예제 #1
function AddMessage($M, $T, $R, $U, $C, $Private, $Read, $RF, $Charset)
    global $DbLink, $Latin1, $status, $Read, $M1, $COLOR_TB;
    #	if (C_BOT_CONTROL && C_BOT_PUBLIC && $Private == "")
    if (C_BOT_CONTROL && C_BOT_PUBLIC && $Private == "" && !(preg_match("#^\\/#", $M) || preg_match("#^:#", $M))) {
        //--Bot Control Popeye
        #		include("./bot/respond.php";
        $botpath = "botfb/" . $U . ".txt";
        $botcontrol = "botfb/" . $R . ".txt";
        if (file_exists($botcontrol)) {
            # 		if (file_exists ($botpath) || eregi(mb_convert_case(C_BOT_NAME,MB_CASE_LOWER,$Charset), mb_convert_case($M,MB_CASE_LOWER,$Charset)))
            if (file_exists($botpath) || stripos(mb_convert_case($M, MB_CASE_LOWER, $Charset), mb_convert_case(C_BOT_NAME, MB_CASE_LOWER, $Charset)) !== false) {
                include "./lib/bot.lib.php";
    //---End Bot Control
    if (!isset($M1)) {
        $M1 = $M;
    $M = str_replace("\"", """, $M);
    $M = str_replace("'", "'", $M);
    $M = str_ireplace("<applet", "", $M);
    $M = str_ireplace("<javascript", "", $M);
    // Text formating tags
    if (C_HTML_TAGS_KEEP == "none") {
        if (!C_HTML_TAGS_SHOW) {
            // eliminates every HTML like tags
            $M = str_replace("<[^>]+>", "", $M);
            $M = str_replace("x3c", "", $M);
            $M = str_replace("x3e", "", $M);
        } else {
            // or keep it without effect
            $M = str_replace("<", "&lt;", $M);
            $M = str_replace(">", "&gt;", $M);
            $M = str_replace("x3c", "&lt;", $M);
            $M = str_replace("x3e", "&gt;", $M);
    } else {
        // then C_HTML_TAGS_KEEP == "simple", we keep U, B and I tags
        $M = str_replace("<", "&lt;", $M);
        $M = str_replace(">", "&gt;", $M);
        $M = str_replace("x3c", "&lt;", $M);
        $M = str_replace("x3e", "&gt;", $M);
        if (function_exists("preg_match")) {
            while (preg_match("/&lt;([ubi]?)&gt;(.*?)&lt;(\\/\\1)&gt;/i", $M)) {
                $M = preg_replace("/&lt;([ubi]?)&gt;(.*?)&lt;(\\/\\1)&gt;/i", "<\\1>\\2<\\3>", $M);
            if (!C_HTML_TAGS_SHOW) {
                $M = preg_replace("/&lt;\\/?[ubi]?&gt;/i", "", $M);
    // Text Direction for dir commands by Ciprian
     	if(ereg('^bdo_rtl',$M)) $M = str_replace('bdo_rtl', '<BDO dir="rtl">', $M)."</BDO>";
    	elseif(ereg('^bdo_ltr',$M)) $M = str_replace('bdo_ltr', '<BDO dir="ltr">', $M)."</BDO>";
    if (preg_match('/^bdo_rtl/', $M)) {
        $M = str_replace('bdo_rtl', '<BDO dir="rtl">', $M) . "</BDO>";
    } elseif (preg_match('/^bdo_ltr/', $M)) {
        $M = str_replace('bdo_ltr', '<BDO dir="ltr">', $M) . "</BDO>";
    // URL
    	$M = eregi_replace('([[:space:]]|^)(www[.])', '\\1http://\\2', $M); // no prefix (www.myurl.ext)
    	$M = eregi_replace('([[:space:]]|^)(ftp[.])', '\\1ftp://\\2', $M); // no prefix (ftp.myurl.ext)
    $M = preg_replace('/([[:space:]]|^)(www[.])/i', '\\1http://\\2', $M);
    // no prefix (www.myurl.ext)
    $M = preg_replace('/([[:space:]]|^)(ftp[.])/i', '\\1ftp://\\2', $M);
    // no prefix (ftp.myurl.ext)
    // Word wrap fix by Alexander Eisele <*****@*****.**> - deprecated by Ciprian due to japanese (2-bytes undesired trimming)
    if (!preg_match_all("((http://|https://|ftp://|mailto:)[^ ]+)", $M, $pmatch)) {
        $M = wordwrap($M, 40, " ", 1);
    	$prefix = '(http|https|ftp|telnet|news|gopher|file|wais)://';
    	$pureUrl = '([[:alnum:]/\n+-=%&:_.~?]+[#[:alnum:]+-_~]*)';
    $prefix = '(http|https|ftp|telnet|news|gopher|file|wais):\\/\\/';
    $pureUrl = '([[:alnum:]\\/\\n+-=%&:_.~?]+[#[:alnum:]+-_~]*)';
    if (C_POPUP_LINKS) {
        $purl = "";
        for ($x = 0; $x < count($pmatch[0]); $x++) {
            $purl .= "||" . $pmatch[0][$x];
        #		$M = eregi_replace($prefix.$pureUrl, '<a href="links.php?link='.urlencode($purl).'" target="_blank"></a>', $M);
        $M = preg_replace("/" . $prefix . $pureUrl . "/i", '<a href="links.php?link=' . urlencode($purl) . '" target="_blank"></a>', $M);
    } else {
        $M = preg_replace("/" . $prefix . $pureUrl . "/i", '<a href="\\1://\\2" target="_blank">\\1://\\2</a>', $M);
    // e-mail addresses
    //	$M = eregi_replace('([0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-wyz][a-z](fo|g|l|m|mes|o|op|pa|ro|seum|t|u|v|z)?)', '<a href="mailto:\\1" alt="Send email">\\1</a>', $M);
    // Added the new top-level domains (mail, asia, travel, aso)
    #	$M = eregi_replace('([0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-wyz][a-z](avel|bi|bs|fo|g|ia|l|m|me|mes|o|op|pa|ro|seum|t|to|u|v|z)?)', '<a href="mailto:\\1" alt="Send email">\\1</a>', $M);
    $M = preg_replace('/([0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-wyz][a-z](avel|bi|bs|fo|g|ia|l|m|me|mes|o|op|pa|ro|seum|t|to|u|v|z)?)/i', '<a href="mailto:\\1" alt="Send email">\\1</a>', $M);
    if (C_EN_STATS) {
        #		if(eregi('<a href="mailto',$M)) $DbLink->query("UPDATE ".C_STS_TBL." SET emails_posted=emails_posted+1 WHERE stat_date=FROM_UNIXTIME(last_in,'%Y-%m-%d') AND room='$R' AND username='******'");
        if (stripos($M, '<a href="mailto') !== false) {
            $DbLink->query("UPDATE " . C_STS_TBL . " SET emails_posted=emails_posted+1 WHERE stat_date=FROM_UNIXTIME(last_in,'%Y-%m-%d') AND room='{$R}' AND username='******'");
        #		if(eregi('<a href="http',$M)) $DbLink->query("UPDATE ".C_STS_TBL." SET urls_posted=urls_posted+1 WHERE stat_date=FROM_UNIXTIME(last_in,'%Y-%m-%d') AND room='$R' AND username='******'");
        if (stripos($M, '<a href="http') !== false) {
            $DbLink->query("UPDATE " . C_STS_TBL . " SET urls_posted=urls_posted+1 WHERE stat_date=FROM_UNIXTIME(last_in,'%Y-%m-%d') AND room='{$R}' AND username='******'");
    // Smilies
    if (C_USE_SMILIES) {
        include "./lib/smilies.lib.php";
        $ss = Check4Smilies($M, $SmiliesTbl);
        if (C_EN_STATS && $ss > 0) {
            $DbLink->query("UPDATE " . C_STS_TBL . " SET smilies_posted=smilies_posted+{$ss} WHERE stat_date=FROM_UNIXTIME(last_in,'%Y-%m-%d') AND room='{$R}' AND username='******'");
        unset($SmiliesTbl, $ss);
    // transform ISO-8859-1 special characters
    if ($Latin1) {
        global $MsgTo;
        #		ereg("(.*)(".$MsgTo."(&gt;)?)(.*)",$M,$Regs);
        preg_match("/(.*)(" . $MsgTo . "(&gt;)?)(.*)/", $M, $Regs);
        if ($MsgTo != "" && ($Regs[1] == "" && $Regs[4] == "")) {
            $Regs[4] = $M;
        #		if (!ereg("&[[:alnum:]]{1,10};",$Regs[1]) && !ereg("&[[:alnum:]]{1,10};",$Regs[4]))
        if (!preg_match("/&[[:alnum:]]{1,10};/", $Regs[1]) && !preg_match("/&[[:alnum:]]{1,10};/", $Regs[4])) {
            for ($i = 1; $i <= 4; $i++) {
                if ($i != 1 && $i != 4 || $Regs[$i] == "") {
                $part = $Regs[$i];
                $part = htmlentities($part);
                $part = str_replace("&amp;lt;", "&lt;", $part);
                $part = str_replace("&amp;gt;", "&gt;", $part);
                $part = str_replace("&lt;", "<", $part);
                $part = str_replace("&gt;", ">", $part);
                $part = str_replace("&quot;", "\"", $part);
                #				$part = ereg_replace("&amp;(#[[:digit:]]{2,5};)", "&\\1", $part);
                $part = preg_replace("/&amp;(#[[:digit:]]{2,5};)/", "&\\1", $part);
                $Regs[$i] = $part;
            $M = $Regs[1] . $Regs[2] . $Regs[4];
    // Color Sniffer scripting safe mode filter by Alexander Eisele <*****@*****.**> & Ciprian
    $C = str_replace("<", "&lt;", $C);
    $C = str_replace(">", "&gt;", $C);
    $C = str_replace("\"", "&quot;", $C);
    $C = str_replace("x3c", "&lt;", $C);
    $C = str_replace("x3e", "&gt;", $C);
    $CC = array("", "black", "dimgray", "gray", "darkgray", "silver", "lightgrey", "gainsboro", "whitesmoke", "ghostwhite", "white", "slategray", "lightslategray", "midnightblue", "navy", "darkblue", "darkslateblue", "mediumblue", "blue", "steelblue", "royalblue", "cornflowerblue", "dodgerblue", "deepskyblue", "lightskyblue", "skyblue", "lightsteelblue", "lightblue", "powderblue", "paleturquoise", "lightcyan", "aliceblue", "azure", "mintcream", "darkslategray", "cadetblue", "teal", "darkcyan", "lightseagreen", "darkturquoise", "mediumturquoise", "turquoise", "aqua", "cyan", "mediumaquamarine", "aquamarine", "darkolivegreen", "olive", "olivedrab", "darkkhaki", "darkgreen", "green", "forestgreen", "seagreen", "mediumseagreen", "darkseagreen", "mediumspringgreen", "springgreen", "palegreen", "honeydew", "limegreen", "lime", "lightgreen", "lawngreen", "chartreuse", "greenyellow", "yellowgreen", "indigo", "purple", "darkmagenta", "darkviolet", "darkorchid", "mediumorchid", "orchid", "violet", "plum", "thistle", "blueviolet", "mediumpurple", "slateblue", "mediumslateblue", "lavender", "mediumvioletred", "magenta", "fuchsia", "deeppink", "palevioletred", "hotpink", "lightpink", "pink", "mistyrose", "lavenderblush", "maroon", "darkred", "firebrick", "crimson", "red", "orangered", "tomato", "indianred", "lightcoral", "salmon", "darksalmon", "lightsalmon", "coral", "darkorange", "orange", "sandybrown", "darkgoldenrod", "goldenrod", "gold", "yellow", "khaki", "palegoldenrod", "lemonchiffon", "cornsilk", "lightgoldenrodyellow", "beige", "lightyellow", "ivory", "rosybrown", "saddlebrown", "brown", "sienna", "chocolate", "peru", "tan", "burlywood", "wheat", "navajowhite", "peachpuff", "moccasin", "bisque", "blanchedalmond", "papayawhip", "antiquewhite", "linen", "oldlace", "seashell", "floralwhite", "snow");
    if (trim($C) != "") {
        if (!in_array($C, $CC)) {
            $C = "lime";
    //Color's Power Filter Mod by Ciprian
    if (isset($_COOKIE["CookieColor"]) && !isset($C)) {
        $C = strcasecmp($_COOKIE["CookieColor"], $COLOR_TB) != 0 ? $_COOKIE["CookieColor"] : '';
    } else {
        $DbLink->query("SELECT colorname FROM " . C_REG_TBL . " WHERE username = '******' LIMIT 1");
        if ($DbLink->num_rows() != 0 && !isset($C)) {
            list($C) = $DbLink->next_record();
    if (COLOR_FILTERS) {
        if (!isset($C)) {
            if ($status == "a" || $status == "t") {
                $C = COLOR_CA;
            } elseif ($status == "m") {
                $C = COLOR_CM;
        } elseif ($C != '') {
            // Red colors are reserved to the admin
            if ((strcasecmp($C, COLOR_CA) == 0 || strcasecmp($C, COLOR_CA1) == 0 || strcasecmp($C, COLOR_CA2) == 0) && $C != "" && $status != "a" && $status != "t") {
                if ($status == "m") {
                    $C = COLOR_CM;
                    //default moderator's color
                } else {
                    $C = '';
                    //default color
            } elseif ((strcasecmp($C, COLOR_CM) == 0 || strcasecmp($C, COLOR_CM1) == 0 || strcasecmp($C, COLOR_CM2) == 0) && $C != "" && $status != "a" && $status != "t" && $status != "m") {
                $C = '';
                //default color
            } elseif (strcasecmp($C, $COLOR_TB) == 0) {
                $C = '';
    if (!COLOR_ALLOW_GUESTS && $status == "u") {
        $C = '';
    include_once "./lib/swearing.lib.php";
    if (checkwords($C, true, $Charset)) {
        $C = '';
    //if user is using a swear word (defined in swearing.lib.php), the font color will resets to default. this is to keep your database as well as our computer clean of swearing (no swear into your cookies on your local computer).
    if (isset($C) && $C != '' && strcasecmp($C, COLOR_CD) != 0) {
        $M = "<FONT COLOR=\"" . $C . "\">" . $M . "</FONT>";
        setcookie("CookieColor", $C, time() + 60 * 60 * 24 * 365);
        // cookie expires in one year
    } elseif (isset($_COOKIE["CookieColor"])) {
        setcookie("CookieColor", '', time());
        // cookie expires in one year
    // Text tags for power users
        $text_tag = "";
        $text_endtag = "";
        if ($status == "a" || $status == "t" || $status == "m") {
            if (stristr(C_TAGS_POWERS, "B")) {
                $text_tag .= "<B>";
                $text_endtag .= "</B>";
            if (stristr(C_TAGS_POWERS, "I")) {
                $text_tag .= "<I>";
                $text_endtag .= "</I>";
            if (stristr(C_TAGS_POWERS, "U")) {
                $text_tag .= "<U>";
                $text_endtag .= "</U>";
        if ($text_tag != "") {
            $M = $text_tag . $M . $text_endtag;
    $DbLink->query("INSERT INTO " . C_MSG_TBL . " VALUES ({$T}, '{$R}', '" . addslashes($U) . "', '{$Latin1}', " . time() . ", '{$Private}', '" . addslashes($M) . "', '{$Read}', '{$RF}')");
예제 #2
             // if it does delete it.
         #								$DbLink = new DB;
         $DbLink->query("INSERT INTO " . C_MSG_TBL . " VALUES ({$T}, '{$R}', 'SYS topic reset', '{$Latin1}', " . time() . ", '{$U}', '', '', '')");
     } else {
         if (file_exists($topgpath)) {
             // if it does delete it.
         #									$DbLink = new DB;
         $DbLink->query("INSERT INTO " . C_MSG_TBL . " VALUES ({$T}, '*', 'SYS topic reset', '{$Latin1}', " . time() . ", '{$U}', '', '', '')");
 } else {
     if (C_USE_SMILIES) {
         include "./lib/smilies.lib.php";
         $ss = Check4Smilies($Top, $SmiliesTbl);
         if (C_EN_STATS && $ss > 0) {
             $DbLink->query("UPDATE " . C_STS_TBL . " SET smilies_posted=smilies_posted+{$ss} WHERE stat_date=FROM_UNIXTIME(last_in,'%Y-%m-%d') AND room='{$R}' AND username='******'");
         unset($SmiliesTbl, $ss);
     // URL
     #	$Top = eregi_replace('([[:space:]]|^)(www[.])', '\\1http://\\2', $Top); // no prefix (www.myurl.ext)
     #	$Top = eregi_replace('([[:space:]]|^)(ftp[.])', '\\1ftp://\\2', $Top); // no prefix (ftp.myurl.ext)
     #	$Top = eregi_replace('([[:space:]]|^)(www)', '\\1http://\\2', $Top); // no prefix (www.myurl.ext)
     $Top = preg_replace('/([[:space:]]|^)(www[.])/i', '\\1http://\\2', $Top);
     // no prefix (www.myurl.ext)
     $Top = preg_replace('/([[:space:]]|^)(ftp[.])/i', '\\1ftp://\\2', $Top);
     // no prefix (ftp.myurl.ext)
     $Top = preg_replace('/([[:space:]]|^)(www)/i', '\\1http://\\2', $Top);
     // no prefix (www.myurl.ext)
예제 #3
         $purl .= "||" . $pmatch[0][$x];
     #		$xtra = eregi_replace($prefix.$pureUrl, '<a href="links.php?link='.urlencode($purl).'" target="_blank"></a>', $xtra);
     $xtra = preg_replace("/" . $prefix . $pureUrl . "/i", '<a href="links.php?link=' . urlencode($purl) . '" target="_blank"></a>', $xtra);
 } else {
     $xtra = preg_replace("/" . $prefix . $pureUrl . "/i", '<a href="\\1://\\2" target="_blank">\\1://\\2</a>', $xtra);
 // e-mail addresses
 //	$xtra = eregi_replace('([0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-wyz][a-z](fo|g|l|m|mes|o|op|pa|ro|seum|t|u|v|z)?)', '<a href="mailto:\\1" alt="Send email">\\1</a>', $xtra);
 // Added the new top-level domains (mail, asia, travel, aso)
 #	$xtra = eregi_replace('([0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-wyz][a-z](avel|bi|bs|fo|g|ia|l|m|me|mes|o|op|pa|ro|seum|t|to|u|v|z)?)', '<a href="mailto:\\1" alt="Send email">\\1</a>', $xtra);
 $xtra = preg_replace('/([0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-wyz][a-z](avel|bi|bs|fo|g|ia|l|m|me|mes|o|op|pa|ro|seum|t|to|u|v|z)?)/i', '<a href="mailto:\\1" alt="Send email">\\1</a>', $xtra);
 // Smilies
     include "./lib/smilies.lib.php";
     $ss = Check4Smilies($xtra, $SmiliesTbl);
     if (C_EN_STATS && $ss > 0) {
         $DbLink->query("UPDATE " . C_STS_TBL . " SET smilies_posted=smilies_posted+{$ss} WHERE stat_date=FROM_UNIXTIME(last_in,'%Y-%m-%d') AND room='{$R}' AND username='******'");
     unset($SmiliesTbl, $ss);
 // transform ISO-8859-1 special characters
 if ($Latin1) {
     global $MsgTo;
     #		ereg("(.*)(".$MsgTo."(&gt;)?)(.*)",$xtra,$Regs);
     preg_match("/(.*)(" . $MsgTo . "(&gt;)?)(.*)/", $xtra, $Regs);
     if ($MsgTo != "" && ($Regs[1] == "" && $Regs[4] == "")) {
         $Regs[4] = $xtra;
     #		if (!ereg("&[[:alnum:]]{1,10};",$Regs[1]) && !ereg("&[[:alnum:]]{1,10};",$Regs[4]))
     if (!preg_match("/&[[:alnum:]]{1,10};/", $Regs[1]) && !preg_match("/&[[:alnum:]]{1,10};/", $Regs[4])) {
예제 #4

// Slashes ' and " characters
function SpecialSlash(&$Str)
    return str_replace("\"", "&quot;", str_replace("'", "&#39;", $Str));
//if ($status == "a" || $status == "t") // use this line if you only want administrators to be able to use this.
if ($status == "m" || $status == "t" || $status == "a") {
    if (trim($Cmd[3]) != "") {
        $Mess = SpecialSlash($Cmd[3]);
        if (C_USE_SMILIES) {
            include "./lib/smilies.lib.php";
            $ss = Check4Smilies($Mess, $SmiliesTbl);
            if (C_EN_STATS && $ss > 0) {
                $DbLink->query("UPDATE " . C_STS_TBL . " SET smilies_posted=smilies_posted+{$ss} WHERE stat_date=FROM_UNIXTIME(last_in,'%Y-%m-%d') AND room='{$R}' AND username='******'");
            unset($SmiliesTbl, $ss);
        if (C_NO_SWEAR && $R != C_NO_SWEAR_ROOM1 && $R != C_NO_SWEAR_ROOM2 && $R != C_NO_SWEAR_ROOM3 && $R != C_NO_SWEAR_ROOM4) {
            include "./lib/swearing.lib.php";
            $Mess = " " . checkwords($Mess, false, $Charset);
            if (C_EN_STATS && isset($Found) && $b > 0) {
                $DbLink->query("UPDATE " . C_STS_TBL . " SET swears_posted=swears_posted+{$b} WHERE stat_date=FROM_UNIXTIME(last_in,'%Y-%m-%d') AND room='{$R}' AND username='******'");
            unset($Found, $b);
        $Mess .= " ...BUZZER...";
    #	if (eregi("~",$Cmd[2]))
    if (strpos($Cmd[2], "~") !== false) {
예제 #5
        $Error = L_NO_MODERATOR;
    } else {
        // Check for swear words in the message to be sent if there is one
        if (trim($Cmd[3]) != "") {
            $room_mess = $Cmd[3];
            if (C_NO_SWEAR && $R != C_NO_SWEAR_ROOM1 && $R != C_NO_SWEAR_ROOM2 && $R != C_NO_SWEAR_ROOM3 && $R != C_NO_SWEAR_ROOM4) {
                include "./lib/swearing.lib.php";
                $room_mess = checkwords($room_mess, false, $Charset);
                if (C_EN_STATS && isset($Found) && $b > 0) {
                    $DbLink->query("UPDATE " . C_STS_TBL . " SET swears_posted=swears_posted+{$b} WHERE stat_date=FROM_UNIXTIME(last_in,'%Y-%m-%d') AND room='{$R}' AND username='******'");
                unset($Found, $b);
            if (C_USE_SMILIES) {
                include "./lib/smilies.lib.php";
                $ss = Check4Smilies($room_mess, $SmiliesTbl);
                if (C_EN_STATS && $ss > 0) {
                    $DbLink->query("UPDATE " . C_STS_TBL . " SET smilies_posted=smilies_posted+{$ss} WHERE stat_date=FROM_UNIXTIME(last_in,'%Y-%m-%d') AND room='{$R}' AND username='******'");
                unset($SmiliesTbl, $ss);
        if (trim($Cmd[2]) == "*") {
            $DbLink->query("INSERT INTO " . C_MSG_TBL . " VALUES ({$T}, '*', 'SYS room', '{$Latin1}', " . time() . ", '{$U}', '" . addslashes(stripslashes($room_mess)) . "', '', '')");
        } else {
            $DbLink->query("INSERT INTO " . C_MSG_TBL . " VALUES ({$T}, '{$R}', 'SYS room', '{$Latin1}', " . time() . ", '{$U}', '" . addslashes(stripslashes($room_mess)) . "', '', '')");
        $IsCommand = true;
        $RefreshMessages = true;