コード例 #1
0
$comment_image = mw_get_noimage();
if ($mw_basic[cf_attribute] != "anonymous" && !$row[wr_anonymous] && $row[mb_id] && file_exists("{$comment_image_path}/{$row[mb_id]}")) {
    $comment_image = "{$comment_image_path}/{$row[mb_id]}";
    $is_comment_image = true;
    $tmpsize = @getImageSize($comment_image);
    $comment_image .= '?' . filemtime($comment_image);
}
$row[content] = mw_reg_str($row[content]);
// 자동치환
$row[content] = bc_code($row[content]);
if (strstr($row[wr_option], "html")) {
    $row[content] = mw_tag_debug($row[content]);
}
$row[content] = mw_set_sync_tag($row[content]);
// 잘못된 태그교정
$row[content] = mw_youtube_content($row[content], "144");
// 유투브 자동 재생
if ($mw_basic[cf_iframe_level] && $mw_basic[cf_iframe_level] <= $mb[mb_level]) {
    $row[content] = mw_special_tag($row[content]);
}
// 관리자 게시물은 IP 주소를 보이지 않습니다
if ($row[mb_id] == $config[cf_admin]) {
    $row[ip] = "";
}
$str = $row[content];
if (strstr($row[wr_option], "secret")) {
    $str = "<span class='mw_basic_comment_secret'>* {$str}</span>";
}
$str = preg_replace("/\\[\\<a\\s.*href\\=\"(http|https|ftp|mms)\\:\\/\\/([^[:space:]]+)\\.(mp3|wma|wmv|asf|asx|mpg|mpeg)\".*\\<\\/a\\>\\]/i", "<script>doc_write(obj_movie('\$1://\$2.\$3'));</script>", $str);
// FLASH XSS 공격에 의해 주석 처리
//$str = preg_replace("/\[\<a\s.*href\=\"(http|https|ftp)\:\/\/([^[:space:]]+)\.(swf)\".*\<\/a\>\]/i", "<script>doc_write(flash_movie('$1://$2.$3'));</script>", $str);
コード例 #2
0
ファイル: mw.file.viewer.php プロジェクト: l2zeo/miwit-pack5 
        <script>
        function contents_shop_view() {
        }
        </script>
        <?php 
        $contents_shop_view = ob_get_contents();
        ob_end_clean();
        $view[wr_content] = $contents_shop_view;
        $view[content] = $view[wr_content];
        $view[rich_content] = $view[wr_content];
        $write[wr_content] = $view[wr_content];
        $write[content] = $view[wr_content];
        $view[file] = null;
    }
}
$view[rich_content] = mw_youtube_content($view[rich_content]);
$ob_exam = '';
$ob_exam_flag = false;
if ($mw_basic['cf_exam']) {
    if (is_mw_file("{$exam_path}/view.skin.php")) {
        ob_start();
        include "{$exam_path}/view.skin.php";
        $ob_exam = ob_get_clean();
        if (preg_match("/\\[시험문제\\]/i", $view[rich_content])) {
            $ob_exam_flag = true;
            $view[rich_content] = preg_replace("/\\[시험문제\\]/i", $ob_exam, $view[rich_content]);
        }
    }
}
$ob_marketdb = '';
$ob_marketdb_flag = false;