function display() { $myreturn = sanitize_and_format($this->value, TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]); if (!empty($this->config['use_bbcode'])) { $myreturn = bbcode2html($myreturn); } if (!empty($this->config['use_smilies'])) { $myreturn = text2smilies($myreturn); } return $myreturn; }
function gen_blogposts_cache() { global $dbtable_prefix; $dirname = dirname(__FILE__); $temp = array(); if ($dirname[0] == '/') { // unixes here $temp = explode('/', $dirname); } else { // windows here $temp = explode('\\', $dirname); } $interval = (int) $temp[count($temp) - 1]; // that's how often we're executed ;) $short_blog_chars = 400; $config = get_site_option(array('bbcode_blogs', 'use_smilies'), 'core_blog'); require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; $fileop = new fileop(); $post_ids = array(); $query = "SELECT a.`post_id`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,a.`fk_user_id`,a.`_user` as `user`,a.`fk_blog_id`,a.`title`,a.`post_content`,b.`_photo` as `photo`,c.`blog_name` FROM `{$dbtable_prefix}blog_posts` a,`{$dbtable_prefix}user_profiles` b,`{$dbtable_prefix}user_blogs` c WHERE a.`fk_user_id`=b.`fk_user_id` AND a.`fk_blog_id`=c.`blog_id` AND a.`status`=" . STAT_APPROVED . " AND a.`last_changed`>=DATE_SUB('" . gmdate('YmdHis') . "',INTERVAL " . ($interval + 2) . " MINUTE)"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($blog = mysql_fetch_assoc($res)) { $post_ids[] = $blog['post_id']; $blog['title'] = remove_banned_words(sanitize_and_format($blog['title'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2EDIT])); $blog['post_content'] = remove_banned_words($blog['post_content']); $post_content_short = substr($blog['post_content'], 0, strrpos(substr($blog['post_content'], 0, $short_blog_chars), ' ')); $post_content_short = sanitize_and_format($post_content_short, TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]); $blog['post_content'] = sanitize_and_format($blog['post_content'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]); if (!empty($config['bbcode_blogs'])) { $blog['post_content'] = bbcode2html($blog['post_content']); $post_content_short = bbcode2html($post_content_short); } if (!empty($config['use_smilies'])) { $blog['post_content'] = text2smilies($blog['post_content']); $post_content_short = text2smilies($post_content_short); } if (empty($blog['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $blog['photo'])) { $blog['photo'] = 'no_photo.gif'; } else { $blog['has_photo'] = true; } if (empty($blog['fk_user_id'])) { unset($blog['fk_user_id']); } $towrite = '<?php $post=' . var_export($blog, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '.inc.php', $towrite); $blog['post_content'] = $post_content_short; $towrite = '<?php $post=' . var_export($blog, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '_short.inc.php', $towrite); } return true; }
function prepare_post(&$mode, &$post_data, &$error_msg, &$username, &$subject, &$message) { global $bb_cfg, $user, $userdata, $lang; // Check username if (!empty($username)) { $username = clean_username($username); if (!$userdata['session_logged_in'] || $userdata['session_logged_in'] && $username != $user->name) { require INC_DIR . 'functions_validate.php'; if ($err = validate_username($username)) { $error_msg .= $err; } } else { $username = ''; } } // Check subject if (!empty($subject)) { $subject = str_replace('&', '&', $subject); } else { if ($mode == 'newtopic' || $mode == 'editpost' && $post_data['first_post']) { $error_msg .= !empty($error_msg) ? '<br />' . $lang['EMPTY_SUBJECT'] : $lang['EMPTY_SUBJECT']; } } // Check message if (!empty($message)) { } else { if ($mode != 'delete') { $error_msg .= !empty($error_msg) ? '<br />' . $lang['EMPTY_MESSAGE'] : $lang['EMPTY_MESSAGE']; } } // Check smilies limit if ($bb_cfg['max_smilies']) { $count_smilies = substr_count(bbcode2html($message), '<img class="smile" src="' . $bb_cfg['smilies_path']); if ($count_smilies > $bb_cfg['max_smilies']) { $to_many_smilies = sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies']); $error_msg .= !empty($error_msg) ? '<br />' . $to_many_smilies : $to_many_smilies; } } if (IS_GUEST && !bb_captcha('check')) { $error_msg .= !empty($error_msg) ? '<br />' . $lang['CAPTCHA_WRONG'] : $lang['CAPTCHA_WRONG']; } }
} $s_hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" /><input type="hidden" name="' . POST_TOPIC_URL . '" value="' . $topic_id . '" /><input type="hidden" name="mode" value="split" />'; if (($total_posts = DB()->num_rows($result)) > 0) { $postrow = DB()->sql_fetchrowset($result); $template->assign_vars(array('FORUM_NAME' => htmlCHR($forum_name), 'U_VIEW_FORUM' => FORUM_URL . $forum_id, 'S_SPLIT_ACTION' => 'modcp.php', 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_FORUM_SELECT' => get_forum_select('admin', 'new_forum_id', $forum_id))); for ($i = 0; $i < $total_posts; $i++) { $post_id = $postrow[$i]['post_id']; $poster_id = $postrow[$i]['poster_id']; $poster = $postrow[$i]['username']; $post_date = bb_date($postrow[$i]['post_time']); $message = $postrow[$i]['post_text']; // // If the board has HTML off but the post has HTML // on then we process it, else leave it alone // $message = bbcode2html($message); $row_class = !($i % 2) ? 'row1' : 'row2'; $template->assign_block_vars('postrow', array('ROW_CLASS' => $row_class, 'POSTER_NAME' => wbr($poster), 'POST_DATE' => $post_date, 'MESSAGE' => $message, 'CHECKBOX' => defined('BEGIN_CHECKBOX') ? TRUE : FALSE, 'POST_ID' => $post_id, 'ROW_ID' => $i, 'CB_ID' => 'cb_' . $i)); if ($post_id == $topic_first_post_id) { define('BEGIN_CHECKBOX', TRUE); } } } } $template->set_filenames(array('body' => 'modcp_split.tpl')); break; case 'ip': $anon = GUEST_UID; $rdns_ip_num = isset($_GET['rdns']) ? $_GET['rdns'] : ""; if (!$post_id) { bb_die($lang['NO_SUCH_POST']);
function get_parsed_post($postrow, $mode = 'full', $return_chars = 600) { global $bb_cfg; if ($bb_cfg['use_posts_cache'] && !empty($postrow['post_html'])) { return $postrow['post_html']; } $message = bbcode2html($postrow['post_text']); // Posts cache if ($bb_cfg['use_posts_cache']) { DB()->shutdown['post_html'][] = array('post_id' => (int) $postrow['post_id'], 'post_html' => (string) $message); } return $message; }
$tpp = $_G['setting']['noticeperpage']; // 公告列表 $_BCACHE->cachesql('noticelist', 'SELECT i.itemid FROM ' . tname('noticeitems') . " i WHERE i.shopid = '{$shop['itemid']}' AND i.grade>2 ORDER BY i.displayorder_s ASC, i.itemid DESC", 0, 1, $tpp, 0, 'storelist', 'notice', $shop['itemid']); $noticelist_multipage = $_SBLOCK['noticelist_multipage']; $resultcount = $_SBLOCK['noticelist_listcount']; foreach ($_SBLOCK['noticelist'] as $result) { $result = $_BCACHE->getiteminfo('notice', $result['itemid'], $shop['itemid']); $result['time'] = date('Y-m-d', $result['dateline']); $noticelist[] = $result; } $seo_title = $lang['noticelistpage'] . ' - ' . $seo_title; $theurl = "store.php?id={$shop['itemid']}&action=notice"; } else { //公告詳情 $notice = $_BCACHE->getiteminfo('notice', $_GET['xid'], $_GET['id']); $notice['message'] = bbcode2html($notice['message']); if (!$notice) { showmessage('not_found_msg', 'index.php'); } $allowreply = $shop['allowreply'] && $notice['allowreply'] ? 1 : 0; $notice['time'] = date('Y-m-d', $notice['dateline']); //更新統計數 $isupdate = freshcookie($action, $notice['itemid']); if ($isupdate || !$_G['setting']['updateview']) { updateviewnum($action, $notice['itemid']); } if (!empty($notice['jumpurl'])) { $notice['jumpurl'] = str_replace('&', '&', $notice['jumpurl']); header("Location:{$notice['jumpurl']}"); exit; }
exit('Access Denied'); } if (empty($_GET['xid'])) { $tpp = $_G['setting']['consumeperpage']; //消費卷列表 $_BCACHE->cachesql('consumelist', 'SELECT i.itemid FROM ' . tname('consumeitems') . " i WHERE i.shopid='{$shop['itemid']}' AND i.grade=3 ORDER BY i.displayorder_s ASC, i.itemid DESC", 0, 1, $tpp, 0, 'storelist', 'consume', $_GET['id']); $consumelist_multipage = $_SBLOCK['consumelist_multipage']; foreach ($_SBLOCK['consumelist'] as $result) { $result = $_BCACHE->getiteminfo('consume', $result['itemid'], $_GET['id']); $consumelist[] = $result; } $theurl = "store.php?id={$shop['itemid']}&action=consume"; $seo_description = strip_tags($consume['message']); } else { $consume = $_BCACHE->getiteminfo('consume', $_GET['xid'], $_GET['id']); $consume['message'] = bbcode2html($consume['message']); if (!$consume) { showmessage('not_found_msg', 'index.php'); } $allowreply = $shop['allowreply'] && $consume['allowreply'] ? 1 : 0; if ($_GET['do'] == 'print') { DB::query('UPDATE ' . tname('consumeitems') . ' SET downnum=downnum+1 WHERE itemid=\'' . $_GET['xid'] . '\''); echo '<body onload="window.print()"><img src="' . $consume['subjectimage'] . '"></body>'; exit; } //更新統計數 $isupdate = freshcookie($action, $consume['itemid']); if ($isupdate || !$_G['setting']['updateview']) { updateviewnum($action, $consume['itemid']); } $consume['time'] = date('Y-m-d H:i', $consume['dateline']);
$goodlist_multipage = $_SBLOCK['goodlist_multipage']; $resultcount = $_SBLOCK['goodlist_listcount']; foreach ($_SBLOCK['goodlist'] as $result) { $result = $_BCACHE->getiteminfo('good', $result['itemid'], $shop['itemid']); $result['time'] = date('Y-m-d', $result['dateline']); $result['thumb'] = str_replace('static/image/nophoto.gif', 'static/image/noimg.gif', $result['thumb']); $result['message'] = trim(strip_tags($result['message'])); $result['intro'] = cutstr($result['intro'], 130, true); $goodlist[] = $result; } $seo_title = $lang['goodlist'] . ' - ' . $seo_title; $theurl = "store.php?id={$shop['itemid']}&action=good"; } else { //商品詳情 $good = $_BCACHE->getiteminfo('good', $_GET['xid'], $_GET['id']); $good['message'] = bbcode2html($good['message']); if (!$good) { showmessage('not_found_msg', 'index.php'); } $allowreply = $shop['allowreply'] && $good['allowreply'] ? 1 : 0; $good['time'] = date('Y-m-d H:i', $good['dateline']); $relatedarr = array(); $relatedarr = getrelatedinfo('good', $good['itemid'], $shop['itemid']); //更新統計數 $isupdate = freshcookie($action, $good['itemid']); if ($isupdate || !$_G['setting']['updateview']) { updateviewnum($action, $good['itemid']); } //評論 $listcount = $good['replynum']; $_G['setting']['viewspace_pernum'] = intval($_G['setting']['viewspace_pernum']);
/** * Creates the tpl loop to show comments and the textarea where new comments could be written. Handles the cases when user is * not logged in or not allowed to post comments. * * @access public * @param string $type the identifier for the item where comments are displayed. Can be one of 'user','photo','blog','video' * @param int $parent_id the ID in the parent table of the item where these comments are posted. * @param array $config reference to the $config array in the calling script. It needs 'use_captcha','bbcode_comments','smilies_comm' * @param array $output reference to the $output array in the calling script. It injects additional variables in $output to be * used by the template system. * */ function create_comments_loop($type, $parent_id, &$output, $params = array()) { global $dbtable_prefix, $__field2format, $_list_of_online_members, $page_last_modified_time; $myreturn = array(); switch ($type) { case 'user': $table = "{$dbtable_prefix}comments_profile"; $allow_comments = !empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $_SESSION[_LICENSE_KEY_]['user']['user_id'] == $parent_id ? $_SESSION[_LICENSE_KEY_]['user']['prefs']['profile_comments'] : get_user_settings($parent_id, 'def_user_prefs', 'profile_comments'); break; case 'blog': $table = "{$dbtable_prefix}comments_blog"; $allow_comments = isset($output['allow_comments']) ? $output['allow_comments'] : 1; break; case 'photo': $table = "{$dbtable_prefix}comments_photo"; $allow_comments = isset($output['allow_comments']) ? $output['allow_comments'] : 1; break; case 'video': $table = "{$dbtable_prefix}comments_video"; $allow_comments = isset($output['allow_comments']) ? $output['allow_comments'] : 1; break; } $config = get_site_option(array('use_captcha', 'bbcode_comments', 'smilies_comm'), 'core'); $edit_comment = sanitize_and_format_gpc($_GET, 'edit_comment', TYPE_INT, 0, 0); $query = "SELECT a.`comment_id`,a.`comment`,a.`fk_user_id`,a.`_user` as `user`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,b.`_photo` as `photo` FROM `{$table}` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`fk_user_id`=b.`fk_user_id` WHERE a.`fk_parent_id`={$parent_id} AND a.`status`=" . STAT_APPROVED . " ORDER BY a.`comment_id` ASC"; if (isset($params['offset']) && isset($params['limit'])) { $query .= " LIMIT " . $params['offset'] . ',' . $params['limit']; $count_query = "SELECT count(*) FROM `{$table}` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`fk_user_id`=b.`fk_user_id` WHERE a.`fk_parent_id`={$parent_id} AND a.`status`=" . STAT_APPROVED; if (!($res = @mysql_query($count_query))) { trigger_error(mysql_error(), E_USER_ERROR); } $totalrows = mysql_result($res, 0, 0); } if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($rsrow = mysql_fetch_assoc($res)) { if ($rsrow['date_posted'] > $page_last_modified_time) { $page_last_modified_time = $rsrow['date_posted']; } // if someone has asked to edit his/her comment if ($edit_comment == $rsrow['comment_id']) { $output['comment_id'] = $rsrow['comment_id']; $output['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]); } $rsrow['date_posted'] = strftime($_SESSION[_LICENSE_KEY_]['user']['prefs']['datetime_format'], $rsrow['date_posted'] + $_SESSION[_LICENSE_KEY_]['user']['prefs']['time_offset']); $rsrow['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); if (!empty($config['bbcode_comments'])) { $rsrow['comment'] = bbcode2html($rsrow['comment']); } if (!empty($config['smilies_comm'])) { $rsrow['comment'] = text2smilies($rsrow['comment']); } // allow showing the edit links to rightfull owners if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $rsrow['fk_user_id'] == $_SESSION[_LICENSE_KEY_]['user']['user_id']) { $rsrow['editme'] = true; } if (empty($rsrow['fk_user_id'])) { // for the link to member profile unset($rsrow['fk_user_id']); } else { if (isset($_list_of_online_members[$rsrow['fk_user_id']])) { $rsrow['is_online'] = 'is_online'; $rsrow['user_online_status'] = $GLOBALS['_lang'][102]; } else { $rsrow['user_online_status'] = $GLOBALS['_lang'][103]; } } if (empty($rsrow['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $rsrow['photo'])) { $rsrow['photo'] = 'no_photo.gif'; } $myreturn[] = $rsrow; } if (!empty($myreturn)) { $output['show_comments'] = true; if (isset($totalrows)) { $output['pager'] = pager($totalrows, $params['offset'], $params['limit']); $output['num_comments'] = $totalrows; } else { $output['num_comments'] = count($myreturn); } } if ($allow_comments) { // may I post comments please? if (allow_at_level('write_comments', $_SESSION[_LICENSE_KEY_]['user']['membership'])) { $output['allow_comments'] = true; if (empty($_SESSION[_LICENSE_KEY_]['user']['user_id'])) { if (!empty($config['use_captcha'])) { require _BASEPATH_ . '/includes/classes/sco_captcha.class.php'; $c = new sco_captcha(_BASEPATH_ . '/includes/fonts', 4); $_SESSION['captcha_word'] = $c->gen_rnd_string(4); $output['rand'] = make_seed(); $output['use_captcha'] = true; } } // would you let me use bbcode? if (!empty($config['bbcode_comments'])) { $output['bbcode_comments'] = true; } // if we came back after an error get what was previously posted if (isset($_SESSION['topass']['input'])) { $output = array_merge($output, $_SESSION['topass']['input']); unset($_SESSION['topass']['input']); } } else { unset($output['allow_comments']); } } else { unset($output['allow_comments']); } if (!empty($edit_comment)) { $_SERVER['QUERY_STRING'] = str_replace('&edit_comment=' . $edit_comment, '', $_SERVER['QUERY_STRING']); } return $myreturn; }
$sql = "SELECT forum_name, allow_reg_tracker, forum_tpl_id FROM " . BB_FORUMS . " WHERE forum_id = {$forum_id} LIMIT 1"; if (!$forum_id or !($f_data = DB()->fetch_row($sql))) { bb_die($lang['FORUM_NOT_EXIST']); } // tpl_data $tpl_data = array(); $sql = "SELECT * FROM " . BB_TOPIC_TPL . " WHERE tpl_id = {$f_data['forum_tpl_id']} LIMIT 1"; if (!$f_data['forum_tpl_id'] or !($tpl_data = DB()->fetch_row($sql))) { if (!$edit_tpl_mode) { redirect(POSTING_URL . "?mode=newtopic&f={$forum_id}"); } } $template->assign_vars(array('PAGE_TITLE' => $lang['NEW_RELEASE'], 'FORUM_NAME' => $f_data['forum_name'], 'FORUM_ID' => $forum_id, 'TPL_FORM_ACTION' => POSTING_URL . "?mode=newtopic&f={$forum_id}", 'REGULAR_TOPIC_HREF' => POSTING_URL . "?mode=newtopic&f={$forum_id}", 'TOR_REQUIRED' => $f_data['allow_reg_tracker'], 'EDIT_TPL' => $edit_tpl_mode, 'CAN_EDIT_TPL' => $can_edit_tpl, 'EDIT_TPL_URL' => POSTING_URL . "?mode=new_rel&f={$forum_id}&edit_tpl=1")); if ($tpl_data) { // tpl_rules_html $tpl_rules_html = ''; if ($tpl_data['tpl_rules_post_id']) { if (!($tpl_rules_html = bbcode2html(DB()->fetch_row("SELECT post_text FROM " . BB_POSTS_TEXT . " WHERE post_id = " . $tpl_data['tpl_rules_post_id'], 'post_text')))) { $tpl_data['tpl_rules_post_id'] = 0; DB()->query("UPDATE " . BB_TOPIC_TPL . " SET tpl_rules_post_id = 0 WHERE tpl_id = {$f_data['forum_tpl_id']} LIMIT 1"); } } $template->assign_vars(array('TPL_ID' => $tpl_data['tpl_id'], 'TPL_NAME' => $tpl_data['tpl_name'], 'TPL_SRC_FORM_VAL' => $tpl_data['tpl_src_form'], 'TPL_SRC_TITLE_VAL' => $tpl_data['tpl_src_title'], 'TPL_SRC_MSG_VAL' => $tpl_data['tpl_src_msg'], 'TPL_RULES_HTML' => $tpl_rules_html)); } if ($edit_tpl_mode) { $template->assign_vars(array('NO_TPL_ASSIGNED' => !$f_data['forum_tpl_id'], 'TPL_SELECT' => get_select('forum_tpl', $f_data['forum_tpl_id']))); if ($tpl_data) { $template->assign_vars(array('TPL_COMMENT' => $tpl_data['tpl_comment'], 'TPL_RULES_POST_ID' => $tpl_data['tpl_rules_post_id'], 'TPL_LAST_EDIT_TIME' => bb_date($tpl_data['tpl_last_edit_tm'], 'd-M-y H:i'), 'TPL_LAST_EDIT_USER' => get_username(intval($tpl_data['tpl_last_edit_by'])), 'TPL_LAST_EDIT_TIMESTAMP' => $tpl_data['tpl_last_edit_tm'])); } } print_page(TEMPLATES_DIR . 'posting_tpl.tpl');
$output['show_comments'] = true; $config = get_site_option(array('use_captcha', 'bbcode_comments', 'smilies_comm'), 'core'); $query = "SELECT a.`comment_id`,a.`comment`,a.`fk_user_id`,a.`_user` as `user`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,b.`_photo` as `photo` FROM `{$dbtable_prefix}comments_blog` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`fk_user_id`=b.`fk_user_id` WHERE a.`fk_parent_id`=" . $output['post_id'] . " ORDER BY a.`comment_id` ASC"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($rsrow = mysql_fetch_assoc($res)) { // if someone has asked to edit his/her comment if ($edit_comment == $rsrow['comment_id']) { $output['comment_id'] = $rsrow['comment_id']; $output['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]); } $rsrow['date_posted'] = strftime($time_options['datetime_format'], $rsrow['date_posted'] + $time_options['time_offset']); $rsrow['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); if (!empty($config['bbcode_comments'])) { $rsrow['comment'] = bbcode2html($rsrow['comment']); } if (!empty($config['smilies_comm'])) { $rsrow['comment'] = text2smilies($rsrow['comment']); } if (empty($rsrow['fk_user_id'])) { // for the link to member profile unset($rsrow['fk_user_id']); } if (empty($rsrow['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $rsrow['photo'])) { $rsrow['photo'] = 'no_photo.gif'; } $loop[] = $rsrow; } if (!empty($loop)) { $output['num_comments'] = count($loop);
$subject = sprintf($lang['MC_COMMENT_PM_SUBJECT'], $lang['MC_COMMENT'][$mc_type]['type']); $message = sprintf($lang['MC_COMMENT_PM_MSG'], get_username($post['poster_id']), make_url(POST_URL . "{$post_id}#{$post_id}"), $lang['MC_COMMENT'][$mc_type]['type'], $mc_text); send_pm($post['poster_id'], $subject, $message); cache_rm_user_sessions($post['poster_id']); } switch ($mc_type) { case 1: // Комментарий $mc_class = 'success'; break; case 2: // Информация $mc_class = 'info'; break; case 3: // Предупреждение $mc_class = 'warning'; break; case 4: // Нарушение $mc_class = 'danger'; break; default: $mc_class = ''; break; } $this->response['mc_type'] = $mc_type; $this->response['post_id'] = $post_id; $this->response['mc_title'] = sprintf($lang['MC_COMMENT'][$mc_type]['title'], profile_url($userdata)); $this->response['mc_text'] = bbcode2html($mc_text); $this->response['mc_class'] = $mc_class;
$blog_archive = array(); $query = "SELECT a.`post_id`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,UNIX_TIMESTAMP(a.`last_changed`) as `last_changed`,a.`fk_user_id`,a.`_user` as `user`,a.`fk_blog_id`,a.`title`,a.`post_content`,b.`_photo` as `photo`,c.`blog_name` FROM `{$dbtable_prefix}blog_posts` a,`{$dbtable_prefix}user_profiles` b,`{$dbtable_prefix}user_blogs` c WHERE a.`fk_user_id`=b.`fk_user_id` AND a.`fk_blog_id`=c.`blog_id` AND a.`status`=" . STAT_APPROVED; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($blog = mysql_fetch_assoc($res)) { $last_approved = $blog['last_changed']; unset($blog['last_changed']); $blog['fk_blog_id'] = (string) $blog['fk_blog_id']; $blog['title'] = sanitize_and_format($blog['title'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]); $post_content_short = substr($blog['post_content'], 0, strrpos(substr($blog['post_content'], 0, $short_blog_chars), ' ')); $post_content_short = sanitize_and_format($post_content_short, TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); $blog['post_content'] = sanitize_and_format($blog['post_content'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); if (!empty($config['bbcode_blogs'])) { $blog['post_content'] = bbcode2html($blog['post_content']); $post_content_short = bbcode2html($post_content_short); } if (!empty($config['use_smilies'])) { $blog['post_content'] = text2smilies($blog['post_content']); $post_content_short = text2smilies($post_content_short); } if (empty($blog['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $blog['photo'])) { $blog['photo'] = 'no_photo.gif'; } else { $blog['has_photo'] = true; } if (empty($blog['fk_user_id'])) { unset($blog['fk_user_id']); } $towrite = '<?php $post=' . var_export($blog, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '.inc.php', $towrite);
function postformat($mname, $data) { global $_G, $_SC, $_SGLOBAL; $data['shopurl'] = B_URL . "/store.php?id=" . $_SGLOBAL['panelinfo']['itemid']; $data['shopname'] = $_SGLOBAL['panelinfo']['subject']; $data['sourceurl'] = B_URL . "/store.php?id=" . $_SGLOBAL['panelinfo']['itemid'] . "&action=" . $mname . "&xid=" . $data['itemid']; $finalmsg = ''; switch ($mname) { case 'good': $finalmsg .= "[b][size=3]" . b_lang("good_minprice") . "[/size]" . "[/b][size=3][color=Red]" . $data['minprice'] . b_lang('rmb_yuan') . "[/color][/size] [size=3][b]" . b_lang('good_priceo') . "[/b]" . "" . $data['priceo'] . b_lang('rmb_yuan') . "[/size]\r\n\r\n"; $finalmsg .= "[size=3][b]" . b_lang("good_subjectimage") . "[/b][/size]\r\n[img]" . getattachurl($data['subjectimage']) . "[/img]\r\n\r\n"; $finalmsg .= "[size=3][b]" . b_lang('good_message') . "[/b][/size]\r\n[quote]" . bbs_bbcode(bbcode2html($data['message'])) . "[/quote]\r\n"; if ($relatedmsg = bbs_getrelatedinfo($mname, $data['itemid'], $_SGLOBAL['panelinfo']['itemid'])) { $finalmsg .= "[align=left][size=3][b]" . b_lang('item_related') . "[/b][/size][/align]" . $relatedmsg . "\r\n"; } $finalmsg .= "[align=left][size=3][b]" . b_lang('ownedshop') . "[/b][url=" . $data['shopurl'] . "]" . $data['shopname'] . "[/url][/size][/align]\r\n"; $finalmsg .= "[align=left][size=3][b]" . b_lang("good_cats") . "[/b]" . bbs_getitemcatids($data['catid'], $mname) . "[/size][/align]\r\n"; if ($attrmsg = bbs_getitemattr($data['catid'], $data['itemid'])) { $finalmsg .= "[align=left][size=3][b]" . b_lang("good_attributes") . "[/b]" . $attrmsg . "[/size][/align]\r\n"; } $finalmsg .= "[align=left][size=3][b]" . b_lang("good_validity") . "[/b]" . date("Y-m-d", $data['validity_start']) . b_lang('validityto') . date("Y-m-d", $data['validity_end']) . "[/size][/align]\r\n"; break; case 'notice': if (!empty($data['message']['jumpurl'])) { $finalmsg .= "[size=3][b]" . b_lang('notice_jumpurl') . "[/b][url=" . $data['jumpurl'] . "]" . $data['jumpurl'] . "[/url][/size]\r\n"; } else { $finalmsg .= "[size=3][b]" . b_lang("notice_subjectimage") . "[/b][/size]\r\n[img]" . getattachurl($data['subjectimage']) . "[/img]\r\n\r\n"; $finalmsg .= "[size=3][b]" . b_lang('notice_message') . "[/b][/size]\r\n[quote]" . bbs_bbcode(bbcode2html($data['message'])) . "[/quote]\r\n"; } $finalmsg .= "[align=left][size=3][b]" . b_lang('ownedshop') . "[/b][url=" . $data['shopurl'] . "]" . $data['shopname'] . "[/url][/size][/align]\r\n"; $finalmsg .= "[align=left][size=3][b]" . b_lang("notice_cats") . "[/b]" . bbs_getitemcatids($data['catid'], $mname) . "[/size][/align]\r\n"; if ($attrmsg = bbs_getitemattr($data['catid'], $data['itemid'])) { $finalmsg .= "[align=left][size=3][b]" . b_lang("good_attributes") . "[/b]" . $attrmsg . "[/size][/align]\r\n"; } $finalmsg .= "[align=left][size=3][b]" . b_lang("notice_validity") . "[/b]" . date("Y-m-d", $data['validity_start']) . b_lang('validityto') . date("Y-m-d", $data['validity_end']) . "[/size][/align]\r\n"; break; case 'consume': $finalmsg .= "[size=3][b]" . b_lang("consume_nav") . "[/b][/size]\r\n[img]" . getattachurl($data['subjectimage']) . "[/img]\r\n\r\n"; $finalmsg .= "[align=left][size=3][b]" . b_lang("consume_validity") . "[/b]" . date("Y-m-d", $data['validity_start']) . b_lang('validityto') . date("Y-m-d", $data['validity_end']) . "[/size][/align]\r\n"; $finalmsg .= "[align=left][size=3][b]" . b_lang("consume_message") . "[/b]" . $data['message'] . "[/size][/align]\r\n"; $finalmsg .= "[align=left][size=3][b]" . b_lang("consume_exception") . "[/b]" . $data['exception'] . "[/size][/align]\r\n"; $finalmsg .= "[align=left][size=3][b]" . b_lang("consume_tel") . "[/b]" . $_SGLOBAL['panelinfo']['tel'] . "[/size][/align]\r\n"; $finalmsg .= "[align=left][size=3][b]" . b_lang("consume_address") . "[/b]" . $_SGLOBAL['panelinfo']['address'] . "[/size][/align]\r\n"; $finalmsg .= "[align=left][size=3][b]" . b_lang('ownedshop') . "[/b][url=" . $data['shopurl'] . "]" . $data['shopname'] . "[/url][/size][/align]\r\n"; $finalmsg .= "[align=left][size=3][b]" . b_lang("consume_cats") . "[/b]" . bbs_getitemcatids($data['catid'], $mname) . "[/size][/align]\r\n"; if ($attrmsg = bbs_getitemattr($data['catid'], $data['itemid'])) { $finalmsg .= "[align=left][size=3][b]" . b_lang("good_attributes") . "[/b]" . $attrmsg . "[/size][/align]\r\n"; } break; case 'groupbuy': $finalmsg .= "[b][size=3]" . b_lang("groupbuy_priceo") . "[/size]" . "[/b][size=3][color=Red]" . $data['groupbuypriceo'] . b_lang('rmb_yuan') . "[/color][/size] [size=3][b]" . b_lang('group_buyprice') . "[/b]" . "" . $data['groupbuyprice'] . b_lang('rmb_yuan') . "[/size] "; $finalmsg .= "[size=3][b]" . b_lang("groupbuy_validity") . "[/b]" . date("Y-m-d", $data['validity_start']) . b_lang('validityto') . date("Y-m-d", $data['validity_end']) . " [url=" . $data['sourceurl'] . "#groupbyjoin" . "][color=Red]" . b_lang('groupbyjoin') . "[/color][/url][/size]\r\n"; $finalmsg .= "[size=3][b]" . b_lang("groupbuy_subjectimage") . "[/b][/size]\r\n[img]" . getattachurl($data['subjectimage']) . "[/img]\r\n\r\n"; $finalmsg .= "[size=3][b]" . b_lang('groupbuy_message') . "[/b][/size]\r\n[quote]" . bbs_bbcode(bbcode2html($data['message'])) . "[/quote]\r\n"; $finalmsg .= "[size=3][url=" . $data['sourceurl'] . "#groupbyjoin" . "][color=Red]" . b_lang('groupbyjoin') . "[/color][/url][/size]\r\n\r\n"; if ($relatedmsg = bbs_getrelatedinfo($mname, $data['itemid'], $_SGLOBAL['panelinfo']['itemid'])) { $finalmsg .= "[align=left][size=3][b]" . b_lang('item_related') . "[/b][/size][/align]" . $relatedmsg . "\r\n"; } $finalmsg .= "[align=left][size=3][b]" . b_lang('ownedshop') . "[/b][url=" . $data['shopurl'] . "]" . $data['shopname'] . "[/url][/size][/align]\r\n"; $finalmsg .= "[align=left][size=3][b]" . b_lang("groupbuy_cats") . "[/b]" . bbs_getitemcatids($data['catid'], $mname) . "[/size][/align]\r\n"; if ($attrmsg = bbs_getitemattr($data['catid'], $data['itemid'])) { $finalmsg .= "[align=left][size=3][b]" . b_lang("good_attributes") . "[/b]" . $attrmsg . "[/size][/align]\r\n"; } break; case 'album': $finalmsg .= "[size=3][b]" . b_lang("album_message") . "[/b][/size]" . $data['item']['subject'] . "\r\n\r\n"; $finalmsg .= "[size=3][b]" . b_lang("album_photolist") . "[/b][/size]\r\n\r\n"; if (!empty($data['photolist'])) { foreach ($data['photolist'] as $photo) { $finalmsg .= "[size=3]" . $photo['subject'] . "[/size]\r\n"; $finalmsg .= "[img]" . getattachurl($photo['subjectimage']) . "[/img]\r\n\r\n"; } } $finalmsg .= "[align=left][size=3][b]" . b_lang('ownedshop') . "[/b][url=" . $data['shopurl'] . "]" . $data['shopname'] . "[/url][/size][/align]\r\n"; $finalmsg .= "[align=left][size=3][b]" . b_lang("album_cats") . "[/b]" . bbs_getitemcatids($data['item']['catid'], $mname) . "[/size][/align]\r\n"; if ($attrmsg = bbs_getitemattr($data['catid'], $data['itemid'])) { $finalmsg .= "[align=left][size=3][b]" . b_lang("good_attributes") . "[/b]" . $attrmsg . "[/size][/align]\r\n"; } break; default: break; } $finalmsg .= "[size=3][b]" . b_lang('sourceurl') . "[/b][url=" . $data['sourceurl'] . "]" . $data['sourceurl'] . "[/url][/size]"; return $finalmsg; }
$this->ajax_die($lang['FLOOD_ERROR']); } } } // Double Post Control if (!empty($row['last_post_time']) && !IS_AM) { $sql = "\n\t\t\t\tSELECT pt.post_text\n\t\t\t\tFROM " . BB_POSTS . " p, " . BB_POSTS_TEXT . " pt\n\t\t\t\tWHERE {$where_sql}\n\t\t\t\t\tAND p.post_time = " . (int) $row['last_post_time'] . "\n\t\t\t\t\tAND pt.post_id = p.post_id\n\t\t\t\tLIMIT 1\n\t\t\t"; if ($row = DB()->fetch_row($sql)) { $last_msg = DB()->escape($row['post_text']); if ($last_msg == $message) { $this->ajax_die($lang['DOUBLE_POST_ERROR']); } } } if ($bb_cfg['max_smilies']) { $count_smilies = substr_count(bbcode2html($message), '<img class="smile" src="' . $bb_cfg['smilies_path']); if ($count_smilies > $bb_cfg['max_smilies']) { $this->ajax_die(sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies'])); } } DB()->sql_query("INSERT INTO " . BB_POSTS . " (topic_id, forum_id, poster_id, post_time, poster_ip) VALUES ({$topic_id}, " . $post['forum_id'] . ", " . $userdata['user_id'] . ", '" . TIMENOW . "', '" . USER_IP . "')"); $post_id = DB()->sql_nextid(); DB()->sql_query("INSERT INTO " . BB_POSTS_TEXT . " (post_id, post_text) VALUES ({$post_id}, '" . DB()->escape($message) . "')"); update_post_stats('reply', $post, $post['forum_id'], $topic_id, $post_id, $userdata['user_id']); $s_message = str_replace('\\n', "\n", $message); $s_topic_title = str_replace('\\n', "\n", $post['topic_title']); add_search_words($post_id, stripslashes($s_message), stripslashes($s_topic_title)); update_post_html(array('post_id' => $post_id, 'post_text' => $message)); if ($bb_cfg['topic_notify_enabled']) { $notify = !empty($this->request['notify']); user_notification('reply', $post, $post['topic_title'], $post['forum_id'], $topic_id, $notify);
function showbasicfield($mname, $editvalue, $_SSCONFIG, $categorylist, $file = 'admin') { global $_G, $_SGLOBAL, $item; //編輯頁面基本字段 $required = '<span style="color:red">*</span>'; pklabel(array('type' => 'input', 'other' => 'style="' . pktitlestyle($editvalue['styletitle']) . '"', 'alang' => $mname . '_subject', 'name' => 'subject', 'value' => $editvalue['subject'], 'required' => $required)); if ($mname == 'notice' || $mname == 'shop') { showstyletitle($mname, substr($editvalue['styletitle'], 0, 7)); } if (in_array($mname, array('good', 'album', 'consume', 'notice', 'groupbuy')) || pkperm('isadmin') && $mname == 'shop') { if (pkperm('isadmin') && $mname == 'shop') { $categorylist = getmodelcategory($mname); showsetting('syncfid', 'syncfid', '' . (empty($editvalue['syncfid']) ? '' : $editvalue['syncfid']), 'text'); echo '<tr><td class="td27" colspan="2">' . lang('category_' . $mname) . '<span style="color:red">*</span></td></tr><tr><td colspan="2" class="vtop rowform" id="' . $showarr['name'] . 'div">'; echo InteractionCategoryMenu($categorylist, 'catid', $editvalue['catid'], 1); echo '<span id="span_catid"></span></td></tr>'; } else { $categorylist = mymodelcategory($mname); echo '<tr><td class="td27" colspan="2">' . lang('category_' . $mname) . '<span style="color:red">*</span></td></tr><tr><td class="vtop rowform" id="catiddiv" colspan="2">'; echo InteractionCategoryMenu($categorylist, 'catid', $editvalue['catid'], 1); echo '<span id="span_catid"></span></td></tr>'; } if ($editvalue['attr_ids']) { require_once B_ROOT . '/batch.attribute.php'; $itemattrupdate = getattributesettingsupdate($editvalue['catid'], $editvalue['attr_ids']); } else { $itemattrupdate = ''; } echo '<tr><td colspan="2" style="border-top:none;"><div id="attributes">' . $itemattrupdate . '</div></td></tr>'; } elseif (!pkperm('isadmin') && $mname == 'shop') { $categorylist = getmodelcategory($mname); $editvalue['catid'] = $categorylist[$editvalue['catid']]['name']; showsetting($mname . '_catid', 'catid', $editvalue['catid'], 'p'); } if ($mname != 'consume') { pklabel(array('type' => 'file', 'alang' => $mname . '_subjectimage', 'name' => 'subjectimage', 'value' => $editvalue['subjectimage'], 'fileurl' => A_URL . '/' . $editvalue['subjectimage'])); } // 過期時間 if (in_array($mname, array('shop', 'good', 'consume', 'notice', 'groupbuy'))) { if (empty($editvalue['validity_start'])) { $editvalue['validity_start'] = date('Y-m-d', $_G['timestamp']); } else { $editvalue['validity_start'] = date('Y-m-d', $editvalue['validity_start']); } if (!pkperm('isadmin') && $_G['myshopstatus'] == 'verified' && $mname == 'shop') { showsetting('validity_start', 'validity_start', $editvalue['validity_start'], 'p'); } else { showsetting('validity_start', 'validity_start', $editvalue['validity_start'], 'calendar', '', 0, '', '', $value['required']); } if (empty($editvalue['validity_end'])) { $editvalue['validity_end'] = mktime(0, 0, 0, date('m', $_G['timestamp']), date('d', $_G['timestamp']), date('Y', $_G['timestamp']) + 10); if ($mname == 'consume') { $editvalue['validity_end'] = mktime(0, 0, 0, date('m', $_G['timestamp']) + 10, date('d', $_G['timestamp']), date('Y', $_G['timestamp'])); } } $editvalue['validity_end'] = date('Y-m-d', $editvalue['validity_end']); if (!pkperm('isadmin') && $_G['myshopstatus'] == 'verified' && $mname == 'shop') { showsetting('validity_end', 'validity_end', $editvalue['validity_end'], 'p'); } else { showsetting('validity_end', 'validity_end', $editvalue['validity_end'], 'calendar', '', 0, '', '', $value['required']); } } if ($mname == 'consume') { pklabel(array('type' => 'textarea', 'alang' => 'consume_message', 'name' => 'message', 'value' => $editvalue['message'])); pklabel(array('type' => 'textarea', 'alang' => 'consume_exception', 'name' => 'exception', 'value' => $editvalue['exception'])); if ($_G['setting']['allowcreateimg']) { $createimgradio = array(0, lang('createimg'), array('createimg' => '', 'uploadimg' => 'none')); } if ($_SGLOBAL['panelinfo']['group']['consumemaker'] == 1 || ckfounder($_G['uid'])) { $uploadimgradio = array(1, lang('uploadimg'), array('createimg' => 'none', 'uploadimg' => '')); } if (!empty($createimgradio) || !empty($uploadimgradio)) { showconsumemaker(array($uploadimgradio, $createimgradio), $file); } } /* 顯示商品描述 */ if ($mname == 'good') { pklabel(array('type' => 'textarea', 'alang' => 'good_intro', 'name' => 'intro', 'value' => $editvalue['intro'])); } if (pkperm('isadmin') && $mname != 'shop') { /* if($_GET['action'] == 'add') { showtablerow('', 'colspan="2" class="td27"', lang($mname.'_shopid').$required); showtablerow('class="noborder"', array('class="vtop rowform"', 'class="vtop tips2"'), array( show_cat_shop_linkarea(), lang($mname.'_shopid_comment') )); } elseif($_GET['action'] == 'edit') { showhiddenfields(array('shopid' => $editvalue['shopid'])); }*/ } elseif ($mname != 'shop') { showhiddenfields(array('shopid' => $editvalue['shopid'])); } else { pkregion(array('alang' => $mname . '_region', 'name' => 'region', 'options' => getmodelcategory('region'), 'value' => $editvalue['region'], 'required' => $required)); } if ($mname == 'shop') { pklabel(array('type' => 'input', 'alang' => 'global_seokeywords', 'name' => 'keywords', 'value' => $editvalue['keywords'])); pklabel(array('type' => 'textarea', 'alang' => 'global_seodescription', 'name' => 'description', 'value' => $editvalue['description'])); pklabel(array('type' => 'textarea', 'alang' => $mname . '_message', 'name' => 'message', 'value' => $editvalue['message'])); pklabel(array('type' => 'input', 'alang' => 'shop_letter', 'name' => 'letter', 'value' => $editvalue['letter'])); } elseif ($mname == 'good' || $mname == 'notice' || $mname == 'groupbuy') { $editvalue['message'] = bbcode2html($editvalue['message']); pklabel(array('type' => 'edit', 'alang' => $mname . '_message', 'name' => 'message', 'value' => $editvalue['message'])); } /* if($editvalue['grade'] > 1) { showsetting($mname.'_onshow', array('grade', array( array(3, lang($mname.'_onshow_true')), array(2, lang($mname.'_onshow_false')) )), $editvalue['grade'], 'select', '', 0, '', '', $required); }*/ }
<?php /** * [品牌空間] (C)2001-2010 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: groupbuy.inc.php 4373 2010-09-08 08:27:09Z yumiao $ */ if (!defined('IN_BRAND')) { exit('Access Denied'); } $_g_xid = intval($_GET['xid']); $_g_uid = intval($_GET['uid']); if ($_REQUEST['id'] && $_REQUEST['xid']) { $groupbuy = $_BCACHE->getiteminfo('groupbuy', $_REQUEST['xid'], $_REQUEST['id']); $groupbuy['message'] = bbcode2html($groupbuy['message']); if (!$groupbuy) { showmessage('not_found_msg', 'index.php'); } } if (!empty($_GET['do'])) { if (!in_array($_GET['do'], array('markdelstatus', 'marknormalstatus', 'groupbuy_attend_detail'))) { showmessage('system_error', '', 'error'); } else { if (!ckfounder($_G['uid']) && !array_key_exists($_REQUEST['id'], $_G['myshopsarr'])) { showmessage('no_perm', "store.php?id=" . $_GET['id'] . "&action=groupbuy&xid=" . $_g_xid); } } } if (submitcheck('submitgroupbuyjoin')) { @(include_once B_ROOT . './uc_client/client.php');
<?php define('BB_SCRIPT', 'terms'); define('BB_ROOT', './'); require BB_ROOT . 'common.php'; require INC_DIR . 'bbcode.php'; // Start session management $user->session_start(); if (!$bb_cfg['terms'] && !IS_ADMIN) { redirect('index.php'); } $template->assign_vars(array('TERMS_EDIT' => bbcode2html(sprintf($lang['TERMS_EMPTY_TEXT'], $domain_name)), 'TERMS_HTML' => bbcode2html($bb_cfg['terms']))); print_page('terms.tpl');
/** * Filter content according to a filter. * * @param $data string of text to filter and format according its filter settings. * @returns string with the filtered data. */ public static function Filter($data, $filter) { switch ($filter) { /* case 'php': $data = nl2br(makeClickable(eval('?>'.$data))); break; case 'html': $data = nl2br(makeClickable($data)); break;*/ case 'htmlpurify': $data = nl2br(CHTMLPurifier::Purify($data)); break; case 'bbcode': $data = nl2br(bbcode2html(htmlEnt($data))); break; case 'plain': default: $data = nl2br(makeClickable(htmlEnt($data))); break; } return $data; }
$email = ''; } // // Generate page // $profile_user_id = $profiledata['user_id'] == $userdata['user_id']; $signature = $bb_cfg['allow_sig'] && $profiledata['user_sig'] ? $profiledata['user_sig'] : ''; if (bf($profiledata['user_opt'], 'user_opt', 'dis_sig')) { if ($profile_user_id) { $signature = $lang['SIGNATURE_DISABLE']; } else { $signature = ''; } } else { if ($signature) { $signature = bbcode2html($signature); } } $template->assign_vars(array('PAGE_TITLE' => sprintf($lang['VIEWING_USER_PROFILE'], $profiledata['username']), 'USERNAME' => $profiledata['username'], 'PROFILE_USER_ID' => $profiledata['user_id'], 'PROFILE_USER' => $profile_user_id, 'USER_REGDATE' => bb_date($profiledata['user_regdate'], 'Y-m-d H:i', false), 'POSTER_RANK' => $poster_rank ? "<span class=\"{$rank_style}\">" . $poster_rank . "</span>" : $lang['USER'], 'RANK_IMAGE' => $rank_image, 'RANK_SELECT' => $rank_select, 'POSTS' => $profiledata['user_posts'], 'PM' => '<a href="' . PM_URL . '?mode=post&' . POST_USERS_URL . '=' . $profiledata['user_id'] . '">' . $lang['SEND_PRIVATE_MESSAGE'] . '</a>', 'EMAIL' => $email, 'WWW' => $profiledata['user_website'], 'ICQ' => $profiledata['user_icq'], 'LAST_VISIT_TIME' => $profiledata['user_lastvisit'] ? bf($profiledata['user_opt'], 'user_opt', 'user_viewonline') && !IS_ADMIN ? $lang['HIDDEN_USER'] : bb_date($profiledata['user_lastvisit'], 'Y-m-d H:i', false) : $lang['NEVER'], 'LAST_ACTIVITY_TIME' => $profiledata['user_session_time'] ? bf($profiledata['user_opt'], 'user_opt', 'user_viewonline') && !IS_ADMIN ? $lang['HIDDEN_USER'] : bb_date($profiledata['user_session_time'], 'Y-m-d H:i', false) : $lang['NEVER'], 'USER_ACTIVE' => $profiledata['user_active'], 'LOCATION' => $profiledata['user_from'], 'OCCUPATION' => $profiledata['user_occ'], 'INTERESTS' => $profiledata['user_interests'], 'SKYPE' => $profiledata['user_skype'], 'TWITTER' => $profiledata['user_twitter'], 'USER_POINTS' => $profiledata['user_points'], 'GENDER' => $bb_cfg['gender'] ? $lang['GENDER_SELECT'][$profiledata['user_gender']] : '', 'BIRTHDAY' => $bb_cfg['birthday_enabled'] && $profiledata['user_birthday'] != '0000-00-00' ? $profiledata['user_birthday'] : '', 'AGE' => $bb_cfg['birthday_enabled'] && $profiledata['user_birthday'] != '0000-00-00' ? birthday_age($profiledata['user_birthday']) : '', 'L_VIEWING_PROFILE' => sprintf($lang['VIEWING_USER_PROFILE'], $profiledata['username']), 'L_MY_PROFILE' => sprintf($lang['VIEWING_MY_PROFILE'], 'profile.php?mode=editprofile'), 'U_SEARCH_USER' => "search.php?search_author=1&uid={$profiledata['user_id']}", 'U_SEARCH_TOPICS' => "search.php?uid={$profiledata['user_id']}&myt=1", 'U_SEARCH_RELEASES' => "tracker.php?rid={$profiledata['user_id']}#results", 'AVATAR_IMG' => get_avatar($profiledata['user_id'], $profiledata['avatar_ext_id'], !bf($profiledata['user_opt'], 'user_opt', 'dis_avatar')), 'SIGNATURE' => $signature, 'SHOW_PASSKEY' => IS_ADMIN || $profile_user_id, 'SHOW_ROLE' => IS_AM || $profile_user_id || $profiledata['user_active'], 'GROUP_MEMBERSHIP' => false, 'TRAF_STATS' => !(IS_AM || $profile_user_id))); if (IS_ADMIN) { $group_membership = array(); $sql = "\n\t\tSELECT COUNT(g.group_id) AS groups_cnt, g.group_single_user, ug.user_pending\n\t\tFROM " . BB_USER_GROUP . " ug\n\t\tLEFT JOIN " . BB_GROUPS . " g USING(group_id)\n\t\tWHERE ug.user_id = {$profiledata['user_id']}\n\t\tGROUP BY ug.user_id, g.group_single_user, ug.user_pending\n\t\tORDER BY NULL\n\t"; if ($rowset = DB()->fetch_rowset($sql)) { $member = $pending = $single = 0; foreach ($rowset as $row) { if (!$row['group_single_user'] && !$row['user_pending']) { $member = $row['groups_cnt']; } else { if (!$row['group_single_user'] && $row['user_pending']) { $pending = $row['groups_cnt']; } else {
// // Has admin prevented user from sending PM's? // if (bf($userdata['user_opt'], 'user_opt', 'dis_pm') && $mode != 'edit') { $message = $lang['CANNOT_SEND_PRIVMSG']; } // // Start output, first preview, then errors then post form // $page_title = $lang['SEND_PRIVATE_MESSAGE']; if ($preview && !$error) { $orig_word = array(); $replacement_word = array(); obtain_word_list($orig_word, $replacement_word); $preview_message = htmlCHR($privmsg_message, false, ENT_NOQUOTES); $preview_message = bbcode2html($privmsg_message); if (count($orig_word)) { $preview_subject = preg_replace($orig_word, $replacement_word, $privmsg_subject); $preview_message = preg_replace($orig_word, $replacement_word, $preview_message); } else { $preview_subject = $privmsg_subject; } $s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />'; $s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />'; if (isset($privmsg_id)) { $s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $privmsg_id . '" />'; } $template->assign_vars(array('TPL_PREVIEW_POST' => true, 'TOPIC_TITLE' => wbr($preview_subject), 'POST_SUBJECT' => $preview_subject, 'MESSAGE_TO' => $to_username, 'MESSAGE_FROM' => $userdata['username'], 'POST_DATE' => bb_date(TIMENOW), 'PREVIEW_MSG' => $preview_message, 'S_HIDDEN_FIELDS' => $s_hidden_fields)); } // // Start error handling
$loop = array(); if (!empty($totalrows)) { if ($o >= $totalrows) { $o = $totalrows - $r; $o = $o >= 0 ? $o : 0; } $query = "SELECT `mtpl_id`,`subject`,`message_body` FROM {$from} WHERE {$where} LIMIT {$o},{$r}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($rsrow = mysql_fetch_assoc($res)) { // no need to sanitize // $rsrow['subject']=sanitize_and_format($rsrow['subject'],TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]); // $rsrow['message_body']=sanitize_and_format($rsrow['message_body'],TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]); if ($config['bbcode_message']) { $rsrow['message_body'] = bbcode2html($rsrow['message_body']); } $loop[] = $rsrow; } $output['pager2'] = pager($totalrows, $o, $r); } $output['return2me'] = 'my_responses.php'; if (!empty($_SERVER['QUERY_STRING'])) { $output['return2me'] .= '?' . $_SERVER['QUERY_STRING']; } $output['return2me'] = rawurlencode($output['return2me']); $tpl->set_file('content', 'my_responses.html'); $tpl->set_var('output', $output); $tpl->set_loop('loop', $loop); $tpl->process('content', 'content', TPL_LOOP | TPL_NOLOOP); $tpl->drop_loop('loop');
function bbcodeout($text) { echo bbcode2html($text); }
<?php if (!empty($setmodules)) { $module['GENERAL']['TERMS'] = basename(__FILE__); return; } require './pagestart.php'; require INC_DIR . 'bbcode.php'; if (isset($_POST['post']) && $bb_cfg['terms'] != $_POST['message']) { bb_update_config(array('terms' => $_POST['message'])); bb_die($lang['CONFIG_UPDATED']); } $template->assign_vars(array('S_ACTION' => 'admin_terms.php', 'EXT_LINK_NW' => $bb_cfg['ext_link_new_win'], 'MESSAGE' => $bb_cfg['terms'] ? $bb_cfg['terms'] : '', 'PREVIEW_HTML' => isset($_REQUEST['preview']) ? bbcode2html($_POST['message']) : '')); print_page('admin_terms.tpl', 'admin');
// Предупреждение $mc_class = 'warning'; break; case 4: // Нарушение $mc_class = 'danger'; break; default: $mc_class = ''; break; } $mc_select_type = array(); foreach ($lang['MC_COMMENT'] as $key => $value) { $mc_select_type[$key] = $value['type']; } $template->assign_block_vars('postrow', array('ROW_CLASS' => !($i % 2) ? 'row1' : 'row2', 'POST_ID' => $post_id, 'IS_NEWEST' => $post_id == $newest, 'POSTER_NAME' => profile_url(array('username' => $poster, 'user_rank' => $user_rank)), 'POSTER_NAME_JS' => addslashes($poster), 'POSTER_RANK' => $poster_rank, 'RANK_IMAGE' => $rank_image, 'POSTER_JOINED' => $bb_cfg['show_poster_joined'] ? $poster_longevity : '', 'POSTER_JOINED_DATE' => $poster_joined, 'POSTER_POSTS' => $bb_cfg['show_poster_posts'] ? $poster_posts : '', 'POSTER_FROM' => $bb_cfg['show_poster_from'] ? wbr($poster_from) : '', 'POSTER_BOT' => $poster_id == BOT_UID, 'POSTER_ID' => $poster_id, 'POSTER_AUTHOR' => $poster_id == $t_data['topic_poster'], 'POSTER_GENDER' => $bb_cfg['gender'] ? gender_image($postrow[$i]['user_gender']) : '', 'POSTED_AFTER' => $prev_post_time ? delta_time($postrow[$i]['post_time'], $prev_post_time) : '', 'IS_UNREAD' => is_unread($postrow[$i]['post_time'], $topic_id, $forum_id), 'IS_FIRST_POST' => !$start && $post_id == $t_data['topic_first_post_id'], 'MOD_CHECKBOX' => $moderation && ($start || defined('SPLIT_FORM_START')), 'POSTER_AVATAR' => $poster_avatar, 'POST_NUMBER' => $i + $start + 1, 'POST_DATE' => $post_date, 'MESSAGE' => $message, 'SIGNATURE' => $user_sig, 'EDITED_MESSAGE' => $l_edited_by, 'PM' => $pm_btn, 'PROFILE' => $profile_btn, 'QUOTE' => $quote_btn, 'EDIT' => $edit_btn, 'DELETE' => $delpost_btn, 'IP' => $ip_btn, 'POSTER_BIRTHDAY' => $bb_cfg['birthday_enabled'] && $this_date == $poster_birthday ? '<img src="' . $images['icon_birthday'] . '" alt="" title="' . $lang['HAPPY_BIRTHDAY'] . '" border="0" />' : '', 'MC_COMMENT' => $mc_type ? bbcode2html($mc_comment) : '', 'MC_BBCODE' => $mc_type ? $mc_comment : '', 'MC_CLASS' => $mc_class, 'MC_TITLE' => sprintf($lang['MC_COMMENT'][$mc_type]['title'], $mc_user_id), 'MC_SELECT_TYPE' => build_select("mc_type_{$post_id}", array_flip($mc_select_type), $mc_type), 'RG_AVATAR' => $rg_avatar, 'RG_NAME' => $rg_name, 'RG_URL' => GROUP_URL . $rg_id, 'RG_FIND_URL' => 'tracker.php?srg=' . $rg_id, 'RG_SIG' => $rg_signature, 'RG_SIG_ATTACH' => $postrow[$i]['attach_rg_sig'])); if ($postrow[$i]['post_attachment'] && $is_auth['auth_download'] && function_exists('display_post_attachments')) { display_post_attachments($post_id, $postrow[$i]['post_attachment']); } if ($moderation && !defined('SPLIT_FORM_START') && ($start || $post_id == $t_data['topic_first_post_id'])) { define('SPLIT_FORM_START', TRUE); } if ($poster_id != BOT_UID) { $prev_post_time = $postrow[$i]['post_time']; } } set_tracks(COOKIE_TOPIC, $tracking_topics, $topic_id, $max_post_time); if (defined('SPLIT_FORM_START')) { $template->assign_vars(array('SPLIT_FORM' => true, 'START' => $start, 'S_SPLIT_ACTION' => "modcp.php", 'POST_FORUM_URL' => POST_FORUM_URL, 'POST_TOPIC_URL' => POST_TOPIC_URL)); } // Quick Reply
if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $totalrows = mysql_result($res, 0, 0); $loop = array(); if (!empty($totalrows)) { if ($o >= $totalrows) { $o = $totalrows - $r; $o = $o >= 0 ? $o : 0; } $query = "SELECT `flirt_id`,`flirt_text`,`flirt_type` FROM {$from} WHERE {$where} LIMIT {$o},{$r}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($rsrow = mysql_fetch_assoc($res)) { $rsrow['flirt_text'] = bbcode2html($rsrow['flirt_text']); $loop[] = $rsrow; } $output['pager2'] = pager($totalrows, $o, $r); } $output['return2me'] = 'flirts.php'; if (!empty($_SERVER['QUERY_STRING'])) { $output['return2me'] .= '?' . $_SERVER['QUERY_STRING']; } $output['return2me'] = rawurlencode($output['return2me']); $tpl->set_file('content', 'flirts.html'); $tpl->set_loop('loop', $loop); $tpl->set_var('output', $output); $tpl->process('content', 'content', TPL_LOOP | TPL_NOLOOP); $tpl->drop_loop('loop'); $tpl->drop_var('output.pager2');
// $output['message_body']=sanitize_and_format($output['message_body'],TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]); check_login_member('message_read'); $output['message_body'] = nl2br($output['message_body']); break; case MESS_FLIRT: check_login_member('flirt_read'); break; case MESS_SYSTEM: // check_login_member('auth'); this check was made at the begining if (empty($output['_user_other'])) { $output['_user_other'] = $GLOBALS['_lang'][135]; } $tpl->set_var('spam_controls', false); break; } $output['message_body'] = text2smilies(bbcode2html($output['message_body'])); if (empty($output['photo'])) { $output['photo'] = 'no_photo.gif'; } if (empty($output['other_id'])) { unset($output['other_id']); } else { require _BASEPATH_ . '/includes/network_functions.inc.php'; if (is_network_member($_SESSION[_LICENSE_KEY_]['user']['user_id'], $output['other_id'], NET_BLOCK)) { $output['is_blocked'] = true; } $output['net_block'] = NET_BLOCK; } $output['mailbox_name'] = $my_folders[$output['fid']]; $output['return2me'] = 'message_read.php'; if (!empty($_SERVER['QUERY_STRING'])) {
} } // Add the moderator $username = $group_moderator['username']; $user_id = $group_moderator['user_id']; generate_user_info($group_moderator, $bb_cfg['default_dateformat'], $is_moderator, $from, $posts, $joined, $pm, $email, $www, $user_time, $avatar); $group_type = ''; if ($group_info['group_type'] == GROUP_OPEN) { $group_type = $lang['GROUP_OPEN']; } elseif ($group_info['group_type'] == GROUP_CLOSED) { $group_type = $lang['GROUP_CLOSED']; } elseif ($group_info['group_type'] == GROUP_HIDDEN) { $group_type = $lang['GROUP_HIDDEN']; } $i = 0; $template->assign_vars(array('ROW_NUMBER' => $i + ($start + 1), 'GROUP_INFO' => true, 'PAGE_TITLE' => $lang['GROUP_CONTROL_PANEL'], 'GROUP_NAME' => htmlCHR($group_info['group_name']), 'GROUP_DESCRIPTION' => bbcode2html($group_info['group_description']), 'GROUP_SIGNATURE' => bbcode2html($group_info['group_signature']), 'GROUP_AVATAR' => get_avatar(GROUP_AVATAR_MASK . $group_id, $group_info['avatar_ext_id'], true), 'GROUP_DETAILS' => $group_details, 'GROUP_TIME' => !empty($group_info['group_time']) ? sprintf('%s <span class="posted_since">(%s)</span>', bb_date($group_info['group_time']), delta_time($group_info['group_time'])) : $lang['NONE'], 'MOD_USER' => profile_url($group_moderator), 'MOD_AVATAR' => $avatar, 'MOD_FROM' => $from, 'MOD_JOINED' => $joined, 'MOD_POSTS' => $posts, 'MOD_PM' => $pm, 'MOD_EMAIL' => $email, 'MOD_WWW' => $www, 'MOD_TIME' => !empty($group_info['mod_time']) ? bb_date($group_info['mod_time']) : $lang['NONE'], 'U_SEARCH_USER' => "search.php?mode=searchuser", 'U_SEARCH_RELEASES' => "tracker.php?srg={$group_id}", 'U_GROUP_RELEASES' => "group.php?view=releases&" . POST_GROUPS_URL . "={$group_id}", 'U_GROUP_MEMBERS' => "group.php?view=members&" . POST_GROUPS_URL . "={$group_id}", 'U_GROUP_CONFIG' => "group_edit.php?g={$group_id}", 'RELEASE_GROUP' => $group_info['release_group'] ? true : false, 'GROUP_TYPE' => $group_type, 'S_GROUP_OPEN_TYPE' => GROUP_OPEN, 'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED, 'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN, 'S_GROUP_OPEN_CHECKED' => $group_info['group_type'] == GROUP_OPEN ? ' checked="checked"' : '', 'S_GROUP_CLOSED_CHECKED' => $group_info['group_type'] == GROUP_CLOSED ? ' checked="checked"' : '', 'S_GROUP_HIDDEN_CHECKED' => $group_info['group_type'] == GROUP_HIDDEN ? ' checked="checked"' : '', 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_MODE_SELECT' => $select_sort_mode, 'S_ORDER_SELECT' => $select_sort_order, 'S_GROUP_ACTION' => "group.php?" . POST_GROUPS_URL . "={$group_id}")); switch ($view_mode) { case 'releases': // TODO Correct SQL to posts with attach and limit them, optimization if (!$group_info['release_group']) { set_die_append_msg(false, false, $group_id); bb_die($lang['NOT_A_RELEASE_GROUP']); } // Count releases for pagination $all_releases = DB()->fetch_rowset("\n\t\t\t\tSELECT p.topic_id, p.forum_id, p.poster_id, t.topic_title, t.topic_time, f.forum_name, u.username, u.avatar_ext_id, u.user_opt, u.user_rank\n\t\t\t\tFROM " . BB_POSTS . " p\n\t\t\t\tLEFT JOIN " . BB_TOPICS . " t ON(p.topic_id = t.topic_id)\n\t\t\t\tLEFT JOIN " . BB_FORUMS . " f ON(p.forum_id= f.forum_id)\n\t\t\t\tLEFT JOIN " . BB_USERS . " u ON(p.poster_id = u.user_id)\n\t\t\t\tWHERE p.poster_rg_id = {$group_id}\n\t\t\t\tORDER BY t.topic_time DESC\n\t\t\t\tLIMIT {$rel_limit}\n\t\t\t"); $count_releases = count($all_releases); generate_pagination(GROUP_URL . $group_id . "&view=releases", $count_releases, $per_page, $start); $sql = "\n\t\t\t\tSELECT p.topic_id, p.forum_id, p.poster_id, t.topic_title, t.topic_time, f.forum_name, u.username, u.avatar_ext_id, u.user_opt, u.user_rank\n\t\t\t\tFROM " . BB_POSTS . " p\n\t\t\t\tLEFT JOIN " . BB_TOPICS . " t ON(p.topic_id = t.topic_id)\n\t\t\t\tLEFT JOIN " . BB_FORUMS . " f ON(p.forum_id= f.forum_id)\n\t\t\t\tLEFT JOIN " . BB_USERS . " u ON(p.poster_id = u.user_id)\n\t\t\t\tWHERE p.poster_rg_id = {$group_id}\n\t\t\t\tORDER BY t.topic_time DESC\n\t\t\t\tLIMIT {$start}, {$per_page}\n\t\t\t"; if (!($releases = DB()->fetch_rowset($sql))) { set_die_append_msg(false, false, $group_id); bb_die($lang['NO_SEARCH_MATCH']);
$output = array_merge($output, mysql_fetch_assoc($res)); $output['date_sent'] = strftime($config['datetime_format'], $output['date_sent'] + $config['time_offset']); // no need to sanitize // $output['subject']=sanitize_and_format($output['subject'],TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]); switch ($output['message_type']) { case MESS_MESS: // no need to sanitize // $output['message_body']=sanitize_and_format($output['message_body'],TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]); break; case MESS_FLIRT: break; case MESS_SYSTEM: if (empty($output['_user_other'])) { $output['_user_other'] = 'SYSTEM'; // translate } break; } $output['message_body'] = text2smilies(bbcode2html($output['message_body'])); if ($output['message_type'] == MESS_SYSTEM || empty($output['fk_user_id_other'])) { unset($output['fk_user_id_other']); } } $output['message_body'] = bbcode2html($output['message_body']); $tpl->set_file('content', 'user_message_read.html'); $tpl->set_var('output', $output); $tpl->process('content', 'content', TPL_OPTIONAL); } $tplvars['title'] = 'Read User Message'; $tplvars['page'] = 'user_message_read'; include 'frame.php';