Esempio n. 1
0
/**
 * Check an input field isn't 'evil'.
 *
 * @param  string			The name of the parameter
 * @param  string			The value retrieved
 * @param  ?boolean		Whether the parameter is a POST parameter (NULL: undetermined)
 */
function check_input_field_string($name, &$val, $posted = false)
{
    if (preg_match('#^\\s*((((j\\s*a\\s*v\\s*a\\s*)|(v\\s*b\\s*))?s\\s*c\\s*r\\s*i\\s*p\\s*t)|(d\\s*a\\s*t\\s*a\\s*))\\s*:#i', $val) != 0 && $name != 'value') {
        log_hack_attack_and_exit('SCRIPT_URL_HACK_2', $val);
    }
    // Security check for known URL fields. Check for specific things, plus we know we can be pickier in general
    $is_url = $name == 'from' || $name == 'preview_url' || $name == 'redirect' || $name == 'redirect_passon' || $name == 'url';
    if ($is_url) {
        if ($is_url) {
            if (preg_match('#\\n|\\000|<|(".*[=<>])|^\\s*((((j\\s*a\\s*v\\s*a\\s*)|(v\\s*b\\s*))?s\\s*c\\s*r\\s*i\\s*p\\s*t)|(d\\s*a\\s*t\\s*a\\s*))\\s*:#mi', $val) != 0) {
                if ($name == 'page') {
                    $_GET[$name] = '';
                }
                // Stop loops
                log_hack_attack_and_exit('DODGY_GET_HACK', $name, $val);
            }
            // Don't allow external redirections
            if (!$posted) {
                $_val = str_replace('https://', 'http://', $val);
                if (looks_like_url($_val)) {
                    $bus = array(get_base_url(false), get_forum_base_url(), 'http://ocportal.com/');
                    $ok = false;
                    foreach ($bus as $bu) {
                        if (substr($_val, 0, strlen($bu)) == $bu) {
                            $ok = true;
                            break;
                        }
                    }
                    if (!$ok) {
                        $val = get_base_url(false);
                    }
                }
            }
        }
    }
    if ($GLOBALS['BOOTSTRAPPING'] == 0) {
        // Quickly depose of common spam attacks. Not really security, just a sensible barrier
        if ((!function_exists('is_guest') || is_guest()) && (strpos($val, '[url=http://') !== false || strpos($val, '[link') !== false) && strpos($val, '<a ') !== false) {
            log_hack_attack_and_exit('LAME_SPAM_HACK', $val);
        }
        // Additional checks for non-privileged users
        if (function_exists('has_specific_permission') && $name != 'page') {
            if (false) {
                hard_filter_input_data__html($val);
                hard_filter_input_data__filesystem($val);
            }
        }
    }
}
Esempio n. 2
0
/**
 * Find whether the image specified is actually an image, based on file extension
 *
 * @param  string			A URL or file path to the image
 * @param  boolean		Whether to check mime too
 * @return boolean		Whether the string pointed to a file appeared to be an image
 */
function is_image($name, $mime_too = false)
{
    if (substr(basename($name), 0, 1) == '.') {
        return false;
    }
    // Temporary file that some OS's make
    $ext = get_file_extension($name);
    $types = explode(',', get_option('valid_images'));
    foreach ($types as $val) {
        if (strtolower($val) == $ext) {
            return true;
        }
    }
    if ($mime_too && looks_like_url($name)) {
        http_download_file($name, 0, false);
        global $HTTP_DOWNLOAD_MIME_TYPE;
        if (preg_match('#^image/(png|gif|jpeg)$#', $HTTP_DOWNLOAD_MIME_TYPE) != 0) {
            return true;
        }
    }
    return false;
}
Esempio n. 3
0
/**
 * Convert Comcode-Text to Comcode-XML.
 *
 * @param  LONG_TEXT		The comcode to convert
 * @param  boolean		Whether to not include a wrapper element (<comcode>)
 * @return LONG_TEXT		The converted comcode
 */
function comcode_text__to__comcode_xml($comcode, $skip_wrapper = false)
{
    require_code('comcode_xml');
    require_code('comcode_text');
    require_code('comcode_renderer');
    if (substr($comcode, 0, 8) == '<comcode') {
        if ($skip_wrapper) {
            return str_replace('<comcode>', '', str_replace('</comcode>', '', $comcode));
        }
        return $comcode;
    }
    $xml = '';
    global $ALLOWED_ENTITIES, $CODE_TAGS, $DANGEROUS_TAGS, $VALID_COMCODE_TAGS, $BLOCK_TAGS, $POTENTIAL_JS_NAUGHTY_ARRAY, $TEXTUAL_TAGS, $LEET_FILTER, $IMPORTED_CUSTOM_COMCODE, $REPLACE_TARGETS;
    $len = strlen($comcode);
    require_lang('comcode');
    require_code('type_validation');
    if (function_exists('set_time_limit') && ini_get('max_execution_time') != '0') {
        @set_time_limit(300);
    }
    $comcode_dangerous = true;
    $comcode_dangerous_html = true;
    // Tag level
    $current_tag = '';
    $attribute_map = array();
    $continuation = '';
    $close = mixed();
    // Properties that come from our tag
    $white_space_area = true;
    $textual_area = true;
    $formatting_allowed = true;
    $in_html = false;
    $in_semihtml = false;
    $in_separate_parse_section = false;
    // Not escaped because it has to be passed to a secondary filter
    $in_code_tag = false;
    $lax = false;
    // Our state
    $status = CCP_NO_MANS_LAND;
    $tag_stack = array();
    $pos = 0;
    $line_starting = true;
    $just_ended = false;
    $none_wrap_length = 0;
    $just_new_line = true;
    // So we can detect lists starting right away
    $just_title = false;
    global $NUM_LINES;
    $NUM_LINES = 0;
    $wrap_pos = 60;
    $preparse_mode = false;
    $is_all_semihtml = false;
    $smilies = $GLOBALS['FORUM_DRIVER']->find_emoticons();
    // We'll be needing the smiley array
    $shortcuts = array('(c)' => '&copy;', '(r)' => '&reg;', '--' => '&ndash;', '---' => '&mdash;');
    // Text syntax possibilities, that get maintained as our cursor moves through the text block
    $list_indent = 0;
    $list_type = 'ul';
    while ($pos < $len) {
        $next = $comcode[$pos];
        ++$pos;
        // State machine
        switch ($status) {
            case CCP_NO_MANS_LAND:
                if ($next == '[') {
                    // Look ahead to make sure it's a valid tag. If it's not then it's considered normal user input, not a tag at all
                    $dif = $pos < $len && $comcode[$pos] == '/' ? 1 : 0;
                    $ahead = substr($comcode, $pos + $dif, 19);
                    $equal_pos = strpos($ahead, '=');
                    $space_pos = strpos($ahead, ' ');
                    $end_pos = strpos($ahead, ']');
                    $cl_pos = strpos($ahead, chr(10));
                    if ($equal_pos === false) {
                        $equal_pos = 22;
                    }
                    if ($space_pos === false) {
                        $space_pos = 22;
                    }
                    if ($end_pos === false) {
                        $end_pos = 22;
                    }
                    if ($cl_pos === false) {
                        $cl_pos = 22;
                    }
                    $use_pos = min($equal_pos, $space_pos, $end_pos, $cl_pos);
                    $potential_tag = strtolower(substr($ahead, 0, $use_pos));
                    if ($use_pos != 22 && (!$in_html || $potential_tag == 'html' || $potential_tag == 'semihtml') && (!$in_code_tag || isset($CODE_TAGS[$potential_tag]))) {
                        if (!isset($VALID_COMCODE_TAGS[$potential_tag])) {
                            if (!$IMPORTED_CUSTOM_COMCODE) {
                                _custom_comcode_import($GLOBALS['SITE_DB']);
                            }
                        }
                        if (isset($VALID_COMCODE_TAGS[$potential_tag]) && substr($ahead, 0, 2) != 'i ') {
                            $close = false;
                            $current_tag = '';
                            $xml .= $continuation;
                            $continuation = '';
                            if ($potential_tag == 'html' || $potential_tag == 'semihtml') {
                                list($close_list, $list_indent) = _convert_close_open_lists($list_indent);
                                $xml .= $close_list;
                            }
                            $status = CCP_STARTING_TAG;
                            continue;
                        }
                    }
                }
                if ($in_html || $in_semihtml && ($next == '<' || $next == '>')) {
                    $ahead = substr($comcode, $pos - 1, 20);
                    $ahead_lower = strtolower($ahead);
                    if ($next == chr(10)) {
                        ++$NUM_LINES;
                    }
                    $continuation .= $next;
                } else {
                    // Text-format possibilities
                    if ($just_new_line && $formatting_allowed) {
                        $xml .= $continuation;
                        $continuation = '';
                        // List
                        $found_list = false;
                        $old_list_indent = $list_indent;
                        if ($pos + 1 < $len && is_numeric($next) && $comcode[$pos] == ')' && $comcode[$pos + 1] == ' ') {
                            if ($list_indent != 0 && $list_type == 'ul') {
                                list($temp_tpl, $old_list_indent) = _close_open_lists($list_indent, $list_type);
                                $xml .= $temp_tpl;
                            }
                            $list_indent = 1;
                            $found_list = true;
                            $scan_pos = $pos;
                            $list_type = '1';
                        } elseif ($pos + 1 < $len && ord($next) >= ord('a') && ord($next) <= ord('z') && $comcode[$pos] == ')' && $comcode[$pos + 1] == ' ') {
                            if ($list_indent != 0 && $list_type == 'ul') {
                                list($temp_tpl, $old_list_indent) = _close_open_lists($list_indent, $list_type);
                                $xml .= $temp_tpl;
                            }
                            $list_indent = 1;
                            $found_list = true;
                            $scan_pos = $pos;
                            $list_type = 'a';
                        } elseif ($next == ' ') {
                            if ($old_list_indent != 0 && $list_type != 'ul') {
                                list($temp_tpl, $old_list_indent) = _close_open_lists($list_indent, $list_type);
                                $xml .= $temp_tpl;
                            }
                            $scan_pos = $pos - 1;
                            $list_indent = 0;
                            while ($scan_pos < $len) {
                                $scan_next = $comcode[$scan_pos];
                                if ($scan_next == '-' && $comcode[$scan_pos + 1] == ' ') {
                                    $found_list = true;
                                    break;
                                } else {
                                    if ($scan_next == ' ') {
                                        ++$list_indent;
                                    } else {
                                        break;
                                    }
                                }
                                ++$scan_pos;
                            }
                            if (!$found_list) {
                                $list_indent = 0;
                            }
                        } else {
                            list($close_list, $list_indent) = _convert_close_open_lists($list_indent);
                            $xml .= $close_list;
                            if ($next == '-' && !$just_title) {
                                $scan_pos = $pos;
                                $found_rule = true;
                                while ($scan_pos < $len) {
                                    $scan_next = $comcode[$scan_pos];
                                    if ($scan_next != '-') {
                                        if ($scan_next == chr(10)) {
                                            ++$NUM_LINES;
                                            break;
                                        } else {
                                            $found_rule = false;
                                        }
                                    }
                                    ++$scan_pos;
                                }
                                if ($found_rule) {
                                    $xml .= '<rule />';
                                    $pos = $scan_pos + 1;
                                    $just_ended = true;
                                    $none_wrap_length = 0;
                                    continue;
                                }
                            }
                        }
                        // List handling
                        if ($list_indent == $old_list_indent && $old_list_indent != 0) {
                            $xml .= '</listElement>';
                        }
                        for ($i = $list_indent; $i < $old_list_indent; ++$i) {
                            $xml .= '</listElement>';
                            $xml .= '</list>';
                        }
                        if ($list_indent < $old_list_indent && $list_indent != 0) {
                            $xml .= '</listElement>';
                        }
                        if ($found_list) {
                            if ($list_indent - $old_list_indent > 1 && !$lax) {
                                $error = comcode_parse_error($preparse_mode, array('CCP_LIST_JUMPYNESS'), $pos, $comcode);
                                return $error->evaluate();
                            }
                            for ($i = $old_list_indent; $i < $list_indent; ++$i) {
                                switch ($list_type) {
                                    case 'ul':
                                        $xml .= '<list>';
                                        break;
                                    case '1':
                                        $xml .= '<list type="1">';
                                        break;
                                    case 'a':
                                        $xml .= '<list type="a">';
                                        break;
                                }
                                if ($i < $list_indent - 1) {
                                    $xml .= '<listElement>';
                                }
                            }
                            $xml .= '<listElement>';
                            $just_ended = true;
                            $none_wrap_length = 0;
                            $next = '';
                            $pos = $scan_pos + 2;
                        }
                    }
                    if ($next == chr(10) && $white_space_area && !$just_ended) {
                        ++$NUM_LINES;
                        $line_starting = true;
                        $xml .= $continuation;
                        $continuation = '';
                        $just_new_line = true;
                        $none_wrap_length = 0;
                        if ($list_indent == 0) {
                            $xml .= '<br />' . chr(10);
                        }
                    } else {
                        $just_new_line = false;
                        if ($next == ' ' && $white_space_area) {
                            if ($line_starting || $pos != 0 && $comcode[$pos - 2] == ' ') {
                                $next = '&nbsp;';
                                ++$none_wrap_length;
                            } else {
                                $none_wrap_length = 0;
                            }
                            $continuation .= $next;
                        } elseif ($next == "\t" && $white_space_area) {
                            $xml .= $continuation;
                            $continuation = '';
                            $tab_tpl = do_template('COMCODE_TEXTCODE_TAB');
                            // &nbsp;&nbsp;&nbsp;&nbsp;
                            $_tab_tpl = $tab_tpl->evaluate();
                            $none_wrap_length += strlen($_tab_tpl);
                            $xml .= $tab_tpl->evaluate();
                        } else {
                            if ($next == ' ' || $next == "\t" || $just_ended) {
                                $none_wrap_length = 0;
                            } else {
                                if (!is_null($wrap_pos) && $none_wrap_length >= $wrap_pos && $textual_area && !$in_semihtml) {
                                    $xml .= $continuation;
                                    $continuation = '';
                                    $xml .= '<br />' . chr(10);
                                    $none_wrap_length = 0;
                                } elseif ($textual_area) {
                                    ++$none_wrap_length;
                                }
                            }
                            $line_starting = false;
                            $just_ended = false;
                            $differented = false;
                            // If somehow via lookahead we've changed this to HTML and thus won't use it in raw form
                            // Symbol lookahead
                            if (!$in_code_tag) {
                                if ($next == '{' && ($comcode[$pos] == '$' || $comcode[$pos] == '+' || $comcode[$pos] == '!') && $comcode_dangerous) {
                                    $xml .= $continuation;
                                    $continuation = '';
                                    if ($comcode[$pos] == '+') {
                                        $p_end = $pos + 5;
                                        while ($p_end < $len) {
                                            $p_portion = substr($comcode, $pos - 1, $p_end - ($pos - 1) + 5);
                                            if (substr_count($p_portion, '{+START') == substr_count($p_portion, '{+END')) {
                                                break;
                                            }
                                            $p_end++;
                                        }
                                        $p_len = 1;
                                        while ($pos + $p_len < $len) {
                                            $p_portion = substr($comcode, $pos - 1, $p_len);
                                            if (substr_count($p_portion, '{') == substr_count($p_portion, '}')) {
                                                break;
                                            }
                                            $p_len++;
                                        }
                                        $p_len--;
                                        $p_portion = substr($comcode, $pos + $p_len, $p_end - ($pos + $p_len));
                                        $_ret = template_to_tempcode_static(substr($comcode, $pos - 1, $p_len + 1) . '!' . substr($comcode, $p_end, 6));
                                        $ret = '<directive type="' . escape_html($_ret->bits[0][2]) . '">';
                                        foreach ($_ret->bits[0][3] as $val) {
                                            $ret .= '<directiveParam>' . escape_html($val->evaluate()) . '</directiveParam>';
                                        }
                                        $ret .= comcode_text__to__comcode_xml($p_portion, true);
                                        $ret .= '</directive>';
                                        $pos = $p_end + 6;
                                    } else {
                                        $_ret = new ocp_tempcode();
                                        $_ret->bits = array(read_single_uncompiled_variable($comcode, $pos, $len));
                                        if ($_ret->bits[0][1] == TC_SYMBOL) {
                                            $ret = '<symbol>';
                                            if (isset($_ret->bits[0][3])) {
                                                foreach ($_ret->bits[0][3] as $val) {
                                                    $ret .= '<symbolParam>' . escape_html($val) . '</symbolParam>';
                                                }
                                            }
                                            $ret .= $_ret->bits[0][2] . '</symbol>';
                                        } else {
                                            $ret = '<language>';
                                            if (isset($_ret->bits[0][3])) {
                                                foreach ($_ret->bits[0][3] as $val) {
                                                    $ret .= '<languageParam>' . escape_html($val) . '</languageParam>';
                                                }
                                            }
                                            $ret .= $_ret->bits[0][2] . '</language>';
                                        }
                                    }
                                    $differented = true;
                                    $xml .= $ret;
                                }
                            }
                            // Escaping of comcode tag starts lookahead
                            if ($next == '\\' && !$in_code_tag) {
                                if ($pos != $len && $comcode[$pos] == '"') {
                                    $continuation .= '"';
                                    ++$pos;
                                    $differented = true;
                                } elseif ($pos != $len && $comcode[$pos] == '[') {
                                    $continuation .= '[';
                                    ++$pos;
                                    $differented = true;
                                } elseif ($pos != $len && $comcode[$pos] == '{') {
                                    $continuation .= '{';
                                    ++$pos;
                                    $differented = true;
                                } elseif ($pos == $len || $comcode[$pos] == '\\') {
                                    $continuation .= '\\';
                                    ++$pos;
                                    $differented = true;
                                }
                            }
                            // Smiley lookahead
                            if (!$differented) {
                                if (($textual_area || $in_semihtml) && trim($next) != '') {
                                    foreach ($smilies as $smiley => $imgcode) {
                                        if ($in_semihtml) {
                                            $smiley = ' ' . $smiley . ' ';
                                        }
                                        if ($next == $smiley[0]) {
                                            if (substr($comcode, $pos - 1, strlen($smiley)) == $smiley) {
                                                $xml .= $continuation;
                                                $continuation = '';
                                                $pos += strlen($smiley) - 1;
                                                $differented = true;
                                                $xml .= '<emoticon>' . escape_html($imgcode) . '</emoticon>';
                                                break;
                                            }
                                        }
                                    }
                                }
                            }
                            if ($textual_area && trim($next) != '' && !$differented && addon_installed('cedi')) {
                                // CEDI pages
                                if ($pos < $len && $next == '[') {
                                    $matches = array();
                                    if (preg_match('#^\\[([^\\[\\]]*)\\]\\]#', substr($comcode, $pos, 40), $matches) != 0) {
                                        $cedi_page_name = $matches[1];
                                        $xml .= $continuation;
                                        $continuation = '';
                                        $hash_pos = strpos($cedi_page_name, '#');
                                        if ($hash_pos !== false) {
                                            $jump_to = substr($cedi_page_name, $hash_pos + 1);
                                            $cedi_page_name = substr($cedi_page_name, 0, $hash_pos);
                                            $xml .= '<cedi anchor="' . escape_html($jump_to) . '">' . escape_html($cedi_page_name) . '</cedi>';
                                        } else {
                                            $xml .= '<cedi>' . escape_html($cedi_page_name) . '</cedi>';
                                        }
                                        $pos += strlen($matches[1]) + 3;
                                        $differented = true;
                                    }
                                }
                                // Usernames
                                if ($pos < $len && $next == '{') {
                                    $matches = array();
                                    if (preg_match('#^\\{([^"{}&\'\\$<>]*)\\}\\}#', substr($comcode, $pos, 40), $matches) != 0) {
                                        $xml .= $continuation;
                                        $continuation = '';
                                        $username = $matches[1];
                                        if ($username[0] == '?') {
                                            $username = substr($username, 1);
                                            $xml .= '<member boxed="1">' . escape_html($username) . '</member>';
                                        } else {
                                            $xml .= '<member>' . escape_html($username) . '</member>';
                                        }
                                        $pos += strlen($matches[1]) + 3;
                                        $differented = true;
                                    }
                                }
                                if (!$in_code_tag && trim($next) != '' && !$differented) {
                                    // Shortcut lookahead
                                    if (!$differented) {
                                        foreach ($shortcuts as $code => $replacement) {
                                            if ($next == $code[0] && substr($comcode, $pos - 1, strlen($code)) == $code) {
                                                $xml .= $continuation;
                                                $continuation = '';
                                                $pos += strlen($code) - 1;
                                                $differented = true;
                                                $xml .= $replacement;
                                                break;
                                            }
                                        }
                                    }
                                }
                                // Table syntax
                                if (!$differented) {
                                    if ($pos < $len && $comcode[$pos] == '|') {
                                        $end_tbl = strpos($comcode, chr(10) . '|}', $pos);
                                        if ($end_tbl !== false) {
                                            $end_fst_line_pos = strpos($comcode, chr(10), $pos);
                                            $caption = substr($comcode, $pos + 2, max($end_fst_line_pos - $pos - 2, 0));
                                            $pos += strlen($caption) + 1;
                                            $rows = preg_split('#(\\|-|\\|\\})#Um', substr($comcode, $pos, $end_tbl - $pos));
                                            if (count($rows) == 1 && $caption == 'floats') {
                                                $cells = preg_split('/(\\n\\! | \\!\\! |\\n\\| | \\|\\| )/', $rows[0], -1, PREG_SPLIT_DELIM_CAPTURE);
                                                array_shift($cells);
                                                // First one is non-existant empty
                                                $spec = true;
                                                // Find which to float
                                                $to_float = NULL;
                                                foreach ($cells as $i => $cell) {
                                                    if (!$spec) {
                                                        if (strpos($cell, '!') !== false || is_null($to_float)) {
                                                            $to_float = $i;
                                                        }
                                                    }
                                                    $spec = !$spec;
                                                }
                                                $xml .= '<float>';
                                                // Do floated one
                                                $xml .= '<fh>';
                                                $xml .= comcode_text__to__comcode_xml(rtrim($cells[$to_float]), true);
                                                $xml .= '</fh>';
                                                // Do non-floated ones
                                                foreach ($cells as $i => $cell) {
                                                    if ($i % 2 == 1 && $i != $to_float) {
                                                        $xml .= '<fd>';
                                                        $xml .= comcode_text__to__comcode_xml(rtrim($cells[$to_float]), true);
                                                        $xml .= '</fd>';
                                                    }
                                                }
                                                $xml .= '</float>';
                                            } else {
                                                $xml .= '<table summary="' . escape_html($caption) . '">';
                                                foreach ($rows as $table_row) {
                                                    $xml .= '<tr>';
                                                    $cells = preg_split('/(\\n\\! | \\!\\! |\\n\\| | \\|\\| )/', $table_row, -1, PREG_SPLIT_DELIM_CAPTURE);
                                                    array_shift($cells);
                                                    // First one is non-existant empty
                                                    $spec = true;
                                                    $c_type = '';
                                                    foreach ($cells as $cell) {
                                                        if ($spec) {
                                                            $c_type = strpos($cell, '!') !== false ? 'th' : 'td';
                                                        } else {
                                                            $xml .= '<' . $c_type . '>';
                                                            $xml .= comcode_text__to__comcode_xml(rtrim($cell), true);
                                                            $xml .= '</' . $c_type . '>';
                                                        }
                                                        $spec = !$spec;
                                                    }
                                                    $xml .= '</tr>';
                                                }
                                                $xml .= '</table>';
                                            }
                                            $pos = $end_tbl + 3;
                                            $differented = true;
                                        }
                                    }
                                }
                                // Link lookahead
                                if (!$differented) {
                                    if (!$in_semihtml && $next == 'h' && (substr($comcode, $pos - 1, strlen('http://')) == 'http://' || substr($comcode, $pos - 1, strlen('https://')) == 'https://' || substr($comcode, $pos - 1, strlen('ftp://')) == 'ftp://')) {
                                        list($link_end_pos, $auto_link) = detect_link($comcode, $pos);
                                        $xml .= $continuation;
                                        $continuation = '';
                                        $downloaded_at_link = http_download_file($auto_link, 3000, false);
                                        $link_captions_title = '';
                                        if (is_string($downloaded_at_link)) {
                                            $matches = array();
                                            if (preg_match('#<title>\\s*(.*)\\s*</title>#', $downloaded_at_link, $matches) != 0) {
                                                require_code('character_sets');
                                                $link_captions_title = @html_entity_decode(convert_to_internal_encoding($matches[1]), ENT_QUOTES, get_charset());
                                            }
                                        }
                                        $xml .= '<url param="' . escape_html($auto_link) . '">' . escape_html($link_captions_title) . '</url>';
                                        $pos += $link_end_pos - $pos;
                                        $differented = true;
                                        break;
                                    }
                                }
                            }
                            if (!$differented) {
                                if (!$in_separate_parse_section && (!$in_semihtml || !$comcode_dangerous && !$is_all_semihtml)) {
                                    if ($next == '&') {
                                        $ahead = substr($comcode, $pos, 20);
                                        $ahead_lower = strtolower($ahead);
                                        $matches = array();
                                        $entity = preg_match('#(\\#)?([\\w]*);#', $ahead_lower, $matches) != 0;
                                        // If it is a SAFE entity, use it
                                        if ($entity) {
                                            if ($matches[1] == '' && isset($ALLOWED_ENTITIES[$matches[2]])) {
                                                $pos += strlen($matches[2]) + 1;
                                                $continuation .= '&' . $matches[2] . ';';
                                            } elseif (is_numeric($matches[2]) && $matches[1] == '#') {
                                                $matched_entity = intval(base_convert($matches[1], 16, 10));
                                                if ($matched_entity < 127 && array_key_exists(chr($matched_entity), $POTENTIAL_JS_NAUGHTY_ARRAY)) {
                                                    $continuation .= escape_html($next);
                                                } else {
                                                    $pos += strlen($matches[2]) + 2;
                                                    $continuation .= '&#' . $matches[2] . ';';
                                                }
                                            } else {
                                                $continuation .= '&amp;';
                                            }
                                        } else {
                                            $continuation .= '&amp;';
                                        }
                                    } else {
                                        $continuation .= escape_html($next);
                                    }
                                } else {
                                    $continuation .= $next;
                                }
                            }
                        }
                    }
                }
                break;
            case CCP_IN_TAG_NAME:
                if ($next == '=') {
                    $status = CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_RIGHT;
                    $current_attribute_name = 'param';
                } elseif (trim($next) == '') {
                    $status = CCP_IN_TAG_BETWEEN_ATTRIBUTES;
                } elseif ($next == '[') {
                    warn_exit(do_lang_tempcode('CCP_TAG_OPEN_ANOMALY'));
                } elseif ($next == ']') {
                    if ($close) {
                        if ($formatting_allowed) {
                            list($close_list, $list_indent) = _convert_close_open_lists($list_indent);
                            $xml .= $close_list;
                        }
                        if (count($tag_stack) == 0) {
                            warn_exit(do_lang_tempcode('CCP_NO_CLOSE', escape_html($current_tag)));
                        }
                        $_last = array_pop($tag_stack);
                        if ($_last[0] != $current_tag) {
                            warn_exit(do_lang_tempcode('CCP_NO_CLOSE_MATCH', escape_html($current_tag), escape_html($_last)));
                        }
                        // Do the comcode for this tag
                        if ($in_semihtml) {
                            foreach ($_last[1] as $index => $conv) {
                                $_last[1][$index] = @html_entity_decode(str_replace('<br />', chr(10), $conv), ENT_QUOTES, get_charset());
                            }
                        }
                        $attributes = $_last[1];
                        if ($current_tag == 'html') {
                            $in_html = false;
                            $_last[0] = 'htmlWrap';
                        } elseif ($current_tag == 'semihtml') {
                            $in_semihtml = false;
                            $_last[0] = 'htmlWrap';
                        } elseif ($current_tag == 'external_table' || $current_tag == 'internal_table') {
                            $_last[0] = 'box';
                        } elseif ($current_tag == 'php') {
                            $_last[0] = 'code';
                            $attributes['param'] = 'php';
                        } elseif ($current_tag == 'codebox') {
                            $_last[0] = 'code';
                            $attributes['scroll'] = '1';
                        } elseif ($current_tag == 'sql') {
                            $_last[0] = 'code';
                            $attributes['param'] = 'sql';
                        } elseif ($current_tag == 'snapback') {
                            $_last[0] = 'post';
                        } elseif ($current_tag == 'thread') {
                            $_last[0] = 'topic';
                        } elseif ($current_tag == 'list') {
                            $sub_elements = explode('[*]', str_replace('[/*]', '', $xml));
                            $xml = '';
                            foreach ($sub_elements as $sub_element) {
                                $xml .= '<listElement>' . $sub_element . '</listElement>';
                            }
                        }
                        if ($_last[0] == 'box' && isset($attributes['breadth']) && !isset($attributes['dimensions'])) {
                            $attributes['dimensions'] = $attributes['breadth'];
                            unset($attributes['breadth']);
                        }
                        if ($_last[0] == 'page' && array_keys($attributes) != array('param')) {
                            $zone = isset($attributes['param']) ? $attributes['param'] : '_SEARCH';
                            $page = $xml;
                            $xml = $attributes['caption'];
                            unset($attributes['param']);
                            unset($attributes['caption']);
                            $pagelink = $zone . ':' . $page;
                            foreach ($attributes as $key => $val) {
                                $pagelink .= ':' . $key . '=' . $val;
                            }
                            $attributes = array('pageLink' => $pagelink);
                        }
                        if ($_last[0] == 'block') {
                            foreach ($attributes as $key => $val) {
                                $xml .= '<blockParam key="' . escape_html($key) . '" value="' . escape_html($val) . '" />';
                            }
                            $attributes = array();
                        }
                        if ($_last[0] == 'random') {
                            foreach ($attributes as $key => $val) {
                                $xml .= '<randomTarget pickIfAbove="' . escape_html($key) . '">' . comcode_text__to__comcode_xml($val, true) . '</randomTarget>';
                            }
                            $attributes = array();
                        }
                        if ($_last[0] == 'jumping') {
                            foreach ($attributes as $key => $val) {
                                $xml .= '<jumpingTarget>' . comcode_text__to__comcode_xml($val, true) . '</jumpingTarget>';
                            }
                            $attributes = array();
                        }
                        if ($_last[0] == 'concepts') {
                            foreach ($attributes as $_key => $_value) {
                                if (substr($_key, -4) == '_key') {
                                    $key = $_value;
                                    $cid = substr($_key, 0, strlen($_key) - 4);
                                    $value = $attributes[$cid . '_value'];
                                    $xml .= '<showConcept key="' . escape_html($key) . '" value="' . escape_html($value) . '" />';
                                }
                            }
                            $attributes = array();
                        }
                        if (($_last[0] == 'attachment' || $_last[0] == 'attachment_safe') && isset($attributes['description'])) {
                            $xml .= '<attachmentDescription>' . comcode_text__to__comcode_xml($attributes['description'], true) . '</attachmentDescription>';
                            unset($attributes['description']);
                        }
                        if ($_last[0] == 'hide' && isset($attributes['param'])) {
                            $xml .= '<hideTitle>' . comcode_text__to__comcode_xml($attributes['param'], true) . '</hideTitle>';
                            unset($attributes['param']);
                        }
                        if ($_last[0] == 'tooltip' && isset($attributes['param'])) {
                            $xml .= '<tooltipMessage>' . comcode_text__to__comcode_xml($attributes['param'], true) . '</tooltipMessage>';
                            unset($attributes['param']);
                        }
                        global $COMCODE_XML_PARAM_RENAMING, $COMCODE_XML_SWITCH_AROUND;
                        if (isset($attributes['param']) && isset($COMCODE_XML_PARAM_RENAMING[$_last[0]])) {
                            $attributes[$COMCODE_XML_PARAM_RENAMING[$_last[0]]] = $attributes['param'];
                            unset($attributes['param']);
                        }
                        $comcode_xml_switch_around = $COMCODE_XML_SWITCH_AROUND;
                        if ($_last[0] == 'email' && (!isset($attributes['param']) || !is_valid_email_address($attributes['param'])) && is_valid_email_address($xml)) {
                            $comcode_xml_switch_around[] = 'email';
                        }
                        if ($_last[0] == 'url' && (!isset($attributes['param']) || !looks_like_url($attributes['param'])) && looks_like_url($xml)) {
                            $comcode_xml_switch_around[] = 'url';
                        }
                        if (in_array($_last[0], $comcode_xml_switch_around)) {
                            $x = 'param';
                            if ($_last[0] == 'reference') {
                                $x = 'title';
                            }
                            if (isset($attributes[$x])) {
                                $temp = $attributes[$x];
                                $attributes[$x] = $xml;
                                $xml = comcode_text__to__comcode_xml($temp, true);
                            } else {
                                $attributes[$x] = $xml;
                            }
                        }
                        $in_code_tag = false;
                        $white_space_area = $_last[3];
                        $in_separate_parse_section = $_last[4];
                        $formatting_allowed = $_last[5];
                        $textual_area = $_last[6];
                        if ($_last[0] == 'htmlWrap') {
                            $embed_output = '<htmlWrap xmlns="http://www.w3.org/1999/xhtml">';
                        } else {
                            $embed_output = '<' . to_camelCase($_last[0]);
                            foreach ($attributes as $key => $val) {
                                $embed_output .= ' ' . to_camelCase($key) . '="' . escape_html($val) . '"';
                            }
                            $embed_output .= '>';
                        }
                        $embed_output .= $xml . '</' . to_camelCase($_last[0]) . '>';
                        $just_ended = isset($BLOCK_TAGS[$current_tag]);
                        $xml = $_last[2] . $embed_output;
                        if ($current_tag == 'title') {
                            if (strlen($comcode) > $pos + 1 && $comcode[$pos] == chr(10) && $comcode[$pos + 1] == chr(10)) {
                                $NUM_LINES += 2;
                                $pos += 2;
                                $just_new_line = true;
                                list($close_list, $list_indent) = _convert_close_open_lists($list_indent);
                                $xml .= $close_list;
                            }
                        }
                        $status = CCP_NO_MANS_LAND;
                    } else {
                        array_push($tag_stack, array($current_tag, $attribute_map, $xml, $white_space_area, $in_separate_parse_section, $formatting_allowed, $textual_area));
                        list(, , , $white_space_area, $formatting_allowed, $in_separate_parse_section, $textual_area, $attribute_map, $status, $in_html, $in_semihtml, $pos, $in_code_tag) = _opened_tag(false, false, get_member(), $attribute_map, $current_tag, $pos, $comcode_dangerous, $comcode_dangerous_html, $in_separate_parse_section, $in_html, $in_semihtml, $close, $len, $comcode);
                        $xml = '';
                    }
                } else {
                    $current_tag .= strtolower($next);
                }
                break;
            case CCP_STARTING_TAG:
                if ($next == '[') {
                    warn_exit(do_lang_tempcode('CCP_TAG_OPEN_ANOMALY'));
                } elseif ($next == ']') {
                    warn_exit(do_lang_tempcode('CCP_TAG_CLOSE_ANOMALY'));
                } elseif ($next == '/') {
                    $close = true;
                } else {
                    $current_tag .= strtolower($next);
                    $status = CCP_IN_TAG_NAME;
                }
                break;
            case CCP_IN_TAG_BETWEEN_ATTRIBUTES:
                if ($next == ']') {
                    array_push($tag_stack, array($current_tag, $attribute_map, $xml, $white_space_area, $in_separate_parse_section, $formatting_allowed, $textual_area));
                    list(, , , $white_space_area, $formatting_allowed, $in_separate_parse_section, $textual_area, $attribute_map, $status, $in_html, $in_semihtml, $pos, $in_code_tag) = _opened_tag(false, false, get_member(), $attribute_map, $current_tag, $pos, $comcode_dangerous, $comcode_dangerous_html, $in_separate_parse_section, $in_html, $in_semihtml, $close, $len, $comcode);
                    $xml = '';
                } elseif ($next == '[') {
                    warn_exit(do_lang_tempcode('CCP_TAG_OPEN_ANOMALY'));
                } elseif (trim($next) != '') {
                    $status = CCP_IN_TAG_ATTRIBUTE_NAME;
                    $current_attribute_name = $next;
                }
                break;
            case CCP_IN_TAG_ATTRIBUTE_NAME:
                if ($next == '[') {
                    warn_exit(do_lang_tempcode('CCP_TAG_OPEN_ANOMALY'));
                } elseif ($next == ']') {
                    $at_map_keys = array_keys($attribute_map);
                    $old_attribute_name = $at_map_keys[count($at_map_keys) - 1];
                    $attribute_map[$old_attribute_name] .= ' ' . $current_attribute_name;
                    array_push($tag_stack, array($current_tag, $attribute_map, $xml, $white_space_area, $in_separate_parse_section, $formatting_allowed, $textual_area));
                    list(, , , $white_space_area, $formatting_allowed, $in_separate_parse_section, $textual_area, $attribute_map, $status, $in_html, $in_semihtml, $pos, $in_code_tag) = _opened_tag(false, false, get_member(), $attribute_map, $current_tag, $pos, $comcode_dangerous, $comcode_dangerous_html, $in_separate_parse_section, $in_html, $in_semihtml, $close, $len, $comcode);
                    $xml = '';
                } elseif ($next == '=') {
                    $status = CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_RIGHT;
                } elseif ($next != ' ') {
                    $current_attribute_name .= strtolower($next);
                } else {
                    $status = CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_LEFT;
                }
                break;
            case CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_LEFT:
                if ($next == '=') {
                    $status = CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_RIGHT;
                } elseif (trim($next) != '') {
                    warn_exit(do_lang_tempcode('CCP_ATTRIBUTE_ERROR', escape_html($current_attribute_name), escape_html($current_tag)));
                }
                break;
            case CCP_IN_TAG_BETWEEN_ATTRIBUTE_NAME_VALUE_RIGHT:
                if ($next == '[') {
                    warn_exit(do_lang_tempcode('CCP_TAG_OPEN_ANOMALY'));
                } elseif ($next == ']') {
                    warn_exit(do_lang_tempcode('CCP_TAG_CLOSE_ANOMALY'));
                } elseif ($next == '"' || $in_semihtml && substr($comcode, $pos - 1, 6) == '&quot;') {
                    if ($next != '"') {
                        $pos += 5;
                    }
                    $status = CCP_IN_TAG_ATTRIBUTE_VALUE;
                    $current_attribute_value = '';
                } elseif ($next != '') {
                    $status = CCP_IN_TAG_ATTRIBUTE_VALUE_NO_QUOTE;
                    $current_attribute_value = $next;
                }
                break;
            case CCP_IN_TAG_ATTRIBUTE_VALUE_NO_QUOTE:
                if ($next == ' ') {
                    $status = CCP_IN_TAG_BETWEEN_ATTRIBUTES;
                    if (isset($attribute_map[$current_attribute_name])) {
                        warn_exit(do_lang_tempcode('CCP_DUPLICATE_ATTRIBUTES', escape_html($current_attribute_name), escape_html($current_tag)));
                    }
                    $attribute_map[$current_attribute_name] = $current_attribute_value;
                } elseif ($next == ']') {
                    if (isset($attribute_map[$current_attribute_name])) {
                        warn_exit(do_lang_tempcode('CCP_DUPLICATE_ATTRIBUTES', escape_html($current_attribute_name), escape_html($current_tag)));
                    }
                    $attribute_map[$current_attribute_name] = $current_attribute_value;
                    array_push($tag_stack, array($current_tag, $attribute_map, $xml, $white_space_area, $in_separate_parse_section, $formatting_allowed, $textual_area));
                    list(, , , $white_space_area, $formatting_allowed, $in_separate_parse_section, $textual_area, $attribute_map, $status, $in_html, $in_semihtml, $pos, $in_code_tag) = _opened_tag(false, false, get_member(), $attribute_map, $current_tag, $pos, $comcode_dangerous, $comcode_dangerous_html, $in_separate_parse_section, $in_html, $in_semihtml, $close, $len, $comcode);
                    $xml = '';
                } else {
                    $current_attribute_value .= $next;
                }
                break;
            case CCP_IN_TAG_ATTRIBUTE_VALUE:
                if ($next == '"' || $in_semihtml && substr($comcode, $pos - 1, 6) == '&quot;') {
                    if ($next != '"') {
                        $pos += 5;
                    }
                    $status = CCP_IN_TAG_BETWEEN_ATTRIBUTES;
                    if (isset($attribute_map[$current_attribute_name])) {
                        warn_exit(do_lang_tempcode('CCP_DUPLICATE_ATTRIBUTES', escape_html($current_attribute_name), escape_html($current_tag)));
                    }
                    $attribute_map[$current_attribute_name] = $current_attribute_value;
                } else {
                    if ($next == '\\') {
                        if ($comcode[$pos] == '"') {
                            $current_attribute_value .= '"';
                            ++$pos;
                        } elseif ($comcode[$pos] == '\\') {
                            $current_attribute_value .= '\\';
                            ++$pos;
                        } else {
                            $current_attribute_value .= $next;
                        }
                    } else {
                        $current_attribute_value .= $next;
                    }
                }
                break;
        }
    }
    $xml .= $continuation;
    $continuation = '';
    list($close_list, $list_indent) = _convert_close_open_lists($list_indent);
    $xml .= $close_list;
    if ($status != CCP_NO_MANS_LAND || count($tag_stack) != 0) {
        $stack_top = array_pop($tag_stack);
        warn_exit(do_lang_tempcode('CCP_BROKEN_END', escape_html($stack_top[0])));
    }
    if (!$skip_wrapper) {
        $xml = '<comcode>' . $xml . '</comcode>';
    }
    return $xml;
}
Esempio n. 4
0
/**
 * Used by semihtml_to_comcode to fix <a> tag links. preg_replace_callback callback
 *
 * @param  array			Array of matches
 * @return string			Substituted text
 */
function _a_tag_link_fixup($matches)
{
    $referer = post_param('http_referer', ocp_srv('HTTP_REFERER'));
    $caller_url = looks_like_url($referer) ? preg_replace('#/[^/]*$#', '', $referer) : get_base_url();
    $ret = '<a ' . $matches[1] . 'href="' . qualify_url($matches[2], $caller_url) . '"' . $matches[3] . '>';
    return $ret;
}
Esempio n. 5
0
/**
 * Get a map of details relating to the view of a certain forum of a certain member.
 *
 * @param  integer	The start row for getting details of topics in the forum (i.e. 0 is newest, higher is starting further back in time).
 * @param  ?integer	The maximum number of topics to get detail of (NULL: default).
 * @param  ?MEMBER	The member viewing (NULL: current member).
 * @return array		The details.
 */
function ocf_get_forum_view($start = 0, $max = NULL, $forum_id = NULL)
{
    if (is_null($max)) {
        $max = intval(get_option('forum_topics_per_page'));
    }
    $member_id = get_member();
    load_up_all_module_category_permissions($member_id, 'forums');
    if (is_null($forum_id)) {
        /*$forum_info[0]['f_name']=do_lang('ROOT_FORUM'); This optimisation was more trouble that it was worth, and constraining
        		$forum_info[0]['f_description']='';
        		$forum_info[0]['f_parent_forum']=NULL;*/
        $forum_id = db_get_first_id();
    }
    $forum_info = $GLOBALS['FORUM_DB']->query_select('f_forums f', array('f_redirection', 'f_intro_question', 'f_intro_answer', 'f_order_sub_alpha', 'f_parent_forum', 'f_name', 'f_description', 'f_order'), array('f.id' => $forum_id), '', 1, NULL, false, array('f_description', 'f_intro_question'));
    if (!array_key_exists(0, $forum_info)) {
        warn_exit(do_lang_tempcode('MISSING_RESOURCE'));
    }
    if ($forum_info[0]['f_redirection'] != '' && looks_like_url($forum_info[0]['f_redirection'])) {
        header('Location: ' . $forum_info[0]['f_redirection']);
        exit;
    }
    if (!is_null($forum_id)) {
        if (!has_category_access($member_id, 'forums', strval($forum_id))) {
            access_denied('CATEGORY_ACCESS_LEVEL');
        }
        // We're only allowed to view it existing from a parent forum, or nothing at all -- so access denied brother!
    }
    // Find our subforums first
    $order = $forum_info[0]['f_order_sub_alpha'] ? 'f_name' : 'f_position';
    $_max_forum_detail = get_value('max_forum_detail');
    $max_forum_detail = is_null($_max_forum_detail) ? 100 : intval($_max_forum_detail);
    $huge_forums = $GLOBALS['FORUM_DB']->query_value('f_forums', 'COUNT(*)') > $max_forum_detail;
    if ($huge_forums) {
        $_max_forum_inspect = get_value('max_forum_inspect');
        $max_forum_inspect = is_null($_max_forum_inspect) ? 300 : intval($_max_forum_inspect);
        $subforum_rows = $GLOBALS['FORUM_DB']->query('SELECT f.* FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_forums f WHERE f.id=' . strval($forum_id) . ' OR f_parent_forum=' . strval($forum_id) . ' ORDER BY f_parent_forum,' . $order, $max_forum_inspect, NULL, false, false, array('f_description', 'f_intro_question'));
        if (count($subforum_rows) == $max_forum_inspect) {
            $subforum_rows = array();
        }
        // Will cause performance breakage
    } else {
        $subforum_rows = $GLOBALS['FORUM_DB']->query_select('f_forums f', array('f.*'), NULL, 'ORDER BY f_parent_forum,' . $order, NULL, NULL, false, array('f_description', 'f_intro_question'));
    }
    $unread_forums = array();
    if (!is_null($forum_id) && get_member() != $GLOBALS['OCF_DRIVER']->get_guest_id()) {
        // Where are there unread topics in subforums?
        $tree = array();
        $subforum_rows_copy = $subforum_rows;
        $tree = ocf_organise_into_tree($subforum_rows_copy, $forum_id);
        if ($forum_id != db_get_first_id()) {
            $child_or_list = ocf_get_all_subordinate_forums($forum_id, 't_forum_id', $tree);
        } else {
            $child_or_list = '';
        }
        if ($child_or_list != '') {
            $child_or_list .= ' AND ';
        }
        $query = 'SELECT DISTINCT t_forum_id,t.id FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_topics t LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_read_logs l ON (t.id=l_topic_id AND l_member_id=' . strval((int) get_member()) . ') WHERE ' . $child_or_list . 't_cache_last_time>' . strval(time() - 60 * 60 * 24 * intval(get_option('post_history_days'))) . ' AND (l_time<t_cache_last_time OR l_time IS NULL)';
        if (!has_specific_permission(get_member(), 'jump_to_unvalidated')) {
            $query .= ' AND t_validated=1';
        }
        $unread_forums = collapse_2d_complexity('t_forum_id', 'id', $GLOBALS['FORUM_DB']->query($query));
    }
    // Find all the categories that are used
    $categories = array();
    $or_list = '';
    foreach ($subforum_rows as $tmp_key => $subforum_row) {
        if ($subforum_row['f_parent_forum'] != $forum_id) {
            continue;
        }
        if (!has_category_access($member_id, 'forums', strval($subforum_row['id']))) {
            unset($subforum_rows[$tmp_key]);
            continue;
        }
        $category_id = $subforum_row['f_category_id'];
        if (!array_key_exists($category_id, $categories)) {
            $categories[$category_id] = array('subforums' => array());
            if ($or_list != '') {
                $or_list .= ' OR ';
            }
            $or_list .= 'id=' . strval((int) $category_id);
        }
    }
    if ($or_list != '') {
        $category_rows = $GLOBALS['FORUM_DB']->query('SELECT * FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_categories WHERE ' . $or_list);
        foreach ($category_rows as $category_row) {
            $category_id = $category_row['id'];
            $title = $category_row['c_title'];
            $description = $category_row['c_description'];
            $expanded_by_default = $category_row['c_expanded_by_default'];
            $categories[$category_id]['title'] = $title;
            $categories[$category_id]['description'] = $description;
            $categories[$category_id]['expanded_by_default'] = $expanded_by_default;
        }
        $categories[NULL]['title'] = '';
        $categories[NULL]['description'] = '';
        $categories[NULL]['expanded_by_default'] = true;
        foreach ($subforum_rows as $subforum_row) {
            if ($subforum_row['f_parent_forum'] != $forum_id) {
                continue;
            }
            $category_id = $subforum_row['f_category_id'];
            //			if (!array_key_exists('position',$categories[$category_id])) $categories[$category_id]['position']=$subforum_row['f_position'];
            $subforum = array();
            $subforum['id'] = $subforum_row['id'];
            $subforum['name'] = $subforum_row['f_name'];
            $subforum['description'] = get_translated_tempcode($subforum_row['f_description'], $GLOBALS['FORUM_DB']);
            $subforum['redirection'] = $subforum_row['f_redirection'];
            $subforum['intro_question'] = get_translated_tempcode($subforum_row['f_intro_question'], $GLOBALS['FORUM_DB']);
            $subforum['intro_answer'] = $subforum_row['f_intro_answer'];
            if (is_numeric($subforum_row['f_redirection'])) {
                $subforum_row = $GLOBALS['FORUM_DB']->query_select('f_forums', array('*'), array('id' => intval($subforum_row['f_redirection'])), '', 1);
                $subforum_row = $subforum_row[0];
            }
            if ($subforum_row['f_redirection'] == '' || is_numeric($subforum_row['f_redirection'])) {
                $subforum['num_topics'] = $subforum_row['f_cache_num_topics'];
                $subforum['num_posts'] = $subforum_row['f_cache_num_posts'];
                $subforum['has_new'] = false;
                if (get_member() != $GLOBALS['OCF_DRIVER']->get_guest_id()) {
                    $subforums_recurse = ocf_get_all_subordinate_forums($subforum['id'], NULL, $tree[$subforum['id']]['children']);
                    foreach ($subforums_recurse as $subforum_potential) {
                        if (array_key_exists($subforum_potential, $unread_forums)) {
                            $subforum['has_new'] = true;
                        }
                    }
                }
                if (is_null($subforum_row['f_cache_last_forum_id']) || has_category_access($member_id, 'forums', strval($subforum_row['f_cache_last_forum_id']))) {
                    $subforum['last_topic_id'] = $subforum_row['f_cache_last_topic_id'];
                    $subforum['last_title'] = $subforum_row['f_cache_last_title'];
                    $subforum['last_time'] = $subforum_row['f_cache_last_time'];
                    $subforum['last_username'] = $subforum_row['f_cache_last_username'];
                    $subforum['last_member_id'] = $subforum_row['f_cache_last_member_id'];
                    $subforum['last_forum_id'] = $subforum_row['f_cache_last_forum_id'];
                } else {
                    $subforum['protected_last_post'] = true;
                }
                // Subsubforums
                $subforum['children'] = array();
                foreach ($subforum_rows as $tmp_key_2 => $subforum_row2) {
                    if ($subforum_row2['f_parent_forum'] == $subforum_row['id'] && has_category_access($member_id, 'forums', strval($subforum_row2['id']))) {
                        $subforum['children'][$subforum_row2['f_name'] . '__' . strval($subforum_row2['id'])] = array('id' => $subforum_row2['id'], 'name' => $subforum_row2['f_name'], 'redirection' => $subforum_row2['f_redirection']);
                    }
                }
                global $M_SORT_KEY;
                $M_SORT_KEY = 'name';
                uasort($subforum['children'], 'multi_sort');
            }
            $categories[$category_id]['subforums'][] = $subforum;
        }
    }
    // Find topics
    $extra = '';
    if (!has_specific_permission(get_member(), 'see_unvalidated') && !ocf_may_moderate_forum($forum_id, $member_id)) {
        $extra = 't_validated=1 AND ';
    }
    if (is_null($forum_info[0]['f_parent_forum'])) {
        $where = $extra . ' (t_forum_id=' . strval((int) $forum_id) . ')';
    } else {
        $extra2 = '';
        $parent_or_list = ocf_get_forum_parent_or_list($forum_id, $forum_info[0]['f_parent_forum']);
        if ($parent_or_list != '') {
            $extra2 = 'AND (' . $parent_or_list . ')';
        }
        $where = $extra . ' (t_forum_id=' . strval((int) $forum_id) . ' OR (t_cascading=1 ' . $extra2 . '))';
    }
    $order = get_param('order', $forum_info[0]['f_order']);
    $order2 = 't_cache_last_time DESC';
    if ($order == 'first_post') {
        $order2 = 't_cache_first_time DESC';
    } elseif ($order == 'title') {
        $order2 = 't_cache_first_title ASC';
    }
    if (get_value('disable_sunk') !== '1') {
        $order2 = 't_sunk ASC,' . $order2;
    }
    if (is_guest()) {
        $query = 'SELECT ttop.*,t.text_parsed AS _trans_post,NULL AS l_time FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_topics ttop LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'translate t ON ' . db_string_equal_to('language', user_lang()) . ' AND ttop.t_cache_first_post=t.id WHERE ' . $where . ' ORDER BY t_cascading DESC,t_pinned DESC,' . $order2;
    } else {
        $query = 'SELECT ttop.*,t.text_parsed AS _trans_post,l_time FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_topics ttop LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_read_logs l ON (ttop.id=l.l_topic_id AND l.l_member_id=' . strval((int) get_member()) . ') LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'translate t ON ' . db_string_equal_to('language', user_lang()) . ' AND ttop.t_cache_first_post=t.id WHERE ' . $where . ' ORDER BY t_cascading DESC,t_pinned DESC,' . $order2;
    }
    $topic_rows = $GLOBALS['FORUM_DB']->query($query, $max, $start);
    if ($start == 0 && count($topic_rows) < $max) {
        $max_rows = $max;
    } else {
        $max_rows = $GLOBALS['FORUM_DB']->query_value_null_ok_full('SELECT COUNT(*) FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_topics WHERE ' . $where);
    }
    $topics = array();
    $hot_topic_definition = intval(get_option('hot_topic_definition'));
    $or_list = '';
    foreach ($topic_rows as $topic_row) {
        if ($or_list != '') {
            $or_list .= ' OR ';
        }
        $or_list .= 'p_topic_id=' . strval((int) $topic_row['id']);
    }
    if ($or_list != '' && !is_guest()) {
        $involved = $GLOBALS['FORUM_DB']->query('SELECT DISTINCT p_topic_id FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_posts WHERE (' . $or_list . ') AND p_poster=' . strval((int) get_member()));
        $involved = collapse_1d_complexity('p_topic_id', $involved);
    } else {
        $involved = array();
    }
    foreach ($topic_rows as $topic_row) {
        $topics[] = ocf_get_topic_array($topic_row, $member_id, $hot_topic_definition, in_array($topic_row['id'], $involved));
    }
    $description = get_translated_tempcode($forum_info[0]['f_description'], $GLOBALS['FORUM_DB']);
    $description_text = get_translated_text($forum_info[0]['f_description'], $GLOBALS['FORUM_DB']);
    $out = array('name' => $forum_info[0]['f_name'], 'description' => $description, 'categories' => $categories, 'topics' => $topics, 'max_rows' => $max_rows, 'order' => $order, 'parent_forum' => $forum_info[0]['f_parent_forum']);
    $GLOBALS['META_DATA'] += array('created' => '', 'creator' => '', 'publisher' => '', 'modified' => '', 'type' => 'Forum', 'title' => $forum_info[0]['f_name'], 'identifier' => '_SEARCH:forumview:misc:' . strval($forum_id), 'description' => $description_text, 'image' => find_theme_image('bigicons/forums'));
    // Is there a question/answer situation?
    $question = get_translated_tempcode($forum_info[0]['f_intro_question'], $GLOBALS['FORUM_DB']);
    if (!$question->is_empty()) {
        $is_guest = $member_id == $GLOBALS['OCF_DRIVER']->get_guest_id();
        $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_forum_intro_ip', 'i_ip', array('i_forum_id' => $forum_id, 'i_ip' => get_ip_address(3)));
        if (is_null($test) && !$is_guest) {
            $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_forum_intro_member', 'i_member_id', array('i_forum_id' => $forum_id, 'i_member_id' => $member_id));
        }
        if (is_null($test)) {
            $out['question'] = $question;
            $out['answer'] = $forum_info[0]['f_intro_answer'];
        }
    }
    if (ocf_may_post_topic($forum_id, $member_id)) {
        $out['may_post_topic'] = 1;
    }
    if (ocf_may_moderate_forum($forum_id, $member_id)) {
        $out['may_change_max'] = 1;
        $out['may_move_topics'] = 1;
        if (has_specific_permission(get_member(), 'multi_delete_topics')) {
            $out['may_delete_topics'] = 1;
        }
        // Only super admins can casually delete topics - other staff are expected to trash them. At least deleted posts or trashed topics can be restored!
    }
    return $out;
}
Esempio n. 6
0
/**
 * Get tempcode for a Comcode tag. This function should always return (errors should be placed in the Comcode output stream), for stability reasons (i.e. if you're submitting something, you can't have the whole submit process die half way through in an unstructured fashion).
 *
 * @param  string			The tag being converted
 * @param  array			A map of the attributes (name=>val) for the tag. Val is usually a string, although in select places, the XML parser may pass tempcode.
 * @param  mixed			Tempcode of the inside of the tag ([between]THIS[/between]); the XML parser may pass in special stuff here, which is interpreted only for select tags
 * @param  boolean		Whether we are allowed to proceed even if this tag is marked as 'dangerous'
 * @param  string			A special identifier to mark where the resultant tempcode is going to end up (e.g. the ID of a post)
 * @param  integer		The position this tag occurred at in the Comcode
 * @param  MEMBER			The member who is responsible for this Comcode
 * @param  boolean		Whether to check as arbitrary admin
 * @param  object			The database connection to use
 * @param  string			The whole chunk of comcode
 * @param  boolean		Whether this is for WML output
 * @param  boolean		Whether this is only a structure sweep
 * @param  boolean		Whether we are in semi-parse-mode (some tags might convert differently)
 * @param  ?array			A list of words to highlight (NULL: none)
 * @param  ?MEMBER		The member we are running on behalf of, with respect to how attachments are handled; we may use this members attachments that are already within this post, and our new attachments will be handed to this member (NULL: member evaluating)
 * @param  boolean		Whether what we have came from inside a semihtml tag
 * @param  boolean		Whether what we have came from semihtml mode
 * @return tempcode		The tempcode for the Comcode
 */
function _do_tags_comcode($tag, $attributes, $embed, $comcode_dangerous, $pass_id, $marker, $source_member, $as_admin, $connection, &$comcode, $wml, $structure_sweep, $semiparse_mode, $highlight_bits = NULL, $on_behalf_of_member = NULL, $in_semihtml = false, $is_all_semihtml = false)
{
    if ($structure_sweep && $tag != 'title') {
        return new ocp_tempcode();
    }
    $param_given = isset($attributes['param']);
    if (!isset($attributes['param']) && $tag != 'block') {
        $attributes['param'] = '';
    }
    global $DANGEROUS_TAGS, $STRUCTURE_LIST, $COMCODE_PARSE_TITLE;
    if (isset($DANGEROUS_TAGS[$tag]) && !$comcode_dangerous) {
        $username = $GLOBALS['FORUM_DRIVER']->get_username($source_member);
        if (is_null($username)) {
            $username = do_lang('UNKNOWN');
        }
        if ($semiparse_mode) {
            $params = '';
            foreach ($attributes as $key => $val) {
                $params .= ' ' . $key . '="' . comcode_escape($val) . '"';
            }
            return make_string_tempcode('<input class="ocp_keep_ui_controlled" size="45" title="[' . $tag . '' . escape_html($params) . ']' . ($in_semihtml || $is_all_semihtml ? escape_html($embed->evaluate()) : escape_html($embed->evaluate())) . '[/' . $tag . ']" type="text" value="' . ($tag == 'block' ? do_lang('COMCODE_EDITABLE_BLOCK', escape_html($embed->evaluate())) : do_lang('COMCODE_EDITABLE_TAG', escape_html($tag))) . '" />');
        }
        return do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:NO_ACCESS_FOR_TAG', escape_html($tag), escape_html($username))));
        //return new ocp_tempcode();
    }
    // These are just bbcode compatibility tags.. we will remap to our proper comcode
    if ($tag == 'php') {
        $attributes['param'] = 'php';
        $tag = 'code';
    } elseif ($tag == 'sql') {
        $attributes['param'] = 'sql';
        $tag = 'code';
    } elseif ($tag == 'codebox') {
        $attributes['scroll'] = '1';
        $tag = 'code';
    } elseif ($tag == 'left') {
        $attributes['param'] = 'left';
        $tag = 'align';
    } elseif ($tag == 'center') {
        $attributes['param'] = 'center';
        $tag = 'align';
    } elseif ($tag == 'right') {
        $attributes['param'] = 'right';
        $tag = 'align';
    } elseif ($tag == 'thread') {
        $tag = 'topic';
    } elseif ($tag == 'internal_table' || $tag == 'external_table') {
        $tag = 'box';
        if (array_key_exists('class', $attributes)) {
            $attributes['type'] = $attributes['class'];
        }
    }
    if ($semiparse_mode) {
        $non_text_tags = array('attachment', 'section_controller', 'big_tab_controller', 'currency', 'block', 'contents', 'concepts', 'flash', 'menu', 'email', 'reference', 'upload', 'page', 'exp_thumb', 'exp_ref', 'thumb', 'snapback', 'post', 'thread', 'topic', 'include', 'random', 'jumping', 'shocker');
        // Also in JAVASCRIPT_EDITING.tpl
        if ($tag == 'attachment_safe') {
            if (preg_match('#^new\\_\\d+$#', $embed->evaluate()) != 0) {
                $non_text_tags[] = 'attachment_safe';
            }
        }
        if (in_array($tag, $non_text_tags)) {
            $params = '';
            foreach ($attributes as $key => $val) {
                $params .= ' ' . $key . '="' . str_replace('"', '\\"', $val) . '"';
            }
            if ($tag != 'block' || !is_file(get_file_base() . '/sources_custom/miniblocks/' . $embed->evaluate() . '.php')) {
                return make_string_tempcode('<input class="ocp_keep_ui_controlled" size="45" title="[' . $tag . '' . escape_html($params) . ']' . ($in_semihtml || $is_all_semihtml ? escape_html($embed->evaluate()) : escape_html($embed->evaluate())) . '[/' . $tag . ']" type="text" value="' . ($tag == 'block' ? do_lang('comcode:COMCODE_EDITABLE_BLOCK', escape_html($embed->evaluate())) : do_lang('comcode:COMCODE_EDITABLE_TAG', escape_html($tag))) . '" />');
            } else {
                return make_string_tempcode('[block' . escape_html($params) . ']' . ($in_semihtml || $is_all_semihtml ? $embed->evaluate() : escape_html($embed->evaluate())) . '[/block]');
            }
        }
    }
    $temp_tpl = new ocp_tempcode();
    switch ($tag) {
        case 'no_parse':
            $temp_tpl->attach($embed);
            break;
        case 'currency':
            if (addon_installed('ecommerce')) {
                $bracket = array_key_exists('bracket', $attributes) && $attributes['bracket'] == '1';
                if ($attributes['param'] == '') {
                    $attributes['param'] = get_option('currency');
                }
                $temp_tpl = do_template('COMCODE_CURRENCY', array('_GUID' => 'ee1fcdae082af6397ff3bad89006e012', 'AMOUNT' => $embed, 'FROM_CURRENCY' => $attributes['param'], 'BRACKET' => $bracket));
            }
            break;
        case 'overlay':
            $x = strval(array_key_exists('x', $attributes) ? intval($attributes['x']) : 100);
            $y = strval(array_key_exists('y', $attributes) ? intval($attributes['y']) : 100);
            $width = strval(array_key_exists('width', $attributes) ? intval($attributes['width']) : 300);
            $height = strval(array_key_exists('height', $attributes) ? intval($attributes['height']) : 300);
            $timein = strval(array_key_exists('timein', $attributes) ? intval($attributes['timein']) : 0);
            $timeout = strval(array_key_exists('timeout', $attributes) ? intval($attributes['timeout']) : -1);
            $temp_tpl = do_template('COMCODE_OVERLAY', array('_GUID' => 'dfd0f7a72cc2bf6b613b28f8165a0034', 'UNIQ_ID' => 'a' . uniqid('', true), 'EMBED' => $embed, 'ID' => $attributes['param'] != '' ? $attributes['param'] : 'rand' . uniqid('', true), 'X' => $x, 'Y' => $y, 'WIDTH' => $width, 'HEIGHT' => $height, 'TIMEIN' => $timein, 'TIMEOUT' => $timeout));
            break;
        case 'code':
            if ($wml) {
                $temp_tpl->attach('<b>');
                $temp_tpl->attach($embed);
                $temp_tpl->attach('</b>');
                break;
            }
            list($_embed, $title) = do_code_box($attributes['param'], $embed, array_key_exists('numbers', $attributes) && $attributes['numbers'] == '1', $in_semihtml, $is_all_semihtml);
            if (!is_null($_embed)) {
                $tpl = array_key_exists('scroll', $attributes) && $attributes['scroll'] == '1' ? 'COMCODE_CODE_SCROLL' : 'COMCODE_CODE';
                if ($tpl == 'COMCODE_CODE_SCROLL' && substr_count($_embed, chr(10)) < 10) {
                    $style = 'height: auto';
                } else {
                    $style = '';
                }
                $temp_tpl = do_template($tpl, array('_GUID' => 'c5d46d0927272fcacbbabcfab0ef6b0c', 'STYLE' => $style, 'TYPE' => $attributes['param'], 'CONTENT' => $_embed, 'TITLE' => $title));
            } else {
                $_embed = '';
            }
            if ($temp_tpl->is_empty()) {
                if ($in_semihtml || $is_all_semihtml) {
                    require_code('comcode_from_html');
                    $back_to_comcode = semihtml_to_comcode($embed->evaluate());
                    // Undo what's happened already
                    //$back_to_comcode=html_entity_decode($back_to_comcode,ENT_QUOTES,get_charset()); // Remove the escaping entities that were inside the code tag
                    $embed = comcode_to_tempcode($back_to_comcode, $source_member, $as_admin, 80, $pass_id, $connection);
                    // Re-parse (with full security)
                }
                $_embed = $embed->evaluate();
                if (!array_key_exists('scroll', $attributes) && strlen($_embed) > 1000) {
                    $attributes['scroll'] = '1';
                }
                $tpl = array_key_exists('scroll', $attributes) && $attributes['scroll'] == '1' ? 'COMCODE_CODE_SCROLL' : 'COMCODE_CODE';
                $title = do_lang_tempcode('CODE');
                if ($tpl == 'COMCODE_CODE_SCROLL' && substr_count($_embed, chr(10)) < 10) {
                    $style = 'height: auto';
                } else {
                    $style = '';
                }
                $temp_tpl = do_template($tpl, array('CONTENT' => $_embed, 'TITLE' => $title, 'STYLE' => $style, 'TYPE' => $attributes['param']));
            }
            break;
        case 'list':
            if (is_array($embed)) {
                $parts = $embed;
            } else {
                $_embed = trim($embed->evaluate());
                $_embed = str_replace('[/*]', '', $_embed);
                $parts = explode('[*]', $_embed);
            }
            if (isset($temp_tpl->preprocessable_bits)) {
                $temp_tpl->preprocessable_bits = array_merge($temp_tpl->preprocessable_bits, $embed->preprocessable_bits);
            }
            if ($wml) {
                foreach ($parts as $i => $part) {
                    if ($i == 0 && str_replace(array('&nbsp;', '<br />', ' '), array('', '', ''), trim($part)) == '') {
                        continue;
                    }
                    $temp_tpl->attach('<br />* ');
                    $temp_tpl->attach($part);
                }
                $temp_tpl->attach('<br />* ');
                break;
            }
            $type = $attributes['param'];
            if ($type != '') {
                if ($type == '1') {
                    $type = 'decimal';
                } elseif ($type == 'a') {
                    $type = 'lower-alpha';
                } elseif ($type == 'i') {
                    $type = 'lower-roman';
                } elseif ($type == 'x') {
                    $type = 'none';
                } elseif (!in_array($type, array('circle', 'disc', 'square', 'armenian', 'decimal', 'decimal-leading-zero', 'georgian', 'lower-alpha', 'lower-greek', 'lower-latin', 'lower-roman', 'upper-alpha', 'upper-latin', 'upper-roman'))) {
                    $type = 'disc';
                }
                $tag = in_array($type, array('circle', 'disc', 'square')) ? 'ul' : 'ol';
                $temp_tpl->attach('<' . $tag . ' style="list-style-type: ' . $type . '">');
                foreach ($parts as $i => $part) {
                    if ($i == 0 && str_replace(array('&nbsp;', '<br />', ' '), array('', '', ''), trim($part)) == '') {
                        continue;
                    }
                    $temp_tpl->attach('<li>' . preg_replace('#\\<br /\\>(\\&nbsp;|\\s)*$#D', '', preg_replace('#^\\<br /\\>(\\&nbsp;|\\s)*#D', '', $part)) . '</li>');
                }
                $temp_tpl->attach('</' . $tag . '>');
            } else {
                $temp_tpl->attach('<ul>');
                foreach ($parts as $i => $part) {
                    if ($i == 0 && str_replace(array('&nbsp;', '<br />', ' '), array('', '', ''), trim($part)) == '') {
                        continue;
                    }
                    $temp_tpl->attach('<li>' . preg_replace('#\\<br /\\>(\\&nbsp;|\\s)*$#D', '', preg_replace('#^\\<br /\\>(\\&nbsp;|\\s)*#D', '', $part)) . '</li>');
                }
                $temp_tpl->attach('</ul>');
            }
            break;
        case 'snapback':
            require_lang('ocf');
            $post_id = intval($embed->evaluate());
            $s_title = $attributes['param'] == '' ? do_lang_tempcode('FORUM_POST_NUMBERED', integer_format($post_id)) : make_string_tempcode($attributes['param']);
            $forum = array_key_exists('forum', $attributes) ? $attributes['forum'] : '';
            $temp_tpl = do_template('COMCODE_SNAPBACK', array('URL' => $GLOBALS['FORUM_DRIVER']->post_url($post_id, $forum), 'TITLE' => $s_title));
            break;
        case 'post':
            require_lang('ocf');
            $post_id = intval($embed->evaluate());
            $s_title = $attributes['param'] == '' ? do_lang_tempcode('FORUM_POST_NUMBERED', integer_format($post_id)) : make_string_tempcode($attributes['param']);
            $forum = array_key_exists('forum', $attributes) ? $attributes['forum'] : '';
            $temp_tpl->attach(hyperlink($GLOBALS['FORUM_DRIVER']->post_url($post_id, $forum), $s_title));
            break;
        case 'topic':
            require_lang('ocf');
            $topic_id = intval($embed->evaluate());
            $s_title = $attributes['param'] == '' ? do_lang_tempcode('FORUM_TOPIC_NUMBERED', integer_format($topic_id)) : make_string_tempcode($attributes['param']);
            $forum = array_key_exists('forum', $attributes) ? $attributes['forum'] : '';
            $temp_tpl->attach(hyperlink($GLOBALS['FORUM_DRIVER']->topic_url($topic_id, $forum), $s_title));
            break;
        case 'staff_note':
            $temp_tpl = new ocp_tempcode();
            return $temp_tpl;
        case 'section':
            if ($wml) {
                $temp_tpl = $embed;
                break;
            }
            $name = array_key_exists('param', $attributes) ? $attributes['param'] : 'section' . strval(mt_rand(0, 100));
            $default = array_key_exists('default', $attributes) ? $attributes['default'] : '0';
            $temp_tpl = do_template('COMCODE_SECTION', array('_GUID' => 'a902962ccdc80046c999d6fed907d105', 'PASS_ID' => 'x' . $pass_id, 'DEFAULT' => $default == '1', 'NAME' => $name, 'CONTENT' => $embed));
            break;
        case 'section_controller':
            if ($wml) {
                break;
            }
            $sections = explode(',', $embed->evaluate());
            $temp_tpl = do_template('COMCODE_SECTION_CONTROLLER', array('_GUID' => '133bf24892e9e3ec2a01146d6ec418fe', 'SECTIONS' => $sections, 'PASS_ID' => 'x' . $pass_id));
            break;
        case 'big_tab':
            if ($wml) {
                $temp_tpl = $embed;
                break;
            }
            $name = array_key_exists('param', $attributes) ? $attributes['param'] : 'big_tab' . strval(mt_rand(0, 100));
            $default = array_key_exists('default', $attributes) ? $attributes['default'] : '0';
            $temp_tpl = do_template('COMCODE_BIG_TABS_TAB', array('PASS_ID' => 'x' . $pass_id, 'DEFAULT' => $default == '1', 'NAME' => $name, 'CONTENT' => $embed));
            break;
        case 'big_tab_controller':
            if ($wml) {
                break;
            }
            $tabs = explode(',', $embed->evaluate());
            if (!array_key_exists('switch_time', $attributes)) {
                $attributes['switch_time'] = '6000';
            }
            $temp_tpl = do_template('COMCODE_BIG_TABS_CONTROLLER', array('SWITCH_TIME' => $attributes['switch_time'], 'TABS' => $tabs, 'PASS_ID' => 'x' . $pass_id));
            break;
        case 'tab':
            if ($wml) {
                $temp_tpl = $embed;
                break;
            }
            $default = array_key_exists('default', $attributes) ? $attributes['default'] : '0';
            $temp_tpl = do_template('COMCODE_TAB_BODY', array('DEFAULT' => $default == '1', 'TITLE' => trim($attributes['param']), 'CONTENT' => $embed));
            break;
        case 'tabs':
            if ($wml) {
                break;
            }
            $heads = new ocp_tempcode();
            $tabs = explode(',', $attributes['param']);
            foreach ($tabs as $i => $tab) {
                $heads->attach(do_template('COMCODE_TAB_HEAD', array('TITLE' => trim($tab), 'FIRST' => $i == 0, 'LAST' => !array_key_exists($i + 1, $tabs))));
            }
            $temp_tpl = do_template('COMCODE_TAB_CONTROLLER', array('HEADS' => $heads, 'CONTENT' => $embed));
            break;
        case 'carousel':
            if ($attributes['param'] == '') {
                $attributes['param'] = '40';
            }
            $temp_tpl = do_template('COMCODE_CAROUSEL', array('CONTENT' => $embed, 'SCROLL_AMOUNT' => $attributes['param']));
            break;
        case 'menu':
            if ($wml) {
                break;
            }
            $name = array_key_exists('param', $attributes) ? $attributes['param'] : 'mnu' . strval(mt_rand(0, 100));
            $type = array_key_exists('type', $attributes) ? $attributes['type'] : 'tree';
            require_code('menus');
            require_code('menus_comcode');
            $temp_tpl = build_comcode_menu($embed->evaluate(), $name, $source_member, $type);
            break;
        case 'if_in_group':
            $groups = '';
            $_groups = explode(',', $attributes['param']);
            $all_groups = $GLOBALS['FORUM_DRIVER']->get_usergroup_list();
            foreach ($_groups as $group) {
                $find = array_search($group, $all_groups);
                if ($find === false) {
                    if ($groups != '') {
                        $groups .= ',';
                    }
                    $groups .= $group;
                } else {
                    if ($groups != '') {
                        $groups .= ',';
                    }
                    $groups .= strval($find);
                }
            }
            $temp_tpl = do_template('COMCODE_IF_IN_GROUP', array('_GUID' => '761a7cc07f7b4b68508d68ce19b87d2c', 'TYPE' => array_key_exists('type', $attributes) ? $attributes['type'] : '', 'CONTENT' => $embed, 'GROUPS' => $groups));
            break;
        case 'acronym':
        case 'abbr':
            $temp_tpl = do_template('COMCODE_ABBR', array('_GUID' => 'acbc4f991dsf03f81b61919b74ac24c91', 'CONTENT' => $embed, 'TITLE' => $attributes['param']));
            break;
        case 'address':
            $temp_tpl = do_template('COMCODE_ADDRESS', array('_GUID' => 'acbcsdf9910703f81b61919b74ac24c91', 'CONTENT' => $embed));
            break;
        case 'dfn':
            $temp_tpl = do_template('COMCODE_DFN', array('_GUID' => 'acbc4f9910703f81b61sf19b74ac24c91', 'CONTENT' => $embed));
            break;
        case 'pulse':
            $min_color = array_key_exists('min', $attributes) ? $attributes['min'] : '0000FF';
            $max_color = array_key_exists('max', $attributes) ? $attributes['max'] : 'FF0044';
            if (substr($min_color, 0, 1) == '#') {
                $min_color = substr($min_color, 1);
            }
            if (substr($max_color, 0, 1) == '#') {
                $max_color = substr($max_color, 1);
            }
            $speed = $attributes['param'] == '' ? 100 : intval($attributes['param']);
            $temp_tpl = do_template('COMCODE_PULSE', array('_GUID' => 'adsd4f9910sfd03f81b61919b74ac24c91', 'RAND_ID' => uniqid('', true), 'CONTENT' => $embed, 'MIN_COLOR' => $min_color, 'MAX_COLOR' => $max_color, 'SPEED' => strval($speed)));
            break;
        case 'del':
            $cite = array_key_exists('cite', $attributes) ? $attributes['cite'] : NULL;
            if (!is_null($cite)) {
                $temp_tpl = test_url($cite, 'del', $cite, $source_member);
            }
            $datetime = array_key_exists('datetime', $attributes) ? $attributes['datetime'] : NULL;
            $temp_tpl->attach(do_template('COMCODE_DEL', array('_GUID' => 'acsd4f9910sfd03f81b61919b74ac24c91', 'CONTENT' => $embed, 'CITE' => $cite, 'DATETIME' => $datetime)));
            break;
        case 'ins':
            $cite = array_key_exists('cite', $attributes) ? $attributes['cite'] : NULL;
            if (!is_null($cite)) {
                $temp_tpl = test_url($cite, 'ins', $cite, $source_member);
                if (!$temp_tpl->is_empty()) {
                    break;
                }
            }
            $datetime = array_key_exists('datetime', $attributes) ? $attributes['datetime'] : NULL;
            $temp_tpl->attach(do_template('COMCODE_INS', array('_GUID' => 'asss4f9910703f81b61919bsfc24c91', 'CONTENT' => $embed, 'CITE' => $cite, 'DATETIME' => $datetime)));
            break;
        case 'cite':
            $temp_tpl = do_template('COMCODE_CITE', array('_GUID' => 'acbcsf910703f81b61919b74ac24c91', 'CONTENT' => $embed));
            break;
        case 'b':
            if ($semiparse_mode) {
                $temp_tpl = make_string_tempcode('<b>' . $embed->evaluate() . '</b>');
                break;
            }
            $temp_tpl = do_template('COMCODE_BOLD', array('_GUID' => 'acbc4fds910703f81b619sf74ac24c91', 'CONTENT' => $embed));
            break;
        case 'align':
            if ($wml) {
                $temp_tpl = $embed;
                break;
            }
            $align = array_key_exists('param', $attributes) ? $attributes['param'] : 'left';
            $temp_tpl = do_template('COMCODE_ALIGN', array('_GUID' => '950b4d9db12cac6bf536860bedd96a36', 'ALIGN' => $align, 'CONTENT' => $embed));
            break;
        case 'indent':
            if ($wml) {
                $temp_tpl = $embed;
                break;
            }
            $indent = array_key_exists('param', $attributes) ? $attributes['param'] : '10';
            if (!is_numeric($indent)) {
                $indent = '10';
            }
            $temp_tpl = do_template('COMCODE_INDENT', array('_GUID' => 'd8e69fa17eebd5312e3ad5788e3a1343', 'INDENT' => $indent, 'CONTENT' => $embed));
            break;
        case 'surround':
            if ($wml) {
                $temp_tpl = $embed;
                break;
            }
            if ($semiparse_mode && $embed->evaluate() == '') {
                $temp_tpl = make_string_tempcode('<kbd class="ocp_keep" title="no_parse">[surround="' . comcode_escape(array_key_exists('param', $attributes) ? $attributes['param'] : 'float_surrounder') . '"]' . $embed->evaluate() . '[/surround]</kbd>');
                break;
            }
            $class = array_key_exists('param', $attributes) && $attributes['param'] != '' ? $attributes['param'] : 'float_surrounder';
            $temp_tpl = do_template('COMCODE_SURROUND', array('_GUID' => 'e8e69fa17eebd5312e3ad5788e3a1343', 'CLASS' => $class, 'CONTENT' => $embed));
            break;
        case 'i':
            if ($semiparse_mode) {
                $temp_tpl = make_string_tempcode('<i>' . $embed->evaluate() . '</i>');
                break;
            }
            $temp_tpl = do_template('COMCODE_ITALICS', array('_GUID' => '4321a1fe3825418e57a29410183c0c60', 'CONTENT' => $embed));
            break;
        case 'u':
            if ($semiparse_mode) {
                $temp_tpl = make_string_tempcode('<u>' . $embed->evaluate() . '</u>');
                break;
            }
            $temp_tpl = do_template('COMCODE_UNDERLINE', array('_GUID' => '69cc8e73b17f9e6a35eb1af2bd1dc6ab', 'CONTENT' => $embed));
            break;
        case 's':
            if ($wml) {
                $temp_tpl = $embed;
                break;
            }
            if ($semiparse_mode) {
                $temp_tpl = make_string_tempcode('<strike>' . $embed->evaluate() . '</strike>');
                break;
            }
            $temp_tpl = do_template('COMCODE_STRIKE', array('_GUID' => 'ed242591cefd365497cc0c63abbb11a9', 'CONTENT' => $embed));
            break;
        case 'tooltip':
            $param = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
            if ($wml) {
                $temp_tpl->attach($embed);
                $temp_tpl->attach('[ ');
                $temp_tpl->attach($param);
                $temp_tpl->attach(' ]');
                break;
            }
            $temp_tpl = do_template('COMCODE_TOOLTIP', array('_GUID' => 'c9f4793dc0c1a92cd7d08ae1b87c2308', 'URL' => array_key_exists('url', $attributes) ? $attributes['url'] : '', 'TOOLTIP' => $param, 'CONTENT' => $embed));
            break;
        case 'sup':
            if ($wml) {
                $temp_tpl->attach('^');
                $temp_tpl->attach($embed);
                break;
            }
            $temp_tpl = do_template('COMCODE_SUP', array('_GUID' => '74d2ecfe193dacb6d922bc288828196a', 'CONTENT' => $embed));
            break;
        case 'sub':
            if ($wml) {
                $temp_tpl->attach('{');
                $temp_tpl->attach($embed);
                $temp_tpl->attach('}');
                break;
            }
            $temp_tpl = do_template('COMCODE_SUB', array('_GUID' => '515e310e00a6d7c30f7dca0a5956ebcf', 'CONTENT' => $embed));
            break;
        case 'title':
            if ($semiparse_mode && strpos($comcode, '[contents') !== false) {
                $temp_tpl = make_string_tempcode('[title' . reinsert_parameters($attributes) . ']' . $embed->evaluate() . '[/title]');
                break;
            }
            $level = $attributes['param'] != '' ? intval($attributes['param']) : 1;
            if ($level == 0) {
                $level = 1;
            }
            // Stop crazy Comcode causing stack errors with the toc
            $uniq_id = strval(count($STRUCTURE_LIST));
            $STRUCTURE_LIST[] = array($level, $embed, $uniq_id);
            if ($level == 1) {
                $template = 'SCREEN_TITLE';
            } elseif ($level == 2) {
                $template = 'COMCODE_SECTION_TITLE';
            } elseif ($level == 3) {
                $template = 'COMCODE_MINOR_TITLE';
            } elseif ($level == 4) {
                $template = 'COMCODE_VERY_MINOR_TITLE';
            } else {
                $template = 'COMCODE_VERY_MINOR_TITLE';
            }
            if ($level == 1) {
                if (is_null($COMCODE_PARSE_TITLE)) {
                    $COMCODE_PARSE_TITLE = $embed->evaluate();
                    if (is_object($COMCODE_PARSE_TITLE)) {
                        $COMCODE_PARSE_TITLE = $COMCODE_PARSE_TITLE->evaluate();
                    }
                }
            }
            $base = array_key_exists('base', $attributes) ? intval($attributes['base']) : 2;
            if (array_key_exists('number', $attributes) && $level >= $base) {
                $list_types = $attributes['number'] == '' ? array() : explode(',', $attributes['number']);
                $list_types = array_merge($list_types, array('decimal', 'lower-alpha', 'lower-roman', 'upper-alpha', 'upper-roman', 'disc'));
                $numerals = array('i', 'ii', 'iii', 'iv', 'v', 'vi', 'viii', 'ix', 'x', 'xi', 'xii', 'xiii', 'xiv', 'xv', 'xvi', 'xvii', 'xviii', 'xix', 'xx');
                $symbol_lookup = array('decimal' => range(1, 100), 'lower-alpha' => range('a', 'z'), 'lower-roman' => $numerals, 'upper-alpha' => range('A', 'Z'), 'upper-roman' => str_replace('i', 'I', str_replace('v', 'V', str_replace('x', 'X', $numerals))));
                $level_text = '';
                $list_pos = count($STRUCTURE_LIST) - 2;
                for ($j = $level; $j >= $base; $j--) {
                    $num_before = 0;
                    for ($i = $list_pos; $i >= 0; $i--) {
                        $list_pos--;
                        if ($STRUCTURE_LIST[$i][0] == $j - 1) {
                            break;
                        }
                        if ($STRUCTURE_LIST[$i][0] == $j) {
                            $num_before++;
                        }
                    }
                    $level_number = @strval($symbol_lookup[$list_types[$j - $base]][$num_before]);
                    $level_text = $level_number . ($level_text != '' ? '.' : '') . $level_text;
                }
                $old_embed = $embed;
                $embed = make_string_tempcode($level_text . ' &ndash; ');
                $embed->attach($old_embed);
            }
            if ($wml) {
                if ($level == 1) {
                    $temp_tpl->attach('<br /><p><big><u><b>');
                    $temp_tpl->attach($embed);
                    $temp_tpl->attach('</b></u></big></p><br />');
                } elseif ($level == 2) {
                    $temp_tpl->attach('<br /><p><big><u>');
                    $temp_tpl->attach($embed);
                    $temp_tpl->attach('</u></big></p><br />');
                } elseif ($level == 3) {
                    $temp_tpl->attach('<br /><p><big>');
                    $temp_tpl->attach($embed);
                    $temp_tpl->attach('</big></p><br />');
                } elseif ($level == 4) {
                    $temp_tpl->attach('<br /><p>');
                    $temp_tpl->attach($embed);
                    $temp_tpl->attach('</p><br />');
                }
                break;
            }
            if ($semiparse_mode) {
                $temp_tpl = make_string_tempcode('<h' . strval($level) . ($level == 1 ? ' class="main_page_title"' : '') . '><span class="inner">' . $embed->evaluate() . '</span></h' . strval($level) . '>');
                break;
            }
            $tpl_map = array('ID' => substr($pass_id, 0, 5) == 'panel' ? NULL : $uniq_id, 'TITLE' => $embed, 'HELP_URL' => '', 'HELP_TERM' => '');
            if (array_key_exists('sub', $attributes)) {
                $tpl_map['SUB'] = protect_from_escaping(comcode_to_tempcode($attributes['sub'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member));
            }
            $temp_tpl = do_template($template, $tpl_map);
            break;
        case 'attachment':
        case 'attachment2':
            // legacy
        // legacy
        case 'attachment_safe':
            if ($wml) {
                break;
            }
            require_code('attachments');
            if (is_null($on_behalf_of_member)) {
                $on_behalf_of_member = $source_member;
            }
            $id = $embed->evaluate();
            global $COMCODE_ATTACHMENTS;
            if (!is_numeric($id) && !$as_admin && !has_specific_permission($source_member, 'exceed_filesize_limit')) {
                // We work all this out before we do any downloads, to make sure orphaned files aren't dumped on the file system (possible hack method)
                if (get_forum_type() == 'ocf') {
                    require_lang('ocf');
                    require_code('ocf_groups');
                    $daily_quota = ocf_get_member_best_group_property($source_member, 'max_daily_upload_mb');
                } else {
                    $daily_quota = 5;
                    // 5 is a hard coded default for non-OCF forums
                }
                if (!is_null($daily_quota)) {
                    $_size_uploaded_today = $connection->query('SELECT SUM(a_file_size) AS the_answer FROM ' . $connection->get_table_prefix() . 'attachments WHERE a_member_id=' . strval((int) $source_member) . ' AND a_add_time>' . strval(time() - 60 * 60 * 24));
                    if (is_null($_size_uploaded_today[0]['the_answer'])) {
                        $_size_uploaded_today[0]['the_answer'] = 0;
                    }
                    $size_uploaded_today = ceil((double) $_size_uploaded_today[0]['the_answer'] / 1024.0 / 1024.0);
                    $attach_size = 0;
                    require_code('uploads');
                    is_swf_upload(true);
                    foreach ($_FILES as $_file) {
                        $attach_size += floatval($_file['size']) / 1024.0 / 1024.0;
                    }
                    if ($size_uploaded_today + $attach_size > floatval($daily_quota)) {
                        $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('OVER_DAILY_QUOTA', integer_format($daily_quota), float_format($size_uploaded_today))));
                        break;
                    }
                }
            }
            $thumb_url = array_key_exists('thumb_url', $attributes) ? $attributes['thumb_url'] : '';
            // Embedded attachments
            if (!is_numeric($id) && substr($id, 0, 4) != 'new_' && substr($id, 0, 4) != 'url_') {
                $file = base64_decode(str_replace(chr(10), '', $id));
                if ($file === false) {
                    $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:CORRUPT_ATTACHMENT')));
                    break;
                }
                $md5 = md5(substr($file, 0, 30));
                $original_filename = array_key_exists('filename', $attributes) ? $attributes['filename'] : $md5 . '.dat';
                if (get_file_extension($original_filename) != 'dat') {
                    require_code('files2');
                    check_extension($original_filename, true);
                    $new_filename = $md5 . '.' . get_file_extension($original_filename) . '.dat';
                } else {
                    $new_filename = $md5 . '.' . get_file_extension($original_filename);
                }
                $path = get_custom_file_base() . '/uploads/attachments/' . $new_filename;
                $myfile = @fopen($path, 'wb');
                if ($myfile === false) {
                    $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => intelligent_write_error_inline($path)));
                    break;
                }
                if (fwrite($myfile, $file) < strlen($file)) {
                    warn_exit(do_lang_tempcode('COULD_NOT_SAVE_FILE'));
                }
                fclose($myfile);
                fix_permissions($path);
                sync_file($path);
                $_size = strlen($file);
                $url = 'uploads/attachments/' . $new_filename;
                if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) {
                    $url = get_custom_base_url() . '/' . $url;
                }
                // Thumbnail
                if ($thumb_url == '') {
                    require_code('images');
                    if (is_image($original_filename)) {
                        $gd = get_option('is_on_gd') == '1' && function_exists('imagetypes');
                        if ($gd) {
                            require_code('images');
                            if (!is_saveable_image($url)) {
                                $ext = '.png';
                            } else {
                                $ext = '.' . get_file_extension($original_filename);
                            }
                            $thumb_url = 'uploads/attachments_thumbs/' . $md5 . $ext;
                            convert_image(get_custom_base_url() . '/' . $url, get_custom_file_base() . '/' . $thumb_url, -1, -1, intval(get_option('thumb_width')), true, NULL, false, true);
                            if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) {
                                $thumb_url = get_custom_base_url() . '/' . $thumb_url;
                            }
                        } else {
                            $thumb_url = $url;
                        }
                    }
                }
                if (addon_installed('galleries')) {
                    require_code('images');
                    if (is_video($url) && $connection->connection_read == $GLOBALS['SITE_DB']->connection_read) {
                        require_code('transcoding');
                        $url = transcode_video($url, 'attachments', 'a_url', 'a_original_filename', NULL, NULL);
                    }
                }
                $attachment = array('a_member_id' => $on_behalf_of_member, 'a_file_size' => $_size, 'a_url' => $url, 'a_thumb_url' => $thumb_url, 'a_original_filename' => $original_filename, 'a_num_downloads' => 0, 'a_last_downloaded_time' => NULL, 'a_add_time' => time());
                $attachment['a_description'] = array_key_exists('description', $attributes) ? is_object($attributes['description']) ? '[html]' . $attributes['description']->evaluate() . '[/html]' : $attributes['description'] : '';
                $attach_id = $connection->query_insert('attachments', $attachment, true);
                $attachment['id'] = $attach_id;
                // Create and document attachment
                if (!array_key_exists('type', $attributes)) {
                    $attributes['type'] = 'auto';
                }
                $COMCODE_ATTACHMENTS[$pass_id][] = array('tag_type' => $tag, 'type' => 'new', 'attachmenttype' => $attributes['type'], 'description' => $attachment['a_description'], 'id' => intval($attach_id), 'marker' => $marker, 'comcode' => $comcode);
                // Marker will allow us to search back and replace this with the added id
            } elseif (!is_numeric($id)) {
                require_code('uploads');
                if (substr($id, 0, 4) == 'new_') {
                    $_id = substr($id, 4);
                    if (!is_numeric($_id)) {
                        $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:INVALID_ATTACHMENT')));
                        break;
                    }
                    $attributes['type'] = post_param('attachmenttype' . $_id, array_key_exists('type', $attributes) ? $attributes['type'] : 'auto');
                    if (substr($attributes['type'], -8) == '_extract') {
                        $attributes['type'] = substr($attributes['type'], 0, strlen($attributes['type']) - 8);
                    }
                    $urls = get_url('', 'file' . $_id, 'uploads/attachments', 2, OCP_UPLOAD_ANYTHING, (!array_key_exists('thumb', $attributes) || $attributes['thumb'] != '0') && $thumb_url == '', '', '', true, true, true);
                    if ($urls[0] == '') {
                        return new ocp_tempcode();
                    }
                    //warn_exit(do_lang_tempcode('ERROR_UPLOADING'));  Can't do this, because this might not be post-calculated if something went wrong once
                    is_swf_upload(true);
                    $_size = $_FILES['file' . $_id]['size'];
                    $original_filename = $_FILES['file' . $_id]['name'];
                    if (get_magic_quotes_gpc()) {
                        $original_filename = stripslashes($original_filename);
                    }
                } elseif (substr($id, 0, 4) == 'url_') {
                    if (!has_specific_permission($source_member, 'draw_to_server') && !$as_admin) {
                        break;
                    }
                    $_id = '!';
                    $attributes['type'] = post_param('attachmenttype' . $_id, array_key_exists('type', $attributes) ? $attributes['type'] : 'auto');
                    $url = remove_url_mistakes(substr($id, 4));
                    $_POST['_specify_url'] = $url;
                    // Little hack, as we need to read it from a POST
                    if (get_magic_quotes_gpc()) {
                        $_POST['_specify_url'] = addslashes($_POST['_specify_url']);
                    }
                    $urls = get_url('_specify_url', '', 'uploads/filedump', 1, OCP_UPLOAD_ANYTHING, (!array_key_exists('thumb', $attributes) || $attributes['thumb'] != '0') && $thumb_url == '', '', '', true, true);
                    if ($urls[0] == '') {
                        return new ocp_tempcode();
                    }
                    $original_filename = rawurldecode(substr($url, strrpos($url, '/') + 1));
                    if (url_is_local($urls[0])) {
                        $_size = @filesize(get_custom_file_base() . '/' . rawurldecode($urls[0]));
                        if ($_size === false) {
                            $_size = filesize(get_file_base() . '/' . rawurldecode($urls[0]));
                        }
                    } else {
                        $_size = 0;
                    }
                } else {
                    $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('comcode:INVALID_ATTACHMENT')));
                    break;
                }
                if ($urls[0] == '') {
                    require_code('images');
                    require_code('files2');
                    $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('ATTACHMENT_WOULD_NOT_UPLOAD', float_format(get_max_file_size() / 1024 / 1024), float_format(get_max_image_size() / 1024 / 1024))));
                    break;
                }
                $url = $urls[0];
                if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) {
                    $url = get_custom_base_url() . '/' . $url;
                }
                if ($thumb_url == '') {
                    $thumb_url = array_key_exists(1, $urls) ? $urls[1] : '';
                }
                if ($thumb_url != '' && $connection != $GLOBALS['SITE_DB']) {
                    $thumb_url = get_custom_base_url() . '/' . $thumb_url;
                }
                $num_downloads = 0;
                $last_downloaded_time = NULL;
                $add_time = time();
                $member_id = $on_behalf_of_member;
                if (addon_installed('galleries')) {
                    require_code('images');
                    if (is_video($url) && $connection->connection_read == $GLOBALS['SITE_DB']->connection_read) {
                        require_code('transcoding');
                        $url = transcode_video($url, 'attachments', 'a_url', 'a_original_filename', NULL, NULL);
                    }
                }
                $attachment = array('a_member_id' => $member_id, 'a_file_size' => $_size, 'a_url' => $url, 'a_thumb_url' => $thumb_url, 'a_original_filename' => $original_filename, 'a_num_downloads' => $num_downloads, 'a_last_downloaded_time' => $last_downloaded_time, 'a_add_time' => $add_time);
                $attachment['a_description'] = post_param('caption' . $_id, array_key_exists('description', $attributes) ? is_object($attributes['description']) ? '[html]' . $attributes['description']->evaluate() . '[/html]' : $attributes['description'] : '');
                $attach_id = $connection->query_insert('attachments', $attachment, true);
                $attachment['id'] = $attach_id;
                if ($tag == 'attachment2' || $tag == 'attachment_safe' || substr($id, 0, 4) == 'url_') {
                    $connection->query_delete('attachment_refs', array('r_referer_type' => 'null', 'r_referer_id' => '', 'a_id' => $attachment['id']), '', 1);
                    $connection->query_insert('attachment_refs', array('r_referer_type' => 'null', 'r_referer_id' => '', 'a_id' => $attachment['id']));
                }
                // Create and document attachment
                $COMCODE_ATTACHMENTS[$pass_id][] = array('tag_type' => $tag, 'time' => time(), 'type' => substr($id, 0, 4) == 'new_' ? 'new' : 'url', 'attachmenttype' => $attributes['type'], 'description' => $attachment['a_description'], 'id' => intval($attach_id), 'marker' => $marker, 'comcode' => $comcode);
                // Marker will allow us to search back and replace this with the added id
                // Existing attachments
            } else {
                $__id = intval($id);
                // Check we have permission to re-use this
                $owner = $connection->query_value_null_ok('attachments', 'a_member_id', array('id' => $__id));
                if (is_null($owner)) {
                    $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'attachment', escape_html(strval($__id)))));
                    if (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) {
                        require_code('failure');
                        relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'attachment', strval($__id)), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference');
                    }
                    break;
                }
                $_attachment = $connection->query_select('attachments', array('*'), array('id' => $__id), '', 1);
                $attachment = $_attachment[0];
                $already_referenced = array_key_exists($__id, $GLOBALS['ATTACHMENTS_ALREADY_REFERENCED']);
                if ($already_referenced || $as_admin || $source_member === $owner || (has_specific_permission($source_member, 'reuse_others_attachments') || $owner == $source_member) && has_attachment_access($source_member, $__id)) {
                    if (!array_key_exists('type', $attributes)) {
                        $attributes['type'] = 'auto';
                    }
                    $COMCODE_ATTACHMENTS[$pass_id][] = array('tag_type' => $tag, 'time' => $attachment['a_add_time'], 'type' => 'existing', 'id' => $__id, 'attachmenttype' => $attributes['type'], 'marker' => $marker, 'comcode' => $comcode);
                } else {
                    require_lang('permissions');
                    $username = $GLOBALS['FORUM_DRIVER']->get_username($source_member);
                    if (is_null($username)) {
                        $username = do_lang('DELETED');
                    }
                    $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('permissions:ACCESS_DENIED__REUSE_ATTACHMENT', $username)));
                    break;
                    //access_denied('REUSE_ATTACHMENT');
                }
                if ($connection->connection_write != $GLOBALS['SITE_DB']->connection_write) {
                    if (url_is_local($attachment['a_url'])) {
                        $attachment['a_url'] = get_custom_base_url() . '/' . $attachment['a_url'];
                    }
                    if (url_is_local($attachment['a_url'])) {
                        $attachment['a_thumb_url'] = get_custom_base_url() . '/' . $attachment['a_thumb_url'];
                    }
                }
                $attachment['a_description'] = array_key_exists('description', $attributes) ? is_object($attributes['description']) ? '[html]' . $attributes['description']->evaluate() . '[/html]' : $attributes['description'] : $attachment['a_description'];
            }
            // Now, render it
            // ==============
            $temp_tpl = render_attachment($tag, $attributes, $attachment, $pass_id, $source_member, $as_admin, $connection, $highlight_bits, $on_behalf_of_member, $semiparse_mode);
            if (array_key_exists('float', $attributes)) {
                $temp_tpl = do_template('FLOATER', array('_GUID' => '802fe29019be80993296de7cc8b5cc5e', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl));
            }
            break;
        case 'include':
            $codename = $embed->evaluate();
            $zone = $attributes['param'];
            if ($zone == '_SEARCH') {
                $zone = get_comcode_zone($codename);
            }
            if ($zone == '_SELF') {
                $zone = get_zone_name();
            }
            $temp_comcode_parse_title = $COMCODE_PARSE_TITLE;
            $temp = request_page($codename, false, $zone, NULL, true);
            $COMCODE_PARSE_TITLE = $temp_comcode_parse_title;
            if ($temp->is_empty()) {
                $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'include', hyperlink(build_url(array('page' => 'cms_comcode_pages', 'type' => '_ed', 'page_link' => $zone . ':' . $codename), get_module_zone('cms_comcode_pages')), $zone . ':' . $codename, false, true))));
                if (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) {
                    require_code('failure');
                    relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'include', $zone . ':' . $codename), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference');
                }
            } else {
                $temp_tpl = symbol_tempcode('LOAD_PAGE', array($codename, $zone));
            }
            break;
        case 'random':
            unset($attributes['param']);
            if ($wml) {
                $top_attribute = array_pop($attributes);
                $temp_tpl = is_object($top_attribute) ? $top_attribute : comcode_to_tempcode($top_attribute, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
                break;
            }
            $max = $embed->evaluate() == '' ? intval($embed->evaluate()) : 0;
            foreach ($attributes as $num => $val) {
                $_temp = is_object($val) ? $val : comcode_to_tempcode($val, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
                $attributes[$num] = $_temp->evaluate();
                if (intval($num) > $max) {
                    $max = intval($num);
                }
            }
            $_parts = new ocp_tempcode();
            krsort($attributes);
            foreach ($attributes as $num => $val) {
                $_parts->attach(do_template('COMCODE_RANDOM_PART', array('_GUID' => '5fa49a916304f9caa0ddedeb01531142', 'NUM' => strval($num), 'VAL' => $val)));
            }
            $temp_tpl = do_template('COMCODE_RANDOM', array('_GUID' => '9b77aaf593b12c763fb0c367fab415b6', 'UNIQID' => uniqid('', true), 'FULL' => $embed, 'MAX' => strval($max), 'PARTS' => $_parts));
            break;
        case 'jumping':
            unset($attributes['param']);
            if ($wml) {
                $top_attribute = array_pop($attributes);
                $temp_tpl = is_object($top_attribute) ? $top_attribute : comcode_to_tempcode($top_attribute, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
                break;
            }
            $_parts = new ocp_tempcode();
            foreach ($attributes as $val) {
                $_temp = is_object($val) ? $val : comcode_to_tempcode($val, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
                $_parts->attach(do_template('COMCODE_JUMPING_PART', array('_GUID' => 'd163bd11920f39f0cb8ff2f6ba48bc80', 'PART' => $_temp->evaluate())));
            }
            $embed = $embed->evaluate();
            $temp_tpl = do_template('COMCODE_JUMPING', array('_GUID' => '85e9f83ed134868436a7db7692f56047', 'UNIQID' => uniqid('', true), 'FULL' => implode(', ', $attributes), 'TIME' => strval((int) $embed), 'PARTS' => $_parts));
            break;
        case 'shocker':
            if ($wml) {
                $top_attribute = array_pop($attributes);
                $temp_tpl = is_object($top_attribute) ? $top_attribute : comcode_to_tempcode($top_attribute, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
                break;
            }
            $_parts = new ocp_tempcode();
            foreach ($attributes as $key => $val) {
                if (substr($key, 0, 5) == 'left_') {
                    $left = $val;
                    $right = array_key_exists('right_' . substr($key, 5), $attributes) ? $attributes['right_' . substr($key, 5)] : '';
                    $left = is_object($left) ? $left : comcode_to_tempcode($left, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
                    $right = is_object($right) ? $right : comcode_to_tempcode($right, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
                    $_parts->attach(do_template('COMCODE_SHOCKER_PART', array('LEFT' => $left, 'RIGHT' => $right)));
                }
            }
            $min_color = array_key_exists('min', $attributes) ? $attributes['min'] : '0000FF';
            $max_color = array_key_exists('max', $attributes) ? $attributes['max'] : 'FF0044';
            if (substr($min_color, 0, 1) == '#') {
                $min_color = substr($min_color, 1);
            }
            if (substr($max_color, 0, 1) == '#') {
                $max_color = substr($max_color, 1);
            }
            $embed = $embed->evaluate();
            $temp_tpl = do_template('COMCODE_SHOCKER', array('UNIQID' => uniqid('', true), 'MIN_COLOR' => $min_color, 'MAX_COLOR' => $max_color, 'FULL' => implode(', ', $attributes), 'TIME' => strval(intval($embed)), 'PARTS' => $_parts));
            break;
        case 'ticker':
            if ($wml) {
                $temp_tpl = $embed;
                break;
            }
            $width = $attributes['param'];
            if (!is_numeric($width)) {
                $width = '300';
            }
            $fspeed = array_key_exists('speed', $attributes) ? float_to_raw_string(floatval($attributes['speed'])) : '1';
            $temp_tpl = do_template('COMCODE_TICKER', array('_GUID' => 'e48893cda61995261577f0556443c537', 'UNIQID' => uniqid('', true), 'SPEED' => $fspeed, 'WIDTH' => $width, 'TEXT' => $embed));
            break;
        case 'highlight':
            if ($wml) {
                $temp_tpl->attach('<i>');
                $temp_tpl->attach($embed);
                $temp_tpl->attach('</i>');
                break;
            }
            $temp_tpl = do_template('COMCODE_HIGHLIGHT', array('_GUID' => '695d041b6605f06ec2aeee1e82f87185', 'CONTENT' => $embed));
            break;
        case 'size':
            $size = array_key_exists('param', $attributes) ? $attributes['param'] : '1';
            if ($wml) {
                if (floatval($size) >= 1.5) {
                    $temp_tpl->attach('<big>');
                    $temp_tpl->attach($embed);
                    $temp_tpl->attach('</big>');
                } elseif (floatval($size) < 0.8) {
                    $temp_tpl->attach('<small>');
                    $temp_tpl->attach($embed);
                    $temp_tpl->attach('</small>');
                } else {
                    $temp_tpl->attach($embed);
                }
                break;
            }
            if (is_numeric($size)) {
                $size = 'font-size: ' . $size . 'em;';
            } elseif (substr($size, 0, 1) == '+') {
                $size = 'font-size: ' . substr($size, 1) . 'em';
            } elseif (substr($size, -1) == '%') {
                $size = 'font-size: ' . float_to_raw_string(floatval(substr($size, 0, strlen($size) - 1)) / 100.0) . 'em';
            } elseif (substr($size, -2) == 'of') {
                $new_size = '1em';
                switch ($size) {
                    case '1of':
                        $new_size = '8pt';
                        break;
                    case '2of':
                        $new_size = '10pt';
                        break;
                    case '3of':
                        $new_size = '12pt';
                        break;
                    case '4of':
                        $new_size = '14pt';
                        break;
                    case '5of':
                        $new_size = '18pt';
                        break;
                    case '6of':
                        $new_size = '24pt';
                        break;
                    case '7of':
                        $new_size = '36pt';
                        break;
                }
                $size = 'font-size: ' . $new_size;
            } else {
                $size = 'font-size: ' . $size;
            }
            $size_len = strlen($size);
            filter_html($as_admin, $source_member, 0, $size_len, $size, false, false);
            $temp_tpl = do_template('COMCODE_FONT', array('_GUID' => 'fb23fdcb45aabdfeca9f37ed8098948e', 'CONTENT' => $embed, 'SIZE' => $size, 'COLOR' => '', 'FACE' => ''));
            break;
        case 'color':
            if ($wml) {
                $temp_tpl = $embed;
                break;
            }
            $color = array_key_exists('param', $attributes) ? 'color: ' . $attributes['param'] . ';' : '';
            $temp_tpl = do_template('COMCODE_FONT', array('_GUID' => 'bd146414c9239ba2076f4b683df437d7', 'CONTENT' => $embed, 'SIZE' => '', 'COLOR' => $color, 'FACE' => ''));
            $color_len = strlen($color);
            filter_html($as_admin, $source_member, 0, $color_len, $color, false, false);
            break;
        case 'tt':
            if ($wml) {
                $temp_tpl->attach('<i>');
                $temp_tpl->attach($embed);
                $temp_tpl->attach('</i>');
                break;
            }
            $temp_tpl = do_template('COMCODE_TELETYPE', array('CONTENT' => $embed));
            break;
        case 'samp':
            if ($wml) {
                $temp_tpl->attach('<i>');
                $temp_tpl->attach($embed);
                $temp_tpl->attach('</i>');
                break;
            }
            $temp_tpl = do_template('COMCODE_SAMP', array('CONTENT' => $embed));
            break;
        case 'q':
            if ($wml) {
                $temp_tpl->attach('<i>');
                $temp_tpl->attach($embed);
                $temp_tpl->attach('</i>');
                break;
            }
            $temp_tpl = do_template('COMCODE_Q', array('CONTENT' => $embed));
            break;
        case 'var':
            if ($wml) {
                $temp_tpl->attach('<i>');
                $temp_tpl->attach($embed);
                $temp_tpl->attach('</i>');
                break;
            }
            $temp_tpl = do_template('COMCODE_VAR', array('CONTENT' => $embed));
            break;
        case 'font':
            $face = $attributes['param'];
            if ($face == '' && array_key_exists('face', $attributes)) {
                $face = $attributes['face'];
            }
            $color = array_key_exists('color', $attributes) ? $attributes['color'] : '';
            $size = array_key_exists('size', $attributes) ? $attributes['size'] : '';
            if ($face == '/') {
                $face = '';
            }
            if ($color == '/') {
                $color = '';
            }
            if ($size == '/') {
                $size = '';
            }
            if ($wml) {
                $before = '';
                $after = '';
                if ($size != '') {
                    if (floatval($size) >= 1.5) {
                        $before = '<big>';
                        $after = '</big>';
                    } elseif (floatval($size) < 0.8) {
                        $before = '<small>';
                        $after = '</small>';
                    }
                }
                $temp_tpl->attach($before);
                $temp_tpl->attach($embed);
                $temp_tpl->attach($after);
                break;
            }
            if ($color != '') {
                $color = 'color: ' . $color . ';';
            }
            if ($size != '') {
                if (is_numeric($size)) {
                    $size = 'font-size: ' . $size . 'em;';
                } elseif (substr($size, 0, 1) == '+') {
                    $size = 'font-size: ' . substr($size, 1) . 'em';
                } elseif (substr($size, -1) == '%') {
                    $size = 'font-size: ' . float_to_raw_string(floatval(substr($size, 0, strlen($size) - 1)) / 100.0) . 'em';
                } elseif (substr($size, -2) == 'of') {
                    $new_size = '1em';
                    switch ($size) {
                        case '1of':
                            $new_size = '8pt';
                            break;
                        case '2of':
                            $new_size = '10pt';
                            break;
                        case '3of':
                            $new_size = '12pt';
                            break;
                        case '4of':
                            $new_size = '14pt';
                            break;
                        case '5of':
                            $new_size = '18pt';
                            break;
                        case '6of':
                            $new_size = '24pt';
                            break;
                        case '7of':
                            $new_size = '36pt';
                            break;
                    }
                    $size = 'font-size: ' . $new_size;
                } else {
                    $size = 'font-size: ' . $size;
                }
            }
            if ($face != '') {
                $face = 'font-family: ' . str_replace('\'', '', $face) . ';';
            }
            $size_len = strlen($size);
            filter_html($as_admin, $source_member, 0, $size_len, $size, false, false);
            $color_len = strlen($color);
            filter_html($as_admin, $source_member, 0, $color_len, $color, false, false);
            $face_len = strlen($face);
            filter_html($as_admin, $source_member, 0, $face_len, $face, false, false);
            $temp_tpl = do_template('COMCODE_FONT', array('_GUID' => 'f5fcafe737b8fdf466a6a51773e09c9b', 'CONTENT' => $embed, 'SIZE' => $size, 'COLOR' => $color, 'FACE' => $face));
            break;
        case 'box':
            if ($wml) {
                $temp_tpl->attach('<br /><p>');
                if ($attributes['param'] != '') {
                    $temp_tpl->attach('<big>');
                    $temp_tpl->attach($attributes['param']);
                    $temp_tpl->attach('</big><br /><br />');
                }
                $temp_tpl->attach($embed);
                $temp_tpl->attach('</p></br />');
                break;
            }
            // Legacy parameter. There used to be 'place' and 'nowrap' and 'class', but these are now gone.
            $breadth = array_key_exists('breadth', $attributes) ? $attributes['breadth'] : '100%';
            if ($breadth == 'WIDE') {
                $breadth = '100%';
            }
            if ($breadth == 'WIDE_HIGH') {
                $breadth = '100%';
            }
            if ($breadth == 'THIN') {
                $breadth = 'auto';
            }
            // The new versions
            $dimensions = array_key_exists('dimensions', $attributes) ? comcode_to_tempcode($attributes['dimensions'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member) : make_string_tempcode($breadth);
            $type = array_key_exists('type', $attributes) ? $attributes['type'] : '';
            $options = array_key_exists('options', $attributes) ? $attributes['options'] : '';
            $meta = $comcode_dangerous && array_key_exists('meta', $attributes) ? $attributes['meta'] : '';
            //Insecure, unneeded here
            $links = $comcode_dangerous && array_key_exists('links', $attributes) ? $attributes['links'] : '';
            //Insecure, unneeded here
            $converted = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
            $temp_tpl = directive_tempcode('BOX', $embed, array($converted, $dimensions, make_string_tempcode($type), make_string_tempcode($options), make_string_tempcode($meta), make_string_tempcode($links)));
            if (array_key_exists('float', $attributes)) {
                $temp_tpl = do_template('FLOATER', array('_GUID' => '54e8fc9ec1e16cfc5c8824e22f1e8745', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl));
            }
            break;
        case 'concept':
            if ($wml) {
                $temp_tpl = $embed;
                break;
            }
            if (!array_key_exists('param', $attributes) || $attributes['param'] == '') {
                $key = $embed->evaluate();
                $temp_tpl = symbol_tempcode('DISPLAY_CONCEPT', array($key));
            } else {
                $temp_tpl = do_template('COMCODE_CONCEPT_INLINE', array('_GUID' => '381a59de4d6f8967446c12bf4641a9ce', 'TEXT' => $embed, 'FULL' => $attributes['param']));
            }
            break;
        case 'concepts':
            if ($wml) {
                break;
            }
            $title = $embed->evaluate();
            $concepts = new ocp_tempcode();
            foreach ($attributes as $_key => $_value) {
                if (substr($_key, -4) == '_key') {
                    $key = $_value;
                    $cid = substr($_key, 0, strlen($_key) - 4);
                    $to_parse = array_key_exists($cid . '_value', $attributes) ? $attributes[$cid . '_value'] : new ocp_tempcode();
                    $value = is_object($to_parse) ? $to_parse : comcode_to_tempcode($to_parse, $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
                    $concepts->attach(do_template('COMCODE_CONCEPTS_CONCEPT', array('_GUID' => '4baf6dabc32146c594c7fd922791b6b2', 'A' => 'concept___' . preg_replace('#[^\\w]#', '_', $key), 'KEY' => $key, 'VALUE' => $value)));
                }
            }
            $temp_tpl = do_template('COMCODE_CONCEPTS', array('_GUID' => '4c7a1d70753dc1d209b9951aa10f361a', 'TITLE' => $title, 'CONCEPTS' => $concepts));
            break;
        case 'exp_ref':
            if ($wml) {
                break;
            }
            $_embed = $embed->evaluate();
            if (strpos($_embed, '.') !== false) {
                break;
            }
            $stub = get_file_base() . '/data_custom/images/' . get_zone_name() . '/';
            $stub2 = get_base_url() . '/data_custom/images/' . get_zone_name() . '/';
            if (!file_exists($stub)) {
                $stub = get_file_base() . '/data/images/' . get_zone_name() . '/';
                $stub2 = get_base_url() . '/data/images/' . get_zone_name() . '/';
            }
            if (!file_exists($stub)) {
                $stub = get_file_base() . '/data_custom/images/';
                $stub2 = get_base_url() . '/data_custom/images/';
            }
            if (!file_exists($stub)) {
                $stub = get_file_base() . '/data/images/';
                $stub2 = get_base_url() . '/data/images/';
            }
            if (substr($_embed, 0, 1) == '/') {
                $_embed = substr($_embed, 1);
            }
            if (file_exists($stub . $_embed . '.png')) {
                $url = $stub2 . $_embed . '.png';
            } elseif (file_exists($stub . $_embed . '.gif')) {
                $url = $stub2 . $_embed . '.gif';
            } elseif (file_exists($stub . $_embed . '.jpg')) {
                $url = $stub2 . $_embed . '.jpg';
            } elseif (file_exists($stub . $_embed . '.jpeg')) {
                $url = $stub2 . $_embed . '.jpeg';
            } else {
                $stub = get_file_base() . '/data/images/docs/';
                $stub2 = get_base_url() . '/data/images/docs/';
                if (substr($_embed, 0, 1) == '/') {
                    $_embed = substr($_embed, 1);
                }
                if (file_exists($stub . $_embed . '.png')) {
                    $url = $stub2 . $_embed . '.png';
                } elseif (file_exists($stub . $_embed . '.gif')) {
                    $url = $stub2 . $_embed . '.gif';
                } elseif (file_exists($stub . $_embed . '.jpg')) {
                    $url = $stub2 . $_embed . '.jpg';
                } elseif (file_exists($stub . $_embed . '.jpeg')) {
                    $url = $stub2 . $_embed . '.jpeg';
                } else {
                    $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'exp_ref', escape_html($_embed))));
                    if (array_key_exists('COMCODE_BROKEN_URLS', $GLOBALS)) {
                        $GLOBALS['COMCODE_BROKEN_URLS'][] = array($_embed, NULL);
                    } elseif (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) {
                        require_code('failure');
                        relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'exp_ref', $_embed), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference');
                    }
                    break;
                }
            }
            $text = make_string_tempcode($attributes['param']);
            if ($text->is_empty()) {
                $text = do_lang_tempcode('EXAMPLE');
            }
            $temp_tpl = do_template('COMCODE_EXP_REF', array('_GUID' => '89e7f528e72096e3458d6acb70734d0b', 'TEXT' => $text, 'URL' => $url));
            break;
        case 'exp_thumb':
            if ($wml) {
                break;
            }
            $_embed = $embed->evaluate();
            if (strpos($_embed, '.') !== false) {
                break;
            }
            $stub = get_file_base() . '/data/images/' . get_zone_name() . '/';
            $stub2 = get_base_url() . '/data/images/' . get_zone_name() . '/';
            if (substr($_embed, 0, 1) == '/') {
                $_embed = substr($_embed, 1);
            }
            if (file_exists($stub . $_embed . '.png')) {
                $url_full = $stub2 . $_embed . '.png';
            } elseif (file_exists($stub . $_embed . '.gif')) {
                $url_full = $stub2 . $_embed . '.gif';
            } elseif (file_exists($stub . $_embed . '.jpg')) {
                $url_full = $stub2 . $_embed . '.jpg';
            } elseif (file_exists($stub . $_embed . '.jpeg')) {
                $url_full = $stub2 . $_embed . '.jpeg';
            } else {
                $stub = get_file_base() . '/data/images/docs/';
                $stub2 = get_base_url() . '/data/images/docs/';
                if (substr($_embed, 0, 1) == '/') {
                    $_embed = substr($_embed, 1);
                }
                if (file_exists($stub . $_embed . '.png')) {
                    $url_full = $stub2 . $_embed . '.png';
                } elseif (file_exists($stub . $_embed . '.gif')) {
                    $url_full = $stub2 . $_embed . '.gif';
                } elseif (file_exists($stub . $_embed . '.jpg')) {
                    $url_full = $stub2 . $_embed . '.jpg';
                } elseif (file_exists($stub . $_embed . '.jpeg')) {
                    $url_full = $stub2 . $_embed . '.jpeg';
                } else {
                    $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('MISSING_RESOURCE_COMCODE', 'exp_thumb', escape_html($_embed))));
                    if (array_key_exists('COMCODE_BROKEN_URLS', $GLOBALS)) {
                        $GLOBALS['COMCODE_BROKEN_URLS'][] = $_embed;
                    } elseif (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) {
                        require_code('failure');
                        relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'exp_thumb', $_embed), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference');
                    }
                    break;
                }
            }
            $float = array_key_exists('float', $attributes) ? $attributes['float'] : 'right';
            $text = $attributes['param'];
            if (get_option('is_on_gd') == '0' || !function_exists('imagetypes')) {
                $url_thumb = $url_full;
            } else {
                $new_name = $_embed . '_thumb.png';
                $file_thumb = $stub . $new_name;
                if (file_exists($file_thumb)) {
                    $url_thumb = $stub2 . rawurlencode($new_name);
                } else {
                    $new_name = $_embed . '.png';
                    $file_thumb = get_custom_file_base() . '/uploads/auto_thumbs/' . $new_name;
                    if (!file_exists($file_thumb)) {
                        require_code('images');
                        convert_image($url_full, $file_thumb, -1, -1, 150, false);
                    }
                    $url_thumb = get_custom_base_url() . '/uploads/auto_thumbs/' . rawurlencode($new_name);
                }
            }
            if (get_param_integer('wide_print', 0) == 1) {
                $temp_tpl = do_template('COMCODE_EXP_THUMB_PRINT', array('_GUID' => 'de7f8a7fa29c2335f381a0beb3da9406', 'FLOAT' => $float, 'TEXT' => $text, 'URL_THUMB' => $url_thumb, 'URL_FULL' => $url_full));
            } else {
                $temp_tpl = do_template('COMCODE_EXP_THUMB', array('_GUID' => 'ce7f8a7fa29c2335f381a0beb3da9406', 'FLOAT' => $float, 'TEXT' => $text, 'URL_THUMB' => $url_thumb, 'URL_FULL' => $url_full));
            }
            break;
        case 'thumb':
            if ($wml) {
                break;
            }
            $_embed = $embed->evaluate();
            $_embed = remove_url_mistakes($_embed);
            $_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin);
            if (substr($_embed, 0, 1) == '/') {
                $_embed = substr($_embed, 1);
            }
            if (url_is_local($_embed)) {
                if (file_exists(get_file_base() . '/' . $_embed) && !file_exists(get_custom_file_base() . '/' . $_embed)) {
                    $url_full = get_base_url() . '/' . $_embed;
                } else {
                    $url_full = get_custom_base_url() . '/' . $_embed;
                }
            } else {
                $url_full = $_embed;
            }
            $align = array_key_exists('align', $attributes) ? $attributes['align'] : 'bottom';
            if (get_option('is_on_gd') == '0' || !function_exists('imagetypes') || !has_specific_permission($source_member, 'draw_to_server') && !$as_admin) {
                $url_thumb = $url_full;
            } else {
                if ($attributes['param'] != '') {
                    $url_thumb = url_is_local($attributes['param']) ? get_custom_base_url() . '/' . $attributes['param'] : $attributes['param'];
                }
                if ($attributes['param'] == '' || url_is_local($attributes['param']) && !file_exists(get_custom_file_base() . '/' . rawurldecode($attributes['param']))) {
                    $new_name = url_to_filename($url_full);
                    require_code('images');
                    if (!is_saveable_image($new_name)) {
                        $new_name .= '.png';
                    }
                    if (is_null($new_name)) {
                        $temp_tpl = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode('URL_THUMB_TOO_LONG')));
                        break;
                    }
                    $file_thumb = get_custom_file_base() . '/uploads/auto_thumbs/' . $new_name;
                    if (!file_exists($file_thumb) && strpos($file_thumb, '{$') === false) {
                        convert_image($url_full, $file_thumb, -1, -1, intval(get_option('thumb_width')), false);
                    }
                    $url_thumb = get_custom_base_url() . '/uploads/auto_thumbs/' . rawurlencode($new_name);
                }
            }
            $caption = array_key_exists('caption', $attributes) ? $attributes['caption'] : '';
            $temp_tpl = do_template('COMCODE_THUMB', array('_GUID' => '1b0d25f72ef5f816091269e29c586d60', 'CAPTION' => $caption, 'RAND' => strval(mt_rand(0, 32000)), 'ALIGN' => $align, 'PASS_ID' => intval($pass_id) < 0 ? strval(mt_rand(0, 10000)) : $pass_id, 'URL_THUMB' => $url_thumb, 'URL_FULL' => $url_full));
            if (array_key_exists('float', $attributes)) {
                $temp_tpl = do_template('FLOATER', array('_GUID' => 'cbc56770714a44f56676f43da282cc7a', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl));
            }
            break;
        case 'img':
            if ($wml) {
                break;
            }
            if ($semiparse_mode && array_key_exists('rollover', $attributes)) {
                $temp_tpl = make_string_tempcode('[img' . reinsert_parameters($attributes) . ']' . $embed->evaluate() . '[/img]');
                break;
            }
            $_embed = $embed->evaluate();
            $given_url = $_embed;
            $_embed = remove_url_mistakes($_embed);
            if (substr($_embed, 0, 1) == '/') {
                $_embed = substr($_embed, 1);
            }
            $_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin);
            if (url_is_local($_embed)) {
                if (file_exists(get_file_base() . '/' . $_embed) && !file_exists(get_custom_file_base() . '/' . $_embed)) {
                    $url_full = get_base_url() . '/' . $_embed;
                } else {
                    $url_full = get_custom_base_url() . '/' . $_embed;
                }
            } else {
                $url_full = $_embed;
            }
            $temp_tpl = test_url($url_full, 'img', @html_entity_decode($given_url, ENT_QUOTES, get_charset()), $source_member);
            $align = array_key_exists('align', $attributes) ? $attributes['align'] : '';
            $caption = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
            if (array_key_exists('title', $attributes)) {
                $tooltip = is_object($attributes['title']) ? $attributes['title'] : comcode_to_tempcode($attributes['title'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
            } else {
                $tooltip = $caption;
            }
            $rollover = array_key_exists('rollover', $attributes) ? $attributes['rollover'] : NULL;
            if (!is_null($rollover) && url_is_local($rollover)) {
                if (file_exists(get_file_base() . '/' . $rollover) && !file_exists(get_custom_file_base() . '/' . $rollover)) {
                    $rollover = get_base_url() . '/' . $rollover;
                } else {
                    $rollover = get_custom_base_url() . '/' . $rollover;
                }
            }
            $refresh_time = array_key_exists('refresh_time', $attributes) ? strval(intval($attributes['refresh_time'])) : '0';
            $temp_tpl->attach(do_template('COMCODE_IMG', array('_GUID' => '70166d8dbb0aff064b99c0dd30ed77a8', 'RAND' => uniqid('', true), 'REFRESH_TIME' => $refresh_time, 'ROLLOVER' => $rollover, 'ALIGN' => $align, 'URL' => $url_full, 'TOOLTIP' => $tooltip, 'CAPTION' => $caption)));
            if (array_key_exists('float', $attributes)) {
                $temp_tpl = do_template('FLOATER', array('_GUID' => '918162250c80e10212efd9a051545b9b', 'FLOAT' => $attributes['float'], 'CONTENT' => $temp_tpl));
            }
            break;
        case 'flash':
            if ($wml) {
                break;
            }
            $_embed = $embed->evaluate();
            $given_url = $_embed;
            $_embed = remove_url_mistakes($_embed);
            if (substr($_embed, 0, 1) == '/') {
                $_embed = substr($_embed, 1);
            }
            $_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin);
            $url_full = url_is_local($_embed) ? get_custom_base_url() . '/' . $_embed : $_embed;
            $temp_tpl = test_url($url_full, 'flash', @html_entity_decode($given_url, ENT_QUOTES, get_charset()), $source_member);
            if ($attributes['param'] == '' || strpos($attributes['param'], 'x') === false) {
                if (!array_key_exists('width', $attributes)) {
                    $attributes['width'] = '300';
                }
                if (!array_key_exists('height', $attributes)) {
                    $attributes['height'] = '300';
                }
                $attributes['param'] = $attributes['width'] . 'x' . $attributes['height'];
            }
            list($width, $height) = explode('x', $attributes['param'], 2);
            if (addon_installed('jwplayer') && (substr($url_full, -4) == '.flv' || substr($url_full, -4) == '.mp4' || substr($url_full, -4) == '.mp3' || substr($url_full, -4) == '.webm')) {
                $temp_tpl->attach(do_template('COMCODE_FLV', array('_GUID' => '4746684d9e098709cc6671e1b00ce47e', 'URL' => $url_full, 'WIDTH' => $width, 'HEIGHT' => $height)));
            } else {
                $temp_tpl->attach(do_template('COMCODE_SWF', array('_GUID' => '8bc61ad75977a5a85eff96454af31fe8', 'URL' => $url_full, 'WIDTH' => $width, 'HEIGHT' => $height)));
            }
            break;
        case 'url':
            // Make them both HTML strings
            $url = $embed->evaluate();
            if (is_object($attributes['param'])) {
                $switch_over = true;
                // We know if must be Comcode XML
                $attributes['param'] = $attributes['param']->evaluate();
            } else {
                $switch_over = !looks_like_url($url) && looks_like_url($attributes['param'], true);
                if (strpos($attributes['param'], '[') !== false || strpos($attributes['param'], '{') !== false) {
                    $param_temp = comcode_to_tempcode(escape_html($attributes['param']), $source_member, $as_admin, 60, NULL, $connection, false, false, true, false, false, $highlight_bits, $on_behalf_of_member);
                    global $ADVERTISING_BANNERS;
                    $temp_ab = $ADVERTISING_BANNERS;
                    $ADVERTISING_BANNERS = array();
                    $caption = $param_temp;
                    $ADVERTISING_BANNERS = $temp_ab;
                } else {
                    $caption = make_string_tempcode(escape_html($attributes['param']));
                    // Consistency of escaping
                }
            }
            // Do we need to switch around?
            if ($switch_over) {
                $url = $attributes['param'];
                $caption = $embed;
            }
            // If we weren't given a caption, use the URL, but crop if necessary
            if ($caption->evaluate() == '') {
                $_caption = $url;
                // Shorten the URL if it is too long
                $max_link_length = 50;
                if (strlen($_caption) > $max_link_length) {
                    $_caption = escape_html(substr(@html_entity_decode($_caption, ENT_QUOTES, get_charset()), 0, intval($max_link_length / 2 - 3))) . '&hellip;' . escape_html(substr(@html_entity_decode($_caption, ENT_QUOTES, get_charset()), intval(-$max_link_length / 2)));
                }
                $caption = make_string_tempcode($_caption);
            }
            // Tidy up the URL now
            $url = @html_entity_decode($url, ENT_QUOTES, get_charset());
            $url = fixup_protocolless_urls($url);
            // Integrity and security
            $url = check_naughty_javascript_url($source_member, $url, $as_admin);
            // More URL tidying
            $local = url_is_local($url) || strpos($url, get_domain()) !== false;
            $given_url = $url;
            if ($url != '' && $url[0] != '#') {
                if (substr($url, 0, 1) == '/') {
                    $url = substr($url, 1);
                }
                $url_full = url_is_local($url) ? get_base_url() . '/' . $url : $url;
                if ($GLOBALS['XSS_DETECT']) {
                    ocp_mark_as_escaped($url_full);
                }
            } else {
                $url_full = $url;
            }
            $striped_base_url = str_replace('www.', '', str_replace('http://', '', get_base_url()));
            if ($striped_base_url != '' && substr($url, 0, 1) != '%' && strpos($url_full, $striped_base_url) === false) {
                $temp_tpl = test_url($url_full, 'url', $given_url, $source_member);
            }
            // Render
            if (!array_key_exists('target', $attributes)) {
                $attributes['target'] = $local ? '_top' : '_blank';
            }
            if ($attributes['target'] == 'blank') {
                $attributes['target'] = '_blank';
            }
            $rel = $as_admin || has_specific_permission($source_member, 'search_engine_links') ? '' : 'nofollow';
            if ($attributes['target'] == '_blank') {
                $title = (is_object($caption) ? static_evaluate_tempcode($caption) : $caption) . ' ' . do_lang('LINK_NEW_WINDOW');
            } else {
                $title = '';
            }
            $temp_tpl->attach(do_template('COMCODE_URL', array('_GUID' => 'd1657530e6d3d57e6a4791fb3bfa0dd7', 'TITLE' => $title, 'REL' => $rel, 'TARGET' => $attributes['target'], 'URL' => $url_full, 'CAPTION' => $caption)));
            break;
        case 'email':
            $_embed = $embed->evaluate();
            require_code('type_validation');
            require_code('obfuscate');
            // If we need to switch
            if (is_object($attributes['param']) || !is_valid_email_address($_embed) && is_valid_email_address($attributes['param'])) {
                $temp = $embed;
                // Is tempcode
                $_embed = $attributes['param'];
                $attributes['param'] = $temp;
            } else {
                $attributes['param'] = comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
                // Becomes tempcode
            }
            if ($attributes['param']->is_empty()) {
                $attributes['param'] = obfuscate_email_address($_embed);
            }
            $subject = array_key_exists('subject', $attributes) ? $attributes['subject'] : '';
            $body = array_key_exists('body', $attributes) ? $attributes['body'] : '';
            $title = '';
            if (array_key_exists('title', $attributes)) {
                $title = $attributes['title'];
            }
            $temp_tpl = do_template('COMCODE_EMAIL', array('_GUID' => '5f6ade8fe07701b6858575153d78f4e9', 'TITLE' => $title, 'ADDRESS' => obfuscate_email_address($_embed), 'SUBJECT' => $subject, 'BODY' => $body, 'CAPTION' => $attributes['param']));
            break;
        case 'reference':
            if ($wml) {
                break;
            }
            if (array_key_exists('type', $attributes) && $attributes['type'] == 'url') {
                $_embed = $embed->evaluate();
                $_embed = check_naughty_javascript_url($source_member, $_embed, $as_admin);
                if (!array_key_exists('title', $attributes)) {
                    $attributes['title'] = $attributes['param'];
                }
                if (is_object($attributes['title']) || $attributes['title'] != '') {
                    $_title = is_object($attributes['title']) ? make_string_tempcode(escape_html($attributes['title'])) : comcode_to_tempcode($attributes['title'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
                    $title = $_title->evaluate();
                } else {
                    $title = $_embed;
                }
                $embed = hyperlink($_embed, $title, true);
            }
            $temp_tpl = do_template('COMCODE_REFERENCE', array_merge($attributes, array('SOURCE' => $embed)));
            break;
        case 'upload':
            // This points to a file path, not a URL
            $_embed = $embed->evaluate();
            $type = array_key_exists('type', $attributes) ? $attributes['type'] : 'downloads';
            if (is_object($attributes['param']) || $attributes['param'] != '') {
                $_caption = is_object($attributes['param']) ? make_string_tempcode(escape_html($attributes['param'])) : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
                $__caption = $_caption->evaluate();
            } else {
                $__caption = $_embed;
            }
            $url = get_custom_base_url() . '/' . $type . '/' . rawurlencode($_embed);
            $url = check_naughty_javascript_url($source_member, $url, $as_admin);
            $temp_tpl = test_url($url, 'upload', $_embed, $source_member);
            $temp_tpl->attach(hyperlink($url, $__caption));
            break;
        case 'page':
            $ignore_if_hidden = array_key_exists('ignore_if_hidden', $attributes) && $attributes['ignore_if_hidden'] == '1';
            unset($attributes['ignore_if_hidden']);
            // Two sets of parameters: simple style and complex style; both are completely incompatible
            $hash = '';
            if ($attributes == array('param' => '')) {
                $zone = '_SEARCH';
                $caption = $embed;
                $attributes = array('page' => $caption->evaluate());
            } elseif (array_keys($attributes) == array('param')) {
                $caption = $embed;
                if ($wml) {
                    $temp_tpl = $embed;
                    break;
                } else {
                    if (strpos($attributes['param'], ':') !== false) {
                        global $OVERRIDE_SELF_ZONE;
                        $page_link = $attributes['param'];
                        list($zone, $attributes, $hash) = page_link_decode($page_link);
                        if (!array_key_exists('page', $attributes)) {
                            $attributes['page'] = '';
                        }
                        if ($zone == '_SELF' && !is_null($OVERRIDE_SELF_ZONE)) {
                            $zone = $OVERRIDE_SELF_ZONE;
                        }
                    } else {
                        $zone = '_SEARCH';
                        // Changed in v3 from '_SELF', to allow context-sensitivity
                        $attributes = array_merge(array('page' => $attributes['param']), $attributes);
                    }
                }
            } else {
                $caption = array_key_exists('caption', $attributes) ? comcode_to_tempcode($attributes['caption'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member) : $embed;
                if ($wml) {
                    $temp_tpl = $caption;
                    break;
                } else {
                    $zone = $param_given ? $attributes['param'] : '_SEARCH';
                    // Changed in v3 from '_SELF', to allow context-sensitivity
                    unset($attributes['caption']);
                    if (!array_key_exists('page', $attributes)) {
                        $attributes = array_merge(array('page' => $embed->evaluate()), $attributes);
                    }
                }
            }
            unset($attributes['param']);
            foreach ($attributes as $key => $val) {
                if (is_object($val)) {
                    $attributes[$key] = $val->evaluate();
                }
            }
            if ($zone == '_SEARCH') {
                $zone = get_page_zone($attributes['page'], false);
                if (is_null($zone)) {
                    $zone = '';
                }
            }
            $pl_url = build_url($attributes, $zone, NULL, false, false, false, $hash);
            $temp_tpl = hyperlink($pl_url, $caption);
            $page = $attributes['page'];
            if ($page != '') {
                if ($zone == '_SELF') {
                    $zone = get_zone_name();
                }
                if ($zone == '_SEARCH') {
                    $zone = get_page_zone($page, false);
                    if (is_null($zone)) {
                        $zone = '';
                    }
                    // Oh dear, well it will be correctly identified as not found anyway
                }
                $ptest = _request_page($page, $zone);
                if ($ptest !== false) {
                    if ($page == 'topicview' && array_key_exists('id', $attributes)) {
                        if (!is_numeric($attributes['id'])) {
                            $attributes['id'] = $GLOBALS['SITE_DB']->query_value_null_ok('url_id_monikers', 'm_resource_id', array('m_resource_page' => $page, 'm_moniker' => $attributes['id']));
                        }
                        if (!is_null($attributes['id'])) {
                            $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_topics', 'id', array('id' => $attributes['id']));
                            if (is_null($test)) {
                                $ptest = false;
                            }
                        } else {
                            $ptest = false;
                        }
                    }
                }
                if ($ptest === false) {
                    //$temp_tpl->attach(' ['.do_lang('MISSING_RESOURCE').']');  // Don't want this as we might be making the page immediately
                    if (!in_array(get_page_name(), $GLOBALS['DONT_CARE_MISSING_PAGES']) && !in_array($page, $GLOBALS['DONT_CARE_MISSING_PAGES']) && !running_script('iframe')) {
                        if ($ignore_if_hidden) {
                            $temp_tpl = do_template('COMCODE_DEL', array('CONTENT' => $caption));
                        } else {
                            require_code('failure');
                            relay_error_notification(do_lang('MISSING_RESOURCE_COMCODE', 'page_link', $page_link), false, $GLOBALS['FORUM_DRIVER']->is_staff($source_member) ? 'error_occurred_missing_reference_important' : 'error_occurred_missing_reference');
                        }
                    }
                }
            }
            break;
        case 'hide':
            if ($wml) {
                $temp_tpl = $embed;
                break;
            }
            if (array_key_exists('param', $attributes)) {
                $text = is_object($attributes['param']) ? $attributes['param'] : comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member);
            } else {
                $text = do_lang_tempcode('EXPAND');
            }
            $temp_tpl = do_template('COMCODE_HIDE', array('_GUID' => 'a591a0d1e6bb3dde0f22cebb9c7ab93e', 'TEXT' => $text, 'CONTENT' => $embed));
            break;
        case 'quote':
            if ($wml) {
                $temp_tpl->attach('<br /><br />' . $attributes['param'] . ':');
                $temp_tpl->attach($embed);
                break;
            }
            $cite = array_key_exists('cite', $attributes) ? $attributes['cite'] : NULL;
            if (!is_null($cite)) {
                $temp_tpl = test_url($cite, 'quote', $cite, $source_member);
            }
            if ($attributes['param'] == '' && isset($attributes['author'])) {
                $attributes['param'] = $attributes['author'];
            }
            // Compatibility with SMF
            if ($attributes['param'] != '') {
                if (is_numeric($attributes['param'])) {
                    $attributes['param'] = $GLOBALS['FORUM_DRIVER']->get_username($attributes['param']);
                    if (is_null($attributes['param'])) {
                        $attributes['param'] = do_lang('UNKNOWN');
                    }
                } else {
                    $attributes['param'] = protect_from_escaping(comcode_to_tempcode($attributes['param'], $source_member, $as_admin, 60, NULL, $connection, false, false, false, false, false, $highlight_bits, $on_behalf_of_member));
                }
                $temp_tpl->attach(do_template('COMCODE_QUOTE_BY', array('_GUID' => '18f55a548892ad08b0b50b3b586b5b95', 'CITE' => $cite, 'CONTENT' => $embed, 'BY' => $attributes['param'], 'SAIDLESS' => array_key_exists('saidless', $attributes) ? $attributes['saidless'] : '0')));
            } else {
                $temp_tpl->attach(do_template('COMCODE_QUOTE', array('_GUID' => 'fa275de59433c17da19b22814c17fdc5', 'CITE' => $cite, 'CONTENT' => $embed)));
            }
            break;
        case 'html':
            if ($wml) {
                break;
            }
            $temp_tpl = $embed;
            // Plain HTML. But it's been filtered already
            break;
        case 'semihtml':
            $temp_tpl = $embed;
            // Hybrid HTML. But it's been filtered already
            break;
        case 'block':
            if ($wml) {
                break;
            }
            $attributes['block'] = trim($embed->evaluate());
            if (preg_match('#^[\\w\\-]*$#', $attributes['block']) == 0) {
                $temp_tpl = paragraph(do_lang_tempcode('MISSING_BLOCK_FILE', escape_html($attributes['block'])), '90dfdlksds8d7dyddssddxs', 'error_marker');
                break;
                // Avoids a suspected hack attempt by just filtering early
            }
            $_attributes = array();
            foreach ($attributes as $key => $val) {
                $_attributes[] = $key . '=' . $val;
            }
            $temp_tpl = symbol_tempcode('BLOCK', $_attributes);
            break;
        case 'contents':
            if ($wml) {
                break;
            }
            // Do structure sweep
            $urls_for = array();
            $old_structure_list = $STRUCTURE_LIST;
            $STRUCTURE_LIST = array();
            // reset for e.g. comcode_text_to_tempcode calls (which don't itself reset it, although _comcode_to_tempcode does for top level parses)
            if (array_key_exists('files', $attributes) && $comcode_dangerous) {
                $s_zone = array_key_exists('zone', $attributes) ? $attributes['zone'] : get_zone_name();
                $pages = find_all_pages($s_zone, 'comcode_custom/' . get_site_default_lang(), 'txt') + find_all_pages($s_zone, 'comcode/' . get_site_default_lang(), 'txt');
                $prefix = $attributes['files'];
                foreach ($pages as $pg_name => $pg_type) {
                    if (substr($pg_name, 0, strlen($prefix)) == $prefix) {
                        $i = count($STRUCTURE_LIST);
                        comcode_to_tempcode(file_get_contents(zone_black_magic_filterer(get_file_base() . '/' . $s_zone . '/pages/' . $pg_type . '/' . $pg_name . '.txt'), FILE_TEXT), $source_member, $as_admin, 60, NULL, $connection, false, false, false, true, false, NULL, $on_behalf_of_member);
                        $page_url = build_url(array('page' => $pg_name), $s_zone);
                        while (array_key_exists($i, $STRUCTURE_LIST)) {
                            $urls_for[] = $page_url;
                            $i++;
                        }
                    }
                }
                $base = array_key_exists('base', $attributes) ? intval($attributes['base']) : 1;
            } else {
                if (substr($comcode, 0, 8) == '<comcode') {
                    require_code('comcode_xml');
                    if (!$as_admin) {
                        check_specific_permission('comcode_dangerous', NULL, $source_member);
                    }
                    $_ = new comcode_xml_to_tempcode($comcode, $source_member, 60, NULL, $connection, false, false, false, true, false, $on_behalf_of_member);
                } else {
                    require_code('comcode_text');
                    comcode_text_to_tempcode($comcode, $source_member, $as_admin, 60, NULL, $connection, false, false, false, true, false, NULL, $on_behalf_of_member);
                }
                $base = array_key_exists('base', $attributes) ? intval($attributes['base']) : 1;
            }
            $list_types = $embed->evaluate() == '' ? array() : explode(',', $embed->evaluate());
            $list_types += array('decimal', 'lower-alpha', 'lower-roman', 'upper-alpha', 'upper-roman', 'disc');
            $levels_allowed = array_key_exists('levels', $attributes) ? intval($attributes['levels']) : NULL;
            // Convert the list structure into a tree structure
            $past_level_stack = array(1);
            $subtree_stack = array(array());
            $levels = 1;
            foreach ($STRUCTURE_LIST as $i => $struct) {
                $level = $struct[0];
                $title = $struct[1];
                $uniq_id = $struct[2];
                $url = array_key_exists($i, $urls_for) ? $urls_for[$i] : '';
                if ($level > $levels_allowed && !is_null($levels_allowed)) {
                    continue;
                }
                // Going down the tree
                if ($level > $past_level_stack[$levels - 1]) {
                    array_push($past_level_stack, $level);
                    array_push($subtree_stack, array(array($uniq_id, $title->evaluate(), $url)));
                    $levels++;
                } else {
                    // Going back up the tree, destroying levels that must have now closed off
                    while ($level < $past_level_stack[$levels - 1] && $levels > 2) {
                        array_pop($past_level_stack);
                        $subtree = array_pop($subtree_stack);
                        $levels--;
                        // Alter the last of the next level on stack so it is actually taking the closed off level as children, and changing from a property list to a pair: property list & children
                        $subtree_stack[$levels - 1][count($subtree_stack[$levels - 1]) - 1] = array($subtree_stack[$levels - 1][count($subtree_stack[$levels - 1]) - 1], $subtree);
                    }
                    // Store the title where we are
                    $subtree_stack[$levels - 1][] = array($uniq_id, $title->evaluate(), $url);
                }
            }
            // Clean up... going up until we're with 1
            while ($levels > 1) {
                array_pop($past_level_stack);
                $subtree = array_pop($subtree_stack);
                $levels--;
                $parent_level_start_index = count($subtree_stack[$levels - 1]) - 1;
                if ($parent_level_start_index < 0) {
                    $subtree_stack[$levels - 1] = $subtree;
                } else {
                    $subtree_stack[$levels - 1][$parent_level_start_index] = array($subtree_stack[$levels - 1][$parent_level_start_index], $subtree);
                }
            }
            // Now we have the structure to display
            $levels_t = _do_contents_level($subtree_stack[0], $list_types, $base);
            $temp_tpl = do_template('COMCODE_CONTENTS', array('_GUID' => 'ca2f5320fa930e2257a2e74e4f98e5a0', 'LEVELS' => $levels_t));
            $STRUCTURE_LIST = $old_structure_list;
            // Restore, so subsequent 'title' tags have correct numbering
            break;
    }
    // Last ditch effort: custom tags
    if ($temp_tpl->is_definitely_empty() && !$wml) {
        global $REPLACE_TARGETS;
        if (array_key_exists($tag, $REPLACE_TARGETS)) {
            $replace = $REPLACE_TARGETS[$tag]['replace'];
            $parameters = explode(',', $REPLACE_TARGETS[$tag]['parameters']);
            $binding = array('CONTENT' => $embed, 'RAND' => uniqid('', true));
            foreach ($parameters as $parameter) {
                $parameter = trim($parameter);
                $parts = explode('=', $parameter);
                if (count($parts) == 1) {
                    $parts[] = '';
                }
                if (count($parts) != 2) {
                    continue;
                }
                list($parameter, $default) = $parts;
                if (!array_key_exists($parameter, $attributes) || $attributes[$parameter] == '') {
                    $attributes[$parameter] = $default;
                }
                $binding[strtoupper($parameter)] = $attributes[$parameter];
                $replace = str_replace('{' . $parameter . '}', '{' . strtoupper($parameter) . '*}', $replace);
            }
            $replace = str_replace('{content}', array_key_exists($tag, $GLOBALS['TEXTUAL_TAGS']) ? '{CONTENT}' : '{CONTENT*}', $replace);
            require_code('tempcode_compiler');
            $temp_tpl = template_to_tempcode($replace);
            $temp_tpl = $temp_tpl->bind($binding, '(custom comcode: ' . $tag . ')');
        }
    }
    return $temp_tpl;
}
Esempio n. 7
0
function tokenize_ml($txt, $exceptions, $prefixes)
{
    $coeff = array();
    $out = array();
    $token = '';
    $txt = Normalizer::normalize($txt, Normalizer::FORM_C);
    $res = sql_query("SELECT * FROM tokenizer_coeff");
    while ($r = sql_fetch_array($res)) {
        $coeff[$r[0]] = $r[1];
    }
    $txt .= '  ';
    for ($i = 0; $i < mb_strlen($txt, 'UTF-8'); ++$i) {
        $prevchar = $i > 0 ? mb_substr($txt, $i - 1, 1, 'UTF-8') : '';
        $char = mb_substr($txt, $i + 0, 1, 'UTF-8');
        $nextchar = mb_substr($txt, $i + 1, 1, 'UTF-8');
        $nnextchar = mb_substr($txt, $i + 2, 1, 'UTF-8');
        //$chain is the current word which we will perhaps need to check in the dictionary
        $chain = $chain_left = $chain_right = '';
        $odd_symbol = '';
        if (is_hyphen($char) || is_hyphen($nextchar)) {
            $odd_symbol = '-';
        } elseif (preg_match('/([\\.\\/\\?\\=\\:&"!\\+\\(\\)])/u', $char, $match) || preg_match('/([\\.\\/\\?\\=\\:&"!\\+\\(\\)])/u', $nextchar, $match)) {
            $odd_symbol = $match[1];
        }
        if ($odd_symbol) {
            for ($j = $i; $j >= 0; --$j) {
                $t = mb_substr($txt, $j, 1, 'UTF-8');
                if ($odd_symbol == '-' && (is_cyr($t) || is_hyphen($t) || $t === "'") || $odd_symbol != '-' && !is_space($t)) {
                    $chain_left = $t . $chain_left;
                } else {
                    break;
                }
                if (mb_substr($chain_left, -1) === $odd_symbol) {
                    $chain_left = mb_substr($chain_left, 0, -1);
                }
            }
            for ($j = $i + 1; $j < mb_strlen($txt, 'UTF-8'); ++$j) {
                $t = mb_substr($txt, $j, 1, 'UTF-8');
                if ($odd_symbol == '-' && (is_cyr($t) || is_hyphen($t) || $t === "'") || $odd_symbol != '-' && !is_space($t)) {
                    $chain_right .= $t;
                } else {
                    break;
                }
                if (mb_substr($chain_right, 0, 1) === $odd_symbol) {
                    $chain_right = mb_substr($chain_right, 1);
                }
            }
            $chain = $chain_left . $odd_symbol . $chain_right;
        }
        $vector = array_merge(char_class($char), char_class($nextchar), array(is_number($prevchar), is_number($nnextchar), $odd_symbol == '-' ? is_dict_chain($chain) : 0, $odd_symbol == '-' ? is_suffix($chain_right) : 0, is_same_pm($char, $nextchar), $odd_symbol && $odd_symbol != '-' ? looks_like_url($chain, $chain_right) : 0, $odd_symbol && $odd_symbol != '-' ? is_exception($chain, $exceptions) : 0, $odd_symbol == '-' ? is_prefix($chain_left, $prefixes) : 0, $odd_symbol == ':' && $chain_right !== '' ? looks_like_time($chain_left, $chain_right) : 0));
        $vector = implode('', $vector);
        if (isset($coeff[bindec($vector)])) {
            $sum = $coeff[bindec($vector)];
        } else {
            $sum = 0.5;
        }
        $token .= $char;
        if ($sum > 0) {
            $token = trim($token);
            if ($token !== '') {
                $out[] = array($token, $sum, bindec($vector) . '=' . $vector);
            }
            $token = '';
        }
    }
    return $out;
}