Exemplo n.º 1
0
if (TINYIB_TRIPSEED == '' || TINYIB_ADMINPASS == '') {
    fancyDie('TINYIB_TRIPSEED and TINYIB_ADMINPASS must be configured');
}
$redirect = true;
// Check if the request is to make a post
if (isset($_POST['message']) || isset($_POST['file'])) {
    if (TINYIB_DBMIGRATE) {
        fancyDie('Posting is currently disabled.<br>Please try again in a few moments.');
    }
    list($loggedin, $isadmin) = manageCheckLogIn();
    $rawpost = isRawPost();
    if (!$loggedin) {
        checkCAPTCHA();
        checkBanned();
        checkMessageSize();
        checkFlood();
    }
    $post = newPost(setParent());
    $post['ip'] = $_SERVER['REMOTE_ADDR'];
    list($post['name'], $post['tripcode']) = nameAndTripcode($_POST['name']);
    $post['name'] = cleanString(substr($post['name'], 0, 75));
    $post['email'] = cleanString(str_replace('"', '&quot;', substr($_POST['email'], 0, 75)));
    $post['subject'] = cleanString(substr($_POST['subject'], 0, 75));
    if ($rawpost) {
        $rawposttext = $isadmin ? ' <span style="color: red;">## Admin</span>' : ' <span style="color: purple;">## Mod</span>';
        $post['message'] = $_POST['message'];
        // Treat message as raw HTML
    } else {
        $rawposttext = '';
        $post['message'] = str_replace("\n", '<br>', makeLinksClickable(colorQuote(postLink(cleanString(rtrim($_POST['message']))))));
    }
Exemplo n.º 2
0
    $form_news_comment->accept($renderer);
    $tpl->assign('form_news_comment', $renderer->toArray());
    // capture the array stucture
    ob_start();
    print_r($renderer->toArray());
    $tpl->assign('static_array', ob_get_contents());
    ob_end_clean();
    //megadjuk a tpl file nevet, amit atadunk az admin.php-nek
    $acttpl = 'comments_mod';
} elseif ($com_act == "comments_add" && check_perm('comments_add', NULL, 1, $module_name, 'index') && isset($_REQUEST['module']) && isset($_REQUEST['back_id']) && is_numeric($_REQUEST['back_id'])) {
    $id = intval($_REQUEST['back_id']);
    $module = $_REQUEST['module'];
    //flood figyelese - ha be van kapcsolva
    $is_news_flood = 0;
    if ($row_comments['flood'] == 1) {
        if (checkFlood($module, $row_comments['flood_time']) === false) {
            $is_news_flood = 1;
            $site_errors[] = array('text' => $locale->get('error_flooding'), 'link' => 'javascript:history.back(-1)');
            return;
        }
    }
    if ($is_news_flood == 0) {
        if ($row_comments['is_user_reg'] == 1 && !empty($_SESSION['user_id']) || $row_commenst['is_user_reg'] == 0) {
            require_once 'HTML/QuickForm.php';
            require_once 'HTML/QuickForm/Renderer/ArraySmarty.php';
            //elinditjuk a form-ot
            $form_comment =& new HTML_QuickForm('frm_comment', 'post', 'index.php?p=' . $module_name);
            //a szukseges szoveget jelzo resz beallitasa
            $form_comment->setRequiredNote($locale->get('form_required_note'));
            //form-hoz elemek hozzadasa
            $form_comment->addElement('header', 'newscomment', $locale->get('form_comment_header'));
Exemplo n.º 3
0
/**
 * nem aktivalt hirdetesek torlese
 */
$query = "\n\tDELETE FROM iShark_Classifieds_Advert \n\tWHERE is_active = 0 AND TO_DAYS(NOW()) - TO_DAYS(add_date) > " . $_SESSION['site_class_autodel'] . "\n";
$mdb2->exec($query);
/**
 * uj hirdetes feladasa
 */
if ($act == "add" || $act == "mod") {
    $titles = array('add' => $locale->get('breadcrumb_add'), 'mod' => $locale->get('breadcrumb_mod'));
    //ha csak regisztralt felhasznalo adhat fel hirdetest
    if (!empty($class_reguser) && empty($_SESSION['user_id'])) {
        $site_error[] = array('text' => $locale->get('error_no_permission'), 'link' => 'javascript:history.back(-1)');
        return;
    } else {
        if ($class_flood == 1 && checkFlood($module_name, $class_floodtime) === false) {
            $site_errors[] = array('text' => $locale->get('error_flooding'), 'link' => 'javascript:history.back(-1)');
            return;
        } else {
            if (isset($_REQUEST['aid']) && is_numeric($_REQUEST['aid'])) {
                $aid = intval($_REQUEST['aid']);
            }
            $javascripts[] = "javascripts";
            require_once 'HTML/QuickForm.php';
            require_once 'HTML/QuickForm/jscalendar.php';
            require_once 'HTML/QuickForm/Renderer/ArraySmarty.php';
            require_once $include_dir . '/function.check.php';
            require_once $include_dir . '/function.classifieds.php';
            $form_class =& new HTML_QuickForm('frm_class', 'post', 'index.php?' . $self_class);
            $form_class->removeAttribute('name');
            $form_class->setRequiredNote($locale->get('form_required_note'));
Exemplo n.º 4
0
 if (mb_strlen($post['subject']) > 100) {
     error(sprintf($config['error']['toolong'], 'subject'));
 }
 if (!$mod && mb_strlen($post['body']) > $config['max_body']) {
     error($config['error']['toolong_body']);
 }
 if (mb_strlen($post['password']) > 20) {
     error(sprintf($config['error']['toolong'], 'password'));
 }
 wordfilters($post['body']);
 $post['body_nomarkup'] = $post['body'];
 if (!($mod && isset($post['raw']) && $post['raw'])) {
     $post['tracked_cites'] = markup($post['body'], true);
 }
 // Check for a flood
 if (!hasPermission($config['mod']['flood'], $board['uri']) && checkFlood($post)) {
     error($config['error']['flood']);
 }
 // Custom anti-spam filters
 if (isset($config['flood_filters'])) {
     foreach ($config['flood_filters'] as &$filter) {
         unset($did_not_match);
         // Set up default stuff
         if (!isset($filter['action'])) {
             $filter['action'] = 'reject';
         }
         if (!isset($filter['message'])) {
             $filter['message'] = 'Posting throttled by flood filter.';
         }
         foreach ($filter['condition'] as $condition => $value) {
             if ($condition == 'posts_in_past_x_minutes' && isset($value[0]) && isset($value[1])) {
Exemplo n.º 5
0
$captcha = $row['captcha'];
$flood = $row['gflood'];
$ftime = $row['gftime'];
/**
 * ha uj bejegyzest adunk hozza
 */
if ($act == "guestbook_add") {
    if ($user_reg == 1 && !isset($_SESSION['user_id'])) {
        $site_errors[] = array('text' => $locale->get('error_only_reg'), 'link' => 'index.php?p=' . $module_name);
        return;
    } else {
        $ip = get_ip();
        $is_gb_flood = 0;
        //ha figyeljuk a floodolast
        if ($flood == 1) {
            if (checkFlood($module_name, $ftime) === false) {
                $is_gb_flood = 1;
                $site_errors[] = array('text' => $locale->get('error_flood'), 'link' => 'index.php?p=' . $module_name);
                return;
            }
        }
        if ($is_gb_flood == 0) {
            require_once 'HTML/QuickForm.php';
            require_once 'HTML/QuickForm/Renderer/ArraySmarty.php';
            //elinditjuk a form-ot
            $form_guestbook =& new HTML_QuickForm('frm_guestbook', 'post', 'index.php?p=' . $module_name);
            //a szukseges szoveget jelzo resz beallitasa
            $form_guestbook->setRequiredNote($locale->get('form_required_note'));
            //form-hoz elemek hozzadasa
            $tpl->assign('content_title', $locale->get('title') . ' - ' . $locale->get('form_add_header'));
            $form_guestbook->addElement('header', 'guestbook', $locale->get('form_add_header'));