function showcomments_avatar($ctype, $cdb, $ccol, $cid, $clink, $seo_root_link = "", $a = "-", $seo_catid = "", $b = "-page-", $rowstart = "", $c = "-", $seo_subject = "")
{
    // Pimped
    global $settings, $locale, $userdata, $aidlink;
    if (URL_REWRITE && $seo_root_link != "") {
        $seo_link = $seo_root_link . $a . $seo_catid . $c . clean_subject_urlrewrite($seo_subject) . ".html";
    }
    // Pimped
    $link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
    $link = preg_replace("^(&|\\?)c_action=(edit|delete)&comment_id=\\d*^", "", $link);
    if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
        if ((iMODERATOR || iADMIN) && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . (int) $_GET['comment_id'] . "' AND comment_name='" . (int) $userdata['user_id'] . "'")) {
            $result = dbquery("DELETE FROM " . DB_COMMENTS . " WHERE comment_id='" . (int) $_GET['comment_id'] . "'" . (iMODERATOR || iADMIN ? "" : " AND comment_name='" . (int) $userdata['user_id'] . "'"));
        }
        redirect($clink);
    }
    if ($settings['comments_enabled'] == "1") {
        if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
            if (iMEMBER) {
                $comment_name = $userdata['user_id'];
            } elseif ($settings['guestposts'] == "1") {
                $comment_name = trim(stripinput($_POST['comment_name']));
                $comment_name = preg_replace("(^[0-9]*)", "", $comment_name);
                if (isnum($comment_name)) {
                    $comment_name = "";
                }
                include_once INCLUDES . "securimage/securimage.php";
                $securimage = new Securimage();
                if (!isset($_POST['com_captcha_code']) || $securimage->check($_POST['com_captcha_code']) == false) {
                    redirect($link);
                }
            }
            $comment_message = trim(stripinput(censorwords($_POST['comment_message'])));
            if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
                $comment_updated = false;
                if ((iMODERATOR || iADMIN) && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . (int) $_GET['comment_id'] . "' AND comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "' AND comment_name='" . (int) $userdata['user_id'] . "' AND comment_hidden='0'")) {
                    if ($comment_message) {
                        $result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message=" . _db($comment_message) . " WHERE comment_id='" . (int) $_GET['comment_id'] . "'" . (iMODERATOR || iADMIN ? "" : " AND comment_name='" . (int) $userdata['user_id'] . "'"));
                        $comment_updated = true;
                    }
                }
                if ($comment_updated) {
                    $c_start = (ceil(dbcount("(comment_id)", DB_COMMENTS, "comment_id<='" . (int) $_GET['comment_id'] . "' AND comment_item_id=" . _db($cid) . " AND comment_type=" . _db($ctype) . "") / 10) - 1) * 10;
                }
                redirect($clink . "&amp;c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
            } else {
                if (!dbcount("(" . $ccol . ")", $cdb, $ccol . "='" . $cid . "'")) {
                    redirect(BASEDIR . "index.php");
                }
                if ($comment_name && $comment_message) {
                    require_once INCLUDES . "flood_include.php";
                    if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
                        $result = dbquery("INSERT INTO " . DB_COMMENTS . " (comment_item_id, comment_type, comment_name, comment_message, comment_datestamp, comment_ip, comment_hidden) VALUES (" . _db($cid) . ", " . _db($ctype) . ", " . _db($comment_name) . ", " . _db($comment_message) . ", '" . time() . "', '" . USER_IP . "', '0')");
                    }
                }
                $c_start = (ceil(dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . (int) $cid . "' AND comment_type=" . _db($ctype) . "") / 10) - 1) * 10;
                redirect($clink . "&amp;c_start=" . $c_start);
            }
        }
        opentable($locale['c100']);
        echo "<a id='comments' name='comments'></a>";
        $c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id=" . _db($cid) . " AND comment_type=" . _db($ctype) . " AND comment_hidden='0'");
        if (!isset($_GET['c_start']) && $c_rows > 10) {
            $_GET['c_start'] = (ceil($c_rows / 10) - 1) * 10;
        }
        if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
            $_GET['c_start'] = 0;
        }
        $result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_datestamp, tcm.comment_message,\r\n\t\t\ttcu.user_name, tcu.user_avatar, tcu.user_id, tcu.user_level, tcu.user_status\r\n\t\t\tFROM " . DB_COMMENTS . " tcm\r\n\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\r\n\t\t\tWHERE comment_item_id=" . _db($cid) . " AND comment_type=" . _db($ctype) . " AND comment_hidden='0'\r\n\t\t\tORDER BY comment_datestamp ASC LIMIT " . (int) $_GET['c_start'] . ",10");
        if (dbrows($result)) {
            $i = $_GET['c_start'] + 1;
            if ($c_rows > 10) {
                echo "<div style='text-align:center;margin-bottom:5px;'>" . makecommentnav($_GET['c_start'], 10, $c_rows, 3, $clink . "&amp;", $seo_root_link, $a, $seo_catid, $b, $rowstart, "-cstart-", $c, $seo_subject) . "</div>\n";
            }
            echo "<table cellpadding='0' cellspacing='1' width='100%' class='tbl-border'>\n";
            while ($data = dbarray($result)) {
                echo "<tr><td class='tbl2' width='10%' align='center'>\n";
                if ($data['user_name']) {
                    echo "<span class='comment-name'>" . profile_link($data['comment_name'], $data['user_name'], $data['user_status']) . "</span>\n";
                } else {
                    echo "<span class='comment-name'>" . $data['comment_name'] . "</span>\n";
                }
                echo "</td>\n";
                echo "<td class='tbl2'>\n<span class='small'>" . $locale['global_071'] . showdate("longdate", $data['comment_datestamp']) . "</span>\n";
                echo "<div style='float:right' class='comment_actions'>";
                if ((iMODERATOR || iADMIN) && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
                    echo "<!--comment_actions-->\n<a href='" . FUSION_SELF . "?" . FUSION_QUERY . "&amp;c_action=edit&amp;comment_id=" . $data['comment_id'] . "#edit_comment'>" . $locale['c108'] . "</a> |\n";
                    echo "<a href='" . FUSION_SELF . "?" . FUSION_QUERY . "&amp;c_action=delete&amp;comment_id=" . $data['comment_id'] . "'>" . $locale['c109'] . "</a> |\n";
                }
                echo "<a href='" . FUSION_REQUEST . "#c" . $data['comment_id'] . "' id='c" . $data['comment_id'] . "' name='c" . $data['comment_id'] . "'>#" . $i . "</a></div>\n";
                echo "</td>\n";
                echo "</tr>\n<tr>\n";
                $avatar = $data['user_avatar'] != "" && file_exists(IMAGES_AVA . $data['user_avatar']) ? IMAGES_AVA . $data['user_avatar'] : IMAGES_AVA . "noavatar.jpg";
                echo "<td class='tbl1' width='15%'>\n";
                echo "<div style='text-align:center;'><img src='" . $avatar . "' width='50' height='50' alt='' /></div><br />\n";
                if ($settings['warning_system_comments'] && $data['user_name']) {
                    $points = show_warning_points($data['user_id']);
                    echo "<div class='commentswarnings'>";
                    echo "<span class='small'><a style='cursor:help;' onclick=\"warning_info();\">" . $locale['WARN200'] . "</a></span> ";
                    echo warning_profile_link("1", $data['user_id'], $points);
                    echo "</div>";
                }
                echo "<span class='small2'>" . $locale['c110'] . number_format(dbcount("(comment_id)", DB_COMMENTS, "comment_name='" . (int) $data['user_id'] . "'")) . "<br />";
                echo $locale['c111'] . getuserlevel($data['user_level']) . "</span><br />";
                echo "</td>\n";
                echo "<td class='tbl2' valign='top'>\n" . nl2br(parseubb(parsesmileys($data['comment_message']))) . "</td>\n</tr>";
                $i++;
            }
            echo "\n</table>\n";
            if ((iMODERATOR || iADMIN) && checkrights("C")) {
                echo "<div align='right' class='tbl2'><a href='" . ADMIN . "comments.php" . $aidlink . "&amp;ctype={$ctype}&amp;cid={$cid}'>" . $locale['c106'] . "</a></div>\n";
            }
            if ($c_rows > 10) {
                echo "<br /><div style='text-align:center;margin-top:5px;'>" . makecommentnav($_GET['c_start'], 10, $c_rows, 3, $clink . "&amp;", $seo_root_link, $a, $seo_catid, $b, $rowstart, "-cstart-", $c, $seo_subject) . "</div>\n";
            }
        } else {
            echo $locale['c101'] . "\n";
        }
        closetable();
        opentable($locale['c102']);
        if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
            $eresult = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcu.user_name FROM " . DB_COMMENTS . " tcm\r\n\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\r\n\t\t\t\tWHERE comment_id='" . (int) $_GET['comment_id'] . "' AND comment_item_id=" . _db($cid) . " AND comment_type=" . _db($ctype) . " AND comment_hidden='0'");
            if (dbrows($eresult)) {
                $edata = dbarray($eresult);
                if ((iMODERATOR || iADMIN) && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
                    $clink .= "&amp;c_action=edit&amp;comment_id=" . $edata['comment_id'];
                    $comment_message = $edata['comment_message'];
                }
            } else {
                $comment_message = "";
            }
        } else {
            $comment_message = "";
        }
        if (iMEMBER || $settings['guestposts'] == "1") {
            require_once INCLUDES . "bbcode_include.php";
            echo "<a id='edit_comment' name='edit_comment'></a>\n";
            echo "<form name='inputform' method='post' action='" . (URL_REWRITE && $seo_root_link != "" ? $seo_link : $clink) . "'>\n";
            // Pimped
            if (iGUEST) {
                echo "<div align='center' class='tbl'>\n" . $locale['c104'] . "<br />\n";
                echo "<input type='text' name='comment_name' maxlength='30' class='textbox' style='width:360px' />\n";
                echo "</div>\n";
            }
            echo "<div align='center' class='tbl'>\n";
            echo "<textarea name='comment_message' cols='70' rows='6' class='textbox' style='width:360px'>" . $comment_message . "</textarea><br />\n";
            echo display_bbcodes("360px", "comment_message");
            if (iGUEST) {
                echo $locale['global_158'] . "<br />\n";
                echo "<img id='com_captcha' src='" . INCLUDES . "securimage/securimage_show.php' alt='' /><br />\n";
                echo "<a href='" . INCLUDES . "securimage/securimage_play.php'><img src='" . INCLUDES . "securimage/images/audio_icon.gif' alt='' class='tbl-border' style='margin-bottom:1px' /></a>\n";
                echo "<a href='#' onclick=\"document.getElementById('com_captcha').src = '" . INCLUDES . "securimage/securimage_show.php?sid=' + Math.random(); return false\"><img src='" . INCLUDES . "securimage/images/refresh.gif' alt='' class='tbl-border' /></a><br />\n";
                echo $locale['global_159'] . "<br />\n<input type='text' name='com_captcha_code' class='textbox' style='width:100px' />\n";
            }
            echo "<br />\n<input type='submit' name='post_comment' value='" . ($comment_message ? $locale['c103'] : $locale['c102']) . "' class='button' />\n";
            echo "</div>\n</form>\n";
        } else {
            echo $locale['c105'] . "\n";
        }
        closetable();
    }
}
Beispiel #2
0
     if (!isset($_GET['rowstart']) || !isnum($_GET['rowstart'])) {
         $_GET['rowstart'] = 0;
     }
     $result = dbquery("SELECT fp.post_message, fp.post_datestamp, fp.post_edittime, fp.post_author, fp.post_edituser,\n                fu.user_name AS user_name, fu.user_status AS user_status, fe.user_name AS edit_name, fe.user_status AS edit_status,\n                ft.thread_subject, ff.forum_access\n                FROM " . DB_FORUM_THREADS . " ft\n                INNER JOIN " . DB_FORUM_POSTS . " fp ON ft.thread_id = fp.thread_id\n                INNER JOIN " . DB_FORUMS . " ff ON ff.forum_id = ft.forum_id\n                INNER JOIN " . DB_USERS . " fu ON fu.user_id = fp.post_author\n                LEFT JOIN " . DB_USERS . " fe ON fe.user_id = fp.post_edituser\n                WHERE ft.thread_id=" . $_GET['item_id'] . "\n                ORDER BY fp.post_datestamp\n                LIMIT " . $_GET['rowstart'] . ",{$posts_per_page}");
     $res = FALSE;
     $i = 0;
     if (dbrows($result)) {
         while ($data = dbarray($result)) {
             if (checkgroup($data['forum_access'])) {
                 $res = TRUE;
                 if ($i == 0) {
                     echo $locale['500'] . " <strong>" . $settings['sitename'] . " :: " . $data['thread_subject'] . "</strong><hr /><br />\n";
                 }
                 echo "<div style='margin-left:20px'>\n";
                 echo "<div style='float:left'>" . $locale['501'] . profile_link($data['post_author'], $data['user_name'], $data['user_status']) . $locale['502'] . showdate("forumdate", $data['post_datestamp']) . "</div><div style='float:right'>#" . ($i + 1) . "</div><div style='float:none;clear:both'></div><hr />\n";
                 echo nl2br(parseubb(parsesmileys($data['post_message'])));
                 if ($data['edit_name'] != '') {
                     echo "<div style='margin-left:20px'>\n<hr />\n";
                     echo $locale['503'] . profile_link($data['post_edituser'], $data['edit_name'], $data['edit_status']) . $locale['502'] . showdate("forumdate", $data['post_edittime']);
                     echo "</div>\n";
                 }
                 echo "</div>\n";
                 echo "<br />\n";
                 $i++;
             }
         }
     }
     if (!$res) {
         redirect($settings['opening_page']);
     }
 }
Beispiel #3
0
     echo "<div style='float:right'><input type='checkbox' name='delete_post[]' value='" . $data['post_id'] . "' /></div>\n";
 }
 echo nl2br(parseubb($message));
 echo "<!--sub_forum_post_message-->";
 if ($data['attach_id']) {
     if (in_array($data['attach_ext'], $imagetypes) && @getimagesize(FORUM . "attachments/" . $data['attach_name'])) {
         echo "\n<hr />\n" . $data['user_name'] . $locale['506'] . "<br /><br />\n" . display_image($data['attach_name']) . "<br />[" . parsebytesize(filesize(FORUM . "attachments/" . $data['attach_name'])) . "]\n";
     } else {
         echo "\n<hr />\n" . $data['user_name'] . $locale['507'] . "<br />\n<a href='" . FUSION_SELF . "?thread_id=" . $_GET['thread_id'] . "&amp;getfile=" . $data['post_id'] . "'>" . $data['attach_name'] . "</a>";
     }
 }
 if ($data['post_edittime'] != "0") {
     echo "\n<hr />\n" . $locale['508'] . "<a href='../profile.php?lookup=" . $data['post_edituser'] . "'>" . $data['edit_name'] . "</a>" . $locale['509'] . showdate("forumdate", $data['post_edittime']);
 }
 if ($data['post_showsig'] && array_key_exists("user_sig", $data) && $data['user_sig']) {
     echo "\n<hr />" . nl2br(parseubb(parsesmileys($data['user_sig']), "b|i|u||center|small|url|mail|img|color"));
 }
 echo "<!--sub_forum_post--></td>\n</tr>\n";
 echo "<tr>\n<td class='tbl2' style='width:140px;white-space:nowrap'>";
 if ($settings['forum_ips'] && iMEMBER || iMOD) {
     echo "<strong>" . $locale['571'] . "</strong>: " . $data['post_ip'];
 } else {
     echo "&nbsp;";
 }
 echo "</td>\n<td class='tbl2 forum_thread_userbar'>\n<div style='float:left;white-space:nowrap' class='small'><!--forum_thread_userbar-->\n";
 if (array_key_exists("user_web", $data) && $data['user_web']) {
     if (!strstr($data['user_web'], "http://")) {
         $urlprefix = "http://";
     } else {
         $urlprefix = "";
     }
Beispiel #4
0
 public function render_reply_form()
 {
     global $locale, $userdata, $forum_settings, $defender;
     $thread_data = $this->thread_info['thread'];
     if ((!iMOD or !iSUPERADMIN) && $thread_data['thread_locked']) {
         redirect(INFUSIONS . 'forum/index.php');
     }
     if ($this->getThreadPermission("can_reply")) {
         add_to_title($locale['global_201'] . $locale['forum_0503']);
         add_breadcrumb(array('link' => '', 'title' => $locale['forum_0503']));
         // field data
         $post_data = array('post_id' => 0, 'forum_id' => $this->thread_info['thread']['forum_id'], 'thread_id' => $this->thread_info['thread']['thread_id'], 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 1 : 0, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => 0, 'post_locked' => $forum_settings['forum_edit_lock'] || isset($_POST['post_locked']) ? 1 : 0);
         // execute form post actions
         if (isset($_POST['post_reply'])) {
             require_once INCLUDES . "flood_include.php";
             // all data is sanitized here.
             if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
                 // have notice
                 $update_forum_lastpost = FALSE;
                 if ($defender->safe()) {
                     // Prepare forum merging action
                     $last_post_author = dbarray(dbquery("SELECT post_author FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC LIMIT 1"));
                     if ($last_post_author['post_author'] == $post_data['post_author'] && $thread_data['forum_merge']) {
                         $last_message = dbarray(dbquery("SELECT post_id, post_message FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC"));
                         $post_data['post_id'] = $last_message['post_id'];
                         $post_data['post_message'] = $last_message['post_message'] . "\n\n" . $locale['forum_0640'] . " " . showdate("longdate", time()) . ":\n" . $post_data['post_message'];
                         dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                     } else {
                         $update_forum_lastpost = TRUE;
                         dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                         $post_data['post_id'] = dblastid();
                         if (!defined("FUSION_NULL")) {
                             dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
                         }
                     }
                     // Attach files if permitted
                     if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && $this->getThreadPermission("can_upload_attach")) {
                         $upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
                         if ($upload['error'] == 0) {
                             foreach ($upload['target_file'] as $arr => $file_name) {
                                 $adata = array('thread_id' => $thread_data['thread_id'], 'post_id' => $post_data['post_id'], 'attach_name' => $file_name, 'attach_mime' => $upload['type'][$arr], 'attach_size' => $upload['source_size'][$arr], 'attach_count' => 0);
                                 dbquery_insert(DB_FORUM_ATTACHMENTS, $adata, "save", array('keep_session' => TRUE));
                             }
                         }
                     }
                     // Update stats in forum and threads
                     if ($update_forum_lastpost == TRUE) {
                         // find all parents and update them
                         $list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $thread_data['forum_id']);
                         foreach ($list_of_forums as $fid) {
                             dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $fid . "'");
                         }
                         // update current forum
                         dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $thread_data['forum_id'] . "'");
                         // update current thread
                         dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . time() . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_postcount=thread_postcount+1, thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $thread_data['thread_id'] . "'");
                     }
                     if ($forum_settings['thread_notify'] && isset($_POST['notify_me'])) {
                         if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $thread_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
                             dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $thread_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', '1')");
                         }
                     }
                     if ($defender->safe()) {
                         redirect(INFUSIONS . "forum/postify.php?post=reply&error=0&amp;forum_id=" . intval($post_data['forum_id']) . "&amp;thread_id=" . intval($post_data['thread_id']) . "&amp;post_id=" . intval($post_data['post_id']));
                     }
                 }
             }
         }
         // template data
         $form_action = INFUSIONS . "forum/viewthread.php?action=reply&amp;forum_id=" . $thread_data['forum_id'] . "&amp;thread_id=" . $thread_data['thread_id'];
         // Quote Get
         if (isset($_GET['quote']) && isnum($_GET['quote'])) {
             $quote_result = dbquery("SELECT a.post_message, b.user_name\n\t\t\t\t\t\t\t\t\t\tFROM " . DB_FORUM_POSTS . " a\n\t\t\t\t\t\t\t\t\t\tINNER JOIN " . DB_USERS . " b ON a.post_author=b.user_id\n\t\t\t\t\t\t\t\t\t\tWHERE thread_id='" . $thread_data['thread_id'] . "' and post_id='" . $_GET['quote'] . "'");
             if (dbrows($quote_result) > 0) {
                 $quote_data = dbarray($quote_result);
                 // do not do this. to silently inject.
                 $post_data['post_message'] = "[quote name=" . $quote_data['user_name'] . " post=" . $_GET['quote'] . "]@" . $quote_data['user_name'] . " - " . strip_bbcodes($quote_data['post_message']) . "[/quote]" . $post_data['post_message'];
                 $form_action .= "&amp;post_id=" . $_GET['post_id'] . "&amp;quote=" . $_GET['quote'];
             } else {
                 redirect(INFUSIONS . "forum/index.php");
             }
         }
         $info = array('title' => $locale['forum_0503'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'openform' => openform('input_form', 'post', $form_action, array('enctype' => $this->getThreadPermission("can_upload_attach") ? TRUE : FALSE, 'max_tokens' => 1)), 'closeform' => closeform(), 'forum_id_field' => form_hidden('forum_id', "", $post_data['forum_id']), 'thread_id_field' => form_hidden('thread_id', "", $post_data['thread_id']), "forum_field" => "", 'subject_field' => form_hidden('thread_subject', "", $thread_data['thread_subject']), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => TRUE, 'error_text' => '', 'autosize' => TRUE, 'no_resize' => TRUE, 'preview' => TRUE, 'form_name' => 'input_form', 'bbcode' => TRUE)), 'delete_field' => '', 'edit_reason_field' => '', 'attachment_field' => $this->getThreadPermission("can_upload_attach") ? form_fileinput('file_attachments[]', $locale['forum_0557'], "", array('input_id' => 'file_attachments', 'upload_path' => INFUSIONS . 'forum/attachments/', 'type' => 'object', 'preview_off' => TRUE, "multiple" => TRUE, "inline" => false, 'max_count' => $forum_settings['forum_attachmax_count'], 'valid_ext' => $forum_settings['forum_attachtypes'], "class" => "m-b-0")) . "\n\t\t\t\t\t\t\t\t <div class='m-b-20'>\n<small>" . sprintf($locale['forum_0559'], parsebytesize($forum_settings['forum_attachmax']), str_replace('|', ', ', $forum_settings['forum_attachtypes']), $forum_settings['forum_attachmax_count']) . "</small>\n</div>\n" : "", "poll_form" => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0')), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0')) : '', 'sticky_field' => '', 'lock_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0')) : '', 'post_buttons' => form_button('post_reply', $locale['forum_0504'], $locale['forum_0504'], array('class' => 'btn-primary')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-l-10')), 'last_posts_reply' => '');
         // only in reply
         if ($forum_settings['forum_last_posts_reply']) {
             $result = dbquery("\n\t\t\t\tSELECT\n\t\t\t\tp.thread_id, p.post_message, p.post_smileys, p.post_author, p.post_datestamp, p.post_hidden,\n\t\t\t\t\t\t\tu.user_id, u.user_name, u.user_status, u.user_avatar\n\t\t\t\t\t\t\tFROM " . DB_FORUM_POSTS . " p\n\t\t\t\t\t\t\tLEFT JOIN " . DB_USERS . " u ON p.post_author = u.user_id\n\t\t\t\t\t\t\tWHERE p.thread_id='" . $thread_data['thread_id'] . "' AND p.post_hidden='0'\n\t\t\t\t\t\t\tGROUP BY p.post_id\n\t\t\t\t\t\t\tORDER BY p.post_datestamp DESC LIMIT 0," . $forum_settings['posts_per_page']);
             if (dbrows($result)) {
                 $title = sprintf($locale['forum_0526'], $forum_settings['forum_last_posts_reply']);
                 if ($forum_settings['forum_last_posts_reply'] == "1") {
                     $title = $locale['forum_0525'];
                 }
                 ob_start();
                 echo "<p><strong>" . $title . "</strong>\n</p>\n";
                 echo "<table class='table table-responsive'>\n";
                 $i = $forum_settings['posts_per_page'];
                 while ($data = dbarray($result)) {
                     $message = $data['post_message'];
                     if ($data['post_smileys']) {
                         $message = parsesmileys($message);
                     }
                     $message = parseubb($message);
                     echo "<tr>\n<td class='tbl2 forum_thread_user_name' style='width:10%'><!--forum_thread_user_name-->" . profile_link($data['user_id'], $data['user_name'], $data['user_status']) . "</td>\n";
                     echo "<td class='tbl2 forum_thread_post_date'>\n";
                     echo "<div style='float:right' class='small'>\n";
                     echo $i . ($i == $forum_settings['forum_last_posts_reply'] ? " (" . $locale['forum_0525'] . ")" : "");
                     echo "</div>\n";
                     echo "<div class='small'>" . $locale['forum_0524'] . showdate("forumdate", $data['post_datestamp']) . "</div>\n";
                     echo "</td>\n";
                     echo "</tr>\n<tr>\n<td valign='top' class='tbl2 forum_thread_user_info' style='width:10%'>\n";
                     echo display_avatar($data, '50px');
                     echo "</td>\n<td valign='top' class='tbl1 forum_thread_user_post'>\n";
                     echo nl2br($message);
                     echo "</td>\n</tr>\n";
                     $i--;
                 }
                 echo "</table>\n";
                 $info['last_posts_reply'] = ob_get_contents();
                 ob_end_clean();
             }
         }
         postform($info);
     } else {
         redirect(INFUSIONS . 'forum/index.php');
     }
 }
Beispiel #5
0
// xss injection
$result = dbquery("SELECT tn.thread_id FROM " . DB_FORUM_THREAD_NOTIFY . " tn\n            INNER JOIN " . DB_FORUM_THREADS . " tt ON tn.thread_id = tt.thread_id\n            INNER JOIN " . DB_FORUMS . " tf ON tt.forum_id = tf.forum_id\n            WHERE tn.notify_user="******" AND " . groupaccess('forum_access') . " AND tt.thread_hidden='0'");
$rows = dbrows($result);
if (!isset($_GET['rowstart']) or !isnum($_GET['rowstart']) or $_GET['rowstart'] > $rows) {
    $_GET['rowstart'] = 0;
}
$info['post_rows'] = $rows;
if ($rows) {
    require_once INCLUDES . "mimetypes_include.php";
    $info['page_nav'] = $rows > 10 ? makepagenav($_GET['rowstart'], 16, $rows, 3, FUSION_REQUEST, "rowstart") : "";
    $result = dbquery("\n                SELECT tf.forum_id, tf.forum_name, tf.forum_access, tf.forum_type, tf.forum_mods,\n                tn.thread_id, tn.notify_datestamp, tn.notify_user,\n                ttc.forum_id AS forum_cat_id, ttc.forum_name AS forum_cat_name,\n                tp.post_datestamp, tp.post_message,\n                tt.thread_subject, tt.forum_id, tt.thread_lastpost, tt.thread_lastpostid, tt.thread_lastuser, tt.thread_postcount, tt.thread_views, tt.thread_locked,\n                tt.thread_author, tt.thread_poll, tt.thread_sticky,\n                uc.user_id AS s_user_id, uc.user_name AS author_name, uc.user_status AS author_status, uc.user_avatar AS author_avatar,\n                u.user_id, u.user_name as last_user_name, u.user_status as last_user_status, u.user_avatar as last_user_avatar,\n                count(v.post_id) AS vote_count,\n                count(a1.attach_mime) 'attach_image',\n\t\t\t\tcount(a2.attach_mime) 'attach_files'\n                FROM " . DB_FORUM_THREAD_NOTIFY . " tn\n                INNER JOIN " . DB_FORUM_THREADS . " tt ON tn.thread_id = tt.thread_id\n                INNER JOIN " . DB_FORUMS . " tf ON tt.forum_id = tf.forum_id\n                LEFT JOIN " . DB_FORUMS . " ttc ON ttc.forum_id = tf.forum_cat\n                LEFT JOIN " . DB_USERS . " uc ON tt.thread_author = uc.user_id\n                LEFT JOIN " . DB_USERS . " u ON tt.thread_lastuser = u.user_id\n                LEFT JOIN " . DB_FORUM_POSTS . " tp ON tt.thread_id = tp.thread_id\n                LEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = tt.thread_id AND tp.post_id = v.post_id\n                LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = tt.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n\t\t\t\tLEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = tt.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n                WHERE tn.notify_user="******" AND " . groupaccess('forum_access') . " AND tt.thread_hidden='0'\n                GROUP BY tn.thread_id\n                ORDER BY tn.notify_datestamp DESC\n                LIMIT " . $_GET['rowstart'] . ",16\n            ");
    $i = 0;
    while ($threads = dbarray($result)) {
        // opt for moderators.
        $this->forum_info['moderators'] = \PHPFusion\Forums\Moderator::parse_forum_mods($threads['forum_mods']);
        $icon = "";
        $match_regex = $threads['thread_id'] . "\\|" . $threads['thread_lastpost'] . "\\|" . $threads['forum_id'];
        if ($threads['thread_lastpost'] > $this->forum_info['lastvisited']) {
            if (iMEMBER && ($threads['thread_lastuser'] == $userdata['user_id'] || preg_match("(^\\.{$match_regex}\$|\\.{$match_regex}\\.|\\.{$match_regex}\$)", $userdata['user_threads']))) {
                $icon = "<i class='" . get_forumIcons('thread') . "' title='" . $locale['forum_0261'] . "'></i>";
            } else {
                $icon = "<i class='" . get_forumIcons('new') . "' title='" . $locale['forum_0260'] . "'></i>";
            }
        }
        $author = array('user_id' => $threads['thread_author'], 'user_name' => $threads['author_name'], 'user_status' => $threads['author_status'], 'user_avatar' => $threads['author_avatar']);
        $lastuser = array('user_id' => $threads['thread_lastuser'], 'user_name' => $threads['last_user_name'], 'user_status' => $threads['last_user_status'], 'user_avatar' => $threads['last_user_avatar']);
        $threads += array("thread_link" => array("link" => INFUSIONS . "forum/viewthread.php?thread_id=" . $threads['thread_id'], "title" => $threads['thread_subject']), "forum_type" => $threads['forum_type'], "thread_pages" => makepagenav(0, $forum_settings['posts_per_page'], $threads['thread_postcount'], 3, FORUM . "viewthread.php?thread_id=" . $threads['thread_id'] . "&amp;"), "thread_icons" => array('lock' => $threads['thread_locked'] ? "<i class='" . get_forumIcons('lock') . "' title='" . $locale['forum_0263'] . "'></i>" : '', 'sticky' => $threads['thread_sticky'] ? "<i class='" . get_forumIcons('sticky') . "' title='" . $locale['forum_0103'] . "'></i>" : '', 'poll' => $threads['thread_poll'] ? "<i class='" . get_forumIcons('poll') . "' title='" . $locale['forum_0314'] . "'></i>" : '', 'hot' => $threads['thread_postcount'] >= 20 ? "<i class='" . get_forumIcons('hot') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'reads' => $threads['thread_views'] >= 20 ? "<i class='" . get_forumIcons('reads') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'image' => $threads['attach_image'] > 0 ? "<i class='" . get_forumIcons('image') . "' title='" . $locale['forum_0313'] . "'></i>" : '', 'file' => $threads['attach_files'] > 0 ? "<i class='" . get_forumIcons('file') . "' title='" . $locale['forum_0312'] . "'></i>" : '', 'icon' => $icon), "thread_starter" => $locale['forum_0006'] . timer($threads['post_datestamp']) . " " . $locale['by'] . " " . profile_link($author['user_id'], $author['user_name'], $author['user_status']) . "</span>", "thread_author" => $author, "thread_last" => array('avatar' => display_avatar($lastuser, '30px', '', '', ''), 'profile_link' => profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']), 'time' => $threads['post_datestamp'], 'post_message' => parseubb(parsesmileys($threads['post_message'])), "formatted" => "<div class='pull-left'>" . display_avatar($lastuser, '30px', '', '', '') . "</div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class='overflow-hide'>" . $locale['forum_0373'] . " <span class='forum_profile_link'>" . profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']) . "</span><br/>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . timer($threads['post_datestamp']) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>"), "track_button" => array('link' => FORUM . "index.php?section=tracked&amp;delete=" . $threads['thread_id'], 'title' => $locale['global_058']));
        // push
        $this->forum_info['item'][$threads['thread_id']] = $threads;
    }
}
Beispiel #6
0
     $msg_send_state = "";
     $msg_to_group = "";
     $msg_to_group_state = " disabled";
     $sendtoall_chk = "";
     $disablesmileys_chk = "";
 }
 if (isset($_GET['msg_id']) && isnum($_GET['msg_id'])) {
     $result = dbquery("SELECT m.message_subject, m.message_message, m.message_smileys, u.user_id, u.user_name FROM " . DB_MESSAGES . " m\n\t\t\tLEFT JOIN " . DB_USERS . " u ON m.message_from=u.user_id\n\t\t\tWHERE message_to='" . $userdata['user_id'] . "' AND message_id='" . $_GET['msg_id'] . "'");
     $data = dbarray($result);
     $_GET['msg_send'] = $data['user_id'];
     if ($subject == "") {
         $subject = (!strstr($data['message_subject'], "RE: ") ? "RE: " : "") . $data['message_subject'];
     }
     $reply_message = $data['message_message'];
     if (!$data['message_smileys']) {
         $reply_message = parsesmileys($reply_message);
     }
 } else {
     $reply_message = "";
 }
 $user_list = "";
 $user_types = "";
 if (!isset($_POST['chk_sendtoall']) || $_GET['msg_send'] != "0") {
     $sel = "";
     $result = dbquery("SELECT user_id, user_name FROM " . DB_USERS . " WHERE user_status='0' ORDER BY user_level DESC, user_name ASC");
     while ($data = dbarray($result)) {
         if ($data['user_id'] != $userdata['user_id']) {
             $sel = $_GET['msg_send'] == $data['user_id'] ? " selected='selected'" : "";
             $user_list .= "<option value='" . $data['user_id'] . "'{$sel}>" . $data['user_name'] . "</option>\n";
         }
     }
Beispiel #7
0
         }
     }
 }
 if (isset($_POST['previewpost'])) {
     if ($subject == "") {
         $subject = $locale['420'];
     }
     if ($message == "") {
         $previewmessage = $locale['421'];
     } else {
         $previewmessage = $message;
         if ($sig_checked) {
             $previewmessage = $previewmessage . "\n\n" . $userdata['user_sig'];
         }
         if (!$disable_smileys_check) {
             $previewmessage = parsesmileys($previewmessage);
         }
         $previewmessage = parseubb($previewmessage);
         $previewmessage = nl2br($previewmessage);
     }
     //$is_mod = iMOD && iUSER < "102" ? true : false;
     opentable($locale['400']);
     echo "<div class='tbl2' style='margin-bottom:5px'><span class='small'><a href='index.php'>" . $settings['sitename'] . "</a> :: " . $caption . "</span></div>\n";
     if ($fdata['forum_poll'] && checkgroup($fdata['forum_poll'])) {
         if (isset($poll_title) && $poll_title && (isset($poll_opts) && is_array($poll_opts))) {
             echo "<table cellpadding='0' cellspacing='1' width='100%' class='tbl-border' style='margin-bottom:5px'>\n<tr>\n";
             echo "<td align='center' class='tbl2'><strong>" . $poll_title . "</strong></td>\n</tr>\n<tr>\n<td class='tbl1'>\n";
             echo "<table align='center' cellpadding='0' cellspacing='0'>\n";
             foreach ($poll_opts as $poll_option) {
                 echo "<tr>\n<td class='tbl1'><input type='radio' name='poll_option' value='{$i}' style='vertical-align:middle;' /> " . $poll_option . "</td>\n</tr>\n";
                 $i++;
/**
 *	Formats a string for bbcode and/or smileys.
 *
 *	Formatting is done according to the supplied settings and the master administration settings.
 *
 *	@param string $text Raw text with optional bbcode formatting
 *	@param bool $smileys Whether smileys should be used; this is not an override to the master administration setting of
 *	whether to use smileys or not, and that takes precedence.
 *	@param string $cache If specified, this will provide the cache'd id that SMF should use to cache the output if it is suitably large.
 *
 *	@return string Will return $text as processed for bbcode (if $modSettings['shd_allow_ticket_bbc'] permits) and smileys (if
 *	$modSettings['shd_allow_ticket_smileys'] and $smileys permits)
 *	@since 1.0
*/
function shd_format_text($text, $smileys = true, $cache = '')
{
    global $modSettings, $scripturl, $smcFunc;
    static $smf_disabled = false, $shd_disabled = false;
    if (empty($modSettings['shd_allow_ticket_bbc'])) {
        if (!empty($modSettings['shd_allow_wikilinks'])) {
            shd_parse_wikilinks($text);
        }
        if (!empty($modSettings['shd_allow_ticket_smileys']) && $smileys) {
            parsesmileys($text);
        }
    } else {
        // Figure out what's disabled, if anything, and do a bait'n'switch
        if ($smf_disabled === false) {
            $original_tags = parse_bbc(false);
            $tags = array();
            foreach ($original_tags as $smf_tag) {
                if (!isset($tags[$smf_tag['tag']])) {
                    $tags[$smf_tag['tag']] = true;
                }
            }
            // See what tagz we can haz.
            if (!empty($modSettings['shd_enabled_bbc'])) {
                $enabled_tags = explode(',', $modSettings['shd_enabled_bbc']);
            } else {
                $enabled_tags = array(false);
            }
            $disabled_tags = array_diff(array_keys($tags), $enabled_tags);
            // this gets us what's present in SMF but not enabled by SD
            $disabled_tags[] = '_SHD_DUMMY_TAG';
            $smf_disabled = isset($modSettings['disabledBBC']) ? $modSettings['disabledBBC'] . ',_SHD_DUMMY_TAG' : '_SHD_DUMMY_TAG';
            $shd_disabled = implode(',', $disabled_tags);
        }
        // wecanhazbbc
        if ($shd_disabled == $smf_disabled) {
            // What SMF and SD have is the same, yay
            $text = parse_bbc($text, !empty($modSettings['shd_allow_ticket_smileys']) ? $smileys : false, $cache);
        } else {
            // first override SMF's disabled set with ours
            $modSettings['disabledBBC'] = $shd_disabled;
            parse_bbc(false);
            $text = parse_bbc($text, !empty($modSettings['shd_allow_ticket_smileys']) ? $smileys : false, $cache);
            // Now put it back
            $modSettings['disabledBBC'] = $smf_disabled;
            parse_bbc(false);
        }
    }
    return $text;
}
 }
 $original_data = dbarray(dbquery("select * from " . DB_POSTS . " where thread_id='" . $data['thread_id'] . "' order by post_id asc limit 1"));
 $timepassed = timePassed($original_data['post_datestamp']);
 echo "</td>\n\t\t<td width='40%' class='" . $row_color . "'>";
 $threadPost = dbarray(dbquery("select * from " . DB_THREADS . " t\n\t\tleft join " . DB_POSTS . " p on p.thread_id=t.thread_id\n\t\twhere t.thread_id='" . $data['thread_id'] . "' order by p.post_id asc limit 1"));
 $post_res = dbquery("select * from " . DB_PREFIX . "fb_posts where post_id='" . $threadPost['post_id'] . "'");
 if (dbrows($post_res)) {
     $post_data = dbarray($post_res);
     if ($post_data['post_icon'] && $post_data['post_icon'] !== "page_white.png" && $fb4['post_icons']) {
         echo "<div style='float:left;'><br /><img src='" . INFUSIONS . "fusionboard4/images/post_icons/" . $post_data['post_icon'] . "' alt='' style='vertical-align:middle;' />&nbsp;<br /></div>";
     }
 }
 echo "<a";
 if ($fb4['latest_popup']) {
     $originalpost = dbarray(dbquery("select * from " . DB_POSTS . " where thread_id='" . $data['thread_id'] . "' order by post_id asc limit 1"));
     $post_message = $originalpost['post_smileys'] == 1 ? parsesmileys($originalpost['post_message']) : $originalpost['post_message'];
     $post_message = phpentities(nl2br(parseubb($post_message)));
     echo " title=\"header=[ " . str_replace("]", "]]", str_replace("[", "[[", trimlink($data['thread_subject'], 70))) . "] body=[" . str_replace("]", "]]", str_replace("[", "[[", trimlink($post_message, 150))) . "] delay=[0] fade=[on]\"";
 }
 echo " href='" . FORUM . "viewthread.php?thread_id=" . $data['thread_id'] . "' title='" . $data['thread_subject'] . "'\n\t\tstyle='text-decoration:underline; font-size:12px;{$threadbold}'>" . trimlink($data['thread_subject'], 40) . "</a> ";
 if ($fb4['latest_post']) {
     echo "&nbsp;<a";
     if ($fb4['latest_popup']) {
         $originalpost = dbarray(dbquery("select * from " . DB_POSTS . " where post_id='" . $data['thread_lastpostid'] . "' order by post_id asc limit 1"));
         $post = trimlink(nl2br(stripinput(parseubb($originalpost['post_message']))), 200);
         echo " title='header=[" . $locale['fb615'] . ":] body=[" . $post . "] delay=[0] fade=[on]'";
     }
     echo " href='" . FORUM . "viewthread.php?thread_id=" . $data['thread_id'] . "&amp;pid=" . $data['thread_lastpostid'] . "#post_" . $data['thread_lastpostid'] . "'" . (!$fb4['latest_popup'] ? " title='" . $locale['fb615'] . "'" : "") . " class='small'>(<b>&raquo;</b>)</a>";
 }
 echo "<br />\n<a href='" . BASEDIR . "profile.php?lookup=" . $data['original_id'] . "' style='font-size:11px;'>" . showLabel($data['original_id'], false, "panel") . "</a><br />\n\t\t<span style='font-size:10px;'>" . $timepassed . "</span>\n\t\t</td>\n";
 echo "<td width='20%' class='" . $row_color . "' style='text-align:right;white-space:nowrap'>\n\t\t" . timePassed($data['thread_lastpost'], false) . "<br />\n\t\tby <a href='" . BASEDIR . "profile.php?lookup=" . $data['thread_lastuser'] . "'>" . showLabel($data['thread_lastuser'], false, "panel") . "</a>";
<?php

/*-------------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) PHP-Fusion Inc
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: user_sig_include.php
| Author: Digitanium
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
if (!defined("IN_FUSION")) {
    die("Access Denied");
}
// Display user field input
if ($profile_method == "input") {
    require_once INCLUDES . "bbcode_include.php";
    $options += array("bbcode" => TRUE, "inline" => TRUE, 'form_name' => 'userfieldsform');
    $user_fields = form_textarea('user_sig', $locale['uf_sig'], $field_value, $options);
} elseif ($profile_method == "display") {
    // Display in profile
    $user_fields = array('title' => $locale['uf_sig'], 'value' => $field_value ? parseubb(parsesmileys($field_value)) : $locale['na']);
}
Beispiel #11
0
 /**
  * Get thread structure when given specific tag id
  * @param string     $tag_id
  * @param bool|FALSE $filter
  * @return array
  */
 public static function get_tag_thread($tag_id = '0', $filter = FALSE)
 {
     $info = array();
     $locale = fusion_get_locale("", FORUM_LOCALE);
     $forum_settings = ForumServer::get_forum_settings();
     $userdata = fusion_get_userdata();
     $userdata['user_id'] = !empty($userdata['user_id']) ? (int) intval($userdata['user_id']) : 0;
     $lastVisited = isset($userdata['user_lastvisit']) && isnum($userdata['user_lastvisit']) ? $userdata['user_lastvisit'] : time();
     /**
      * Get threads with filter conditions (XSS prevention)
      */
     $thread_query = "\n        SELECT\n        count(t.thread_id) 'thread_max_rows',\n        count(a1.attach_id) 'attach_image',\n        count(a2.attach_id) 'attach_files'\n        FROM " . DB_FORUM_THREADS . " t\n        LEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n        INNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n        #LEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id\n        LEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n        LEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n        #LEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n        LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n        LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n        WHERE " . in_group('t.thread_tags', intval($tag_id), '.') . " AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . "\n        " . (isset($filter['condition']) ? $filter['condition'] : '') . "\n        GROUP BY tf.forum_id\n        ";
     $thread_result = dbquery($thread_query);
     $thread_rows = dbrows($thread_result);
     $count = array("thread_max_rows" => 0, "attach_image" => 0, "attach_files" => 0);
     $info['item'][$tag_id]['forum_threadcount'] = 0;
     $info['item'][$tag_id]['forum_threadcount_word'] = format_word($count['thread_max_rows'], $locale['fmt_thread']);
     if ($thread_rows > 0) {
         $count = dbarray($thread_result);
         $info['item'][$tag_id]['forum_threadcount'] = 0;
         $info['item'][$tag_id]['forum_threadcount_word'] = format_word($count['thread_max_rows'], $locale['fmt_thread']);
     }
     $info['thread_max_rows'] = $count['thread_max_rows'];
     if ($info['thread_max_rows'] > 0) {
         $info['threads']['pagenav'] = "";
         $info['threads']['pagenav2'] = "";
         // anti-XSS filtered rowstart
         $_GET['thread_rowstart'] = isset($_GET['thread_rowstart']) && isnum($_GET['thread_rowstart']) && $_GET['thread_rowstart'] <= $count['thread_max_rows'] ? $_GET['thread_rowstart'] : 0;
         $thread_query = "\n            SELECT t.*, tf.forum_type, tf.forum_name, tf.forum_cat,\n            tu1.user_name ' author_name', tu1.user_status 'author_status', tu1.user_avatar 'author_avatar',\n            tu2.user_name 'last_user_name', tu2.user_status 'last_user_status', tu2.user_avatar 'last_user_avatar',\n            p1.post_datestamp, p1.post_message,\n            IF (n.thread_id > 0, 1 , 0) 'user_tracked',\n            count(v.vote_user) 'thread_rated',\n            count(pv.forum_vote_user_id) 'poll_voted',\n            p.forum_poll_title,\n            count(v.post_id) AS vote_count,\n            a1.attach_name, a1.attach_id,\n            a2.attach_name, a2.attach_id,\n            count(a1.attach_mime) 'attach_image',\n            count(a2.attach_mime) 'attach_files',\n            min(p2.post_datestamp) 'first_post_datestamp'\n            FROM " . DB_FORUM_THREADS . " t\n            LEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n            INNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n            LEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id\n            LEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n            LEFT JOIN " . DB_FORUM_POSTS . " p2 ON p2.thread_id = t.thread_id\n            LEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n            #LEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n            LEFT JOIN " . DB_FORUM_VOTES . " v on v.thread_id = t.thread_id AND v.vote_user='******'user_id'] . "' AND v.forum_id = t.forum_id AND tf.forum_type='4'\n            LEFT JOIN " . DB_FORUM_POLL_VOTERS . " pv on pv.thread_id = t.thread_id AND pv.forum_vote_user_id='" . $userdata['user_id'] . "' AND t.thread_poll=1\n            LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n            LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n            LEFT JOIN " . DB_FORUM_THREAD_NOTIFY . " n on n.thread_id = t.thread_id and n.notify_user = '******'user_id'] . "'\n            WHERE " . in_group('t.thread_tags', intval($tag_id), '.') . " AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . "\n            " . (isset($filter['condition']) ? $filter['condition'] : '') . "\n            " . (multilang_table("FO") ? "AND tf.forum_language='" . LANGUAGE . "'" : '') . "\n            GROUP BY t.thread_id\n            " . (isset($filter['order']) ? $filter['order'] : '') . "\n            LIMIT " . intval($_GET['thread_rowstart']) . ", " . $forum_settings['threads_per_page'];
         $cthread_result = dbquery($thread_query);
         if (dbrows($cthread_result) > 0) {
             while ($threads = dbarray($cthread_result)) {
                 $icon = "";
                 $match_regex = $threads['thread_id'] . "\\|" . $threads['thread_lastpost'] . "\\|" . $threads['forum_id'];
                 if ($threads['thread_lastpost'] > $lastVisited) {
                     if (iMEMBER && ($threads['thread_lastuser'] == $userdata['user_id'] || preg_match("(^\\.{$match_regex}\$|\\.{$match_regex}\\.|\\.{$match_regex}\$)", $userdata['user_threads']))) {
                         $icon = "<i class='" . get_forumIcons('thread') . "' title='" . $locale['forum_0261'] . "'></i>";
                     } else {
                         $icon = "<i class='" . get_forumIcons('new') . "' title='" . $locale['forum_0260'] . "'></i>";
                     }
                 }
                 $author = array('user_id' => $threads['thread_author'], 'user_name' => $threads['author_name'], 'user_status' => $threads['author_status'], 'user_avatar' => $threads['author_avatar']);
                 $lastuser = array('user_id' => $threads['thread_lastuser'], 'user_name' => $threads['last_user_name'], 'user_status' => $threads['last_user_status'], 'user_avatar' => $threads['last_user_avatar']);
                 $threads += array("thread_link" => array("link" => FORUM . "viewthread.php?thread_id=" . $threads['thread_id'], "title" => $threads['thread_subject']), "forum_type" => $threads['forum_type'], "thread_pages" => makepagenav(0, $forum_settings['posts_per_page'], $threads['thread_postcount'], 3, FORUM . "viewthread.php?thread_id=" . $threads['thread_id'] . "&amp;"), "thread_icons" => array('lock' => $threads['thread_locked'] ? "<i class='" . self::get_forumIcons('lock') . "' title='" . $locale['forum_0263'] . "'></i>" : '', 'sticky' => $threads['thread_sticky'] ? "<i class='" . self::get_forumIcons('sticky') . "' title='" . $locale['forum_0103'] . "'></i>" : '', 'poll' => $threads['thread_poll'] ? "<i class='" . self::get_forumIcons('poll') . "' title='" . $locale['forum_0314'] . "'></i>" : '', 'hot' => $threads['thread_postcount'] >= 20 ? "<i class='" . self::get_forumIcons('hot') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'reads' => $threads['thread_views'] >= 20 ? "<i class='" . self::get_forumIcons('reads') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'image' => $threads['attach_image'] > 0 ? "<i class='" . self::get_forumIcons('image') . "' title='" . $locale['forum_0313'] . "'></i>" : '', 'file' => $threads['attach_files'] > 0 ? "<i class='" . self::get_forumIcons('file') . "' title='" . $locale['forum_0312'] . "'></i>" : '', 'icon' => $icon), "thread_starter" => $locale['forum_0006'] . timer($threads['first_post_datestamp']) . " " . $locale['by'] . " " . profile_link($author['user_id'], $author['user_name'], $author['user_status']) . "</span>", "thread_author" => $author, "thread_last" => array('avatar' => display_avatar($lastuser, '30px', '', '', ''), 'profile_link' => profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']), 'time' => $threads['post_datestamp'], 'post_message' => parseubb(parsesmileys($threads['post_message'])), "formatted" => "<div class='pull-left'>" . display_avatar($lastuser, '30px', '', '', '') . "</div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class='overflow-hide'>" . $locale['forum_0373'] . " <span class='forum_profile_link'>" . profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']) . "</span><br/>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . timer($threads['post_datestamp']) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>"));
                 if ($threads['thread_sticky']) {
                     $info['threads']['sticky'][$threads['thread_id']] = $threads;
                 } else {
                     $info['threads']['item'][$threads['thread_id']] = $threads;
                 }
             }
         }
         if ($info['thread_max_rows'] > $forum_settings['threads_per_page']) {
             $info['threads']['pagenav'] = makepagenav($_GET['thread_rowstart'], $forum_settings['threads_per_page'], $info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&amp;", "thread_rowstart");
             $info['threads']['pagenav2'] = makepagenav($_GET['thread_rowstart'], $forum_settings['threads_per_page'], $info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&amp;", "thread_rowstart", TRUE);
         }
     }
     return (array) $info;
 }
Beispiel #12
0
        echo "</tbody>\n</table>\n";
        echo "</div>\n";
    } else {
        echo "<div style='text-align:center'>" . $locale['416'] . "</div>\n";
    }
    closetable();
} else {
    if ($_GET['page'] == 2) {
        if (isset($_POST['post_test'])) {
            $test_message = form_sanitizer($_POST['test_message'], '', 'test_message');
            $smileys_checked = isset($_POST['test_smileys']) || preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $test_message) ? " checked='checked'" : "";
            if (!defined('FUSION_NULL')) {
                opentable($locale['417']);
                echo "<div class='well'>\n";
                if (!$smileys_checked) {
                    echo parseubb(parsesmileys($test_message));
                } else {
                    echo parseubb($test_message);
                }
                echo "</div>\n";
                closetable();
            }
        } else {
            $test_message = "";
            $smileys_checked = "";
        }
        include LOCALE . LOCALESET . "comments.php";
        opentable($locale['401']);
        echo $navigation;
        echo openform('input_form', 'input_form', 'post', FUSION_SELF . $aidlink . "&amp;page=2", array('downtime' => 0));
        echo "<table cellspacing='0' cellpadding='0' class='table table-responsive center'>\n<tr>\n";
Beispiel #13
0
 if (dbrows($result)) {
     $title = "";
     if ($settings['forum_last_posts_reply'] == "1") {
         $title = $locale['431'];
     } else {
         $title = sprintf($locale['432'], $settings['forum_last_posts_reply']);
     }
     opentable($title);
     echo "<div style='max-height:350px;overflow:auto;'>\n";
     echo "<table cellpadding='1' cellspacing='1' width='100%' class='tbl-border forum_thread_table'>\n";
     $i = $settings['forum_last_posts_reply'];
     while ($data = dbarray($result)) {
         $data['user_aliases'] = alias1($data['user_aliases']);
         $message = $data['post_message'];
         if ($data['post_smileys']) {
             $message = parsesmileys($message);
         }
         $message = parseubb($message);
         echo "<tr>\n<td class='tbl2 forum_thread_user_name' style='width:10%'><!--forum_thread_user_name-->" . alias2($data['post_alias'], $data['user_aliases'], $data['user_id'], $data['user_name'], $data['user_status']) . "</td>\n";
         echo "<td class='tbl2 forum_thread_post_date'>\n";
         echo "<div style='float:right' class='small'>\n";
         echo $i . ($i == $settings['forum_last_posts_reply'] ? " (" . $locale['431'] . ")" : "");
         echo "</div>\n";
         echo "<div class='small'>" . $locale['426'] . showdate("forumdate", $data['post_datestamp']) . "</div>\n";
         echo "</td>\n";
         echo "</tr>\n<tr>\n<td valign='top' class='tbl2 forum_thread_user_info' style='width:10%'>\n";
         if ($data['user_avatar'] && file_exists(IMAGES . "avatars/" . $data['user_avatar']) && $data['user_status'] != 6 && $data['user_status'] != 5 && $data['post_alias'] < 0) {
             echo "<img src='" . IMAGES . "avatars/" . $data['user_avatar'] . "' alt='" . $locale['567'] . "' /><br /><br />\n";
         } elseif ($data['post_alias'] >= 0) {
             echo "<img src='" . IMAGES . "avatars/noavatar100.png' alt='-' /><br /><br />\n";
             echo "<span class='small'>";
Beispiel #14
0
function profileValidateSignature(&$value)
{
    global $sourcedir, $modSettings, $smcFunc, $txt;
    require_once $sourcedir . '/Subs-Post.php';
    // Admins can do whatever they hell they want!
    if (!allowedTo('admin_forum')) {
        // Load all the signature limits.
        list($sig_limits, $sig_bbc) = explode(':', $modSettings['signature_settings']);
        $sig_limits = explode(',', $sig_limits);
        $disabledTags = !empty($sig_bbc) ? explode(',', $sig_bbc) : array();
        $unparsed_signature = strtr(un_htmlspecialchars($value), array("\r" => '', '&#039' => '\''));
        // Too long?
        if (!empty($sig_limits[1]) && $smcFunc['strlen']($unparsed_signature) > $sig_limits[1]) {
            $_POST['signature'] = trim(htmlspecialchars($smcFunc['substr']($unparsed_signature, 0, $sig_limits[1]), ENT_QUOTES));
            $txt['profile_error_signature_max_length'] = sprintf($txt['profile_error_signature_max_length'], $sig_limits[1]);
            return 'signature_max_length';
        }
        // Too many lines?
        if (!empty($sig_limits[2]) && substr_count($unparsed_signature, "\n") >= $sig_limits[2]) {
            $txt['profile_error_signature_max_lines'] = sprintf($txt['profile_error_signature_max_lines'], $sig_limits[2]);
            return 'signature_max_lines';
        }
        // Too many images?!
        if (!empty($sig_limits[3]) && substr_count(strtolower($unparsed_signature), '[img') + substr_count(strtolower($unparsed_signature), '<img') > $sig_limits[3]) {
            $txt['profile_error_signature_max_image_count'] = sprintf($txt['profile_error_signature_max_image_count'], $sig_limits[3]);
            return 'signature_max_image_count';
        }
        // What about too many smileys!
        $smiley_parsed = $unparsed_signature;
        parsesmileys($smiley_parsed);
        $smiley_count = substr_count(strtolower($smiley_parsed), '<img') - substr_count(strtolower($unparsed_signature), '<img');
        if (!empty($sig_limits[4]) && $sig_limits[4] == -1 && $smiley_count > 0) {
            return 'signature_allow_smileys';
        } elseif (!empty($sig_limits[4]) && $sig_limits[4] > 0 && $smiley_count > $sig_limits[4]) {
            $txt['profile_error_signature_max_smileys'] = sprintf($txt['profile_error_signature_max_smileys'], $sig_limits[4]);
            return 'signature_max_smileys';
        }
        // Maybe we are abusing font sizes?
        if (!empty($sig_limits[7]) && preg_match_all('~\\[size=([\\d\\.]+)?(px|pt|em|x-large|larger)~i', $unparsed_signature, $matches) !== false && isset($matches[2])) {
            foreach ($matches[1] as $ind => $size) {
                $limit_broke = 0;
                // Attempt to allow all sizes of abuse, so to speak.
                if ($matches[2][$ind] == 'px' && $size > $sig_limits[7]) {
                    $limit_broke = $sig_limits[7] . 'px';
                } elseif ($matches[2][$ind] == 'pt' && $size > $sig_limits[7] * 0.75) {
                    $limit_broke = (int) $sig_limits[7] * 0.75 . 'pt';
                } elseif ($matches[2][$ind] == 'em' && $size > (double) $sig_limits[7] / 16) {
                    $limit_broke = (double) $sig_limits[7] / 16 . 'em';
                } elseif ($matches[2][$ind] != 'px' && $matches[2][$ind] != 'pt' && $matches[2][$ind] != 'em' && $sig_limits[7] < 18) {
                    $limit_broke = 'large';
                }
                if ($limit_broke) {
                    $txt['profile_error_signature_max_font_size'] = sprintf($txt['profile_error_signature_max_font_size'], $limit_broke);
                    return 'signature_max_font_size';
                }
            }
        }
        // The difficult one - image sizes! Don't error on this - just fix it.
        if (!empty($sig_limits[5]) || !empty($sig_limits[6])) {
            // Get all BBC tags...
            preg_match_all('~\\[img(\\s+width=([\\d]+))?(\\s+height=([\\d]+))?(\\s+width=([\\d]+))?\\s*\\](?:<br />)*([^<">]+?)(?:<br />)*\\[/img\\]~i', $unparsed_signature, $matches);
            // ... and all HTML ones.
            preg_match_all('~<img\\s+src=(?:")?((?:http://|ftp://|https://|ftps://).+?)(?:")?(?:\\s+alt=(?:")?(.*?)(?:")?)?(?:\\s?/)?>~i', $unparsed_signature, $matches2, PREG_PATTERN_ORDER);
            // And stick the HTML in the BBC.
            if (!empty($matches2)) {
                foreach ($matches2[0] as $ind => $dummy) {
                    $matches[0][] = $matches2[0][$ind];
                    $matches[1][] = '';
                    $matches[2][] = '';
                    $matches[3][] = '';
                    $matches[4][] = '';
                    $matches[5][] = '';
                    $matches[6][] = '';
                    $matches[7][] = $matches2[1][$ind];
                }
            }
            $replaces = array();
            // Try to find all the images!
            if (!empty($matches)) {
                foreach ($matches[0] as $key => $image) {
                    $width = -1;
                    $height = -1;
                    // Does it have predefined restraints? Width first.
                    if ($matches[6][$key]) {
                        $matches[2][$key] = $matches[6][$key];
                    }
                    if ($matches[2][$key] && $sig_limits[5] && $matches[2][$key] > $sig_limits[5]) {
                        $width = $sig_limits[5];
                        $matches[4][$key] = $matches[4][$key] * ($width / $matches[2][$key]);
                    } elseif ($matches[2][$key]) {
                        $width = $matches[2][$key];
                    }
                    // ... and height.
                    if ($matches[4][$key] && $sig_limits[6] && $matches[4][$key] > $sig_limits[6]) {
                        $height = $sig_limits[6];
                        if ($width != -1) {
                            $width = $width * ($height / $matches[4][$key]);
                        }
                    } elseif ($matches[4][$key]) {
                        $height = $matches[4][$key];
                    }
                    // If the dimensions are still not fixed - we need to check the actual image.
                    if ($width == -1 && $sig_limits[5] || $height == -1 && $sig_limits[6]) {
                        $sizes = url_image_size($matches[7][$key]);
                        if (is_array($sizes)) {
                            // Too wide?
                            if ($sizes[0] > $sig_limits[5] && $sig_limits[5]) {
                                $width = $sig_limits[5];
                                $sizes[1] = $sizes[1] * ($width / $sizes[0]);
                            }
                            // Too high?
                            if ($sizes[1] > $sig_limits[6] && $sig_limits[6]) {
                                $height = $sig_limits[6];
                                if ($width == -1) {
                                    $width = $sizes[0];
                                }
                                $width = $width * ($height / $sizes[1]);
                            } elseif ($width != -1) {
                                $height = $sizes[1];
                            }
                        }
                    }
                    // Did we come up with some changes? If so remake the string.
                    if ($width != -1 || $height != -1) {
                        $replaces[$image] = '[img' . ($width != -1 ? ' width=' . round($width) : '') . ($height != -1 ? ' height=' . round($height) : '') . ']' . $matches[7][$key] . '[/img]';
                    }
                }
                if (!empty($replaces)) {
                    $value = str_replace(array_keys($replaces), array_values($replaces), $value);
                }
            }
        }
        // Any disabled BBC?
        $disabledSigBBC = implode('|', $disabledTags);
        if (!empty($disabledSigBBC)) {
            if (preg_match('~\\[(' . $disabledSigBBC . ')~i', $unparsed_signature, $matches) !== false && isset($matches[1])) {
                $disabledTags = array_unique($disabledTags);
                $txt['profile_error_signature_disabled_bbc'] = sprintf($txt['profile_error_signature_disabled_bbc'], implode(', ', $disabledTags));
                return 'signature_disabled_bbc';
            }
        }
    }
    preparsecode($value);
    return true;
}
Beispiel #15
0
         echo "<div class='attachments-list'>" . $a_images . "</div>\n";
         echo "</div>\n";
     }
 }
 if ($data['post_edittime'] != "0") {
     echo "\n<hr />\n<span class='small'>" . $locale['508'] . profile_link($data['post_edituser'], $data['edit_name'], $data['edit_status']) . $locale['509'] . showdate("forumdate", $data['post_edittime']) . "</span>\n";
     if ($data['post_editreason'] != "" && iMEMBER) {
         $edit_reason = true;
         echo "<br /><div class='edit_reason'><a id='reason_pid_" . $data['post_id'] . "' rel='" . $data['post_id'] . "' class='reason_button small' href='#reason_div_pid_" . $data['post_id'] . "'>";
         echo "<strong>" . $locale['508a'] . "</strong>";
         echo "</a>\n";
         echo "<div id='reason_div_pid_" . $data['post_id'] . "' class='reason_div small'>" . $data['post_editreason'] . "</div></div>\n";
     }
 }
 if ($data['post_showsig'] && isset($data['user_sig']) && $data['user_sig'] && $data['user_status'] != 6 && $data['user_status'] != 5) {
     echo "\n<hr /><div class='forum_sig'>" . nl2br(parseubb(parsesmileys($data['user_sig']), "b|i|u||center|small|url|mail|img|color")) . "</div>\n";
 }
 echo "<!--sub_forum_post--></td>\n</tr>\n";
 echo "<tr>\n<td class='tbl2 forum_thread_ip' style='width:140px;white-space:nowrap'>";
 if ($settings['forum_ips'] && iMEMBER || iMOD) {
     echo "<strong>" . $locale['571'] . "</strong>: " . $data['post_ip'];
 } else {
     echo "&nbsp;";
 }
 echo "</td>\n<td class='tbl2 forum_thread_userbar'>\n<div style='float:left;white-space:nowrap' class='small'><!--forum_thread_userbar-->\n";
 if (isset($data['user_web']) && $data['user_web'] && (iADMIN || $data['user_status'] != 6 && $data['user_status'] != 5)) {
     echo "<a href='" . $data['user_web'] . "' target='_blank'><img src='" . get_image("web") . "' alt='" . $data['user_web'] . "' style='border:0;vertical-align:middle' /></a>";
 }
 if (iMEMBER && $data['user_id'] != $userdata['user_id'] && (iADMIN || $data['user_status'] != 6 && $data['user_status'] != 5)) {
     echo "<a href='" . BASEDIR . "messages.php?msg_send=" . $data['user_id'] . "'><img src='" . get_image("pm") . "' alt='" . $locale['572'] . "' style='border:0;vertical-align:middle' /></a>\n";
 }
Beispiel #16
0
function showcomments($ctype, $cdb, $ccol, $cid, $clink)
{
    global $settings, $locale, $userdata, $aidlink;
    $link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
    $link = preg_replace("^(&amp;|\\?)c_action=(edit|delete)&amp;comment_id=\\d*^", "", $link);
    if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
        if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
            $result = dbquery("DELETE FROM " . DB_COMMENTS . " WHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : " AND comment_name='" . $userdata['user_id'] . "'"));
        }
        redirect($clink);
    }
    if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
        if (iMEMBER) {
            $comment_name = $userdata['user_id'];
        } elseif ($settings['guestposts'] == "1") {
            $comment_name = trim(stripinput($_POST['comment_name']));
            $comment_name = preg_replace("(^[0-9]*)", "", $comment_name);
            if (isnum($comment_name)) {
                $comment_name = "";
            }
            include_once INCLUDES . "securimage/securimage.php";
            $securimage = new Securimage();
            if (!isset($_POST['com_captcha_code']) || $securimage->check($_POST['com_captcha_code']) == false) {
                redirect($link);
            }
        }
        $comment_message = trim(stripinput(censorwords($_POST['comment_message'])));
        if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
            $comment_updated = false;
            if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
                if ($comment_message) {
                    $result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='{$comment_message}' WHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : " AND comment_name='" . $userdata['user_id'] . "'"));
                    $comment_updated = true;
                }
            }
            if ($comment_updated) {
                $c_start = (ceil(dbcount("(comment_id)", DB_COMMENTS, "comment_id<='" . $_GET['comment_id'] . "' AND comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "'") / 10) - 1) * 10;
            }
            redirect($clink . "&amp;rstart=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
        } else {
            if (!dbcount("(" . $ccol . ")", $cdb, $ccol . "='" . $cid . "'")) {
                redirect(BASEDIR . "index.php");
            }
            if ($comment_name && $comment_message) {
                require_once INCLUDES . "flood_include.php";
                if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
                    $result = dbquery("INSERT INTO " . DB_COMMENTS . " (comment_item_id, comment_type, comment_name, comment_message, comment_datestamp, comment_ip) VALUES ('{$cid}', '{$ctype}', '{$comment_name}', '{$comment_message}', '" . time() . "', '" . USER_IP . "')");
                }
            }
            $c_start = (ceil(dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "'") / 10) - 1) * 10;
            redirect($clink . "&amp;rstart=" . $c_start);
        }
    }
    opentable($locale['c100']);
    echo "<a id='comments' name='comments'></a>";
    $c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='{$cid}' AND comment_type='{$ctype}'");
    if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
        $_GET['c_start'] = 0;
    }
    $result = dbquery("SELECT tcm.*,user_name FROM " . DB_COMMENTS . " tcm\n\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\tWHERE comment_item_id='{$cid}' AND comment_type='{$ctype}'\n\t\tORDER BY comment_datestamp ASC LIMIT " . $_GET['c_start'] . ",10");
    if (dbrows($result)) {
        $i = $_GET['c_start'] + 1;
        if ($c_rows > 10) {
            echo "<div style='text-align:center;margin-bottom:5px;'>" . makecommentnav($_GET['c_start'], 10, $c_rows, 3, $clink . "&amp;") . "</div>\n";
        }
        while ($data = dbarray($result)) {
            echo "<div class='tbl2'>\n";
            if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
                echo "<div style='float:right' class='comment_actions'><!--comment_actions-->\n<a href='" . FUSION_REQUEST . "&amp;c_action=edit&amp;comment_id=" . $data['comment_id'] . "#edit_comment'>" . $locale['c108'] . "</a> |\n";
                echo "<a href='" . FUSION_REQUEST . "&amp;c_action=delete&amp;comment_id=" . $data['comment_id'] . "'>" . $locale['c109'] . "</a>\n</div>\n";
            }
            echo "<a href='" . FUSION_REQUEST . "#c" . $data['comment_id'] . "' id='c" . $data['comment_id'] . "' name='c" . $data['comment_id'] . "'>#" . $i . "</a> | ";
            if ($data['user_name']) {
                echo "<span class='comment-name'><a href='" . BASEDIR . "profile.php?lookup=" . $data['comment_name'] . "'>" . $data['user_name'] . "</a></span>\n";
            } else {
                echo "<span class='comment-name'>" . $data['comment_name'] . "</span>\n";
            }
            echo "<span class='small'>" . $locale['global_071'] . showdate("longdate", $data['comment_datestamp']) . "</span>\n";
            echo "</div>\n<div class='tbl1 comment_message'><!--comment_message-->" . nl2br(parseubb(parsesmileys($data['comment_message']))) . "</div>\n";
            $i++;
        }
        if (iADMIN && checkrights("C")) {
            echo "<div align='right' class='tbl2'><a href='" . ADMIN . "comments.php" . $aidlink . "&amp;ctype={$ctype}&amp;cid={$cid}'>" . $locale['c106'] . "</a></div>\n";
        }
        if ($c_rows > 10) {
            echo "<div style='text-align:center;margin-top:5px;'>" . makecommentnav($_GET['c_start'], 10, $c_rows, 3, $clink . "&amp;") . "</div>\n";
        }
    } else {
        echo $locale['c101'] . "\n";
    }
    closetable();
    opentable($locale['c102']);
    if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
        $eresult = dbquery("SELECT tcm.*,user_name FROM " . DB_COMMENTS . " tcm\n\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "'");
        if (dbrows($eresult)) {
            $edata = dbarray($eresult);
            if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
                $clink .= "&amp;c_action=edit&amp;comment_id=" . $edata['comment_id'];
                $comment_message = $edata['comment_message'];
            }
        } else {
            $comment_message = "";
        }
    } else {
        $comment_message = "";
    }
    if (iMEMBER || $settings['guestposts'] == "1") {
        require_once INCLUDES . "bbcode_include.php";
        echo "<a id='edit_comment' name='edit_comment'></a>\n";
        echo "<form name='inputform' method='post' action='" . $clink . "'>\n";
        if (iGUEST) {
            echo "<div align='center' class='tbl'>\n" . $locale['c104'] . "<br />\n";
            echo "<input type='text' name='comment_name' maxlength='30' class='textbox' style='width:360px' />\n";
            echo "</div>\n";
        }
        echo "<div align='center' class='tbl'>\n";
        echo "<textarea name='comment_message' cols='70' rows='6' class='textbox' style='width:360px'>" . $comment_message . "</textarea><br />\n";
        echo display_bbcodes("360px", "comment_message");
        if (iGUEST) {
            echo $locale['global_158'] . "<br />\n";
            echo "<img id='com_captcha' src='" . INCLUDES . "securimage/securimage_show.php' alt='' /><br />\n";
            echo "<a href='" . INCLUDES . "securimage/securimage_play.php'><img src='" . INCLUDES . "securimage/images/audio_icon.gif' alt='' class='tbl-border' style='margin-bottom:1px' /></a>\n";
            echo "<a href='#' onclick=\"document.getElementById('com_captcha').src = '" . INCLUDES . "securimage/securimage_show.php?sid=' + Math.random(); return false\"><img src='" . INCLUDES . "securimage/images/refresh.gif' alt='' class='tbl-border' /></a><br />\n";
            echo $locale['global_159'] . "<br />\n<input type='text' name='com_captcha_code' class='textbox' style='width:100px' />\n";
        }
        echo "<br />\n<input type='submit' name='post_comment' value='" . ($comment_message ? $locale['c103'] : $locale['c102']) . "' class='button' />\n";
        echo "</div>\n</form>\n";
    } else {
        echo $locale['c105'] . "\n";
    }
    closetable();
}
Beispiel #17
0
/**
 * @param $comment_type - abbr or short ID
 * @param $comment_db - Current Application DB - DB_BLOG for example.
 * @param $comment_col - current sql primary key column - 'blog_id' for example
 * @param $comment_item_id - current sql primary key value '$_GET['blog_id']' for example
 * @param $clink - current page link 'FUSION_SELF' is ok.
 */
function showcomments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink)
{
    global $settings, $locale, $userdata, $aidlink;
    $link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
    $link = preg_replace("^(&amp;|\\?)c_action=(edit|delete)&amp;comment_id=\\d*^", "", $link);
    $_GET['comment'] = isset($_GET['comment']) && isnum($_GET['comment']) ? $_GET['comment'] : 0;
    $cpp = $settings['comments_per_page'];
    if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
        if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
            $result = dbquery("DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
        }
        redirect($clink . ($settings['comments_sorting'] == "ASC" ? "" : "&amp;c_start=0"));
    }
    if ($settings['comments_enabled'] == "1") {
        if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
            if (!iMEMBER && $settings['guestpost'] == 1) {
                if (!isset($_POST['comment_name'])) {
                    redirect($link);
                }
                if (isnum($_POST['comment_name'])) {
                    $_POST['comment_name'] = '';
                }
                $_CAPTCHA_IS_VALID = FALSE;
                include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
                if (!isset($_POST['captcha_code']) || $_CAPTCHA_IS_VALID == FALSE) {
                    redirect($link);
                }
            }
            $comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
            if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) {
                $comment_updated = FALSE;
                if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "' \n\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tAND comment_type='" . $comment_type . "' \n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "' \n\t\t\t\tAND comment_hidden='0'")) {
                    dbquery_insert(DB_COMMENTS, $comment_data, 'update');
                    if ($comment_data['comment_message']) {
                        $result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='" . $comment_data['comment_message'] . "'\n  \t\t\t\t\t\t\t\t\t   WHERE comment_id='" . $_GET['comment_id'] . "' " . (iADMIN ? "" : "AND comment_name='" . $userdata['user_id'] . "'"));
                        if ($result) {
                            $comment_updated = TRUE;
                        }
                    }
                }
                if ($comment_updated) {
                    if ($settings['comments_sorting'] == "ASC") {
                        $c_operator = "<=";
                    } else {
                        $c_operator = ">=";
                    }
                    $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n\t\t\t\t\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\n\t\t\t\t\t\t\t\tAND comment_type='" . $comment_type . "'");
                    $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                }
                redirect($clink . "&amp;c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
            } else {
                if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) {
                    redirect(BASEDIR . "index.php");
                }
                $id = 0;
                if ($comment_data['comment_name'] && $comment_data['comment_message']) {
                    require_once INCLUDES . "flood_include.php";
                    if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
                        dbquery_insert(DB_COMMENTS, $comment_data, 'save');
                        $id = dblastid();
                    }
                }
                if ($settings['comments_sorting'] == "ASC") {
                    $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'");
                    $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                } else {
                    $c_start = 0;
                }
                //if (!$settings['site_seo']) {
                redirect($clink . "&amp;c_start=" . $c_start . "#c" . $id);
                //}
            }
        }
        $c_arr = array("c_con" => array(), "c_info" => array("c_makepagenav" => FALSE, "admin_link" => FALSE));
        $c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'");
        if (!isset($_GET['c_start']) && $c_rows > $cpp) {
            $_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
        }
        if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
            $_GET['c_start'] = 0;
        }
        $result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcm.comment_datestamp,\n\t\t\t\t\ttcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n\t\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\t\tWHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n\t\t\t\t\tORDER BY comment_datestamp " . $settings['comments_sorting'] . " LIMIT " . $_GET['c_start'] . "," . $cpp);
        if (dbrows($result) > 0) {
            $i = $settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
            if ($c_rows > $cpp) {
                $c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&amp;", "c_start");
            }
            while ($data = dbarray($result)) {
                $c_arr['c_con'][$i]['comment_id'] = $data['comment_id'];
                $c_arr['c_con'][$i]['edit_dell'] = FALSE;
                $c_arr['c_con'][$i]['i'] = $i;
                if ($data['user_name']) {
                    $c_arr['c_con'][$i]['comment_name'] = profile_link($data['comment_name'], $data['user_name'], $data['user_status'], 'strong text-dark');
                } else {
                    $c_arr['c_con'][$i]['comment_name'] = $data['comment_name'];
                }
                $c_arr['c_con'][$i]['user_avatar'] = display_avatar($data, '35px', '', true, 'img-rounded');
                $c_arr['c_con'][$i]['user'] = array('user_id' => $data['user_id'], 'user_name' => $data['user_name'], 'user_avatar' => $avatar = $data['user_avatar'] !== '' && file_exists(IMAGES . 'avatars/' . $data['user_avatar']) ? IMAGES . 'avatars/' . $data['user_avatar'] : IMAGES . "avatars/noavatar50.png", 'user_status' => $data['user_status']);
                $c_arr['c_con'][$i]['comment_datestamp'] = showdate('shortdate', $data['comment_datestamp']);
                $c_arr['c_con'][$i]['comment_time'] = timer($data['comment_datestamp']);
                $c_arr['c_con'][$i]['comment_message'] = "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($data['comment_message'])));
                if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
                    $edit_link = clean_request('c_action=edit&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false) . "#edit_comment";
                    $delete_link = clean_request('c_action=delete&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false);
                    $c_arr['c_con'][$i]['edit_link'] = array('link' => $edit_link, 'name' => $locale['c108']);
                    $c_arr['c_con'][$i]['delete_link'] = array('link' => $delete_link, 'name' => $locale['c109']);
                    $c_arr['c_con'][$i]['edit_dell'] = "<!--comment_actions-->\n";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<div class='btn-group'>";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $edit_link . "'>";
                    $c_arr['c_con'][$i]['edit_dell'] .= $locale['c108'] . "</a>\n";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $delete_link . "' onclick=\"return confirm('" . $locale['c110'] . "');\">";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<i class='fa fa-trash'></i> " . $locale['c109'] . "</a>";
                    $c_arr['c_con'][$i]['edit_dell'] .= "</div>\n";
                }
                $settings['comments_sorting'] == "ASC" ? $i++ : $i--;
            }
            if (iADMIN && checkrights("C")) {
                $c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n";
                $c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&amp;ctype=" . $comment_type . "&amp;comment_item_id=" . $comment_item_id . "'>" . $locale['c106'] . "</a>";
            }
        }
        opentable($locale['c102']);
        $comment_message = "";
        if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
            $eresult = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcu.user_name\n\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $comment_item_id . "'\n\t\t\t\tAND comment_type='" . $comment_type . "' AND comment_hidden='0'");
            if (dbrows($eresult) > 0) {
                $edata = dbarray($eresult);
                if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
                    $clink .= "&amp;c_action=edit&amp;comment_id=" . $edata['comment_id'];
                    $comment_message = $edata['comment_message'];
                }
            } else {
                $comment_message = "";
            }
        }
        if (iMEMBER || $settings['guestposts'] == "1") {
            require_once INCLUDES . "bbcode_include.php";
            echo "<a id='edit_comment' name='edit_comment'></a>\n";
            echo openform('inputform', 'post', $clink, array('class' => 'm-b-20', 'max_tokens' => 1));
            if (iGUEST) {
                echo form_text('comment_name', $locale['c104'], '', array('max_length' => 30));
            }
            echo form_textarea('comment_message', '', $comment_message, array('required' => 1, 'autosize' => 1, 'form_name' => 'inputform', 'bbcode' => 1));
            if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) {
                $_CAPTCHA_HIDE_INPUT = FALSE;
                echo "<div style='width:360px; margin:10px auto;'>";
                echo $locale['global_150'] . "<br />\n";
                include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_display.php";
                if (!$_CAPTCHA_HIDE_INPUT) {
                    echo "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>";
                    echo "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n";
                }
                echo "</div>\n";
            }
            echo form_button('post_comment', $comment_message ? $locale['c103'] : $locale['c102'], $comment_message ? $locale['c103'] : $locale['c102'], array('class' => 'btn-success m-t-10'));
            echo closeform();
        } else {
            echo "<div class='well'>\n";
            echo $locale['c105'] . "\n";
            echo "</div>\n";
        }
        closetable();
        echo "<a id='comments' name='comments'></a>";
        render_comments($c_arr['c_con'], $c_arr['c_info']);
    }
}
    echo "<br/>\n<textarea name='notes_content' id='notes_content' class='textbox' cols='20' rows='4' style='width:140px'></textarea><br />\n";
    echo "" . display_bbcodes("150px;", "notes_content", "notes_form", "smiley|b|u|url") . "";
    echo "<input type='submit' id='notes_submit' name='notes_submit' class='button' value='" . $locale['note_02'] . "' />\n";
    echo "</form>\n";
    echo "</div><br />\n";
    $result = dbquery("SELECT note_id, note_name, note_text, note_datestamp FROM " . DB_ADMIN_NOTES . " ORDER BY note_id DESC");
    echo "<div class='admin_notes' id='notes_q'>";
    echo "<div id='note_loading'></div>\n";
    while ($data = dbarray($result)) {
        echo "<div style='float:left' class='admin_note'>";
        echo "<strong>" . $data['note_name'] . "</strong>&nbsp;";
        echo "<a id='" . $data['note_id'] . "' href='" . FUSION_SELF . "?id=" . $data['note_id'] . "'>";
        echo "<img class='loding' src='" . get_image("cancel") . "' title='" . $locale['note_03'] . "?' alt='" . $locale['note_03'] . "?' style='border:0;margin:0;vertical-align:bottom;' />";
        echo "</a><img src='' alt='' style='height:16px;width:0px;' /><br />";
        echo "<div class='shoutboxdate'>" . showdate("%d %b %H:%M", $data['note_datestamp']) . "</div>";
        echo "<div class='notify'>" . parseubb(parsesmileys($data['note_text']), "b|i|u|url") . "</div>";
        echo "</div>";
    }
    echo "</div>";
    closeside();
    if (isset($_POST['submit']) && @$_SERVER['HTTP_X_REQUESTED_WITH'] === 'XMLHttpRequest') {
        $content = trim(stripinput($_POST['content']));
        $name = trim(stripinput($_POST['name']));
        $ins = dbquery("INSERT INTO " . DB_ADMIN_NOTES . " (note_text, note_name, note_datestamp) VALUES (" . _db($content) . ", " . _db($name) . ", '" . time() . "')");
    } elseif (isset($_GET['id']) && @$_SERVER['HTTP_X_REQUESTED_WITH'] === 'XMLHttpRequest') {
        $id = trim(stripinput($_GET['id']));
        $delete = dbquery("DELETE FROM " . DB_ADMIN_NOTES . " WHERE note_id=" . _db($id));
        return $locale['note_04'];
    }
}
require_once TEMPLATES . "footer.php";
Beispiel #19
0
        \PHPFusion\ImageRepo::setImage("smiley_" . $smiley['smiley_text'], $smiley_path);
    }
}
if ($_POST['editor'] == 'html') {
    $text = parsesmileys(nl2br(html_entity_decode(stripslashes($text))));
    if (isset($_POST['mode']) && $_POST['mode'] == 'admin') {
        $images = str_replace('../../../', '', IMAGES);
        $text = str_replace(IMAGES, $images, $text);
        $text = str_replace(IMAGES_N, $images, $text);
        $text = parse_imageDir($text, $prefix_ . "images/");
    }
    echo html_entity_decode($text, ENT_QUOTES, $locale['charset']) ?: "<p class='text-center'>" . $locale['nopreview'] . "</p>\n";
} elseif ($_POST['editor'] == 'bbcode') {
    $text = parseubb(parsesmileys($text));
    if (isset($_POST['mode']) && $_POST['mode'] == 'admin') {
        $images = str_replace('../../../', '', IMAGES);
        $text = str_replace(IMAGES, $images, $text);
        $text = str_replace(IMAGES_N, $images, $text);
        $text = parse_imageDir($text, $prefix_ . "images/");
    }
    echo html_entity_decode($text, ENT_QUOTES, $locale['charset']) ?: "<p class='text-center'>" . $locale['nopreview'] . "</p>\n";
} else {
    $text = parsesmileys($text);
    if (isset($_POST['mode']) && $_POST['mode'] == 'admin') {
        $images = str_replace('../../../', '', IMAGES);
        $text = str_replace(IMAGES, $images, $text);
        $text = str_replace(IMAGES_N, $images, $text);
    }
    echo parse_imageDir(nl2br(html_entity_decode($text, ENT_QUOTES, $locale['charset']))) ?: "<p class='text-center'>" . $locale['nopreview'] . "</p>\n";
}
echo "</div>\n";
        echo "<div class='shoutboxname' >";
        if ($data['user_name']) {
            echo "<span class='side'>" . profile_link($data['shout_name'], $data['user_name'], $data['user_status']) . "</span>\n";
        } else {
            echo $data['shout_name'] . "\n";
        }
        echo "</div>\n";
        echo "<div class='shoutboxdate'>" . showdate("shortdate", $data['shout_datestamp']) . "</div>";
        if ($settings['warning_system_shoutbox']) {
            $points = show_warning_points($data['user_id']);
            echo "<div class='shoutboxwarnings'>";
            echo "<span class='small'><a style='cursor:help;' onclick=\"warning_info();\">" . $locale['WARN200'] . "</a></span> ";
            echo warning_profile_link("1", $data['user_id'], $points);
            echo "</div>";
        }
        echo "<div class='shoutbox' style='clear:left;'>" . sbwrap(parseubb(parsesmileys($data['shout_message']), "b|i|u|url|color")) . "</div>\n";
        if ((iMODERATOR || iADMIN) && checkrights("S") || iMEMBER && $data['shout_name'] == $userdata['user_id'] && isset($data['user_name'])) {
            echo "[<a href='" . $link . $sep . "s_action=edit&amp;shout_id=" . $data['shout_id'] . "#edit_shout" . "' class='side'>" . $locale['global_076'] . "</a>]\n";
            echo "[<a href='" . $link . $sep . "s_action=delete&amp;shout_id=" . $data['shout_id'] . "' class='side'>" . $locale['global_157'] . "</a>]<br />\n";
        }
        $i++;
        if ($i != $numrows) {
            echo "<br />\n";
        }
    }
    if ($numrows > $settings['numofshouts']) {
        echo "<div style='text-align:center'>\n<a href='" . INFUSIONS . "shoutbox_panel/shoutbox_archive.php' class='side'>" . $locale['global_155'] . "</a>\n</div>\n";
    }
} else {
    echo "<div>" . $locale['global_156'] . "</div>\n";
}
Beispiel #21
0
        echo "<p>\n<form action='include/do_did.php?did=" . $download->id . "' method='post'>\n<div align='center'>" . $locale['PDP210'] . ": <b>" . $locale['PDP205'][$data['vote_opt']] . "</b><br />\n\t<input type='submit' name='del_vote' class='button'" . " value='" . $locale['PDP209'] . "' />\n</div>\n</form>\n";
    }
} elseif (dbrows($res) == 0) {
    echo "<p>" . $locale['PDP208'];
}
closetable();
/****************************************************************************
 * COMMENTS
 */
opentable($locale['PDP021']);
$res = dbquery("SELECT comment_user_name, comment_smileys,\n\tcomment_text, user_id, comment_id, comment_timestamp\n\tFROM " . DB_PDP_COMMENTS . "\n\tWHERE download_id='" . $download->id . "'\n\tORDER BY comment_timestamp ASC");
$count_comments = $count = dbrows($res);
while ($data = dbarray($res)) {
    $name = $data['comment_user_name'];
    if ($data['comment_smileys'] == "1") {
        $text = parsesmileys($data['comment_text']);
    } else {
        $text = $data['comment_text'];
    }
    $text = parseubb($text);
    if ($data['user_id']) {
        $name = '<a href="' . BASEDIR . 'profile.php?lookup=' . $data['user_id'] . '">' . $name . '</a>';
    } else {
        $name = '<strong>' . $name . '</strong>';
    }
    echo '
<div class="comment" id="comm' . $data['comment_id'] . '">
<span class="comment-name">' . $name . '</a></span>
<span class="small">' . $locale['PDP031'] . showdate('shortdate', $data['comment_timestamp']) . '</span>
<p>
' . $text . '
Beispiel #22
0
/**
 * Format html code and add bbcode if $bbcode = true
 * @param string $text
 * @param boolean $bbcodes
 * @return string 
 */
function htmlformat($text, $bbcodes = false)
{
    $text = htmlentities($text, ENT_QUOTES, 'UTF-8');
    $text = nl2br($text);
    if ($bbcodes) {
        $text = bbcodes($text);
        $text = parsesmileys($text);
    }
    return $text;
}
             if ($print_files != '') {
                 echo "<br />";
             }
             echo "\n<fieldset class='forum_attachments'>";
             echo "<legend class='forum_attachments_legend'>" . profile_link($data['user_id'], $data['user_name'], $data['user_status']) . ($count_images > 1 ? $locale['506b'] : $locale['506']) . "</legend>";
             echo "<div class='forum_attachments_content'>" . $print_images . "</div>";
             echo "</fieldset>\n";
         }
     }
 }
 if ($data['post_edittime'] != "0") {
     echo "\n<fieldset class='forum_edit'>\n" . $locale['508'] . profile_link($data['post_edituser'], $data['edit_name'], $data['edit_status']) . $locale['509'] . showdate("forumdate", $data['post_edittime']) . "</fieldset>";
     // Pimped: added profile_link()
 }
 if ($data['post_showsig'] && isset($data['user_sig']) && $data['user_sig']) {
     echo "\n<fieldset class='forum_signatur'>\r\n\t\t\t<legend class='forum_signatur_legend'>" . $locale['507d'] . "</legend>" . nl2br(parseubb(parsesmileys($data['user_sig']), "b|i|u||center|small|url|mail|img|color")) . "\r\n\t\t\t</fieldset>";
 }
 echo "<!--sub_forum_post--></td>\n</tr>\n";
 // Pimped: Post Ratings ->
 if ($settings['forum_post_ratings']) {
     $show = post_ratings_show($data['post_id']);
     $do = '';
     if (iMEMBER && $userdata['user_id'] !== $data['user_id']) {
         $do .= "<span id='rb_" . $data['post_id'] . "'>";
         $do .= post_ratings_do($data['post_id'], $userdata['user_id'], $data['post_author'], false);
         $do .= "</span>&nbsp;";
     }
     if ($do != '' || $show != '') {
         echo "<tr>\n<td class='tbl2'>\n</td>\n<td class='tbl2'>";
         echo "<div align='left'>\n";
         echo $show;
Beispiel #24
0
/** Custom data formatter */
function parseInfo($data)
{
    global $locale, $dl_settings;
    $download_image = '';
    if ($data['download_image'] && $dl_settings['download_screenshot'] == "1") {
        $hiRes_image_path = get_download_image_path($data['download_image'], $data['download_image_thumb'], TRUE);
        $lowRes_image_path = get_download_image_path($data['download_image'], $data['download_image_thumb'], FALSE);
        $download_image = "<a href='" . INFUSIONS . "downloads/downloads.php?download_id=" . $data['download_id'] . "'>" . thumbnail($lowRes_image_path, '100px') . "</a>";
    }
    return array('download_anchor' => "<a name='download_" . $data['download_id'] . "' id='download_" . $data['download_id'] . "'></a>", 'download_description_short' => nl2br(parseubb(parsesmileys(html_entity_decode(stripslashes($data['download_description_short']))))), 'download_description' => nl2br(parseubb(parsesmileys(html_entity_decode(stripslashes($data['download_description']))))), 'download_link' => INFUSIONS . "downloads/downloads.php?download_id=" . $data['download_id'], 'download_category_link' => "<a href='" . INFUSIONS . "downloads/downloads.php?cat_id=" . $data['download_cat'] . "'>" . $data['download_cat_name'] . "</a>\n", 'download_readmore_link' => "<a href='" . INFUSIONS . "downloads/downloads.php?download_id=" . $data['download_id'] . "'>" . $locale['download_1006'] . "</a>\n", 'download_title' => stripslashes($data['download_title']), 'download_image' => $download_image, 'download_thumb' => get_download_image_path($data['download_image'], $data['download_image_thumb'], FALSE), "download_count" => format_word($data['download_count'], $locale['fmt_download']), "download_comments" => format_word($data['count_comment'], $locale['fmt_comment']), 'download_sum_rating' => format_word($data['sum_rating'], $locale['fmt_rating']), 'download_count_votes' => format_word($data['count_votes'], $locale['fmt_vote']), 'download_user_avatar' => display_avatar($data, '25px', '', TRUE, 'img-rounded'), 'download_user_link' => profile_link($data['user_id'], $data['user_name'], $data['user_status'], 'strong'), 'download_post_time' => showdate('shortdate', $data['download_datestamp']), 'download_post_time2' => $locale['global_049'] . " " . timer($data['download_datestamp']), 'download_file_link' => file_exists(DOWNLOADS . '/files/' . $data['download_file']) ? INFUSIONS . "downloads/downloads.php?file_id=" . $data['download_id'] : '');
}
Beispiel #25
0
function parse_bbc($message, $smileys = true, $cache_id = '', $parse_tags = array())
{
    global $txt, $scripturl, $context, $modSettings, $user_info, $smcFunc;
    static $bbc_codes = array(), $itemcodes = array(), $no_autolink_tags = array();
    static $disabled;
    // Don't waste cycles
    if ($message === '') {
        return '';
    }
    // Never show smileys for wireless clients.  More bytes, can't see it anyway :P.
    if (WIRELESS) {
        $smileys = false;
    } elseif ($smileys !== null && ($smileys == '1' || $smileys == '0')) {
        $smileys = (bool) $smileys;
    }
    if (empty($modSettings['enableBBC']) && $message !== false) {
        if ($smileys === true) {
            parsesmileys($message);
        }
        return $message;
    }
    // Just in case it wasn't determined yet whether UTF-8 is enabled.
    if (!isset($context['utf8'])) {
        $context['utf8'] = (empty($modSettings['global_character_set']) ? $txt['lang_character_set'] : $modSettings['global_character_set']) === 'UTF-8';
    }
    // If we are not doing every tag then we don't cache this run.
    if (!empty($parse_tags) && !empty($bbc_codes)) {
        $temp_bbc = $bbc_codes;
        $bbc_codes = array();
    }
    // Ohara youtube embed
    $message = OYTE_Preparse($message);
    // Sift out the bbc for a performance improvement.
    if (empty($bbc_codes) || $message === false || !empty($parse_tags)) {
        if (!empty($modSettings['disabledBBC'])) {
            $temp = explode(',', strtolower($modSettings['disabledBBC']));
            foreach ($temp as $tag) {
                $disabled[trim($tag)] = true;
            }
        }
        if (empty($modSettings['enableEmbeddedFlash'])) {
            $disabled['flash'] = true;
        }
        /* The following bbc are formatted as an array, with keys as follows:
        
        			tag: the tag's name - should be lowercase!
        
        			type: one of...
        				- (missing): [tag]parsed content[/tag]
        				- unparsed_equals: [tag=xyz]parsed content[/tag]
        				- parsed_equals: [tag=parsed data]parsed content[/tag]
        				- unparsed_content: [tag]unparsed content[/tag]
        				- closed: [tag], [tag/], [tag /]
        				- unparsed_commas: [tag=1,2,3]parsed content[/tag]
        				- unparsed_commas_content: [tag=1,2,3]unparsed content[/tag]
        				- unparsed_equals_content: [tag=...]unparsed content[/tag]
        
        			parameters: an optional array of parameters, for the form
        			  [tag abc=123]content[/tag].  The array is an associative array
        			  where the keys are the parameter names, and the values are an
        			  array which may contain the following:
        				- match: a regular expression to validate and match the value.
        				- quoted: true if the value should be quoted.
        				- validate: callback to evaluate on the data, which is $data.
        				- value: a string in which to replace $1 with the data.
        				  either it or validate may be used, not both.
        				- optional: true if the parameter is optional.
        
        			test: a regular expression to test immediately after the tag's
        			  '=', ' ' or ']'.  Typically, should have a \] at the end.
        			  Optional.
        
        			content: only available for unparsed_content, closed,
        			  unparsed_commas_content, and unparsed_equals_content.
        			  $1 is replaced with the content of the tag.  Parameters
        			  are replaced in the form {param}.  For unparsed_commas_content,
        			  $2, $3, ..., $n are replaced.
        
        			before: only when content is not used, to go before any
        			  content.  For unparsed_equals, $1 is replaced with the value.
        			  For unparsed_commas, $1, $2, ..., $n are replaced.
        
        			after: similar to before in every way, except that it is used
        			  when the tag is closed.
        
        			disabled_content: used in place of content when the tag is
        			  disabled.  For closed, default is '', otherwise it is '$1' if
        			  block_level is false, '<div>$1</div>' elsewise.
        
        			disabled_before: used in place of before when disabled.  Defaults
        			  to '<div>' if block_level, '' if not.
        
        			disabled_after: used in place of after when disabled.  Defaults
        			  to '</div>' if block_level, '' if not.
        
        			block_level: set to true the tag is a "block level" tag, similar
        			  to HTML.  Block level tags cannot be nested inside tags that are
        			  not block level, and will not be implicitly closed as easily.
        			  One break following a block level tag may also be removed.
        
        			trim: if set, and 'inside' whitespace after the begin tag will be
        			  removed.  If set to 'outside', whitespace after the end tag will
        			  meet the same fate.
        
        			validate: except when type is missing or 'closed', a callback to
        			  validate the data as $data.  Depending on the tag's type, $data
        			  may be a string or an array of strings (corresponding to the
        			  replacement.)
        
        			quoted: when type is 'unparsed_equals' or 'parsed_equals' only,
        			  may be not set, 'optional', or 'required' corresponding to if
        			  the content may be quoted.  This allows the parser to read
        			  [tag="abc]def[esdf]"] properly.
        
        			require_parents: an array of tag names, or not set.  If set, the
        			  enclosing tag *must* be one of the listed tags, or parsing won't
        			  occur.
        
        			require_children: similar to require_parents, if set children
        			  won't be parsed if they are not in the list.
        
        			disallow_children: similar to, but very different from,
        			  require_children, if it is set the listed tags will not be
        			  parsed inside the tag.
        
        			parsed_tags_allowed: an array restricting what BBC can be in the
        			  parsed_equals parameter, if desired.
        		*/
        $codes = array(array('tag' => 'abbr', 'type' => 'unparsed_equals', 'before' => '<abbr title="$1">', 'after' => '</abbr>', 'quoted' => 'optional', 'disabled_after' => ' ($1)'), array('tag' => 'acronym', 'type' => 'unparsed_equals', 'before' => '<acronym title="$1">', 'after' => '</acronym>', 'quoted' => 'optional', 'disabled_after' => ' ($1)'), array('tag' => 'anchor', 'type' => 'unparsed_equals', 'test' => '[#]?([A-Za-z][A-Za-z0-9_\\-]*)\\]', 'before' => '<span id="post_$1">', 'after' => '</span>'), array('tag' => 'b', 'before' => '<strong>', 'after' => '</strong>'), array('tag' => 'bdo', 'type' => 'unparsed_equals', 'before' => '<bdo dir="$1">', 'after' => '</bdo>', 'test' => '(rtl|ltr)\\]', 'block_level' => true), array('tag' => 'black', 'before' => '<span style="color: black;" class="bbc_color">', 'after' => '</span>'), array('tag' => 'blue', 'before' => '<span style="color: blue;" class="bbc_color">', 'after' => '</span>'), array('tag' => 'br', 'type' => 'closed', 'content' => '<br />'), array('tag' => 'center', 'before' => '<div align="center">', 'after' => '</div>', 'block_level' => true), array('tag' => 'code', 'type' => 'unparsed_content', 'content' => '<div class="codeheader">' . $txt['code'] . ': <a href="javascript:void(0);" onclick="return smfSelectText(this);" class="codeoperation">' . $txt['code_select'] . '</a></div>' . ($context['browser']['is_gecko'] || $context['browser']['is_opera'] ? '<pre style="margin: 0; padding: 0;">' : '') . '<code class="bbc_code">$1</code>' . ($context['browser']['is_gecko'] || $context['browser']['is_opera'] ? '</pre>' : ''), 'validate' => isset($disabled['code']) ? null : create_function('&$tag, &$data, $disabled', '
					global $context;

					if (!isset($disabled[\'code\']))
					{
						$php_parts = preg_split(\'~(&lt;\\?php|\\?&gt;)~\', $data, -1, PREG_SPLIT_DELIM_CAPTURE);

						for ($php_i = 0, $php_n = count($php_parts); $php_i < $php_n; $php_i++)
						{
							// Do PHP code coloring?
							if ($php_parts[$php_i] != \'&lt;?php\')
								continue;

							$php_string = \'\';
							while ($php_i + 1 < count($php_parts) && $php_parts[$php_i] != \'?&gt;\')
							{
								$php_string .= $php_parts[$php_i];
								$php_parts[$php_i++] = \'\';
							}
							$php_parts[$php_i] = highlight_php_code($php_string . $php_parts[$php_i]);
						}

						// Fix the PHP code stuff...
						$data = str_replace("<pre style=\\"display: inline;\\">\\t</pre>", "\\t", implode(\'\', $php_parts));

						// Older browsers are annoying, aren\'t they?
						if ($context[\'browser\'][\'is_ie4\'] || $context[\'browser\'][\'is_ie5\'] || $context[\'browser\'][\'is_ie5.5\'])
							$data = str_replace("\\t", "<pre style=\\"display: inline;\\">\\t</pre>", $data);
						else
							$data = str_replace("\\t", "<span style=\\"white-space: pre;\\">\\t</span>", $data);

						// Recent Opera bug requiring temporary fix. &nsbp; is needed before </code> to avoid broken selection.
						if ($context[\'browser\'][\'is_opera\'])
							$data .= \'&nbsp;\';
					}'), 'block_level' => true), array('tag' => 'code', 'type' => 'unparsed_equals_content', 'content' => '<div class="codeheader">' . $txt['code'] . ': ($2) <a href="#" onclick="return smfSelectText(this);" class="codeoperation">' . $txt['code_select'] . '</a></div>' . ($context['browser']['is_gecko'] || $context['browser']['is_opera'] ? '<pre style="margin: 0; padding: 0;">' : '') . '<code class="bbc_code">$1</code>' . ($context['browser']['is_gecko'] || $context['browser']['is_opera'] ? '</pre>' : ''), 'validate' => isset($disabled['code']) ? null : create_function('&$tag, &$data, $disabled', '
					global $context;

					if (!isset($disabled[\'code\']))
					{
						$php_parts = preg_split(\'~(&lt;\\?php|\\?&gt;)~\', $data[0], -1, PREG_SPLIT_DELIM_CAPTURE);

						for ($php_i = 0, $php_n = count($php_parts); $php_i < $php_n; $php_i++)
						{
							// Do PHP code coloring?
							if ($php_parts[$php_i] != \'&lt;?php\')
								continue;

							$php_string = \'\';
							while ($php_i + 1 < count($php_parts) && $php_parts[$php_i] != \'?&gt;\')
							{
								$php_string .= $php_parts[$php_i];
								$php_parts[$php_i++] = \'\';
							}
							$php_parts[$php_i] = highlight_php_code($php_string . $php_parts[$php_i]);
						}

						// Fix the PHP code stuff...
						$data[0] = str_replace("<pre style=\\"display: inline;\\">\\t</pre>", "\\t", implode(\'\', $php_parts));

						// Older browsers are annoying, aren\'t they?
						if ($context[\'browser\'][\'is_ie4\'] || $context[\'browser\'][\'is_ie5\'] || $context[\'browser\'][\'is_ie5.5\'])
							$data[0] = str_replace("\\t", "<pre style=\\"display: inline;\\">\\t</pre>", $data[0]);
						else
							$data[0] = str_replace("\\t", "<span style=\\"white-space: pre;\\">\\t</span>", $data[0]);

						// Recent Opera bug requiring temporary fix. &nsbp; is needed before </code> to avoid broken selection.
						if ($context[\'browser\'][\'is_opera\'])
							$data[0] .= \'&nbsp;\';
					}'), 'block_level' => true), array('tag' => 'color', 'type' => 'unparsed_equals', 'test' => '(#[\\da-fA-F]{3}|#[\\da-fA-F]{6}|[A-Za-z]{1,20}|rgb\\(\\d{1,3}, ?\\d{1,3}, ?\\d{1,3}\\))\\]', 'before' => '<span style="color: $1;" class="bbc_color">', 'after' => '</span>'), array('tag' => 'email', 'type' => 'unparsed_content', 'content' => '<a href="mailto:$1" class="bbc_email">$1</a>', 'validate' => create_function('&$tag, &$data, $disabled', '$data = strtr($data, array(\'<br />\' => \'\'));')), array('tag' => 'email', 'type' => 'unparsed_equals', 'before' => '<a href="mailto:$1" class="bbc_email">', 'after' => '</a>', 'disallow_children' => array('email', 'ftp', 'url', 'iurl'), 'disabled_after' => ' ($1)'), array('tag' => 'flash', 'type' => 'unparsed_commas_content', 'test' => '\\d+,\\d+\\]', 'content' => $context['browser']['is_ie'] && !$context['browser']['is_mac_ie'] ? '<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="$2" height="$3"><param name="movie" value="$1" /><param name="play" value="true" /><param name="loop" value="true" /><param name="quality" value="high" /><param name="AllowScriptAccess" value="never" /><embed src="$1" width="$2" height="$3" play="true" loop="true" quality="high" AllowScriptAccess="never" /><noembed><a href="$1" target="_blank" class="new_win">$1</a></noembed></object>' : '<embed type="application/x-shockwave-flash" src="$1" width="$2" height="$3" play="true" loop="true" quality="high" AllowScriptAccess="never" /><noembed><a href="$1" target="_blank" class="new_win">$1</a></noembed>', 'validate' => create_function('&$tag, &$data, $disabled', '
					if (isset($disabled[\'url\']))
						$tag[\'content\'] = \'$1\';
					elseif (strpos($data[0], \'http://\') !== 0 && strpos($data[0], \'https://\') !== 0)
						$data[0] = \'http://\' . $data[0];
				'), 'disabled_content' => '<a href="$1" target="_blank" class="new_win">$1</a>'), array('tag' => 'font', 'type' => 'unparsed_equals', 'test' => '[A-Za-z0-9_,\\-\\s]+?\\]', 'before' => '<span style="font-family: $1;" class="bbc_font">', 'after' => '</span>'), array('tag' => 'ftp', 'type' => 'unparsed_content', 'content' => '<a href="$1" class="bbc_ftp new_win" target="_blank">$1</a>', 'validate' => create_function('&$tag, &$data, $disabled', '
					$data = strtr($data, array(\'<br />\' => \'\'));
					if (strpos($data, \'ftp://\') !== 0 && strpos($data, \'ftps://\') !== 0)
						$data = \'ftp://\' . $data;
				')), array('tag' => 'ftp', 'type' => 'unparsed_equals', 'before' => '<a href="$1" class="bbc_ftp new_win" target="_blank">', 'after' => '</a>', 'validate' => create_function('&$tag, &$data, $disabled', '
					if (strpos($data, \'ftp://\') !== 0 && strpos($data, \'ftps://\') !== 0)
						$data = \'ftp://\' . $data;
				'), 'disallow_children' => array('email', 'ftp', 'url', 'iurl'), 'disabled_after' => ' ($1)'), array('tag' => 'glow', 'type' => 'unparsed_commas', 'test' => '[#0-9a-zA-Z\\-]{3,12},([012]\\d{1,2}|\\d{1,2})(,[^]]+)?\\]', 'before' => $context['browser']['is_ie'] ? '<table border="0" cellpadding="0" cellspacing="0" style="display: inline; vertical-align: middle; font: inherit;"><tr><td style="filter: Glow(color=$1, strength=$2); font: inherit;">' : '<span style="text-shadow: $1 1px 1px 1px">', 'after' => $context['browser']['is_ie'] ? '</td></tr></table> ' : '</span>'), array('tag' => 'green', 'before' => '<span style="color: green;" class="bbc_color">', 'after' => '</span>'), array('tag' => 'html', 'type' => 'unparsed_content', 'content' => '$1', 'block_level' => true, 'disabled_content' => '$1'), array('tag' => 'hr', 'type' => 'closed', 'content' => '<hr />', 'block_level' => true), array('tag' => 'i', 'before' => '<em>', 'after' => '</em>'), array('tag' => 'img', 'type' => 'unparsed_content', 'parameters' => array('alt' => array('optional' => true), 'width' => array('optional' => true, 'value' => ' width="$1"', 'match' => '(\\d+)'), 'height' => array('optional' => true, 'value' => ' height="$1"', 'match' => '(\\d+)')), 'content' => '<img src="$1" alt="{alt}"{width}{height} class="bbc_img resized" />', 'validate' => create_function('&$tag, &$data, $disabled', '
					$data = strtr($data, array(\'<br />\' => \'\'));
					if (strpos($data, \'http://\') !== 0 && strpos($data, \'https://\') !== 0)
						$data = \'http://\' . $data;
				'), 'disabled_content' => '($1)'), array('tag' => 'img', 'type' => 'unparsed_content', 'content' => '<img src="$1" alt="" class="bbc_img" />', 'validate' => create_function('&$tag, &$data, $disabled', '
					$data = strtr($data, array(\'<br />\' => \'\'));
					if (strpos($data, \'http://\') !== 0 && strpos($data, \'https://\') !== 0)
						$data = \'http://\' . $data;
				'), 'disabled_content' => '($1)'), array('tag' => 'iurl', 'type' => 'unparsed_content', 'content' => '<a href="$1" class="bbc_link">$1</a>', 'validate' => create_function('&$tag, &$data, $disabled', '
					$data = strtr($data, array(\'<br />\' => \'\'));
					if (strpos($data, \'http://\') !== 0 && strpos($data, \'https://\') !== 0)
						$data = \'http://\' . $data;
				')), array('tag' => 'iurl', 'type' => 'unparsed_equals', 'before' => '<a href="$1" class="bbc_link">', 'after' => '</a>', 'validate' => create_function('&$tag, &$data, $disabled', '
					if (substr($data, 0, 1) == \'#\')
						$data = \'#post_\' . substr($data, 1);
					elseif (strpos($data, \'http://\') !== 0 && strpos($data, \'https://\') !== 0)
						$data = \'http://\' . $data;
				'), 'disallow_children' => array('email', 'ftp', 'url', 'iurl'), 'disabled_after' => ' ($1)'), array('tag' => 'left', 'before' => '<div style="text-align: left;">', 'after' => '</div>', 'block_level' => true), array('tag' => 'li', 'before' => '<li>', 'after' => '</li>', 'trim' => 'outside', 'require_parents' => array('list'), 'block_level' => true, 'disabled_before' => '', 'disabled_after' => '<br />'), array('tag' => 'list', 'before' => '<ul class="bbc_list">', 'after' => '</ul>', 'trim' => 'inside', 'require_children' => array('li', 'list'), 'block_level' => true), array('tag' => 'list', 'parameters' => array('type' => array('match' => '(none|disc|circle|square|decimal|decimal-leading-zero|lower-roman|upper-roman|lower-alpha|upper-alpha|lower-greek|lower-latin|upper-latin|hebrew|armenian|georgian|cjk-ideographic|hiragana|katakana|hiragana-iroha|katakana-iroha)')), 'before' => '<ul class="bbc_list" style="list-style-type: {type};">', 'after' => '</ul>', 'trim' => 'inside', 'require_children' => array('li'), 'block_level' => true), array('tag' => 'ltr', 'before' => '<div dir="ltr">', 'after' => '</div>', 'block_level' => true), array('tag' => 'me', 'type' => 'unparsed_equals', 'before' => '<div class="meaction">* $1 ', 'after' => '</div>', 'quoted' => 'optional', 'block_level' => true, 'disabled_before' => '/me ', 'disabled_after' => '<br />'), array('tag' => 'move', 'before' => '<marquee>', 'after' => '</marquee>', 'block_level' => true, 'disallow_children' => array('move')), array('tag' => 'nobbc', 'type' => 'unparsed_content', 'content' => '$1'), array('tag' => 'php', 'type' => 'unparsed_content', 'content' => '<span class="phpcode">$1</span>', 'validate' => isset($disabled['php']) ? null : create_function('&$tag, &$data, $disabled', '
					if (!isset($disabled[\'php\']))
					{
						$add_begin = substr(trim($data), 0, 5) != \'&lt;?\';
						$data = highlight_php_code($add_begin ? \'&lt;?php \' . $data . \'?&gt;\' : $data);
						if ($add_begin)
							$data = preg_replace(array(\'~^(.+?)&lt;\\?.{0,40}?php(?:&nbsp;|\\s)~\', \'~\\?&gt;((?:</(font|span)>)*)$~\'), \'$1\', $data, 2);
					}'), 'block_level' => false, 'disabled_content' => '$1'), array('tag' => 'pre', 'before' => '<pre>', 'after' => '</pre>'), array('tag' => 'quote', 'before' => '<div class="quoteheader"><div class="topslice_quote">' . $txt['quote'] . '</div></div><blockquote>', 'after' => '</blockquote><div class="quotefooter"><div class="botslice_quote"></div></div>', 'block_level' => true), array('tag' => 'quote', 'parameters' => array('author' => array('match' => '(.{1,192}?)', 'quoted' => true)), 'before' => '<div class="quoteheader"><div class="topslice_quote">' . $txt['quote_from'] . ': {author}</div></div><blockquote>', 'after' => '</blockquote><div class="quotefooter"><div class="botslice_quote"></div></div>', 'block_level' => true), array('tag' => 'quote', 'type' => 'parsed_equals', 'before' => '<div class="quoteheader"><div class="topslice_quote">' . $txt['quote_from'] . ': $1</div></div><blockquote>', 'after' => '</blockquote><div class="quotefooter"><div class="botslice_quote"></div></div>', 'quoted' => 'optional', 'parsed_tags_allowed' => array('url', 'iurl', 'ftp'), 'block_level' => true), array('tag' => 'quote', 'parameters' => array('author' => array('match' => '([^<>]{1,192}?)'), 'link' => array('match' => '(?:board=\\d+;)?((?:topic|threadid)=[\\dmsg#\\./]{1,40}(?:;start=[\\dmsg#\\./]{1,40})?|action=profile;u=\\d+)'), 'date' => array('match' => '(\\d+)', 'validate' => 'timeformat')), 'before' => '<div class="quoteheader"><div class="topslice_quote"><a href="' . $scripturl . '?{link}">' . $txt['quote_from'] . ': {author} ' . $txt['search_on'] . ' {date}</a></div></div><blockquote>', 'after' => '</blockquote><div class="quotefooter"><div class="botslice_quote"></div></div>', 'block_level' => true), array('tag' => 'quote', 'parameters' => array('author' => array('match' => '(.{1,192}?)')), 'before' => '<div class="quoteheader"><div class="topslice_quote">' . $txt['quote_from'] . ': {author}</div></div><blockquote>', 'after' => '</blockquote><div class="quotefooter"><div class="botslice_quote"></div></div>', 'block_level' => true), array('tag' => 'red', 'before' => '<span style="color: red;" class="bbc_color">', 'after' => '</span>'), array('tag' => 'right', 'before' => '<div style="text-align: right;">', 'after' => '</div>', 'block_level' => true), array('tag' => 'rtl', 'before' => '<div dir="rtl">', 'after' => '</div>', 'block_level' => true), array('tag' => 's', 'before' => '<del>', 'after' => '</del>'), array('tag' => 'shadow', 'type' => 'unparsed_commas', 'test' => '[#0-9a-zA-Z\\-]{3,12},(left|right|top|bottom|[0123]\\d{0,2})\\]', 'before' => $context['browser']['is_ie'] ? '<span style="display: inline-block; filter: Shadow(color=$1, direction=$2); height: 1.2em;">' : '<span style="text-shadow: $1 $2">', 'after' => '</span>', 'validate' => $context['browser']['is_ie'] ? create_function('&$tag, &$data, $disabled', '
					if ($data[1] == \'left\')
						$data[1] = 270;
					elseif ($data[1] == \'right\')
						$data[1] = 90;
					elseif ($data[1] == \'top\')
						$data[1] = 0;
					elseif ($data[1] == \'bottom\')
						$data[1] = 180;
					else
						$data[1] = (int) $data[1];') : create_function('&$tag, &$data, $disabled', '
					if ($data[1] == \'top\' || (is_numeric($data[1]) && $data[1] < 50))
						$data[1] = \'0 -2px 1px\';
					elseif ($data[1] == \'right\' || (is_numeric($data[1]) && $data[1] < 100))
						$data[1] = \'2px 0 1px\';
					elseif ($data[1] == \'bottom\' || (is_numeric($data[1]) && $data[1] < 190))
						$data[1] = \'0 2px 1px\';
					elseif ($data[1] == \'left\' || (is_numeric($data[1]) && $data[1] < 280))
						$data[1] = \'-2px 0 1px\';
					else
						$data[1] = \'1px 1px 1px\';')), array('tag' => 'size', 'type' => 'unparsed_equals', 'test' => '([1-9][\\d]?p[xt]|small(?:er)?|large[r]?|x[x]?-(?:small|large)|medium|(0\\.[1-9]|[1-9](\\.[\\d][\\d]?)?)?em)\\]', 'before' => '<span style="font-size: $1;" class="bbc_size">', 'after' => '</span>'), array('tag' => 'size', 'type' => 'unparsed_equals', 'test' => '[1-7]\\]', 'before' => '<span style="font-size: $1;" class="bbc_size">', 'after' => '</span>', 'validate' => create_function('&$tag, &$data, $disabled', '
					$sizes = array(1 => 0.7, 2 => 1.0, 3 => 1.35, 4 => 1.45, 5 => 2.0, 6 => 2.65, 7 => 3.95);
					$data = $sizes[$data] . \'em\';')), array('tag' => 'sub', 'before' => '<sub>', 'after' => '</sub>'), array('tag' => 'sup', 'before' => '<sup>', 'after' => '</sup>'), array('tag' => 'table', 'before' => '<table class="bbc_table">', 'after' => '</table>', 'trim' => 'inside', 'require_children' => array('tr'), 'block_level' => true), array('tag' => 'td', 'before' => '<td>', 'after' => '</td>', 'require_parents' => array('tr'), 'trim' => 'outside', 'block_level' => true, 'disabled_before' => '', 'disabled_after' => ''), array('tag' => 'time', 'type' => 'unparsed_content', 'content' => '$1', 'validate' => create_function('&$tag, &$data, $disabled', '
					if (is_numeric($data))
						$data = timeformat($data);
					else
						$tag[\'content\'] = \'[time]$1[/time]\';')), array('tag' => 'tr', 'before' => '<tr>', 'after' => '</tr>', 'require_parents' => array('table'), 'require_children' => array('td'), 'trim' => 'both', 'block_level' => true, 'disabled_before' => '', 'disabled_after' => ''), array('tag' => 'tt', 'before' => '<tt class="bbc_tt">', 'after' => '</tt>'), array('tag' => 'u', 'before' => '<span class="bbc_u">', 'after' => '</span>'), array('tag' => 'url', 'type' => 'unparsed_content', 'content' => '<a href="$1" class="bbc_link" target="_blank">$1</a>', 'validate' => create_function('&$tag, &$data, $disabled', '
					$data = strtr($data, array(\'<br />\' => \'\'));
					if (strpos($data, \'http://\') !== 0 && strpos($data, \'https://\') !== 0)
						$data = \'http://\' . $data;
				')), array('tag' => 'url', 'type' => 'unparsed_equals', 'before' => '<a href="$1" class="bbc_link" target="_blank">', 'after' => '</a>', 'validate' => create_function('&$tag, &$data, $disabled', '
					if (strpos($data, \'http://\') !== 0 && strpos($data, \'https://\') !== 0)
						$data = \'http://\' . $data;
				'), 'disallow_children' => array('email', 'ftp', 'url', 'iurl'), 'disabled_after' => ' ($1)'), array('tag' => 'white', 'before' => '<span style="color: white;" class="bbc_color">', 'after' => '</span>'), array('tag' => 'nsfw', 'before' => '<figure class="nsfw"><figcaption><span><strong>NSFW</strong> content. </span><a>Click to show.</a></figcaption><div class="holder" style="display:none;">', 'after' => '</div></figure>'), array('tag' => 'video', 'type' => 'unparsed_content', 'content' => '<video controls autoplay loop muted style="max-width:100%; height:auto; margin:10px 10px 10px 0;" ><source src="$1" /></video>'));
        // Let mods add new BBC without hassle.
        call_integration_hook('integrate_bbc_codes', array(&$codes));
        // This is mainly for the bbc manager, so it's easy to add tags above.  Custom BBC should be added above this line.
        if ($message === false) {
            if (isset($temp_bbc)) {
                $bbc_codes = $temp_bbc;
            }
            return $codes;
        }
        // So the parser won't skip them.
        $itemcodes = array('*' => 'disc', '@' => 'disc', '+' => 'square', 'x' => 'square', '#' => 'square', 'o' => 'circle', 'O' => 'circle', '0' => 'circle');
        if (!isset($disabled['li']) && !isset($disabled['list'])) {
            foreach ($itemcodes as $c => $dummy) {
                $bbc_codes[$c] = array();
            }
        }
        // Inside these tags autolink is not recommendable.
        $no_autolink_tags = array('url', 'iurl', 'ftp', 'email');
        // Shhhh!
        if (!isset($disabled['color'])) {
            $codes[] = array('tag' => 'chrissy', 'before' => '<span style="color: #cc0099;">', 'after' => ' :-*</span>');
            $codes[] = array('tag' => 'kissy', 'before' => '<span style="color: #cc0099;">', 'after' => ' :-*</span>');
        }
        // BBC [you] tag. ;)
        $codes[] = array('tag' => 'you', 'type' => 'closed', 'content' => !$context['user']['is_guest'] ? $context['user']['name'] : (!empty($txt[28]) ? $txt[28] : $txt['guest']));
        foreach ($codes as $code) {
            // If we are not doing every tag only do ones we are interested in.
            if (empty($parse_tags) || in_array($code['tag'], $parse_tags)) {
                $bbc_codes[substr($code['tag'], 0, 1)][] = $code;
            }
        }
        $codes = null;
    }
    // Shall we take the time to cache this?
    if ($cache_id != '' && !empty($modSettings['cache_enable']) && ($modSettings['cache_enable'] >= 2 && strlen($message) > 1000 || strlen($message) > 2400) && empty($parse_tags)) {
        // It's likely this will change if the message is modified.
        $cache_key = 'parse:' . $cache_id . '-' . md5(md5($message) . '-' . $smileys . (empty($disabled) ? '' : implode(',', array_keys($disabled))) . serialize($context['browser']) . $txt['lang_locale'] . $user_info['time_offset'] . $user_info['time_format']);
        if (($temp = cache_get_data($cache_key, 240)) != null) {
            return $temp;
        }
        $cache_t = microtime();
    }
    if ($smileys === 'print') {
        // [glow], [shadow], and [move] can't really be printed.
        $disabled['glow'] = true;
        $disabled['shadow'] = true;
        $disabled['move'] = true;
        // Colors can't well be displayed... supposed to be black and white.
        $disabled['color'] = true;
        $disabled['black'] = true;
        $disabled['blue'] = true;
        $disabled['white'] = true;
        $disabled['red'] = true;
        $disabled['green'] = true;
        $disabled['me'] = true;
        // Color coding doesn't make sense.
        $disabled['php'] = true;
        // Links are useless on paper... just show the link.
        $disabled['ftp'] = true;
        $disabled['url'] = true;
        $disabled['iurl'] = true;
        $disabled['email'] = true;
        $disabled['flash'] = true;
        // !!! Change maybe?
        if (!isset($_GET['images'])) {
            $disabled['img'] = true;
        }
        // !!! Interface/setting to add more?
    }
    $open_tags = array();
    $message = strtr($message, array("\n" => '<br />'));
    // The non-breaking-space looks a bit different each time.
    $non_breaking_space = $context['utf8'] ? $context['server']['complex_preg_chars'] ? '\\x{A0}' : " " : '\\xA0';
    // This saves time by doing our break long words checks here.
    if (!empty($modSettings['fixLongWords']) && $modSettings['fixLongWords'] > 5) {
        if ($context['browser']['is_gecko'] || $context['browser']['is_konqueror']) {
            $breaker = '<span style="margin: 0 -0.5ex 0 0;"> </span>';
        } elseif ($context['browser']['is_opera']) {
            $breaker = '<span style="margin: 0 -0.65ex 0 -1px;"> </span>';
        } else {
            $breaker = '<span style="width: 0; margin: 0 -0.6ex 0 -1px;"> </span>';
        }
        // PCRE will not be happy if we don't give it a short.
        $modSettings['fixLongWords'] = (int) min(65535, $modSettings['fixLongWords']);
    }
    $pos = -1;
    while ($pos !== false) {
        $last_pos = isset($last_pos) ? max($pos, $last_pos) : $pos;
        $pos = strpos($message, '[', $pos + 1);
        // Failsafe.
        if ($pos === false || $last_pos > $pos) {
            $pos = strlen($message) + 1;
        }
        // Can't have a one letter smiley, URL, or email! (sorry.)
        if ($last_pos < $pos - 1) {
            // Make sure the $last_pos is not negative.
            $last_pos = max($last_pos, 0);
            // Pick a block of data to do some raw fixing on.
            $data = substr($message, $last_pos, $pos - $last_pos);
            // Take care of some HTML!
            if (!empty($modSettings['enablePostHTML']) && strpos($data, '&lt;') !== false) {
                $data = preg_replace('~&lt;a\\s+href=((?:&quot;)?)((?:https?://|ftps?://|mailto:)\\S+?)\\1&gt;~i', '[url=$2]', $data);
                $data = preg_replace('~&lt;/a&gt;~i', '[/url]', $data);
                // <br /> should be empty.
                $empty_tags = array('br', 'hr');
                foreach ($empty_tags as $tag) {
                    $data = str_replace(array('&lt;' . $tag . '&gt;', '&lt;' . $tag . '/&gt;', '&lt;' . $tag . ' /&gt;'), '[' . $tag . ' /]', $data);
                }
                // b, u, i, s, pre... basic tags.
                $closable_tags = array('b', 'u', 'i', 's', 'em', 'ins', 'del', 'pre', 'blockquote');
                foreach ($closable_tags as $tag) {
                    $diff = substr_count($data, '&lt;' . $tag . '&gt;') - substr_count($data, '&lt;/' . $tag . '&gt;');
                    $data = strtr($data, array('&lt;' . $tag . '&gt;' => '<' . $tag . '>', '&lt;/' . $tag . '&gt;' => '</' . $tag . '>'));
                    if ($diff > 0) {
                        $data = substr($data, 0, -1) . str_repeat('</' . $tag . '>', $diff) . substr($data, -1);
                    }
                }
                // Do <img ... /> - with security... action= -> action-.
                preg_match_all('~&lt;img\\s+src=((?:&quot;)?)((?:https?://|ftps?://)\\S+?)\\1(?:\\s+alt=(&quot;.*?&quot;|\\S*?))?(?:\\s?/)?&gt;~i', $data, $matches, PREG_PATTERN_ORDER);
                if (!empty($matches[0])) {
                    $replaces = array();
                    foreach ($matches[2] as $match => $imgtag) {
                        $alt = empty($matches[3][$match]) ? '' : ' alt=' . preg_replace('~^&quot;|&quot;$~', '', $matches[3][$match]);
                        // Remove action= from the URL - no funny business, now.
                        if (preg_match('~action(=|%3d)(?!dlattach)~i', $imgtag) != 0) {
                            $imgtag = preg_replace('~action(?:=|%3d)(?!dlattach)~i', 'action-', $imgtag);
                        }
                        // Check if the image is larger than allowed.
                        if (!empty($modSettings['max_image_width']) && !empty($modSettings['max_image_height'])) {
                            list($width, $height) = url_image_size($imgtag);
                            if (!empty($modSettings['max_image_width']) && $width > $modSettings['max_image_width']) {
                                $height = (int) ($modSettings['max_image_width'] * $height / $width);
                                $width = $modSettings['max_image_width'];
                            }
                            if (!empty($modSettings['max_image_height']) && $height > $modSettings['max_image_height']) {
                                $width = (int) ($modSettings['max_image_height'] * $width / $height);
                                $height = $modSettings['max_image_height'];
                            }
                            // Set the new image tag.
                            $replaces[$matches[0][$match]] = '[img width=' . $width . ' height=' . $height . $alt . ']' . $imgtag . '[/img]';
                        } else {
                            $replaces[$matches[0][$match]] = '[img' . $alt . ']' . $imgtag . '[/img]';
                        }
                    }
                    $data = strtr($data, $replaces);
                }
            }
            if (!empty($modSettings['autoLinkUrls'])) {
                // Are we inside tags that should be auto linked?
                $no_autolink_area = false;
                if (!empty($open_tags)) {
                    foreach ($open_tags as $open_tag) {
                        if (in_array($open_tag['tag'], $no_autolink_tags)) {
                            $no_autolink_area = true;
                        }
                    }
                }
                // Don't go backwards.
                //!!! Don't think is the real solution....
                $lastAutoPos = isset($lastAutoPos) ? $lastAutoPos : 0;
                if ($pos < $lastAutoPos) {
                    $no_autolink_area = true;
                }
                $lastAutoPos = $pos;
                if (!$no_autolink_area) {
                    // Parse any URLs.... have to get rid of the @ problems some things cause... stupid email addresses.
                    if (!isset($disabled['url']) && (strpos($data, '://') !== false || strpos($data, 'www.') !== false) && strpos($data, '[url') === false) {
                        // Switch out quotes really quick because they can cause problems.
                        $data = strtr($data, array('&#039;' => '\'', '&nbsp;' => $context['utf8'] ? " " : " ", '&quot;' => '>">', '"' => '<"<', '&lt;' => '<lt<'));
                        // Only do this if the preg survives.
                        if (is_string($result = preg_replace(array('~(?<=[\\s>\\.(;\'"]|^)((?:http|https)://[\\w\\-_%@:|]+(?:\\.[\\w\\-_%]+)*(?::\\d+)?(?:/[\\w\\-_\\~%\\.@!,\\?&;=#(){}+:\'\\\\]*)*[/\\w\\-_\\~%@\\?;=#}\\\\])~i', '~(?<=[\\s>\\.(;\'"]|^)((?:ftp|ftps)://[\\w\\-_%@:|]+(?:\\.[\\w\\-_%]+)*(?::\\d+)?(?:/[\\w\\-_\\~%\\.@,\\?&;=#(){}+:\'\\\\]*)*[/\\w\\-_\\~%@\\?;=#}\\\\])~i', '~(?<=[\\s>(\'<]|^)(www(?:\\.[\\w\\-_]+)+(?::\\d+)?(?:/[\\w\\-_\\~%\\.@!,\\?&;=#(){}+:\'\\\\]*)*[/\\w\\-_\\~%@\\?;=#}\\\\])~i'), array('[url]$1[/url]', '[ftp]$1[/ftp]', '[url=http://$1]$1[/url]'), $data))) {
                            $data = $result;
                        }
                        $data = strtr($data, array('\'' => '&#039;', $context['utf8'] ? " " : " " => '&nbsp;', '>">' => '&quot;', '<"<' => '"', '<lt<' => '&lt;'));
                    }
                    // Next, emails...
                    if (!isset($disabled['email']) && strpos($data, '@') !== false && strpos($data, '[email') === false) {
                        $data = preg_replace('~(?<=[\\?\\s' . $non_breaking_space . '\\[\\]()*\\\\;>]|^)([\\w\\-\\.]{1,80}@[\\w\\-]+\\.[\\w\\-\\.]+[\\w\\-])(?=[?,\\s' . $non_breaking_space . '\\[\\]()*\\\\]|$|<br />|&nbsp;|&gt;|&lt;|&quot;|&#039;|\\.(?:\\.|;|&nbsp;|\\s|$|<br />))~' . ($context['utf8'] ? 'u' : ''), '[email]$1[/email]', $data);
                        $data = preg_replace('~(?<=<br />)([\\w\\-\\.]{1,80}@[\\w\\-]+\\.[\\w\\-\\.]+[\\w\\-])(?=[?\\.,;\\s' . $non_breaking_space . '\\[\\]()*\\\\]|$|<br />|&nbsp;|&gt;|&lt;|&quot;|&#039;)~' . ($context['utf8'] ? 'u' : ''), '[email]$1[/email]', $data);
                    }
                }
            }
            $data = strtr($data, array("\t" => '&nbsp;&nbsp;&nbsp;'));
            if (!empty($modSettings['fixLongWords']) && $modSettings['fixLongWords'] > 5) {
                // The idea is, find words xx long, and then replace them with xx + space + more.
                if ($smcFunc['strlen']($data) > $modSettings['fixLongWords']) {
                    // This is done in a roundabout way because $breaker has "long words" :P.
                    $data = strtr($data, array($breaker => '< >', '&nbsp;' => $context['utf8'] ? " " : " "));
                    $data = preg_replace_callback('~(?<=[>;:!? ' . $non_breaking_space . '\\]()]|^)([\\w' . ($context['utf8'] ? '\\pL' : '') . '\\.]{' . $modSettings['fixLongWords'] . ',})~' . ($context['utf8'] ? 'u' : ''), 'word_break__preg_callback', $data);
                    $data = strtr($data, array('< >' => $breaker, $context['utf8'] ? " " : " " => '&nbsp;'));
                }
            }
            // If it wasn't changed, no copying or other boring stuff has to happen!
            if ($data != substr($message, $last_pos, $pos - $last_pos)) {
                $message = substr($message, 0, $last_pos) . $data . substr($message, $pos);
                // Since we changed it, look again in case we added or removed a tag.  But we don't want to skip any.
                $old_pos = strlen($data) + $last_pos;
                $pos = strpos($message, '[', $last_pos);
                $pos = $pos === false ? $old_pos : min($pos, $old_pos);
            }
        }
        // Are we there yet?  Are we there yet?
        if ($pos >= strlen($message) - 1) {
            break;
        }
        $tags = strtolower(substr($message, $pos + 1, 1));
        if ($tags == '/' && !empty($open_tags)) {
            $pos2 = strpos($message, ']', $pos + 1);
            if ($pos2 == $pos + 2) {
                continue;
            }
            $look_for = strtolower(substr($message, $pos + 2, $pos2 - $pos - 2));
            $to_close = array();
            $block_level = null;
            do {
                $tag = array_pop($open_tags);
                if (!$tag) {
                    break;
                }
                if (!empty($tag['block_level'])) {
                    // Only find out if we need to.
                    if ($block_level === false) {
                        array_push($open_tags, $tag);
                        break;
                    }
                    // The idea is, if we are LOOKING for a block level tag, we can close them on the way.
                    if (strlen($look_for) > 0 && isset($bbc_codes[$look_for[0]])) {
                        foreach ($bbc_codes[$look_for[0]] as $temp) {
                            if ($temp['tag'] == $look_for) {
                                $block_level = !empty($temp['block_level']);
                                break;
                            }
                        }
                    }
                    if ($block_level !== true) {
                        $block_level = false;
                        array_push($open_tags, $tag);
                        break;
                    }
                }
                $to_close[] = $tag;
            } while ($tag['tag'] != $look_for);
            // Did we just eat through everything and not find it?
            if (empty($open_tags) && (empty($tag) || $tag['tag'] != $look_for)) {
                $open_tags = $to_close;
                continue;
            } elseif (!empty($to_close) && $tag['tag'] != $look_for) {
                if ($block_level === null && isset($look_for[0], $bbc_codes[$look_for[0]])) {
                    foreach ($bbc_codes[$look_for[0]] as $temp) {
                        if ($temp['tag'] == $look_for) {
                            $block_level = !empty($temp['block_level']);
                            break;
                        }
                    }
                }
                // We're not looking for a block level tag (or maybe even a tag that exists...)
                if (!$block_level) {
                    foreach ($to_close as $tag) {
                        array_push($open_tags, $tag);
                    }
                    continue;
                }
            }
            foreach ($to_close as $tag) {
                $message = substr($message, 0, $pos) . "\n" . $tag['after'] . "\n" . substr($message, $pos2 + 1);
                $pos += strlen($tag['after']) + 2;
                $pos2 = $pos - 1;
                // See the comment at the end of the big loop - just eating whitespace ;).
                if (!empty($tag['block_level']) && substr($message, $pos, 6) == '<br />') {
                    $message = substr($message, 0, $pos) . substr($message, $pos + 6);
                }
                if (!empty($tag['trim']) && $tag['trim'] != 'inside' && preg_match('~(<br />|&nbsp;|\\s)*~', substr($message, $pos), $matches) != 0) {
                    $message = substr($message, 0, $pos) . substr($message, $pos + strlen($matches[0]));
                }
            }
            if (!empty($to_close)) {
                $to_close = array();
                $pos--;
            }
            continue;
        }
        // No tags for this character, so just keep going (fastest possible course.)
        if (!isset($bbc_codes[$tags])) {
            continue;
        }
        $inside = empty($open_tags) ? null : $open_tags[count($open_tags) - 1];
        $tag = null;
        foreach ($bbc_codes[$tags] as $possible) {
            // Not a match?
            if (strtolower(substr($message, $pos + 1, strlen($possible['tag']))) != $possible['tag']) {
                continue;
            }
            $next_c = substr($message, $pos + 1 + strlen($possible['tag']), 1);
            // A test validation?
            if (isset($possible['test']) && preg_match('~^' . $possible['test'] . '~', substr($message, $pos + 1 + strlen($possible['tag']) + 1)) == 0) {
                continue;
            } elseif (!empty($possible['parameters'])) {
                if ($next_c != ' ') {
                    continue;
                }
            } elseif (isset($possible['type'])) {
                // Do we need an equal sign?
                if (in_array($possible['type'], array('unparsed_equals', 'unparsed_commas', 'unparsed_commas_content', 'unparsed_equals_content', 'parsed_equals')) && $next_c != '=') {
                    continue;
                }
                // Maybe we just want a /...
                if ($possible['type'] == 'closed' && $next_c != ']' && substr($message, $pos + 1 + strlen($possible['tag']), 2) != '/]' && substr($message, $pos + 1 + strlen($possible['tag']), 3) != ' /]') {
                    continue;
                }
                // An immediate ]?
                if ($possible['type'] == 'unparsed_content' && $next_c != ']') {
                    continue;
                }
            } elseif ($next_c != ']') {
                continue;
            }
            // Check allowed tree?
            if (isset($possible['require_parents']) && ($inside === null || !in_array($inside['tag'], $possible['require_parents']))) {
                continue;
            } elseif (isset($inside['require_children']) && !in_array($possible['tag'], $inside['require_children'])) {
                continue;
            } elseif (isset($inside['disallow_children']) && in_array($possible['tag'], $inside['disallow_children'])) {
                continue;
            }
            $pos1 = $pos + 1 + strlen($possible['tag']) + 1;
            // Quotes can have alternate styling, we do this php-side due to all the permutations of quotes.
            if ($possible['tag'] == 'quote') {
                // Start with standard
                $quote_alt = false;
                foreach ($open_tags as $open_quote) {
                    // Every parent quote this quote has flips the styling
                    if ($open_quote['tag'] == 'quote') {
                        $quote_alt = !$quote_alt;
                    }
                }
                // Add a class to the quote to style alternating blockquotes
                $possible['before'] = strtr($possible['before'], array('<blockquote>' => '<blockquote class="bbc_' . ($quote_alt ? 'alternate' : 'standard') . '_quote">'));
            }
            // This is long, but it makes things much easier and cleaner.
            if (!empty($possible['parameters'])) {
                $preg = array();
                foreach ($possible['parameters'] as $p => $info) {
                    $preg[] = '(\\s+' . $p . '=' . (empty($info['quoted']) ? '' : '&quot;') . (isset($info['match']) ? $info['match'] : '(.+?)') . (empty($info['quoted']) ? '' : '&quot;') . ')' . (empty($info['optional']) ? '' : '?');
                }
                // Okay, this may look ugly and it is, but it's not going to happen much and it is the best way of allowing any order of parameters but still parsing them right.
                $match = false;
                $orders = permute($preg);
                foreach ($orders as $p) {
                    if (preg_match('~^' . implode('', $p) . '\\]~i', substr($message, $pos1 - 1), $matches) != 0) {
                        $match = true;
                        break;
                    }
                }
                // Didn't match our parameter list, try the next possible.
                if (!$match) {
                    continue;
                }
                $params = array();
                for ($i = 1, $n = count($matches); $i < $n; $i += 2) {
                    $key = strtok(ltrim($matches[$i]), '=');
                    if (isset($possible['parameters'][$key]['value'])) {
                        $params['{' . $key . '}'] = strtr($possible['parameters'][$key]['value'], array('$1' => $matches[$i + 1]));
                    } elseif (isset($possible['parameters'][$key]['validate'])) {
                        $params['{' . $key . '}'] = $possible['parameters'][$key]['validate']($matches[$i + 1]);
                    } else {
                        $params['{' . $key . '}'] = $matches[$i + 1];
                    }
                    // Just to make sure: replace any $ or { so they can't interpolate wrongly.
                    $params['{' . $key . '}'] = strtr($params['{' . $key . '}'], array('$' => '&#036;', '{' => '&#123;'));
                }
                foreach ($possible['parameters'] as $p => $info) {
                    if (!isset($params['{' . $p . '}'])) {
                        $params['{' . $p . '}'] = '';
                    }
                }
                $tag = $possible;
                // Put the parameters into the string.
                if (isset($tag['before'])) {
                    $tag['before'] = strtr($tag['before'], $params);
                }
                if (isset($tag['after'])) {
                    $tag['after'] = strtr($tag['after'], $params);
                }
                if (isset($tag['content'])) {
                    $tag['content'] = strtr($tag['content'], $params);
                }
                $pos1 += strlen($matches[0]) - 1;
            } else {
                $tag = $possible;
            }
            break;
        }
        // Item codes are complicated buggers... they are implicit [li]s and can make [list]s!
        if ($smileys !== false && $tag === null && isset($itemcodes[substr($message, $pos + 1, 1)]) && substr($message, $pos + 2, 1) == ']' && !isset($disabled['list']) && !isset($disabled['li'])) {
            if (substr($message, $pos + 1, 1) == '0' && !in_array(substr($message, $pos - 1, 1), array(';', ' ', "\t", '>'))) {
                continue;
            }
            $tag = $itemcodes[substr($message, $pos + 1, 1)];
            // First let's set up the tree: it needs to be in a list, or after an li.
            if ($inside === null || $inside['tag'] != 'list' && $inside['tag'] != 'li') {
                $open_tags[] = array('tag' => 'list', 'after' => '</ul>', 'block_level' => true, 'require_children' => array('li'), 'disallow_children' => isset($inside['disallow_children']) ? $inside['disallow_children'] : null);
                $code = '<ul class="bbc_list">';
            } elseif ($inside['tag'] == 'li') {
                array_pop($open_tags);
                $code = '</li>';
            } else {
                $code = '';
            }
            // Now we open a new tag.
            $open_tags[] = array('tag' => 'li', 'after' => '</li>', 'trim' => 'outside', 'block_level' => true, 'disallow_children' => isset($inside['disallow_children']) ? $inside['disallow_children'] : null);
            // First, open the tag...
            $code .= '<li' . ($tag == '' ? '' : ' type="' . $tag . '"') . '>';
            $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos + 3);
            $pos += strlen($code) - 1 + 2;
            // Next, find the next break (if any.)  If there's more itemcode after it, keep it going - otherwise close!
            $pos2 = strpos($message, '<br />', $pos);
            $pos3 = strpos($message, '[/', $pos);
            if ($pos2 !== false && ($pos2 <= $pos3 || $pos3 === false)) {
                preg_match('~^(<br />|&nbsp;|\\s|\\[)+~', substr($message, $pos2 + 6), $matches);
                $message = substr($message, 0, $pos2) . "\n" . (!empty($matches[0]) && substr($matches[0], -1) == '[' ? '[/li]' : '[/li][/list]') . "\n" . substr($message, $pos2);
                $open_tags[count($open_tags) - 2]['after'] = '</ul>';
            } else {
                // Move the li over, because we're not sure what we'll hit.
                $open_tags[count($open_tags) - 1]['after'] = '';
                $open_tags[count($open_tags) - 2]['after'] = '</li></ul>';
            }
            continue;
        }
        // Implicitly close lists and tables if something other than what's required is in them.  This is needed for itemcode.
        if ($tag === null && $inside !== null && !empty($inside['require_children'])) {
            array_pop($open_tags);
            $message = substr($message, 0, $pos) . "\n" . $inside['after'] . "\n" . substr($message, $pos);
            $pos += strlen($inside['after']) - 1 + 2;
        }
        // No tag?  Keep looking, then.  Silly people using brackets without actual tags.
        if ($tag === null) {
            continue;
        }
        // Propagate the list to the child (so wrapping the disallowed tag won't work either.)
        if (isset($inside['disallow_children'])) {
            $tag['disallow_children'] = isset($tag['disallow_children']) ? array_unique(array_merge($tag['disallow_children'], $inside['disallow_children'])) : $inside['disallow_children'];
        }
        // Is this tag disabled?
        if (isset($disabled[$tag['tag']])) {
            if (!isset($tag['disabled_before']) && !isset($tag['disabled_after']) && !isset($tag['disabled_content'])) {
                $tag['before'] = !empty($tag['block_level']) ? '<div>' : '';
                $tag['after'] = !empty($tag['block_level']) ? '</div>' : '';
                $tag['content'] = isset($tag['type']) && $tag['type'] == 'closed' ? '' : (!empty($tag['block_level']) ? '<div>$1</div>' : '$1');
            } elseif (isset($tag['disabled_before']) || isset($tag['disabled_after'])) {
                $tag['before'] = isset($tag['disabled_before']) ? $tag['disabled_before'] : (!empty($tag['block_level']) ? '<div>' : '');
                $tag['after'] = isset($tag['disabled_after']) ? $tag['disabled_after'] : (!empty($tag['block_level']) ? '</div>' : '');
            } else {
                $tag['content'] = $tag['disabled_content'];
            }
        }
        // The only special case is 'html', which doesn't need to close things.
        if (!empty($tag['block_level']) && $tag['tag'] != 'html' && empty($inside['block_level'])) {
            $n = count($open_tags) - 1;
            while (empty($open_tags[$n]['block_level']) && $n >= 0) {
                $n--;
            }
            // Close all the non block level tags so this tag isn't surrounded by them.
            for ($i = count($open_tags) - 1; $i > $n; $i--) {
                $message = substr($message, 0, $pos) . "\n" . $open_tags[$i]['after'] . "\n" . substr($message, $pos);
                $pos += strlen($open_tags[$i]['after']) + 2;
                $pos1 += strlen($open_tags[$i]['after']) + 2;
                // Trim or eat trailing stuff... see comment at the end of the big loop.
                if (!empty($open_tags[$i]['block_level']) && substr($message, $pos, 6) == '<br />') {
                    $message = substr($message, 0, $pos) . substr($message, $pos + 6);
                }
                if (!empty($open_tags[$i]['trim']) && $tag['trim'] != 'inside' && preg_match('~(<br />|&nbsp;|\\s)*~', substr($message, $pos), $matches) != 0) {
                    $message = substr($message, 0, $pos) . substr($message, $pos + strlen($matches[0]));
                }
                array_pop($open_tags);
            }
        }
        // No type means 'parsed_content'.
        if (!isset($tag['type'])) {
            // !!! Check for end tag first, so people can say "I like that [i] tag"?
            $open_tags[] = $tag;
            $message = substr($message, 0, $pos) . "\n" . $tag['before'] . "\n" . substr($message, $pos1);
            $pos += strlen($tag['before']) - 1 + 2;
        } elseif ($tag['type'] == 'unparsed_content') {
            $pos2 = stripos($message, '[/' . substr($message, $pos + 1, strlen($tag['tag'])) . ']', $pos1);
            if ($pos2 === false) {
                continue;
            }
            $data = substr($message, $pos1, $pos2 - $pos1);
            if (!empty($tag['block_level']) && substr($data, 0, 6) == '<br />') {
                $data = substr($data, 6);
            }
            if (isset($tag['validate'])) {
                $tag['validate']($tag, $data, $disabled);
            }
            $code = strtr($tag['content'], array('$1' => $data));
            $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + 3 + strlen($tag['tag']));
            $pos += strlen($code) - 1 + 2;
            $last_pos = $pos + 1;
        } elseif ($tag['type'] == 'unparsed_equals_content') {
            // The value may be quoted for some tags - check.
            if (isset($tag['quoted'])) {
                $quoted = substr($message, $pos1, 6) == '&quot;';
                if ($tag['quoted'] != 'optional' && !$quoted) {
                    continue;
                }
                if ($quoted) {
                    $pos1 += 6;
                }
            } else {
                $quoted = false;
            }
            $pos2 = strpos($message, $quoted == false ? ']' : '&quot;]', $pos1);
            if ($pos2 === false) {
                continue;
            }
            $pos3 = stripos($message, '[/' . substr($message, $pos + 1, strlen($tag['tag'])) . ']', $pos2);
            if ($pos3 === false) {
                continue;
            }
            $data = array(substr($message, $pos2 + ($quoted == false ? 1 : 7), $pos3 - ($pos2 + ($quoted == false ? 1 : 7))), substr($message, $pos1, $pos2 - $pos1));
            if (!empty($tag['block_level']) && substr($data[0], 0, 6) == '<br />') {
                $data[0] = substr($data[0], 6);
            }
            // Validation for my parking, please!
            if (isset($tag['validate'])) {
                $tag['validate']($tag, $data, $disabled);
            }
            $code = strtr($tag['content'], array('$1' => $data[0], '$2' => $data[1]));
            $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos3 + 3 + strlen($tag['tag']));
            $pos += strlen($code) - 1 + 2;
        } elseif ($tag['type'] == 'closed') {
            $pos2 = strpos($message, ']', $pos);
            $message = substr($message, 0, $pos) . "\n" . $tag['content'] . "\n" . substr($message, $pos2 + 1);
            $pos += strlen($tag['content']) - 1 + 2;
        } elseif ($tag['type'] == 'unparsed_commas_content') {
            $pos2 = strpos($message, ']', $pos1);
            if ($pos2 === false) {
                continue;
            }
            $pos3 = stripos($message, '[/' . substr($message, $pos + 1, strlen($tag['tag'])) . ']', $pos2);
            if ($pos3 === false) {
                continue;
            }
            // We want $1 to be the content, and the rest to be csv.
            $data = explode(',', ',' . substr($message, $pos1, $pos2 - $pos1));
            $data[0] = substr($message, $pos2 + 1, $pos3 - $pos2 - 1);
            if (isset($tag['validate'])) {
                $tag['validate']($tag, $data, $disabled);
            }
            $code = $tag['content'];
            foreach ($data as $k => $d) {
                $code = strtr($code, array('$' . ($k + 1) => trim($d)));
            }
            $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos3 + 3 + strlen($tag['tag']));
            $pos += strlen($code) - 1 + 2;
        } elseif ($tag['type'] == 'unparsed_commas') {
            $pos2 = strpos($message, ']', $pos1);
            if ($pos2 === false) {
                continue;
            }
            $data = explode(',', substr($message, $pos1, $pos2 - $pos1));
            if (isset($tag['validate'])) {
                $tag['validate']($tag, $data, $disabled);
            }
            // Fix after, for disabled code mainly.
            foreach ($data as $k => $d) {
                $tag['after'] = strtr($tag['after'], array('$' . ($k + 1) => trim($d)));
            }
            $open_tags[] = $tag;
            // Replace them out, $1, $2, $3, $4, etc.
            $code = $tag['before'];
            foreach ($data as $k => $d) {
                $code = strtr($code, array('$' . ($k + 1) => trim($d)));
            }
            $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + 1);
            $pos += strlen($code) - 1 + 2;
        } elseif ($tag['type'] == 'unparsed_equals' || $tag['type'] == 'parsed_equals') {
            // The value may be quoted for some tags - check.
            if (isset($tag['quoted'])) {
                $quoted = substr($message, $pos1, 6) == '&quot;';
                if ($tag['quoted'] != 'optional' && !$quoted) {
                    continue;
                }
                if ($quoted) {
                    $pos1 += 6;
                }
            } else {
                $quoted = false;
            }
            $pos2 = strpos($message, $quoted == false ? ']' : '&quot;]', $pos1);
            if ($pos2 === false) {
                continue;
            }
            $data = substr($message, $pos1, $pos2 - $pos1);
            // Validation for my parking, please!
            if (isset($tag['validate'])) {
                $tag['validate']($tag, $data, $disabled);
            }
            // For parsed content, we must recurse to avoid security problems.
            if ($tag['type'] != 'unparsed_equals') {
                $data = parse_bbc($data, !empty($tag['parsed_tags_allowed']) ? false : true, '', !empty($tag['parsed_tags_allowed']) ? $tag['parsed_tags_allowed'] : array());
            }
            $tag['after'] = strtr($tag['after'], array('$1' => $data));
            $open_tags[] = $tag;
            $code = strtr($tag['before'], array('$1' => $data));
            $message = substr($message, 0, $pos) . "\n" . $code . "\n" . substr($message, $pos2 + ($quoted == false ? 1 : 7));
            $pos += strlen($code) - 1 + 2;
        }
        // If this is block level, eat any breaks after it.
        if (!empty($tag['block_level']) && substr($message, $pos + 1, 6) == '<br />') {
            $message = substr($message, 0, $pos + 1) . substr($message, $pos + 7);
        }
        // Are we trimming outside this tag?
        if (!empty($tag['trim']) && $tag['trim'] != 'outside' && preg_match('~(<br />|&nbsp;|\\s)*~', substr($message, $pos + 1), $matches) != 0) {
            $message = substr($message, 0, $pos + 1) . substr($message, $pos + 1 + strlen($matches[0]));
        }
    }
    // Close any remaining tags.
    while ($tag = array_pop($open_tags)) {
        $message .= "\n" . $tag['after'] . "\n";
    }
    // Parse the smileys within the parts where it can be done safely.
    if ($smileys === true) {
        $message_parts = explode("\n", $message);
        for ($i = 0, $n = count($message_parts); $i < $n; $i += 2) {
            parsesmileys($message_parts[$i]);
        }
        $message = implode('', $message_parts);
    } else {
        $message = strtr($message, array("\n" => ''));
    }
    if (substr($message, 0, 1) == ' ') {
        $message = '&nbsp;' . substr($message, 1);
    }
    // Cleanup whitespace.
    $message = strtr($message, array('  ' => ' &nbsp;', "\r" => '', "\n" => '<br />', '<br /> ' => '<br />&nbsp;', '&#13;' => "\n"));
    // Cache the output if it took some time...
    if (isset($cache_key, $cache_t) && array_sum(explode(' ', microtime())) - array_sum(explode(' ', $cache_t)) > 0.05) {
        cache_put_data($cache_key, $message, 240);
    }
    // If this was a force parse revert if needed.
    if (!empty($parse_tags)) {
        if (empty($temp_bbc)) {
            $bbc_codes = array();
        } else {
            $bbc_codes = $temp_bbc;
            unset($temp_bbc);
        }
    }
    return $message;
}
Beispiel #26
0
            $i = 0;
            $result = dbquery("SELECT s.shout_id, s.shout_name, s.shout_message, s.shout_datestamp, s.shout_ip, u.user_id, u.user_name, u.user_avatar, u.user_status\r\n\t\t\t\tFROM " . DB_SHOUTBOX . " s\r\n\t\t\t\tLEFT JOIN " . DB_USERS . " u ON s.shout_name=u.user_id\r\n\t\t\t\tORDER BY shout_datestamp DESC LIMIT " . $_GET['rowstart'] . ",20");
            echo "<div class='list-group'>\n";
            while ($data = dbarray($result)) {
                echo "<div class='list-group-item' style='min-height:100px;'>\n";
                echo "<div class='pull-left m-r-10'>" . display_avatar($data, '80px') . "</div>\n";
                echo "<div class='comment-name'>";
                echo $data['user_name'] ? "<span class='slink'>" . profile_link($data['user_id'], $data['user_name'], $data['user_status']) . "</span>" : $data['shout_name'];
                echo "</span>\n";
                echo "<span class='small'>" . $locale['SB_on_date'] . showdate("longdate", $data['shout_datestamp']) . "</div>\n";
                echo "<div class='m-t-5'><small>\n";
                echo "<a href='" . FUSION_SELF . $aidlink . "&amp;action=edit&amp;shout_id=" . $data['shout_id'] . "'>" . $locale['SB_edit'] . "</a> -\n";
                echo "<a href='" . FUSION_SELF . $aidlink . "&amp;action=delete&amp;shout_id=" . $data['shout_id'] . "' onclick=\"return confirm('" . $locale['SB_warning_shout'] . "');\">" . $locale['SB_delete'] . "</a> -\n";
                echo "<strong>" . $locale['SB_userip'] . $data['shout_ip'] . "</strong>\n";
                echo "</small>\n</div>\n";
                echo str_replace("<br />", "", parseubb(parsesmileys($data['shout_message']), "b|i|u|url|color")) . "<br />\n";
                echo "</div>\n";
            }
            echo "</div>\n";
            echo "<div align='center' style='margin-top:5px;'>\n" . makePageNav($_GET['rowstart'], 20, $rows, 3, FUSION_SELF . $aidlink . "&amp;") . "\n</div>\n";
        } else {
            echo "<div style='text-align:center'><br />\n" . $locale['SB_no_msgs'] . "<br /><br />\n</div>\n";
        }
        closetable();
    }
} else {
    require_once INCLUDES . "infusions_include.php";
    if (isset($_POST['sb_settings'])) {
        if (isset($_POST['visible_shouts']) && isnum($_POST['visible_shouts'])) {
            $setting = set_setting("visible_shouts", $_POST['visible_shouts'], "shoutbox_panel");
        }
Beispiel #27
0
    echo "<br /><input type='submit' name='post_archive_shout' value='" . $locale['SB_shout'] . "' class='button' />\n";
    echo "</div>\n</form>\n<br />\n";
} else {
    echo "<div style='text-align:center'>" . $locale['SB_login_req'] . "</div>\n";
}
$rows = dbcount("(shout_id)", DB_SHOUTBOX, "shout_hidden='0'");
if (!isset($_GET['rowstart']) || !isnum($_GET['rowstart'])) {
    $_GET['rowstart'] = 0;
}
if ($rows != 0) {
    $result = dbquery("SELECT s.shout_id, s.shout_name, s.shout_message, s.shout_datestamp, u.user_id, u.user_name, u.user_status\r\n\t\tFROM " . DB_SHOUTBOX . " s\r\n\t\tLEFT JOIN " . DB_USERS . " u ON s.shout_name=u.user_id\r\n\t\t" . (multilang_table("SB") ? "WHERE shout_language='" . LANGUAGE . "' AND" : "WHERE") . " s.shout_hidden='0'\r\n\t\tORDER BY s.shout_datestamp DESC LIMIT " . $_GET['rowstart'] . ",20");
    while ($data = dbarray($result)) {
        echo "<div class='tbl2'>\n";
        if (iADMIN && checkrights("S") || iMEMBER && $data['shout_name'] == $userdata['user_id'] && isset($data['user_name'])) {
            echo "<div style='float:right'>\n<a href='" . FUSION_SELF . "?action=edit&amp;shout_id=" . $data['shout_id'] . "'>" . $locale['SB_edit'] . "</a> |\n";
            echo "<a href='" . FUSION_SELF . "?action=delete&amp;shout_id=" . $data['shout_id'] . "'>" . $locale['SB_delete'] . "</a>\n</div>\n";
        }
        if ($data['user_name']) {
            echo "<span class='comment-name'><span class='slink'>" . profile_link($data['user_id'], $data['user_name'], $data['user_status']) . "</span>\n</span>\n";
        } else {
            echo "<span class='comment-name'>" . $data['shout_name'] . "</span>\n";
        }
        echo "<span class='small'>" . showdate("longdate", $data['shout_datestamp']) . "</span>";
        echo "</div>\n<div class='tbl1'>\n" . sbawrap(parseubb(parsesmileys($data['shout_message']), "b|i|u|url|color")) . "</div>\n";
    }
} else {
    echo "<div style='text-align:center'><br />\n" . $locale['SB_no_msgs'] . "<br /><br />\n</div>\n";
}
closetable();
echo "<div align='center' style='margin-top:5px;'>\n" . makepagenav($_GET['rowstart'], 20, $rows, 3, FUSION_SELF . "?") . "\n</div>\n";
require_once THEMES . "templates/footer.php";
Beispiel #28
0
function showcomments($ctype, $cdb, $ccol, $cid, $clink)
{
    global $settings, $locale, $userdata, $aidlink;
    $link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
    $link = preg_replace("^(&amp;|\\?)c_action=(edit|delete)&amp;comment_id=\\d*^", "", $link);
    $cpp = $settings['comments_per_page'];
    if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
        if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
            $result = dbquery("DELETE FROM " . DB_COMMENTS . "\r\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\r\n\t\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
        }
        redirect($clink . ($settings['comments_sorting'] == "ASC" ? "" : "&amp;c_start=0"));
    }
    if ($settings['comments_enabled'] == "1") {
        if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
            if (iMEMBER) {
                $comment_name = $userdata['user_id'];
            } elseif ($settings['guestposts'] == "1") {
                if (!isset($_POST['comment_name'])) {
                    redirect($link);
                }
                $comment_name = trim(stripinput($_POST['comment_name']));
                $comment_name = preg_replace("(^[+0-9\\s]*)", "", $comment_name);
                if (isnum($comment_name)) {
                    $comment_name = "";
                }
                $_CAPTCHA_IS_VALID = FALSE;
                include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
                if (!isset($_POST['captcha_code']) || $_CAPTCHA_IS_VALID == FALSE) {
                    redirect($link);
                }
            }
            $comment_message = trim(stripinput(censorwords($_POST['comment_message'])));
            if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
                $comment_updated = FALSE;
                if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $cid . "'\r\n\t\t\t\t\t\tAND comment_type='" . $ctype . "' AND comment_name='" . $userdata['user_id'] . "'\r\n\t\t\t\t\t\tAND comment_hidden='0'")) {
                    if ($comment_message) {
                        $result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='" . $comment_message . "'\r\n\t\t\t\t\t\t\t\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\r\n\t\t\t\t\t\t\t\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
                        $comment_updated = TRUE;
                    }
                }
                if ($comment_updated) {
                    if ($settings['comments_sorting'] == "ASC") {
                        $c_operator = "<=";
                    } else {
                        $c_operator = ">=";
                    }
                    $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $_GET['comment_id'] . "'\r\n\t\t\t\t\t\t\t\tAND comment_item_id='" . $cid . "'\r\n\t\t\t\t\t\t\t\tAND comment_type='" . $ctype . "'");
                    $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                }
                redirect($clink . "&amp;c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
            } else {
                if (!dbcount("(" . $ccol . ")", $cdb, $ccol . "='" . $cid . "'")) {
                    redirect(BASEDIR . "index.php");
                }
                if ($comment_name && $comment_message) {
                    require_once INCLUDES . "flood_include.php";
                    if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
                        $result = dbquery("INSERT INTO " . DB_COMMENTS . " (\r\n\t\t\t\t\t\t\t\tcomment_item_id, comment_type, comment_name, comment_message, comment_datestamp,\r\n\t\t\t\t\t\t\t\tcomment_ip, comment_ip_type, comment_hidden\r\n\t\t\t\t\t\t\t) VALUES (\r\n\t\t\t\t\t\t\t\t'" . $cid . "', '" . $ctype . "', '" . $comment_name . "', '" . $comment_message . "', '" . time() . "',\r\n\t\t\t\t\t\t\t\t'" . USER_IP . "', '" . USER_IP_TYPE . "', '0'\r\n\t\t\t\t\t\t\t)");
                    }
                }
                if ($settings['comments_sorting'] == "ASC") {
                    $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $cid . "'\r\n\t\t\t\t\t\t\t\t\t\tAND comment_type='" . $ctype . "'");
                    $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                } else {
                    $c_start = 0;
                }
                redirect($clink . "&amp;c_start=" . $c_start);
            }
        }
        $c_arr = array("c_con" => array(), "c_info" => array("c_makepagenav" => FALSE, "admin_link" => FALSE));
        $c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $cid . "'\r\n\t\t\t\t\t\t\tAND comment_type='" . $ctype . "' AND comment_hidden='0'");
        if (!isset($_GET['c_start']) && $c_rows > $cpp) {
            $_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
        }
        if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
            $_GET['c_start'] = 0;
        }
        $result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcm.comment_datestamp,\r\n\t\t\t\t\ttcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\r\n\t\t\tFROM " . DB_COMMENTS . " tcm\r\n\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\r\n\t\t\tWHERE comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "' AND comment_hidden='0'\r\n\t\t\tORDER BY comment_datestamp " . $settings['comments_sorting'] . " LIMIT " . $_GET['c_start'] . "," . $cpp);
        if (dbrows($result)) {
            $i = $settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
            if ($c_rows > $cpp) {
                $c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&amp;", "c_start");
            }
            while ($data = dbarray($result)) {
                $c_arr['c_con'][$i]['comment_id'] = $data['comment_id'];
                $c_arr['c_con'][$i]['edit_dell'] = FALSE;
                $c_arr['c_con'][$i]['i'] = $i;
                if ($data['user_name']) {
                    $c_arr['c_con'][$i]['comment_name'] = profile_link($data['comment_name'], $data['user_name'], $data['user_status']);
                } else {
                    $c_arr['c_con'][$i]['comment_name'] = $data['comment_name'];
                }
                //Add user avatar in comments new feature in v7.02.04
                $c_arr['c_con'][$i]['user_avatar'] = display_avatar($data, '80px');
                $c_arr['c_con'][$i]['comment_datestamp'] = $locale['global_071'] . showdate("longdate", $data['comment_datestamp']);
                $c_arr['c_con'][$i]['comment_message'] = "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($data['comment_message'])));
                if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
                    $c_arr['c_con'][$i]['edit_dell'] = "<!--comment_actions-->\n";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<a href='" . FUSION_REQUEST . "&amp;c_action=edit&amp;comment_id=" . $data['comment_id'] . "#edit_comment'>";
                    $c_arr['c_con'][$i]['edit_dell'] .= $locale['c108'] . "</a> |\n";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<a href='" . FUSION_REQUEST . "&amp;c_action=delete&amp;comment_id=" . $data['comment_id'] . "' onclick=\"return confirm('" . $locale['c110'] . "');\">";
                    $c_arr['c_con'][$i]['edit_dell'] .= $locale['c109'] . "</a>";
                }
                $settings['comments_sorting'] == "ASC" ? $i++ : $i--;
            }
            if (iADMIN && checkrights("C")) {
                $c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n";
                $c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&amp;ctype=" . $ctype . "&amp;cid=" . $cid . "'>" . $locale['c106'] . "</a>";
            }
        }
        // Render comments
        echo "<a id='comments' name='comments'></a>";
        render_comments($c_arr['c_con'], $c_arr['c_info']);
        // Add / edit comment
        opentable($locale['c102']);
        if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
            $eresult = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcu.user_name\r\n\t\t\t\tFROM " . DB_COMMENTS . " tcm\r\n\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\r\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $cid . "'\r\n\t\t\t\t\tAND comment_type='" . $ctype . "' AND comment_hidden='0'");
            if (dbrows($eresult)) {
                $edata = dbarray($eresult);
                if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
                    $clink .= "&amp;c_action=edit&amp;comment_id=" . $edata['comment_id'];
                    $comment_message = $edata['comment_message'];
                }
            } else {
                $comment_message = "";
            }
        } else {
            $comment_message = "";
        }
        if (iMEMBER || $settings['guestposts'] == "1") {
            require_once INCLUDES . "bbcode_include.php";
            echo "<a id='edit_comment' name='edit_comment'></a>\n";
            echo openform('inputform', 'inputform', 'post', $clink);
            if (iGUEST) {
                echo "<div align='center' class='tbl'>\n" . $locale['c104'] . "<br />\n";
                echo "<input type='text' name='comment_name' maxlength='30' class='textbox' style='width:360px' />\n";
                echo "</div>\n";
            }
            echo "<div class='row'>\n";
            echo "<div class='col-xs-12 col-sm-12 col-md-12 col-lg-12'>\n";
            echo form_textarea('', 'comment_message', 'comment_message', $comment_message, array('required' => 1));
            echo display_bbcodes("360px", "comment_message");
            if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) {
                $_CAPTCHA_HIDE_INPUT = FALSE;
                echo "<div style='width:360px; margin:10px auto;'>";
                echo $locale['global_150'] . "<br />\n";
                include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_display.php";
                if (!$_CAPTCHA_HIDE_INPUT) {
                    echo "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>";
                    echo "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n";
                }
                echo "</div>\n";
            }
            echo form_button($comment_message ? $locale['c103'] : $locale['c102'], 'post_comment', 'post_comment', $comment_message ? $locale['c103'] : $locale['c102'], array('class' => 'btn btn-primary m-t-10'));
            echo "</div>\n</div>\n";
            echo closeform();
        } else {
            echo $locale['c105'] . "\n";
        }
        closetable();
    }
}
Beispiel #29
0
             $a_files .= "<a href='" . FUSION_SELF . "?thread_id=" . $_GET['thread_id'] . "&amp;getfile=" . $a_data['attach_id'] . "'>" . $a_data['attach_name'] . "</a> [<span class='small'>" . parsebytesize(filesize(FORUM . "attachments/" . $a_data['attach_name'])) . " / " . $count . "</span>]\n";
             $i_files++;
         }
     }
     if ($a_files) {
         echo "<br /><br /><fieldset style='border:1px solid #ccc;width:320px;'>\n\t\t\t\t<legend>" . $locale['fb568'] . "</legend>\n\t\t\t\t<div style='padding:3px;width:320px;'>{$a_files}</div>\n\t\t\t</fieldset><br />\n";
     }
     if ($a_images) {
         if (!$a_files) {
             echo "<br /><br />\n";
         }
         echo "<fieldset style='border:1px solid #ccc;width:320px;'>\n\t\t\t\t<legend>" . $locale['fb567'] . "</legend>\n\t\t\t\t<div style='padding:3px;width:320px;'>{$a_images}</div>\n\t\t\t</fieldset><br />\n";
     }
 }
 if ($data['post_showsig'] && array_key_exists("user_sig", $data) && $data['user_sig']) {
     echo "\n<div class='tbl-border' style='height:2px;overflow:hidden; margin-top:5px; margin-bottom:5px;width:320px;'>&nbsp;</div>" . nl2br(parseubb(parsesmileys($data['user_sig']), "b|i|u||center|small|url|mail|img|color"));
 }
 if ((dbrows(dbquery("select * from " . DB_PREFIX . "fb_rate where rate_post='" . $data['post_id'] . "'")) || iMEMBER && $userdata['user_id'] !== $data['user_id']) && $fb4['show_ratings']) {
     echo "<br /><br />\n";
 }
 echo "<!--sub_forum_post--></td>\n</tr>\n";
 echo "<tr>\n<td class='tbl2' style='white-space:nowrap;font-size:9px;padding:8px;whitespace:no-wrap;'>";
 postRatings($data['post_id']);
 echo "</td>\n<td class='tbl2' align='right' style='width:1%;height:1px;padding:8px;' nowrap='nowrap'>";
 if (iMEMBER) {
     showRatings($data['post_id'], $userdata['user_id'], $data['post_author'], false);
 }
 if (iMEMBER && ($can_post || $can_reply) && !$fb4['buttons']) {
     if ($userdata['user_id'] !== $data['user_id']) {
         echo ":: ";
     }
Beispiel #30
0
 add_to_head("<script type='text/javascript'>\n\n\t/* <![CDATA[ */\n\n\tjQuery(document).ready(function(){\n\t\tjQuery('a.tozoom').colorbox();\n\t});\n\n\t/* ]]>*/\n\n\t</script>\n");
 $result = dbquery("SELECT td.*,\n\t\t\t\ttc.download_cat_id, tc.download_cat_access, tc.download_cat_name,\n\t\t\t\ttu.user_id, tu.user_name, tu.user_status\n\t\t\tFROM " . DB_DOWNLOADS . " td\n\t\t\tLEFT JOIN " . DB_DOWNLOAD_CATS . " tc ON td.download_cat=tc.download_cat_id\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON td.download_user=tu.user_id\n\t\t\tWHERE download_id='" . $_GET['download_id'] . "'");
 if (dbrows($result)) {
     $data = dbarray($result);
     if (!checkgroup($data['download_cat_access'])) {
         redirect(FUSION_SELF);
     }
     opentable($locale['400'] . ": " . $data['download_title']);
     echo "<!--pre_download_details-->\n";
     echo "<div class='tbl-border' style='margin-bottom:10px; padding:3px;'>\n";
     echo "<div class='forum-caption' style='text-align:left;'>\n";
     echo "<a href='" . FUSION_SELF . "'>" . $locale['417'] . "</a> &gt; <a href='" . FUSION_SELF . "?cat_id=" . $data['download_cat'] . "'>" . $data['download_cat_name'] . "</a> &gt; <strong>" . $data['download_title'] . "</strong>";
     echo "</div>\n</div>\n";
     echo "<table width='100%' cellpadding='0' cellspacing='1' class='tbl-border center'>\n";
     echo "<tr>\n<td class='tbl1' colspan='2'><h2>" . $data['download_title'] . " " . $data['download_version'] . "</h2><hr /></td></tr>\n";
     echo "<tr>\n<td class='tbl1' style='vertical-align:top;'>" . ($data['download_description'] != "" ? nl2br(parseubb(parsesmileys($data['download_description']))) : nl2br(stripslashes($data['download_description_short']))) . "</td>";
     echo "<td class='tbl1' style='width:20%;text-align:center;vertical-align:top;'>";
     echo "<table width='100%' cellpadding='0' cellspacing='1' class='tbl-border center'>\n";
     if ($data['download_homepage'] != "") {
         if (!strstr($data['download_homepage'], "http://") && !strstr($data['download_homepage'], "https://")) {
             $urlprefix = "http://";
         } else {
             $urlprefix = "";
         }
         echo "<tr><td class='tbl2' style='text-align:center;'>";
         echo "<img src='" . get_image("homepage") . "' alt='" . $locale['418'] . "' /><br />";
         echo "<a href='" . $urlprefix . $data['download_homepage'] . "' title='" . $urlprefix . $data['download_homepage'] . "' target='_blank'>" . $locale['418'] . "</a>";
         echo "</td>\n</tr>\n";
     }
     if ($settings['download_screenshot'] && $data['download_image'] != "") {
         echo "<tr>\n";