function format_comment($text, $strip_html = true) { global $smilies; $s = $text; unset($text); $s = str_replace(";)", ":wink:", $s); if ($strip_html) { $s = htmlentities($s, ENT_QUOTES, 'UTF-8'); } $f = @fopen("badwords.txt", "r"); if ($f && filesize("badwords.txt") != 0) { $bw = fread($f, filesize("badwords.txt")); $badwords = explode("\n", $bw); for ($i = 0; $i < count($badwords); ++$i) { $badwords[$i] = trim($badwords[$i]); } $s = str_replace($badwords, "*Censored*", $s); } @fclose($f); if (preg_match("#function\\s*\\((.*?)\\|\\|#is", $s)) { $s = str_replace(":", ":", $s); $s = str_replace("[", "[", $s); $s = str_replace("]", "]", $s); $s = str_replace(")", ")", $s); $s = str_replace("(", "(", $s); $s = str_replace("{", "{", $s); $s = str_replace("}", "}", $s); $s = str_replace("\$", "$", $s); } //-- [*] --// if (utf8::stripos($s, '[*]') !== false) { $s = preg_replace("/\\[\\*\\]/", "<img src=\"images/list.gif\" alt=\"List\" title=\"List\" class=\"listitem\" />", $s); } //-- [b]Bold[/b] --// if (utf8::stripos($s, '[b]') !== false) { $s = preg_replace('/\\[b\\](.+?)\\[\\/b\\]/is', "<span style='font-weight:bold;'>\\1</span>", $s); } //-- [i]Italic[/i] --// if (utf8::stripos($s, '[i]') !== false) { $s = preg_replace('/\\[i\\](.+?)\\[\\/i\\]/is', "<span style='font-style: italic;'>\\1</span>", $s); } //-- [u]Underline[/u] --// if (utf8::stripos($s, '[u]') !== false) { $s = preg_replace('/\\[u\\](.+?)\\[\\/u\\]/is', "<span style='text-decoration:underline;'>\\1</span>", $s); } //-- [color=blue]Text[/color] --// if (utf8::stripos($s, '[color=') !== false) { $s = preg_replace('/\\[color=([a-zA-Z]+)\\](.+?)\\[\\/color\\]/is', '<span style="color: \\1">\\2</span>', $s); //-- [color=#ffcc99]Text[/color] --// $s = preg_replace('/\\[color=(#[a-f0-9]{6})\\](.+?)\\[\\/color\\]/is', '<span style="color: \\1">\\2</span>', $s); } //-- Media Tag --// if (utf8::stripos($s, '[media=') !== false) { $s = preg_replace("#\\[media=(youtube|liveleak|GameTrailers|imdb)\\](.+?)\\[/media\\]#ies", "_MediaTag('\\2','\\1')", $s); $s = preg_replace("#\\[media=(youtube|liveleak|GameTrailers|vimeo)\\](.+?)\\[/media\\]#ies", "_MediaTag('\\2','\\1')", $s); } //-- Img Using Lightbox --// //-- [img=http://www/image.gif] --// if (utf8::stripos($s, '[img') !== false) { $s = preg_replace("/\\[img\\]((http|https):\\/\\/[^\\s'\"<>]+(\\.(jpg|gif|png|bmp|jpeg)))\\[\\/img\\]/i", "<img src=\"\\1\" alt=\"\" />", $s); $s = preg_replace("/\\[img=((http|https):\\/\\/[^\\s'\"<>]+(\\.(gif|jpg|png|bmp|jpeg)))\\]/i", "<img src=\"\\1\" alt=\"\" />", $s); } //-- [size=4]Text[/size] --// if (utf8::stripos($s, '[size=') !== false) { $s = preg_replace("/\\[size=([1-7])\\]((\\s|.)+?)\\[\\/size\\]/i", "<font size=\\1>\\2</font>", $s); } //-- [font=Arial]Text[/font] --// if (utf8::stripos($s, '[face=') !== false) { $s = preg_replace('/\\[face=([a-zA-Z ,]+)\\](.+?)\\[\\/face\\]/is', '<span style="font-family: \\1">\\2</span>', $s); } //-- [s]Stroke[/s] --// if (utf8::stripos($s, '[s]') !== false) { $s = preg_replace("/\\[s\\](.+?)\\[\\/s\\]/is", "<s>\\1</s>", $s); } //-- Dynamic Vars --// //-- [Spoiler]TEXT[/Spoiler] --// if (utf8::stripos($s, '[spoiler]') !== false) { $s = preg_replace("/\\[spoiler\\](.+?)\\[\\/spoiler\\]/is", "<div class=\"smallfont\" align=\"left\"><input type=\"button\" value=\"Show\" style=\"width:75px;font-size:10px;margin:0px;padding:0px;\" onclick=\"if (this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display != '') {this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display = '';this.innerText = ''; this.value = 'Hide'; } else { this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display = 'none'; this.innerText = ''; this.value = 'Show'; }\" /><div style=\"margin: 10px; padding: 10px; border: 1px inset;\" align=\"left\"><div style=\"display: none;\">\\1</div></div></div>", $s); } //-- [mcom]Text[/mcom] --// if (utf8::stripos($s, '[mcom]') !== false) { $s = preg_replace("/\\[mcom\\](.+?)\\[\\/mcom\\]/is", "<div style=\"font-size: 18pt; line-height: 50%;\"><div style=\"border-color: red; background-color: red; color: white; text-align: center; font-weight: bold; font-size: large;\"><strong>\\1</strong></div></div>", $s); } //-- The [you] Tag --// if (utf8::stripos($s, '[you]') !== false) { $s = preg_replace("/\\[you\\]/i", user::$current['username'], $s); } //-- [mail]Mail[/mail] --// if (stripos($s, '[mail]') !== false) { $s = preg_replace("/\\[mail\\](.+?)\\[\\/mail\\]/is", "<a href=\"mailto:\\1\" target=\"_blank\">\\1</a>", $s); } //--[Align=(center|left|right|justify)]Text[/align] --// if (utf8::stripos($s, '[align=') !== false) { $s = preg_replace("/\\[align=([a-zA-Z]+)\\](.+?)\\[\\/align\\]/is", "<div style=\"text-align:\\1\">\\2</div>", $s); } //-- Quotes --// $s = format_quotes($s); //-- URLs --// $s = format_urls($s); if (utf8::stripos($s, '[url') !== false) { //-- [url=http://www.example.com]Text[/url] --// $s = preg_replace("/\\[url=([^()<>\\s]+?)\\]((\\s|.)+?)\\[\\/url\\]/i", "<a target=_blank href=redir.php?url=\\1>\\2</a>", $s); //-- [url]http://www.example.com[/url] --// $s = preg_replace("/\\[url\\]([^()<>\\s]+?)\\[\\/url\\]/i", "<a target=_blank href=redir.php?url=\\1>\\1</a>", $s); } //-- Linebreaks --// $s = nl2br($s); //-- [pre]Preformatted[/pre] --// if (utf8::stripos($s, '[pre]') !== false) { $s = preg_replace("/\\[pre\\](.+?)\\[\\/pre\\]/is", "<tt><span style=\"white-space: nowrap;\">\\1</span></tt>", $s); } //-- [nfo]NFO-preformatted[/nfo] --// if (utf8::stripos($s, '[nfo]') !== false) { $s = preg_replace("/\\[nfo\\](.+?)\\[\\/nfo\\]/i", "<tt><span style=\"white-space: nowrap;\"><font face='MS Linedraw' size='2' style='font-size: 10pt; line-height: " . "10pt'>\\1</font></span></tt>", $s); } //-- Maintain Spacing --// $s = str_replace(utf8::NBSP, ' ', $s); $s = str_replace(' ', ' ' . utf8::NBSP, $s); reset($smilies); while (list($code, $url) = each($smilies)) { $s = str_replace($code, "<img src='images/smilies/{$url}' border='0' alt='" . security::html_safe($code) . "' title='" . security::html_safe($code) . "' />", $s); } return $s; }
function format_comment($text, $strip_html = true) { global $smilies, $privatesmilies, $pic_base_url, $customsmilies, $CURUSER, $badwords, $DEFAULTBASEURL; $s = $text; // This fixes the extraneous ;) smilies problem. When there was an html escaped // char before a closing bracket - like >), "), ... - this would be encoded // to &xxx;), hence all the extra smilies. I created a new :wink: label, removed // the ;) one, and replace all genuine ;) by :wink: before escaping the body. // (What took us so long? :blush:)- wyz $s = str_replace(";)", ":wink:", $s); if ($strip_html) { $s = htmlspecialchars($s); } // [php]php code[/php] $s = preg_replace_callback("/\\[php\\]((\\s|.)+?)\\[\\/php\\]/ims", "source_highlighter", $s); // [sql]sql code[/sql] $s = preg_replace_callback("/\\[sql\\]((\\s|.)+?)\\[\\/sql\\]/ims", "source_highlighter", $s); // [html]html code[/html] $s = preg_replace_callback("/\\[html\\]((\\s|.)+?)\\[\\/html\\]/ims", "source_highlighter", $s); // format urls $s = format_urls($s); // [url=http://www.example.com]Text[/url] $s = preg_replace_callback("/\\[url=([^()<>\\s]+?)\\]((\\s|.)+?)\\[\\/url\\]/i", "islocal", $s); // [url]http://www.example.com[/url] $s = preg_replace_callback("/\\[url\\]([^()<>\\s]+?)\\[\\/url\\]/i", "islocal", $s); // [*] $s = preg_replace("/\\[\\*\\]/", "<li>", $s); // [b]Bold[/b] $s = preg_replace("/\\[b\\]((\\s|.)+?)\\[\\/b\\]/", "<b>\\1</b>", $s); // [i]Italic[/i] $s = preg_replace("/\\[i\\]((\\s|.)+?)\\[\\/i\\]/", "<i>\\1</i>", $s); // [u]Underline[/u] $s = preg_replace("/\\[u\\]((\\s|.)+?)\\[\\/u\\]/", "<u>\\1</u>", $s); // [u]Underline[/u] // the [you] tag $s = preg_replace("/\\[you\\]/i", $CURUSER['username'], $s); // Dynamic Vars $s = dynamic_user_vars($s); $s = preg_replace("/\\[u\\]((\\s|.)+?)\\[\\/u\\]/i", "<u>\\1</u>", $s); // YouTube Vids $s = preg_replace("/\\[video=[^\\s'\"<>]*youtube.com.*v=([^\\s'\"<>]+)\\]/ims", "<object width=\"500\" height=\"410\"><param name=\"movie\" value=\"http://www.youtube.com/v/\\1\"></param><embed src=\"http://www.youtube.com/v/\\1\" type=\"application/x-shockwave-flash\" width=\"500\" height=\"410\"></embed></object>", $s); // Google Vids $s = preg_replace("/\\[video=[^\\s'\"<>]*video.google.com.*docid=(-?[0-9]+).*\\]/ims", "<embed style=\"width:500px; height:410px;\" id=\"VideoPlayback\" align=\"middle\" type=\"application/x-shockwave-flash\" src=\"http://video.google.com/googleplayer.swf?docId=\\1\" allowScriptAccess=\"sameDomain\" quality=\"best\" bgcolor=\"#ffffff\" scale=\"noScale\" wmode=\"window\" salign=\"TL\" FlashVars=\"playerMode=embedded\"> </embed>", $s); // [highlight]Highlight text[/highlight] $s = preg_replace("/\\[highlight\\]((\\s|.)+?)\\[\\/highlight\\]/", "<table border=0 cellspacing=0 cellpadding=1>" . "<tr><td bgcolor=green><b>\\1</b></td></tr>" . "</table>", $s); // [marquee]Marquee[/marquee] $s = preg_replace("/\\[marquee\\]((\\s|.)+?)\\[\\/marquee\\]/", "<marquee>\\1</marquee>", $s); // [blink]blink[/blink] $s = preg_replace("/\\[blink\\]((\\s|.)+?)\\[\\/blink\\]/", "<blink>\\1</blink>", $s); // [mcom]Text[/mcom] $s = preg_replace("/\\[mcom\\]\\s*((\\s|.)+?)\\s*\\[\\/mcom\\]\\s*/i", "<span style=\"font-size: 18pt; line-height: 50%;\">\n <div style=\"border-color: red; background-color: red; color: white; text-align: center; font-weight: bold; font-size: large;\">\n <b>\\1</b>\n </div>\n </span>", $s); // [color=blue]Text[/color] $s = preg_replace("/\\[color=([a-zA-Z]+)\\]((\\s|.)+?)\\[\\/color\\]/i", "<font color=\\1>\\2</font>", $s); // [color=#ffcc99]Text[/color] $s = preg_replace("/\\[color=(#[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9])\\]((\\s|.)+?)\\[\\/color\\]/i", "<font color=\\1>\\2</font>", $s); // [size=4]Text[/size] $s = preg_replace("/\\[size=([1-7])\\]((\\s|.)+?)\\[\\/size\\]/i", "<font size=\\1>\\2</font>", $s); // [font=Arial]Text[/font] $s = preg_replace("/\\[font=([a-zA-Z ,]+)\\]((\\s|.)+?)\\[\\/font\\]/i", "<font face=\"\\1\">\\2</font>", $s); // Quotes $s = format_quotes($s); // URLs // $s = format_local_urls($s); // Linebreaks $s = nl2br($s); // [pre]Preformatted[/pre] $s = preg_replace("/\\[pre\\]((\\s|.)+?)\\[\\/pre\\]/i", "<tt><nobr>\\1</nobr></tt>", $s); // [nfo]NFO-preformatted[/nfo] $s = preg_replace("/\\[nfo\\]((\\s|.)+?)\\[\\/nfo\\]/i", "<tt><nobr><font face='MS Linedraw' size=2 style='font-size: 10pt; line-height: " . "10pt'>\\1</font></nobr></tt>", $s); // Maintain spacing $s = str_replace(" ", " ", $s); // ////////////////// $s = preg_replace("#<(\\s+?)?s(\\s+?)?c(\\s+?)?r(\\s+?)?i(\\s+?)?p(\\s+?)?t#is", "<script", $s); $s = preg_replace("#<(\\s+?)?/(\\s+?)?s(\\s+?)?c(\\s+?)?r(\\s+?)?i(\\s+?)?p(\\s+?)?t#is", "</script", $s); $s = preg_replace("/javascript/i", "javascript", $s); $s = preg_replace("/alert/i", "alert", $s); $s = preg_replace("/about:/i", "about:", $s); $s = preg_replace("/onmouseover/i", "onmouseover", $s); $s = preg_replace("/onclick/i", "onclick", $s); $s = preg_replace("/onsubmit/i", "onsubmit", $s); $s = preg_replace("/<body/i", "<body", $s); $s = preg_replace("/<html/i", "<html", $s); $s = preg_replace("/document\\./i", "document.", $s); // /////// $s = preg_replace_callback("/\\[img\\](http:\\/\\/[^\\s'\"<>]+(\\.(jpg|gif|png)))\\[\\/img\\]/i", "scale", $s); $s = preg_replace_callback("/\\[img=(http:\\/\\/[^\\s'\"<>]+(\\.(gif|jpg|png)))\\]/i", "scale", $s); // [hr=xxx]/[hr=xxx%]/[hr=xxxpt]/[hr=xxxpx] $s = preg_replace("/\\[hr(\\=([0-9]{1,4})(%|px|pt)?)\\]/i", "<hr align=center width=\"\\1\" />", $s); // [hr] $s = str_replace("[hr]", "<hr>", $s); // [center] $s = preg_replace("/\\[center\\]((\\s|.)+?)\\[\\/center\\]/i", "<div align='center'><tt><nobr><font face='Verdana' size=2 style='font-size: 10pt; line-height: " . "10pt'>\\1</font></nobr></tt></div>", $s); // [Spoiler]TEXT[/Spoiler] $s = preg_replace("/\\[spoiler\\]((\\s|.)+?)\\[\\/spoiler\\]/", "<div class=\"smallfont\" align=\"center\">\n <small><b><blink>Click the button to show/hide Spoiler.</blink><br></b></small><input type=\"button\" value=\"Show\" style=\"width:75px;font-size:10px;margin:0px;padding:0px;\" onclick=\"if (this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display != '') { this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display = '';this.innerText = ''; this.value = 'Hide'; } else { this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display = 'none'; this.innerText = ''; this.value = 'Show'; }\">\n <div style=\"margin: 10px; padding: 10px; border: 1px inset;\" align=\"left\"><div style=\"display: none;\">\\1</div></div></div>", $s); // [s]Stroke[/s] $s = preg_replace("/\\[s\\]((\\s|.)+?)\\[\\/s\\]/", "<s>\\1</s>", $s); //[align=(center|left|right|justify)]text[/align] $s = preg_replace("/\\[align=([a-zA-Z]+)\\]((\\s|.)+?)\\[\\/align\\]/i", "<div style=\"text-align:\\1\">\\2</div>", $s); //[mail]mail[/mail] $s = preg_replace("/\\[mail\\]((\\s|.)+?)\\[\\/mail\\]/i", "<a href=\"mailto:\\1\" targe=\"_blank\">\\1</a>", $s); // bad words $badwords_pattern = "/\\b(asshole|assshole|f**k|c**t|bastard|fcuk|f**k|tosser|fcck|cnut|bollocks|f****r|cunty|arseholes|f*****t|s******d|fuckface|m**********r|c**k|c********r|shag|w***e|dickhead|prick|f****t|crack|serial|keygen|tit|cvnt|bar steward|piss|fanny|bitch|arse|f****n|f*****g|fuckface|knob head|fuckhead|knob end|f**k|c**t|twat|wanker|bastard|shit|fvck|hoe|fookin|fooking|f**k|ass|ass wipe|ass wipes)\\b/i"; $badwords_replace = "<img src=pic/censored.png />"; $s = preg_replace($badwords_pattern, $badwords_replace, $s); reset($smilies); while (list($code, $url) = each($smilies)) { $s = str_replace($code, "<img border=0 src=\"{$pic_base_url}smilies/{$url}\" alt=\"" . htmlspecialchars($code) . "\" />", $s); } reset($privatesmilies); while (list($code, $url) = each($privatesmilies)) { $s = str_replace($code, "<img border=0 src=\"{$pic_base_url}smilies/{$url}\" />", $s); } reset($customsmilies); while (list($code, $url) = each($customsmilies)) { $s = str_replace($code, "<img border=0 src=\"/pic/smilies/{$url}\" alt=\"" . htmlspecialchars($code) . "\" />", $s); } return $s; }
function emailUser($to, $subject, $message) { $to = is_array($to) ? array_unique($to) : array($to); //dev limiting if ($limit = getOption('email_limit')) { $to = array_intersect($limit, $to); } //do a little maintenance if (!($tocount = count($to))) { return false; } for ($i = 0; $i < $tocount; $i++) { if (empty($to[$i])) { unset($to[$i]); } elseif (url_tld() == 'site' && !in_array($to[$i], array('*****@*****.**', '*****@*****.**', '*****@*****.**', '*****@*****.**'))) { unset($to[$i]); } } if (!($tocount = count($to))) { return false; } //repeat subject and basic formatting $message = '<div style="font-family:Verdana;font-size:11px;line-height:17px;"><h1 style="font-weight:normal;font-size:20px;margin:0px 0px 10px 0px">' . $subject . '</h1>' . $message . '</div>'; //send $result = email($to, $message, $subject); //keep a record foreach ($to as $t) { db_query('INSERT INTO emails ( address, subject, message, created_date, created_user, was_sent ) VALUES ( \'' . $t . '\', \'' . format_quotes($subject) . '\', \'' . format_quotes($message) . '\', GETDATE(), ' . user('NULL') . ', ' . format_boolean($result, '1|0') . ' )'); } return $result; }
function format_comment($text, $strip_html = true, $urls = true, $images = true) { global $smilies, $staff_smilies, $customsmilies, $INSTALLER09, $CURUSER; $s = $text; unset($text); // This fixes the extraneous ;) smilies problem. When there was an html escaped // char before a closing bracket - like >), "), ... - this would be encoded // to &xxx;), hence all the extra smilies. I created a new :wink: label, removed // the ;) one, and replace all genuine ;) by :wink: before escaping the body. // (What took us so long? :blush:)- wyz $s = str_replace(';)', ':wink:', $s); // fix messed up links $s = str_replace('&', '&', $s); if ($strip_html) { $s = htmlsafechars($s, ENT_QUOTES, charset()); } if (preg_match("#function\\s*\\((.*?)\\|\\|#is", $s)) { $s = str_replace(":", ":", $s); $s = str_replace("[", "[", $s); $s = str_replace("]", "]", $s); $s = str_replace(")", ")", $s); $s = str_replace("(", "(", $s); $s = str_replace("{", "{", $s); $s = str_replace("}", "}", $s); $s = str_replace("\$", "$", $s); } // BBCode to find... $bb_code_in = array('/\\[b\\]\\s*((\\s|.)+?)\\s*\\[\\/b\\]/i', '/\\[i\\]\\s*((\\s|.)+?)\\s*\\[\\/i\\]/i', '/\\[u\\]\\s*((\\s|.)+?)\\s*\\[\\/u\\]/i', '/\\[email\\](.*?)\\[\\/email\\]/i', '/\\[align=([a-zA-Z]+)\\]((\\s|.)+?)\\[\\/align\\]/i', '/\\[blockquote\\]\\s*((\\s|.)+?)\\s*\\[\\/blockquote\\]/i', '/\\[strike\\]\\s*((\\s|.)+?)\\s*\\[\\/strike\\]/i', '/\\[s\\]\\s*((\\s|.)+?)\\s*\\[\\/s\\]/i', '/\\[pre\\]\\s*((\\s|.)+?)\\s*\\[\\/pre\\]/i', '/\\[marquee\\](.*?)\\[\\/marquee\\]/i', '/\\[collapse=(.*?)\\]\\s*((\\s|.)+?)\\s*\\[\\/collapse\\]/i', '/\\[size=([1-7])\\]\\s*((\\s|.)+?)\\s*\\[\\/size\\]/i', '/\\[color=([a-zA-Z]+)\\]\\s*((\\s|.)+?)\\s*\\[\\/color\\]/i', '/\\[color=(#[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9])\\]\\s*((\\s|.)+?)\\s*\\[\\/color\\]/i', '/\\[font=([a-zA-Z ,]+)\\]((\\s|.)+?)\\[\\/font\\]/i', '/\\[spoiler\\]\\s*((\\s|.)+?)\\s*\\[\\/spoiler\\]/i', '/\\[video=[^\\s\'"<>]*youtube.com.*v=([^\\s\'"<>]+)\\]/ims', "/\\[video=[^\\s'\"<>]*video.google.com.*docid=(-?[0-9]+).*\\]/ims", '/\\[audio\\](http:\\/\\/[^\\s\'"<>]+(\\.(mp3|aiff|wav)))\\[\\/audio\\]/i', '/\\[list=([0-9]+)\\]((\\s|.)+?)\\[\\/list\\]/i', '/\\[list\\]((\\s|.)+?)\\[\\/list\\]/i', '/\\[\\*\\]\\s?(.*?)\\n/i', '/\\[li\\]\\s?(.*?)\\n/i', '/\\[hr\\]/'); // And replace them by... $bb_code_out = array('<span style="font-weight: bold;">\\1</span>', '<span style="font-style: italic;">\\1</span>', '<span style="text-decoration: underline;">\\1</span>', '<a class="altlink" href="mailto:\\1">\\1</a>', '<div style="text-align: \\1;">\\2</div>', '<blockquote class="style"><span>\\1</span></blockquote>', '<span style="text-decoration: line-through;">\\1</span>', '<span style="text-decoration: line-through;">\\1</span>', '<span style="white-space: nowrap;">\\1</span>', '<marquee class="style">\\1</marquee>', '<div style="padding-top: 2px; white-space: nowrap"><span style="cursor: hand; cursor: pointer; border-bottom: 1px dotted" onclick="if (document.getElementById(\'collapseobj\\1\').style.display==\'block\') {document.getElementById(\'collapseobj\\1\').style.display=\'none\' } else { document.getElementById(\'collapseobj\\1\').style.display=\'block\' }">\\1</span></div><div id="collapseobj\\1" style="display:none; padding-top: 2px; padding-left: 14px; margin-bottom:10px; padding-bottom: 2px; background-color: #FEFEF4;">\\2</div>', '<span class="size\\1">\\2</span>', '<span style="color:\\1;">\\2</span>', '<span style="color:\\1;">\\2</span>', '<span style="font-family:\'\\1\';">\\2</span>', '<table cellspacing="0" cellpadding="10"><tr><td class="forum_head_dark" style="padding:5px">Spoiler! to view, roll over the spoiler box.</td></tr><tr><td class="spoiler"><a href="#">\\1</a></td></tr></table><br />', '<object width="500" height="410"><param name="movie" value="http://www.youtube.com/v/\\1"></param><embed src="http://www.youtube.com/v/\\1" type="application/x-shockwave-flash" width="500" height="410"></embed></object>', "<embed style=\"width:500px; height:410px;\" id=\"VideoPlayback\" align=\"middle\" type=\"application/x-shockwave-flash\" src=\"http://video.google.com/googleplayer.swf?docId=\\1\" allowScriptAccess=\"sameDomain\" quality=\"best\" bgcolor=\"#ffffff\" scale=\"noScale\" wmode=\"window\" salign=\"TL\" FlashVars=\"playerMode=embedded\"> </embed>", '<span style="text-align: center;"><p>Audio From: \\1</p><embed type="application/x-shockwave-flash" src="http://www.google.com/reader/ui/3247397568-audio-player.swf?audioUrl=\\1" width="400" height="27" allowscriptaccess="never" quality="best" bgcolor="#ffffff" wmode="window" flashvars="playerMode=embedded" /></span>', '<ol class="style" start="\\1">\\2</ol>', '<ul class="style">\\1</ul>', '<li>\\1</li>', '<li>\\1</li>', '<hr />'); $s = preg_replace($bb_code_in, $bb_code_out, $s); if ($urls) { $s = format_urls($s); } if (stripos($s, '[url') !== false && $urls) { $s = preg_replace_callback("/\\[url=([^()<>\\s]+?)\\](.+?)\\[\\/url\\]/is", "islocal", $s); // [url]http://www.example.com[/url] $s = preg_replace_callback("/\\[url\\]([^()<>\\s]+?)\\[\\/url\\]/is", "islocal", $s); } // Linebreaks $s = nl2br($s); // Dynamic Vars $s = dynamic_user_vars($s); // [pre]Preformatted[/pre] if (stripos($s, '[pre]') !== false) { $s = preg_replace("/\\[pre\\]((\\s|.)+?)\\[\\/pre\\]/i", "<tt><span style=\"white-space: nowrap;\">\\1</span></tt>", $s); } // [nfo]NFO-preformatted[/nfo] if (stripos($s, '[nfo]') !== false) { $s = preg_replace("/\\[nfo\\]((\\s|.)+?)\\[\\/nfo\\]/i", "<tt><span style=\"white-space: nowrap;\"><font face='MS Linedraw' size='2' style='font-size: 10pt; line-height:" . "10pt'>\\1</font></span></tt>", $s); } //==Media tag if (stripos($s, '[media=') !== false) { $s = preg_replace("#\\[media=(youtube|liveleak|GameTrailers|vimeo|imdb)\\](.+?)\\[/media\\]#ies", "_MediaTag('\\2','\\1')", $s); } if (stripos($s, '[img') !== false && $images) { // [img=http://www/image.gif] $s = preg_replace("/\\[img\\]((http|https):\\/\\/[^\\s'\"<>]+(\\.(jpg|gif|png|bmp)))\\[\\/img\\]/i", "<a href=\"\\1\" rel=\"lightbox\"><img src=\"\\1\" border=\"0\" alt=\"\" style=\"max-width: 150px;\" /></a>", $s); // [img=http://www/image.gif] $s = preg_replace("/\\[img=((http|https):\\/\\/[^\\s'\"<>]+(\\.(gif|jpg|png|bmp)))\\]/i", "<a href=\"\\1\" rel=\"lightbox\"><img src=\"\\1\" border=\"0\" alt=\"\" style=\"max-width: 150px;\" /></a>", $s); } // [mcom]Text[/mcom] if (stripos($s, '[mcom]') !== false) { $s = preg_replace("/\\[mcom\\](.+?)\\[\\/mcom\\]/is", "<div style=\"font-size: 18pt; line-height: 50%;\">\r\n <div style=\"border-color: red; background-color: red; color: white; text-align: center; font-weight: bold; font-size: large;\"><b>\\1</b></div></div>", $s); } // the [you] tag if (stripos($s, '[you]') !== false) { $s = preg_replace("/\\[you\\]/i", $CURUSER['username'], $s); } // [php]code[/php] if (stripos($s, '[php]') !== false) { $s = preg_replace("#\\[(php|sql|html)\\](.+?)\\[\\/\\1\\]#ise", "source_highlighter('\\2','\\1')", $s); } // Maintain spacing $s = str_replace(' ', ' ', $s); if (isset($smilies)) { foreach ($smilies as $code => $url) { $s = str_replace($code, "<img border='0' src=\"{$INSTALLER09['pic_base_url']}smilies/{$url}\" alt=\"\" />", $s); //$s = str_replace($code, '<span id="'.$attr.'"></span>', $s); } } if (isset($staff_smilies)) { foreach ($staff_smilies as $code => $url) { $s = str_replace($code, "<img border='0' src=\"{$INSTALLER09['pic_base_url']}smilies/{$url}\" alt=\"\" />", $s); //$s = str_replace($code, '<span id="'.$attr.'"></span>', $s); } } if (isset($customsmilies)) { foreach ($customsmilies as $code => $url) { $s = str_replace($code, "<img border='0' src=\"{$INSTALLER09['pic_base_url']}smilies/{$url}\" alt=\"\" />", $s); //$s = str_replace($code, '<span id="'.$attr.'"></span>', $s); } } $s = format_quotes($s); $s = check_BBcode($s); return $s; }
/** * Convert string to bbcodes. * * @param string $s the string to convert * @return string the converted string */ function bbcodes($s) { $s = preg_replace("#\\[h1\\]((\\s|.)+?)\\[\\/h1\\]#is", "<h1>\\1</h1>", $s); $s = preg_replace("#\\[h2\\]((\\s|.)+?)\\[\\/h2\\]#is", "<h2>\\1</h2>", $s); $s = preg_replace("#\\[h3\\]((\\s|.)+?)\\[\\/h3\\]#is", "<h3>\\1</h3>", $s); $s = preg_replace("#\\[h4\\]((\\s|.)+?)\\[\\/h4\\]#is", "<h4>\\1</h4>", $s); $s = str_replace(array("[ul]", "[/ul]"), array("<ul>", "</ul>"), $s); $s = preg_replace("#\\[li\\]((\\s|.)+?)\\[\\/li\\]#is", "<li>\\1</li>", $s); $s = preg_replace("#\\[b\\]((\\s|.)+?)\\[\\/b\\]#is", "<b>\\1</b>", $s); $s = preg_replace("#\\[i\\]((\\s|.)+?)\\[\\/i\\]#is", "<i>\\1</i>", $s); $s = preg_replace("#\\[u\\]((\\s|.)+?)\\[\\/u\\]#is", "<u>\\1</u>", $s); $s = preg_replace("#\\[u\\]((\\s|.)+?)\\[\\/u\\]#is", "<u>\\1</u>", $s); $s = preg_replace("#\\[img\\](http:\\/\\/[^\\s'\"<>]+(\\.(jpg|gif|png)))\\[\\/img\\]#is", "<img border=\"0\" src=\"\\1\" alt='' />", $s); $s = preg_replace("#\\[img=(http:\\/\\/[^\\s'\"<>]+(\\.(gif|jpg|png)))\\]\\[\\/img\\]#is", "<img border=\"0\" src=\"\\1\" alt='' />", $s); $s = preg_replace("/\\[color=([a-zA-Z]+)\\]((\\s|.)+?)\\[\\/color\\]/i", "<font color='\\1'>\\2</font>", $s); $s = preg_replace("#\\[color=(\\#[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9])\\]((\\s|.)+?)\\[\\/color\\]#is", "<font color='\\1'>\\2</font>", $s); $s = preg_replace("#\\[url=([^()<>\\s]+?)\\]((\\s|.)+?)\\[\\/url\\]#is", "<a href=\"\\1\" target=\"_blank\">\\2</a>", $s); $s = preg_replace("#\\[url\\]([^()<>\\s]+?)\\[\\/url\\]#is", "<a href=\"\\1\" target=\"_blank\">\\1</a>", $s); $s = preg_replace("#\\[size=([1-7])\\]((\\s|.)+?)\\[\\/size\\]#is", "<font size='\\1'>\\2</font>", $s); $s = preg_replace("#\\[font=([a-zA-Z ,]+)\\]((\\s|.)+?)\\[\\/font\\]#is", "<font face=\"\\1\">\\2</font>", $s); $s = format_quotes($s); return $s; }
} elseif (!$_josh["is_secure"] && $_josh["request"]["protocol"] != "http") { url_change("http://" . $_josh["request"]["host"] . $_josh["request"]["path_query"]); } } //escape quotes if necessary $_josh["getting"] = !empty($_GET); if ($_josh["getting"]) { foreach ($_GET as $key => $value) { $_GET[$key] = format_quotes($value); } } $_josh["posting"] = !empty($_POST); if ($_josh["posting"]) { foreach ($_POST as $key => $value) { if (is_string($_POST[$key])) { $_POST[$key] = format_quotes($value); } } } //extract for easier accessibility extract($_josh); //special functions that don't fit into a category (yet) function configure() { global $_josh; error_debug("<b>configure</b> running"); $filename = isset($_josh["config"]) ? $_josh["config"] : "/_site/config-" . $_josh["request"]["sanswww"] . ".php"; if (file_exists($filename)) { error_debug("<b>configure</b> found file"); require $filename; } elseif (file_exists($_josh["root"] . $filename)) {
function bbcodes($s) { $acl = new Acl(USER_ID); $s = preg_replace("#\\[h1\\]((\\s|.)+?)\\[\\/h1\\]#is", "<h1>\\1</h1>", $s); $s = preg_replace("#\\[h2\\]((\\s|.)+?)\\[\\/h2\\]#is", "<h2>\\1</h2>", $s); $s = preg_replace("#\\[h3\\]((\\s|.)+?)\\[\\/h3\\]#is", "<h3>\\1</h3>", $s); $s = preg_replace("#\\[h4\\]((\\s|.)+?)\\[\\/h4\\]#is", "<h4>\\1</h4>", $s); $s = str_replace(array("[ul]", "[/ul]"), array("<ul>", "</ul>"), $s); // [li]li[/li] $s = preg_replace("#\\[li\\]((\\s|.)+?)\\[\\/li\\]#is", "<li>\\1</li>", $s); // [b]Bold[/b] $s = preg_replace("#\\[b\\]((\\s|.)+?)\\[\\/b\\]#is", "<b>\\1</b>", $s); // [i]Italic[/i] $s = preg_replace("#\\[i\\]((\\s|.)+?)\\[\\/i\\]#is", "<i>\\1</i>", $s); // [u]Underline[/u] $s = preg_replace("#\\[u\\]((\\s|.)+?)\\[\\/u\\]#is", "<u>\\1</u>", $s); // [u]Underline[/u] $s = preg_replace("#\\[u\\]((\\s|.)+?)\\[\\/u\\]#is", "<u>\\1</u>", $s); // [img]http://www/image.gif[/img] $s = preg_replace("#\\[img\\](http:\\/\\/[^\\s'\"<>]+(\\.(jpg|gif|png)))\\[\\/img\\]#is", "<img border=\"0\" src=\"\\1\" alt='' />", $s); // [img=http://www/image.gif] $s = preg_replace("#\\[img=(http:\\/\\/[^\\s'\"<>]+(\\.(gif|jpg|png)))\\]\\[\\/img\\]#is", "<img border=\"0\" src=\"\\1\" alt='' />", $s); // [color=blue]Text[/color] // [color=#ffcc99]Text[/color] $s = preg_replace("/\\[color=([a-zA-Z]+)\\]((\\s|.)+?)\\[\\/color\\]/i", "<font color='\\1'>\\2</font>", $s); $s = preg_replace("#\\[color=(\\#[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9])\\]((\\s|.)+?)\\[\\/color\\]#is", "<font color='\\1'>\\2</font>", $s); // [url=http://www.example.com]Text[/url] $s = preg_replace("#\\[url=([^()<>\\s]+?)\\]((\\s|.)+?)\\[\\/url\\]#is", "<a href=\"\\1\" target=\"_blank\">\\2</a>", $s); // [url]http://www.example.com[/url] $s = preg_replace("#\\[url\\]([^()<>\\s]+?)\\[\\/url\\]#is", "<a href=\"\\1\" target=\"_blank\">\\1</a>", $s); // [size=4]Text[/size] $s = preg_replace("#\\[size=([1-7])\\]((\\s|.)+?)\\[\\/size\\]#is", "<font size='\\1'>\\2</font>", $s); // [font=Arial]Text[/font] $s = preg_replace("#\\[font=([a-zA-Z ,]+)\\]((\\s|.)+?)\\[\\/font\\]#is", "<font face=\"\\1\">\\2</font>", $s); $s = format_quotes($s); return $s; }
function format_comment($text, $strip_html = true) { global $smilies, $CURUSER, $customsmilies, $TBDEV; $s = $text; $s = validate_imgs($s); $s = str_replace("][", "] [", $s); unset($text); // This fixes the extraneous ;) smilies problem. When there was an html escaped // char before a closing bracket - like >), "), ... - this would be encoded // to &xxx;), hence all the extra smilies. I created a new :wink: label, removed // the ;) one, and replace all genuine ;) by :wink: before escaping the body. // (What took us so long? :blush:)- wyz $s = str_replace(";)", ":wink:", $s); if ($strip_html) { $s = htmlentities($s, ENT_QUOTES); } if (preg_match("#function\\s*\\((.*?)\\|\\|#is", $s)) { $s = str_replace(":", ":", $s); $s = str_replace("[", "[", $s); $s = str_replace("]", "]", $s); $s = str_replace(")", ")", $s); $s = str_replace("(", "(", $s); $s = str_replace("{", "{", $s); $s = str_replace("}", "}", $s); $s = str_replace("\$", "$", $s); } // [*] if (stripos($s, '[*]') !== false) { $s = preg_replace("/\\[\\*\\]/", "<img src=\"" . $TBDEV['pic_base_url'] . "list.gif\" alt=\"List\" title=\"List\" class=\"listitem\" />", $s); } // [b]Bold[/b] if (stripos($s, '[b]') !== false) { $s = preg_replace('/\\[b\\](.+?)\\[\\/b\\]/is', "<b>\\1</b>", $s); } // [i]Italic[/i] if (stripos($s, '[i]') !== false) { $s = preg_replace('/\\[i\\](.+?)\\[\\/i\\]/is', "<i>\\1</i>", $s); } // [u]Underline[/u] if (stripos($s, '[u]') !== false) { $s = preg_replace('/\\[u\\](.+?)\\[\\/u\\]/is', "<span style='text-decoration:underline;'>\\1</span>", $s); } // [color=blue]Text[/color] if (stripos($s, '[color=') !== false) { $s = preg_replace('/\\[color=([a-zA-Z]+)\\](.+?)\\[\\/color\\]/is', '<span style="color: \\1">\\2</span>', $s); // [color=#ffcc99]Text[/color] $s = preg_replace('/\\[color=(#[a-f0-9]{6})\\](.+?)\\[\\/color\\]/is', '<span style="color: \\1">\\2</span>', $s); } //==Media tag if (stripos($s, '[media=') !== false) { $s = preg_replace("#\\[media=(youtube|liveleak|GameTrailers|imdb)\\](.+?)\\[/media\\]#ies", "_MediaTag('\\2','\\1')", $s); $s = preg_replace("#\\[media=(youtube|liveleak|GameTrailers|vimeo)\\](.+?)\\[/media\\]#ies", "_MediaTag('\\2','\\1')", $s); } //--img if (stripos($s, '[img') !== false) { $s = preg_replace_callback("/\\[img\\](http:\\/\\/[^\\s'\"<>]+(\\.(jpg|gif|png)))\\[\\/img\\]/i", "scale", $s); $s = preg_replace_callback("/\\[img=(http:\\/\\/[^\\s'\"<>]+(\\.(gif|jpg|png)))\\]/i", "scale", $s); } // [size=4]Text[/size] if (stripos($s, '[size=') !== false) { $s = preg_replace('/\\[size=([1-7])\\](.+?)\\[\\/size\\]/is', "<span class='size\\1'>\\2</span>", $s); } // [font=Arial]Text[/font] if (stripos($s, '[font=') !== false) { $s = preg_replace('/\\[font=([a-zA-Z ,]+)\\](.+?)\\[\\/font\\]/is', '<span style="font-family: \\1">\\2</span>', $s); } // [s]Stroke[/s] if (stripos($s, '[s]') !== false) { $s = preg_replace("/\\[s\\](.+?)\\[\\/s\\]/is", "<s>\\1</s>", $s); } // the [you] tag if (stripos($s, '[you]') !== false) { $s = preg_replace("/\\[you\\]/i", $CURUSER['username'], $s); } // Dynamic Vars $s = dynamic_user_vars($s); // [Spoiler]TEXT[/Spoiler] if (stripos($s, '[spoiler]') !== false) { $s = preg_replace("/\\[spoiler\\](.+?)\\[\\/spoiler\\]/is", "<div class=\"smallfont\" align=\"left\">\r\n <input type=\"button\" value=\"Show\" style=\"width:75px;font-size:10px;margin:0px;padding:0px;\" onclick=\"if (this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display != '') { this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display = '';this.innerText = ''; this.value = 'Hide'; } else { this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display = 'none'; this.innerText = ''; this.value = 'Show'; }\" />\r\n <div style=\"margin: 10px; padding: 10px; border: 1px inset;\" align=\"left\"><div style=\"display: none;\">\\1</div></div></div>", $s); } // [mcom]Text[/mcom] if (stripos($s, '[mcom]') !== false) { $s = preg_replace("/\\[mcom\\](.+?)\\[\\/mcom\\]/is", "<div style=\"font-size: 18pt; line-height: 50%;\">\r\n <div style=\"border-color: red; background-color: red; color: white; text-align: center; font-weight: bold; font-size: large;\"><b>\\1</b></div></div>", $s); } // [php]php code[/php] if (stripos($s, '[php]') !== false) { $s = preg_replace_callback("/\\[php\\](.+?)\\[\\/php\\]/ims", "source_highlighter", $s); } // [sql]sql code[/sql] if (stripos($s, '[sql]') !== false) { $s = preg_replace_callback("/\\[sql\\](.+?)\\[\\/sql\\]/ims", "source_highlighter", $s); } // [html]html code[/html] if (stripos($s, '[html]') !== false) { $s = preg_replace_callback("/\\[html\\](.+?)\\[\\/html\\]/ims", "source_highlighter", $s); } //[mail]mail[/mail] if (stripos($s, '[mail]') !== false) { $s = preg_replace("/\\[mail\\](.+?)\\[\\/mail\\]/is", "<a href=\"mailto:\\1\" targe=\"_blank\">\\1</a>", $s); } //[align=(center|left|right|justify)]text[/align] if (stripos($s, '[align=') !== false) { $s = preg_replace("/\\[align=([a-zA-Z]+)\\](.+?)\\[\\/align\\]/is", "<div style=\"text-align:\\1\">\\2</div>", $s); } // Quotes $s = format_quotes($s); // URLs $s = format_urls($s); // $s = format_local_urls($s); // [url=http://www.example.com]Text[/url] if (stripos($s, '[url') !== false) { $s = preg_replace_callback("/\\[url=([^()<>\\s]+?)\\](.+?)\\[\\/url\\]/is", "islocal", $s); // [url]http://www.example.com[/url] $s = preg_replace_callback("/\\[url\\]([^()<>\\s]+?)\\[\\/url\\]/is", "islocal", $s); } // Linebreaks $s = nl2br($s); // [pre]Preformatted[/pre] if (stripos($s, '[pre]') !== false) { $s = preg_replace("/\\[pre\\](.+?)\\[\\/pre\\]/is", "<tt><span style=\"white-space: nowrap;\">\\1</span></tt>", $s); } // [nfo]NFO-preformatted[/nfo] if (stripos($s, '[nfo]') !== false) { $s = preg_replace("/\\[nfo\\](.+?)\\[\\/nfo\\]/i", "<tt><span style=\"white-space: nowrap;\"><font face='MS Linedraw' size='2' style='font-size: 10pt; line-height: " . "10pt'>\\1</font></span></tt>", $s); } // Maintain spacing $s = str_replace(" ", " ", $s); //==Smilies if (isset($smilies)) { foreach ($smilies as $code => $url) { $s = str_replace($code, "<img border='0' src=\"{$TBDEV['pic_base_url']}smilies/{$url}\" alt=\"" . htmlspecialchars($code) . "\" />", $s); } } if (isset($customsmilies)) { foreach ($customsmilies as $code => $url) { $s = str_replace($code, "<img border='0' src=\"{$TBDEV['pic_base_url']}smilies/{$url}\" alt=\"" . htmlspecialchars($code) . "\" />", $s); } } return $s; }
function format_comment($text, $strip_html = true, $xssclean = false, $newtab = false, $imageresizer = true, $image_max_width = 700, $enableimage = true, $enableflash = true, $imagenum = -1, $image_max_height = 0, $adid = 0) { global $lang_functions; global $CURUSER, $SITENAME, $BASEURL, $enableattach_attachment; global $tempCode, $tempCodeCount; $tempCode = array(); $tempCodeCount = 0; $imageresizer = $imageresizer ? 1 : 0; $s = $text; if ($strip_html) { $s = htmlspecialchars($s); } // Linebreaks $s = nl2br($s); if (strpos($s, "[code]") !== false && strpos($s, "[/code]") !== false) { $s = preg_replace("/\\[code\\](.+?)\\[\\/code\\]/eis", "formatCode('\\1')", $s); } $originalBbTagArray = array('[siteurl]', '[site]', '[*]', '[b]', '[/b]', '[i]', '[/i]', '[u]', '[/u]', '[pre]', '[/pre]', '[/color]', '[/font]', '[/size]', " "); $replaceXhtmlTagArray = array(get_protocol_prefix() . $BASEURL, $SITENAME, '<img class="listicon listitem" src="pic/trans.gif" alt="list" />', '<b>', '</b>', '<i>', '</i>', '<u>', '</u>', '<pre>', '</pre>', '</span>', '</font>', '</font>', ' '); $s = str_replace($originalBbTagArray, $replaceXhtmlTagArray, $s); $originalBbTagArray = array("/\\[font=([^\\[\\(&\\;]+?)\\]/is", "/\\[color=([#0-9a-z]{1,15})\\]/is", "/\\[color=([a-z]+)\\]/is", "/\\[size=([1-7])\\]/is"); $replaceXhtmlTagArray = array("<font face=\"\\1\">", "<span style=\"color: \\1;\">", "<span style=\"color: \\1;\">", "<font size=\"\\1\">"); $s = preg_replace($originalBbTagArray, $replaceXhtmlTagArray, $s); if ($enableattach_attachment == 'yes' && $imagenum != 1) { $limit = 20; $s = preg_replace("/\\[attach\\]([0-9a-zA-z][0-9a-zA-z]*)\\[\\/attach\\]/ies", "print_attachment('\\1', " . ($enableimage ? 1 : 0) . ", " . ($imageresizer ? 1 : 0) . ")", $s, $limit); } if ($enableimage) { $s = preg_replace("/\\[img\\]([^\\<\r\n\"']+?)\\[\\/img\\]/ei", "formatImg('\\1'," . $imageresizer . "," . $image_max_width . "," . $image_max_height . ")", $s, $imagenum, $imgReplaceCount); $s = preg_replace("/\\[img=([^\\<\r\n\"']+?)\\]/ei", "formatImg('\\1'," . $imageresizer . "," . $image_max_width . "," . $image_max_height . ")", $s, $imagenum != -1 ? max($imagenum - $imgReplaceCount, 0) : -1); } else { $s = preg_replace("/\\[img\\]([^\\<\r\n\"']+?)\\[\\/img\\]/i", '', $s, -1); $s = preg_replace("/\\[img=([^\\<\r\n\"']+?)\\]/i", '', $s, -1); } // [flash,500,400]http://www/image.swf[/flash] if (strpos($s, "[flash") !== false) { //flash is not often used. Better check if it exist before hand if ($enableflash) { $s = preg_replace("/\\[flash(\\,([1-9][0-9]*)\\,([1-9][0-9]*))?\\]((http|ftp):\\/\\/[^\\s'\"<>]+(\\.(swf)))\\[\\/flash\\]/ei", "formatFlash('\\4', '\\2', '\\3')", $s); } else { $s = preg_replace("/\\[flash(\\,([1-9][0-9]*)\\,([1-9][0-9]*))?\\]((http|ftp):\\/\\/[^\\s'\"<>]+(\\.(swf)))\\[\\/flash\\]/i", '', $s); } } //[flv,320,240]http://www/a.flv[/flv] if (strpos($s, "[flv") !== false) { //flv is not often used. Better check if it exist before hand if ($enableflash) { $s = preg_replace("/\\[flv(\\,([1-9][0-9]*)\\,([1-9][0-9]*))?\\]((http|ftp):\\/\\/[^\\s'\"<>]+(\\.(flv)))\\[\\/flv\\]/ei", "formatFlv('\\4', '\\2', '\\3')", $s); } else { $s = preg_replace("/\\[flv(\\,([1-9][0-9]*)\\,([1-9][0-9]*))?\\]((http|ftp):\\/\\/[^\\s'\"<>]+(\\.(flv)))\\[\\/flv\\]/i", '', $s); } } // [url=http://www.example.com]Text[/url] if ($adid) { $s = preg_replace("/\\[url=([^\\[\\s]+?)\\](.+?)\\[\\/url\\]/ei", "formatAdUrl(" . $adid . " ,'\\1', '\\2', " . ($newtab == true ? 1 : 0) . ", 'faqlink')", $s); } else { $s = preg_replace("/\\[url=([^\\[\\s]+?)\\](.+?)\\[\\/url\\]/ei", "formatUrl('\\1', " . ($newtab == true ? 1 : 0) . ", '\\2', 'faqlink')", $s); } // [url]http://www.example.com[/url] $s = preg_replace("/\\[url\\]([^\\[\\s]+?)\\[\\/url\\]/ei", "formatUrl('\\1', " . ($newtab == true ? 1 : 0) . ", '', 'faqlink')", $s); $s = format_urls($s, $newtab); // Quotes if (strpos($s, "[quote") !== false && strpos($s, "[/quote]") !== false) { //format_quote is kind of slow. Better check if [quote] exists beforehand $s = format_quotes($s); } $s = preg_replace("/\\[em([1-9][0-9]*)\\]/ie", "(\\1 < 192 ? '<img src=\"pic/smilies/\\1.gif\" alt=\"[em\\1]\" />' : '[em\\1]')", $s); reset($tempCode); $j = 0; while (count($tempCode) || $j > 5) { foreach ($tempCode as $key => $code) { $s = str_replace("<tempCode_{$key}>", $code, $s, $count); if ($count) { unset($tempCode[$key]); $i = $i + $count; } } $j++; } return $s; }
<form method="get" action="./" name="mainsearchform"> Look for <input type="text" value="<?php echo @$_GET['q']; ?> " name="q" class="field" size="34"></td> </form> </div> <?php if (isset($_GET["q"])) { //assemble where clause $searchTerms = explode(' ', $_GET['q']); $counter = 0; $skips = array(); $where = array(); foreach ($searchTerms as $searchTerm) { $searchTerm = format_quotes($searchTerm); if (in_array($searchTerm, $ignored_words)) { $skips[] = $searchTerm; } else { $terms[] = $searchTerm; $where[] = 'w' . $counter . '.word = "' . $searchTerm . '"'; $joins[] = 'INNER JOIN contacts_instances_to_words i2w' . $counter . ' ON i.id = i2w' . $counter . '.instanceID INNER JOIN words w' . $counter . ' ON i2w' . $counter . '.wordID = w' . $counter . '.id'; $counter++; } } if (count($skips)) { if (count($skips) == 1) { echo drawMessage('<b>Note:</b> The word ' . $skips[0] . ' was ignored in your search.'); } else { echo drawMessage('<b>Note:</b> The words ' . formatArrayForText($skips) . ' were ignored in your search.'); }
function format_comment($text, $strip_html = true) { global $smilies, $privatesmilies, $customsmilies, $TBDEV; // 09 Seeding Bonus by Bigjoos changed $s = $text; unset($text); // This fixes the extraneous ;) smilies problem. When there was an html escaped // char before a closing bracket - like >), "), ... - this would be encoded // to &xxx;), hence all the extra smilies. I created a new :wink: label, removed // the ;) one, and replace all genuine ;) by :wink: before escaping the body. // (What took us so long? :blush:)- wyz $s = str_replace(";)", ":wink:", $s); if ($strip_html) { $s = htmlentities($s, ENT_QUOTES); } if (preg_match("#function\\s*\\((.*?)\\|\\|#is", $s)) { $s = str_replace(":", ":", $s); $s = str_replace("[", "[", $s); $s = str_replace("]", "]", $s); $s = str_replace(")", ")", $s); $s = str_replace("(", "(", $s); $s = str_replace("{", "{", $s); $s = str_replace("}", "}", $s); $s = str_replace("\$", "$", $s); } // [*] $s = preg_replace("/\\[\\*\\]/", "<li>", $s); // [b]Bold[/b] $s = preg_replace("/\\[b\\]((\\s|.)+?)\\[\\/b\\]/", "<b>\\1</b>", $s); // [i]Italic[/i] $s = preg_replace("/\\[i\\]((\\s|.)+?)\\[\\/i\\]/", "<i>\\1</i>", $s); // [u]Underline[/u] $s = preg_replace("/\\[u\\]((\\s|.)+?)\\[\\/u\\]/", "<u>\\1</u>", $s); // [u]Underline[/u] $s = preg_replace("/\\[u\\]((\\s|.)+?)\\[\\/u\\]/i", "<u>\\1</u>", $s); // [img]http://www/image.gif[/img] $s = preg_replace("/\\[img\\](http:\\/\\/[^\\s'\"<>]+(\\.(jpg|gif|png)))\\[\\/img\\]/i", "<img border=\"0\" src=\"\\1\" alt='' />", $s); // [img=http://www/image.gif] $s = preg_replace("/\\[img=(http:\\/\\/[^\\s'\"<>]+(\\.(gif|jpg|png)))\\]/i", "<img border=\"0\" src=\"\\1\" alt='' />", $s); // [color=blue]Text[/color] $s = preg_replace("/\\[color=([a-zA-Z]+)\\]((\\s|.)+?)\\[\\/color\\]/i", "<font color='\\1'>\\2</font>", $s); // [color=#ffcc99]Text[/color] $s = preg_replace("/\\[color=(#[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9])\\]((\\s|.)+?)\\[\\/color\\]/i", "<font color='\\1'>\\2</font>", $s); // [url=http://www.example.com]Text[/url] $s = preg_replace("/\\[url=([^()<>\\s]+?)\\]((\\s|.)+?)\\[\\/url\\]/i", "<a href=\"\\1\">\\2</a>", $s); // [url]http://www.example.com[/url] $s = preg_replace("/\\[url\\]([^()<>\\s]+?)\\[\\/url\\]/i", "<a href=\"\\1\">\\1</a>", $s); // [size=4]Text[/size] $s = preg_replace("/\\[size=([1-7])\\]((\\s|.)+?)\\[\\/size\\]/i", "<font size='\\1'>\\2</font>", $s); // [font=Arial]Text[/font] $s = preg_replace("/\\[font=([a-zA-Z ,]+)\\]((\\s|.)+?)\\[\\/font\\]/i", "<font face=\"\\1\">\\2</font>", $s); // //[quote]Text[/quote] // $s = preg_replace( // "/\[quote\]\s*((\s|.)+?)\s*\[\/quote\]\s*/i", // "<p class=sub><b>Quote:</b></p><table class=main border=1 cellspacing=0 cellpadding=10><tr><td style='border: 1px black dotted'>\\1</td></tr></table><br />", $s); // //[quote=Author]Text[/quote] // $s = preg_replace( // "/\[quote=(.+?)\]\s*((\s|.)+?)\s*\[\/quote\]\s*/i", // "<p class=sub><b>\\1 wrote:</b></p><table class=main border=1 cellspacing=0 cellpadding=10><tr><td style='border: 1px black dotted'>\\2</td></tr></table><br />", $s); // Quotes $s = format_quotes($s); // URLs $s = format_urls($s); // $s = format_local_urls($s); // Linebreaks $s = nl2br($s); // [pre]Preformatted[/pre] $s = preg_replace("/\\[pre\\]((\\s|.)+?)\\[\\/pre\\]/i", "<tt><span style=\"white-space: nowrap;\">\\1</span></tt>", $s); // [nfo]NFO-preformatted[/nfo] $s = preg_replace("/\\[nfo\\]((\\s|.)+?)\\[\\/nfo\\]/i", "<tt><span style=\"white-space: nowrap;\"><font face='MS Linedraw' size='2' style='font-size: 10pt; line-height: " . "10pt'>\\1</font></span></tt>", $s); // Maintain spacing $s = str_replace(" ", " ", $s); // 09 Seeding Bonus by Bigjoos // start // modded by cybernet2u // support - http://bit.ly/8jd6WH // http://xList.ro/ // http://tbdev.xlist.ro/ foreach ($smilies as $code => $url) { $s = str_replace($code, "<img border='0' src=\"{$TBDEV['pic_base_url']}smilies/{$url}\" alt=\"" . htmlspecialchars($code) . "\" />", $s); } foreach ($privatesmilies as $code => $url) { $s = str_replace($code, "<img border='0' src=\"{$TBDEV['pic_base_url']}smilies/{$url}\" alt=\"" . htmlspecialchars($code) . "\" />", $s); } foreach ($customsmilies as $code => $url) { $s = str_replace($code, "<img border='0' src=\"{$TBDEV['pic_base_url']}smilies/{$url}\" alt=\"" . htmlspecialchars($code) . "\" />", $s); } return $s; //[align=(center|left|right|justify)]text[/align] $s = preg_replace("/\\[align=([a-zA-Z]+)\\]((\\s|.)+?)\\[\\/align\\]/i", "<div style=\"text-align:\\1\">\\2</div>", $s); //[s]strike[/s] $s = preg_replace("/\\[s\\]((\\s|.)+?)\\[\\/s\\]/i", "<s>\\1</s>", $s); //[mail]mail[/mail] $s = preg_replace("/\\[mail\\]((\\s|.)+?)\\[\\/mail\\]/i", "<a href=\"mailto:\\1\" targe=\"_blank\">\\1</a>", $s); }
function format_comment($text, $strip_html = true) { global $smilies, $pic_base_url; $s = $text; unset($text); // This fixes the extraneous ;) smilies problem. When there was an html escaped // char before a closing bracket - like >), "), ... - this would be encoded // to &xxx;), hence all the extra smilies. I created a new :wink: label, removed // the ;) one, and replace all genuine ;) by :wink: before escaping the body. // (What took us so long? :blush:)- wyz $s = str_replace(";)", ":wink:", $s); if ($strip_html) { $s = htmlentities($s, ENT_QUOTES); } // [*] $s = preg_replace("/\\[\\*\\]/", "<li>", $s); // [b]Bold[/b] $s = preg_replace("/\\[b\\]((\\s|.)+?)\\[\\/b\\]/", "<b>\\1</b>", $s); // [i]Italic[/i] $s = preg_replace("/\\[i\\]((\\s|.)+?)\\[\\/i\\]/", "<i>\\1</i>", $s); // [u]Underline[/u] $s = preg_replace("/\\[u\\]((\\s|.)+?)\\[\\/u\\]/", "<u>\\1</u>", $s); // [u]Underline[/u] $s = preg_replace("/\\[u\\]((\\s|.)+?)\\[\\/u\\]/i", "<u>\\1</u>", $s); // [img]http://www/image.gif[/img] $s = preg_replace("/\\[img\\](http:\\/\\/[^\\s'\"<>]+(\\.(jpg|gif|png)))\\[\\/img\\]/i", "<img border=\"0\" src=\"\\1\" alt='' />", $s); // [img=http://www/image.gif] $s = preg_replace("/\\[img=(http:\\/\\/[^\\s'\"<>]+(\\.(gif|jpg|png)))\\]/i", "<img border=\"0\" src=\"\\1\" alt='' />", $s); // [color=blue]Text[/color] $s = preg_replace("/\\[color=([a-zA-Z]+)\\]((\\s|.)+?)\\[\\/color\\]/i", "<font color='\\1'>\\2</font>", $s); // [color=#ffcc99]Text[/color] $s = preg_replace("/\\[color=(#[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9])\\]((\\s|.)+?)\\[\\/color\\]/i", "<font color='\\1'>\\2</font>", $s); // [url=http://www.example.com]Text[/url] $s = preg_replace("/\\[url=([^()<>\\s]+?)\\]((\\s|.)+?)\\[\\/url\\]/i", "<a href=\"\\1\">\\2</a>", $s); // [url]http://www.example.com[/url] $s = preg_replace("/\\[url\\]([^()<>\\s]+?)\\[\\/url\\]/i", "<a href=\"\\1\">\\1</a>", $s); // [size=4]Text[/size] $s = preg_replace("/\\[size=([1-7])\\]((\\s|.)+?)\\[\\/size\\]/i", "<font size='\\1'>\\2</font>", $s); // [font=Arial]Text[/font] $s = preg_replace("/\\[font=([a-zA-Z ,]+)\\]((\\s|.)+?)\\[\\/font\\]/i", "<font face=\"\\1\">\\2</font>", $s); // //[quote]Text[/quote] // $s = preg_replace( // "/\[quote\]\s*((\s|.)+?)\s*\[\/quote\]\s*/i", // "<p class=sub><b>Quote:</b></p><table class=main border=1 cellspacing=0 cellpadding=10><tr><td style='border: 1px black dotted'>\\1</td></tr></table><br />", $s); // //[quote=Author]Text[/quote] // $s = preg_replace( // "/\[quote=(.+?)\]\s*((\s|.)+?)\s*\[\/quote\]\s*/i", // "<p class=sub><b>\\1 wrote:</b></p><table class=main border=1 cellspacing=0 cellpadding=10><tr><td style='border: 1px black dotted'>\\2</td></tr></table><br />", $s); // Quotes $s = format_quotes($s); // URLs $s = format_urls($s); // $s = format_local_urls($s); // Linebreaks $s = nl2br($s); // [pre]Preformatted[/pre] $s = preg_replace("/\\[pre\\]((\\s|.)+?)\\[\\/pre\\]/i", "<tt><span style=\"white-space: nowrap;\">\\1</span></tt>", $s); // [nfo]NFO-preformatted[/nfo] $s = preg_replace("/\\[nfo\\]((\\s|.)+?)\\[\\/nfo\\]/i", "<tt><span style=\"white-space: nowrap;\"><font face='MS Linedraw' size='2' style='font-size: 10pt; line-height: " . "10pt'>\\1</font></span></tt>", $s); // Maintain spacing $s = str_replace(" ", " ", $s); foreach ($smilies as $code => $url) { $s = str_replace($code, "<img border='0' src=\"{$pic_base_url}smilies/{$url}\" alt=\"" . htmlspecialchars($code) . "\" />", $s); } return $s; }
function format_comment($text, $strip_html = true) { global $smilies, $privatesmilies; $s = $text; if ($strip_html) $s = htmlspecialchars($s); // Quotes $s = format_quotes($s); // [nfo]NFO-preformatted[/nfo] $s = preg_replace("/\[nfo\]((\s|.)+?)\[\/nfo\]/i", "<tt><nobr><font face=\"MS Linedraw\" size=\"2\" style=\"font-size: 10pt; line-height: ". "10pt\">\\1</font></nobr></tt>", $s); //[CODE]stuff[ /CODE] $s = preg_replace("/\[CODE\]\s*((\s|.)+?)\s*\[\/CODE\]\s*/i","<p class=sub><b>Kóði:</b></p><table class=\"main\" border=\"1\" cellspacing=\"0\" cellpadding=\"10\"><tr><td style=\"border: 1px black dotted\"><PRE><CODE CLASS=\"PHP\">\\1</CODE></PRE></td></tr></table><br />", $s); // [*] $s = preg_replace("/\[\*\]/", "<li>", $s); // [b]Bold[/b] $s = preg_replace("/\[b\]((\s|.)+?)\[\/b\]/", "<b>\\1</b>", $s); // [i]Italic[/i] $s = preg_replace("/\[i\]((\s|.)+?)\[\/i\]/", "<i>\\1</i>", $s); // [u]Underline[/u] $s = preg_replace("/\[u\]((\s|.)+?)\[\/u\]/", "<u>\\1</u>", $s); // [u]Underline[/u] $s = preg_replace("/\[u\]((\s|.)+?)\[\/u\]/i", "<u>\\1</u>", $s); // [img]http://www/image.gif[/img] $s = preg_replace("/\[img\](http:\/\/torrent\.is\/myndir\.php\?id=[0-9](.*))\[\/img\]/i", "<img border=\"0\" src=\"\\1\">", $s); $s = preg_replace("/\[img\](http:\/\/[^\s'\"<>]+(\.(jpg|gif|png)))\[\/img\]/i", "<img border=\"0\" src=\"\\1\">", $s); // [img=http://www/image.gif] $s = preg_replace("/\[img=(http:\/\/torrent\.is\/myndir\.php\?id\=[0-9](.*))]/i", "<img border=\"0\" src=\"\\1\">", $s); $s = preg_replace("/\[img=(http:\/\/[^\s'\"<>]+(\.(gif|jpg|png)))\]/i", "<img border=\"0\" src=\"\\1\">", $s); // [color=blue]Text[/color] $s = preg_replace( "/\[color=([a-zA-Z]+)\]((\s|.)+?)\[\/color\]/i", "<font color=\\1>\\2</font>", $s); // [color=#ffcc99]Text[/color] $s = preg_replace( "/\[color=(#[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9])\]((\s|.)+?)\[\/color\]/i", "<font color=\\1>\\2</font>", $s); // [url=http://www.example.com]Text[/url] $s = preg_replace( "/\[url=([^()<>\s]+?)\]((\s|.)+?)\[\/url\]/i", "<a href=\"\\1\">\\2</a>", $s); // [url]http://www.example.com[/url] $s = preg_replace( "/\[url\]([^()<>\s]+?)\[\/url\]/i", "<a href=\"\\1\">\\1</a>", $s); // [size=4]Text[/size] $s = preg_replace( "/\[size=([1-7])\]((\s|.)+?)\[\/size\]/i", "<font size=\\1>\\2</font>", $s); // [font=Arial]Text[/font] $s = preg_replace( "/\[font=([a-zA-Z ,]+)\]((\s|.)+?)\[\/font\]/i", "<font face=\"\\1\">\\2</font>", $s); // //[quote]Text[/quote] // $s = preg_replace( // "/\[quote\]\s*((\s|.)+?)\s*\[\/quote\]\s*/i", // "<p class=sub><b>Quote:</b></p><table class=main border=1 cellspacing=0 cellpadding=10><tr><td style='border: 1px black dotted'>\\1</td></tr></table><br />", $s); // //[quote=Author]Text[/quote] // $s = preg_replace( // "/\[quote=(.+?)\]\s*((\s|.)+?)\s*\[\/quote\]\s*/i", // "<p class=sub><b>\\1 wrote:</b></p><table class=main border=1 cellspacing=0 cellpadding=10><tr><td style='border: 1px black dotted'>\\2</td></tr></table><br />", $s); // URLs $s = format_urls($s); // $s = format_local_urls($s); // Linebreaks $s = nl2br($s); // [pre]Preformatted[/pre] $s = preg_replace("/\[pre\]((\s|.)+?)\[\/pre\]/i", "<tt><nobr>\\1</nobr></tt>", $s); // Maintain spacing $s = str_replace(" ", " ", $s); // [hr] $s = str_replace ("[hr]", "<hr>", $s); // [center] $s = preg_replace("/\[center\]((\s|.)+?)\[\/center\]/i", "<div align='center'><tt><nobr><font face='Verdana' size=2 style='font-size: 10pt; line-height: " . "10pt'>\\1</font></nobr></tt></div>", $s); reset($smilies); while (list($code, $url) = each($smilies)) $s = str_replace($code, "<img border=0 src=\"/pic/smilies/$url\" alt=\"" . htmlspecialchars($code) . "\">", $s); reset($privatesmilies); while (list($code, $url) = each($privatesmilies)) $s = str_replace($code, "<img border=0 src=\"/pic/smilies/$url\" alt=\"" . htmlspecialchars($code) . "\">", $s); if (stristr("$s", '<PRE><CODE CLASS="PHP">')) return $s; return $s; }
<?php include 'include.php'; echo drawTop(); if (empty($_GET['q'])) { url_change('./'); } $fields = array('u.lastname', 'u.firstname', 'u.nickname', 'u.title', 'u.email', 'departmentName'); $terms = explode(' ', format_quotes($_GET['q'])); $where = array(); foreach ($terms as $t) { if (!empty($t)) { foreach ($fields as $f) { $where[] = $f . ' LIKE "%' . $t . '%"'; } } } $links = $page['is_admin'] ? array('add_edit.php' => getString('add_new')) : false; echo drawStaffList('u.is_active = 1 and (' . implode(' OR ', $where) . ')', getString('staff_search_empty'), $links, false, $terms); echo drawBottom();