<?php
exit;
}
if (empty($UNTRUSTED['convertsmile'])) {
$UNTRUSTED['convertsmile'] = "ON";
}
if ($smiles == "N") {
$UNTRUSTED['convertsmile'] = "OFF";
}
if (!empty($UNTRUSTED['comment'])) {
$comment = filter_html($UNTRUSTED['comment']);
// convert links :
$comment = preg_replace('#(\\s(www.))([^\\s]*)#', ' http://\\2\\3 ', $comment);
$comment = preg_replace('#((http|https|ftp|news|file)://)([^\\s]*)#', '<a href="\\1\\3" target=_blank>\\1\\3</a>', $comment);
if ($UNTRUSTED['convertsmile'] != "OFF") {
$comment = convert_smile($comment);
}
$timeof = date("YmdHis");
if (empty($UNTRUSTED['saidto'])) {
$UNTRUSTED['saidto'] = 0;
}
// see if we have same timestamp: a performance issue but actually done on perpose to discourage
// people making hosted solutions with multiple chats all using the same system.
$query = "SELECT timeof FROM livehelp_messages WHERE timeof='{$timeof}'";
$rs = $mydatabase->query($query);
while ($rs->numrows() != 0) {
if (function_exists('sleep')) {
sleep(1);
$timeof = date("YmdHis");
} else {
$timeof++;
$check_s = $mydatabase->query($query);
$check_s = $check_s->fetchRow(DB_FETCHMODE_ASSOC);
if ($check_s['status'] != "chat") {
$query = "UPDATE livehelp_users set status='request' WHERE user_id=" . intval($saidto);
$mydatabase->query($query);
}
$query = "DELETE FROM livehelp_messages WHERE typeof='writediv'";
$mydatabase->query($query);
// see if we have same timestamp: a performance issue but actually done on perpose to discourage
// people making hosted solutions with multiple chats all using the same system.
$query = "SELECT timeof FROM livehelp_messages WHERE timeof='{$timeof}'";
$rs = $mydatabase->query($query);
while ($rs->numrows() != 0) {
if (function_exists('sleep')) {
sleep(1);
$timeof = date("YmdHis");
} else {
$timeof++;
}
$query = "SELECT timeof FROM livehelp_messages WHERE timeof='{$timeof}'";
$rs = $mydatabase->query($query);
}
if (!empty($UNTRUSTED['smilies'])) {
$UNTRUSTED['comment'] = convert_smile($UNTRUSTED['comment']);
}
$query = "INSERT INTO livehelp_messages (message,channel,timeof,saidfrom,saidto) VALUES ('" . filter_sql($UNTRUSTED['comment']) . "'," . intval($channel) . ",'{$timeof}'," . intval($myid) . "," . intval($saidto) . ")";
$mydatabase->query($query);
$quicknote = "";
}
?>
/**
* show the messages for this user by type and id and/or channel and/or timestamp.
*
* @param int $myid id of this user.
* @param string $typeof (either an empty string or a writediv
* @param int (reference) $aftertime optional timestamp to only see from
* @param int $seechannel optional id of the channel to only view
* @param string hidechannels string of user_ids to hide.
* @param bool $diliminated return diliminated results or not.
* @param bool $omitself show self typing or not.
*
* @global object $mydatabase mysql database object.
* @global array $lang array containing the language texts
* @global array $CSLH_Config array containing the configuration variables.
*
* @return string messages
*/
function showmessages($myid, $typeof = "", &$aftertime, $seechannel = "", $hidechannels = "", $diliminated = false, $omitself = true)
{
global $mydatabase, $CSLH_Config, $identity, $isavisitor;
$chatmessage = "";
// one chat message
$resultchat = "";
// the whole list of messages since aftertime..
$typediliminated = "";
// the type of message in the deliminated message HTML or LAYER
// if the type is writediv then omit messages that you are tying.
$excludesql = " ";
if ($typeof == "writediv") {
if ($omitself) {
$excludesql = " AND saidfrom!=" . intval($myid);
}
}
// if we only want to see one channel:
if ($seechannel != "") {
$sqlqueryrun = "SELECT livehelp_messages.message,livehelp_messages.typeof,livehelp_messages.timeof,livehelp_messages.id_num,livehelp_messages.saidfrom,livehelp_messages.saidto,livehelp_operator_channels.txtcolor,livehelp_operator_channels.txtcolor_alt,livehelp_operator_channels.channelcolor\n FROM livehelp_messages,livehelp_operator_channels \n WHERE livehelp_operator_channels.user_id=" . intval($myid) . "\n AND livehelp_messages.channel=livehelp_operator_channels.channel\n AND timeof>'{$aftertime}' AND livehelp_messages.typeof='{$typeof}'\n AND livehelp_messages.channel=" . intval($seechannel) . "\n AND livehelp_messages.saidfrom!='0' {$excludesql}\n ORDER by timeof";
} else {
$except_ids = explode(",", $hidechannels);
$except_sql = "";
for ($i = 0; $i < count($except_ids); $i++) {
$except_sql .= " AND livehelp_messages.channel!=" . intval($except_ids[$i]);
}
$sqlqueryrun = "SELECT livehelp_messages.message,livehelp_messages.typeof,livehelp_messages.timeof,livehelp_messages.id_num,livehelp_messages.saidfrom,livehelp_messages.saidto,livehelp_operator_channels.txtcolor,livehelp_operator_channels.txtcolor_alt,livehelp_operator_channels.channelcolor\n FROM livehelp_messages,livehelp_operator_channels \n WHERE livehelp_operator_channels.user_id=" . intval($myid) . "\n AND livehelp_messages.channel=livehelp_operator_channels.channel \n AND timeof>'{$aftertime}' AND livehelp_messages.typeof='{$typeof}' \n AND livehelp_messages.saidfrom!='0' {$except_sql} {$excludesql} \n ORDER by timeof";
}
// if we are a visitor we only can see messages said to us or our channel:
if ($isavisitor) {
$sqlqueryrun = "SELECT message,typeof,timeof,id_num,saidfrom,saidto \n FROM livehelp_messages \n WHERE (saidto=" . intval($myid) . "\n OR channel=" . intval($seechannel) . ")\n AND livehelp_messages.typeof='{$typeof}'\n AND timeof>'{$aftertime}' {$excludesql}\n ORDER by timeof ";
}
// run query:
//print $sqlqueryrun;
$messages = $mydatabase->query($sqlqueryrun);
if ($messages->numrows() != 0) {
$index = 0;
while ($row = $messages->fetchRow(DB_FETCHMODE_ORDERED)) {
$chatmessage = "";
$javascript = "";
$message = $row[0];
$typeof = $row[1];
$aftertime = $row[2];
$id_num = $row[3];
$saidfrom = $row[4];
$saidto = $row[5];
$typediliminated = "HTML";
// look up text color:
if (!isset($row[6])) {
$sqlquery = "SELECT txtcolor,txtcolor_alt FROM livehelp_operator_channels WHERE userid=" . intval($saidfrom);
$res = $mydatabase->query($sqlquery);
$row2 = $res->fetchRow(DB_FETCHMODE_ORDERED);
$row[6] = $row2[0];
$row[7] = $row2[1];
}
$txtcolor = isset($row[6]) ? $row[6] : "000000";
$txtcolor_alt = isset($row[7]) ? $row[7] : "000000";
$channelcolor = isset($row[8]) ? "bgcolor=" . $row[8] : "";
if ($isavisitor) {
$tablestart = "<table width=98% cellpadding=0 cellspacing=0 border=0 {$channelcolor}><tr><td>";
} else {
$tablestart = "<table width=98% cellpadding=0 cellspacing=0 border=0><tr><td width=2><img src=images/blank.gif width=2 height=2></td><td {$channelcolor}>";
}
$tableend = "</td></tr></table>";
if ($saidfrom == 0) {
$register = 12;
$whowhat = "";
$from = "";
} else {
$sqlquery = "SELECT username,jsrn FROM livehelp_users WHERE user_id=" . intval($saidfrom);
$username_f = $mydatabase->query($sqlquery);
$username_a = $username_f->fetchRow(DB_FETCHMODE_ORDERED);
$from = $username_a[0];
$haystack = explode("_", $from);
if (!empty($haystack[2])) {
$from2 = $haystack[1];
} else {
$from2 = $haystack[0];
}
if ($from2 == $identity['IP_ADDR']) {
$from = "You";
}
$register = $username_a[1];
$whowhat = $from;
}
if ($saidto != 0) {
$sqlquery = "SELECT username FROM livehelp_users WHERE user_id=" . intval($saidto);
$username_f = $mydatabase->query($sqlquery);
$username_a = $username_f->fetchRow(DB_FETCHMODE_ORDERED);
$to = $username_a[0];
}
if ($isavisitor) {
if ($saidfrom != $myid) {
$cssclass_name = " class=\"operatorName\" ";
$cssclass_txt = " class=\"operator\" ";
} else {
$cssclass_name = " class=\"guestName\" ";
$cssclass_txt = " class=\"guest\" ";
}
} else {
if ($saidfrom != $myid) {
$cssclass_name = " class=\"guestName\" ";
$cssclass_txt = " class=\"guest\" ";
$txtcolor = $txtcolor_alt;
} else {
$cssclass_name = " class=\"operatorName\" ";
$cssclass_txt = " class=\"operator\" ";
}
}
if (!empty($from)) {
$whowhat = "<font color=\"#{$txtcolor}\" {$cssclass_name}>{$from}: </font>";
}
$abort_counter = 0;
$message = preg_replace("/\n/", "", nl2br($message));
$message = preg_replace("/\r/", "", $message);
$safemessage = convert_smile(filter_html($message));
// if we hit a writediv command write to DIV or
// if it does not exist write normal.
if ($typeof == "writediv") {
$typediliminated = "LAYER";
if ($diliminated) {
if (!preg_match("/nullstring/", $safemessage)) {
$chatmessage = $tablestart . "<table cellpadding=0 cellspacing=0 border=0><tr><td valign=top nowrap=nowrap>" . $whowhat . "</td><td><img src=images/blank.gif width=350 height=1><br><font color=\"#" . $txtcolor . "\"> " . $safemessage . "</font></b></td></tr></table>" . $tableend;
} else {
$chatmessage = "nullstring";
}
} else {
$chatmessage = "<SCRIPT type=\"text/javascript\">\n";
if (!preg_match("/nullstring/", $safemessage)) {
$chatmessage .= " whatissaid[" . $register . "] = '" . $tablestart . $whowhat . "<font color=\"#" . $txtcolor . "\"> ' + unescape('" . $safemessage . "') + '</font></b><br>" . $tableend . "';\n";
} else {
$chatmessage .= "whatissaid[" . $register . "] = 'nullstring'\n";
}
$chatmessage .= "update_typing();";
$chatmessage .= "</SCRIPT>";
}
} else {
// if we are sending a url we only want to send it once to the visitor.
if (preg_match("/\\[PUSH\\]/", $message)) {
if (!is_operator($myid)) {
$javascript = preg_replace("/\\[PUSH\\](.*?)\\[\\/PUSH\\]/", "openwindow('\\1\\2','popwindow');", $message);
$message = preg_replace("/\\[PUSH\\]/", "", $message);
$message = preg_replace("/\\[\\/PUSH\\]/", "", $message);
// convert links :
$newmessage = preg_replace('#(\\s(www.))([^\\s]*)#', ' http://\\2\\3 ', $message);
$newmessage = preg_replace('#((http|https|ftp|news|file)://)([^\\s]*)#', '<a href="\\1\\3" target=_blank>\\1\\3</a>', $newmessage);
if (!$diliminated) {
$message = "<SCRIPT type=\"text/javascript\"> {$javascript} </SCRIPT> {$newmessage}";
} else {
$message = $newmessage;
}
//$sqlquery = "UPDATE livehelp_messages set message='$newmessage' Where id_num=".intval($id_num);
//$mydatabase->query($sqlquery);
} else {
$message = preg_replace("/\\[PUSH\\]/", "", $message);
$message = preg_replace("/\\[\\/PUSH\\]/", "", $message);
$newmessage = preg_replace('#(\\s(www.))([^\\s]*)#', ' http://\\2\\3 ', $message);
$newmessage = preg_replace('#((http|https|ftp|news|file)://)([^\\s]*)#', '<a href="\\1\\3" target=_blank>\\1\\3</a>', $newmessage);
$message = $newmessage;
}
}
// if we are transfering them
if ($isavisitor && preg_match("/\\[transfer\\]/", $message)) {
$message = preg_replace("/\\[transfer\\]/", "", $message);
$message = preg_replace("/\\[\\/transfer\\]/", "", $message);
$message_url = $message;
$message = "";
$javascript = "window.parent.location.replace('{$message_url}');";
if (!$diliminated) {
$message = "<SCRIPT type=\"text/javascript\"> {$javascript} </SCRIPT>";
}
$message .= "..transfered..";
$sqlquery = "UPDATE livehelp_messages set message='{$message}' Where id_num=" . intval($id_num);
$mydatabase->query($sqlquery);
}
if ($message != "nullstring") {
$chatmessage .= $tablestart;
$chatmessage .= "<table cellpadding=0 cellspacing=0 border=0><tr><td valign=top NOWRAP=NOWRAP NOWRAP width=3><img src=images/blank.gif width=4 height=4></td><td valign=top NOWRAP=NOWRAP NOWRAP>" . $whowhat . "</td><td valign=top><img src=images/blank.gif width=350 height=1><br><font color=\"#" . $txtcolor . "\"" . $cssclass_txt . " > " . $message . " </font></b><br></td></tr></table>";
$chatmessage .= $tableend;
}
}
if ($diliminated) {
if (empty($resultchat)) {
$resultchat = "";
}
$string = "messages[{$index}] = new Array(); messages[{$index}][0]=\"{$aftertime}\"; messages[{$index}][1]=\"{$register}\"; messages[{$index}][2]=\"{$typediliminated}\"; messages[{$index}][3]=\"" . addslashes($chatmessage) . "\"; messages[{$index}][4]=\"{$javascript}\";";
$resultchat .= $string;
} else {
$resultchat .= $chatmessage;
if ($typeof != "writediv") {
$resultchat .= "<SCRIPT type=\"text/javascript\"> whatissaid[{$register}] = 'nullstring'\n update_typing();\n </SCRIPT>";
}
}
$index++;
}
// while more messages to look at
}
// if there are messages to look at.
return $resultchat;
}