Ejemplo n.º 1
0
<BODY>
<h3>Banned users</h3>
<table border="1">
<tr>
<th>Username</th>
<th>Reason</th>
<th>Moderator</th>
<th>Ban ends</th>
</tr>
<?php 
while ($row = mysql_fetch_assoc($result)) {
    $username = htmlentities($row['username'], HTML_ENTITIES, 'UTF-8');
    $translit_done = false;
    $reason = translit($row['ban_reason'], $translit_done);
    $reason = htmlentities($reason, HTML_ENTITIES, 'UTF-8');
    $reason = before_bbcode($reason);
    $reason = do_bbcode($reason);
    $reason = nl2br($reason);
    $reason = after_bbcode($reason);
    $banned_by = htmlentities($row['banned_by'], HTML_ENTITIES, 'UTF-8');
    $ban_ends = $row['ban_end'];
    print '<tr><td>' . $username . '</td><td>' . $reason . '</td><td>' . $banned_by . '</td><td>' . $ban_ends . '</td></tr>';
}
?>
</table>
</BODY>
</HTML>
<?php 
require 'tail_inc.php';
?>
Ejemplo n.º 2
0
/**
 * Renderers
 */
function render_for_display($msgbody)
{
    $msgbody = htmlentities($msgbody, HTML_ENTITIES, 'UTF-8');
    $msgbody = before_bbcode($msgbody);
    $msgbody = do_bbcode($msgbody);
    $msgbody = nl2br($msgbody);
    $msgbody = after_bbcode($msgbody);
    return $msgbody;
}
Ejemplo n.º 3
0
        ?>
</b>!<br/><p>
            Your article has been sent to forum.</p><p>
<?php 
    } else {
        if (!is_null($preview)) {
            $author = $user;
            $subject = $subj;
            $created = $time = strftime('%Y-%m-%d %H:%M:%S');
            $translit_done = false;
            $msgbody = translit($new_body, $translit_done);
            if (!is_null($msgbody) && strlen($msgbody) > 0 && !is_null($prefix) && strlen($prefix) > 0) {
                $msgbody = $prefix . ' ' . str_replace("\n", "\n" . $prefix . ' ', $msgbody);
            }
            $msgbody = htmlentities($msgbody, HTML_ENTITIES, 'UTF-8');
            $msgbody = before_bbcode($msgbody);
            $msgbody = do_bbcode($msgbody);
            $msgbody = nl2br($msgbody);
            $msgbody = after_bbcode($msgbody);
            $trans_body = $msgbody;
            if ($translit_done === true) {
                $trans_body .= '<BR><BR>[Message was transliterated]';
            }
        }
    }
} else {
    // validation error
    print $err;
    http_response_code(400);
}
require_once 'tail_inc.php';
Ejemplo n.º 4
0
if (is_null($msg_id)) {
    die("Specify message ID");
}
// 1 retrieve and print as is
$query = 'SELECT * from confa_posts where id = ' . $msg_id;
// $query = "alter table confa_users add last_pm_check_time timestamp default '0000-00-00 00:00:00'";
// $query = "update confa_users set last_pm_check_time = CURRENT_TIMEstamp";
$result = mysql_query($query);
if (!$result) {
    mysql_log(__FILE__, 'Query page count failed: ' . mysql_error() . ' QUERY: ' . $query);
    die('Query failed.' . mysql_error() . ' QUERY: ' . $query);
}
while ($row = mysql_fetch_assoc($result)) {
    $body = $row['body'];
    print "Original:<br/>" . $body;
    $body = before_bbcode($body);
    print "<br/><b>before_bbcode:</b><br/>" . $body;
    $body = do_bbcode($body);
    print "<br/><b>do_bbcode:</b><br/>" . $body;
    $body = nl2br($body);
    print "<br/><b>nl2br:</b><br/>" . $body;
    $body = after_bbcode($body);
    print "<br/><b>after_bbcode:</b><br/>" . $body;
    // bbcode, print
    // after bbcode, print
}
print "<br/>The end";
require_once 'tail_inc.php';
?>

Ejemplo n.º 5
0
        if ($row2['status'] == 3) {
            print '<font color="red">Censor (Мат)</font>';
        } elseif ($row2['status'] == 4) {
            print '<font color="red">Censor (Хамство)</font>';
        } elseif ($row2['status'] == 5) {
            print '<font color="red">Censor (Наезд)</font>';
        } elseif ($row2['status'] == 2) {
            print '<font color="red">Delete message</font>';
        } else {
            $translit_done = false;
            $s_mess = trim($row2['body']);
            $s_mess = str_replace($n_ff, "", $s_mess);
            $s_mess = translit($s_mess, $translit_done);
            if (!is_null($s_mess) && strlen($s_mess) > 0 && !is_null($prefix) && strlen($prefix) > 0) {
                $s_mess = $prefix . ' ' . str_replace("\n", "\n" . $prefix . ' ', $s_mess);
            }
            $s_mess = htmlentities($s_mess, HTML_ENTITIES, 'UTF-8');
            $s_mess = before_bbcode($s_mess);
            $s_mess = do_bbcode($s_mess);
            $s_mess = nl2br($s_mess);
            $s_mess = after_bbcode($s_mess);
            echo trim($s_mess);
        }
    }
    $query = 'UPDATE confa_posts SET views=views + 1 where id=' . $mess_id;
    $result = mysql_query($query);
}
require_once 'tail_inc.php';
?>

Ejemplo n.º 6
0
function post($subj, $body, $re = 0, $msg_id = 0, $ticket = "", $nsfw = false, $to)
{
    global $err_login, $logged_in, $ban, $ip, $agent, $user_id, $content_nsfw;
    $err = validate($subj, $body, $to);
    if (strlen($err) != 0) {
        return $err;
    } else {
        if (!$logged_in || $ban) {
            // just in case
            return "User not logged in or banned from forum";
        }
    }
    $chars = 0;
    $content_flags = 0;
    if (!is_null($body) && strlen($body) != 0) {
        $chars = strlen(utf8_decode($body));
        $length = strlen($body);
        if (stristr(render_for_display($body), "<img style")) {
            $content_flags |= 2;
        }
        $new_body = render_for_db($body);
        $has_video = false;
        before_bbcode($body, $has_video);
        if ($has_video || preg_match('/id="[a-z]*-video"/', $new_body)) {
            $content_flags |= 4;
        }
        $ibody = '\'' . mysql_escape_string($new_body) . '\'';
    } else {
        $ibody = "''";
    }
    if (isset($nsfw) && $nsfw !== false) {
        $content_flags |= $content_nsfw;
    }
    if (isset($to)) {
        $query = 'SELECT id from confa_users where username=\'' . mysql_escape_string($to) . '\' and status != 2';
        $result = mysql_query($query);
        if (!$result) {
            mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
            return 'Query failed';
        }
        $row = mysql_fetch_assoc($result);
        $to_id = $row['id'];
        if (is_null($to_id)) {
            return "No such recipient";
        }
    }
    if (strlen($ticket) > 0) {
        $query = 'INSERT into confa_tickets(ticket) values(\'' . $ticket . '\')';
        $result = mysql_query($query);
        if (!$result) {
            mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
            return 'This is duplicated post (ticket ' . $ticket . ')';
        }
    }
    if (isset($to_id)) {
        // send pmail
        $query = 'INSERT INTO confa_pm(sender, receiver, subject, body, chars) values(' . $user_id . ', ' . $to_id . ', \'' . mysql_escape_string($subj) . '\', ' . $ibody . ', ' . $chars . ')';
        $result = mysql_query($query);
        if (!$result) {
            mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
            return 'Query failed';
        }
        $id = mysql_insert_id();
        update_new_pm_count($to_id);
        return array("id" => $id);
    } else {
        if (isset($msg_id) && $msg_id > 0) {
            // update existing post
            $query = 'SELECT p.subject, p.body, p.status, p.author, p.created, p.thread_id, p.level, p.closed as post_closed, p.id, t.closed as thread_closed, ( select max(page) from confa_threads) - t.page + 1 as page from confa_posts p, confa_threads t where t.id=p.thread_id and p.id=' . $msg_id;
            $result = mysql_query($query);
            if (!$result) {
                mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
                return 'Query failed';
            }
            if (mysql_num_rows($result) == 0) {
                return "Message not found";
            }
            $row = mysql_fetch_assoc($result);
            $thread_id = $row['thread_id'];
            $old_subject = $row['subject'];
            $old_body = $row['body'];
            $closed = !is_null($row['post_closed']) && $row['post_closed'] > 0 || !is_null($row['thread_closed']) && $row['thread_closed'] > 0;
            if ($closed || $row['status'] != 1 || !can_edit_post($row['author'], $row['created'], $user_id, $msg_id)) {
                return 'Modifications to this post are not allowed.';
            }
            if (strcmp($old_subject, $subj) != 0 || strcmp($old_body, $new_body) != 0) {
                // create a new version
                $query = 'INSERT INTO confa_versions (parent, subject, body, created, chars, IP, user_agent, views, content_flags) ' . ' SELECT id, subject, body, IF(ISNULL(modified), created, modified), chars, IP, user_agent, views, content_flags FROM confa_posts WHERE id=' . $msg_id;
                $result = mysql_query($query);
                if (!$result) {
                    mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
                    return 'Query failed';
                }
            }
            // update post
            $query = 'UPDATE confa_posts SET subject=\'' . mysql_escape_string($subj) . '\',body=' . $ibody . ',modified=now(),ip=' . $ip . ',user_agent=' . $agent . ',content_flags=' . $content_flags . ', chars=' . $chars . ',views=0 WHERE id=' . $msg_id;
            $result = mysql_query($query);
            if (!$result) {
                mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
                return 'Query failed';
            }
            return array("id" => $msg_id);
        } else {
            if ($re == 0) {
                // create new thread
                $query = 'select sum(counter) as cnt, page from confa_threads group by page desc limit 1';
                $result = mysql_query($query);
                if (!$result) {
                    mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
                    return 'Query failed';
                }
                $row = mysql_fetch_assoc($result);
                $last_page = $row['page'];
                if ($row['cnt'] > 200) {
                    $last_page++;
                }
                if (is_null($last_page)) {
                    $last_page = 1;
                }
                $query = 'INSERT INTO confa_threads(author, page) values(' . $user_id . ', ' . $last_page . ')';
                $result = mysql_query($query);
                if (!$result) {
                    mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
                    return 'Query failed';
                }
                $thread_id = mysql_insert_id();
                $query = 'INSERT INTO confa_posts(status, parent, author, subject, body, created, thread_id, chars, auth, ip, user_agent, content_flags) values(1, 0, ' . $user_id . ',\'' . mysql_escape_string($subj) . '\', ' . $ibody . ', now(), ' . $thread_id . ', ' . $chars . ', 1, ' . $ip . ', ' . $agent . ', ' . $content_flags . ')';
                $result = mysql_query($query);
                if (!$result) {
                    mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
                    return 'Query failed';
                }
                $id = mysql_insert_id();
                $query = "UPDATE confa_users set status = 1 where id=" . $user_id;
                $result = mysql_query($query);
                if (!$result) {
                    mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
                    return 'Query failed';
                }
                return array("id" => $id, "thread_id" => $thread_id);
            } else {
                // respond to an existing post
                $query = 'SELECT p.thread_id, p.level, p.closed as post_closed, p.id, t.closed as thread_closed, ( select max(page) from confa_threads) - t.page + 1 as page from confa_posts p, confa_threads t where t.id=p.thread_id and p.id=' . $re;
                $result = mysql_query($query);
                if (!$result) {
                    mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
                    return 'Query failed';
                }
                if (mysql_num_rows($result) != 0) {
                    $row = mysql_fetch_assoc($result);
                    if (!is_null($row['post_closed']) && $row['post_closed'] > 0 || !is_null($row['thread_closed']) && $row['thread_closed'] > 0) {
                        return 'Replies to this post are disabled.';
                    }
                    $msg_page = $row['page'];
                    if (is_null($msg_page)) {
                        $msg_page = 1;
                    }
                    $thread_id = $row['thread_id'];
                    $level = $row['level'];
                    $level++;
                    $query = 'UPDATE confa_threads set counter=counter+1 where id=' . $thread_id;
                    $result = mysql_query($query);
                    if (!$result) {
                        mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
                        return 'Query failed';
                    }
                } else {
                    return 'Cannot find parent for msg=' . $re;
                }
                $query = 'INSERT INTO confa_posts(status, parent, level, author, subject, body, created, thread_id, chars, auth, ip, user_agent, content_flags) values( 1, ' . $re . ', ' . $level . ', ' . $user_id . ',\'' . mysql_escape_string($subj) . '\', ' . $ibody . ', now(), ' . $thread_id . ', ' . $chars . ', 1, ' . $ip . ', ' . $agent . ', ' . $content_flags . ')';
                $result = mysql_query($query);
                if (!$result) {
                    mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
                    return 'Query failed';
                }
                $id = mysql_insert_id();
                // wtf is this for?
                $query = "UPDATE confa_users set status = 1 where id=" . $user_id;
                $result = mysql_query($query);
                if (!$result) {
                    mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query);
                    return 'Query failed';
                }
                return array("id" => $id);
            }
        }
    }
    return "";
}