writeln('</td>'); writeln('</tr>'); writeln('</table>'); print_footer(); } if (http_post()) { $title = http_post_string("title", array("len" => 100, "valid" => "[a-z][A-Z][0-9]`~!@#\$%^&*()_+-={}|[]\\:\";',./? ")); $body = http_post_string("story", array("len" => 64000, "valid" => "[ALL]")); $tid = http_post_int("tid"); $answer = http_post_string("answer", array("required" => false)); $time = time(); if (!captcha_verify($answer)) { die("captcha failed"); } $topic = db_get_rec("topic", $tid); $title = clean_entities($title); $new_body = str_replace("\n", "<br>", $body); $new_body = clean_html($new_body); if (http_post("preview")) { print_submit_box($title, $body, $new_body, $tid, true); die; } $pipe = array(); $pipe["pid"] = 0; $pipe["tid"] = $tid; $pipe["zid"] = $auth_zid; $pipe["editor"] = ""; $pipe["title"] = $title; $pipe["ctitle"] = clean_url($title); $pipe["icon"] = $topic["icon"]; $pipe["time"] = $time;
function clean_html($html) { $clean = ""; $pre = 0; $html = clean_unicode($html); for ($i = 0; $i < mb_strlen($html); $i++) { //$c = substr($html, $i, 1); $c = mb_substr($html, $i, 1); if ($c == "<") { $s = ""; for ($i = $i + 1; $i < mb_strlen($html); $i++) { //$c = substr($html, $i, 1); $c = mb_substr($html, $i, 1); if ($c == ">") { break; } $s .= $c; } $tag = clean_tag($s); if ($tag == "<pre>") { $pre++; } else { if ($tag == "</pre>") { $pre--; } } $clean .= $tag; } else { //if ($pre > 0 && $c == "\n") { // $clean .= "<br/>"; //} else { $clean .= $c; //} } } $clean = str_replace("\t", " ", $clean); $clean = str_replace("\n", " ", $clean); $clean = str_replace("\r", " ", $clean); while (string_has($clean, " ")) { $clean = str_replace(" ", " ", $clean); } $clean = str_replace("> ", ">", $clean); $clean = str_replace(" <", "<", $clean); $clean = str_replace("FORCEWHITESPACE", " ", $clean); $clean = trim($clean); $clean = str_replace_all(" ", " ", $clean); $clean = str_replace_all("<br/><br/><br/>", "<br/><br/>", $clean); // print "clean [$clean]"; // $clean = str_replace("<pre><br/>", "<pre>", $clean); // $clean = str_replace("<br/></pre>", "</pre>", $clean); // $clean = str_replace("<li><br/>", "<li>", $clean); // $clean = str_replace("<br/></li>", "</li>", $clean); // $clean = str_replace("<ul><br/>", "<ul>", $clean); // $clean = str_replace("<br/></ul>", "</ul>", $clean); // $clean = str_replace("<ol><br/>", "<ol>", $clean); // $clean = str_replace("<br/></ol>", "</ol>", $clean); // print "clean2 [$clean]"; $clean = clean_newlines("pre", $clean); $clean = clean_newlines("ol", $clean); $clean = clean_newlines("ul", $clean); $clean = clean_newlines("li", $clean); $clean = clean_newlines("blockquote", $clean); $clean = clean_entities($clean); $clean = make_clickable($clean); return $clean; }
$coward = true; if (http_post("post")) { if (!captcha_verify($answer)) { die("captcha failed"); } } } else { $coward = http_post_bool("coward"); if ($coward) { $zid = ""; } else { $zid = $auth_zid; } } $subject = clean_unicode($subject); $subject = clean_entities($subject); $new_body = str_replace("\n", "<br>", $body); $new_body = clean_html($new_body); $time = time(); if ($sid == 0 && $cid == 0 && $pid == 0 && $qid == 0) { die("qid [{$qid}]"); die("sid, cid, pid, and qid are empty"); } if ($cid != 0) { $comment = db_get_rec("comment", $cid); $sid = $comment["sid"]; $pid = $comment["pid"]; $qid = $comment["qid"]; } if ($sid != 0) { $story = db_get_rec("story", $sid);