Ejemplo n.º 1
0
 if (!$_POST['topic'] or !$_POST['category'] or !$_POST['detail'] or !$_POST['post_name']) {
     echo "<script language='javascript'>";
     echo "alert('" . _JAVA_DATA_NULL . "')";
     echo "</script>";
     echo "<script language='javascript'>javascript:history.go(-1)</script>";
     exit;
 }
 if ($_SESSION['login_true'] || $_SESSION['admin_user']) {
 } else {
     if (USE_CAPCHA) {
         check_captcha($_POST['security_code']);
     }
 }
 //����ẹ��ɳ�
 $TOPIC = checkban($_POST['topic']);
 $DETAIL = banword($_POST['detail']);
 $POSTNAME = CheckRude($_POST['post_name']);
 if (substr_count($_POST['detail'], '<p>') == 1) {
     $temp = preg_replace("/<p>/i", "", $_POST['detail']);
     $temp = preg_replace("/<\\/p>/i", "", $temp);
     $_POST['detail'] = $temp;
 }
 $FILE = $_FILES['FILE'];
 $FILEATT = $_FILES['FILEATT'];
 if ($FILE['size'] > _WEBBOARD_LIMIT_UPLOAD) {
     echo "<script language='javascript'>";
     echo "alert('" . _WEBBOARD_EDIT_ADD_PIC_WIDTH . " " . _WEBBOARD_LIMIT_UPLOAD / 1024 . " kB " . _WEBBOARD_EDIT_ADD_PIC_WIDTH . "')";
     echo "</script>";
     echo "<script language='javascript'>javascript:history.back()</script>";
     exit;
 }
Ejemplo n.º 2
0
     if ($msg) {
         dalert($msg);
     }
 }
 $content = dhtmlspecialchars(trim($content));
 $content = preg_replace("/&([a-z]{1,});/", '', $content);
 $len = word_count($content);
 if ($len < $MOD['comment_min']) {
     dalert(lang($L['comment_msg_min'], array($MOD['comment_min'])));
 }
 if ($len > $MOD['comment_max']) {
     dalert(lang($L['comment_msg_max'], array($MOD['comment_max'])));
 }
 $BANWORD = cache_read('banword.php');
 if ($BANWORD) {
     $content = banword($BANWORD, $content, false);
 }
 $star = intval($star);
 in_array($star, array(1, 2, 3)) or $star = 3;
 $status = get_status(3, $MOD['comment_check'] == 2 ? $MG['check_add'] : $MOD['comment_check']);
 $hidden = isset($hidden) ? 1 : 0;
 $content = nl2br($content);
 $quotation = '';
 $qid = isset($qid) ? intval($qid) : 0;
 if ($qid) {
     $r = $db->get_one("SELECT ip,hidden,username,content,quotation,addtime FROM {$DT_PRE}comment WHERE itemid={$qid}");
     if ($r) {
         if ($r['username']) {
             $r['name'] = $r['hidden'] ? $MOD['comment_am'] : $r['username'];
         } else {
             $r['name'] = 'IP:' . hide_ip($r['ip']);
Ejemplo n.º 3
0
     if ($MST['vcompany'] && $MG['vcompany']) {
         $V['vcompany'] or dheader('validate.php?action=company&itemid=1');
     }
 }
 if ($_credit < 0 && $MST['credit_less'] && $action == 'add') {
     dheader('credit.php?action=less');
 }
 if ($submit) {
     check_post() or dalert($L['bad_data']);
     //safe
     $BANWORD = cache_read('banword.php');
     if ($BANWORD && isset($post)) {
         $keys = array('title', 'tag', 'introduce', 'content');
         foreach ($keys as $v) {
             if (isset($post[$v])) {
                 $post[$v] = banword($BANWORD, $post[$v]);
             }
         }
     }
 }
 $MYMODS = array();
 if (isset($MG['moduleids']) && $MG['moduleids']) {
     $MYMODS = explode(',', $MG['moduleids']);
 }
 if ($MYMODS) {
     foreach ($MYMODS as $k => $v) {
         $v = abs($v);
         if (!isset($MODULE[$v])) {
             unset($MYMODS[$k]);
         }
     }
Ejemplo n.º 4
0
																															<?php 
        //Show Picture
        if ($arr['comment']['picture']) {
            $postpicupload = @getimagesize("webboard_upload/" . $arr['comment']['picture'] . "");
            if ($postpicupload['0'] > _WEBBOARD_LIMIT_PICWIDTH) {
                $PicUpload = "<BR><CENTER><a href='webboard_upload/" . $arr['comment']['picture'] . "' rel='lightbox'><img class='highslide-display-block' src='webboard_upload/" . $arr['comment']['picture'] . "' width='" . _WEBBOARD_LIMIT_PICWIDTH . "' border='0' ></a><BR>[ " . _WEBBOARD_PIC_REAL_WIDTH . " ]</CENTER><BR>";
            } else {
                $PicUpload = "<BR><CENTER><img src='webboard_upload/" . $arr['comment']['picture'] . "' border='0' ><BR></CENTER><BR>";
            }
            echo $PicUpload;
        } else {
        }
        ?>

																															<?php 
        echo banword(stripslashes($arr['comment']['detail']));
        ?>
<br />
																															<br />
																														</td>

																													</tr>

																													<tr>
																														<td valign="top"><?php 
        if ($VIEWSxx['user'] == $arr['comment']['post_name']) {
            if ($VIEWSxx['signature']) {
                echo "<img src='images/webboard/sigline.gif' width='363' height='16' /><br>";
                ?>
 <?php 
                echo stripslashes($VIEWSxx['signature']);