function get_form_data($field_name, &$val, &$err) { if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST[$field_name])) { $err = "Field is required"; } else { $val = process_input($_POST[$field_name]); } } }
} } if ($_POST && !$error && !isset($_GET["select"])) { $location = $_POST["referer"]; if ($_POST["insert"]) { // continue edit or insert $location = $update ? null : $_SERVER["REQUEST_URI"]; } elseif (!ereg('^.+&select=.+$', $location)) { $location = ME . "select=" . urlencode($TABLE); } if (isset($_POST["delete"])) { query_redirect("DELETE" . limit1("FROM " . table($TABLE), " WHERE {$where}"), $location, array(lang('Item has been deleted.'), 'success')); } else { $set = array(); foreach ($fields as $name => $field) { $val = process_input($field); if ($val !== false && $val !== null) { $set[idf_escape($name)] = $update ? "\n" . idf_escape($name) . " = {$val}" : $val; } } if ($update) { if (!$set) { redirect($location); } query_redirect("UPDATE" . limit1(table($TABLE) . " SET" . implode(",", $set), "\nWHERE {$where}"), $location, array(lang('Item has been updated.'), 'success')); } else { $result = insert_into($TABLE, $set); $last_id = $result ? last_id() : 0; queries_redirect($location, array(lang('Item%s has been inserted.', $last_id ? " {$last_id}" : ""), 'success'), $result); //! link }
$query = implode(" UNION ALL ", $union); } $adminer->dumpData($TABLE, "table", $query); exit; } if (!$adminer->selectEmailProcess($where, $foreign_keys)) { if ($_POST["save"] || $_POST["delete"]) { // edit $result = true; $affected = 0; $query = table($TABLE); $set = array(); if (!$_POST["delete"]) { foreach ($columns as $name => $val) { //! should check also for edit or insert privileges $val = process_input($fields[$name]); if ($val !== null) { if ($_POST["clone"]) { $set[idf_escape($name)] = $val !== false ? $val : idf_escape($name); } elseif ($val !== false) { $set[] = idf_escape($name) . " = {$val}"; } } } $query .= $_POST["clone"] ? " (" . implode(", ", array_keys($set)) . ")\nSELECT " . implode(", ", $set) . "\nFROM " . table($TABLE) : " SET\n" . implode(",\n", $set); } if ($_POST["delete"] || $set) { $command = "UPDATE"; if ($_POST["delete"]) { $command = "DELETE"; $query = "FROM {$query}";
$routine = routine($_GET["call"], isset($_GET["callf"]) ? "FUNCTION" : "PROCEDURE"); $in = array(); $out = array(); foreach ($routine["fields"] as $i => $field) { if (substr($field["inout"], -3) == "OUT") { $out[$i] = "@" . idf_escape($field["field"]) . " AS " . idf_escape($field["field"]); } if (!$field["inout"] || substr($field["inout"], 0, 2) == "IN") { $in[] = $i; } } if (!$error && $_POST) { $call = array(); foreach ($routine["fields"] as $key => $field) { if (in_array($key, $in)) { $val = process_input($key, $field); if ($val === false) { $val = "''"; } if (isset($out[$key])) { $mysql->query("SET @" . idf_escape($field["field"]) . " = " . $val); } } $call[] = isset($out[$key]) ? "@" . idf_escape($field["field"]) : $val; } $result = $mysql->multi_query((isset($_GET["callf"]) ? "SELECT" : "CALL") . " " . idf_escape($_GET["call"]) . "(" . implode(", ", $call) . ")"); if (!$result) { echo "<p class='error'>" . htmlspecialchars($mysql->error) . "</p>\n"; } else { do { $result = $mysql->store_result();
<?php /* * Forum Runner * * Copyright (c) 2010-2011 to End of Time Studios, LLC * * This file may not be redistributed in whole or significant part. * * http://www.forumrunner.com */ chdir(MCWD); chdir('../'); // Fake this so global.php doesn't boot us on forums requiring a login $v = process_input(array('cmd' => STRING)); if ($v['cmd'] == 'get_new_updates' || $v['cmd'] == 'version') { $_REQUEST['do'] = 'login'; define('SESSION_BYPASS', 1); } unset($v); define('THIS_SCRIPT', 'login'); define('CSRF_PROTECTION', false); $globaltemplates = array('reportitem'); $specialtemplates = array('userstats', 'maxloggedin'); $phrasegroups = array('banning', 'threadmanage', 'posting', 'inlinemod'); require_once './global.php'; require_once DIR . '/includes/functions_misc.php'; require_once DIR . '/includes/functions_bigthree.php'; require_once DIR . '/includes/class_reportitem.php'; function do_mark_read() {
function parse_post($text, $allowsmilie = false) { global $nuke_quotes, $fr_platform, $images; $images = array(); if (is_ipb()) { // Replace <br.*/> with \n $text = preg_replace('#<br.*?/>#is', "\n", $text); } $smilies = false; $v = process_input(array('smilies' => BOOLEAN)); if (isset($v['smilies'])) { $smilies = $v['smilies'] === true; } // Trim each line $lines = preg_split("/\n/", $text); for ($i = 0; $i < count($lines); $i++) { $lines[$i] = trim($lines[$i]); } $text = join("\n", $lines); $text = prepare_utf8_string($text, false); $bbcode = new StringParser_BBCode(); $bbcode->setGlobalCaseSensitive(false); // Handle default BBCode $bbcode->addCode('quote', 'callback_replace', 'handle_quotes', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('url', 'usecontent?', 'handle_url', array('usecontent_param' => 'default'), 'link', array('listitem', 'block', 'inline'), array('link')); $bbcode->addCode('source', 'usecontent?', 'handle_url', array('usecontent_param' => 'default'), 'link', array('listitem', 'block', 'inline'), array('link')); if (!is_mybb()) { // myBB wonky attachment codes are already handled $bbcode->addCode('attach', 'callback_replace', 'handle_attach', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); } $bbcode->addCode('attach', 'callback_replace', 'handle_attach', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('img', 'callback_replace', 'handle_image', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('imgl', 'callback_replace', 'handle_image', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('imgr', 'callback_replace', 'handle_image', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); //$bbcode->addCode('spoiler', 'callback_replace', 'handle_spoiler', array(), 'inline', //array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('b', 'callback_replace', 'handle_bbcode_bold', array('usecontent_param' => array('default')), 'inline', array('listitem', 'block', 'inline', 'link'), array()); $bbcode->addCode('i', 'callback_replace', 'handle_bbcode_italic', array('usecontent_param' => array('default')), 'inline', array('listitem', 'block', 'inline', 'link'), array()); $bbcode->addCode('color', 'callback_replace', 'handle_bbcode_color', array('usecontent_param' => array('default')), 'inline', array('listitem', 'block', 'inline', 'link'), array()); $bbcode->setCodeFlag('color', 'closetag', BBCODE_CLOSETAG_MUSTEXIST); // Video Link BBCode $bbcode->addCode('yt', 'callback_replace', 'fr_handle_youtube', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('youtube', 'callback_replace', 'fr_handle_youtube', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('video', 'callback_replace', 'handle_video', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('ame', 'callback_replace', 'handle_video', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('media', 'callback_replace', is_xen() ? 'handle_xen_media' : 'handle_video', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('tex', 'callback_replace', 'fr_handle_tex', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); if (function_exists('fr_branded_bbcode_handler')) { @fr_branded_bbcode_handler($bbcode); } if (is_mybb()) { $bbcode->setMixedAttributeTypes(true); } $nuked_quotes = $text; $text = htmlspecialchars_uni($text); $nuke_quotes = true; $nuked_quotes = $bbcode->parse($nuked_quotes); if (is_ipb()) { $nuked_quotes = ipb_handle_attachments($nuked_quotes); } $nuke_quotes = false; $text = $bbcode->parse($text); if (is_ipb()) { $text = ipb_handle_attachments($text); } // Snag out images preg_match_all('#\\[IMG\\](.*?)\\[/IMG\\]#is', $text, $matches); $text = preg_replace("#\\[IMG\\](.*?)\\[/IMG\\]#is", '', $text); $nuked_quotes = preg_replace("#\\[IMG\\](.*?)\\[/IMG\\]#is", '', $nuked_quotes); if ($smilies) { if (is_vb()) { global $vbulletin; $parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $text = $parser->parse_smilies($text, false); $text = preg_replace_callback('#img src="(.*?)"#is', parse_post_callback, $text); } } $text = preg_replace("#\n\n\n+#", "\n\n", $text); $text = preg_replace("#\n#", "<br/>", $text); $text = remove_bbcode($text); $nuked_quotes = preg_replace("#\n\n\n+#", "\n\n", $nuked_quotes); $nuked_quotes = remove_bbcode($nuked_quotes); return array($text, $nuked_quotes, $images); }
<?php /* * Forum Runner * * Copyright (c) 2010-2011 to End of Time Studios, LLC * * This file may not be redistributed in whole or significant part. * * http://www.forumrunner.com */ define('MCWD', ($getcwd = getcwd()) ? $getcwd : '.'); require_once MCWD . '/support/utils.php'; require_once MCWD . '/support/Snoopy.class.php'; $args = process_input(array('url' => STRING, 'w' => INTEGER, 'h' => INTEGER)); if (isset($args['w']) && ($args['w'] > 1024 || $args['w'] <= 0)) { $args['w'] = 75; } if (isset($args['h']) && ($args['h'] > 1024 || $args['h'] <= 0)) { $args['h'] = 75; } if (!$args['url']) { return; } if (!extension_loaded('gd') && !extension_loaded('gd2')) { trigger_error("GD is not loaded", E_USER_ERROR); exit; } $snoopy = new snoopy(); $snoopy->cookies = $_COOKIE; $args['url'] = trim(str_replace(' ', '%20', $args['url']));
function forumrunner_image($default) { define('MCWD', DIR . '/packages/forumrunner'); require_once MCWD . '/support/utils.php'; require_once MCWD . '/support/Snoopy.class.php'; $args = process_input(array('url' => STRING, 'w' => INTEGER, 'h' => INTEGER)); if (isset($args['w']) && ($args['w'] > 1024 || $args['w'] <= 0)) { $args['w'] = 75; } if (isset($args['h']) && ($args['h'] > 1024 || $args['h'] <= 0)) { $args['h'] = 75; } if (!isset($args['url'])) { die; } if (!extension_loaded('gd') && !extension_loaded('gd2')) { trigger_error("GD is not loaded", E_USER_ERROR); die; } $snoopy = new snoopy(); $snoopy->cookies = $_COOKIE; $args['url'] = trim(str_replace(' ', '%20', $args['url'])); if ($snoopy->fetch($args['url'])) { $image = @imagecreatefromstring($snoopy->results); if ($image) { if (isset($args['w']) && isset($args['h'])) { $oldwidth = imagesx($image); $oldheight = imagesy($image); $newwidth = $oldwidth; $newheight = $oldheight; if ($oldwidth > $oldheight) { $newwidth = $args['w']; $newheight = (double) $newwidth / (double) $oldwidth * $oldheight; } else { $newheight = $args['h']; $newwidth = (double) $newheight / (double) $oldheight * $oldwidth; } $new_image = imagecreatetruecolor($newwidth, $newheight); imagecopyresampled($new_image, $image, 0, 0, 0, 0, $newwidth, $newheight, imagesx($image), imagesy($image)); header('Content-type: image/jpeg'); imagejpeg($new_image); exit; } else { header('Content-type: image/jpeg'); imagejpeg($image); exit; } } } }
function do_search() { global $vbulletin, $db, $search_type, $globals, $current_user; $args = process_input(array('forumid' => INTEGER)); $vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT)); if (!$current_user->hasPermission('forumpermissions', 'cansearch')) { $threads[]['error'] = ERR_NO_PERMISSION; return array('threads' => $threads, 'total_threads' => 1); } if (!$vbulletin->options['enablesearches']) { $threads[]['error'] = strip_tags(fetch_error('searchdisabled')); return array('threads' => $threads, 'total_threads' => 1); } if ($args['forumid']) { $vbulletin->GPC['forumchoice'][] = $args['forumid']; } $vbulletin->GPC['childforums'] = true; $vbulletin->GPC_exists['childforums'] = true; $vbulletin->GPC['prefixchoice'] = array(); $vbulletin->GPC_exists['prefixchoice'] = true; $searchid = -1; $errors = array(); // Disable NoSpam! $vbulletin->options['nospam_onoff'] = false; do_process_search($searchid, $errors); if (is_array($errors)) { // Detect and use Sphinx if its installed if ($errors['sphinx']) { $forumrunner = true; ($hook = vBulletinHook::fetch_hook('search_start')) ? eval($hook) : false; } if (count($errors) > 0) { // Errors Print them out as non-clickable rows. foreach (array_map('fetch_error', $errors) as $error) { $threads[]['error'] = prepare_utf8_string(strip_tags($error)); } return array('threads' => $threads, 'total_threads' => count($threads)); } } return do_showresults($searchid, $vbulletin->GPC['pagenumber'], $vbulletin->GPC['perpage']); }
} else { header('Content-type: application/json'); error_reporting(0); } require_once MCWD . '/version.php'; require_once MCWD . '/support/utils.php'; require_once MCWD . '/support/JSON.php'; require_once MCWD . '/include/general_vb.php'; if (file_exists(MCWD . '/branded.php')) { require_once MCWD . '/branded.php'; } $phrasegroups = array(); $specialtemplates = array(); $globaltemplates = array(); $actiontemplates = array(); $processed = process_input(array('cmd' => STRING, 'frv' => STRING, 'frp' => STRING)); if (!$processed['cmd']) { return; } $frcl_version = '1.3.3'; $frcl_platform = 'ip'; if (isset($processed['frv'])) { $frcl_version = $processed['frv']; } if (isset($processed['frp'])) { $frcl_platform = $processed['frp']; } require_once MCWD . '/support/common_methods.php'; require_once MCWD . '/support/vbulletin_methods.php'; if (file_exists(MCWD . '/support/other_methods.php')) { require_once MCWD . '/support/other_methods.php';