//Lurk more? if($_SERVER['REQUEST_TIME'] - $_SESSION['first_seen'] < REQUIRED_LURK_TIME_REPLY) { add_error('Lurk for at least ' . REQUIRED_LURK_TIME_REPLY . ' seconds before posting your first reply.'); } // Flood control. $too_early = $_SERVER['REQUEST_TIME'] - FLOOD_CONTROL_REPLY; $res=DB::Execute(sprintf('SELECT 1 FROM {P}PMs WHERE pmFrom = \'%s\' AND pmDateSent > %d',$_SERVER['REMOTE_ADDR'], $too_early)); if($res->RecordCount() > 0) { add_error('Wait at least ' . FLOOD_CONTROL_REPLY . ' seconds between each reply. '); } //Check inputs list($_POST['title'],$_POST['body'])=Check4Filtered($_POST['title'],$_POST['body']); $reply=new PM(); $reply->To = $_POST['to']; $reply->Thread = intval($_POST['thread']); $reply->From =$User->ID; $reply->Title = $_POST['title']; $reply->Body = $_POST['body']; $reply->Save(); $_SESSION['notice']='PM sent.'; break; } switch(Path::FetchIndex(0)) { default: case 'list':
$page_title .= ': <a href="/topic/' . $_GET['edit'] . '">' . htmlspecialchars(Post::GetEString('headline')) . '</a>'; } } } //var_dump($_POST); if ($_POST['form_sent']) { // Trimming. $headline = super_trim(Post::GetEString('headline', true)); $body = super_trim($_POST['body']); $authorname = super_trim(Post::GetEString('name', true)); if (!empty($authorname)) { $_SESSION['PostName'] = $authorname; } // Parse for mass quote tag ([quote]). I'm not sure about create_function, it seems kind of slow. $body = preg_replace_callback('/\\[quote\\](.+?)\\[\\/quote\\]/s', create_function('$matches', 'return preg_replace(\'/.*[^\\s]$/m\', \'> $0\', $matches[1]);'), $body); list($headline, $body) = Check4Filtered($headline, $body); if ($_POST['post']) { // Check for poorly made bots. if (!$editing && $_SERVER['REQUEST_TIME'] - Post::GetInt('start_time') < 3) { add_error('Wait a few seconds between starting to compose a post and actually submitting it.'); } if (!empty($_POST['e-mail'])) { add_error('Bot detected.'); } if (!is_array($_SESSION['random_posting_hashes'])) { add_error('Session error (no hash values stored). Try again.'); } else { foreach ($_SESSION['random_posting_hashes'] as $name => $value) { if (!isset($_POST[$name]) || $_POST[$name] != $value) { add_error('Session error (wrong hash value sent). Try again.'); break;