function gf_replacesmilie($str) { global $_CONF, $_TABLES, $CONF_FORUM; if ($CONF_FORUM['allow_smilies']) { if (function_exists('msg_showsmilies') and $CONF_FORUM['use_smilies_plugin']) { $str = msg_replaceEmoticons($str); } else { $str = forum_xchsmilies($str); } } return $str; }
} else { $view_sentmsg = ''; } // Set Broadcast Display flag $broadcast_flag = $target == 0 ? '<IMG SRC="' . $CONF_MSG['imgset'] . '/pm_broadcast.gif" border="0" align="absmiddle" alt="' . $LANG_MSG['BROADCAST_MSG'] . '">' : ''; if ($source != $_USER['uid']) { if (DB_COUNT($_TABLES['messenger_buddies'], array('uid', 'buddy_id'), array($_USER['uid'], $source)) > 0) { $LANG_buddy = $LANG_MSG['DELBUDDY']; $buddylink = '<a href="' . $phpself . '?action=delbuddy&buddy=' . $source . '&sortoption=' . $sortoption . '"><img align="absmiddle" src="' . $CONF_MSG['imgset'] . '/del_buddy.gif" border="0" ALT="' . $LANG_buddy . '">'; } else { $LANG_buddy = $LANG_MSG['ADDBUDDY']; $buddylink = '<a href="' . $phpself . '?action=addbuddy&buddy=' . $source . '&sortoption=' . $sortoption . '"><img align="absmiddle" src="' . $CONF_MSG['imgset'] . '/add_buddy.gif" border="0" ALT="' . $LANG_buddy . '">'; } } if ($CONF_MSG['smiliesEnabled']) { $message = msg_replaceEmoticons($message); } if ($folder == "INBOX" or $folder == "ARCHIVE") { $msg_row->set_var('LANG_whom', $LANG_MSG['FROM']); } else { $msg_row->set_var('LANG_whom', $LANG_MSG['TO']); } $msg_row->set_var('new', $newmsg_flag); $msg_row->set_var('broadcast', $broadcast_flag); $msg_row->set_var('name', $name); $msg_row->set_var('viewlink', $view_sentmsg); $msg_row->set_var('message', $message); $msg_row->set_var('LANG_subject', $LANG_MSG['SUBJECT']); $msg_row->set_var('subject', $subject); $msg_row->set_var('LANG_buddy', $LANG_buddy); $msg_row->set_var('buddylink', $buddylink);
/** * This function prints &$comments (db results set of comments) in comment format * -For previews, &$comments is assumed to be an associative array containing * data for a single comment. * * @param array &$comments Database result set of comments to be printed * @param string $mode 'flat', 'threaded', etc * @param string $type Type of item (article, polls, etc.) * @param string $order How to order the comments 'ASC' or 'DESC' * @param boolean $delete_option if current user can delete comments * @param boolean $preview Preview display (for edit) or not * @param int $ccode Comment code: -1=no comments, 0=allowed, 1=closed * @return string HTML Formated Comment * */ function CMT_getComment(&$comments, $mode, $type, $order, $delete_option = false, $preview = false, $ccode = 0, $sid_author_id = '') { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG03, $MESSAGE, $_IMAGE_TYPE; $indent = 0; // begin with 0 indent $retval = ''; // initialize return value $filter = sanitizer::getInstance(); $AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']); $filter->setAllowedelements($AllowedElements); $filter->setNamespace('glfusion', 'comment'); if ($mode == 'threaded') { $mode = 'nested'; } $template = new Template($_CONF['path_layout'] . 'comment'); $template->set_file(array('comment' => 'comment.thtml', 'thread' => 'thread.thtml')); // generic template variables $template->set_var('lang_authoredby', $LANG01[42]); $template->set_var('lang_on', $LANG01[36]); $template->set_var('lang_permlink', $LANG01[120]); $template->set_var('order', $order); if ($ccode == 0 && ($_CONF['commentsloginrequired'] == 0 || !COM_isAnonUser())) { $template->set_var('lang_replytothis', $LANG01[43]); $template->set_var('lang_reply', $LANG01[25]); } else { $template->set_var('lang_replytothis', ''); $template->set_var('lang_reply', ''); } // Make sure we have a default value for comment indentation if (!isset($_CONF['comment_indent'])) { $_CONF['comment_indent'] = 25; } if ($preview) { $A = $comments; if (empty($A['nice_date'])) { $A['nice_date'] = time(); } if (!isset($A['cid'])) { $A['cid'] = 0; } if (!isset($A['photo'])) { if (isset($_USER['photo'])) { $A['photo'] = $_USER['photo']; } else { $A['photo'] = ''; } } if (!isset($A['email'])) { if (isset($_USER['email'])) { $A['email'] = $_USER['email']; } else { $A['email'] = ''; } } $A['name'] = $A['username']; $mode = 'flat'; $template->set_var('preview_mode', true); } else { $A = DB_fetchArray($comments); $template->unset_var('preview_mode'); } if (empty($A)) { return ''; } $token = ''; if ($delete_option && !$preview) { $token = SEC_createToken(); } $row = 1; do { $template->unset_var('delete_link'); $template->unset_var('ipaddress'); $template->unset_var('reply_link'); $template->unset_var('edit_link'); //check for comment edit $commentedit = DB_query("SELECT cid,uid,UNIX_TIMESTAMP(time) as time FROM {$_TABLES['commentedits']} WHERE cid = " . (int) $A['cid']); $B = DB_fetchArray($commentedit); if ($B) { //comment edit present //get correct editor name if ($A['uid'] == $B['uid']) { $editname = $A['username']; } else { $editname = DB_getItem($_TABLES['users'], 'username', "uid=" . (int) $B['uid']); } //add edit info to text $dtObject = new Date($B['time'], $_USER['tzid']); $A['comment'] .= LB . '<div class="comment-edit">' . $LANG03[30] . ' ' . $dtObject->format($_CONF['date'], true) . ' ' . $LANG03[31] . ' ' . $editname . '</div><!-- /COMMENTEDIT -->'; } // determines indentation for current comment if ($mode == 'threaded' || $mode == 'nested') { $indent = ($A['indent'] - $A['pindent']) * $_CONF['comment_indent']; } // comment variables if (!isset($A['uid']) || $A['uid'] == '') { $A['uid'] = 1; } $template->set_var('indent', $indent); $template->set_var('author_name', $filter->sanitizeUsername($A['username'])); $template->set_var('author_id', $A['uid']); $template->set_var('cid', $A['cid']); $template->set_var('cssid', $row % 2); if ($sid_author_id != '' && $sid_author_id != 1 && $sid_author_id == $A['uid']) { $template->set_var('author_match', '1'); } else { $template->set_var('author_match', ''); } if ($A['uid'] > 1) { $fullname = COM_getDisplayName($A['uid'], $A['username'], isset($A['fullname']) ? $A['fullname'] : ''); $template->set_var('author_fullname', $fullname); $template->set_var('author', $fullname); $alttext = $fullname; $photo = ''; if ($_CONF['allow_user_photo']) { if (isset($A['photo']) && empty($A['photo'])) { $A['photo'] = ''; } $photo = USER_getPhoto($A['uid'], $A['photo'], $A['email']); $photo_raw = USER_getPhoto($A['uid'], $A['photo'], $A['email'], 64, 0); if (!empty($photo)) { $template->set_var('author_photo', $photo); $template->set_var('author_photo_raw', $photo_raw); $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""/>'; $template->set_var('camera_icon', COM_createLink($camera_icon, $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid'])); } else { $template->set_var('author_photo', '<img src="' . $_CONF['default_photo'] . '" alt="" class="userphoto"/>'); $template->set_var('author_photo_raw', $_CONF['default_photo']); $template->set_var('camera_icon', ''); } } else { $template->set_var('author_photo_raw', ''); $template->set_var('author_photo', ''); $template->set_var('camera_icon', ''); } $template->set_var('start_author_anchortag', '<a href="' . $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid'] . '">'); $template->set_var('end_author_anchortag', '</a>'); $template->set_var('author_link', COM_createLink($fullname, $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid'])); } else { $username = $filter->sanitizeUsername($A['name']); if ($username == '') { $username = $LANG01[24]; } $template->set_var('author', $username); $template->set_var('author_fullname', $username); $template->set_var('author_link', @htmlspecialchars($username, ENT_COMPAT, COM_getEncodingt())); if ($_CONF['allow_user_photo']) { $template->set_var('author_photo_raw', $_CONF['default_photo']); $template->set_var('author_photo', '<img src="' . $_CONF['default_photo'] . '" alt="" class="userphoto"/>'); $template->set_var('camera_icon', ''); } else { $template->set_var('author_photo_raw', ''); $template->set_var('author_photo', ''); $template->set_var('camera_icon', ''); } $template->set_var('start_author_anchortag', ''); $template->set_var('end_author_anchortag', ''); } // hide reply link from anonymous users if they can't post replies $hidefromanon = false; if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) { $hidefromanon = true; } // this will hide HTML that should not be viewed in preview mode if ($preview || $hidefromanon) { $template->set_var('hide_if_preview', 'style="display:none"'); } else { $template->set_var('hide_if_preview', ''); } $dtObject = new Date($A['nice_date'], $_USER['tzid']); $template->set_var('date', $dtObject->format($_CONF['date'], true)); $template->set_var('sid', $A['sid']); $template->set_var('type', $A['type']); //COMMENT edit rights if (!COM_isAnonUser()) { if ($_USER['uid'] == $A['uid'] && $_CONF['comment_edit'] == 1 && ($_CONF['comment_edittime'] == 0 || time() - $A['nice_date'] < $_CONF['comment_edittime']) && $ccode == 0 && DB_getItem($_TABLES['comments'], 'COUNT(*)', "pid = " . (int) $A['cid']) == 0) { $edit_option = true; } else { if (SEC_inGroup('Root')) { $edit_option = true; } else { $edit_option = false; } } } else { $edit_option = false; } //edit link if ($edit_option) { if (empty($token)) { $token = SEC_createToken(); } $editlink = $_CONF['site_url'] . '/comment.php?mode=edit&cid=' . $A['cid'] . '&sid=' . $A['sid'] . '&type=' . $type . '&' . CSRF_TOKEN . '=' . $token . '#comment_entry'; $template->set_var('edit_link', $editlink); $template->set_var('lang_edit', $LANG01[4]); $edit = COM_createLink($LANG01[4], $editlink) . ' | '; } else { $editlink = ''; $edit = ''; } // If deletion is allowed, displays delete link if ($delete_option) { $deloption = ''; if (SEC_inGroup('Root')) { if (!empty($A['ipaddress'])) { if (empty($_CONF['ip_lookup'])) { $deloption = $A['ipaddress'] . ' | '; $template->set_var('ipaddress', $A['ipaddress']); } else { $iplookup = str_replace('*', $A['ipaddress'], $_CONF['ip_lookup']); $template->set_var('iplookup_link', $iplookup); $template->set_var('ipaddress', $A['ipaddress']); $deloption = COM_createLink($A['ipaddress'], $iplookup) . ' | '; } //insert re-que link here } } $dellink = $_CONF['site_url'] . '/comment.php?mode=delete&cid=' . $A['cid'] . '&sid=' . $A['sid'] . '&type=' . $type . '&' . CSRF_TOKEN . '=' . $token; $delattr = array('onclick' => "return confirm('{$MESSAGE[76]}');"); $delete_link = $dellink; $template->set_var('delete_link', $delete_link); $template->set_var('lang_delete_link_confirm', $MESSAGE[76]); $template->set_var('lang_delete', $LANG01[28]); $deloption .= COM_createLink($LANG01[28], $dellink, $delattr) . ' | '; $template->set_var('delete_option', $deloption . $edit); } else { if ($edit_option) { $template->set_var('delete_option', $edit); } elseif (!COM_isAnonUser()) { $reportthis = ''; if ($A['uid'] != $_USER['uid']) { $reportthis_link = $_CONF['site_url'] . '/comment.php?mode=report&cid=' . $A['cid'] . '&type=' . $type; $report_attr = array('title' => $LANG01[110]); $template->set_var('report_link', $reportthis_link); $template->set_var('lang_report', $LANG01[109]); $reportthis = COM_createLink($LANG01[109], $reportthis_link, $report_attr) . ' | '; } $template->set_var('delete_option', $reportthis); } else { $template->set_var('delete_option', ''); } } //and finally: format the actual text of the comment, but check only the text, not sig or edit $text = str_replace('<!-- COMMENTSIG --><div class="comment-sig">', '', $A['comment']); $text = str_replace('</div><!-- /COMMENTSIG -->', '', $text); $text = str_replace('<div class="comment-edit">', '', $text); $text = str_replace('</div><!-- /COMMENTEDIT -->', '', $text); $filter->setReplaceTags(true); $filter->setCensorData(true); if (preg_match('/<.*>/', $text) == 0) { $A['comment'] = nl2br($A['comment']); } $filter->setPostmode('html'); $A['comment'] = $filter->displayText($A['comment']); // highlight search terms if specified if (!empty($_REQUEST['query'])) { $A['comment'] = COM_highlightQuery($A['comment'], strip_tags($_REQUEST['query'])); } if (function_exists('msg_replaceEmoticons')) { $A['comment'] = msg_replaceEmoticons($A['comment']); } // create a reply to link $reply_link = ''; if ($ccode == 0 && ($_CONF['commentsloginrequired'] == 0 || !COM_isAnonUser())) { $reply_link = $_CONF['site_url'] . '/comment.php?sid=' . $A['sid'] . '&pid=' . $A['cid'] . '&title=' . urlencode($A['title']) . '&type=' . $A['type'] . '#comment_entry'; $template->set_var('reply_link', $reply_link); $template->set_var('lang_reply', $LANG01[43]); $reply_option = COM_createLink($LANG01[43], $reply_link, array('rel' => 'nofollow')) . ' | '; $template->set_var('reply_option', $reply_option); } else { $template->set_var('reply_option', ''); } $template->set_var('reply_link', $reply_link); // format title for display, must happen after reply_link is created $A['title'] = @htmlspecialchars($A['title'], ENT_COMPAT, COM_getEncodingt()); $template->set_var('title', $A['title']); $template->set_var('comments', $A['comment']); // parse the templates if ($mode == 'threaded' && $indent > 0) { $template->set_var('pid', $A['pid']); $retval .= $template->parse('output', 'thread'); } else { $template->set_var('pid', $A['cid']); $retval .= $template->parse('output', 'comment'); } if ($preview) { return $retval; } $row++; } while ($A = DB_fetchArray($comments)); return $retval; }