if (isset($files['update']['name']) and preg_match("=^(.*?)\\.sql\$=si", $files['update']['name'])) {
if ($files['update']['name'] == 'install.sql') {
$install_sql++;
} else {
$sql_content = file_get_contents($files['update']['tmp_name']);
cs_ajaxfiles_clear();
}
} elseif (!empty($_POST['text'])) {
$sql_content = $_POST['text'];
}
if (!empty($sql_content)) {
$sql_update = str_replace('{time}', cs_time(), $sql_content);
$sql_update = cs_sql_replace($sql_update);
$sql_update = str_replace('\\;', '{serial}', $sql_update);
$sql_array = explode(';', $sql_update);
cs_abcode_load();
foreach ($sql_array as $sql_query) {
$sql_query = trim(str_replace('{serial}', ';', $sql_query));
if (!empty($sql_query)) {
$sql_lower = strtolower($sql_query);
$look_up = 0;
if (strpos($sql_lower, 'explain') === 0 or strpos($sql_lower, 'select') === 0 or strpos($sql_lower, 'show') === 0) {
$look_up = 1;
}
if ($check = cs_sql_query(__FILE__, $sql_query, $look_up)) {
$para[1] = 'green';
$info = $check['affected_rows'];
if (!empty($look_up) and isset($check['more'][0])) {
$hide = array('users_pwd', 'users_cookiehash');
$explains = array();
foreach ($check['more'][0] as $key => $value) {
function cs_secure($replace, $features = 0, $smileys = 0, $clip = 1, $html = 0, $phpeval = 0)
{
global $cs_main;
$newlines = 1;
$op_abcode = cs_sql_option(__FILE__, 'abcode');
cs_abcode_load();
$replace = str_replace(array('{', '}'), array('{', '}'), $replace);
if (!empty($features)) {
cs_abcode_mode(1);
$replace = preg_replace_callback("=\\[php\\](.*?)\\[/php\\]=si", "cs_abcode_php", $replace);
}
if (!empty($smileys)) {
static $loop, $loop_abc;
if (empty($loop_abc)) {
$select = 'abcode_func, abcode_pattern, abcode_result, abcode_file';
$loop_abc = cs_sql_select(__FILE__, 'abcode', $select, 0, 0, 0, 0, 'abcode_content');
$loop = count($loop_abc);
}
for ($run = 0; $run < $loop; $run++) {
if ($loop_abc[$run]['abcode_func'] == 'img') {
$img_file = 'uploads/abcode/' . $loop_abc[$run]['abcode_file'];
$img_src = cs_html_img($img_file);
$replace = str_replace($loop_abc[$run]['abcode_pattern'], '{' . $img_src . '}', $replace);
} elseif ($loop_abc[$run]['abcode_func'] == 'str') {
$pattern = $loop_abc[$run]['abcode_pattern'];
$replace = str_replace($pattern, '{' . $loop_abc[$run]['abcode_result'] . '}', $replace);
}
}
}
$replace = htmlentities($replace, ENT_QUOTES, $cs_main['charset']);
$replace = preg_replace('=&#(\\d+);=si', '&#\\1;', $replace);
$replace = preg_replace_callback('={(.*?)}=si', 'cs_abcode_decode', $replace);
if (!empty($features)) {
if (!empty($html)) {
$newlines = cs_abcode_inhtml($replace) ? 0 : 1;
$replace = preg_replace_callback("=\\[html\\](.*?)\\[/html\\]=si", "cs_abcode_html", $replace);
}
if (!empty($phpeval)) {
$replace = preg_replace_callback("=\\[phpcode\\](.*?)\\[/phpcode\\]=si", 'cs_abcode_eval', $replace);
}
if (!empty($newlines)) {
$replace = nl2br($replace);
}
$replace = preg_replace_callback("=\\[u\\](.*?)\\[/u\\]=si", "cs_abcode_u", $replace);
$replace = preg_replace_callback("=\\[b\\](.*?)\\[/b\\]=si", "cs_abcode_b", $replace);
$replace = preg_replace_callback("=\\[i\\](.*?)\\[/i\\]=si", "cs_abcode_i", $replace);
$replace = preg_replace_callback("=\\[s\\](.*?)\\[/s\\]=si", "cs_abcode_s", $replace);
$replace = preg_replace_callback("'\\[(?P<name>email|mail)\\](.*?)\\[/(?P=name)\\]'i", "cs_abcode_mail", $replace);
$replace = preg_replace_callback('=([^\\s]{2,})@([^\\s]{2,})\\.([^\\s]{2,7})(?![^<]+>|[^&]*;)=i', 'cs_abcode_mail', $replace);
$replace = preg_replace_callback("=\\[color\\=(#*[\\w]*?)\\](.*?)\\[/color\\]=si", "cs_abcode_color", $replace);
$replace = preg_replace_callback("=\\[size\\=([\\d]*?)\\](.*?)\\[/size\\]=si", "cs_abcode_size", $replace);
$replace = preg_replace_callback("'\\[(?P<align>left|center|right|justify)\\](.*?)\\[/(?P=align)\\]'si", "cs_abcode_align", $replace);
$replace = preg_replace_callback("=\\[list\\=([\\w]*?)\\](.*?)\\[/list\\]=si", "cs_abcode_list", $replace);
$replace = preg_replace_callback("=\\[list\\](.*?)\\[/list\\]=si", "cs_abcode_list", $replace);
$replace = preg_replace_callback("=\\[url\\=(.*?)\\]\\[img width\\=(.*?) height\\=(.*?)\\](.*?)\\[/img\\]\\[/url\\]=si", "cs_abcode_urlimg", $replace);
$replace = preg_replace_callback("=\\[url\\=(.*?)\\](.*?)\\[/url\\]=si", "cs_abcode_url", $replace);
$replace = preg_replace_callback("=\\[url\\](.*?)\\[/url\\]=i", "cs_abcode_url", $replace);
$replace = preg_replace_callback("=\\[img width\\=([\\d]*?) height\\=([\\d]*?)\\](.*?)\\[/img\\]=si", "cs_abcode_img", $replace);
$replace = preg_replace_callback("=\\[img\\](.*?)\\[/img\\]=i", "cs_abcode_img", $replace);
$replace = preg_replace_callback('=\\[flag\\=([\\w]*?)\\]=i', 'cs_abcode_flag', $replace);
$replace = preg_replace_callback("=\\[indent\\=([\\d]*?)\\](.*?)\\[/indent\\]=si", "cs_abcode_indent", $replace);
$replace = preg_replace_callback("=\\[threadid\\=([\\w]*?)\\](.*?)\\[/threadid\\]=si", "cs_abcode_threadid", $replace);
$replace = preg_replace_callback("=\\[h\\=([\\d]*?)\\](.*?)\\[/h\\]=si", "cs_abcode_h", $replace);
$replace = preg_replace_callback("=\\[hr\\]=i", "cs_abcode_hr", $replace);
preg_match_all('=\\[quote\\=?(.*?)\\]=si', $replace, $quote_sub);
$quote_start_count = count($quote_sub[0]);
$quote_end_count = substr_count($replace, '[/quote]');
if ($quote_start_count !== 0 && $quote_start_count == $quote_end_count) {
$replace = preg_replace_callback('=\\[quote\\=?(.*?)\\]=si', "cs_abcode_quote", $replace);
$replace = preg_replace_callback('=\\[/quote\\]=si', "cs_abcode_quote", $replace);
}
if (!empty($clip)) {
$replace = preg_replace_callback("=\\[clip\\=(.*?)\\](.*?)\\[/clip\\]=si", "cs_abcode_clip", $replace);
}
}
if (!empty($html)) {
global $htmlcode;
if (!empty($htmlcode)) {
$count = count($htmlcode);
for ($i = 0; $i < $count; $i++) {
$replace = str_replace('{html' . $i . '}', $htmlcode[$i], $replace);
}
}
}
if (!empty($features)) {
cs_abcode_mode(1);
if (empty($html)) {
$replace = preg_replace_callback('=(www\\.|http://|ftp://|https://)([^\\s]+)\\.([^\\s]+)(?![^<]+>|[^&]*;)=si', 'cs_abcode_urlauto', $replace);
if (!empty($op_abcode['word_cut'])) {
$replace = preg_replace("=(?![>])([^\\s*?]{" . $op_abcode['word_cut'] . "})(?![^<]+>|[^&]*;)=", "\\0 ", $replace);
}
}
$replace = preg_replace_callback("=\\[php\\](.*?)\\[/php\\]=si", "cs_abcode_php", $replace);
}
return $replace;
}
