Ejemplo n.º 1
0
  <?php 
    exit;
}
if (empty($UNTRUSTED['convertsmile'])) {
    $UNTRUSTED['convertsmile'] = "ON";
}
if ($smiles == "N") {
    $UNTRUSTED['convertsmile'] = "OFF";
}
if (!empty($UNTRUSTED['comment'])) {
    $comment = filter_html($UNTRUSTED['comment']);
    // convert links :
    $comment = preg_replace('#(\\s(www.))([^\\s]*)#', ' http://\\2\\3 ', $comment);
    $comment = preg_replace('#((http|https|ftp|news|file)://)([^\\s]*)#', '<a href="\\1\\3" target=_blank>\\1\\3</a>', $comment);
    if ($UNTRUSTED['convertsmile'] != "OFF") {
        $comment = convert_smile($comment);
    }
    $timeof = date("YmdHis");
    if (empty($UNTRUSTED['saidto'])) {
        $UNTRUSTED['saidto'] = 0;
    }
    // see if we have same timestamp: a performance issue but actually done on perpose to discourage
    // people making hosted solutions with multiple chats all using the same system.
    $query = "SELECT timeof FROM livehelp_messages WHERE timeof='{$timeof}'";
    $rs = $mydatabase->query($query);
    while ($rs->numrows() != 0) {
        if (function_exists('sleep')) {
            sleep(1);
            $timeof = date("YmdHis");
        } else {
            $timeof++;
Ejemplo n.º 2
0
    $check_s = $mydatabase->query($query);
    $check_s = $check_s->fetchRow(DB_FETCHMODE_ASSOC);
    if ($check_s['status'] != "chat") {
        $query = "UPDATE livehelp_users set status='request' WHERE user_id=" . intval($saidto);
        $mydatabase->query($query);
    }
    $query = "DELETE FROM livehelp_messages WHERE typeof='writediv'";
    $mydatabase->query($query);
    // see if we have same timestamp: a performance issue but actually done on perpose to discourage
    // people making hosted solutions with multiple chats all using the same system.
    $query = "SELECT timeof FROM livehelp_messages WHERE timeof='{$timeof}'";
    $rs = $mydatabase->query($query);
    while ($rs->numrows() != 0) {
        if (function_exists('sleep')) {
            sleep(1);
            $timeof = date("YmdHis");
        } else {
            $timeof++;
        }
        $query = "SELECT timeof FROM livehelp_messages WHERE timeof='{$timeof}'";
        $rs = $mydatabase->query($query);
    }
    if (!empty($UNTRUSTED['smilies'])) {
        $UNTRUSTED['comment'] = convert_smile($UNTRUSTED['comment']);
    }
    $query = "INSERT INTO livehelp_messages (message,channel,timeof,saidfrom,saidto) VALUES ('" . filter_sql($UNTRUSTED['comment']) . "'," . intval($channel) . ",'{$timeof}'," . intval($myid) . "," . intval($saidto) . ")";
    $mydatabase->query($query);
    $quicknote = "";
}
?>
 
Ejemplo n.º 3
0
/**
 * show the messages for this user by type and id and/or channel and/or timestamp.
 *
 * @param int    $myid id of this user.
 * @param string $typeof (either an empty string or a writediv
 * @param int    (reference) $aftertime  optional timestamp to only see from 
 * @param int    $seechannel optional id of the channel to only view
 * @param string hidechannels string of user_ids to hide. 
 * @param bool   $diliminated  return diliminated results or not.
 * @param bool   $omitself  show self typing or not.
 *
 * @global object $mydatabase mysql database object.
 * @global array $lang  array containing the language texts   
 * @global array $CSLH_Config array containing the configuration variables.
 *
 * @return string messages
 */
function showmessages($myid, $typeof = "", &$aftertime, $seechannel = "", $hidechannels = "", $diliminated = false, $omitself = true)
{
    global $mydatabase, $CSLH_Config, $identity, $isavisitor;
    $chatmessage = "";
    // one chat message
    $resultchat = "";
    // the whole list of messages since aftertime..
    $typediliminated = "";
    // the type of message in the deliminated message HTML or LAYER
    // if the type is writediv then omit messages that you are tying.
    $excludesql = " ";
    if ($typeof == "writediv") {
        if ($omitself) {
            $excludesql = " AND saidfrom!=" . intval($myid);
        }
    }
    // if we only want to see one channel:
    if ($seechannel != "") {
        $sqlqueryrun = "SELECT livehelp_messages.message,livehelp_messages.typeof,livehelp_messages.timeof,livehelp_messages.id_num,livehelp_messages.saidfrom,livehelp_messages.saidto,livehelp_operator_channels.txtcolor,livehelp_operator_channels.txtcolor_alt,livehelp_operator_channels.channelcolor\n               FROM livehelp_messages,livehelp_operator_channels \n               WHERE livehelp_operator_channels.user_id=" . intval($myid) . "\n                  AND livehelp_messages.channel=livehelp_operator_channels.channel\n                  AND timeof>'{$aftertime}' AND livehelp_messages.typeof='{$typeof}'\n                  AND livehelp_messages.channel=" . intval($seechannel) . "\n                  AND livehelp_messages.saidfrom!='0' {$excludesql}\n               ORDER by timeof";
    } else {
        $except_ids = explode(",", $hidechannels);
        $except_sql = "";
        for ($i = 0; $i < count($except_ids); $i++) {
            $except_sql .= " AND livehelp_messages.channel!=" . intval($except_ids[$i]);
        }
        $sqlqueryrun = "SELECT livehelp_messages.message,livehelp_messages.typeof,livehelp_messages.timeof,livehelp_messages.id_num,livehelp_messages.saidfrom,livehelp_messages.saidto,livehelp_operator_channels.txtcolor,livehelp_operator_channels.txtcolor_alt,livehelp_operator_channels.channelcolor\n               FROM livehelp_messages,livehelp_operator_channels \n               WHERE livehelp_operator_channels.user_id=" . intval($myid) . "\n                 AND livehelp_messages.channel=livehelp_operator_channels.channel \n                 AND timeof>'{$aftertime}' AND livehelp_messages.typeof='{$typeof}' \n                 AND livehelp_messages.saidfrom!='0' {$except_sql} {$excludesql} \n               ORDER by timeof";
    }
    // if we are a visitor we only can see messages said to us or our channel:
    if ($isavisitor) {
        $sqlqueryrun = "SELECT message,typeof,timeof,id_num,saidfrom,saidto \n              FROM livehelp_messages \n              WHERE (saidto=" . intval($myid) . "\n                 OR channel=" . intval($seechannel) . ")\n                 AND livehelp_messages.typeof='{$typeof}'\n                 AND timeof>'{$aftertime}' {$excludesql}\n              ORDER by timeof ";
    }
    // run query:
    //print $sqlqueryrun;
    $messages = $mydatabase->query($sqlqueryrun);
    if ($messages->numrows() != 0) {
        $index = 0;
        while ($row = $messages->fetchRow(DB_FETCHMODE_ORDERED)) {
            $chatmessage = "";
            $javascript = "";
            $message = $row[0];
            $typeof = $row[1];
            $aftertime = $row[2];
            $id_num = $row[3];
            $saidfrom = $row[4];
            $saidto = $row[5];
            $typediliminated = "HTML";
            // look up text color:
            if (!isset($row[6])) {
                $sqlquery = "SELECT txtcolor,txtcolor_alt FROM livehelp_operator_channels WHERE userid=" . intval($saidfrom);
                $res = $mydatabase->query($sqlquery);
                $row2 = $res->fetchRow(DB_FETCHMODE_ORDERED);
                $row[6] = $row2[0];
                $row[7] = $row2[1];
            }
            $txtcolor = isset($row[6]) ? $row[6] : "000000";
            $txtcolor_alt = isset($row[7]) ? $row[7] : "000000";
            $channelcolor = isset($row[8]) ? "bgcolor=" . $row[8] : "";
            if ($isavisitor) {
                $tablestart = "<table width=98% cellpadding=0 cellspacing=0 border=0 {$channelcolor}><tr><td>";
            } else {
                $tablestart = "<table width=98% cellpadding=0 cellspacing=0 border=0><tr><td width=2><img src=images/blank.gif width=2 height=2></td><td {$channelcolor}>";
            }
            $tableend = "</td></tr></table>";
            if ($saidfrom == 0) {
                $register = 12;
                $whowhat = "";
                $from = "";
            } else {
                $sqlquery = "SELECT username,jsrn FROM livehelp_users WHERE user_id=" . intval($saidfrom);
                $username_f = $mydatabase->query($sqlquery);
                $username_a = $username_f->fetchRow(DB_FETCHMODE_ORDERED);
                $from = $username_a[0];
                $haystack = explode("_", $from);
                if (!empty($haystack[2])) {
                    $from2 = $haystack[1];
                } else {
                    $from2 = $haystack[0];
                }
                if ($from2 == $identity['IP_ADDR']) {
                    $from = "You";
                }
                $register = $username_a[1];
                $whowhat = $from;
            }
            if ($saidto != 0) {
                $sqlquery = "SELECT username FROM livehelp_users WHERE user_id=" . intval($saidto);
                $username_f = $mydatabase->query($sqlquery);
                $username_a = $username_f->fetchRow(DB_FETCHMODE_ORDERED);
                $to = $username_a[0];
            }
            if ($isavisitor) {
                if ($saidfrom != $myid) {
                    $cssclass_name = " class=\"operatorName\" ";
                    $cssclass_txt = " class=\"operator\" ";
                } else {
                    $cssclass_name = " class=\"guestName\" ";
                    $cssclass_txt = " class=\"guest\" ";
                }
            } else {
                if ($saidfrom != $myid) {
                    $cssclass_name = " class=\"guestName\" ";
                    $cssclass_txt = " class=\"guest\" ";
                    $txtcolor = $txtcolor_alt;
                } else {
                    $cssclass_name = " class=\"operatorName\" ";
                    $cssclass_txt = " class=\"operator\" ";
                }
            }
            if (!empty($from)) {
                $whowhat = "<font color=\"#{$txtcolor}\" {$cssclass_name}>{$from}:&nbsp;</font>";
            }
            $abort_counter = 0;
            $message = preg_replace("/\n/", "", nl2br($message));
            $message = preg_replace("/\r/", "", $message);
            $safemessage = convert_smile(filter_html($message));
            // if we hit a writediv command write to DIV or
            // if it does not exist write normal.
            if ($typeof == "writediv") {
                $typediliminated = "LAYER";
                if ($diliminated) {
                    if (!preg_match("/nullstring/", $safemessage)) {
                        $chatmessage = $tablestart . "<table cellpadding=0 cellspacing=0 border=0><tr><td valign=top nowrap=nowrap>" . $whowhat . "</td><td><img src=images/blank.gif width=350 height=1><br><font color=\"#" . $txtcolor . "\"> " . $safemessage . "</font></b></td></tr></table>" . $tableend;
                    } else {
                        $chatmessage = "nullstring";
                    }
                } else {
                    $chatmessage = "<SCRIPT type=\"text/javascript\">\n";
                    if (!preg_match("/nullstring/", $safemessage)) {
                        $chatmessage .= " whatissaid[" . $register . "] = '" . $tablestart . $whowhat . "<font color=\"#" . $txtcolor . "\"> ' + unescape('" . $safemessage . "') + '</font></b><br>" . $tableend . "';\n";
                    } else {
                        $chatmessage .= "whatissaid[" . $register . "] = 'nullstring'\n";
                    }
                    $chatmessage .= "update_typing();";
                    $chatmessage .= "</SCRIPT>";
                }
            } else {
                // if we are sending a url we only want to send it once to the visitor.
                if (preg_match("/\\[PUSH\\]/", $message)) {
                    if (!is_operator($myid)) {
                        $javascript = preg_replace("/\\[PUSH\\](.*?)\\[\\/PUSH\\]/", "openwindow('\\1\\2','popwindow');", $message);
                        $message = preg_replace("/\\[PUSH\\]/", "", $message);
                        $message = preg_replace("/\\[\\/PUSH\\]/", "", $message);
                        // convert links :
                        $newmessage = preg_replace('#(\\s(www.))([^\\s]*)#', ' http://\\2\\3 ', $message);
                        $newmessage = preg_replace('#((http|https|ftp|news|file)://)([^\\s]*)#', '<a href="\\1\\3" target=_blank>\\1\\3</a>', $newmessage);
                        if (!$diliminated) {
                            $message = "<SCRIPT type=\"text/javascript\"> {$javascript} </SCRIPT> {$newmessage}";
                        } else {
                            $message = $newmessage;
                        }
                        //$sqlquery = "UPDATE livehelp_messages set message='$newmessage' Where id_num=".intval($id_num);
                        //$mydatabase->query($sqlquery);
                    } else {
                        $message = preg_replace("/\\[PUSH\\]/", "", $message);
                        $message = preg_replace("/\\[\\/PUSH\\]/", "", $message);
                        $newmessage = preg_replace('#(\\s(www.))([^\\s]*)#', ' http://\\2\\3 ', $message);
                        $newmessage = preg_replace('#((http|https|ftp|news|file)://)([^\\s]*)#', '<a href="\\1\\3" target=_blank>\\1\\3</a>', $newmessage);
                        $message = $newmessage;
                    }
                }
                // if we are transfering them
                if ($isavisitor && preg_match("/\\[transfer\\]/", $message)) {
                    $message = preg_replace("/\\[transfer\\]/", "", $message);
                    $message = preg_replace("/\\[\\/transfer\\]/", "", $message);
                    $message_url = $message;
                    $message = "";
                    $javascript = "window.parent.location.replace('{$message_url}');";
                    if (!$diliminated) {
                        $message = "<SCRIPT type=\"text/javascript\"> {$javascript} </SCRIPT>";
                    }
                    $message .= "..transfered..";
                    $sqlquery = "UPDATE livehelp_messages set message='{$message}' Where id_num=" . intval($id_num);
                    $mydatabase->query($sqlquery);
                }
                if ($message != "nullstring") {
                    $chatmessage .= $tablestart;
                    $chatmessage .= "<table cellpadding=0 cellspacing=0 border=0><tr><td valign=top NOWRAP=NOWRAP NOWRAP width=3><img src=images/blank.gif width=4 height=4></td><td valign=top NOWRAP=NOWRAP NOWRAP>" . $whowhat . "</td><td valign=top><img src=images/blank.gif width=350 height=1><br><font color=\"#" . $txtcolor . "\"" . $cssclass_txt . " > " . $message . " </font></b><br></td></tr></table>";
                    $chatmessage .= $tableend;
                }
            }
            if ($diliminated) {
                if (empty($resultchat)) {
                    $resultchat = "";
                }
                $string = "messages[{$index}] = new Array(); messages[{$index}][0]=\"{$aftertime}\"; messages[{$index}][1]=\"{$register}\"; messages[{$index}][2]=\"{$typediliminated}\"; messages[{$index}][3]=\"" . addslashes($chatmessage) . "\"; messages[{$index}][4]=\"{$javascript}\";";
                $resultchat .= $string;
            } else {
                $resultchat .= $chatmessage;
                if ($typeof != "writediv") {
                    $resultchat .= "<SCRIPT type=\"text/javascript\"> whatissaid[{$register}] = 'nullstring'\n update_typing();\n </SCRIPT>";
                }
            }
            $index++;
        }
        // while more messages to look at
    }
    // if there are messages to look at.
    return $resultchat;
}