function jal_addData($sbid, $name, $url, $text, $delshouts, $user_calc, $user_Control, &$params) { $mainframe = JFactory::getApplication(); $user =& JFactory::getUser(); if ($user->get('guest') && !$params->get('post_guest')) { return; } $session =& JFactory::getSession(); if ($session->get('shoutcaptcha') != 'ok' || md5($user_calc . $params->get('phrase')) != $user_Control) { return; } if (intval($session->get('shoutboxtries')) > intval($params->get('captcha_tries'))) { return; } //filter some spam $url = $url == "http://" ? "" : htmlspecialchars($url); if ($params->get('url') == 0 && strlen($url) > 0) { return; } if ($user->get('guest') && substr_count($text, 'http://') > intval($params->get('guest_urls'))) { return; } //Banned Words $bwords = $params->get('banned'); $bwords = preg_split('[, ]', $bwords); //Censored Words $censored = $params->get('censored'); $censored = preg_split('[, ]', $censored); $db =& JFactory::getDBO(); $ip = $_SERVER['REMOTE_ADDR']; $name = strip_tags($name); $name = substr(trim($name), 0, 12); $text = strip_tags($text); $text = substr($text, 0, 500); $text = htmlspecialchars(trim($text)); foreach ($bwords as $badword) { if ($badword && strpos(strtolower($text), strtolower($badword)) !== false) { return; } } foreach ($censored as $badword) { $text = preg_replace("/\\b(" . str_replace('\\*', '\\w*?', preg_quote($badword)) . ")\\b/ie", "str_repeat('#', strlen('\\1'))", $text); } $name = empty($name) ? "Anonymous" : htmlspecialchars($name); $date =& JFactory::getDate(); $time = $date->toUnix(); $avatar = 0; if ($params->get('avatar')) { $avatar = htmlspecialchars(modShoutboxHelper::getAvatar($user, $params->get('avatar'), $params->get('dav'))); } $target = ''; if (strpos($text, JURI::base()) === false) { $target = ' target="_blank" rel="nofollow"'; } $text = preg_replace("`(http|ftp)+(s)?:(//)((\\w|\\.|\\-|_)+)(/)?(\\S+)?`i", "<a href=\"\\0\"{$target}>«link»</a>", $text); $text = preg_replace("`([-_a-z0-9]+(\\.[-_a-z0-9]+)*@[-a-z0-9]+(\\.[-a-z0-9]+)*\\.[a-z]{2,6})`i", "<a href=\"mailto:\\1\">«email»</a>", $text); $mainframe->triggerEvent('onBBCode_RenderText', array(&$text)); $mainframe->triggerEvent('onSmiley_RenderText', array(&$text)); $query = 'INSERT INTO #__shoutbox' . ' (sbid,time,name,avatar,url,text,ip) VALUES (' . $db->quote($sbid) . ', "' . $time . '", ' . $db->quote($name) . ', ' . $db->quote($avatar) . ', ' . $db->quote($url) . ', ' . $db->quote($text) . ', ' . $db->quote($ip) . ' )'; $db->setQuery($query); if (!$db->query()) { JError::raiseError(500, $db->stderr()); return false; } modShoutboxHelper::deleteOld($delshouts); }