output("`^Resurrections: `@" . $row['resurrections'] . "`n"); output("`^Race: `@" . $races[$row['race']] . "`n"); output("`^Gender: `@" . ($row['sex'] ? "Female" : "Male") . "`n"); output("`^Specialty: `@" . $specialty[$row['specialty']] . "`n"); $sql = "SELECT mountname FROM mounts WHERE mountid='{$row['hashorse']}'"; $result = db_query($sql); $mount = db_fetch_assoc($result); if ($mount['mountname'] == "") { $mount['mountname'] = "`iNone`i"; } output("`^Creature: `@" . $mount['mountname'] . "`n"); if ($row['dragonkills'] > 0) { output("`^Dragon Kills: `@" . $row['dragonkills'] . "`n"); } if ($row['bio'] > "") { output("`^Bio: `@`n" . soap($row['bio']) . "`n"); } output("`n`^Recent accomplishments (and defeats) of {$row['name']}`^"); $result = db_query("SELECT * FROM news WHERE accountid={$row['acctid']} ORDER BY newsdate DESC,newsid ASC LIMIT 100"); $odate = ""; for ($i = 0; $i < db_num_rows($result); $i++) { $row = db_fetch_assoc($result); if ($odate != $row['newsdate']) { output("`n`b`@" . date("D, M d", strtotime($row['newsdate'])) . "`b`n"); $odate = $row['newsdate']; } output($row['newstext'] . "`n"); } if ($_GET['ret'] == "") { addnav("Return to the warrior list", "list.php"); } else {
} } else { output("`#Could not locate a character with that name. Look at the List Warriors page off the login page to make sure that the character hasn't expired and been deleted."); } } else { output("<form action='create.php?op=forgot' method='POST'>\n\t\t`bForgotten Passwords:`b`n`n\n\t\tEnter your character's name: <input name='charname'>`n\n\t\t<input type='submit' class='button' value='Email me my password'>\n\t\t</form>", true); } } page_header("Create A Character"); if ($_GET['op'] == "create") { if (getsetting("spaceinname", 0) == 0) { $shortname = preg_replace("([^[:alpha:]_-])", "", $_POST['name']); } else { $shortname = preg_replace("([^[:alpha:] _-])", "", $_POST['name']); } if (soap($shortname) != $shortname) { output("`\$Error`^: Bad language was found in your name, please consider revising it."); $_GET['op'] = ""; } else { $blockaccount = false; if (getsetting("blockdupeemail", 0) == 1 && getsetting("requireemail", 0) == 1) { $sql = "SELECT login FROM accounts WHERE emailaddress='{$_POST['email']}'"; $result = db_query($sql); if (db_num_rows($result) > 0) { $blockaccount = true; $msg .= "You may have only one account.`n"; } } if (strlen($_POST['pass1']) <= 3) { $msg .= "Your password must be at least 4 characters long.`n"; $blockaccount = true;
$sql = "SELECT * FROM " . db_prefix("mounts") . " WHERE mountid='{$target['hashorse']}'"; $result = db_query_cached($sql, "mountdata-{$target['hashorse']}", 3600); $mount = db_fetch_assoc($result); $mount['acctid'] = $target['acctid']; $mount = modulehook("bio-mount", $mount); $none = translate_inline("`iNone`i"); if (!isset($mount['mountname']) || $mount['mountname'] == "") { $mount['mountname'] = $none; } output("`^Creature: `@%s`0`n", $mount['mountname']); modulehook("biostat", $target); if ($target['dragonkills'] > 0) { output("`^Dragon Kills: `@%s`n", $target['dragonkills']); } if ($target['bio'] > "") { output("`^Bio: `@`n%s`n", soap($target['bio'])); } modulehook("bioinfo", $target); output("`n`^Recent accomplishments (and defeats) of %s`^", $target['name']); $result = db_query("SELECT * FROM " . db_prefix("news") . " WHERE accountid={$target['acctid']} ORDER BY newsdate DESC,newsid ASC LIMIT 100"); $odate = ""; tlschema("news"); while ($row = db_fetch_assoc($result)) { tlschema($row['tlschema']); if ($row['arguments'] > "") { $arguments = array(); $base_arguments = unserialize($row['arguments']); array_push($arguments, $row['newstext']); while (list($key, $val) = each($base_arguments)) { array_push($arguments, $val); }
$op = httpget('op'); //yuck, this page is a mess, but it gets the job done. page_header("Bad word editor"); require_once "lib/superusernav.php"; superusernav(); addnav("Bad Word Editor"); addnav("Refresh the list", "badword.php"); output("`7Here you can edit the words that the game filters. Using * at the start or end of a word will be a wildcard matching anything else attached to the word. These words are only filtered if bad word filtering is turned on in the game settings page.`n`n`0"); $test = translate_inline("Test"); rawoutput("<form action='badword.php?op=test' method='POST'>"); addnav("", "badword.php?op=test"); output("`7Test a word:`0"); rawoutput("<input name='word'><input type='submit' class='button' value='{$test}'></form>"); if ($op == "test") { $word = httppost("word"); $return = soap($word, true); if ($return == $word) { output("`7\"%s\" does not trip any filters.`0`n`n", $word); } else { output("`7%s`0`n`n", $return); } } output_notl("<font size='+1'>", true); output("`7`bGood Words`b`0"); rawoutput("</font>"); output("`7 (bad word exceptions)`0`n"); $add = translate_inline("Add"); $remove = translate_inline("Remove"); rawoutput("<form action='badword.php?op=addgood' method='POST'>"); addnav("", "badword.php?op=addgood"); output("`7Add a word:`0");
function injectcommentary($section, $talkline, $comment, $schema = false) { global $session, $doublepost, $translation_namespace; if ($schema === false) { $schema = $translation_namespace; } // Make the comment pristine so that we match on it correctly. $comment = stripslashes($comment); tlschema("commentary"); $doublepost = 0; $emptypost = 0; $colorcount = 0; if ($comment != "") { $commentary = str_replace("`n", "", soap($comment)); $y = strlen($commentary); for ($x = 0; $x < $y; $x++) { if (substr($commentary, $x, 1) == "`") { $colorcount++; if ($colorcount >= getsetting("maxcolors", 10)) { $commentary = substr($commentary, 0, $x) . color_sanitize(substr($commentary, $x)); $x = $y; } $x++; } } $args = array('commentline' => $commentary, 'commenttalk' => $talkline); $args = modulehook("commentary", $args); //Begin CMJ Patch to allow players to use the /special switch if ($args['ignore'] == 1) { //Ignore this comment, it is likely a side-effect of using the Special switch return; } $commentary = $args['commentline']; $talkline = $args['commenttalk']; tlschema($schema); $talkline = translate_inline($talkline); tlschema(); $commentary = preg_replace("'([^[:space:]]{45,45})([^[:space:]])'", "\\1 \\2", $commentary); $commentary = addslashes($commentary); // do an emote if the area has a custom talkline and the user // isn't trying to emote already. if ($talkline != "says" && substr($commentary, 0, 1) != ":" && substr($commentary, 0, 2) != "::" && substr($commentary, 0, 3) != "/me" && substr($commentary, 0, 5) != "/game") { $commentary = ":`3{$talkline}, \\\"`#{$commentary}`3\\\""; } if (substr($commentary, 0, 5) == "/game" && ($session['user']['superuser'] & SU_IS_GAMEMASTER) == SU_IS_GAMEMASTER) { //handle game master inserts now, allow double posts injectsystemcomment($section, $commentary); } else { $sql = "SELECT comment,author FROM " . db_prefix("commentary") . " WHERE section='{$section}' ORDER BY commentid DESC LIMIT 1"; $result = db_query($sql); $row = db_fetch_assoc($result); db_free_result($result); if ($row['comment'] != stripslashes($commentary) || $row['author'] != $session['user']['acctid']) { injectrawcomment($section, $session['user']['acctid'], $commentary); $session['user']['laston'] = date("Y-m-d H:i:s"); } else { $doublepost = 1; } } tlschema(); } }
function extbio_run() { $char = httpget('char'); //Legacy support if (is_numeric($char)) { $where = "acctid = {$char}"; } else { $where = "login = '******'"; } $sql = "SELECT login, name, level, sex, title, specialty, hashorse, acctid, resurrections, bio, dragonkills, race, clanname, clanshort, clanrank, " . db_prefix("accounts") . ".clanid, laston, loggedin FROM " . db_prefix("accounts") . " LEFT JOIN " . db_prefix("clans") . " ON " . db_prefix("accounts") . ".clanid = " . db_prefix("clans") . ".clanid WHERE {$where}"; $result = db_query($sql); if ($target = db_fetch_assoc($result)) { $target['login'] = rawurlencode($target['login']); $id = $target['acctid']; $target['return_link'] = $return; page_header("Character Biography: %s", full_sanitize($target['name'])); modulehook("biotop", $target); output("`^Biography for %s`^.", $target['name']); if ($target['clanname'] > "" && getsetting("allowclans", false)) { $ranks = array(CLAN_APPLICANT => "`!Applicant`0", CLAN_MEMBER => "`3Member`0", CLAN_OFFICER => "`^Officer`0", CLAN_LEADER => "`&Leader`0", CLAN_FOUNDER => "`\$Founder"); $ranks = modulehook("clanranks", array("ranks" => $ranks, "clanid" => $target['clanid'])); tlschema("clans"); //just to be in the right schema array_push($ranks['ranks'], "`\$Founder"); $ranks = translate_inline($ranks['ranks']); tlschema(); output("`@%s`2 is a %s`2 to `%%s`2`n", $target['name'], $ranks[$target['clanrank']], $target['clanname']); } output("`^Title: `@%s`n", $target['title']); output("`^Level: `@%s`n", $target['level']); $loggedin = false; if ($target['loggedin'] && date("U") - strtotime($target['laston']) < getsetting("LOGINTIMEOUT", 900)) { $loggedin = true; } $status = translate_inline($loggedin ? "`3Online`0" : "`\$Offline`0"); output("`^Status: %s`n", $status); output("`^Resurrections: `@%s`n", $target['resurrections']); $race = $target['race']; if (!$race) { $race = RACE_UNKNOWN; } tlschema("race"); $race = translate_inline($race); tlschema(); output("`^Race: `@%s`n", $race); $genders = array("Male", "Female"); $genders = translate_inline($genders); output("`^Gender: `@%s`n", $genders[$target['sex']]); $specialties = modulehook("specialtynames", array("" => translate_inline("Unspecified"))); if (isset($specialties[$target['specialty']])) { output("`^Specialty: `@%s`n", $specialties[$target['specialty']]); } $sql = "SELECT * FROM " . db_prefix("mounts") . " WHERE mountid='{$target['hashorse']}'"; $result = db_query_cached($sql, "mountdata-{$target['hashorse']}", 3600); $mount = db_fetch_assoc($result); $mount['acctid'] = $target['acctid']; $mount = modulehook("bio-mount", $mount); $none = translate_inline("`iNone`i"); if (!isset($mount['mountname']) || $mount['mountname'] == "") { $mount['mountname'] = $none; } output("`^Creature: `@%s`0`n", $mount['mountname']); modulehook("biostat", $target); if ($target['dragonkills'] > 0) { output("`^Dragon Kills: `@%s`n", $target['dragonkills']); } if ($target['bio'] > "") { output("`^Bio: `@`n%s`n", soap($target['bio'])); } modulehook("bioinfo", $target); output("`n`^Recent accomplishments (and defeats) of %s`^", $target['name']); $result = db_query("SELECT * FROM " . db_prefix("news") . " WHERE accountid={$target['acctid']} ORDER BY newsdate DESC,newsid ASC LIMIT 100"); $odate = ""; tlschema("news"); while ($row = db_fetch_assoc($result)) { tlschema($row['tlschema']); if ($row['arguments'] > "") { $arguments = array(); $base_arguments = unserialize($row['arguments']); array_push($arguments, $row['newstext']); while (list($key, $val) = each($base_arguments)) { array_push($arguments, $val); } $news = call_user_func_array("sprintf_translate", $arguments); rawoutput(tlbutton_clear()); } else { $news = translate_inline($row['newstext']); rawoutput(tlbutton_clear()); } tlschema(); if ($odate != $row['newsdate']) { output_notl("`n`b`@%s`0`b`n", date("D, M d", strtotime($row['newsdate']))); $odate = $row['newsdate']; } output_notl("`@{$news}`0`n"); } tlschema(); modulehook("bioend", $target); } page_footer(); }
if ($session['user']['acctid'] == $userid) { $session['user']['name'] = $newname; } } if ($session['user']['acctid'] == $userid) { $session['user']['title'] = $tmp; } } elseif ($key == "ctitle" && stripslashes($val) != $oldvalues[$key]) { $updates++; $tmp = sanitize_colorname(true, stripslashes($val), true); $tmp = preg_replace("/[`][cHw]/", "", $tmp); $tmp = sanitize_html($tmp); if ($tmp != stripslashes($val)) { output("`\$Illegal characters removed from custom title!`0`n"); } if (soap($tmp) != $tmp) { output("`^The new custom title doesn't pass the bad word filter!`0"); } $newname = change_player_ctitle($tmp, $oldvalues); $sql .= "{$key} = \"{$val}\","; output("Changed player ctitle from %s`0 to %s`0`n", $oldvalues['ctitle'], $tmp); $oldvalues[$key] = $tmp; if ($newname != $oldvalues['name']) { $sql .= "name = \"" . addslashes($newname) . "\","; output("Changed player name to %s`0 due to changed custom title`n", $newname); debuglog($session['user']['name'] . "`0 changed player name to {$newname}`0 due to changed custom title", $userid); $oldvalues['name'] = $newname; if ($session['user']['acctid'] == $userid) { $session['user']['name'] = $newname; } }
function systemmail($to, $subject, $body, $from = 0, $noemail = false) { global $session; $sql = "SELECT prefs,emailaddress FROM " . db_prefix("accounts") . " WHERE acctid='{$to}'"; $result = db_query($sql); $row = db_fetch_assoc($result); db_free_result($result); $prefs = unserialize($row['prefs']); $serialized = 0; if ($from == 0) { if (is_array($subject)) { $subject = serialize($subject); $serialized = 1; } if (is_array($body)) { $body = serialize($body); $serialized += 2; } $subject = safeescape($subject); $body = safeescape($body); } else { $subject = safeescape($subject); $subject = str_replace("\n", "", $subject); $subject = str_replace("`n", "", $subject); $body = safeescape($body); if (isset($prefs['dirtyemail']) && $prefs['dirtyemail'] || $from == 0) { } else { $subject = soap($subject, false, "mail"); $body = soap($body, false, "mail"); } } $sql = "INSERT INTO " . db_prefix("mail") . " (msgfrom,msgto,subject,body,sent,originator) VALUES ('" . $from . "','" . (int) $to . "','{$subject}','{$body}','" . date("Y-m-d H:i:s") . "', " . $session['user']['acctid'] . ")"; db_query($sql); invalidatedatacache("mail-{$to}"); $email = false; if (isset($prefs['emailonmail']) && $prefs['emailonmail'] && $from > 0) { $email = true; } elseif (isset($prefs['emailonmail']) && $prefs['emailonmail'] && $from == 0 && isset($prefs['systemmail']) && $prefs['systemmail']) { $email = true; } $emailadd = ""; if (isset($row['emailaddress'])) { $emailadd = $row['emailaddress']; } if (!is_email($emailadd)) { $email = false; } if ($email && !$noemail) { if ($serialized & 2) { $body = unserialize(stripslashes($body)); $body = translate_mail($body, $to); } if ($serialized & 1) { $subject = unserialize(stripslashes($subject)); $subject = translate_mail($subject, $to); } $sql = "SELECT name FROM " . db_prefix("accounts") . " WHERE acctid='{$from}'"; $result = db_query($sql); $row1 = db_fetch_assoc($result); db_free_result($result); if ($row1['name'] != "") { $fromline = full_sanitize($row1['name']); } else { $fromline = translate_inline("The Green Dragon", "mail"); } $sql = "SELECT name FROM " . db_prefix("accounts") . " WHERE acctid='{$to}'"; $result = db_query($sql); $row1 = db_fetch_assoc($result); db_free_result($result); $toline = full_sanitize($row1['name']); // We've inserted it into the database, so.. strip out any formatting // codes from the actual email we send out... they make things // unreadable $body = preg_replace("'[`]n'", "\n", $body); $body = full_sanitize($body); $subject = htmlentities($subject, ENT_COMPAT, getsetting("charset", "ISO-8859-1")); $mailsubj = translate_mail(array("New LoGD Mail (%s)", $subject), $to); $mailbody = translate_mail(array("You have received new mail on LoGD at http://%s`n`n" . "-=-=-=-=-=-=-=-=-=-=-=-=-=-`n" . "From: %s`n" . "To: %s`n" . "Subject: %s`n" . "Body: `n%s`n" . "-=-=-=-=-=-=-=-=-=-=-=-=-=-" . "`nDo not respond directly to this email, it was sent from the game email address, and not the email address of the person who sent you the " . "message. If you wish to respond, log into Legend of the Green Dragon at http://%s .`n`n" . "You may turn off these alerts in your preferences page, available from the village square.", $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']), $fromline, $toline, full_sanitize(stripslashes($subject)), stripslashes($body), $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])), $to); mail($row['emailaddress'], $mailsubj, str_replace("`n", "\n", $mailbody), "From: " . getsetting("gameadminemail", "postmaster@localhost")); } invalidatedatacache("mail-{$to}"); }
echo "Ok - added"; } }elseif ($_GET[op]=="net"){ $sql = "SELECT address,description FROM logdnet WHERE lastupdate > '".date("Y-m-d H:i:s",strtotime("-7 days"))."' ORDER BY priority DESC"; $result=db_query($sql); for ($i=0;$i<db_num_rows($result);$i++){ $row = db_fetch_assoc($result); $row = serialize($row); echo $row."\n"; } }else{ page_header("LoGD Net"); //$sql = "SELECT * FROM logdnet ORDER BY priority DESC"; //$result=db_query($sql); addnav("Return to the login page","index.php"); output("`@Below are a list of other LoGD servers that have registered with the LoGD Net."); output("<table>",true); $servers=file(getsetting("logdnetserver","http://lotgd.net/")."logdnet.php?op=net"); while (list($key,$val)=each($servers)){ $row=unserialize($val); if (trim($row[description])=="") $row[description]="Another LoGD Server"; if (substr($row[address],0,7)!="http://"){ }else{ output("<tr><td><a href='".HTMLEntities($row[address])."' target='_blank'>".soap(HTMLEntities($row[description]))."`0</a></td></tr>",true); } } output("</table>",true); page_footer(); } ?>
} $sql = "SELECT name,acctid,bio,biotime FROM accounts WHERE biotime<'9999-12-31' AND bio>'' ORDER BY biotime DESC LIMIT 100"; $result = db_query($sql); page_header("User Bios"); output("`b`&Player Bios:`0`b`n"); for ($i=0;$i<db_num_rows($result);$i++){ $row = db_fetch_assoc($result); if ($row['biotime']>$session['user']['recentcomments']) output("<img src='images/new.gif' alt='>' width='3' height='5' align='absmiddle'> ",true); output("`![<a href='bios.php?op=block&userid={$row['acctid']}'>Block</a>]",true); addnav("","bios.php?op=block&userid={$row['acctid']}"); output("`&{$row['name']}: `^".soap($row['bio'])."`n"); } db_free_result($result); addnav("G?Return to the Grotto","superuser.php"); addnav("M?Return to the Mundane","village.php"); addnav("Refresh","bios.php"); //output("`n`n`bBlocked Bios:`b`n"); //This seems unneeded since we print it below $sql = "SELECT name,acctid,bio,biotime FROM accounts WHERE biotime>'9000-01-01' AND bio>'' ORDER BY biotime DESC LIMIT 100"; $result = db_query($sql); output("`n`n`b`&Blocked Bios:`0`b`n"); for ($i=0;$i<db_num_rows($result);$i++){ $row = db_fetch_assoc($result); output("`![<a href='bios.php?op=unblock&userid={$row['acctid']}'>Unblock</a>]",true); addnav("","bios.php?op=unblock&userid={$row['acctid']}"); output("`&{$row['name']}: `^".soap($row['bio'])."`n"); } db_free_result($result); page_footer(); ?>
function addcommentary() { global $HTTP_POST_VARS, $session, $REQUEST_URI, $HTTP_GET_VARS, $doublepost; $doublepost = 0; if ((int) getsetting("expirecontent", 180) > 0) { $sql = "DELETE FROM commentary WHERE postdate<'" . date("Y-m-d H:i:s", strtotime("-" . getsetting("expirecontent", 180) . " days")) . "'"; db_query($sql); } $section = $HTTP_POST_VARS['section']; $talkline = $HTTP_POST_VARS['talkline']; if ($HTTP_POST_VARS['insertcommentary'][$section] !== NULL && trim($HTTP_POST_VARS['insertcommentary'][$section]) != "") { $commentary = str_replace("`n", "", soap($HTTP_POST_VARS['insertcommentary'][$section])); $y = strlen($commentary); for ($x = 0; $x < $y; $x++) { if (substr($commentary, $x, 1) == "`") { $colorcount++; if ($colorcount >= getsetting("maxcolors", 10)) { $commentary = substr($commentary, 0, $x) . preg_replace("'[`].'", "", substr($commentary, $x)); $x = $y; } $x++; } } if (substr($commentary, 0, 1) != ":" && substr($commentary, 0, 2) != "::" && substr($commentary, 0, 3) != "/me" && $session['user']['drunkenness'] > 0) { //drunk people shouldn't talk very straight. $straight = $commentary; $replacements = 0; while ($replacements / strlen($straight) < $session['user']['drunkenness'] / 500) { $slurs = array("a" => "aa", "e" => "ee", "f" => "ff", "h" => "hh", "i" => "iy", "l" => "ll", "m" => "mm", "n" => "nn", "o" => "oo", "r" => "rr", "s" => "sh", "u" => "oo", "v" => "vv", "w" => "ww", "y" => "yy", "z" => "zz"); if (e_rand(0, 9)) { srand(e_rand()); $letter = array_rand($slurs); $x = strpos(strtolower($commentary), $letter); if ($x !== false && substr($comentary, $x, 5) != "*hic*" && substr($commentary, max($x - 1, 0), 5) != "*hic*" && substr($commentary, max($x - 2, 0), 5) != "*hic*" && substr($commentary, max($x - 3, 0), 5) != "*hic*" && substr($commentary, max($x - 4, 0), 5) != "*hic*") { if (substr($commentary, $x, 1) != strtolower($letter)) { $slurs[$letter] = strtoupper($slurs[$letter]); } else { $slurs[$letter] = strtolower($slurs[$letter]); } $commentary = substr($commentary, 0, $x) . $slurs[$letter] . substr($commentary, $x + 1); $replacements++; } } else { $x = e_rand(0, strlen($commentary)); if (substr($commentary, $x, 5) == "*hic*") { $x += 5; } //output("moved 5 to $x "); if (substr($commentary, max($x - 1, 0), 5) == "*hic*") { $x += 4; } //output("moved 4 to $x "); if (substr($commentary, max($x - 2, 0), 5) == "*hic*") { $x += 3; } //output("moved 3 to $x "); if (substr($commentary, max($x - 3, 0), 5) == "*hic*") { $x += 2; } //output("moved 2 to $x "); if (substr($commentary, max($x - 4, 0), 5) == "*hic*") { $x += 1; } //output("moved 1 to $x "); $commentary = substr($commentary, 0, $x) . "*hic*" . substr($commentary, $x); //output($commentary."`n"); $replacements++; } //end if } //end while //output("$replacements replacements (".($replacements/strlen($straight)).")`n"); while (strpos($commentary, "*hic**hic*")) { $commentary = str_replace("*hic**hic*", "*hic*hic*", $commentary); } } //end if $commentary = preg_replace("'([^[:space:]]{45,45})([^[:space:]])'", "\\1 \\2", $commentary); if ($session['user']['drunkenness'] > 50) { $talkline = "drunkenly {$talkline}"; } $talkline = translate($talkline); if ($talkline != "says" && substr($commentary, 0, 1) != ":" && substr($commentary, 0, 2) != "::" && substr($commentary, 0, 3) != "/me") { $commentary = ":`3{$talkline}, \\\"`#{$commentary}`3\\\""; } $sql = "SELECT commentary.comment,commentary.author FROM commentary WHERE section='{$section}' ORDER BY commentid DESC LIMIT 1"; $result = db_query($sql) or die(db_error(LINK)); $row = db_fetch_assoc($result); db_free_result($result); if ($row['comment'] != $commentary || $row['author'] != $session['user']['acctid']) { $sql = "INSERT INTO commentary (postdate,section,author,comment) VALUES (now(),'{$section}'," . $session['user']['acctid'] . ",\"{$commentary}\")"; db_query($sql) or die(db_error(LINK)); } else { $doublepost = 1; } } }
addnav("", "badword.php?op=add"); addnav("", "badword.php?op=remove"); addnav("", "badword.php?op=test"); $sql = "SELECT * FROM nastywords"; $result = db_query($sql); $row = db_fetch_assoc($result); $words = split(" ", $row['words']); reset($words); if ($_GET['op'] == "add") { array_push($words, stripslashes($_POST['word'])); } if ($_GET['op'] == "remove") { unset($words[array_search(stripslashes($_POST['word']), $words)]); } if ($_GET['op'] == "test") { output("`7The result of your word test is `^" . soap($_POST['word']) . "`7. (If you do not have bad word filtering turned on, this test will not work).`n`n"); } sort($words); $lastletter = ""; while (list($key, $val) = each($words)) { if (trim($val) == "") { unset($words[$key]); } else { if (substr($val, 0, 1) != $lastletter) { $lastletter = substr($val, 0, 1); output("`n`n`^`b" . strtoupper($lastletter) . "`b`@`n"); } output($val . " "); } } if ($_GET['op'] == "add" || $_GET['op'] == "remove") {
$number = db_num_rows($result); for ($i = 0; $i < $number; $i++) { $row = db_fetch_assoc($result); if ($row['biotime'] > $session['user']['recentcomments']) { rawoutput("<img src='images/new.gif' alt='>' width='3' height='5' align='absmiddle'> "); } output_notl("`![<a href='bios.php?op=block&userid={$row['acctid']}'>{$block}</a>]", true); addnav("", "bios.php?op=block&userid={$row['acctid']}"); output_notl("`&%s`0: `^%s`0`n", $row['name'], soap($row['bio'])); } db_free_result($result); require_once "lib/superusernav.php"; superusernav(); addnav("Moderation"); if ($session['user']['superuser'] & SU_EDIT_COMMENTS) { addnav("Return to Comment Moderation", "moderate.php"); } addnav("Refresh", "bios.php"); $sql = "SELECT name,acctid,bio,biotime FROM " . db_prefix("accounts") . " WHERE biotime>'9000-01-01' AND bio>'' ORDER BY biotime DESC LIMIT 100"; $result = db_query($sql); output("`n`n`b`&Blocked Bios:`0`b`n"); $unblock = translate_inline("Unblock"); $number = db_num_rows($result); for ($i = 0; $i < $number; $i++) { $row = db_fetch_assoc($result); output_notl("`![<a href='bios.php?op=unblock&userid={$row['acctid']}'>{$unblock}</a>]", true); addnav("", "bios.php?op=unblock&userid={$row['acctid']}"); output_notl("`&%s`0: `^%s`0`n", $row['name'], soap($row['bio'])); } db_free_result($result); page_footer();
$i = 0; while (list($key, $val) = each($servers)) { $row = unserialize($val); // If we aren't given an address, continue on. if (substr($row['address'], 0, 7) != "http://" && substr($row['address'], 0, 8) != "https://") { continue; } // Give undescribed servers a boring descriptionn if (trim($row['description']) == "") { $row['description'] = "Another boring and undescribed LotGD server"; } // Strip out any embedded html. $row['description'] = preg_replace("|<[a-zA-Z0-9/ =]+>|", "", $row['description']); // Clean up the desc $row['description'] = logdnet_sanitize($row['description']); $row['description'] = soap($row['description']); // Limit descs to 75 characters. if (strlen($row['description']) > 75) { $row['description'] = substr($row['description'], 0, 75); } $row['description'] = htmlentities(stripslashes($row['description']), ENT_COMPAT, getsetting("charset", "ISO-8859-1")); $row['description'] = str_replace("`&", "`&", $row['description']); // Correct for old logdnet servers if ($row['version'] == "") { $row['version'] = translate_inline("Unknown"); } // Output the information we have. rawoutput("<tr class='" . ($i % 2 == 0 ? "trlight" : "trdark") . "'>"); rawoutput("<td><a href=\"" . HTMLEntities($row['address'], ENT_COMPAT, getsetting("charset", "ISO-8859-1")) . "\" target='_blank'>"); output_notl("`&%s`0", $row['description'], true); rawoutput("</a></td><td>");
function injectcommentary($section, $talkline, $comment) { global $session, $doublepost; // Make the comment pristine so that we match on it correctly. $comment = stripslashes($comment); $doublepost = 0; $emptypost = 0; $colorcount = 0; if ($comment != "") { $commentary = str_replace("`n", "", soap($comment)); //maximum color code changes removed for performance reasons // $y = strlen($commentary); // for ($x=0;$x<$y;$x++){ // if (substr($commentary,$x,1)=="`"){ // $colorcount++; // if ($colorcount>=getsetting("maxcolors",10)){ // $commentary = substr($commentary,0,$x).color_sanitize(substr($commentary,$x)); // $x=$y; // } // $x++; // } // } $info = array(); $info['rawcomment'] = $comment; $clanid = $session['user']['clanid']; if ($clanid && $session['user']['clanrank']) { $clansql = "SELECT clanname,clanshort FROM " . db_prefix("clans") . " WHERE clanid='{$clanid}'"; $clanresult = db_query($clansql); $clanrow = db_fetch_assoc($clanresult); $info['clanname'] = $clanrow['clanname']; $info['clanshort'] = $clanrow['clanshort']; $info['clanid'] = $clanid; $info['clanrank'] = $session['user']['clanrank']; } if (!isset($session['user']['prefs']['ucol'])) { $session['user']['prefs']['ucol'] = false; } else { $info['talkcolour'] = $session['user']['prefs']['ucol']; } $args = array('commentline' => $commentary, 'commenttalk' => $talkline, 'info' => $info, 'name' => $session['user']['name'], 'section' => $section); $args = modulehook("postcomment", $args); //debug($args); if ($args['ignore'] == 1) { //A module tells us to ignore this comment, so we will return false; } $commentary = $args['commentline']; $talkline = $args['commenttalk']; $info = $args['info']; $name = $args['name']; $talkline = translate_inline($talkline); //Try to make it so that italics are always closed properly $italics = substr_count($commentary, "`i"); if ($italics) { if ($odd = $italics % 2) { //odd number of italics - add one at the end $commentary .= "`i"; } } //Clean up the comment a bit $commentary = preg_replace("'([^[:space:]]{45,45})([^[:space:]])'", "\\1 \\2", $commentary); $commentary = addslashes($commentary); // Sort out /game switches if (substr($commentary, 0, 5) == "/game" && ($session['user']['superuser'] & SU_IS_GAMEMASTER) == SU_IS_GAMEMASTER) { //handle game master inserts now, allow double posts injectsystemcomment($section, $commentary); } else { //check for double posts $commentbuffer = datacache("commentary/latestcommentary_" . $section, 60); if (is_array($commentbuffer)) { if ($commentbuffer[0]['comment'] == stripslashes($commentary)) { $doublepost = true; } } else { $sql = "SELECT comment FROM " . db_prefix("commentary") . " WHERE section='{$section}' AND author='" . $session['user']['acctid'] . "' ORDER BY commentid DESC LIMIT 1"; $result = db_query($sql); $row = db_fetch_assoc($result); db_free_result($result); if ($row['comment'] == stripslashes($commentary)) { $doublepost = true; } } if (!$doublepost) { //Not a double post, inject the comment injectrawcomment($section, $session['user']['acctid'], $commentary, $session['user']['name'], $info); $session['user']['laston'] = date("Y-m-d H:i:s"); } } } }
function injectcommentary($section, $talkline, $comment) { global $session, $doublepost; // Make the comment pristine so that we match on it correctly. $comment = stripslashes($comment); $doublepost = 0; $emptypost = 0; $colorcount = 0; if ($comment != "") { $commentary = str_replace("`n", "", soap($comment)); //removed for performance // $y = strlen($commentary); // for ($x=0;$x<$y;$x++){ // if (substr($commentary,$x,1)=="`"){ // $colorcount++; // if ($colorcount>=getsetting("maxcolors",10)){ // $commentary = substr($commentary,0,$x).color_sanitize(substr($commentary,$x)); // $x=$y; // } // $x++; // } // } $info = array(); $clanid = $session['user']['clanid']; if ($clanid) { $clansql = "SELECT clanname,clanshort FROM " . db_prefix("clans") . " WHERE clanid='{$clanid}'"; $clanresult = db_query($clansql); $clanrow = db_fetch_assoc($clanresult); $info['clanname'] = $clanrow['clanname']; $info['clanshort'] = $clanrow['clanshort']; $info['clanid'] = $clanid; } $args = array('commentline' => $commentary, 'commenttalk' => $talkline, 'info' => $info, 'name' => $session['user']['name']); $args = modulehook("commentary", $args); if ($args['ignore'] == 1) { //Ignore this comment, it is likely a side-effect of using the Special switch return; } $commentary = $args['commentline']; $talkline = $args['commenttalk']; $info = $args['info']; $name = $args['name']; $talkline = translate_inline($talkline); //Clean up the comment a bit $commentary = preg_replace("'([^[:space:]]{45,45})([^[:space:]])'", "\\1 \\2", $commentary); $commentary = addslashes($commentary); // do an emote if the area has a custom talkline and the user // isn't trying to emote already. if ($talkline != "says" && substr($commentary, 0, 1) != ":" && substr($commentary, 0, 2) != "::" && substr($commentary, 0, 3) != "/me" && substr($commentary, 0, 5) != "/game") { $commentary = ":`3{$talkline}, \\\"`#{$commentary}`3\\\""; } // Sort out /game switches if (substr($commentary, 0, 5) == "/game" && ($session['user']['superuser'] & SU_IS_GAMEMASTER) == SU_IS_GAMEMASTER) { //handle game master inserts now, allow double posts injectsystemcomment($section, $commentary); } else { //This query checks for double posts $sql = "SELECT comment,author FROM " . db_prefix("commentary") . " WHERE section='{$section}' ORDER BY commentid DESC LIMIT 1"; $result = db_query($sql); $row = db_fetch_assoc($result); db_free_result($result); if ($row['comment'] != stripslashes($commentary) || $row['author'] != $session['user']['acctid']) { //Not a double post, inject the comment injectrawcomment($section, $session['user']['acctid'], $commentary, $session['user']['name'], $info); $session['user']['laston'] = date("Y-m-d H:i:s"); } else { $doublepost = 1; } } } }