/** * This function returns the HTML code for displaying * the list of available smilies when posting a topic */ public function show() { global $CONF_FORUM, $LANG_GF_SMILIES; // Check and see if glMessenger is installed if ($CONF_FORUM['use_smilies_plugin'] && function_exists('msg_showsmilies')) { return msg_showsmilies(); } else { // Use native smilies $image = gf_getImage('pixel'); $retval = "\n<!-- LIST OF SMILIES START -->\n"; $retval .= "<div id='forum_smilies'>\n"; foreach ($this->data as $key => $value) { // each smilie defined in the $this->data array $symbol = $value['symbol']; $class = 'frm_sml_' . $key; $alt = ''; if (isset($LANG_GF_SMILIES[$key])) { $alt = htmlentities($LANG_GF_SMILIES[$key], ENT_QUOTES); } $retval .= " <a href=\"javascript:emoticon('{$symbol}')\">\n"; $retval .= " <img class='frm_sml {$class}'\n"; $retval .= " src='{$image}'\n"; $retval .= " alt='{$alt}'\n"; $retval .= " title='{$alt}'" . XHTML . ">\n"; $retval .= " </a>\n"; } $retval .= "</div>\n"; $retval .= "<!-- LIST OF SMILIES END -->\n"; } return $retval; }
$msg_row->parse('output', 'msg_row'); $rows .= $msg_row->finish($msg_row->get_var('output')); echo $msg_row->finish($msg_row->get_var('output')); if (get_magic_quotes_gpc()) { $msg_new->set_var('preview', stripslashes($_POST['message'])); } else { $msg_new->set_var('preview', $_POST['message']); } } $msg_new->set_var('phpself', $phpself); $msg_new->set_var('imgset', $CONF_MSG['imgset']); $msg_new->set_var('LANG_to', $LANG_MSG['TO']); $msg_new->set_var('LANG_subject', $LANG_MSG['SUBJECT']); $msg_new->set_var('subject', $subject); if ($CONF_MSG['smiliesEnabled']) { $msg_new->set_var('smilies', msg_showsmilies()); } else { $msg_new->set_var('smilies', ''); } $msg_new->set_var('toname', $toname); $msg_new->set_var('touid', $touid); $msg_new->set_var('buddies', $buddies); $msg_new->set_var('LANG_memberslist', $LANG_MSG['MEMBERSLIST']); $msg_new->set_var('LANG_mybuddies', $LANG_MSG['MYBUDDIES']); $msg_new->set_var('LANG_members', $LANG_MSG['MEMBERS']); $msg_new->set_var('LANG_submit', $LANG_MSG['SUBMIT']); $msg_new->set_var('LANG_preview', $LANG_MSG['PREVIEW']); if (SEC_hasRights('messenger.broadcast')) { if (isset($_POST['chk_broadcast'])) { $msg_new->set_var('broadcast_option', '<label for="chk01">' . $LANG_MSG['BROADCAST'] . '</label>: <input type="Checkbox" name="chk_broadcast" id="chk01" checked>'); } else {
/** * BBCode editor * * @param string $editorText Text being edited * @param string $formName Name of the form containing the bbcode editor * @param string $textName Name of the textarea field * @param array $additionalCodes Additional BBcodes * @param array $disabledCode array of bbcodes to disable * @return string complete HTML for the editor */ function BBC_editor($editorText, $formName, $textName, $additionalCodes = array(), $disabledCodes = array()) { global $_CONF, $LANG_BBCODE; $retval = ''; $smileys = ''; $standardCodes = array(); $standardCodes = array(array('name' => 'bold', 'label' => $LANG_BBCODE['bold_label'], 'help' => $LANG_BBCODE['bold_help'], 'start_tag' => '[b]', 'end_tag' => '[/b]', 'select' => ''), array('name' => 'italic', 'label' => $LANG_BBCODE['italic_label'], 'help' => $LANG_BBCODE['italic_help'], 'start_tag' => '[i]', 'end_tag' => '[/i]', 'select' => ''), array('name' => 'underline', 'label' => $LANG_BBCODE['underline_label'], 'help' => $LANG_BBCODE['underline_help'], 'start_tag' => '[u]', 'end_tag' => '[/u]', 'select' => ''), array('name' => 'quote', 'label' => $LANG_BBCODE['quote_label'], 'help' => $LANG_BBCODE['quote_help'], 'start_tag' => '[quote]', 'end_tag' => '[/quote]', 'select' => ''), array('name' => 'code', 'label' => $LANG_BBCODE['code_label'], 'help' => $LANG_BBCODE['code_help'], 'start_tag' => '[code]', 'end_tag' => '[/code]', 'select' => ''), array('name' => 'list', 'label' => $LANG_BBCODE['list_label'], 'help' => $LANG_BBCODE['list_help'], 'start_tag' => '[list]', 'end_tag' => '[/list]', 'select' => ''), array('name' => 'olist', 'label' => $LANG_BBCODE['olist_label'], 'help' => $LANG_BBCODE['olist_help'], 'start_tag' => '[list=]', 'end_tag' => '[/list]', 'select' => ''), array('name' => 'listitem', 'label' => $LANG_BBCODE['listitem_label'], 'help' => $LANG_BBCODE['listitem_help'], 'start_tag' => '[*]', 'end_tag' => '[/*]', 'select' => ''), array('name' => 'img', 'label' => $LANG_BBCODE['img_label'], 'help' => $LANG_BBCODE['img_help'], 'start_tag' => '[img]', 'end_tag' => '[/img]', 'select' => ''), array('name' => 'url', 'label' => $LANG_BBCODE['url_label'], 'help' => $LANG_BBCODE['url_help'], 'start_tag' => '[url]', 'end_tag' => '[/url]', 'select' => ''), array('name' => 'smileys', 'label' => $LANG_BBCODE['smiley_label'], 'help' => $LANG_BBCODE['smiley_help'], 'start_tag' => 'smileys', 'end_tag' => '', 'select' => ''), array('name' => 'size', 'label' => $LANG_BBCODE['size_label'], 'help' => $LANG_BBCODE['size_help'], 'start_tag' => '[size=]', 'end_tag' => '[/size]', 'select' => array('7' => $LANG_BBCODE['size_tiny'], '9' => $LANG_BBCODE['size_small'], '12' => '*' . $LANG_BBCODE['size_normal'], '18' => $LANG_BBCODE['size_large'], '24' => $LANG_BBCODE['size_huge'])), array('name' => 'color', 'label' => $LANG_BBCODE['color_label'], 'help' => $LANG_BBCODE['color_help'], 'start_tag' => '[color=]', 'end_tag' => '[/color]', 'select' => array('#' => '*' . $LANG_BBCODE['color_default'], 'darkred' => $LANG_BBCODE['color_darkred'], 'red' => $LANG_BBCODE['color_red'], 'orange' => $LANG_BBCODE['color_orange'], 'brown' => $LANG_BBCODE['color_brown'], 'yellow' => $LANG_BBCODE['color_yellow'], 'green' => $LANG_BBCODE['color_green'], 'olive' => $LANG_BBCODE['color_olive'], 'cyan' => $LANG_BBCODE['color_cyan'], 'blue' => $LANG_BBCODE['color_blue'], 'darkblue' => $LANG_BBCODE['color_darkblue'], 'indigo' => $LANG_BBCODE['color_indigo'], 'violet' => $LANG_BBCODE['color_violet'], 'white' => $LANG_BBCODE['color_white'], 'black' => $LANG_BBCODE['color_black']))); $T = new Template($_CONF['path_layout'] . 'bbcode/', 'keep'); $T->set_file(array('editor' => 'editor.thtml')); $offset = 0; $bbtags = 'var bbtags = new Array('; $buttons = array(); $first = 1; if (is_array($standardCodes)) { foreach ($standardCodes as $bbcode) { if (in_array($bbcode['name'], $disabledCodes) === TRUE) { continue; } if ($first == 1) { $first = 0; } else { $bbtags .= ','; } $bbtags .= "'" . $bbcode['start_tag'] . "','" . $bbcode['end_tag'] . "'"; $buttons[] = array($bbcode['label'], $bbcode['help'], $offset, $bbcode['select'], $bbcode['start_tag'], $bbcode['end_tag']); $offset = $offset + 2; } } if (is_array($additionalCodes)) { foreach ($additionalCodes as $bbcode) { if (in_array($bbcode['name'], $disabledCodes) === TRUE) { continue; } if ($first == 1) { $first = 0; } else { $bbtags .= ','; } $bbtags .= "'" . $bbcode['start_tag'] . "','" . $bbcode['end_tag'] . "'"; $buttons[] = array($bbcode['label'], $bbcode['help'], $offset, $bbcode['select'], $bbcode['start_tag'], $bbcode['end_tag']); $offset = $offset + 2; } } $bbtags .= ');'; $buttonText = ''; $buttonSelectText = ''; if (is_array($buttons)) { foreach ($buttons as $button) { if (is_array($button[3])) { $selectText = ''; $selected = 0; $indexoffset = 0; $selectoffset = 0; foreach ($button[3] as $value => $option) { if (substr($option, 0, 1) == "*") { $option = substr($option, 1); $selected = 1; $selectoffset = $indexoffset; } else { $selected = 0; } $selectText .= '<option value="' . $value . '"' . ($selected == 1 ? ' selected="selected"' : '') . '>' . $option . '</option>' . LB; $indexoffset++; } $start_tag = substr($button[4], 0, -1); $end_tag = $button[5]; $buttonSelectText .= '<span style="white-space:nowrap;">' . $button[0] . ': '; $buttonSelectText .= '<select name="bbcodesel' . $button[2] . '" id="bbcodesel' . $button[2] . '" title="' . $button[1] . '" onchange="bbfontstyle(\'' . $start_tag . '\' + this.form.bbcodesel' . $button[2] . '.options[this.form.bbcodesel' . $button[2] . '.selectedIndex].value + \']\', \'' . $end_tag . '\');this.form.bbcodesel' . $button[2] . '.selectedIndex = ' . $selectoffset . ';">' . LB; $buttonSelectText .= $selectText; $buttonSelectText .= '</select></span>' . LB; } else { if ($button[4] == 'smileys') { if (function_exists('msg_showsmilies')) { $buttonText .= '<input class="button2" type="button" title="' . $LANG_BBCODE['smiley_help'] . '" style="text-decoration: underline; width: 40px;" value="' . $LANG_BBCODE['smiley_label'] . '" name="toggleV" id="toggleV" accesskey="s"/>' . LB; $smileys = msg_showsmilies(); } } else { $buttonText .= '<input class="button2" type="button" title="' . $button[1] . '" onclick="bbstyle(' . $button[2] . ')" style="width: 30px;" value=" ' . $button[0] . ' " name="addbbcode' . $button[2] . '" accesskey="b"/>' . LB; } } } } $buttonText = $buttonText . $buttonSelectText; $T->set_var('tags', $bbtags); $T->set_var('buttons', $buttonText); $T->set_var(array('form_name' => $formName, 'text_name' => $textName, 'bbocode_text' => htmlentities($editorText, ENT_QUOTES, COM_getEncodingt()), 'smileys' => $smileys)); $T->parse('output', 'editor'); $retval .= $T->finish($T->get_var('output')); return $retval; }
/** * Displays the comment form * * @param string $title Title of comment * @param string $comment Text of comment * @param string $sid ID of object comment belongs to * @param int $pid ID of parent comment * @param string $type Type of object comment is posted to * @param string $mode Mode, e.g. 'preview' * @param string $postmode Indicates if comment is plain text or HTML * @return string HTML for comment form * */ function CMT_commentForm($title, $comment, $sid, $pid = '0', $type, $mode, $postmode) { global $_CONF, $_TABLES, $_USER, $LANG03, $LANG12, $LANG_LOGIN, $LANG_ACCESS; $retval = ''; $cid = 0; $edit_comment = ''; $filter = sanitizer::getInstance(); $AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']); $filter->setAllowedelements($AllowedElements); $filter->setNamespace('glfusion', 'comment'); // never trust $uid ... if (COM_isAnonUser()) { $uid = 1; } else { $uid = $_USER['uid']; } $commentuid = $uid; if (($mode == 'edit' || $mode == 'preview_edit') && isset($_REQUEST['cid'])) { $cid = COM_applyFilter($_REQUEST['cid']); $commentuid = DB_getItem($_TABLES['comments'], 'uid', "cid = " . (int) $cid); } if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) { $retval .= SEC_loginRequiredForm(); return $retval; } else { COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment'); $last = 0; if ($mode != 'edit' && $mode != 'preview' && $mode != 'preview_new' && $mode != 'preview_edit') { //not edit mode or preview changes $last = COM_checkSpeedlimit('comment'); } if ($last > 0) { $retval .= COM_showMessageText($LANG03[7] . $last . $LANG03[8], $LANG12[26], false); } else { if (empty($postmode)) { $postmode = $_CONF['comment_postmode']; } $AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']); $filter->setPostmode($postmode); $filter->setCensorData(true); $filter->setAllowedElements($AllowedElements); $comment = $filter->filterHTML($comment); $display_comment = $filter->displayText($comment); $edit_comment = $filter->editableText($comment); $filter->setPostmode('text'); $title = $filter->displayText($title); $title = $filter->editableText($title); $filter->setPostmode($postmode); $_POST['title'] = $title; $_POST['comment'] = $display_comment; // Preview mode: if (($mode == $LANG03[14] || $mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') && !empty($title) && !empty($comment)) { $start = new Template($_CONF['path_layout'] . 'comment'); $start->set_file(array('comment' => 'startcomment.thtml')); $start->set_var('hide_if_preview', 'style="display:none"'); // Clean up all the vars $A = array(); foreach ($_POST as $key => $value) { if ($key == 'pid' || $key == 'cid') { $A[$key] = (int) COM_applyFilter($_POST[$key], true); } else { if ($key == 'title' || $key == 'comment') { // these have already been filtered above $A[$key] = $_POST[$key]; } else { if ($key == 'username') { $A[$key] = @htmlspecialchars(COM_checkWords(strip_tags($_POST[$key])), ENT_QUOTES, COM_getEncodingt()); } else { $A[$key] = COM_applyFilter($_POST[$key]); } } } } //correct time and username for edit preview if ($mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') { $A['nice_date'] = DB_getItem($_TABLES['comments'], 'UNIX_TIMESTAMP(date)', "cid = " . (int) $cid); if ($_USER['uid'] != $commentuid) { $A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $commentuid); } } if (empty($A['username'])) { $A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $uid); } $author_id = PLG_getItemInfo($type, $sid, 'author'); $thecomments = CMT_getComment($A, 'flat', $type, 'ASC', false, true, 0, $author_id); $start->set_var('comments', $thecomments); $retval .= '<a name="comment_entry"></a>'; $retval .= COM_startBlock($LANG03[14]) . $start->finish($start->parse('output', 'comment')) . COM_endBlock(); } else { if ($mode == 'preview_new' || $mode == 'preview_edit') { $retval .= COM_showMessageText($LANG03[12], $LANG03[17], true); $mode = 'error'; } } $comment_template = new Template($_CONF['path_layout'] . 'comment'); $comment_template->set_file('form', 'commentform.thtml'); if ($mode == 'preview_new') { $comment_template->set_var('mode', 'new'); $comment_template->set_var('show_anchor', ''); } else { if ($mode == 'preview_edit') { $comment_template->set_var('mode', 'edit'); $comment_template->set_var('show_anchor', ''); } else { $comment_template->set_var('mode', $mode); $comment_template->set_var('show_anchor', 1); } } $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1])); if ($_CONF['show_fullname'] == 1) { $comment_template->set_var('lang_username', $LANG_ACCESS['name']); } else { $comment_template->set_var('lang_username', $LANG03[5]); } $comment_template->set_var('sid', $sid); $comment_template->set_var('pid', $pid); $comment_template->set_var('type', $type); if ($mode == 'edit' || $mode == 'preview_edit') { //edit modes $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[41])); $comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . @htmlspecialchars(COM_applyFilter($_REQUEST['cid']), ENT_COMPAT, COM_getEncodingt()) . '"/>'); } else { $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1])); $comment_template->set_var('cid', ''); } $comment_template->set_var('CSRF_TOKEN', SEC_createToken()); $comment_template->set_var('token_name', CSRF_TOKEN); if (!COM_isAnonUser()) { $comment_template->set_var('uid', $_USER['uid']); $name = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']); $comment_template->set_var('username', $name); $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout'); $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]); $comment_template->set_var('username_disabled', 'disabled="disabled"'); $comment_template->set_var('suballowed', true); $isSub = 0; if ($mode == 'preview_edit' || $mode == 'preview_new') { $isSub = isset($_POST['subscribe']) ? 1 : 0; } else { if (PLG_isSubscribed('comment', $type, $sid)) { $isSub = 1; } } if ($isSub == 0) { $subchecked = ''; } else { $subchecked = 'checked="checked"'; } $comment_template->set_var('subchecked', $subchecked); } else { //Anonymous user $comment_template->set_var('uid', 1); if (isset($_POST['username'])) { $name = $filter->sanitizeUsername(COM_applyFilter($_POST['username'])); //for preview } else { $name = $LANG03[24]; //anonymous user } $usernameblock = '<input type="text" name="username" size="16" value="' . $name . '" maxlength="32"/>'; $comment_template->set_var('username', $name); // $usernameblock); $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new'); $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]); $comment_template->set_var('username_disabled', ''); } if ($postmode == 'html') { $comment_template->set_var('htmlmode', true); } $comment_template->set_var('lang_title', $LANG03[16]); $comment_template->set_var('title', @htmlspecialchars($title, ENT_COMPAT, COM_getEncodingt())); $comment_template->set_var('lang_comment', $LANG03[9]); $comment_template->set_var('comment', $edit_comment); $comment_template->set_var('lang_postmode', $LANG03[2]); $comment_template->set_var('postmode', $postmode); $comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode)); $comment_template->set_var('allowed_html', $filter->getAllowedHTML() . '<br/>' . COM_AllowedAutotags('', false, 'glfusion', 'comment')); $comment_template->set_var('lang_importantstuff', $LANG03[18]); $comment_template->set_var('lang_instr_line1', $LANG03[19]); $comment_template->set_var('lang_instr_line2', $LANG03[20]); $comment_template->set_var('lang_instr_line3', $LANG03[21]); $comment_template->set_var('lang_instr_line4', $LANG03[22]); $comment_template->set_var('lang_instr_line5', $LANG03[23]); if ($mode == 'edit' || $mode == 'preview_edit') { //editing comment or preview changes $comment_template->set_var('lang_preview', $LANG03[28]); } else { //new comment $comment_template->set_var('lang_preview', $LANG03[14]); } if (function_exists('msg_replaceEmoticons')) { $comment_template->set_var('smilies', msg_showsmilies()); } $comment_template->unset_var('save_type'); PLG_templateSetVars('comment', $comment_template); if ($mode == 'preview_edit' || $mode == 'edit' && $_CONF['skip_preview'] == 1) { //for editing $comment_template->set_var('save_type', 'saveedit'); $comment_template->set_var('lang_save', $LANG03[29]); $comment_template->set_var('save_option', '<input type="submit" name="saveedit" value="' . $LANG03[29] . '"/>'); } elseif ($_CONF['skip_preview'] == 1 || $mode == 'preview_new') { //new comment $comment_template->set_var('save_type', 'savecomment'); $comment_template->set_var('lang_save', $LANG03[11]); $comment_template->set_var('save_option', '<input type="submit" name="savecomment" value="' . $LANG03[11] . '"/>'); } $comment_template->set_var('end_block', COM_endBlock()); $comment_template->parse('output', 'form'); $retval .= $comment_template->finish($comment_template->get_var('output')); } } return $retval; }