function preparse_bbcode($text, &$errors, $is_signature = false) { global $lang_prof_reg; // Change all simple BBCodes to lower case // MODERN BBCODE BEGIN $text = str_replace(array('[B]', '[I]', '[U]', '[/B]', '[/I]', '[/U]', '[S]', '[/S]'), array('[b]', '[i]', '[u]', '[/b]', '[/i]', '[/u]', '[s]', '[/s]'), $text); // MODERN BBCODE END // Do the more complex BBCodes (also strip excessive whitespace and useless quotes) $a = array('#\\[url=("|\'|)(.*?)$1\\]\\s*#i', '#\\[url\\]\\s*#i', '#\\s*\\[/url\\]#i', '#\\[search=("|\'|)(.*?)$1\\]\\s*#i', '#\\[search\\]\\s*#i', '#\\s*\\[/search\\]#i', '#\\[email=("|\'|)(.*?)$1\\]\\s*#i', '#\\[email\\]\\s*#i', '#\\s*\\[/email\\]#i', '#\\[img\\]\\s*(.*?)\\s*\\[/img\\]#is', '#\\[color=("|\'|)(.*?)$1\\](.*?)\\[/color\\]#is', '#\\[font=("|\'|)(.*?)$1\\](.*?)\\[/font\\]#is'); $b = array('[url=$2]', '[url]', '[/url]', '[search=$2]', '[search]', '[/search]', '[email=$2]', '[email]', '[/email]', '[img]$1[/img]', '[color=$2]$3[/color]', '[font=$2]$3[/font]'); if (!$is_signature) { // For non-signatures, we have to do the quote and code tags as well $a[] = '#\\[quote=("|"|\'|)(.*?)$1\\]\\s*#i'; $a[] = '#\\[quote\\]\\s*#i'; $a[] = '#\\s*\\[/quote\\]\\s*#i'; $a[] = '#\\[code\\][\\r\\n]*(.*?)\\s*\\[/code\\]\\s*#is'; $a[] = '#\\[hide=("|"|\'|)(.*?)$1\\]\\s*#i'; $a[] = '#\\[hide\\]\\s*#i'; $a[] = '#\\s*\\[/hide\\]\\s*#i'; $b[] = '[quote=$1$2$1]'; $b[] = '[quote]'; $b[] = '[/quote]' . "\n"; $b[] = '[code]$1[/code]' . "\n"; $b[] = '[hide=$1$2$1]'; $b[] = '[hide]'; $b[] = '[/hide]' . "\n"; } // Run this baby! $text = preg_replace($a, $b, $text); if (!$is_signature) { $error = ''; $overflow = check_tag_order($text, $error); if ($error) { // A BBCode error was spotted in check_tag_order() $errors[] = $error; } else { if ($overflow) { // The quote depth level was too high, so we strip out the inner most quote(s) $text = substr($text, 0, $overflow[0]) . substr($text, $overflow[1], strlen($text) - $overflow[0]); } } } else { if (preg_match('#\\[quote=("|"|\'|)(.*)\\1\\]|\\[quote\\]|\\[/quote\\]|\\[code\\]|\\[/code\\]|\\[hide=("|"|\'|)(.*)\\1\\]|\\[hide\\]|\\[/hide\\]#i', $text)) { if (basename(dirname($_SERVER['PHP_SELF'])) == 'wap') { wap_message($lang_prof_reg['Signature quote/code']); } else { message($lang_prof_reg['Signature quote/code']); } } } return trim($text); }
//+ REAL MARK TOPIC AS READ MOD if (!$pun_user['is_guest']) { $result = $db->query('DELETE ' . 'FROM `' . $db->prefix . 'log_topics` ' . 'WHERE `log_time` < ' . ($_SERVER['REQUEST_TIME'] - $pun_user['mark_after']) . ' ' . 'AND `user_id`=' . $pun_user['id']) or error('Unable to delete marked as read topic info', __FILE__, __LINE__, $db->error()); } //- REAL MARK TOPIC AS READ MOD if (!$pun_user['g_read_board']) { wap_message($lang_common['No view']); } $id = isset($_GET['id']) ? (int) $_GET['id'] : 0; if (1 > $id) { wap_message($lang_common['Bad request']); } // Fetch some info about the forum $result = $db->query('SELECT `f`.`forum_name`, ' . '`f`.`redirect_url`, ' . '`f`.`moderators`, ' . '`f`.`num_topics`, ' . '`f`.`sort_by`, ' . '`fp`.`post_topics`, ' . '`lf`.`log_time`, ' . '`f`.`id` AS `forum_id` ' . 'FROM `' . $db->prefix . 'forums` AS `f` ' . 'LEFT JOIN `' . $db->prefix . 'forum_perms` AS `fp` ' . 'ON (`fp`.`forum_id`=`f`.`id` AND `fp`.`group_id`=' . $pun_user['g_id'] . ') ' . 'LEFT JOIN `' . $db->prefix . 'log_forums` AS `lf` ' . 'ON (`lf`.`user_id`=' . $pun_user['id'] . ' AND `lf`.`forum_id`=`f`.`id`) ' . 'WHERE (`fp`.`read_forum` IS NULL OR `fp`.`read_forum`=1) ' . 'AND `f`.`id`=' . $id) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) { wap_message($lang_common['Bad request']); } $cur_forum = $db->fetch_assoc($result); //+ REAL MARK TOPIC AS READ MOD if (!($pun_user['is_guest'] || $cur_forum['log_time'])) { $result = $db->query('INSERT INTO `' . $db->prefix . 'log_forums` ' . '(`user_id`, `forum_id`, `log_time`) ' . 'VALUES (' . $pun_user['id'] . ', ' . $cur_forum['forum_id'] . ', ' . $_SERVER['REQUEST_TIME'] . ')') or error('Unable to insert reading_mark info', __FILE__, __LINE__, $db->error()); } else { $result = $db->query('UPDATE `' . $db->prefix . 'log_forums` ' . 'SET `log_time`=' . $_SERVER['REQUEST_TIME'] . ' ' . 'WHERE `forum_id`=' . $cur_forum['forum_id'] . ' ' . 'AND `user_id`=' . $pun_user['id']) or error('Unable to update reading_mark info', __FILE__, __LINE__, $db->error()); } //- REAL MARK TOPIC AS READ MOD // Is this a redirect forum? In that case, redirect! if ($cur_forum['redirect_url']) { wap_redirect($cur_forum['redirect_url']); } // Sort out who the moderators are and if we are currently a moderator (or an admin) $mods_array = array();
} if (isset($_GET['reply']) || isset($_GET['quote'])) { $r = @intval(@$_GET['reply']); $q = @intval(@$_GET['quote']); // Get message info empty($r) ? $id = $q : ($id = $r); $result = $db->query('SELECT * FROM ' . $db->prefix . 'messages WHERE id=' . $id . ' AND owner=' . $pun_user['id']) or error('Unable to fetch message info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) { wap_message($lang_common['Bad request']); } $message = $db->fetch_assoc($result); // Quote the message if (isset($_GET['quote'])) { $quote = '[quote=' . $message['sender'] . ']' . $message['message'] . '[/quote]'; } // Add subject $subject = 'RE:' == substr($message['subject'], 0, 3) ? $message['subject'] : 'RE: ' . $message['subject']; } if ($pun_user['messages_enable'] != 1) { wap_message($lang_pms['PM disabled'] . ' <a href="message_list.php?&box=2">' . $lang_pms['Options PM'] . '</a>'); } require_once PUN_ROOT . 'wap/header.php'; $page_title = $pun_config['o_board_title'] . ' / ' . $lang_pms['Send a message']; $smarty->assign('page_title', $page_title); $smarty->assign('username', @$username); $smarty->assign('subject', @$subject); $smarty->assign('quote', @$quote); $smarty->assign('lang_pms', $lang_pms); $smarty->assign('lang_post', $lang_post); $smarty->display('message_send.tpl'); }
<?php define('PUN_ROOT', '../'); require_once PUN_ROOT . 'include/common.php'; if (!$pun_user['g_read_board']) { wap_message($lang_common['No view']); } // Load the userlist.php language file require_once PUN_ROOT . 'lang/' . $pun_user['language'] . '/userlist.php'; // Load the search.php language file require_once PUN_ROOT . 'lang/' . $pun_user['language'] . '/search.php'; // Determine if we are allowed to view post counts $show_post_count = $pun_config['o_show_post_count'] == 1 || $pun_user['g_id'] < PUN_GUEST ? true : false; $username = isset($_GET['username']) && $pun_user['g_search_users'] == 1 ? pun_trim($_GET['username']) : ''; $show_group = !isset($_GET['show_group']) || intval($_GET['show_group']) < -1 && intval($_GET['show_group']) > 2 ? -1 : intval($_GET['show_group']); $sort_by = !isset($_GET['sort_by']) || $_GET['sort_by'] != 'username' && $_GET['sort_by'] != 'registered' && ($_GET['sort_by'] != 'num_posts' || !$show_post_count) ? 'username' : $_GET['sort_by']; $sort_dir = !isset($_GET['sort_dir']) || $_GET['sort_dir'] != 'ASC' && $_GET['sort_dir'] != 'DESC' ? 'ASC' : mb_strtoupper($_GET['sort_dir']); $page_title = $pun_config['o_board_title'] . ' / ' . $lang_common['User list']; if ($pun_user['g_search_users'] == 1) { $focus_element = array('userlist', 'username'); } define('PUN_ALLOW_INDEX', 1); $result = $db->query('SELECT g_id, g_title FROM ' . $db->prefix . 'groups WHERE g_id!=' . PUN_GUEST . ' ORDER BY g_id') or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error()); if ($db->num_rows($result)) { while ($cur_group = $db->fetch_assoc($result)) { $groups[] = $cur_group; } } // Create any SQL for the WHERE clause $where_sql = array(); $like_command = 'LIKE';
// Fetch some info about the post, the topic and the forum $result = $db->query('SELECT `f`.`id` AS `fid`, ' . '`f`.`forum_name`, ' . '`f`.`moderators`, ' . '`f`.`redirect_url`, ' . '`fp`.`post_replies`, ' . '`fp`.`post_topics`, ' . '`t`.`id` AS `tid`, ' . '`t`.`subject`, ' . '`t`.`posted`, ' . '`t`.`closed`, ' . '`p`.`poster`, ' . '`p`.`poster_id`, ' . '`p`.`message`, ' . '`p`.`hide_smilies` ' . 'FROM `' . $db->prefix . 'posts` AS `p` ' . 'INNER JOIN `' . $db->prefix . 'topics` AS `t` ' . 'ON `t`.`id`=`p`.`topic_id` ' . 'INNER JOIN `' . $db->prefix . 'forums` AS `f` ' . 'ON `f`.`id`=`t`.`forum_id` ' . 'LEFT JOIN `' . $db->prefix . 'forum_perms` AS `fp` ' . 'ON (`fp`.`forum_id`=`f`.`id` ' . 'AND `fp`.`group_id`=' . $pun_user['g_id'] . ') ' . 'WHERE (`fp`.`read_forum` IS NULL OR `fp`.`read_forum`=1) ' . 'AND `p`.`id`=' . $id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) { wap_message($lang_common['Bad request']); } $cur_post = $db->fetch_assoc($result); // Sort out who the moderators are and if we are currently a moderator (or an admin) $mods_array = $cur_post['moderators'] ? unserialize($cur_post['moderators']) : array(); $is_admmod = $pun_user['g_id'] == PUN_ADMIN || $pun_user['g_id'] == PUN_MOD && array_key_exists($pun_user['username'], $mods_array) ? true : false; // Determine whether this post is the "topic post" or not $result = $db->query('SELECT `id` ' . 'FROM `' . $db->prefix . 'posts` ' . 'WHERE `topic_id`=' . $cur_post['tid'] . ' ' . 'ORDER BY `posted` ' . 'LIMIT 1;') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error()); $topic_post_id = $db->result($result); $is_topic_post = $id == $topic_post_id; // Do we have permission to edit this post? if ((!$pun_user['g_delete_posts'] || !$pun_user['g_delete_topics'] && $is_topic_post || $cur_post['poster_id'] != $pun_user['id'] || $cur_post['closed'] == 1) && !$is_admmod) { wap_message($lang_common['No permission']); } if (isset($_POST['delete'])) { require_once PUN_ROOT . 'include/search_idx.php'; if ($is_topic_post) { // Delete the topic and all of it's posts delete_topic($cur_post['tid']); update_forum($cur_post['fid']); generate_rss(); wap_redirect('viewforum.php?id=' . $cur_post['fid']); } else { // Delete just this one post delete_post($id, $cur_post['tid']); update_forum($cur_post['fid']); wap_redirect('viewtopic.php?id=' . $cur_post['tid']); }
$DB->free_result($query); } else { echo "<p>没有需要审核的评论</p>\n"; } wap_footer(); } // 审核评论操作 if ($action == 'auditcm_ok' && ($sax_group == '1' || $sax_group == '2') && $sax_hash) { wap_header('审核评论'); $commentid = (int) $commentid; // 获取文章信息 if (!$commentid) { wap_message('缺少参数'); } $comment = $DB->fetch_one_array("SELECT c.articleid, a.uid FROM {$db_prefix}comments c LEFT JOIN {$db_prefix}articles a ON (a.articleid=c.articleid) WHERE c.commentid='{$commentid}'"); if (!$comment) { wap_message('记录不存在'); } if ($sax_group == '2') { if ($comment['uid'] != $sax_uid) { wap_message('此评论不属于您发表的文章'); } } $DB->query("UPDATE {$db_prefix}comments SET visible='1' WHERE commentid='{$commentid}'"); $DB->unbuffered_query("UPDATE {$db_prefix}articles SET comments=comments+1 WHERE articleid='" . $comment['articleid'] . "'"); $DB->unbuffered_query("UPDATE {$db_prefix}statistics SET comment_count=comment_count+1"); newcomments_recache(); statistics_recache(); getlog(); wap_message('评论已显示', array('title' => '返回隐藏评论列表', 'link' => 'index.php?action=auditcm')); }
// Must the user verify the registration or do we log him/her in right now? if ($pun_config['o_regs_verify'] == 1) { // Load the "welcome" template $mail_tpl = trim(file_get_contents(PUN_ROOT . 'lang/' . $pun_user['language'] . '/mail_templates/welcome.tpl')); // The first row contains the subject $first_crlf = strpos($mail_tpl, "\n"); $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8)); $mail_message = trim(substr($mail_tpl, $first_crlf)); $mail_subject = str_replace('<board_title>', $pun_config['o_board_title'], $mail_subject); $mail_message = str_replace('<base_url>', $pun_config['o_base_url'] . '/', $mail_message); $mail_message = str_replace('<username>', $username, $mail_message); $mail_message = str_replace('<password>', $password1, $mail_message); $mail_message = str_replace('<login_url>', $pun_config['o_base_url'] . '/login.php', $mail_message); $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'] . ' ' . $lang_common['Mailer'], $mail_message); pun_mail($email1, $mail_subject, $mail_message); wap_message($lang_register['Reg e-mail'] . ' <a href="mailto:' . $pun_config['o_admin_email'] . '">' . $pun_config['o_admin_email'] . '</a>.', true); } pun_setcookie($new_uid, $password_hash, $save_pass ? $now + 31536000 : 0); wap_redirect('index.php'); } } } $languages = array(); $d = dir(PUN_ROOT . 'lang'); while (($entry = $d->read()) !== false) { if ($entry[0] != '.' && is_dir(PUN_ROOT . 'lang/' . $entry) && file_exists(PUN_ROOT . 'lang/' . $entry . '/common.php')) { $languages[] = $entry; } } $d->close(); $page_title = $pun_config['o_board_title'] . ' / ' . $lang_register['Register'];
// Fetch the list of forums $result = $db->query('SELECT `id`, `forum_name` FROM `' . $db->prefix . 'forums`') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error()); $forum_list = array(); while ($row = $db->fetch_row($result)) { $forum_list[] = $row; } $smarty->assign('page_title', $page_title); $smarty->assign('search_set', $search_set); $smarty->assign('forum_list', $forum_list); $smarty->assign('show_as', $show_as); $smarty->assign('lang_search', $lang_search); $smarty->assign('paging_links', $paging_links); $smarty->display('search.result.tpl'); exit; } else { wap_message($lang_search['No hits']); } } $result = $db->query(' SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name, f.redirect_url FROM ' . $db->prefix . 'categories AS c INNER JOIN ' . $db->prefix . 'forums AS f ON c.id=f.cat_id LEFT JOIN ' . $db->prefix . 'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=' . $pun_user['g_id'] . ') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.redirect_url IS NULL ORDER BY c.disp_position, c.id, f.disp_position ') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); $forums = array(); while ($cur_forum = $db->fetch_assoc($result)) { $forums[] = $cur_forum; }