/** * Display trackback comment submission form. * * @param string $target URL to send the trackback comment to * @param string $url URL of our entry * @param string $title title of our entry * @param string $excerpt excerpt of our entry * @param string $blog name of our site * @return string HTML for the trackback comment editor * */ function trackback_editor($target = '', $url = '', $title = '', $excerpt = '', $blog = '') { global $_CONF, $LANG_TRB; $retval = ''; // show preview if we have at least the URL if (!empty($url)) { // filter them for the preview $p_title = TRB_filterTitle($title); $p_excerpt = TRB_filterExcerpt($excerpt); $p_blog = TRB_filterBlogname($blog); // MT and other weblogs will shorten the excerpt like this if (MBYTE_strlen($p_excerpt) > 255) { $p_excerpt = MBYTE_substr($p_excerpt, 0, 252) . '...'; } $retval .= COM_startBlock($LANG_TRB['preview']); $preview = COM_newTemplate($_CONF['path_layout'] . 'trackback'); $preview->set_file(array('comment' => 'trackbackcomment.thtml')); $comment = TRB_formatComment($url, $p_title, $p_blog, $p_excerpt); $preview->set_var('formatted_comment', $comment); $preview->parse('output', 'comment'); $retval .= $preview->finish($preview->get_var('output')); $retval .= COM_endBlock(); } if (empty($url) && empty($blog)) { $blog = htmlspecialchars($_CONF['site_name']); } $title = htmlspecialchars($title); $excerpt = htmlspecialchars($excerpt, ENT_NOQUOTES); $retval .= COM_startBlock($LANG_TRB['editor_title'], getHelpUrl() . '#trackback', COM_getBlockTemplate('_admin_block', 'header')); $template = COM_newTemplate($_CONF['path_layout'] . 'admin/trackback'); $template->set_file(array('editor' => 'trackbackeditor.thtml')); $template->set_var('php_self', $_CONF['site_admin_url'] . '/trackback.php'); if (empty($url) || empty($title)) { $template->set_var('lang_explain', $LANG_TRB['editor_intro_none']); } else { $template->set_var('lang_explain', sprintf($LANG_TRB['editor_intro'], $url, $title)); } $template->set_var('lang_trackback_url', $LANG_TRB['trackback_url']); $template->set_var('lang_entry_url', $LANG_TRB['entry_url']); $template->set_var('lang_title', $LANG_TRB['entry_title']); $template->set_var('lang_blog_name', $LANG_TRB['blog_name']); $template->set_var('lang_excerpt', $LANG_TRB['excerpt']); $template->set_var('lang_excerpt_truncated', $LANG_TRB['truncate_warning']); $template->set_var('lang_send', $LANG_TRB['button_send']); $template->set_var('lang_preview', $LANG_TRB['button_preview']); $template->set_var('max_url_length', 255); $template->set_var('target_url', $target); $template->set_var('url', $url); $template->set_var('title', $title); $template->set_var('blog_name', $blog); $template->set_var('excerpt', $excerpt); $template->set_var('gltoken_name', CSRF_TOKEN); $template->set_var('gltoken', SEC_createToken()); $template->parse('output', 'editor'); $retval .= $template->finish($template->get_var('output')); $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); return $retval; }
/** * Send an email notification for a new submission. * * @param string $table Table where the new submission can be found * @param string $story Story object that was submitted. * */ function sendNotification($table, $story) { global $_CONF, $_TABLES, $LANG01, $LANG08, $LANG24, $LANG29, $LANG_ADMIN; $title = COM_undoSpecialChars($story->displayElements('title')); if ($A['postmode'] == 'html') { $A['introtext'] = strip_tags($A['introtext']); } $introtext = COM_undoSpecialChars($story->displayElements('introtext') . "\n" . $story->displayElements('bodytext')); $storyauthor = COM_getDisplayName($story->displayelements('uid')); $topic = stripslashes(DB_getItem($_TABLES['topics'], 'topic', 'tid = \'' . $story->displayElements('tid') . '\'')); $mailbody = "{$LANG08['31']}: {$title}\n" . "{$LANG24['7']}: {$storyauthor}\n" . "{$LANG08['32']}: " . strftime($_CONF['date']) . "\n" . "{$LANG_ADMIN['topic']}: {$topic}\n\n"; if ($_CONF['emailstorieslength'] > 0) { if ($_CONF['emailstorieslength'] > 1) { $introtext = MBYTE_substr($introtext, 0, $_CONF['emailstorieslength']) . '...'; } $mailbody .= $introtext . "\n\n"; } if ($table == $_TABLES['storysubmission']) { $mailbody .= "{$LANG01['10']} <{$_CONF['site_admin_url']}/moderation.php>\n\n"; } else { $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()); $mailbody .= $LANG08[33] . ' <' . $articleUrl . ">\n\n"; } $mailsubject = $_CONF['site_name'] . ' ' . $LANG29[35]; $mailbody .= "\n------------------------------\n"; $mailbody .= "\n{$LANG08['34']}\n"; $mailbody .= "\n------------------------------\n"; COM_mail($_CONF['site_mail'], $mailsubject, $mailbody); }
/** * Save a trackback (or pingback) comment. * * Also filters parameters and handles multiple trackbacks from the same source. * * Note: Spam check should have been done before calling this function. * * @param string $sid entry id * @param string $type type of entry ('article' = story, etc.) * @param string $url URL of the trackback comment * @param string $title title of the comment (set to $url if empty) * @param string $blog name of the blog that sent the comment * @param string $excerpt excerpt from the comment * @return int < 0: error, > 0: ID of the trackback comment * */ function TRB_saveTrackbackComment($sid, $type, $url, $title = '', $blog = '', $excerpt = '') { global $_CONF, $_TABLES; $url = COM_applyFilter($url); $title = TRB_filterTitle($title); $blog = TRB_filterBlogname($blog); $excerpt = TRB_filterExcerpt($excerpt); // MT does that, so follow its example ... if (MBYTE_strlen($excerpt) > 255) { $excerpt = MBYTE_substr($excerpt, 0, 252) . '...'; } $title = str_replace(array('$', '{', '}'), array('$', '{', '~'), $title); $excerpt = str_replace(array('$', '{', '}'), array('$', '{', '~'), $excerpt); $blog = str_replace(array('$', '{', '}'), array('$', '{', '~'), $blog); $url = DB_escapeString($url); $title = DB_escapeString($title); $blog = DB_escapeString($blog); $excerpt = DB_escapeString($excerpt); if ($_CONF['multiple_trackbacks'] == 0) { // multiple trackbacks not allowed - check if we have this one already if (DB_count($_TABLES['trackback'], array('url', 'sid', 'type'), array($url, $sid, $type)) >= 1) { return TRB_SAVE_REJECT; } } else { if ($_CONF['multiple_trackbacks'] == 1) { // delete any earlier trackbacks from the same URL DB_delete($_TABLES['trackback'], array('url', 'sid', 'type'), array($url, $sid, $type)); } } // else: multiple trackbacks allowed DB_save($_TABLES['trackback'], 'sid,url,title,blog,excerpt,date,type,ipaddress', "'{$sid}','{$url}','{$title}','{$blog}','{$excerpt}',NOW(),'{$type}','{$_SERVER['REMOTE_ADDR']}'"); $comment_id = DB_insertId(); if ($type == 'article') { DB_query("UPDATE {$_TABLES['stories']} SET trackbacks = trackbacks + 1 WHERE (sid = '{$sid}')"); } return $comment_id; }
/** * Returns an abbreviated day's name * * @param int $day 1 = Sunday, 2 = Monday, ... * @return string abbreviated day's name (2 characters) * * */ function shortDaysName($day) { global $LANG_WEEK; return MBYTE_substr($LANG_WEEK[$day], 0, 2); }
/** * Truncate a string * * Truncates a string to a max. length and optionally adds a filler string, * e.g. '...', to indicate the truncation. * This function is multi-byte string aware, based on a patch by Yusuke Sakata. * * NOTE: The truncated string may be shorter but will never be longer than * $maxlen characters, i.e. the $filler string is taken into account. * * @param string $text the text string to truncate * @param int $maxlen max. number of characters in the truncated string * @param string $filler optional filler string, e.g. '...' * @param int $endchars number of characters to show after the filler * @return string truncated string * */ function COM_truncate($text, $maxlen, $filler = '', $endchars = 0) { $newlen = $maxlen - MBYTE_strlen($filler); $len = MBYTE_strlen($text); if ($len > $maxlen) { $text = MBYTE_substr($text, 0, $newlen - $endchars) . $filler . MBYTE_substr($text, $len - $endchars, $endchars); } return $text; }
/** * Create an excerpt from some piece of HTML containing a given URL * * This somewhat convoluted piece of code will extract the text around a * given link located somewhere in the given piece of HTML. It returns * the actual link text plus some of the text before and after the link. * * NOTE: Returns an empty string when $url is not found in $html. * * @param string $html The piece of HTML to search through * @param string $url URL that should be contained in $html somewhere * @param int $xlen Max. length of excerpt (default: 255 characters) * @return string Extract: The link text and some surrounding text * */ function PNB_makeExcerpt($html, $url, $xlen = 255) { $retval = ''; // the excerpt will come out as // [...] before linktext after [...] $fill_start = '[...] '; $fill_end = ' [...]'; $f1len = MBYTE_strlen($fill_start); $f2len = MBYTE_strlen($fill_end); // extract all links preg_match_all("/<a[^>]*href=[\"']([^\"']*)[\"'][^>]*>(.*?)<\\/a>/i", $html, $matches); $before = ''; $after = ''; $linktext = ''; $num_matches = count($matches[0]); for ($i = 0; $i < $num_matches; $i++) { if ($matches[1][$i] == $url) { $pos = MBYTE_strpos($html, $matches[0][$i]); $before = COM_getTextContent(MBYTE_substr($html, 0, $pos)); $pos += MBYTE_strlen($matches[0][$i]); $after = COM_getTextContent(MBYTE_substr($html, $pos)); $linktext = COM_getTextContent($matches[2][$i]); break; } } $tlen = MBYTE_strlen($linktext); if ($tlen >= $xlen) { // Special case: The actual link text is already longer (or as long) as // requested. We don't use the "fillers" here but only return the // (shortened) link text itself. if ($tlen > $xlen) { $retval = MBYTE_substr($linktext, 0, $xlen - 3) . '...'; } else { $retval = $linktext; } } else { if (!empty($before)) { $tlen++; } if (!empty($after)) { $tlen++; } // make "before" and "after" text have equal length $rest = ($xlen - $tlen) / 2; // format "before" text $blen = MBYTE_strlen($before); if ($blen < $rest) { // if "before" text is too short, make "after" text longer $rest += $rest - $blen; $retval .= $before; } else { if ($blen > $rest) { $work = MBYTE_substr($before, -($rest * 2)); $w = explode(' ', $work); array_shift($w); // drop first word, as it's probably truncated $w = array_reverse($w); $fill = $rest - $f1len; $b = ''; foreach ($w as $word) { if (MBYTE_strlen($b) + MBYTE_strlen($word) + 1 > $fill) { break; } $b = $word . ' ' . $b; } $b = trim($b); $retval .= $fill_start . $b; $blen = MBYTE_strlen($b); if ($blen < $fill) { $rest += $fill - $blen; } } } // actual link text if (!empty($before)) { $retval .= ' '; } $retval .= $linktext; if (!empty($after)) { $retval .= ' '; } // format "after" text if (!empty($after)) { $alen = MBYTE_strlen($after); if ($alen > $rest) { $work = MBYTE_substr($after, 0, $rest * 2); $w = explode(' ', $work); array_pop($w); // drop last word, as it's probably truncated $fill = $rest - $f2len; $a = ''; foreach ($w as $word) { if (MBYTE_strlen($a) + MBYTE_strlen($word) + 1 > $fill) { break; } $a .= $word . ' '; } $retval .= trim($a) . $fill_end; } } } return $retval; }
/** * Truncate a string * * Truncates a string to a max. length and optionally adds a filler string, * e.g. '...', to indicate the truncation. * This function is multi-byte string aware, based on a patch by Yusuke Sakata. * * NOTE: The truncated string may be shorter but will never be longer than * $maxlen characters, i.e. the $filler string is taken into account. * * @param string $text the text string to truncate * @param int $maxlen max. number of characters in the truncated string * @param string $filler optional filler string, e.g. '...' * @param int $endchars number of characters to show after the filler * @return string truncated string * */ function COM_truncate($text, $maxlen, $filler = '', $endchars = 0) { $newlen = $maxlen - MBYTE_strlen($filler); if ($newlen <= 0) { $text = MBYTE_substr($text, 0, $maxlen); } $len = MBYTE_strlen($text); if ($len > $maxlen) { $startchars = $newlen - $endchars; if ($startchars < $endchars) { $text = MBYTE_substr($text, 0, $newlen) . $filler; } else { $text = MBYTE_substr($text, 0, $newlen - $endchars) . $filler . MBYTE_substr($text, $len - $endchars, $endchars); } } return $text; }
/** * Unescapes certain HTML for editing again. * * @access Private * @param string $in Text escaped to unescape for editing * @return string Unescaped string */ function _editUnescape($in) { if ($this->_postmode == 'html' || $this->_postmode == 'wikitext') { /* Raw and code blocks need entity decoding. Other areas do not. * otherwise, annoyingly, < will end up as < on preview 1, on * preview 2 it'll be stripped by KSES. Can't beleive I missed that * in rewrite phase 1. * * First, raw */ $inlower = MBYTE_strtolower($in); $buffer = $in; $start_pos = MBYTE_strpos($inlower, '[raw]'); if ($start_pos !== false) { $out = ''; while ($start_pos !== false) { /* Copy in to start to out */ $out .= MBYTE_substr($buffer, 0, $start_pos); /* Find end */ $end_pos = MBYTE_strpos($inlower, '[/raw]'); if ($end_pos !== false) { /* Encode body and append to out */ $encoded = html_entity_decode(MBYTE_substr($buffer, $start_pos, $end_pos - $start_pos)); $out .= $encoded . '[/raw]'; /* Nibble in */ $inlower = MBYTE_substr($inlower, $end_pos + 6); $buffer = MBYTE_substr($buffer, $end_pos + 6); } else { // missing [/raw] // Treat the remainder as code, but this should have been // checked prior to calling: $out .= html_entity_decode(MBYTE_substr($buffer, $start_pos + 5)); $inlower = ''; } $start_pos = MBYTE_strpos($inlower, '[raw]'); } // Append remainder: if ($buffer != '') { $out .= $buffer; } $in = $out; } /* * Then, code */ $inlower = MBYTE_strtolower($in); $buffer = $in; $start_pos = MBYTE_strpos($inlower, '[code]'); if ($start_pos !== false) { $out = ''; while ($start_pos !== false) { /* Copy in to start to out */ $out .= MBYTE_substr($buffer, 0, $start_pos); /* Find end */ $end_pos = MBYTE_strpos($inlower, '[/code]'); if ($end_pos !== false) { /* Encode body and append to out */ $encoded = html_entity_decode(MBYTE_substr($buffer, $start_pos, $end_pos - $start_pos)); $out .= $encoded . '[/code]'; /* Nibble in */ $inlower = MBYTE_substr($inlower, $end_pos + 7); $buffer = MBYTE_substr($buffer, $end_pos + 7); } else { // missing [/code] // Treat the remainder as code, but this should have been // checked prior to calling: $out .= html_entity_decode(MBYTE_substr($buffer, $start_pos + 6)); $inlower = ''; } $start_pos = MBYTE_strpos($inlower, '[code]'); } // Append remainder: if ($buffer != '') { $out .= $buffer; } $in = $out; } return $in; } else { // advanced editor or plaintext can handle themselves... return $in; } }
/** * Send an email notification for a new submission. * * @param string $table Table where the new submission can be found * @param string $story Story object that was submitted. * */ function sendNotification($table, $story) { global $_CONF, $_USER, $_TABLES, $LANG01, $LANG08, $LANG24, $LANG29, $LANG_ADMIN; $dt = new Date('now', $_USER['tzid']); $title = COM_undoSpecialChars($story->displayElements('title')); $postmode = $story->displayElements('postmode'); $introtext = COM_undoSpecialChars($story->displayElements('introtext') . "\n" . $story->displayElements('bodytext')); if ($postmode == 'html') { USES_lib_html2text(); $introtext = str_replace("\\r", "", $introtext); $introtext = $introtext; $html2txt = new html2text($introtext, false); $introtext = trim($html2txt->get_text()); } $storyauthor = COM_getDisplayName($story->displayelements('uid')); $topic = DB_getItem($_TABLES['topics'], 'topic', 'tid = \'' . DB_escapeString($story->displayElements('tid')) . '\''); $mailbody = "{$LANG08['31']}: {$title}\n" . "{$LANG24['7']}: {$storyauthor}\n" . "{$LANG08['32']}: " . $dt->format($_CONF['date'], true) . "\n" . "{$LANG_ADMIN['topic']}: {$topic}\n\n"; if ($_CONF['emailstorieslength'] > 0) { if ($_CONF['emailstorieslength'] > 1) { $introtext = MBYTE_substr($introtext, 0, $_CONF['emailstorieslength']) . '...'; } $mailbody .= $introtext . "\n\n"; } if ($table == $_TABLES['storysubmission']) { $mailbody .= "{$LANG01['10']} <{$_CONF['site_admin_url']}/moderation.php>\n\n"; } else { $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()); $mailbody .= $LANG08[33] . ' <' . $articleUrl . ">\n\n"; } $mailsubject = $_CONF['site_name'] . ' ' . $LANG29[35]; $mailbody .= "\n------------------------------\n"; $mailbody .= "\n{$LANG08['34']}\n"; $mailbody .= "\n------------------------------\n"; $to = array(); $to = COM_formatEmailAddress('', $_CONF['site_mail']); COM_mail($to, $mailsubject, $mailbody); }
/** * Send report about abusive comment * * @param string $cid comment id * @param string $type type of comment ('article', 'polls', ...) * @return string Meta refresh or HTML for error message * */ function CMT_sendReport($cid, $type) { global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08; if (COM_isAnonUser()) { $retval = SEC_loginRequiredForm(); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[27])); return $retval; } COM_clearSpeedlimit($_CONF['speedlimit'], 'mail'); if (COM_checkSpeedlimit('mail') > 0) { return COM_refresh($_CONF['site_url'] . '/index.php'); } $username = DB_getItem($_TABLES['users'], 'username', "uid = {$_USER['uid']}"); $result = DB_query("SELECT uid,title,comment,sid,ipaddress FROM {$_TABLES['comments']} WHERE cid = {$cid} AND type = '{$type}'"); $A = DB_fetchArray($result); $title = stripslashes($A['title']); $comment = stripslashes($A['comment']); // strip HTML if posted in HTML mode if (preg_match('/<.*>/', $comment) != 0) { $comment = strip_tags($comment); } $author = COM_getDisplayName($A['uid']); if ($A['uid'] <= 1 && !empty($A['ipaddress'])) { // add IP address for anonymous posters $author .= ' (' . $A['ipaddress'] . ')'; } $mailbody = sprintf($LANG03[26], $username); $mailbody .= "\n\n" . "{$LANG03['16']}: {$title}\n" . "{$LANG03['5']}: {$author}\n"; if ($type != 'article') { $mailbody .= "{$LANG09['5']}: {$type}\n"; } if ($_CONF['emailstorieslength'] > 0) { if ($_CONF['emailstorieslength'] > 1) { $comment = MBYTE_substr($comment, 0, $_CONF['emailstorieslength']) . '...'; } $mailbody .= $comment . "\n\n"; } $mailbody .= $LANG08[33] . ' <' . $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . ">\n\n"; $mailbody .= "\n------------------------------\n"; $mailbody .= "\n{$LANG08['34']}\n"; $mailbody .= "\n------------------------------\n"; $mailsubject = $_CONF['site_name'] . ' ' . $LANG03[27]; if (COM_mail($_CONF['site_mail'], $mailsubject, $mailbody)) { $msg = 27; // message sent } else { $msg = 85; // problem sending the email } COM_updateSpeedlimit('mail'); return COM_refresh($_CONF['site_url'] . "/index.php?msg={$msg}"); }
/** * Send report about abusive comment * * @param string $cid comment id * @param string $type type of comment ('article', 'poll', ...) * @return string Meta refresh or HTML for error message * */ function CMT_sendReport($cid, $type) { global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG09, $LANG_LOGIN; if (COM_isAnonUser()) { $retval = COM_siteHeader('menu', $LANG_LOGIN[1]); $retval .= SEC_loginRequiredForm(); $retval .= COM_siteFooter(); return $retval; } COM_clearSpeedlimit($_CONF['speedlimit'], 'mail'); if (COM_checkSpeedlimit('mail') > 0) { return COM_refresh($_CONF['site_url'] . '/index.php'); } $username = DB_getItem($_TABLES['users'], 'username', "uid = {$_USER['uid']}"); $result = DB_query("SELECT uid,title,comment,sid,ipaddress FROM {$_TABLES['comments']} WHERE cid = " . (int) $cid . " AND type = '" . DB_escapeString($type) . "'"); $A = DB_fetchArray($result); $title = $A['title']; $comment = $A['comment']; // strip HTML if posted in HTML mode if (preg_match('/<.*>/', $comment) != 0) { $comment = strip_tags($comment); } $author = COM_getDisplayName($A['uid']); if ($A['uid'] <= 1 && !empty($A['ipaddress'])) { // add IP address for anonymous posters $author .= ' (' . $A['ipaddress'] . ')'; } $mailbody = sprintf($LANG03[26], $username); $mailbody .= "\n\n" . "{$LANG03['16']}: {$title}\n" . "{$LANG03['5']}: {$author}\n"; if ($type != 'article' && $type != 'poll') { $mailbody .= "{$LANG09['5']}: {$type}\n"; } if ($_CONF['emailstorieslength'] > 0) { if ($_CONF['emailstorieslength'] > 1) { $comment = MBYTE_substr($comment, 0, $_CONF['emailstorieslength']) . '...'; } $mailbody .= $comment . "\n\n"; } $mailbody .= $LANG08[33] . ' <' . $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . ">\n\n"; $mailbody .= "\n------------------------------\n"; $mailbody .= "\n{$LANG08['34']}\n"; $mailbody .= "\n------------------------------\n"; $mailsubject = $_CONF['site_name'] . ' ' . $LANG03[27]; $to = array(); $to = COM_formatEmailAddress('', $_CONF['site_mail']); COM_mail($to, $mailsubject, $mailbody); COM_updateSpeedlimit('mail'); return COM_refresh($_CONF['site_url'] . '/index.php?msg=27'); }
function board_edit_forum_save($id) { global $_CONF, $_TABLES, $_USER, $_FF_CONF, $LANG_GF93; $retval = false; $statusText = array(); $numErrors = 0; $category = isset($_POST['category']) ? COM_applyFilter($_POST['category'], true) : 0; $forum_order_id = isset($_POST['order']) ? COM_applyFilter($_POST['order'], true) : 0; $name = isset($_POST['name']) ? $_POST['name'] : ''; $dscp = isset($_POST['dscp']) ? $_POST['dscp'] : ''; $is_readonly = isset($_POST['is_readonly']) ? COM_applyFilter($_POST['is_readonly'], true) : 0; $is_hidden = isset($_POST['is_hidden']) ? COM_applyFilter($_POST['is_hidden'], true) : 0; $no_newposts = isset($_POST['no_newposts']) ? COM_applyFilter($_POST['no_newposts'], true) : 0; $privgroup = isset($_POST['privgroup']) ? COM_applyFilter($_POST['privgroup'], true) : 0; if ($privgroup == 0) { $privgroup = 2; } $attachmentgroup = COM_applyFilter($_POST['attachmentgroup'], true); if ($attachmentgroup == 0) { $privgroup = 1; } // data validation if (empty($name)) { $statusText[] = $LANG_GF93['name_blank']; $numErrors++; } if (MBYTE_strlen($name) > 70) { $name = MBYTE_substr($name, 0, 70); } if (empty($dscp)) { $statusText[] = $LANG_GF93['desc_blank']; $numErrors++; } if ($numErrors == 0) { if ($forum_order_id == 0) { $forum_order = 0; } else { $forum_order = DB_getItem($_TABLES['ff_forums'], 'forum_order', 'forum_id=' . (int) $forum_order_id); } $order = $forum_order++; $name = _ff_preparefordb($name, 'text'); $dscp = _ff_preparefordb($dscp, 'text'); $sql = "UPDATE {$_TABLES['ff_forums']} SET forum_name='" . DB_escapeString($name) . "',forum_order=" . (int) $order . ",forum_dscp='" . DB_escapeString($dscp) . "', grp_id=" . (int) $privgroup . ", "; $sql .= "is_hidden='" . DB_escapeString($is_hidden) . "', is_readonly='" . DB_escapeString($is_readonly) . "', no_newposts='" . DB_escapeString($no_newposts) . "',use_attachment_grpid=" . (int) $attachmentgroup . ",forum_cat=" . (int) $category . " "; $sql .= "WHERE forum_id=" . (int) $id; DB_query($sql); reorderForums($category); $retval = true; $statusText[] = $LANG_GF93['forumedited']; } return array($retval, $statusText); }
public function testMBYTE_substrWhenLengthNotNull() { $this->assertEquals('ch', MBYTE_substr('Ten chars.', 4, 2)); }
public function testMBYTE_substrWhenLengthNotNull() { $this->markTestSkipped(); $this->assertEquals('nd', MBYTE_substr(utf8_encode('Användare'), 4, 2)); }
/** * This function will allow plugins to support the use of custom autolinks * in other site content. Plugins can now use this API when saving content * and have the content checked for any autolinks before saving. * The autolink would be like: [story:20040101093000103 here] * * @param string $content Content that should be parsed for autolinks * @param string $plugin Optional if you only want to parse using a specific plugin * */ function PLG_replaceTags($content, $plugin = '') { global $_CONF, $_TABLES, $LANG32; if (isset($_CONF['disable_autolinks']) && $_CONF['disable_autolinks'] == 1) { // autolinks are disabled - return $content unchanged return $content; } $autolinkModules = PLG_collectTags(); // For each supported module, scan the content looking for any AutoLink tags $tags = array(); $contentlen = MBYTE_strlen($content); $content_lower = MBYTE_strtolower($content); foreach ($autolinkModules as $moduletag => $module) { $autotag_prefix = '[' . $moduletag . ':'; $offset = 0; $prev_offset = 0; while ($offset < $contentlen) { $start_pos = MBYTE_strpos($content_lower, $autotag_prefix, $offset); if ($start_pos === false) { break; } else { $end_pos = MBYTE_strpos($content_lower, ']', $start_pos); $next_tag = MBYTE_strpos($content_lower, '[', $start_pos + 1); if ($end_pos > $start_pos and ($next_tag === false or $end_pos < $next_tag)) { $taglength = $end_pos - $start_pos + 1; $tag = MBYTE_substr($content, $start_pos, $taglength); $parms = explode(' ', $tag); // Extra test to see if autotag was entered with a space // after the module name if (MBYTE_substr($parms[0], -1) == ':') { $startpos = MBYTE_strlen($parms[0]) + MBYTE_strlen($parms[1]) + 2; $label = str_replace(']', '', MBYTE_substr($tag, $startpos)); $tagid = $parms[1]; } else { $label = str_replace(']', '', MBYTE_substr($tag, MBYTE_strlen($parms[0]) + 1)); $parms = explode(':', $parms[0]); if (count($parms) > 2) { // whoops, there was a ':' in the tag id ... array_shift($parms); $tagid = implode(':', $parms); } else { $tagid = $parms[1]; } } $newtag = array('module' => $module, 'tag' => $moduletag, 'tagstr' => $tag, 'startpos' => $start_pos, 'length' => $taglength, 'parm1' => str_replace(']', '', $tagid), 'parm2' => $label); $tags[] = $newtag; } else { // Error: tags do not match - return with no changes return $content . $LANG32[32]; } $prev_offset = $offset; $offset = $end_pos; } } } // If we have found 1 or more AutoLink tag if (count($tags) > 0) { // Found the [tag] - Now process them all foreach ($tags as $autotag) { $function = 'plugin_autotags_' . $autotag['module']; if ($autotag['module'] == 'geeklog' and (empty($plugin) or $plugin == 'geeklog')) { $url = ''; $linktext = $autotag['parm2']; if ($autotag['tag'] == 'story') { $autotag['parm1'] = COM_applyFilter($autotag['parm1']); if (!empty($autotag['parm1'])) { $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $autotag['parm1']); if (empty($linktext)) { $linktext = stripslashes(DB_getItem($_TABLES['stories'], 'title', "sid = '{$autotag['parm1']}'")); } } } if (!empty($url)) { $filelink = COM_createLink($linktext, $url); $content = str_replace($autotag['tagstr'], $filelink, $content); } } elseif (function_exists($function) and (empty($plugin) or $plugin == $autotag['module'])) { $content = $function('parse', $content, $autotag); } } } return $content; }
/** * This function will allow plugins to support the use of custom autolinks * in other site content. Plugins can now use this API when saving content * and have the content checked for any autolinks before saving. * The autolink would be like: [story:20040101093000103 here] * * @param string $content Content that should be parsed for autolinks * @param string $plugin Optional if you only want to parse using a specific plugin * @param string $remove Optional if you want to remove the autotag from the content * */ function PLG_replaceTags($content, $plugin = '', $remove = false) { global $_CONF, $_TABLES, $LANG32; if (isset($_CONF['disable_autolinks']) && $_CONF['disable_autolinks'] == 1) { // autolinks are disabled - return $content unchanged return $content; } if ($remove) { $autolinkModules = PLG_collectTags('nopermission'); if (!is_array($autolinkModules)) { // a permission check may not return any data so no point parsing content return $content; } } else { $autolinkModules = PLG_collectTags(); } for ($i = 1; $i <= 5; $i++) { // For each supported module, scan the content looking for any AutoLink tags $tags = array(); $contentlen = MBYTE_strlen($content); $content_lower = MBYTE_strtolower($content); foreach ($autolinkModules as $moduletag => $module) { $autotag_prefix = '[' . $moduletag . ':'; $offset = 0; $prev_offset = 0; while ($offset < $contentlen) { $start_pos = MBYTE_strpos($content_lower, $autotag_prefix, $offset); if ($start_pos === false) { break; } else { $end_pos = MBYTE_strpos($content_lower, ']', $start_pos); $next_tag = MBYTE_strpos($content_lower, '[', $start_pos + 1); if ($end_pos > $start_pos and ($next_tag === false or $end_pos < $next_tag)) { $taglength = $end_pos - $start_pos + 1; $tag = MBYTE_substr($content, $start_pos, $taglength); $parms = explode(' ', $tag); // Extra test to see if autotag was entered with a space // after the module name if (MBYTE_substr($parms[0], -1) == ':') { $startpos = MBYTE_strlen($parms[0]) + MBYTE_strlen($parms[1]) + 2; $label = str_replace(']', '', MBYTE_substr($tag, $startpos)); $tagid = $parms[1]; } else { $label = str_replace(']', '', MBYTE_substr($tag, MBYTE_strlen($parms[0]) + 1)); $parms = explode(':', $parms[0]); if (count($parms) > 2) { // whoops, there was a ':' in the tag id ... array_shift($parms); $tagid = implode(':', $parms); } else { $tagid = $parms[1]; } } $newtag = array('module' => $module, 'tag' => $moduletag, 'tagstr' => $tag, 'startpos' => $start_pos, 'length' => $taglength, 'parm1' => str_replace(']', '', $tagid), 'parm2' => $label); $tags[] = $newtag; } else { // Error: tags do not match - return with no changes return $content . $LANG32[32]; } $prev_offset = $offset; $offset = $end_pos; } } } // If we have found 1 or more AutoLink tag if (count($tags) > 0) { // Found the [tag] - Now process them all foreach ($tags as $autotag) { if ($remove) { $content = str_replace($autotag['tagstr'], '', $content); } else { $function = 'plugin_autotags_' . $autotag['module']; if (function_exists($function) and (empty($plugin) or $plugin == $autotag['module'])) { $content = $function('parse', $content, $autotag); } } } } else { break; } } return $content; }
/** * Send report about abusive comment * * @param string $cid comment id * @param string $type type of comment ('article', 'poll', ...) * @return string Meta refresh or HTML for error message * */ function CMT_sendReport($cid, $type) { global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG_LOGIN; if (empty($_USER['username'])) { $retval = COM_siteHeader('menu', $LANG_LOGIN[1]); $retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header')); $loginreq = new Template($_CONF['path_layout'] . 'submit'); $loginreq->set_file('loginreq', 'submitloginrequired.thtml'); $loginreq->set_var('xhtml', XHTML); $loginreq->set_var('login_message', $LANG_LOGIN[2]); $loginreq->set_var('site_url', $_CONF['site_url']); $loginreq->set_var('lang_login', $LANG_LOGIN[3]); $loginreq->set_var('lang_newuser', $LANG_LOGIN[4]); $loginreq->parse('errormsg', 'loginreq'); $retval .= $loginreq->finish($loginreq->get_var('errormsg')); $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $retval .= COM_siteFooter(); return $retval; } COM_clearSpeedlimit($_CONF['speedlimit'], 'mail'); if (COM_checkSpeedlimit('mail') > 0) { return COM_refresh($_CONF['site_url'] . '/index.php'); } $username = DB_getItem($_TABLES['users'], 'username', "uid = {$_USER['uid']}"); $result = DB_query("SELECT uid,title,comment,sid,ipaddress FROM {$_TABLES['comments']} WHERE cid = {$cid} AND type = '{$type}'"); $A = DB_fetchArray($result); $title = stripslashes($A['title']); $comment = stripslashes($A['comment']); // strip HTML if posted in HTML mode if (preg_match('/<.*>/', $comment) != 0) { $comment = strip_tags($comment); } $author = COM_getDisplayName($A['uid']); if ($A['uid'] <= 1 && !empty($A['ipaddress'])) { // add IP address for anonymous posters $author .= ' (' . $A['ipaddress'] . ')'; } $mailbody = sprintf($LANG03[26], $username); $mailbody .= "\n\n" . "{$LANG03['16']}: {$title}\n" . "{$LANG03['5']}: {$author}\n"; if ($type != 'article' && $type != 'poll') { $mailbody .= "{$LANG09['5']}: {$type}\n"; } if ($_CONF['emailstorieslength'] > 0) { if ($_CONF['emailstorieslength'] > 1) { $comment = MBYTE_substr($comment, 0, $_CONF['emailstorieslength']) . '...'; } $mailbody .= $comment . "\n\n"; } $mailbody .= $LANG08[33] . ' <' . $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . ">\n\n"; $mailbody .= "\n------------------------------\n"; $mailbody .= "\n{$LANG08['34']}\n"; $mailbody .= "\n------------------------------\n"; $mailsubject = $_CONF['site_name'] . ' ' . $LANG03[27]; if (COM_mail($_CONF['site_mail'], $mailsubject, $mailbody)) { $msg = 27; // message sent } else { $msg = 85; // problem sending the email } COM_updateSpeedlimit('mail'); return COM_refresh($_CONF['site_url'] . "/index.php?msg={$msg}"); }
private static function _unescapeSpecialTag($in, $tags) { $inlower = MBYTE_strtolower($in); $start_pos = MBYTE_strpos($inlower, $tags[0]); if ($start_pos === false) { return $in; } $buffer = $in; $out = ''; while ($start_pos !== false) { // Copy in to start to out $out .= MBYTE_substr($buffer, 0, $start_pos); // Find end $end_pos = MBYTE_strpos($inlower, $tags[1]); if ($end_pos !== false) { // Encode body and append to out $encoded = html_entity_decode(MBYTE_substr($buffer, $start_pos, $end_pos - $start_pos)); $out .= $encoded . $tags[1]; $len_end = strlen($tags[1]); // Nibble in $inlower = MBYTE_substr($inlower, $end_pos + $len_end); $buffer = MBYTE_substr($buffer, $end_pos + $len_end); } else { // missing end $len_start = strlen($tags[0]); // Treat the remainder as code, but this should have been // checked prior to calling: $out .= html_entity_decode(MBYTE_substr($buffer, $start_pos + $len_start)); $inlower = ''; } $start_pos = MBYTE_strpos($inlower, $tags[0]); } // Append remainder: if ($buffer != '') { $out .= $buffer; } return $out; }
/** * Truncate a feed item's text to a given max. length of characters * * @param string $text the item's text * @param int $length max. length * @return string truncated text * */ function SYND_truncateSummary($text, $length) { if ($length == 0) { return ''; } else { $text = stripslashes($text); $text = trim($text); $text = str_replace(array("\r\n", "\r"), "\n", $text); if ($length > 3 && MBYTE_strlen($text) > $length) { $text = MBYTE_substr($text, 0, $length - 3) . '...'; } // Check if we broke an html tag and storytext is now something // like "blah blah <a href= ...". Delete "<*" if so. if (MBYTE_strrpos($text, '<') > MBYTE_strrpos($text, '>')) { $text = MBYTE_substr($text, 0, MBYTE_strrpos($text, '<')) . ' ...'; } return $text; } }