Esempio n. 1
0
             exit;
         }
     }
     $theme = "submit2.tpl";
 } else {
     $file = cleanit($_REQUEST['file']);
     if ($file == "1") {
         $post_type = cleanit($_REQUEST['post_type']);
         if ($post_type == "Photo") {
             $nsfw = intval(cleanit($_REQUEST['nsfw']));
             $source = cleanit($_REQUEST['source']);
             $tags = cleanit($_REQUEST['tags']);
             $title = cleanit($_REQUEST['title']);
             $title = str_replace("#", "#", $title);
             findHashDeleteCache($title);
             $title = emojify($title, $detect);
             //$title = str_replace("#", " #", $title);
             //$title = str_replace("  ", " ", $title);
             $uploadedimage = $_FILES['image']['tmp_name'];
             $category = intval(cleanit($_REQUEST['category']));
             if ($uploadedimage == "") {
                 $error = $lang['93'];
             } else {
                 $theimageinfo = getimagesize($uploadedimage);
                 if ($theimageinfo[2] != 1 && $theimageinfo[2] != 2 && $theimageinfo[2] != 3) {
                     $error = $lang['94'];
                 } else {
                     if ($title == "") {
                         $error = $lang['95'];
                     } else {
                         $approve_stories = $config['approve_stories'];
Esempio n. 2
0
<?php

include "include/config.php";
include "include/functions/import.php";
include 'include/emoji.php';
include 'include/Mobile_Detect.php';
$detect = new Mobile_Detect();
$comment = cleanit($_REQUEST['comment']);
findHashDeleteCache($comment);
$comment = emojify($comment, $detect);
$pid = intval(cleanit($_REQUEST['pid']));
$userid = intval(cleanit($_REQUEST['userid']));
$SID = intval(cleanit($_SESSION['USERID']));
$datesub = time();
if (!$comment) {
    echo 0;
    exit;
}
if ($SID == $userid) {
    $query = "INSERT INTO posts_comments SET PID='" . mysql_real_escape_string($pid) . "', USERID='" . mysql_real_escape_string($userid) . "', comment='" . mysql_real_escape_string($comment) . "', date='{$datesub}'";
    $result = $conn->execute($query);
    $cid = mysql_insert_id();
    $filename = $config['basedir'] . '/themes/cache/' . $pid . '.txt';
    if (file_exists($filename)) {
        $json = file_get_contents($filename);
        $data = (array) json_decode($json);
        $user_comments = isset($data['user_comments']) ? $data['user_comments'] : false;
        $num_comments = isset($data['comments']) ? $data['comments'] : 0;
        $c = 0;
        $new_arr = false;
        if ($user_comments) {