function preparse_bbcode($text, &$errors, $is_signature = false)
{
global $lang_prof_reg;
// Change all simple BBCodes to lower case
// MODERN BBCODE BEGIN
$text = str_replace(array('[B]', '[I]', '[U]', '[/B]', '[/I]', '[/U]', '[S]', '[/S]'), array('[b]', '[i]', '[u]', '[/b]', '[/i]', '[/u]', '[s]', '[/s]'), $text);
// MODERN BBCODE END
// Do the more complex BBCodes (also strip excessive whitespace and useless quotes)
$a = array('#\\[url=("|\'|)(.*?)$1\\]\\s*#i', '#\\[url\\]\\s*#i', '#\\s*\\[/url\\]#i', '#\\[search=("|\'|)(.*?)$1\\]\\s*#i', '#\\[search\\]\\s*#i', '#\\s*\\[/search\\]#i', '#\\[email=("|\'|)(.*?)$1\\]\\s*#i', '#\\[email\\]\\s*#i', '#\\s*\\[/email\\]#i', '#\\[img\\]\\s*(.*?)\\s*\\[/img\\]#is', '#\\[color=("|\'|)(.*?)$1\\](.*?)\\[/color\\]#is', '#\\[font=("|\'|)(.*?)$1\\](.*?)\\[/font\\]#is');
$b = array('[url=$2]', '[url]', '[/url]', '[search=$2]', '[search]', '[/search]', '[email=$2]', '[email]', '[/email]', '[img]$1[/img]', '[color=$2]$3[/color]', '[font=$2]$3[/font]');
if (!$is_signature) {
// For non-signatures, we have to do the quote and code tags as well
$a[] = '#\\[quote=("|"|\'|)(.*?)$1\\]\\s*#i';
$a[] = '#\\[quote\\]\\s*#i';
$a[] = '#\\s*\\[/quote\\]\\s*#i';
$a[] = '#\\[code\\][\\r\\n]*(.*?)\\s*\\[/code\\]\\s*#is';
$a[] = '#\\[hide=("|"|\'|)(.*?)$1\\]\\s*#i';
$a[] = '#\\[hide\\]\\s*#i';
$a[] = '#\\s*\\[/hide\\]\\s*#i';
$b[] = '[quote=$1$2$1]';
$b[] = '[quote]';
$b[] = '[/quote]' . "\n";
$b[] = '[code]$1[/code]' . "\n";
$b[] = '[hide=$1$2$1]';
$b[] = '[hide]';
$b[] = '[/hide]' . "\n";
}
// Run this baby!
$text = preg_replace($a, $b, $text);
if (!$is_signature) {
$error = '';
$overflow = check_tag_order($text, $error);
if ($error) {
// A BBCode error was spotted in check_tag_order()
$errors[] = $error;
} else {
if ($overflow) {
// The quote depth level was too high, so we strip out the inner most quote(s)
$text = substr($text, 0, $overflow[0]) . substr($text, $overflow[1], strlen($text) - $overflow[0]);
}
}
} else {
if (preg_match('#\\[quote=("|"|\'|)(.*)\\1\\]|\\[quote\\]|\\[/quote\\]|\\[code\\]|\\[/code\\]|\\[hide=("|"|\'|)(.*)\\1\\]|\\[hide\\]|\\[/hide\\]#i', $text)) {
if (basename(dirname($_SERVER['PHP_SELF'])) == 'wap') {
wap_message($lang_prof_reg['Signature quote/code']);
} else {
message($lang_prof_reg['Signature quote/code']);
}
}
}
return trim($text);
}
//+ REAL MARK TOPIC AS READ MOD
if (!$pun_user['is_guest']) {
$result = $db->query('DELETE ' . 'FROM `' . $db->prefix . 'log_topics` ' . 'WHERE `log_time` < ' . ($_SERVER['REQUEST_TIME'] - $pun_user['mark_after']) . ' ' . 'AND `user_id`=' . $pun_user['id']) or error('Unable to delete marked as read topic info', __FILE__, __LINE__, $db->error());
}
//- REAL MARK TOPIC AS READ MOD
if (!$pun_user['g_read_board']) {
wap_message($lang_common['No view']);
}
$id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
if (1 > $id) {
wap_message($lang_common['Bad request']);
}
// Fetch some info about the forum
$result = $db->query('SELECT `f`.`forum_name`, ' . '`f`.`redirect_url`, ' . '`f`.`moderators`, ' . '`f`.`num_topics`, ' . '`f`.`sort_by`, ' . '`fp`.`post_topics`, ' . '`lf`.`log_time`, ' . '`f`.`id` AS `forum_id` ' . 'FROM `' . $db->prefix . 'forums` AS `f` ' . 'LEFT JOIN `' . $db->prefix . 'forum_perms` AS `fp` ' . 'ON (`fp`.`forum_id`=`f`.`id` AND `fp`.`group_id`=' . $pun_user['g_id'] . ') ' . 'LEFT JOIN `' . $db->prefix . 'log_forums` AS `lf` ' . 'ON (`lf`.`user_id`=' . $pun_user['id'] . ' AND `lf`.`forum_id`=`f`.`id`) ' . 'WHERE (`fp`.`read_forum` IS NULL OR `fp`.`read_forum`=1) ' . 'AND `f`.`id`=' . $id) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result)) {
wap_message($lang_common['Bad request']);
}
$cur_forum = $db->fetch_assoc($result);
//+ REAL MARK TOPIC AS READ MOD
if (!($pun_user['is_guest'] || $cur_forum['log_time'])) {
$result = $db->query('INSERT INTO `' . $db->prefix . 'log_forums` ' . '(`user_id`, `forum_id`, `log_time`) ' . 'VALUES (' . $pun_user['id'] . ', ' . $cur_forum['forum_id'] . ', ' . $_SERVER['REQUEST_TIME'] . ')') or error('Unable to insert reading_mark info', __FILE__, __LINE__, $db->error());
} else {
$result = $db->query('UPDATE `' . $db->prefix . 'log_forums` ' . 'SET `log_time`=' . $_SERVER['REQUEST_TIME'] . ' ' . 'WHERE `forum_id`=' . $cur_forum['forum_id'] . ' ' . 'AND `user_id`=' . $pun_user['id']) or error('Unable to update reading_mark info', __FILE__, __LINE__, $db->error());
}
//- REAL MARK TOPIC AS READ MOD
// Is this a redirect forum? In that case, redirect!
if ($cur_forum['redirect_url']) {
wap_redirect($cur_forum['redirect_url']);
}
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = array();
}
if (isset($_GET['reply']) || isset($_GET['quote'])) {
$r = @intval(@$_GET['reply']);
$q = @intval(@$_GET['quote']);
// Get message info
empty($r) ? $id = $q : ($id = $r);
$result = $db->query('SELECT * FROM ' . $db->prefix . 'messages WHERE id=' . $id . ' AND owner=' . $pun_user['id']) or error('Unable to fetch message info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result)) {
wap_message($lang_common['Bad request']);
}
$message = $db->fetch_assoc($result);
// Quote the message
if (isset($_GET['quote'])) {
$quote = '[quote=' . $message['sender'] . ']' . $message['message'] . '[/quote]';
}
// Add subject
$subject = 'RE:' == substr($message['subject'], 0, 3) ? $message['subject'] : 'RE: ' . $message['subject'];
}
if ($pun_user['messages_enable'] != 1) {
wap_message($lang_pms['PM disabled'] . ' <a href="message_list.php?&box=2">' . $lang_pms['Options PM'] . '</a>');
}
require_once PUN_ROOT . 'wap/header.php';
$page_title = $pun_config['o_board_title'] . ' / ' . $lang_pms['Send a message'];
$smarty->assign('page_title', $page_title);
$smarty->assign('username', @$username);
$smarty->assign('subject', @$subject);
$smarty->assign('quote', @$quote);
$smarty->assign('lang_pms', $lang_pms);
$smarty->assign('lang_post', $lang_post);
$smarty->display('message_send.tpl');
}
<?php
define('PUN_ROOT', '../');
require_once PUN_ROOT . 'include/common.php';
if (!$pun_user['g_read_board']) {
wap_message($lang_common['No view']);
}
// Load the userlist.php language file
require_once PUN_ROOT . 'lang/' . $pun_user['language'] . '/userlist.php';
// Load the search.php language file
require_once PUN_ROOT . 'lang/' . $pun_user['language'] . '/search.php';
// Determine if we are allowed to view post counts
$show_post_count = $pun_config['o_show_post_count'] == 1 || $pun_user['g_id'] < PUN_GUEST ? true : false;
$username = isset($_GET['username']) && $pun_user['g_search_users'] == 1 ? pun_trim($_GET['username']) : '';
$show_group = !isset($_GET['show_group']) || intval($_GET['show_group']) < -1 && intval($_GET['show_group']) > 2 ? -1 : intval($_GET['show_group']);
$sort_by = !isset($_GET['sort_by']) || $_GET['sort_by'] != 'username' && $_GET['sort_by'] != 'registered' && ($_GET['sort_by'] != 'num_posts' || !$show_post_count) ? 'username' : $_GET['sort_by'];
$sort_dir = !isset($_GET['sort_dir']) || $_GET['sort_dir'] != 'ASC' && $_GET['sort_dir'] != 'DESC' ? 'ASC' : mb_strtoupper($_GET['sort_dir']);
$page_title = $pun_config['o_board_title'] . ' / ' . $lang_common['User list'];
if ($pun_user['g_search_users'] == 1) {
$focus_element = array('userlist', 'username');
}
define('PUN_ALLOW_INDEX', 1);
$result = $db->query('SELECT g_id, g_title FROM ' . $db->prefix . 'groups WHERE g_id!=' . PUN_GUEST . ' ORDER BY g_id') or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result)) {
while ($cur_group = $db->fetch_assoc($result)) {
$groups[] = $cur_group;
}
}
// Create any SQL for the WHERE clause
$where_sql = array();
$like_command = 'LIKE';
// Fetch some info about the post, the topic and the forum
$result = $db->query('SELECT `f`.`id` AS `fid`, ' . '`f`.`forum_name`, ' . '`f`.`moderators`, ' . '`f`.`redirect_url`, ' . '`fp`.`post_replies`, ' . '`fp`.`post_topics`, ' . '`t`.`id` AS `tid`, ' . '`t`.`subject`, ' . '`t`.`posted`, ' . '`t`.`closed`, ' . '`p`.`poster`, ' . '`p`.`poster_id`, ' . '`p`.`message`, ' . '`p`.`hide_smilies` ' . 'FROM `' . $db->prefix . 'posts` AS `p` ' . 'INNER JOIN `' . $db->prefix . 'topics` AS `t` ' . 'ON `t`.`id`=`p`.`topic_id` ' . 'INNER JOIN `' . $db->prefix . 'forums` AS `f` ' . 'ON `f`.`id`=`t`.`forum_id` ' . 'LEFT JOIN `' . $db->prefix . 'forum_perms` AS `fp` ' . 'ON (`fp`.`forum_id`=`f`.`id` ' . 'AND `fp`.`group_id`=' . $pun_user['g_id'] . ') ' . 'WHERE (`fp`.`read_forum` IS NULL OR `fp`.`read_forum`=1) ' . 'AND `p`.`id`=' . $id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result)) {
wap_message($lang_common['Bad request']);
}
$cur_post = $db->fetch_assoc($result);
// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = $cur_post['moderators'] ? unserialize($cur_post['moderators']) : array();
$is_admmod = $pun_user['g_id'] == PUN_ADMIN || $pun_user['g_id'] == PUN_MOD && array_key_exists($pun_user['username'], $mods_array) ? true : false;
// Determine whether this post is the "topic post" or not
$result = $db->query('SELECT `id` ' . 'FROM `' . $db->prefix . 'posts` ' . 'WHERE `topic_id`=' . $cur_post['tid'] . ' ' . 'ORDER BY `posted` ' . 'LIMIT 1;') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
$topic_post_id = $db->result($result);
$is_topic_post = $id == $topic_post_id;
// Do we have permission to edit this post?
if ((!$pun_user['g_delete_posts'] || !$pun_user['g_delete_topics'] && $is_topic_post || $cur_post['poster_id'] != $pun_user['id'] || $cur_post['closed'] == 1) && !$is_admmod) {
wap_message($lang_common['No permission']);
}
if (isset($_POST['delete'])) {
require_once PUN_ROOT . 'include/search_idx.php';
if ($is_topic_post) {
// Delete the topic and all of it's posts
delete_topic($cur_post['tid']);
update_forum($cur_post['fid']);
generate_rss();
wap_redirect('viewforum.php?id=' . $cur_post['fid']);
} else {
// Delete just this one post
delete_post($id, $cur_post['tid']);
update_forum($cur_post['fid']);
wap_redirect('viewtopic.php?id=' . $cur_post['tid']);
}
$DB->free_result($query);
} else {
echo "<p>没有需要审核的评论</p>\n";
}
wap_footer();
}
// 审核评论操作
if ($action == 'auditcm_ok' && ($sax_group == '1' || $sax_group == '2') && $sax_hash) {
wap_header('审核评论');
$commentid = (int) $commentid;
// 获取文章信息
if (!$commentid) {
wap_message('缺少参数');
}
$comment = $DB->fetch_one_array("SELECT c.articleid, a.uid FROM {$db_prefix}comments c LEFT JOIN {$db_prefix}articles a ON (a.articleid=c.articleid) WHERE c.commentid='{$commentid}'");
if (!$comment) {
wap_message('记录不存在');
}
if ($sax_group == '2') {
if ($comment['uid'] != $sax_uid) {
wap_message('此评论不属于您发表的文章');
}
}
$DB->query("UPDATE {$db_prefix}comments SET visible='1' WHERE commentid='{$commentid}'");
$DB->unbuffered_query("UPDATE {$db_prefix}articles SET comments=comments+1 WHERE articleid='" . $comment['articleid'] . "'");
$DB->unbuffered_query("UPDATE {$db_prefix}statistics SET comment_count=comment_count+1");
newcomments_recache();
statistics_recache();
getlog();
wap_message('评论已显示', array('title' => '返回隐藏评论列表', 'link' => 'index.php?action=auditcm'));
}
// Must the user verify the registration or do we log him/her in right now?
if ($pun_config['o_regs_verify'] == 1) {
// Load the "welcome" template
$mail_tpl = trim(file_get_contents(PUN_ROOT . 'lang/' . $pun_user['language'] . '/mail_templates/welcome.tpl'));
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_subject = str_replace('<board_title>', $pun_config['o_board_title'], $mail_subject);
$mail_message = str_replace('<base_url>', $pun_config['o_base_url'] . '/', $mail_message);
$mail_message = str_replace('<username>', $username, $mail_message);
$mail_message = str_replace('<password>', $password1, $mail_message);
$mail_message = str_replace('<login_url>', $pun_config['o_base_url'] . '/login.php', $mail_message);
$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'] . ' ' . $lang_common['Mailer'], $mail_message);
pun_mail($email1, $mail_subject, $mail_message);
wap_message($lang_register['Reg e-mail'] . ' <a href="mailto:' . $pun_config['o_admin_email'] . '">' . $pun_config['o_admin_email'] . '</a>.', true);
}
pun_setcookie($new_uid, $password_hash, $save_pass ? $now + 31536000 : 0);
wap_redirect('index.php');
}
}
}
$languages = array();
$d = dir(PUN_ROOT . 'lang');
while (($entry = $d->read()) !== false) {
if ($entry[0] != '.' && is_dir(PUN_ROOT . 'lang/' . $entry) && file_exists(PUN_ROOT . 'lang/' . $entry . '/common.php')) {
$languages[] = $entry;
}
}
$d->close();
$page_title = $pun_config['o_board_title'] . ' / ' . $lang_register['Register'];
// Fetch the list of forums
$result = $db->query('SELECT `id`, `forum_name` FROM `' . $db->prefix . 'forums`') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());
$forum_list = array();
while ($row = $db->fetch_row($result)) {
$forum_list[] = $row;
}
$smarty->assign('page_title', $page_title);
$smarty->assign('search_set', $search_set);
$smarty->assign('forum_list', $forum_list);
$smarty->assign('show_as', $show_as);
$smarty->assign('lang_search', $lang_search);
$smarty->assign('paging_links', $paging_links);
$smarty->display('search.result.tpl');
exit;
} else {
wap_message($lang_search['No hits']);
}
}
$result = $db->query('
SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.redirect_url
FROM ' . $db->prefix . 'categories AS c
INNER JOIN ' . $db->prefix . 'forums AS f ON c.id=f.cat_id
LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=' . $pun_user['g_id'] . ')
WHERE (fp.read_forum IS NULL OR fp.read_forum=1)
AND f.redirect_url IS NULL
ORDER BY c.disp_position, c.id, f.disp_position
') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());
$forums = array();
while ($cur_forum = $db->fetch_assoc($result)) {
$forums[] = $cur_forum;
}
