function clean_html($html) { $clean = ""; $pre = 0; $html = clean_unicode($html); for ($i = 0; $i < mb_strlen($html); $i++) { //$c = substr($html, $i, 1); $c = mb_substr($html, $i, 1); if ($c == "<") { $s = ""; for ($i = $i + 1; $i < mb_strlen($html); $i++) { //$c = substr($html, $i, 1); $c = mb_substr($html, $i, 1); if ($c == ">") { break; } $s .= $c; } $tag = clean_tag($s); if ($tag == "<pre>") { $pre++; } else { if ($tag == "</pre>") { $pre--; } } $clean .= $tag; } else { //if ($pre > 0 && $c == "\n") { // $clean .= "<br/>"; //} else { $clean .= $c; //} } } $clean = str_replace("\t", " ", $clean); $clean = str_replace("\n", " ", $clean); $clean = str_replace("\r", " ", $clean); while (string_has($clean, " ")) { $clean = str_replace(" ", " ", $clean); } $clean = str_replace("> ", ">", $clean); $clean = str_replace(" <", "<", $clean); $clean = str_replace("FORCEWHITESPACE", " ", $clean); $clean = trim($clean); $clean = str_replace_all(" ", " ", $clean); $clean = str_replace_all("<br/><br/><br/>", "<br/><br/>", $clean); // print "clean [$clean]"; // $clean = str_replace("<pre><br/>", "<pre>", $clean); // $clean = str_replace("<br/></pre>", "</pre>", $clean); // $clean = str_replace("<li><br/>", "<li>", $clean); // $clean = str_replace("<br/></li>", "</li>", $clean); // $clean = str_replace("<ul><br/>", "<ul>", $clean); // $clean = str_replace("<br/></ul>", "</ul>", $clean); // $clean = str_replace("<ol><br/>", "<ol>", $clean); // $clean = str_replace("<br/></ol>", "</ol>", $clean); // print "clean2 [$clean]"; $clean = clean_newlines("pre", $clean); $clean = clean_newlines("ol", $clean); $clean = clean_newlines("ul", $clean); $clean = clean_newlines("li", $clean); $clean = clean_newlines("blockquote", $clean); $clean = clean_entities($clean); $clean = make_clickable($clean); return $clean; }
$zid = ""; $coward = true; if (http_post("post")) { if (!captcha_verify($answer)) { die("captcha failed"); } } } else { $coward = http_post_bool("coward"); if ($coward) { $zid = ""; } else { $zid = $auth_zid; } } $subject = clean_unicode($subject); $subject = clean_entities($subject); $new_body = str_replace("\n", "<br>", $body); $new_body = clean_html($new_body); $time = time(); if ($sid == 0 && $cid == 0 && $pid == 0 && $qid == 0) { die("qid [{$qid}]"); die("sid, cid, pid, and qid are empty"); } if ($cid != 0) { $comment = db_get_rec("comment", $cid); $sid = $comment["sid"]; $pid = $comment["pid"]; $qid = $comment["qid"]; } if ($sid != 0) {