#!/usr/bin/php -q <?php require_once dirname(dirname(__FILE__)) . '/test/lib/utils.php'; require_once TEST . 'lib/Test-More.php'; require_once INC . 'config_inc.php'; require_once INC . 'utils.php'; diag('removeBBCode'); plan(3); $matching_mixed_missing_in = '[b]bold[/b] [b]still bold[/B] [B]also bold'; $matching_mixed_missing_out = removeBBCode($matching_mixed_missing_in); is($matching_mixed_missing_out, 'bold still bold [B]also bold', 'matching, mixed, missing'); $intermixed_in = '[b]bold [ins]inserted[/ins][/b]'; $intermixed_out = removeBBCode($intermixed_in); is($intermixed_out, 'bold inserted', 'intermixed'); $bad_intermixed_in = '[b]bold [ins][/b]inserted[/ins]'; $bad_intermixed_out = removeBBCode($bad_intermixed_in); is($bad_intermixed_out, 'bold inserted', 'bad intermixed');
<div class="forum-post-icon">'; if ($thread['has_blizz'] == 1 || $posterInfo['blizz'] == 1) { echo ' <div class="blizzard_icon"> <a href="" onmouseover="Tooltip.show(this,\'' . $Forum['Forum50'] . '\');"></a> </div>'; } echo ' </div> </td> <td class="post-title">'; if ($thread['prefix'] != "none") { echo '<span class="post-status">[' . $thread['prefix'] . ']</span>'; } $small = removeBBCode($thread['content']); echo ' <div id="thread_tt_' . $thread['id'] . '" style="display:none"> <div class="tt_detail"> ' . substr($small, 0, 75) . '... </div> <div class="tt_time">' . $thread['date'] . '</div> <div class="tt_info"> ' . $thread['views'] . ' ' . $Forum['Forum42'] . ' / ' . $thread['replies'] . ' ' . $Forum['Forum41'] . '<br />'; $get_last_reply = mysql_query("SELECT * FROM forum_replies WHERE threadid = '" . $thread['id'] . "' ORDER BY id DESC"); if (mysql_num_rows($get_last_reply) == 0) { $get_user = mysql_query("SELECT * FROM users WHERE id = '" . $thread['author'] . "'"); $lp = mysql_fetch_assoc($get_user); $date = $thread['date']; } else {
/** * displayLatestMessageBoardPosts * * @param int $memberId * * @return void */ function displayLatestMessageBoardPosts($memberId) { $memberId = (int) $memberId; $sql = "SELECT t.`id`, `subject`, `date`, `post` \n FROM `fcms_board_posts` AS p, `fcms_board_threads` AS t, `fcms_users` AS u \n WHERE t.`id` = p.`thread` \n AND p.`user` = u.`id` \n AND u.`id` = ?\n ORDER BY `date` DESC \n LIMIT 0, 5"; $rows = $this->fcmsDatabase->getRows($sql, $memberId); if ($rows === false) { $this->fcmsError->displayError(); return; } if (count($rows) <= 0) { return; } echo ' <h2>' . T_('Latest Posts') . '</h2>'; $tzOffset = getTimezone($memberId); foreach ($rows as $row) { $date = fixDate(T_('F j, Y, g:i a'), $tzOffset, $row['date']); $subject = $row['subject']; $post = removeBBCode($row['post']); $post = cleanOutput($post); $pos = strpos($subject, '#ANOUNCE#'); if ($pos !== false) { $subject = substr($subject, 9, strlen($subject) - 9); } $subject = cleanOutput($subject); echo ' <p> <a href="messageboard.php?thread=' . $row['id'] . '">' . $subject . '</a> <span class="date">' . $date . '</span><br/> ' . $post . ' </p>'; } }
$main_content .= '<a href="?subtopic=forum">Boards</a> >> <b>' . $sections[$section_id] . '</b><br /><br /><a href="?subtopic=forum&action=new_topic§ion_id=' . $section_id . '"><img src="images/forum/topic.gif" border="0" /></a><br /><br />Page: ' . $links_to_pages . '<br />'; $last_threads = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_text') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_topic') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('last_post') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('replies') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('views') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . " FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('section') . " = " . (int) $section_id . " AND " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('id') . " ORDER BY " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('last_post') . " DESC LIMIT " . $threads_per_page . " OFFSET " . $page * $threads_per_page)->fetchAll(); if (isset($last_threads[0])) { $main_content .= '<table width="100%"><tr bgcolor="' . $config['site']['vdarkborder'] . '" align="center"><td><font color="white" size="1"><b>Thread</b></font></td><td><font color="white" size="1"><b>Thread Starter</b></font></td><td><font color="white" size="1"><b>Replies</b></font></td><td><font color="white" size="1"><b>Views</b></font></td><td><font color="white" size="1"><b>Last Post</b></font></td></tr>'; foreach ($last_threads as $thread) { if (!is_int($number_of_rows / 2)) { $bgcolor = $config['site']['darkborder']; } else { $bgcolor = $config['site']['lightborder']; } $number_of_rows++; $main_content .= '<tr bgcolor="' . $bgcolor . '"><td>'; if ($logged && $group_id_of_acc_logged >= $group_not_blocked) { $main_content .= '<a href="?subtopic=forum&action=remove_post&id=' . $thread['id'] . '" onclick="return confirm(\'Are you sure you want remove thread > ' . htmlspecialchars($thread['post_topic']) . ' <?\')"><font color="red">[REMOVE]</font></a> '; } $main_content .= '<a href="?subtopic=forum&action=show_thread&id=' . $thread['id'] . '">' . htmlspecialchars($thread['post_topic']) . '</a><br /><small>' . htmlspecialchars(substr(removeBBCode($thread['post_text']), 0, 50)) . '...</small></td><td><a href="?subtopic=characters&name=' . urlencode($thread['name']) . '">' . $thread['name'] . '</a></td><td>' . (int) $thread['replies'] . '</td><td>' . (int) $thread['views'] . '</td><td>'; if ($thread['last_post'] > 0) { $last_post = $SQL->query("SELECT " . $SQL->tableName('players') . "." . $SQL->fieldName('name') . ", " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('post_date') . " FROM " . $SQL->tableName('players') . ", " . $SQL->tableName('z_forum') . " WHERE " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('first_post') . " = " . (int) $thread['id'] . " AND " . $SQL->tableName('players') . "." . $SQL->fieldName('id') . " = " . $SQL->tableName('z_forum') . "." . $SQL->fieldName('author_guid') . " ORDER BY " . $SQL->fieldName('post_date') . " DESC LIMIT 1")->fetch(); if (isset($last_post['name'])) { $main_content .= date('d.m.y H:i:s', $last_post['post_date']) . '<br />by <a href="?subtopic=characters&name=' . urlencode($last_post['name']) . '">' . $last_post['name'] . '</a>'; } else { $main_content .= 'No posts.'; } } else { $main_content .= date('d.m.y H:i:s', $thread['post_date']) . '<br />by <a href="?subtopic=characters&name=' . urlencode($thread['name']) . '">' . $thread['name'] . '</a>'; } $main_content .= '</td></tr>'; } $main_content .= '</table><br /><a href="?subtopic=forum&action=new_topic§ion_id=' . $section_id . '"><img src="images/forum/topic.gif" border="0" /></a>'; } else { $main_content .= '<h3>No threads in this board.</h3>';
/** * displayAdvancedSearchSubmit * * @return void */ function displayAdvancedSearchSubmit() { $start = $_POST['start']; $end = $_POST['end']; $search = $_POST['search']; // validate dates $found = preg_match('/^\\d{4}-(1[012]|0?\\d)-(3[01]|[012]?\\d)$/', $start); if ($found === false || $found < 1) { $error = sprintf(T_('Invalid Date [%s]'), cleanOutput($start)); $this->displayAdvancedSearchForm($error); return; } $found = preg_match('/^\\d{4}-(1[012]|0?\\d)-(3[01]|[012]?\\d)$/', $end); if ($found === false || $found < 1) { $error = sprintf(T_('Invalid Date [%s]'), cleanOutput($end)); $this->displayAdvancedSearchForm($error); return; } // header is displayed by displayAdvancedSearchForm() $this->displayAdvancedSearchForm('', $search, $start, $end, false); $sql = "SELECT t.`id`, t.`subject`, t.`started_by`, t.`updated`, p.`post`,\n 'thread' AS type\n FROM `fcms_board_threads` AS t, `fcms_board_posts` AS p\n WHERE p.`thread` = t.`id`\n AND `subject` LIKE ?\n UNION\n SELECT t.`id`, t.`subject`, t.`started_by`, p.`date` AS updated, p.`post`,\n 'post' AS type\n FROM `fcms_board_threads` AS t, `fcms_board_posts` AS p\n WHERE p.`thread` = t.`id`\n AND `post` LIKE ?\n AND `date` >= ?\n AND `date` <= ?"; $params = array("%{$search}%", "%{$search}%", "{$start} 00:00:00", "{$end} 24:59:59"); $rows = $this->fcmsDatabase->getRows($sql, $params); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) <= 0) { echo ' <div class="search_result"> <p>' . T_('Could not find anything matching your search.') . '</p> </div>'; } $threadsFound = array(); foreach ($rows as $r) { // if the search is found both in the subject and post // skip the post, so we don't show doubles if ($r['type'] == 'post') { if (isset($threadsFound[$r['id']])) { continue; } } $threadsFound[$r['id']] = 1; // Remove #ANNOUNCE# $subject = $this->fcmsMessageBoard->fixSubject($r['subject']); // Clean html $subject = cleanOutput($subject, 'html'); // Put in our html (should be the only html rendered) $subject = highlight($search, $subject); // Remove orig bbcode $post = removeBBCode($r['post']); // Clean html $post = cleanOutput($post, 'html'); // Put in our html (should be the only html rendered) $post = highlight($search, $post); $date = fixDate('n/d/Y g:ia', $this->fcmsUser->tzOffset, $r['updated']); echo ' <div class="search_result"> <a href="?thread=' . $r['id'] . '">' . $subject . '</a> <p>' . $post . '</p> <span>' . $date . '</span> </div>'; } $this->displayFooter(); }
/** * getWhatsNewDataObject * * @param array $data * * @return array */ function getWhatsNewDataObject($data) { $title = ''; $details = ''; switch ($data['type']) { case 'CALENDAR': $title = '<a href="calendar.php?event=' . $data['id'] . '">' . cleanOutput($data['title']) . '</a>'; $details = date('F j, Y', strtotime($data['id2'])); break; case 'DOCS': $title = '<a href="documents.php">' . cleanOutput($data['title']) . '</a>'; $details = cleanOutput($data['details']); break; case 'GALCOM': foreach ($data['photos'] as $p) { $photoSrc = $this->fcmsPhotoGallery->getPhotoSource($p); $title = '<a href="gallery/index.php?uid=0&cid=comments&pid=' . (int) $data['id'] . '"><img src="' . $photoSrc . '"/></a>'; } $details = cleanOutput($data['title']); break; case 'GALLERY': $title = '<a href="gallery/index.php?uid=' . (int) $data['userid'] . '&cid=' . $data['id'] . '">' . cleanOutput($data['title']) . '</a>'; $details = ''; foreach ($data['photos'] as $p) { $photoSrc = $this->fcmsPhotoGallery->getPhotoSource($p); $details .= ' <a href="gallery/index.php?uid=' . (int) $data['userid'] . '&cid=' . $data['id'] . '&pid=' . (int) $p['id'] . '"> <img src="' . $photoSrc . '" alt="' . cleanOutput($p['caption']) . '"/> </a> '; } break; case 'NEWS': $name = !empty($data['title']) ? cleanOutput($data['title']) : T_('untitled'); $title = '<a href="familynews.php?getnews=' . $data['userid'] . '&newsid=' . $data['id'] . '">' . $name . '</a>'; $details = removeBBCode($data['details']); $details = cleanOutput($details); if (strlen($details) > 300) { $details = substr($details, 0, 300); $details .= '...<br/><br/><a href="familynews.php?getnews=' . $data['userid'] . '&newsid=' . (int) $data['id'] . '">' . T_('Read More') . '</a>'; } break; case 'POLL': $title = '<a href="polls.php?id=' . (int) $data['id'] . '">' . cleanOutput($data['title']) . '</a>'; break; case 'PRAYERS': $title = '<a href="prayers.php">' . cleanOutput($data['title']) . '</a>'; $details = cleanOutput($data['details']); break; case 'RECIPES': $title = '<a href="recipes.php?category=' . $data['id2'] . '&id=' . $data['id'] . '">' . cleanOutput($data['title']) . '</a>'; break; case 'THREAD': $subject = $data['title']; $pos = strpos($subject, '#ANOUNCE#'); if ($pos !== false) { $subject = substr($subject, 9, strlen($subject) - 9); } $subject = cleanOutput($subject); $title = '<a href="messageboard.php?thread=' . (int) $data['id2'] . '" title="' . $subject . '">' . $subject . '</a>'; $details = removeBBCode($data['details']); $details = cleanOutput($details); if (strlen($details) > 300) { $details = substr($details, 0, 300); $details .= '...<br/><br/><a href="messageboard.php?thread=' . (int) $data['id2'] . '">' . T_('Read More') . '</a>'; } break; case 'VIDEO': $title = '<a href="video.php?u=' . (int) $data['userid'] . '&id=' . (int) $data['id'] . '"><img src="http://i.ytimg.com/vi/' . $data['id2'] . '/default.jpg"/></a>'; break; default: $title = ''; $details = ''; break; } return array('title' => $title, 'details' => $details); }
/** * displayNews * * Prints out the news info when looping through a list of news. * Used when viewing last 5 and users news. * * @param array $data * * @return void */ function displayNews($data) { $displayname = getUserDisplayName($data['user']); $updated = fixDate(T_('F j, Y g:i a'), $this->fcmsUser->tzOffset, $data['updated']); $created = fixDate(T_('F j, Y g:i a'), $this->fcmsUser->tzOffset, $data['created']); $newsSource = ''; // Imported news if (strlen($data['external_type']) > 0) { $newsSource = ' <span style="background-color:#eee; color:#999; font-size:13px;"> ' . sprintf(T_('Originally from %s, %s.'), $data['external_type'], $created) . ' </span><br/>'; $news = strip_tags($data['news']); } else { $news = removeBBCode($data['news']); $news = cleanOutput($news); } if (strlen($data['news']) > 300) { $news = substr($news, 0, 300); $news .= '...<br/><br/><a href="?getnews=' . $data['user'] . '&newsid=' . (int) $data['id'] . '">' . T_('Read More') . '</a>'; } if (empty($data['title'])) { $data['title'] = T_('untitled'); } echo ' <div class="news-post"> <h2> <a href="?getnews=' . $data['user'] . '&newsid=' . (int) $data['id'] . '">' . cleanOutput($data['title']) . '</a> </h2> <span class="date">' . $updated . ' - ' . $displayname . '</span> <p>' . $newsSource . $news . '</p> <p class="news-comments"> <a href="?getnews=' . $data['user'] . '&newsid=' . (int) $data['id'] . '#comments">' . T_('Comments') . '</a> - ' . getNewsComments($data['id']) . ' </p> </div>'; }