') {
         return array($topic_id, false);
     }
     $map = array('post_tid' => $topic_id, 'post_fid' => $forum_id, 'poster_id' => $member, 'ptime' => $time, 'poster_ip' => $ip_address, 'gposter_name' => '', 'use_smileys' => 1, 'modtime' => 'now()', 'post_title' => $post_title, 'post' => $post);
     if ($fm) {
         $map = array_merge($map, array('num_attachments' => 0, 'modifiers_id' => ''));
     }
     $post_id = $this->connection->query_insert('posts', $map, true);
     $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'topics SET first_post_id=' . strval((int) $post_id) . ', last_post_id=' . strval((int) $post_id) . ' WHERE tid=' . strval((int) $topic_id), 1);
     $this->connection->query('UPDATE ' . $this->connection->get_table_prefix() . 'forums SET ntopic=(ntopic+1),nposts=(nposts+1), f_last_pid=' . strval((int) $post_id) . ' WHERE fid=' . strval((int) $forum_id), 1);
     return array($topic_id, false);
 }
Beispiel #22
0
 /**
  * The UI to view a past newsletter.
  *
  * @return tempcode		The UI
  */
 function view()
 {
     $id = get_param_integer('id');
     $rows = $GLOBALS['SITE_DB']->query_select('newsletter_archive', array('*'), array('id' => $id));
     $time = get_timezoned_date($rows[0]['date_and_time']);
     $subject = $rows[0]['subject'];
     $message = $rows[0]['newsletter'];
     $language = $rows[0]['language'];
     $level = $rows[0]['importance_level'];
     /*require_code('lang2');
     		$language=lookup_language_full_name($rows[0]['language']);*/
     breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('MANAGE_NEWSLETTER')), array('_SELF:_SELF:archive', do_lang_tempcode('NEWSLETTER_ARCHIVE'))));
     breadcrumb_set_self($subject);
     require_code('templates_view_space');
     return view_space(get_page_title('NEWSLETTER'), array('DATE_TIME' => $time, 'LANGUAGE' => $language, 'SUBSCRIPTION_LEVEL' => integer_format($level), 'SUBJECT' => $subject, 'MESSAGE' => comcode_to_tempcode($message)));
 }
Beispiel #23
0
/**
 * Attempt to send an e-mail to the specified recipient. The mail will be forwarding to the CC address specified in the options (if there is one, and if not specified not to cc).
 * The mail will be sent in dual HTML/text format, where the text is the unconverted comcode source: if a member does not read HTML mail, they may wish to fallback to reading that.
 *
 * @param  string			The subject of the mail in plain text
 * @param  LONG_TEXT		The message, as Comcode
 * @param  ?array			The destination (recipient) e-mail addresses [array of strings] (NULL: site staff address)
 * @param  ?mixed			The recipient name. Array or string. (NULL: site name)
 * @param  EMAIL			The from address (blank: site staff address)
 * @param  string			The from name (blank: site name)
 * @param  integer		The message priority (1=urgent, 3=normal, 5=low)
 * @range  1 5
 * @param  ?array			An list of attachments (each attachment being a map, path=>filename) (NULL: none)
 * @param  boolean		Whether to NOT CC to the CC address
 * @param  ?MEMBER		Convert comcode->tempcode as this member (a privilege thing: we don't want people being able to use admin rights by default!) (NULL: guest)
 * @param  boolean		Replace above with arbitrary admin
 * @param  boolean		HTML-only
 * @param  boolean		Whether to bypass queueing, because this code is running as a part of the queue management tools
 * @param  ID_TEXT		The template used to show the email
 * @param  boolean		Whether to bypass queueing
 * @return ?tempcode		A full page (not complete XHTML) piece of tempcode to output (NULL: it worked so no tempcode message)
 */
function mail_wrap($subject_tag, $message_raw, $to_email = NULL, $to_name = NULL, $from_email = '', $from_name = '', $priority = 3, $attachments = NULL, $no_cc = false, $as = NULL, $as_admin = false, $in_html = false, $coming_out_of_queue = false, $mail_template = 'MAIL', $bypass_queue = false)
{
    if (get_option('smtp_sockets_use') == '0') {
        return non_overrided__mail_wrap($subject_tag, $message_raw, $to_email, $to_name, $from_email, $from_name, $priority, $attachments, $no_cc, $as, $as_admin, $in_html, $coming_out_of_queue);
    }
    if (running_script('stress_test_loader')) {
        return NULL;
    }
    if (is_null($bypass_queue)) {
        $bypass_queue = $priority < 3 || strpos(serialize($attachments), 'tmpfile') !== false;
    }
    global $EMAIL_ATTACHMENTS;
    $EMAIL_ATTACHMENTS = array();
    require_code('site');
    require_code('mime_types');
    if (is_null($as)) {
        $as = $GLOBALS['FORUM_DRIVER']->get_guest_id();
    }
    if (!$coming_out_of_queue) {
        $GLOBALS['SITE_DB']->query('DELETE FROM ' . get_table_prefix() . 'logged_mail_messages WHERE m_date_and_time<' . strval(time() - 60 * 60 * 24 * 14) . ' AND m_queued=0');
        // Log it all for 2 weeks, then delete
        $through_queue = !$bypass_queue && (get_option('mail_queue_debug') === '1' || get_option('mail_queue') === '1' && cron_installed());
        $GLOBALS['SITE_DB']->query_insert('logged_mail_messages', array('m_subject' => $subject_tag, 'm_message' => $message_raw, 'm_to_email' => serialize($to_email), 'm_to_name' => serialize($to_name), 'm_from_email' => $from_email, 'm_from_name' => $from_name, 'm_priority' => 3, 'm_attachments' => serialize($attachments), 'm_no_cc' => $no_cc ? 1 : 0, 'm_as' => $as, 'm_as_admin' => $as_admin ? 1 : 0, 'm_in_html' => $in_html ? 1 : 0, 'm_date_and_time' => time(), 'm_member_id' => get_member(), 'm_url' => get_self_url(true), 'm_queued' => $through_queue ? 1 : 0, 'm_template' => $mail_template));
        if ($through_queue) {
            return NULL;
        }
    }
    if (count($attachments) == 0) {
        $attachments = NULL;
    }
    global $SENDING_MAIL;
    if ($SENDING_MAIL) {
        return NULL;
    }
    $SENDING_MAIL = true;
    // To and from, and language
    $staff_address = get_option('staff_address');
    if (is_null($to_email)) {
        $to_email = array($staff_address);
    }
    $to_email_new = array();
    foreach ($to_email as $test_address) {
        if ($test_address != '') {
            $to_email_new[] = $test_address;
        }
    }
    $to_email = $to_email_new;
    if ($to_email == array()) {
        $SENDING_MAIL = false;
        return NULL;
    }
    if ($to_email[0] == $staff_address) {
        $lang = get_site_default_lang();
    } else {
        $lang = user_lang();
        if (method_exists($GLOBALS['FORUM_DRIVER'], 'get_member_from_email_address')) {
            $member_id = $GLOBALS['FORUM_DRIVER']->get_member_from_email_address($to_email[0]);
            if (!is_null($member_id)) {
                $lang = get_lang($member_id);
            }
        }
    }
    if (is_null($to_name)) {
        if ($to_email[0] == $staff_address) {
            $to_name = get_site_name();
        } else {
            $to_name = '';
        }
    }
    if ($from_email == '') {
        $from_email = get_option('staff_address');
    }
    if ($from_name == '') {
        $from_name = get_site_name();
    }
    $theme = method_exists($GLOBALS['FORUM_DRIVER'], 'get_theme') ? $GLOBALS['FORUM_DRIVER']->get_theme() : 'default';
    if ($theme == 'default') {
        $theme = $GLOBALS['FORUM_DRIVER']->get_theme('');
        // ... So get theme of welcome zone
    }
    // Our subject
    $_subject = do_template('MAIL_SUBJECT', array('_GUID' => '44a57c666bb00f96723256e26aade9e5', 'SUBJECT_TAG' => $subject_tag), $lang, false, NULL, '.tpl', 'templates', $theme);
    $subject = $_subject->evaluate($lang);
    // Note that this is slightly against spec, because characters aren't forced to be printable us-ascii. But it's better we allow this (which works in practice) than risk incompatibility via charset-base64 encoding.
    // Evaluate message. Needs doing early so we know if we have any headers
    // Misc settings
    $website_email = get_option('website_email');
    if ($website_email == '') {
        $website_email = $from_email;
    }
    $cc_address = $no_cc ? '' : get_option("cc_address");
    global $CID_IMG_ATTACHMENT;
    $CID_IMG_ATTACHMENT = array();
    // Decide message
    $GLOBALS['NO_LINK_TITLES'] = true;
    global $LAX_COMCODE;
    $temp = $LAX_COMCODE;
    $LAX_COMCODE = true;
    $html_content = comcode_to_tempcode($message_raw, $as, $as_admin);
    $LAX_COMCODE = $temp;
    $GLOBALS['NO_LINK_TITLES'] = false;
    if (!$in_html) {
        $_html_content = $html_content->evaluate($lang);
        $_html_content = preg_replace('#(keep|for)_session=[\\d\\w]*#', 'filtered=1', $_html_content);
        $message_html = strpos($_html_content, '<html') !== false ? make_string_tempcode($_html_content) : do_template($mail_template, array('_GUID' => 'b23069c20202aa59b7450ebf8d49cde1', 'CSS' => '{CSS}', 'LOGOURL' => get_logo_url(''), 'LANG' => $lang, 'TITLE' => $subject, 'CONTENT' => $_html_content), $lang, false, NULL, '.tpl', 'templates', $theme);
        $css = css_tempcode(true, true, $message_html->evaluate($lang), $theme);
        $_css = $css->evaluate($lang);
        if (get_option('allow_ext_images') != '1') {
            $_css = preg_replace_callback('#url\\(["\']?(http://[^"]*)["\']?\\)#U', '_mail_css_rep_callback', $_css);
        }
        $html_evaluated = $message_html->evaluate($lang);
        $html_evaluated = str_replace('{CSS}', $_css, $html_evaluated);
        // Cleanup the Comcode a bit
        $message_plain = comcode_to_clean_text($message_raw);
    } else {
        $html_evaluated = $message_raw;
    }
    // Character set
    $regexp = '#^[\\x' . dechex(32) . '-\\x' . dechex(126) . ']*$#';
    $charset = preg_match($regexp, $html_evaluated) == 0 ? do_lang('charset', NULL, NULL, NULL, $lang) : 'us-ascii';
    // CID attachments
    if (get_option('allow_ext_images') != '1') {
        $html_evaluated = preg_replace_callback('#<img\\s([^>]*)src="(http://[^"]*)"#U', '_mail_img_rep_callback', $html_evaluated);
        $matches = array();
        foreach (array('#<([^"<>]*\\s)style="([^"]*)"#', '#<style( [^<>]*)?' . '>(.*)</style>#Us') as $over) {
            $num_matches = preg_match_all($over, $html_evaluated, $matches);
            for ($i = 0; $i < $num_matches; $i++) {
                $altered_inner = preg_replace_callback('#url\\(["\']?(http://[^"]*)["\']?\\)#U', '_mail_css_rep_callback', $matches[2][$i]);
                if ($matches[2][$i] != $altered_inner) {
                    $altered_outer = str_replace($matches[2][$i], $altered_inner, $matches[0][$i]);
                    $html_evaluated = str_replace($matches[0][$i], $altered_outer, $html_evaluated);
                }
            }
        }
    }
    $cid_attachments = array();
    foreach ($CID_IMG_ATTACHMENT as $id => $img) {
        $file_path_stub = convert_url_to_path($img);
        $mime_type = get_mime_type(get_file_extension($img));
        $filename = basename($img);
        if (!is_null($file_path_stub)) {
            $cid_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $file_path_stub, 'temp' => false, 'cid' => $id);
        } else {
            $myfile = ocp_tempnam('email_attachment');
            http_download_file($img, NULL, false, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $myfile);
            if (!is_null($GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'])) {
                $mime_type = $GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'];
            }
            if (!is_null($GLOBALS['HTTP_FILENAME'])) {
                $filename = $GLOBALS['HTTP_FILENAME'];
            }
            $cid_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $myfile, 'temp' => true, 'cid' => $id);
        }
        $cid_attachments[] = $cid_attachment;
    }
    // Attachments
    $real_attachments = array();
    $attachments = array_merge(is_null($attachments) ? array() : $attachments, $EMAIL_ATTACHMENTS);
    if (!is_null($attachments)) {
        foreach ($attachments as $path => $filename) {
            $mime_type = get_mime_type(get_file_extension($filename));
            if (strpos($path, '://') === false) {
                $real_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $path, 'temp' => false);
            } else {
                $myfile = ocp_tempnam('email_attachment');
                http_download_file($path, NULL, false, false, 'ocPortal', NULL, NULL, NULL, NULL, NULL, $myfile);
                if (!is_null($GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'])) {
                    $mime_type = $GLOBALS['HTTP_DOWNLOAD_MIME_TYPE'];
                }
                if (!is_null($GLOBALS['HTTP_FILENAME'])) {
                    $filename = $GLOBALS['HTTP_FILENAME'];
                }
                $real_attachment = array('mime' => $mime_type, 'filename' => $filename, 'path' => $myfile, 'temp' => true);
            }
            $real_attachments[] = $real_attachment;
        }
    }
    // ==========================
    // Interface with SwiftMailer
    // ==========================
    require_code('Swift-4.1.1/lib/swift_required');
    // Read in SMTP settings
    $host = get_option('smtp_sockets_host');
    $port = intval(get_option('smtp_sockets_port'));
    $username = get_option('smtp_sockets_username');
    $password = get_option('smtp_sockets_password');
    $smtp_from_address = get_option('smtp_from_address');
    if ($smtp_from_address != '') {
        $from_email = $smtp_from_address;
    }
    // Create the Transport
    $transport = Swift_SmtpTransport::newInstance($host, $port)->setUsername($username)->setPassword($password);
    if ($port == 419 || $port == 465 || $port == 587) {
        $transport->setEncryption('tls');
    }
    // Create the Mailer using your created Transport
    $mailer = Swift_Mailer::newInstance($transport);
    // Create a message
    $to_array = array();
    if ($to_name === '') {
        foreach ($to_email as $_to_email) {
            $to_array[] = $_to_email;
        }
    } else {
        foreach ($to_email as $i => $_to_email) {
            $to_array[$_to_email] = is_array($to_name) ? $to_name[$i] : $to_name;
        }
    }
    $message = Swift_Message::newInstance($subject)->setFrom(array($website_email => $from_name))->setReplyTo(array($from_email => $from_name))->setTo($to_array)->setPriority($priority)->setCharset($charset)->setBody($html_evaluated, 'text/html', $charset)->addPart($message_plain, 'text/plain', $charset);
    if ($cc_address != '') {
        $message->setCc($cc_address);
    }
    // Attachments
    foreach ($real_attachments as $r) {
        $attachment = Swift_Attachment::fromPath($r['path'], $r['mime'])->setFilename($r['filename'])->setDisposition('attachment');
        $message->attach($attachment);
    }
    foreach ($cid_attachments as $r) {
        $attachment = Swift_Attachment::fromPath($r['path'], $r['mime'])->setFilename($r['filename'])->setDisposition('attachment')->setId($r['cid']);
        $message->attach($attachment);
    }
    // Send the message, and error collection
    $error = '';
    try {
        $result = $mailer->send($message);
    } catch (Exception $e) {
        $error = $e->getMessage();
    }
    if ($error == '' && !$result) {
        $error = 'Unknown error';
    }
    // Attachment cleanup
    foreach ($real_attachments as $r) {
        if ($r['temp']) {
            @unlink($r['path']);
        }
    }
    foreach ($cid_attachments as $r) {
        if ($r['temp']) {
            @unlink($r['path']);
        }
    }
    // Return / Error handling
    $SENDING_MAIL = false;
    if ($error != '') {
        if (get_param_integer('keep_hide_mail_failure', 0) == 0) {
            require_code('site');
            attach_message(!is_null($error) ? make_string_tempcode($error) : do_lang_tempcode('MAIL_FAIL', escape_html(get_option('staff_address'))), 'warn');
        } else {
            return warn_screen(get_page_title('ERROR_OCCURRED'), do_lang_tempcode('MAIL_FAIL', escape_html(get_option('staff_address'))));
        }
    }
    return NULL;
}
Beispiel #24
0
 /**
  * Standard PHP XML parser function.
  *
  * @param  object			The parser object (same as 'this')
  */
 function endElement($parser)
 {
     $tag = array_pop($this->tag_stack);
     $tag_attributes = array_pop($this->attribute_stack);
     switch ($tag) {
         case 'substitution':
             list($zone, $attributes, $hash) = page_link_decode($this->substitution_current_match_key);
             if ($zone == '_WILD') {
                 $zone = REGEXP_CODENAME;
             }
             if (!isset($attributes['page'])) {
                 $attributes['page'] = '';
             }
             /*
             Commented for performance. This isn't user-data, so we're safe
             $zone=str_replace('~','\~',preg_quote($zone)); // We are using '~' as deliminators for the regexp, as the usual '/' and '#' feature in URL separators
             $hash=str_replace('~','\~',preg_quote($hash));
             */
             if ($attributes['page'] == '_WILD_NOT_START') {
                 $zones = find_all_zones(false, true);
                 if (isset($zones[$zone])) {
                     $attributes['page'] = '(?!' . $zones[$zone][3] . ')' . REGEXP_CODENAME;
                 } else {
                     $attributes['page'] = '_WILD';
                 }
             }
             if ($attributes['page'] == '_WILD') {
                 $attributes['page'] = REGEXP_CODENAME;
             }
             foreach ($attributes as $key => $val) {
                 $attributes[$key] = $val;
             }
             $_source_url = build_url($attributes, $zone, NULL, false, false, true, $hash);
             $source_url = urldecode(urldecode($_source_url->evaluate()));
             // urldecode because we don't want our regexp syntax mangled. Highly unlikely our sub's are going to really use special characters as parts of the URL
             if (strpos($source_url, '.htm') === false && strpos($source_url, '.php') === false) {
                 $source_url .= '(?:/index\\.php)?';
             }
             $source_url1 = str_replace(array('.htm', '?', '(\\?', ')\\?', '&', get_base_url() . '/' . REGEXP_CODENAME . '/'), array('\\.htm', '\\?', '(?', ')?', '(?:&[^<>]*)*&', get_base_url() . '/?' . REGEXP_CODENAME . '/'), $source_url) . '(?:[&\\?][^<>]*)*';
             $escaped_source_url = escape_html($source_url);
             if ($source_url == $escaped_source_url) {
                 $source_url2 = $source_url1;
             } else {
                 $source_url2 = str_replace(array('.htm', '?', '(\\?', ')\\?', '&', get_base_url() . '/' . REGEXP_CODENAME . '/'), array('\\.htm', '\\?', '(?', ')?', '(?:&[^<>]*)*&', get_base_url() . '/?' . REGEXP_CODENAME . '/'), $escaped_source_url) . '(?:[&\\?][^<>]*)*';
             }
             $from = '^.*<a[^<>]*\\shref="(' . $source_url2 . ')"[^<>]*>(<abbr[^<>]*>)?([^<>]*)(</abbr>)?</a>';
             $regexp = '#^' . $source_url1 . '$#';
             $have_url_match = preg_match($regexp, get_self_url(true)) != 0;
             // we either bind rule via URL match, or finding it in the defined breadcrumb chain
             if ($have_url_match && preg_match('~' . $from . '~Us', $this->current_breadcrumbs) == 0) {
                 // Probably it's a non-link chain in the breadcrumbs, so try to bind to the <span> portion too (possibly nested)
                 $from = '^.*(<span>(<span[^<>]*>)?|<a[^<>]*\\shref="(' . $source_url2 . ')"[^<>]*>)(<abbr[^<>]*>)?([^<>]*)(</abbr>)?((</(span)>)?</(a|span)>)';
                 $from_non_link = true;
             } else {
                 $from_non_link = false;
             }
             $to = '';
             foreach (array_reverse($this->links) as $link) {
                 list($zone, $attributes, $hash) = page_link_decode($link[0]);
                 $target_url = build_url($attributes, $zone, NULL, false, false, false, $hash);
                 $_link_title = $link[1] === NULL ? do_lang('UNKNOWN') : $link[1];
                 $link_title = preg_match('#\\{\\!|\\{\\?|\\{\\$|\\[#', $_link_title) == 0 ? $_link_title : static_evaluate_tempcode(comcode_to_tempcode($_link_title));
                 if ($target_url->evaluate() == '') {
                     $to .= $link_title . $this->breadcrumb_tpl;
                 } else {
                     $to .= '<a title="' . do_lang('GO_BACKWARDS_TO', escape_html(strip_tags($link_title))) . '" href="' . escape_html($target_url->evaluate()) . '">' . $link_title . '</a>' . $this->breadcrumb_tpl;
                 }
             }
             $_target_url = $from_non_link ? '${3}' : '${1}';
             $existing_label = $from_non_link ? '${5}' : '${3}';
             $_link_title = $this->substitution_current_label === NULL ? $existing_label : $this->substitution_current_label;
             $link_title = preg_match('#(\\{\\!)|(\\{\\?)|(\\{\\$)|(\\[)#', $_link_title) == 0 ? $_link_title : static_evaluate_tempcode(comcode_to_tempcode($_link_title));
             if ($from_non_link) {
                 $to .= '${1}' . $link_title . '${7}';
             } else {
                 $to .= '<a title="' . do_lang('GO_BACKWARDS_TO', escape_html(strip_tags($link_title))) . '" href="' . escape_html($_target_url) . '">${2}' . $link_title . '${4}</a>';
             }
             $this->substitutions[$from] = $to;
             break;
         case 'link':
             $text = trim(str_replace('\\n', chr(10), $this->text_so_far));
             $this->links[] = array($text, isset($tag_attributes['label']) ? $tag_attributes['label'] : NULL);
             break;
     }
 }
Beispiel #25
0
 /**
  * Get an array of topics in the given forum. Each topic is an array with the following attributes:
  * - id, the topic ID
  * - title, the topic title
  * - lastusername, the username of the last poster
  * - lasttime, the timestamp of the last reply
  * - closed, a Boolean for whether the topic is currently closed or not
  * - firsttitle, the title of the first post
  * - firstpost, the first post (only set if $show_first_posts was true)
  *
  * @param  mixed			The forum name or an array of forum IDs
  * @param  integer		The limit
  * @param  integer		The start position
  * @param  integer		The total rows (not a parameter: returns by reference)
  * @param  SHORT_TEXT	The topic title filter
  * @param  boolean		Whether to show the first posts
  * @param  string			The date key to sort by
  * @set    lasttime firsttime
  * @param  boolean		Whether to limit to hot topics
  * @param  SHORT_TEXT	The topic description filter
  * @return ?array			The array of topics (NULL: error)
  */
 function show_forum_topics($name, $limit, $start, &$max_rows, $filter_topic_title = '', $show_first_posts = false, $date_key = 'lasttime', $hot = false, $filter_topic_description = '')
 {
     if (is_integer($name)) {
         $id_list = 'forum_id=' . strval((int) $name);
     } elseif (!is_array($name)) {
         $id = $this->forum_id_from_name($name);
         if (is_null($id)) {
             return NULL;
         }
         $id_list = 'forum_id=' . strval((int) $id);
     } else {
         $id_list = '';
         foreach (array_keys($name) as $id) {
             if ($id_list != '') {
                 $id_list .= ' OR ';
             }
             $id_list .= 'forum_id=' . strval((int) $id);
         }
         if ($id_list == '') {
             return NULL;
         }
     }
     $topic_filter = $filter_topic_title != '' ? 'AND topic_title LIKE \'' . db_encode_like($filter_topic_title) . '\'' : '';
     $topic_filter .= ' ORDER BY ' . ($date_key == 'lasttime' ? 'topic_last_post_id' : 'topic_time') . ' DESC';
     $rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'topics WHERE (' . $id_list . ') ' . $topic_filter, $limit, $start);
     $max_rows = $this->connection->query_value_null_ok_full('SELECT COUNT(*) FROM ' . $this->connection->get_table_prefix() . 'topics WHERE (' . $id_list . ') ' . $topic_filter);
     $i = 0;
     $firsttime = array();
     $username = array();
     $memberid = array();
     $datetimes = array();
     $rs = array();
     while (array_key_exists($i, $rows)) {
         $r = $rows[$i];
         $id = $r['topic_id'];
         $firsttime[$id] = $r['topic_time'];
         $post_rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'posts p WHERE topic_id=' . strval((int) $id) . ' AND post_text NOT LIKE \'' . db_encode_like(substr(do_lang('SPACER_POST', '', '', '', get_site_default_lang()), 0, 20) . '%') . '\' ORDER BY post_time DESC', 1);
         if (!array_key_exists(0, $post_rows)) {
             $i++;
             continue;
         }
         $r2 = $post_rows[0];
         $username[$id] = $this->get_username($r2['poster_id']);
         $memberid[$id] = $r2['poster_id'];
         $datetimes[$id] = $r2['post_time'];
         $rs[$id] = $r;
         $i++;
     }
     if ($i > 0) {
         arsort($datetimes);
         $i = 0;
         $out = array();
         if (count($datetimes) > 0) {
             foreach ($datetimes as $id => $datetime) {
                 $r = $rs[$id];
                 $out[$i] = array();
                 $out[$i]['id'] = $id;
                 $out[$i]['num'] = $r['topic_replies_real'] + 1;
                 $out[$i]['title'] = $r['topic_title'];
                 $out[$i]['description'] = $r['topic_title'];
                 $out[$i]['firsttime'] = $r['topic_time'];
                 $out[$i]['firstusername'] = $this->get_username($r['topic_poster']);
                 $out[$i]['lastusername'] = $username[$id];
                 $out[$i]['firstmemberid'] = $r['topic_poster'];
                 $out[$i]['lastmemberid'] = $memberid[$id];
                 $out[$i]['lasttime'] = $datetime;
                 $out[$i]['closed'] = $r['topic_status'] == 1;
                 $fp_rows = $this->connection->query('SELECT post_subject,post_text,bbcode_uid,poster_id FROM ' . $this->connection->get_table_prefix() . 'posts p WHERE post_text NOT LIKE \'' . db_encode_like(substr(do_lang('SPACER_POST', '', '', '', get_site_default_lang()), 0, 20) . '%') . '\' AND post_time=' . strval((int) $firsttime[$id]) . ' AND topic_id=' . strval((int) $id), 1);
                 if (!array_key_exists(0, $fp_rows)) {
                     unset($out[$i]);
                     continue;
                 }
                 $out[$i]['firsttitle'] = $fp_rows[0]['post_subject'];
                 if ($show_first_posts) {
                     global $LAX_COMCODE;
                     $temp = $LAX_COMCODE;
                     $LAX_COMCODE = true;
                     $out[$i]['firstpost'] = comcode_to_tempcode($this->_cleanup_post($fp_rows[0]['bbcode_uid'], $fp_rows[0]['post_text']), $fp_rows[0]['poster_id']);
                     $LAX_COMCODE = $temp;
                 }
                 $i++;
                 if ($i == $limit) {
                     break;
                 }
             }
         }
         return $out;
     }
     return NULL;
 }
Beispiel #26
0
 /**
  * The UI for managing banned IPs.
  *
  * @return tempcode		The UI
  */
 function gui()
 {
     $title = get_page_title('IP_BANS');
     $lookup_url = build_url(array('page' => 'admin_lookup'), get_module_zone('admin_lookup'));
     $GLOBALS['HELPER_PANEL_TEXT'] = comcode_to_tempcode(do_lang('IP_BANNING_WILDCARDS', $lookup_url->evaluate()));
     $bans = '';
     $rows = $GLOBALS['SITE_DB']->query_select('usersubmitban_ip', array('ip', 'i_descrip'));
     foreach ($rows as $row) {
         $bans .= $row['ip'] . ' ' . str_replace("\n", ' ', $row['i_descrip']) . chr(10);
     }
     $post_url = build_url(array('page' => '_SELF', 'type' => 'actual'), '_SELF');
     require_code('form_templates');
     list($warning_details, $ping_url) = handle_conflict_resolution();
     return do_template('IPBAN_SCREEN', array('_GUID' => '963d24852ba87e9aa84e588862bcfecb', 'PING_URL' => $ping_url, 'WARNING_DETAILS' => $warning_details, 'TITLE' => $title, 'BANS' => $bans, 'URL' => $post_url));
 }
Beispiel #27
0
 /**
  * Get an array of topics in the given forum. Each topic is an array with the following attributes:
  * - id, the topic ID
  * - title, the topic title
  * - lastusername, the username of the last poster
  * - lasttime, the timestamp of the last reply
  * - closed, a Boolean for whether the topic is currently closed or not
  * - firsttitle, the title of the first post
  * - firstpost, the first post (only set if $show_first_posts was true)
  *
  * @param  mixed			The forum name or an array of forum IDs
  * @param  integer		The limit
  * @param  integer		The start position
  * @param  integer		The total rows (not a parameter: returns by reference)
  * @param  SHORT_TEXT	The topic title filter
  * @param  boolean		Whether to show the first posts
  * @param  string			The date key to sort by
  * @set    lasttime firsttime
  * @param  boolean		Whether to limit to hot topics
  * @param  SHORT_TEXT	The topic description filter
  * @return ?array			The array of topics (NULL: error)
  */
 function show_forum_topics($name, $limit, $start, &$max_rows, $filter_topic_title = '', $show_first_posts = false, $date_key = 'lasttime', $hot = false, $filter_topic_description = '')
 {
     if (is_integer($name)) {
         $id_list = 'boardid=' . strval((int) $name);
     } elseif (!is_array($name)) {
         $id = $this->forum_id_from_name($name);
         if (is_null($id)) {
             return NULL;
         }
         $id_list = 'boardid=' . strval((int) $id);
     } else {
         $id_list = '';
         foreach (array_keys($name) as $id) {
             if ($id_list != '') {
                 $id_list .= ' OR ';
             }
             $id_list .= 'boardid=' . strval((int) $id);
         }
         if ($id_list == '') {
             return NULL;
         }
     }
     $topic_filter = $filter_topic_title != '' ? 'AND topic LIKE \'' . db_encode_like($filter_topic_title) . '\'' : '';
     $rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'threads WHERE (' . $id_list . ') ' . $topic_filter . ' ORDER BY ' . ($date_key == 'lasttime' ? 'lastposttime' : 'starttime') . ' DESC', $limit, $start);
     $max_rows = $this->connection->query_value_null_ok_full('SELECT COUNT(*) FROM ' . $this->connection->get_table_prefix() . 'threads WHERE (' . $id_list . ') ' . $topic_filter);
     $out = array();
     foreach ($rows as $i => $r) {
         $out[$i] = array();
         $out[$i]['id'] = $r['threadid'];
         $out[$i]['num'] = $r['replycount'] + 1;
         $out[$i]['title'] = $r['topic'];
         $out[$i]['description'] = $r['topic'];
         $out[$i]['firstusername'] = $r['starter'];
         $out[$i]['lastusername'] = $r['lastposter'];
         $out[$i]['firsttime'] = $r['starttime'];
         $out[$i]['lasttime'] = $r['lastposttime'];
         $out[$i]['closed'] = $r['closed'] == 1;
         $fp_rows = $this->connection->query('SELECT posttopic,message,userid FROM ' . $this->connection->get_table_prefix() . 'posts WHERE message NOT LIKE \'' . db_encode_like(do_lang('SPACER_POST', '', '', '', get_site_default_lang()) . '%') . '\' AND threadid=' . strval((int) $out[$i]['id']) . ' ORDER BY posttime', 1);
         if (!array_key_exists(0, $fp_rows)) {
             unset($out[$i]);
             continue;
         }
         $out[$i]['firsttitle'] = $fp_rows[0]['posttopic'];
         if ($show_first_posts) {
             global $LAX_COMCODE;
             $temp = $LAX_COMCODE;
             $LAX_COMCODE = true;
             $out[$i]['firstpost'] = comcode_to_tempcode($fp_rows[0]['message'], $fp_rows[0]['userid']);
             $LAX_COMCODE = $temp;
         }
     }
     if (count($out) != 0) {
         return $out;
     }
     return NULL;
 }
 if ($entrypoints == array('!')) {
     $url = build_url(array('page' => $page), $zone, NULL, false, false, true);
     $title = ucwords(str_replace('_', ' ', $page));
     if (substr($page_type, 0, 7) == 'comcode') {
         foreach ($comcode_page_rows as $page_row) {
             if ($page_row['p_validated'] == 0 && $page_row['the_page'] == $page && $page_row['the_zone'] == $zone) {
                 continue 2;
             }
         }
         $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt');
         $page_contents = file_get_contents($path);
         $matches = array();
         if (preg_match('#\\[title[^\\]]*\\]#', $page_contents, $matches) != 0) {
             $start = strpos($page_contents, $matches[0]) + strlen($matches[0]);
             $end = strpos($page_contents, '[/title]', $start);
             $_title = comcode_to_tempcode(substr($page_contents, $start, $end - $start), NULL, true);
             $title = strip_tags(@html_entity_decode($_title->evaluate(), ENT_QUOTES, get_charset()));
         }
     } elseif (substr($page_type, 0, 4) == 'html') {
         $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.htm');
         $page_contents = file_get_contents($path);
         $matches = array();
         if (preg_match('#\\<title[^\\>]*\\>#', $page_contents, $matches) != 0) {
             $start = strpos($page_contents, $matches[0]) + strlen($matches[0]);
             $end = strpos($page_contents, '</title>', $start);
             $title = strip_tags(@html_entity_decode(substr($page_contents, $start, $end - $start), ENT_QUOTES, get_charset()));
         }
     }
     $temp = '<DT><A HREF="' . escape_html($url->evaluate()) . '">' . escape_html($title) . '</A>';
     $_pages[$title] = $temp;
 } elseif (count($entrypoints) != 0) {
Beispiel #29
0
 /**
  * Get an array of topics in the given forum. Each topic is an array with the following attributes:
  * - id, the topic ID
  * - title, the topic title
  * - lastusername, the username of the last poster
  * - lasttime, the timestamp of the last reply
  * - closed, a Boolean for whether the topic is currently closed or not
  * - firsttitle, the title of the first post
  * - firstpost, the first post (only set if $show_first_posts was true)
  *
  * @param  mixed			The forum name or an array of forum IDs
  * @param  integer		The limit
  * @param  integer		The start position
  * @param  integer		The total rows (not a parameter: returns by reference)
  * @param  SHORT_TEXT	The topic title filter
  * @param  boolean		Whether to show the first posts
  * @param  string			The date key to sort by
  * @set    lasttime firsttime
  * @param  boolean		Whether to limit to hot topics
  * @param  SHORT_TEXT	The topic description filter
  * @return ?array			The array of topics (NULL: error)
  */
 function show_forum_topics($name, $limit, $start, &$max_rows, $filter_topic_title = '', $show_first_posts = false, $date_key = 'lasttime', $hot = false, $filter_topic_description = '')
 {
     require_code('xhtml');
     if (is_integer($name)) {
         $id_list = 'forum_id=' . strval((int) $name);
     } elseif (!is_array($name)) {
         if ($name == '<announce>' || is_null($name)) {
             $id_list = '(forum_id IS NULL)';
         } else {
             $id = $this->forum_id_from_name($name);
             if (is_null($id)) {
                 return NULL;
             }
             $id_list = 'forum_id=' . strval((int) $id);
         }
     } else {
         $id_list = '';
         $id_list_2 = '';
         foreach (array_keys($name) as $id) {
             if ($id_list != '') {
                 $id_list .= ' OR ';
             }
             if (is_null($id) || $id == '') {
                 $id_list .= '(forum_id IS NULL)';
             } else {
                 $id_list .= 'forum_id=' . strval((int) $id);
             }
         }
         if ($id_list == '') {
             return NULL;
         }
     }
     $topic_filter = $filter_topic_title != '' ? 'AND title LIKE \'' . db_encode_like($this->ipb_escape($filter_topic_title)) . '\'' : '';
     if ($filter_topic_description != '') {
         $topic_filter .= ' AND description LIKE \'' . db_encode_like($this->ipb_escape($filter_topic_description)) . '\'';
     }
     $rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'topics WHERE (' . $id_list . ') ' . $topic_filter . ' ORDER BY ' . ($date_key == 'lasttime' ? 'last_post' : 'start_date') . ' DESC', $limit, $start);
     $max_rows = $this->connection->query_value_null_ok_full('SELECT COUNT(*) FROM ' . $this->connection->get_table_prefix() . 'topics WHERE (' . $id_list . ') ' . $topic_filter);
     $emoticons_set_dir = $this->get_emo_dir();
     $out = array();
     foreach ($rows as $i => $r) {
         $out[$i] = array();
         $out[$i]['id'] = $r['tid'];
         $out[$i]['num'] = $r['posts'];
         $out[$i]['title'] = $this->ipb_unescape($r['title']);
         $out[$i]['firstusername'] = $this->ipb_unescape($r['starter_name']);
         $out[$i]['lastusername'] = $this->ipb_unescape($r['last_poster_name']);
         $out[$i]['firstmemberid'] = $r['starter_id'];
         $out[$i]['lastmemberid'] = $r['last_poster_id'];
         $out[$i]['firsttime'] = $r['start_date'];
         $out[$i]['lasttime'] = $r['last_post'];
         $out[$i]['closed'] = $r['state'] == 'closed';
         $fp_rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'posts WHERE post NOT LIKE \'' . db_encode_like(do_lang('SPACER_POST', '', '', '', get_site_default_lang()) . '%') . '\' AND topic_id=' . strval((int) $out[$i]['id']) . ' ORDER BY post_date', 1);
         if (!array_key_exists(0, $fp_rows)) {
             unset($out[$i]);
             continue;
         }
         $out[$i]['firsttitle'] = $this->ipb_unescape($fp_rows[0]['post_title']);
         if ($show_first_posts) {
             $post_id = $fp_rows[0]['pid'];
             $post = $fp_rows[0]['post'];
             if (array_key_exists('post_htmlstate', $fp_rows[0]) && $fp_rows[0]['post_htmlstate'] != 0) {
                 if ($fp_rows[0]['post_htmlstate'] == 1) {
                     $post = str_replace('<br />', '', $post);
                 }
                 $post = @html_entity_decode($post, ENT_QUOTES, get_charset());
             }
             $post = preg_replace('#public/style_emoticons/<\\#EMO_DIR\\#>(.+?)\'#is', $emoticons_set_dir . '\\1\'', $post);
             $post = str_replace("class='quotetop'", "class='comcode_quote_h4'", $post);
             $post = str_replace("class='quotemain'", "class='comcode_quote_content'", $post);
             // Attachments
             $attachments = $this->connection->query_select('attachments', array('attach_member_id', 'attach_id', 'attach_file', 'attach_location', 'attach_thumb_location', 'attach_is_image', 'attach_filesize', 'attach_hits'), array('attach_post_key' => $fp_rows[0]['post_key']));
             foreach ($attachments as $attachment) {
                 if ($attachment['attach_thumb_location'] != '' || $attachment['attach_is_image'] == 0) {
                     $url = get_forum_base_url() . '/index.php?act=Attach&type=post&id=' . $attachment['attach_id'];
                     if ($attachment['attach_thumb_location'] != '') {
                         $special = do_template('FORUM_ATTACHMENT_IMAGE_THUMB', array('_GUID' => '98a66462f270f53101c4c0a1b63f0bfc', 'FULL' => $url, 'URL' => get_forum_base_url() . '/uploads/' . $attachment['attach_thumb_location']));
                     } else {
                         $special = do_template('FORUM_ATTACHMENT_LINK', array('_GUID' => '002a3220f35debbe567ce7a225aa221e', 'FULL' => $url, 'FILENAME' => $attachment['attach_file'], 'CLEAN_SIZE' => clean_file_size($attachment['attach_filesize']), 'NUM_DOWNLOADS' => integer_format($attachment['attach_hits'])));
                     }
                 } else {
                     $special = do_template('FORUM_ATTACHMENT_IMAGE', array('_GUID' => '49dbf65cb5e20340a5ad4379ea6344c3', 'URL' => get_forum_base_url() . '/uploads/' . $attachment['attach_location']));
                 }
                 // See if we have to place it somewhere special inside the post
                 $old_post = $post;
                 $post = str_replace('[attachmentid=' . $attachment['attach_id'] . ']', $special->evaluate(), $post);
                 if ($old_post == $post) {
                     $post .= $special->evaluate();
                 }
             }
             global $LAX_COMCODE;
             $end = 0;
             while (($pos = strpos($post, '[right]', $end)) !== false) {
                 $e_pos = strpos($post, '[/right]', $pos);
                 if ($e_pos === false) {
                     break;
                 }
                 $end = $e_pos + strlen('[/right]');
                 $segment = substr($post, $pos, $end - $pos);
                 $temp = $LAX_COMCODE;
                 $LAX_COMCODE = true;
                 $comcode = comcode_to_tempcode($segment, $r['starter_id']);
                 $LAX_COMCODE = $temp;
                 $post = substr($post, 0, $pos) . $comcode->evaluate() . substr($post, $end);
             }
             $temp = $LAX_COMCODE;
             $LAX_COMCODE = true;
             $out[$i]['firstpost'] = comcode_to_tempcode(xhtmlise_html($post), $r['starter_id'], false, 60, NULL, NULL, false, false, true);
             // Assumes HTML for posts
             $LAX_COMCODE = $temp;
         }
     }
     if (count($out) != 0) {
         return $out;
     }
     return NULL;
 }
Beispiel #30
0
 /**
  * Standard modular run function.
  *
  * @param  array		A map of parameters.
  * @return tempcode	The result of execution.
  */
 function run($map)
 {
     require_all_lang();
     require_code('zones2');
     $skip_pages = array_key_exists('skip', $map) ? explode(',', $map['skip']) : array();
     $comcode_page_rows = $GLOBALS['SITE_DB']->query_select('comcode_pages', array('*'));
     $_zones = array();
     $zones = find_all_zones(false, true);
     $GLOBALS['MEMORY_OVER_SPEED'] = true;
     $low_memory = ini_get('memory_limit') != '-1' && ini_get('memory_limit') != '0' && ini_get('memory_limit') != '' && intval(preg_replace('#M$#', '', ini_get('memory_limit'))) < 26 || get_option('has_low_memory_limit') === '1';
     // Reorder a bit
     $zones2 = array();
     foreach (array('', 'site') as $zone_match) {
         foreach ($zones as $i => $zone) {
             if ($zone[0] == $zone_match) {
                 $zones2[] = $zone;
                 unset($zones[$i]);
             }
         }
     }
     $zones2 = array_merge($zones2, $zones);
     foreach ($zones2 as $z) {
         list($zone, $zone_title, , $zone_default_page) = $z;
         if (has_zone_access(get_member(), $zone)) {
             $_pages = array();
             $pages = find_all_pages_wrap($zone);
             if (isset($pages[$zone_default_page])) {
                 $default = $pages[$zone_default_page];
                 $pages = array($zone_default_page => $default) + $pages;
             }
             foreach ($pages as $page => $page_type) {
                 if (is_integer($page)) {
                     $page = strval($page);
                 }
                 if (substr($page, 0, 6) == 'panel_') {
                     continue;
                 }
                 if (substr($page, 0, 1) == '_') {
                     continue;
                 }
                 if (in_array($page, $skip_pages)) {
                     continue;
                 }
                 if (in_array($zone . ':' . $page, $skip_pages)) {
                     continue;
                 }
                 if ($page == '404') {
                     continue;
                 }
                 if (strpos($page, '_tree_made') !== false) {
                     continue;
                 }
                 if ($page == 'sitemap') {
                     continue;
                 }
                 if ($page == 'forums' && substr($page_type, 0, 7) == 'modules' && (get_forum_type() == 'ocf' || get_forum_type() == 'none')) {
                     continue;
                 }
                 if ($page == 'join' && substr($page_type, 0, 7) == 'modules' && !is_guest()) {
                     continue;
                 }
                 if (has_page_access(get_member(), $page, $zone)) {
                     $_entrypoints = array();
                     $__entrypoints = $low_memory ? array(NULL) : extract_module_functions_page($zone, $page, array('get_entry_points'));
                     if (!is_null($__entrypoints[0])) {
                         $entrypoints = is_array($__entrypoints[0]) ? call_user_func_array($__entrypoints[0][0], $__entrypoints[0][1]) : (strpos($__entrypoints[0], '::') !== false ? NULL : eval($__entrypoints[0]));
                         // The strpos thing is a little hack that allows it to work for base-class derived modules
                         if (is_null($entrypoints)) {
                             $path = zone_black_magic_filterer($zone . ($zone == '' ? '' : '/') . 'pages/' . $page_type . '/' . $page . '.php', true);
                             if ($low_memory && !defined('HIPHOP_PHP') && strpos(file_get_contents(get_file_base() . '/' . $path), ' extends standard_aed_module') !== false) {
                                 $new_code = str_replace(',parent::get_entry_points()', '', str_replace('parent::get_entry_points(),', '', $__entrypoints[0]));
                                 if (strpos($new_code, 'parent::') !== false) {
                                     continue;
                                 }
                                 $entrypoints = eval($new_code);
                             } else {
                                 require_code($path);
                                 if (class_exists('Mx_' . filter_naughty_harsh($page))) {
                                     $object = object_factory('Mx_' . filter_naughty_harsh($page));
                                 } else {
                                     $object = object_factory('Module_' . filter_naughty_harsh($page));
                                 }
                                 $entrypoints = $object->get_entry_points();
                             }
                         }
                     } else {
                         $entrypoints = array('!');
                     }
                     if (!is_array($entrypoints)) {
                         $entrypoints = array('!');
                     }
                     if ($entrypoints == array('!')) {
                         $url = build_url(array('page' => $page), $zone, NULL, false, false, true);
                         $title = ucwords(str_replace('_', ' ', $page));
                         if (substr($page_type, 0, 7) == 'comcode') {
                             foreach ($comcode_page_rows as $page_row) {
                                 if ($page_row['p_validated'] == 0 && $page_row['the_page'] == $page && $page_row['the_zone'] == $zone) {
                                     continue 2;
                                 }
                             }
                             $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt');
                             if (!is_file($path)) {
                                 $path = zone_black_magic_filterer(get_file_base() . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.txt');
                             }
                             $page_contents = file_get_contents($path);
                             $matches = array();
                             if (preg_match('#\\[title[^\\]]*\\]#', $page_contents, $matches) != 0) {
                                 $start = strpos($page_contents, $matches[0]) + strlen($matches[0]);
                                 $end = strpos($page_contents, '[/title]', $start);
                                 $matches = array();
                                 $title_portion = str_replace('{$SITE_NAME}', get_site_name(), substr($page_contents, $start, $end - $start));
                                 if (preg_match('#\\{\\!([\\w:]+)\\}#', $title_portion, $matches) != 0) {
                                     $title_portion = str_replace($matches[0], do_lang($matches[1]), $title_portion);
                                 }
                                 if (preg_match('#^[^<>\\[\\{\\&]*$#', $title_portion, $matches) != 0) {
                                     $title = $matches[0];
                                 } elseif (!$low_memory) {
                                     $_title = comcode_to_tempcode($title_portion);
                                     $title = strip_tags(@html_entity_decode($_title->evaluate(), ENT_QUOTES, get_charset()));
                                 }
                             }
                         } elseif (substr($page_type, 0, 4) == 'html') {
                             $path = zone_black_magic_filterer((strpos($page_type, '_custom') !== false ? get_custom_file_base() : get_file_base()) . '/' . filter_naughty($zone) . '/pages/' . filter_naughty($page_type) . '/' . $page . '.htm');
                             $page_contents = file_get_contents($path);
                             $matches = array();
                             if (preg_match('#\\<title[^\\>]*\\>#', $page_contents, $matches) != 0) {
                                 $start = strpos($page_contents, $matches[0]) + strlen($matches[0]);
                                 $end = strpos($page_contents, '</title>', $start);
                                 $title = strip_tags(@html_entity_decode(substr($page_contents, $start, $end - $start), ENT_QUOTES, get_charset()));
                             }
                         }
                         $temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => '92e657f8b9a3642df053f54e724e66f6', 'URL' => $url, 'NAME' => $title, 'CHILDREN' => array()));
                         $_pages[$title] = $temp->evaluate();
                         // FUDGEFUDGE
                     } elseif (count($entrypoints) != 0) {
                         foreach ($entrypoints as $entrypoint => $title) {
                             if (($entrypoint == 'concede' || $entrypoint == 'invisible' || $entrypoint == 'logout') && is_guest()) {
                                 continue;
                             }
                             if ($entrypoint == '!') {
                                 $url = build_url(array('page' => $page), $zone, NULL, false, false, true);
                             } else {
                                 $url = build_url(array('page' => $page, 'type' => $entrypoint), $zone, NULL, false, false, true);
                             }
                             $_entrypoints[$title] = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => 'ae2ed2549644a8e699e0938b3ab98ddb', 'URL' => $url, 'NAME' => do_lang_tempcode($title), 'CHILDREN' => array()));
                         }
                         //ksort($_entrypoints);
                         $title = do_lang('MODULE_TRANS_NAME_' . $page, NULL, NULL, NULL, NULL, false);
                         if (is_null($title)) {
                             $title = ucwords(str_replace('_', ' ', preg_replace('#^ocf\\_#', '', preg_replace('#^' . str_replace('#', '\\#', preg_quote($zone)) . '_#', '', preg_replace('#^' . str_replace('#', '\\#', preg_quote(str_replace('zone', '', $zone))) . '_#', '', $page)))));
                         }
                         if (count($_entrypoints) == 1) {
                             $temp_keys = array_keys($_entrypoints);
                             $temp = $_entrypoints[$temp_keys[0]];
                         } else {
                             $temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => 'dfc5cc7db0301acd938d3b2e3fceaab8', 'URL' => new ocp_tempcode(), 'NAME' => $title, 'CHILDREN' => $_entrypoints));
                         }
                         $_pages[$title] = $temp->evaluate();
                         // FUDGEFUDGE
                     }
                 }
             }
             $url = new ocp_tempcode();
             if ($_pages != array()) {
                 $keys = array_keys($_pages);
                 $first = $_pages[$keys[0]];
                 ksort($_pages);
                 $_pages = array($keys[0] => $first) + $_pages;
             }
             $temp = do_template('BLOCK_MAIN_SITEMAP_NEST', array('_GUID' => '38abb0a0e5bec968b28b4791320dd0dc', 'URL' => $url, 'NAME' => $zone_title, 'CHILDREN' => $_pages));
             $_zones[] = $temp->evaluate();
             // FUDGEFUDGE
         }
     }
     // To avoid running out of memory
     $out = do_template('BLOCK_MAIN_SITEMAP', array('_GUID' => 'd0807b30925e47d10cdb2c36231436ab', 'CHILDREN' => $_zones));
     $e = $out->evaluate();
     $explode = explode('__keep__', $e);
     // the URLs are build without keep and the templates tack it on the end
     if (strpos($e, '__keep__') !== false) {
         $out = new ocp_tempcode();
         foreach ($explode as $i => $bit) {
             if ($i != 0) {
                 $out->attach(symbol_tempcode('KEEP', NULL, array(ENTITY_ESCAPED)));
             }
             if ($GLOBALS['XSS_DETECT']) {
                 ocp_mark_as_escaped($bit);
             }
             $out->attach($bit);
         }
     }
     $e = $out->evaluate();
     if (strpos($e, '__keep1__') !== false) {
         $explode = explode('__keep1__', $e);
         $out = new ocp_tempcode();
         foreach ($explode as $i => $bit) {
             if ($i != 0) {
                 $out->attach(symbol_tempcode('KEEP', array('1'), array(ENTITY_ESCAPED)));
             }
             if ($GLOBALS['XSS_DETECT']) {
                 ocp_mark_as_escaped($bit);
             }
             $out->attach($bit);
         }
     }
     return $out;
 }