function theme_nameList($names)
{
foreach ($names as &$name) {
$name = '<b' . (isMod($name) ? ' class="nnf_mod"' : '') . '>' . safeHTML($name) . '</b>';
}
return implode(', ', $names);
}
function send_mail($from_id, $to_id, $subject, $message)
{
$orkTime = $GLOBALS['orkTime'];
$objSrcUser = new clsUser($from_id);
$objTrgUser = new clsUser($to_id);
$arrSrcStats = $objSrcUser->get_stats();
$arrTrgStats = $objTrgUser->get_stats();
// we should check for the blocking system around here
if (is_blocked_mail($from_id, $to_id)) {
echo "<br /><br />You cannot mail {$arrTrgStats['tribe']} because you have been blocked from doing so.";
include_game_down();
exit;
}
$subject = safeHTML($subject);
$message = safeHTML($message);
$message = "{$message}<br /><br /><i>~{$arrSrcStats['tribe']}(#{$arrSrcStats['kingdom']})";
if (!$subject) {
$subject = "No Subject";
}
mysql_query("INSERT INTO messages (for_user, from_user, date, subject, text, new, action) VALUES ('{$to_id}', '{$from_id}', '{$orkTime}', '{$subject}', '{$message}', 'new', 'received')");
mysql_query("INSERT INTO messages (for_user, from_user, date, subject, text, new, action) VALUES ('{$to_id}', '{$from_id}', '{$orkTime}', '{$subject}', '{$message}', 'new', 'sent')");
echo "<h3>Message sent to {$arrTrgStats['tribe']}(#{$arrTrgStats['kingdom']})</h3><br />";
mysql_query("UPDATE preferences SET last_m ='{$orkTime}' WHERE id = {$to_id}");
}
function include_message_text()
{
//========================================================================
// Note that if someone presses the report button, $tribe has not been
// set, I'll fix that for now, but the line below does not only rely
// on that, but also on register_globals being on, UGLY! - AI 22/10/06
//========================================================================
global $Host, $tribe, $type, $userid, $action, $submit, $alliance, $message, $inputBody, $subject, $orkTime, $connection, $report, $ip, $resortforum;
// mysql_grab($userid, 'local', 'stats');
$objSrcUser =& $GLOBALS['objSrcUser'];
$reporttype = @$_GET['reporttype'];
$arrStats = $objSrcUser->get_stats();
if ($alliance < 11 && $reporttype != 'personal' && !$submit) {
$strMenu = '<div class="center">' . "| <a href=\"main.php?cat=game&page=mail&set=compose\">Compose Mail</a> " . "| <a href=\"main.php?cat=game&page=mail&set=view\">View Inbox</a> " . "| <a href=\"main.php?cat=game&page=mail&set=outbox\">View Outbox</a> " . "| <a href=\"main.php?cat=game&page=message&tribe=1&alliance=1\" >Send a Report</a> " . "| <a href=\"main.php?cat=game&page=mail&set=block\">Block Mail</a> ";
if ($arrStats['type'] == 'elder') {
"| <a href=\"main.php?cat=game&page=mail&set=eldermail\" >Alliance Mail</a> ";
}
$strMenu .= "|</div><br />";
echo $strMenu;
echo "<div id=\"textBig\"><h2>Send a report</h2>";
// new stuff starting here
switch ($reporttype) {
case 'cheatident':
echo "<p>:: <a href=\"main.php?cat=game&page=message&reporttype=cheating&alliance={$alliance}\">Back to report cheating page</a> ::</p>";
echo "<h3>Report Identity Cheating</h3>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=cheatident\"><p>List the tribe name(s) and alliance(s) you wish to report<br /><textarea name=\"tribes\" rows=\"5\" cols=\"20\"></textarea><br />Describe the offence to be investigated plus all applicable information<br /><textarea name=\"offence\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Report\" /></p></form>";
break;
case 'cheatcont':
echo "<p>:: <a href=\"main.php?cat=game&page=message&reporttype=cheating&alliance={$alliance}\">Back to report cheating page</a> ::</p>";
echo "<h3>Report Content</h3>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=cheatcont\"><p>List the tribe name(s) and alliance(s) you wish to report<br /><textarea name=\"tribes\" rows=\"5\" cols=\"20\"></textarea><br />Paste the complete offensive messages/other things below<br /><textarea name=\"offence\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Report\" /></p></form>";
break;
case 'cheatphys':
echo "<p>:: <a href=\"main.php?cat=game&page=message&reporttype=cheating&alliance={$alliance}\">Back to report cheating page</a> ::</p>";
echo "<h3>Report Physical Cheating</h3>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=cheatphys\"><p>List the tribe name(s) and alliance(s) you wish to report<br /><textarea name=\"tribes\" rows=\"5\" cols=\"20\"></textarea><br />Describe the offence to be investigated plus all applicable information<br /><textarea name=\"offence\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Report\" /></p></form>";
break;
case 'cheatcoop':
echo "<p>:: <a href=\"main.php?cat=game&page=message&reporttype=cheating&alliance={$alliance}\">Back to report cheating page</a> ::</p>";
echo "<h3>Report Cooperation</h3>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=cheatcoop\"><p>List the tribe name(s) and alliance(s) you wish to report<br /><textarea name=\"tribes\" rows=\"5\" cols=\"20\"></textarea><br />Describe the offence to be investigated plus all applicable information<br /><textarea name=\"offence\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Report\" /></p></form>";
break;
case 'cheataccount':
echo "<p>:: <a href=\"main.php?cat=game&page=message&reporttype=cheating&alliance={$alliance}\">Back to report cheating page</a> ::</p>";
echo "<h3>Report Account Cheating</h3>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=cheataccount\"><p>List the tribe name(s) and alliance(s) you wish to report<br /><textarea name=\"tribes\" rows=\"5\" cols=\"20\"></textarea><br />Describe the offence to be investigated plus all applicable information<br /><textarea name=\"offence\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Report\" /></p></form>";
break;
case 'cheatabuse':
echo "<p>:: <a href=\"main.php?cat=game&page=message&reporttype=cheating&alliance={$alliance}\">Back to report cheating page</a> ::</p>";
echo "<h3>Report Abuse</h3>";
echo "**Please don't report bugs here, but rather use this as a report to alert us to any player you suspect abusing a bug.**<br />";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=cheatabuse\"><p>List the tribe name(s) and alliance(s) you wish to report<br /><textarea name=\"tribes\" rows=\"5\" cols=\"20\"></textarea><br />Describe the offence to be investigated plus all applicable information<br /><textarea name=\"offence\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Report\" /></p></form>";
break;
case 'cheatwar':
echo "<p>:: <a href=\"main.php?cat=game&page=message&reporttype=cheating&alliance={$alliance}\">Back to report cheating page</a> ::</p>";
echo "<h3>Report War Cheating</h3>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=cheatwar\"><p>List the alliance(s) you wish to report<br /><textarea name=\"allis\" rows=\"5\" cols=\"20\"></textarea><br />Describe the offence to be investigated plus all applicable information<textarea name=\"offence\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Report\" /></p></form>";
break;
case 'cheatfarm':
echo "<p>:: <a href=\"main.php?cat=game&page=message&reporttype=cheating&alliance={$alliance}\">Back to report cheating page</a> ::</p>";
echo "<h3>Report Farming</h3>";
echo "***Landfarmers must be reported. Any acres gained from a little or undefended tribe may be expropriated in the absence of a report.***<br />";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=cheatfarm\"><p>List the tribe name(s) and alliance(s) you wish to report<br /><textarea name=\"tribes\" rows=\"5\" cols=\"20\"></textarea><br />Paste your attack details here<br /><textarea name=\"attack\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Report\" /></p></form>";
break;
case 'cheatmisc':
echo "<p>:: <a href=\"main.php?cat=game&page=message&reporttype=cheating&alliance={$alliance}\">Back to report cheating page</a> ::</p>";
echo "<h3>Report Miscellaneous Cheating</h3>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=cheatmisc\"><p>List the tribe name(s) and alliance(s) you wish to report<br /><textarea name=\"tribes\" rows=\"5\" cols=\"20\"></textarea><br />Describe the offence to be investigated plus all applicable information<textarea name=\"offence\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Report\" /></p></form>";
break;
case 'cheating':
echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance={$alliance}\">Back to reporting page</a> ::</p>";
echo "<h3>Report Cheating</h3>";
echo "<p>Please select the type of cheating you wish to report:</p>";
echo "<ul>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=cheatident&alliance=2\">Identities (stealing)</a></li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=cheatcont&alliance=2\">Content (PMs, forum)</a></li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=cheatphys&alliance=2\">Physical</a></li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=cheatcoop&alliance=2\">Cooperation</a></li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=cheataccount&alliance=2\">Account (crosslogging, multiple, babysitting)</a></li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=cheatabuse&alliance=2\">Abuse</a></li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=cheatwar&alliance=2\">War</a></li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=cheatfarm&alliance=2\">Farming</a></li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=cheatmisc&alliance=2\">Miscellaneous</a></li></ul>";
break;
case 'sharing':
echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance={$alliance}\">Back to reporting page</a> ::</p>";
echo "<h3>Report Sharing Computers</h3>";
echo "<p>Your tribe name and alliance number: {$arrStats['tribe']}(#{$arrStats['kingdom']})</p>";
echo "<p>List the tribe name(s) and alliance(s) you share IP's with: <br /></p>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=sharing\"><textarea name=\"tribes\" rows=\"5\" cols=\"20\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Computer Sharing Report\" /></form>";
break;
case 'cf':
echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance={$alliance}\">Back to reporting page</a> ::</p>";
echo "<h3>Report Cease Fire</h3>";
echo "<p>A reported temporary stoppage of aggressive activity, where both alliances agree to suspend all ops and attacks for a MAXIMUM of 12 hours following an undeclared war - (or 24 hours in the case of declared war)</p><p>A 12 hour 'cool down' period is permitted following an unofficial war. To be valid these agreements must be reported to L&O with associated times. L&O is not responsible for policing any CF agreements.</p>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=cf\"><p>Your alliance number: {$arrStats['kingdom']}<br />CeaseFire with (Alliance number): <input type=\"text\" name=\"with\" size=\"4\" maxlength=\"4\" /><br /><input type=\"submit\" name=\"submit\" value=\"Send Cease Fire Report\" /></p></form>";
break;
case 'error':
echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance={$alliance}\">Back to reporting page</a> ::</p>";
echo "<h3>Report Error</h3>";
echo "<p>Please explain the error and also send all applicable information</p>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=error\"><textarea name=\"error\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Error Report\" /></form>";
break;
case 'sugg':
echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance={$alliance}\">Back to reporting page</a> ::</p>";
echo "<h3>Report Game Suggestion</h3>";
echo "<p>Please fully explain your suggestion</p>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=sugg\"><textarea name=\"suggestion\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Suggestion\" /></form>";
break;
case 'comp':
echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance={$alliance}\">Back to reporting page</a> ::</p>";
echo "<h3>Report Complaint</h3>";
echo "<p>Please fully explain the problem</p>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=comp\"><textarea name=\"complaint\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Complaint\" /></form>";
break;
case 'mergename':
echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance={$alliance}\">Back to reporting page</a> ::</p>";
echo "<h3>Report Merge/Namechange issues</h3>";
echo "<p>Please fully explain the problem</p>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=mergename\"><textarea name=\"message\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Report\" /></form>";
break;
// case 'advertsugg':
// echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance=$alliance\">Back to reporting page</a> ::</p>";
// echo "<h2>Report Advertising Suggestion</h2>";
// echo "<p>Please fully explain your suggestion</p>";
// echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=advertsugg\"><textarea name=\"suggestion\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Suggestion\" /></form>";
// break;
// case '4crap':
// echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance=$alliance\">Back to reporting page</a> ::</p>";
// echo "<h2>Send crap to #4</h2>";
// echo "<p>Please enter the crap you want to send to #4 here</p>";
// echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=4crap\"><textarea name=\"crap\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send crap\" /></form>";
// break;
// case 'advertsugg':
// echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance=$alliance\">Back to reporting page</a> ::</p>";
// echo "<h2>Report Advertising Suggestion</h2>";
// echo "<p>Please fully explain your suggestion</p>";
// echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=advertsugg\"><textarea name=\"suggestion\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Suggestion\" /></form>";
// break;
// case '4crap':
// echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance=$alliance\">Back to reporting page</a> ::</p>";
// echo "<h2>Send crap to #4</h2>";
// echo "<p>Please enter the crap you want to send to #4 here</p>";
// echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=4crap\"><textarea name=\"crap\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send crap\" /></form>";
// break;
case 'qgen':
echo "<p>:: <a href=\"main.php?cat=game&page=message&alliance={$alliance}\">Back to reporting page</a> ::</p>";
echo "<h3>Question / General</h3>";
echo "<p><p><p>Enter your question below</p>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&reporttype=qgen\"><textarea name=\"question\" rows=\"10\" cols=\"60\"></textarea><br /><input type=\"submit\" name=\"submit\" value=\"Send Report\" /></form>";
break;
default:
echo "<p>Welcome! This will allow you to contact the ORKFiA Staff Team.</p>";
echo "<ul><li><a href=\"main.php?cat=game&page=message&reporttype=cheating&alliance=2\">Report Cheating</a> (report to #2)</li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=sharing&alliance=2\">Report Sharing Computers</a> (report to #2)</li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=cf&alliance=2\">Report Cease Fire</a> (report to #2)</li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=error&alliance=3\">Report Game Error</a> (report to #3)</li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=sugg&alliance=3\">Report Game Suggestion</a> (report to #3)</li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=comp&alliance=3\">Report Complaint</a> (report to #3)</li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=mergename&alliance=3\">Report Merge/Namechange issues</a> (report to #3)</li>";
// echo "<li><a href=\"main.php?cat=game&page=message&reporttype=advertsugg&alliance=4\">Report Advertising Suggestion</a> (report to #4)</li>";
// echo "<li><a href=\"main.php?cat=game&page=message&reporttype=4crap&alliance=4\">Send crap to #4</a> (report to #4)</li>";
echo "<li><a href=\"main.php?cat=game&page=message&reporttype=qgen&alliance=3\">Question / General</a> (report to #3)</li>";
echo "<li><a href=\"main.php?cat=game&page=mail&set=compose&aid={$alliance}&tribe={$tribe}\">Orkfia Mail</a></li></ul>";
}
echo "</div>";
}
if ($type == "ingame" && $submit && $message) {
//changed to use send_mail function - AI 10/12/2006
send_mail($userid, $tribe, $subject, $message);
}
if ($type == "ingame" && $alliance > 10) {
echo "<p>Message Center</p>";
echo "<form method=\"post\" action=\"main.php?cat=game&page=message&type=ingame&action=post&tribe={$tribe}&alliance={$alliance}\">";
echo "<br />Subject: <input type=text name=subject size=30><br /><textarea name=message rows=20 cols=70 wrap=on></textarea><br />";
echo "<input type=hidden name=submit value='yes'>";
echo "<input type='submit' value='Send Message'>";
echo "</form>";
}
if ($submit && $reporttype) {
$error = false;
$alliance = 0;
$resortforum = 0;
$title = false;
$post = false;
switch ($reporttype) {
case 'cheatident':
$alliance = 2;
$resortforum = 4;
$title = 'Report: Identity Cheating';
$post = "Reporting these tribes:\r\n" . $_POST['tribes'] . "\r\n\r\nAccusing them of the following:\r\n" . $_POST['offence'];
break;
case 'cheatcont':
$alliance = 2;
$resortforum = 4;
$title = 'Report: Content';
$post = "Reporting these tribes:\r\n" . $_POST['tribes'] . "\r\n\r\nAccusing them of the following:\r\n" . $_POST['offence'];
break;
case 'cheatphys':
$alliance = 2;
$resortforum = 4;
$title = 'Report: Physical Cheating';
$post = "Reporting these tribes:\r\n" . $_POST['tribes'] . "\r\n\r\nAccusing them of the following:\r\n" . $_POST['offence'];
break;
case 'cheatcoop':
$alliance = 2;
$resortforum = 4;
$title = 'Report: Cooperation';
$post = "Reporting these tribes:\r\n" . $_POST['tribes'] . "\r\n\r\nAccusing them of the following:\r\n" . $_POST['offence'];
break;
case 'cheataccount':
$alliance = 2;
$resortforum = 4;
$title = 'Report: Account Cheating';
$post = "Reporting these tribes:\r\n" . $_POST['tribes'] . "\r\n\r\nAccusing them of the following:\r\n" . $_POST['offence'];
break;
case 'cheatabuse':
$alliance = 2;
$resortforum = 4;
$title = 'Report: Abuse';
$post = "Reporting these tribes:\r\n" . $_POST['tribes'] . "\r\n\r\nAccusing them of the following:\r\n" . $_POST['offence'];
break;
case 'cheatwar':
$alliance = 2;
$resortforum = 4;
$title = 'Report: War Cheating';
$post = "Reporting these alliances:\r\n" . $_POST['allis'] . "\r\n\r\nAccusing them of the following:\r\n" . $_POST['offence'];
break;
case 'cheatfarm':
$alliance = 2;
$resortforum = 4;
$title = 'Report: Farming';
$post = "Reporting these tribes:\r\n" . $_POST['tribes'] . "\r\n\r\nDetails of the attack:\r\n" . $_POST['attack'];
break;
case 'cheatmisc':
$alliance = 2;
$resortforum = 4;
$title = 'Report: Miscellaneous Cheating';
$post = "Reporting these tribes:\r\n" . $_POST['tribes'] . "\r\n\r\nAccusing them of the following:\r\n" . $_POST['offence'];
break;
case 'sharing':
$alliance = 2;
$resortforum = 4;
$title = 'Report: Sharing Computers';
$post = "Declaring to share IP(s) with:\r\n" . $_POST['tribes'];
break;
case 'cf':
$alliance = 2;
$resortforum = 4;
$title = 'Report: CeaseFire';
$post = "Declaring a CeaseFire with: " . $_POST['with'];
break;
case 'error':
$alliance = 3;
$resortforum = 5;
$title = 'Report: Game Error';
$post = $_POST['error'];
break;
case 'sugg':
$alliance = 3;
$resortforum = 5;
$title = 'Report: Game Suggestion';
$post = $_POST['suggestion'];
break;
case 'comp':
$alliance = 3;
$resortforum = 5;
$title = 'Report: Complaint';
$post = $_POST['complaint'];
break;
case 'mergename':
$alliance = 3;
$resortforum = 5;
$title = 'Report: Merge/Namechange issues';
$post = $_POST['message'];
break;
// case 'advertsugg':
// $alliance = 4;
// $title = 'Report: Advertising Suggestion';
// $post = $_POST['suggestion'];
// break;
// case '4crap':
// $alliance = 4;
// $title = 'Crap for #4';
// $post = $_POST['crap'];
// break;
// case 'advertsugg':
// $alliance = 4;
// $title = 'Report: Advertising Suggestion';
// $post = $_POST['suggestion'];
// break;
// case '4crap':
// $alliance = 4;
// $title = 'Crap for #4';
// $post = $_POST['crap'];
// break;
case 'qgen':
$alliance = 3;
$resortforum = 5;
$title = 'Question / General';
$post = $_POST['question'];
break;
case 'n00b':
$alliance = 1;
$resortforum = 2;
$title = 'I am a n00b';
$post = $_POST['n00bieness'];
break;
default:
$error .= "The report was of a type that cannot be handled, " . "you're either messing around or the report system " . "isn't finished yet.<br />";
}
if ($resortforum > 5 || $resortforum < 2) {
$error .= "There was no valid recipient for your report, poke " . "someone in Development.<br />";
}
if (!$error && $title && $resortforum && $post) {
$post .= "\r\n\r\n***User id:" . $objSrcUser->get_userid() . "***\r\n" . $arrStats['tribe'] . '(#' . $arrStats['kingdom'] . ')';
$thread = mysql_query("SELECT post_id FROM forum WHERE poster_kd = 1 AND parent_id = 0 AND title = '{$title}' AND type = {$resortforum}") or die('mysql error: ' . mysql_error());
if (mysql_num_rows($thread) == 0) {
mysql_query("INSERT INTO forum (type,poster_kd,title,post,date_time,updated,poster_name,poster_tribe) VALUES ({$resortforum},1,'{$title}','Automated report thread','{$orkTime}','{$orkTime}','Reporter','Reporter')") or die('mysql error: ' . mysql_error());
$thread = mysql_query("SELECT post_id FROM forum WHERE poster_kd = 1 AND parent_id = 0 AND title = '{$title}' AND type = {$resortforum}") or die('mysql error: ' . mysql_error());
}
$thread = mysql_fetch_assoc($thread);
$thread = $thread['post_id'];
make_post($objSrcUser->get_userid(), $thread, 0, $resortforum, $post);
}
if ($error) {
echo "The following problem(s) was/were encountered while " . "processing your report:<br />{$error}";
} else {
$staffmap = array(1 => "The Orkfian Gods / Development", 2 => "Law and Order", 3 => "Operations", 4 => "Marketing");
echo "Thank you for your time, " . $staffmap[$alliance] . " has received your report.";
echo "<br /><a href=\"main.php?cat=game&page=message&alliance=1\">Back to Reporting</a>";
}
}
if ($submit && $type == "forums" && $resortforum < 11 && $alliance < 11 && $report) {
$message = safeHTML($message);
echo "<p>{$report}, has been received, If you have any more information " . "regarding <br />your report that can be entered, we would be " . "pleased to receive it also.</p>";
if ($report == 'Report: Sharing Computers') {
echo '<p>Please take special notice of the CoC rules applying ' . 'specifically to sharing IPs. Violation of these rules ' . 'results in account suspension and more commonly deletion. ' . 'Ignornance of the law is no excuse.<br /><br />' . 'Here is the link to the CoC:<br />' . '<a href="main.php?cat=game&page=CoC">Code of Conduct</a>' . '<br /><br />' . 'Section 6, and especially 6.5.1 apply to users sharing IPs.' . '<br /><br />' . 'Enjoy the game =)';
$search = mysql_query("select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = @mysql_fetch_array($search);
if ($search['type'] != $resortforum) {
// There's no topic yet
$insert = mysql_query("INSERT INTO forum VALUES ('', '0', {$resortforum}, 1, '0', '{$report}','Automated report thread', '{$orkTime}', '{$orkTime}','Reporter', 'Reporter','0', '0', '0', '0')") or die("insert:" . mysql_error());
}
$search = mysql_query("Select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = mysql_fetch_array($search);
$insert = mysql_query("INSERT INTO forum\n VALUES ('', '{$arrStats['id']}', {$resortforum},\n 1, '{$search['post_id']}', '',\n '{$message}<br /><br />***User id: {$userid}***<br />{$arrStats['tribe']} (# {$arrStats['kingdom']} )', '{$orkTime}', '{$orkTime}',\n '{$arrStats['name']}', '{$arrStats['tribe']}',\n '0', '{$ip}', '0', '0')\n ");
} elseif ($report == 'Report: Cheating') {
$search = mysql_query("select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = @mysql_fetch_array($search);
if ($search['type'] != $resortforum) {
// There's no topic yet
$insert = mysql_query("INSERT INTO forum VALUES ('', '0', {$resortforum}, 1, '0', '{$report}','Automated report thread', '{$orkTime}', '{$orkTime}','Reporter', 'Reporter','0', '0', '0', '0')") or die("insert:" . mysql_error());
}
$search = mysql_query("Select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = mysql_fetch_array($search);
$insert = mysql_query("INSERT INTO forum\n VALUES ('', '{$arrStats['id']}', {$resortforum},\n 1, '{$search['post_id']}', '',\n '{$message}<br /><br />***User id: {$userid}***<br />{$arrStats['tribe']} (# {$arrStats['kingdom']} )', '{$orkTime}', '{$orkTime}',\n '{$arrStats['name']}', '{$arrStats['tribe']}',\n '0', '{$ip}', '0', '0')\n ");
} elseif ($report == 'Report: CeaseFire') {
$search = mysql_query("select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = @mysql_fetch_array($search);
if ($search['type'] != $resortforum) {
// There's no topic yet
$insert = mysql_query("INSERT INTO forum VALUES ('', '0', '{$resortforum}, 1, '0', '{$report}','Automated report thread', '{$orkTime}', '{$orkTime}','Reporter', 'Reporter','0', '0', '0', '0')") or die("insert:" . mysql_error());
}
$search = mysql_query("Select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = mysql_fetch_array($search);
$insert = mysql_query("INSERT INTO forum\n VALUES ('', '{$arrStats['id']}', {$resortforum},\n 1, '{$search['post_id']}', '',\n '{$message}<br /><br />***User id: {$userid}***<br />{$arrStats['tribe']} (# {$arrStats['kingdom']} )', '{$orkTime}', '{$orkTime}',\n '{$arrStats['name']}', '{$arrStats['tribe']}',\n '0', '{$ip}', '0', '0')\n ");
} elseif ($report == 'Report: Game Error') {
$search = mysql_query("select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = @mysql_fetch_array($search);
if ($search['type'] != $resortforum) {
// There's no topic yet
$insert = mysql_query("INSERT INTO forum VALUES ('', '0', '{$resortforum}, 1, '0', '{$report}','Automated report thread', '{$orkTime}', '{$orkTime}','Reporter', 'Reporter','0', '0', '0', '0')") or die("insert:" . mysql_error());
}
$search = mysql_query("Select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = mysql_fetch_array($search);
$insert = mysql_query("INSERT INTO forum\n VALUES ('', '{$arrStats['id']}', {$resortforum},\n 1, '{$search['post_id']}', '',\n '{$message}<br /><br />***User id: {$userid}***<br />{$arrStats['tribe']} (# {$arrStats['kingdom']} )', '{$orkTime}', '{$orkTime}',\n '{$arrStats['name']}', '{$arrStats['tribe']}',\n '0', '{$ip}', '0', '0')\n ");
} elseif ($report == 'Report: Game Suggestion') {
$search = mysql_query("select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = @mysql_fetch_array($search);
if ($search['type'] != $resortforum) {
// There's no topic yet
$insert = mysql_query("INSERT INTO forum VALUES ('', '0', '{$resortforum}, 1, '0', '{$report}','Automated report thread', '{$orkTime}', '{$orkTime}','Reporter', 'Reporter','0', '0', '0', '0')") or die("insert:" . mysql_error());
}
$search = mysql_query("Select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = mysql_fetch_array($search);
$insert = mysql_query("INSERT INTO forum\n VALUES ('', '{$arrStats['id']}', {$resortforum},\n 1, '{$search['post_id']}', '',\n '{$message}<br /><br />***User id: {$userid}***<br />{$arrStats['tribe']} (# {$arrStats['kingdom']} )', '{$orkTime}', '{$orkTime}',\n '{$arrStats['name']}', '{$arrStats['tribe']}',\n '0', '{$ip}', '0', '0')\n ");
} elseif ($report == 'Personal Message') {
send_mail($userid, $tribe, "Personal Message from {$arrStats['tribe']}(#{$arrStats['kingdom']})", $message);
} else {
$search = mysql_query("select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = @mysql_fetch_array($search);
if ($search['type'] != $resortforum) {
// There's no topic yet
$insert = mysql_query("INSERT INTO forum VALUES ('', '0', '{$resortforum}, 1, '0', '{$report}','Automated report thread', '{$orkTime}', '{$orkTime}','Reporter', 'Reporter','0', '0', '0', '0')") or die("insert:" . mysql_error());
}
$search = mysql_query("Select * from forum where poster_kd = 1 and parent_id = 0 and title = '{$report}' and type = {$resortforum}");
$search = mysql_fetch_array($search);
$insert = mysql_query("INSERT INTO forum\n VALUES ('', '{$arrStats['id']}', {$resortforum},\n 1, '{$search['post_id']}', '',\n '{$message}<br /><br />***User id: {$userid}***<br />{$arrStats['tribe']} (# {$arrStats['kingdom']} )', '{$orkTime}', '{$orkTime}',\n '{$arrStats['name']}', '{$arrStats['tribe']}',\n '0', '{$ip}', '0', '0')\n ");
}
if ($report != 'Personal Message') {
// M: Highlight forum users November 01, 2007
$alliance = 1;
notify_forum_users($objSrcUser, $resortforum);
}
}
}
function display()
{
include_once JPATH_BASE . DS . "components" . DS . "com_rsmonials" . DS . "includes" . DS . "admin.rsheader.php";
###############
global $app;
$limit1 = 0;
$limit2 = 0;
$pa = 0;
if ($_REQUEST['limit'] > 0) {
$limit2 = $_REQUEST['limit'];
} else {
$limit2 = $app->getCfg('list_limit');
}
if ($_REQUEST['page'] > 0) {
$pa = $_REQUEST['page'];
} else {
$pa = 1;
}
$limit1 = $limit2 * ($pa - 1);
$database =& JFactory::getDBO();
$database->setQuery("select count(*) as tot from `#__" . RSWEBSOLS_TABLE_PREFIX . "_param` where `ordering` > 0");
$cnt = $database->loadObject();
$total_page = ceil($cnt->tot / $limit2);
$database->setQuery("select * from `#__" . RSWEBSOLS_TABLE_PREFIX . "_param` where `ordering` > 0 order by `ordering` limit " . $limit1 . "," . $limit2 . "");
$items = $database->loadObjectList();
?>
<div>
<div> </div>
<table width="100%" cellpadding="0" cellspacing="0"><tr><td><h1>Manage Settings</h1></td><td align="right"><a href="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&action=editall&page=<?php
echo $_REQUEST['page'];
?>
&limit=<?php
echo $_REQUEST['limit'];
?>
" title="Edit All Item"><img src="components/com_rsmonials/images/edit_f2.png" border="0" alt="Edit All" /></a></td></tr></table>
<div> </div>
</div>
<div id="editcell">
<table class="adminlist">
<thead>
<tr>
<th>#</th>
<th class="title" style="text-align:left;" nowrap="nowrap">Parameter Name</th>
<th class="title" style="text-align:left;">Parameter Description</th>
<th class="title" style="text-align:left;" nowrap="nowrap">Parameter Value</th>
<th nowrap="nowrap">ID</th>
<th class="title">Edit</th>
</tr>
</thead>
<tfoot>
<tr>
<td colspan="9">
<script type="text/JavaScript">
<!--
function MM_jumpMenu(targ,selObj,restore){ //v3.0
eval(targ+".location='"+selObj.options[selObj.selectedIndex].value+"'");
if (restore) selObj.selectedIndex=0;
}
//-->
</script>
<del class="container"><div class="pagination">
<div class="limit">Display #:
<select name="limit" id="limit" class="inputbox" size="1" onchange="MM_jumpMenu('parent',this,0)">
<option value="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&page=1&limit=5" <?php
if ($limit2 == '5') {
?>
selected="selected"<?php
}
?>
>5</option>
<option value="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&page=1&limit=10" <?php
if ($limit2 == '10') {
?>
selected="selected"<?php
}
?>
>10</option>
<option value="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&page=1&limit=15" <?php
if ($limit2 == '15') {
?>
selected="selected"<?php
}
?>
>15</option>
<option value="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&page=1&limit=20" <?php
if ($limit2 == '20') {
?>
selected="selected"<?php
}
?>
>20</option>
<option value="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&page=1&limit=25" <?php
if ($limit2 == '25') {
?>
selected="selected"<?php
}
?>
>25</option>
<option value="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&page=1&limit=30" <?php
if ($limit2 == '30') {
?>
selected="selected"<?php
}
?>
>30</option>
<option value="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&page=1&limit=50" <?php
if ($limit2 == '50') {
?>
selected="selected"<?php
}
?>
>50</option>
<option value="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&page=1&limit=100" <?php
if ($limit2 == '100') {
?>
selected="selected"<?php
}
?>
>100</option>
<option value="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&page=1&limit=999999" <?php
if ($limit2 == '999999') {
?>
selected="selected"<?php
}
?>
>all</option>
</select> | Page:
<select name="page" id="page" class="inputbox" size="1" onchange="MM_jumpMenu('parent',this,0)">
<?php
for ($i = 1; $i <= $total_page; $i++) {
?>
<option value="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&page=<?php
echo $i;
?>
&limit=<?php
echo $limit2;
?>
" <?php
if ($i == $pa) {
?>
selected="selected"<?php
}
?>
><?php
echo $i;
?>
</option>
<?php
}
?>
</select>
</div>
</div></del> </td>
</tr>
</tfoot>
<tbody>
<?php
if (count($items) > 0) {
$cnt = 1;
foreach ($items as $item) {
?>
<tr class="row<?php
echo $cnt % 2;
?>
">
<td align="center"><?php
echo $cnt;
?>
</td>
<td nowrap="nowrap"><?php
echo $item->param_name;
?>
</td>
<td><?php
echo nl2br($item->param_description);
?>
</td>
<td nowrap="nowrap"><?php
echo safeHTML($item->param_value);
?>
</td>
<td align="center"><?php
echo $item->id;
?>
</td>
<td align="center"><a href="index.php?option=<?php
echo $_REQUEST['option'];
?>
&task=<?php
echo $_REQUEST['task'];
?>
&action=edit&id=<?php
echo $item->id;
?>
&page=<?php
echo $_REQUEST['page'];
?>
&limit=<?php
echo $_REQUEST['limit'];
?>
" title="Edit Item"><img src="components/com_rsmonials/images/edit_f2.png" border="0" alt="Edit" width="20" /></a></td>
</tr>
<?php
$cnt++;
}
} else {
?>
<tr><td colspan="9">No Item Found.</td></tr>
<?php
}
?>
</tbody>
</table>
</div>
<?php
###############
include_once JPATH_BASE . DS . "components" . DS . "com_rsmonials" . DS . "includes" . DS . "admin.rsfooter.php";
}
function include_mail_text()
{
global $Host, $d_stats, $tribe, $mid, $subject, $set, $type, $action, $userid, $submit, $kingdom, $userid, $message, $inputBody, $orkTime, $local_stats, $connection, $posts, $replyid;
include_once 'inc/functions/forums.php';
require_once 'inc/functions/mail.php';
$objSrcUser =& $GLOBALS['objSrcUser'];
$local_stats = $objSrcUser->get_stats();
if (!$set) {
$set = "view";
}
if (!$kingdom) {
$kingdom = $local_stats['kingdom'];
}
$count = '0';
$topLinks = '<div class="center">' . "| " . "<a href=\"main.php?cat=game&page=mail&set=compose\">" . "Compose Mail" . "</a>" . " | " . "<a href=\"main.php?cat=game&page=mail&set=view\">" . "View Inbox" . "</a>" . " | " . "<a href=\"main.php?cat=game&page=mail&set=outbox\">" . "View Outbox" . "</a>" . " | " . "<a href=\"main.php?cat=game&page=message&tribe=1&alliance=1\">" . "Send a Report" . "</a>" . " | " . "<a href=\"main.php?cat=game&page=mail&set=block\">" . "Block Mail" . "</a>";
if ($local_stats['type'] == 'elder') {
$topLinks .= " | " . "<a href=\"main.php?cat=game&page=mail&set=eldermail\">" . "Alliance Mail" . "</a>";
}
$topLinks .= " |</div>";
echo $topLinks;
if ($set == "sendmail") {
send_mail($userid, $tribe, $subject, $message);
//changed to use send_mail function - AI 10/12/2006
}
if ($set == "eldermailsend") {
$message = safeHTML($message);
$subject = safeHTML($subject);
$message = "{$message}<br /><br />Your elder: " . $local_stats['name'];
if (!$subject) {
$subject = "No Subject";
}
$query = mysql_query("SELECT id FROM stats WHERE kingdom = {$local_stats['kingdom']}");
while ($datas = mysql_fetch_array($query)) {
if ($datas["id"] != $userid) {
$create['message'] = mysql_query("INSERT INTO messages (id, for_user, from_user, date, subject, text, new, action) VALUES ('', '" . $datas['id'] . "', '" . $userid . "', '" . $orkTime . "', '" . $subject . "', '" . $message . "', 'new', 'received')");
$update['timestamp'] = mysql_query("UPDATE preferences SET last_m ='{$orkTime}' WHERE id= {$tribe}");
}
}
$create['message'] = mysql_query("INSERT INTO messages (id, for_user, from_user, date, subject, text, new, action) VALUES ('', '0', '" . $userid . "', '" . $orkTime . "', '" . $subject . "', '" . $message . "', 'old', 'sent')");
$set = "eldermail";
echo '<div class="center">' . "<h3>Message sent to all your alliance members.</h3></div>";
}
if ($set == "eldermail") {
$eldermail = '<div id="textBig">' . "<h2>Mail your alliance</h2>" . "<form action=\"main.php?cat=game&page=mail&set=eldermailsend\" method=\"post\">" . "<br />" . "Subject: <input type=\"text\" name=\"subject\" size=\"30\" />" . "<br />" . "<textarea name=\"message\" rows=\"10\" cols=\"70\" wrap=\"on\"></textarea>" . "<br />" . "<input type=\"submit\" value=\"Send Message\" />" . "</form>" . "</div>";
echo $eldermail;
}
if ($set == "compose") {
$sendMailTargets = "<option value=\"spacer\">";
if (isset($_GET['aid']) && !empty($_GET['aid'])) {
$kingdom = intval($_GET['aid']);
}
if (isset($_GET['tribe']) && !empty($_GET['tribe'])) {
$replyid = intval($_GET['tribe']);
}
$result = mysql_query("SELECT * FROM stats WHERE kingdom = {$kingdom} ORDER BY tribe");
while ($kdstats = mysql_fetch_array($result, MYSQL_ASSOC)) {
$kdstats["tribe"] = stripslashes($kdstats["tribe"]);
if ($kdstats["id"] == $replyid) {
$sendMailTargets .= "<option value=\"" . $kdstats['id'] . "\" selected>" . $kdstats['tribe'];
} else {
$sendMailTargets .= "<option value=\"" . $kdstats['id'] . "\">" . $kdstats['tribe'];
}
}
$compose = "<br />" . "<table cellspacing=\"0\" cellpadding=\"0\" class=\"small\">" . "<tr class=\"header\">" . "<th colspan=\"2\">" . "Compose Mail" . "</th>" . "</tr>" . "<tr class=\"subheader\">" . "<th colspan=\"2\" class=\"center\">" . "Select Target" . "</th>" . "</tr>" . "<tr class=\"data\">" . "<form action=\"main.php?cat=game&page=mail&set=compose\" method=\"post\">" . "<th>" . "Alliance:" . "</th>" . "<td>" . "<input maxlength=\"4\" size=\"3\" name=\"kingdom\" value=\"{$kingdom}\" />" . "<input type=\"submit\" value=\"Change\" />" . "</td>" . "</form>" . "</tr>" . "<form id=\"center\" action=\"main.php?cat=game&page=mail&set=sendmail\" method=\"post\">" . "<tr class=\"data\">" . "<th>" . "Tribe:" . "</th>" . "<td>" . "<select name=\"tribe\">" . $sendMailTargets . "</select>" . "</td>" . "</tr>" . "</table>" . "<br />" . '<div class="center">' . "Subject: <input type=\"text\" name=\"subject\" size=\"30\" />" . "<br />" . "<textarea name=\"message\" rows=\"10\" cols=\"70\" wrap=\"on\"></textarea>" . "<br />" . "<input type=\"submit\" value=\"Send Message\" />" . "</form>" . "</div>";
echo $compose;
}
if ($set == "view") {
$result = mysql_query("SELECT * from messages WHERE for_user ='******' AND action = 'received' AND new != 'deleted' ORDER BY date DESC") or die(mysql_error());
$num_mail = mysql_num_rows($result);
if ($num_mail <= "0") {
echo "You have no mail in your inbox.<br />";
include_game_down();
exit;
}
$update['timestamp'] = mysql_query("UPDATE preferences SET last_m_check ='{$orkTime}' WHERE id= {$userid}");
$updated['timestamp'] = mysql_query($update['timestamp'], $connection);
$inbox = "<form id=\"center\" name=\"mail\" method=\"post\" action=\"main.php?cat=game&page=mail&set=delete2\">" . "<table cellpadding=\"0\" cellspacing=\"0\" class=\"big\">" . "<tr class=\"header\">" . "<th colspan=\"5\">" . "Inbox" . "</th>" . "</tr>" . "<tr class=\"subheader\">" . "<th>" . "Subject" . "</th>" . "<td class=\"left\">" . "From" . "</td>" . "<td class=\"left\">" . "Date" . "</td>" . "<td class=\"left\">" . "Status" . "</td>" . "<td class=\"center\">" . "Delete" . "</td>" . "</tr>";
while ($mail = mysql_fetch_array($result)) {
$count++;
if ($count == '1') {
$class = "";
} else {
$class = "bsup";
}
mysql_grab($mail['from_user'], 'd', 'stats');
if (empty($mail['subject'])) {
$mail['subject'] = 'No Subject';
}
$inbox .= "<tr class=\"data\">" . "<th class=\"" . $class . "\">" . "<a href=\"main.php?cat=game&page=mail&set=read&mid=" . $mail['id'] . "\">" . cleanHTML($mail['subject']) . "</a>" . "</th>" . "<td class=\"" . $class . " left\">" . cleanHTML($d_stats['tribe']) . "(#" . $d_stats['kingdom'] . ")</td>" . "<td class=\"" . $class . " left\">" . $mail['date'] . "</td>" . "<td class=\"" . $class . " left\">" . $mail['new'] . "</td>" . "<td class=\"" . $class . " center\">" . "<input name=\"posts[]\" type=\"checkbox\" value=\"" . $mail['id'] . "\" />" . "</td>" . "</tr>";
}
$inbox .= "</table>" . '<br /><div class="center">' . "| <a href='#' onclick=\"var posts=document.getElementsByName('mail')[0]['posts[]']; for(var i=0,len=posts.length;i<len;i++) posts[i].checked=true;\">Check All</a>" . " | <a href='#' onclick=\"var posts=document.getElementsByName('mail')[0]['posts[]']; for(var i=0,len=posts.length;i<len;i++) posts[i].checked=false;\">Uncheck All</a> |" . "</div><br />" . "<input type=\"submit\" name=\"submit\" value=\"Delete\" />" . "</form>";
echo $inbox;
}
if ($set == "outbox") {
$result = mysql_query("SELECT * from messages WHERE from_user ='******' AND action = 'sent' AND new != 'deleted' ORDER BY date DESC") or die(mysql_error());
$num_mail = mysql_num_rows($result);
if ($num_mail <= "0") {
echo "<div class=\"center\">You have no mail in your outbox.</div>";
include_game_down();
exit;
}
$outbox = "<form id=\"center\" name=\"mail\" method=\"post\" action=\"main.php?cat=game&page=mail&set=deleteout2\">" . "<table cellpadding=\"0\" cellspacing=\"0\" class=\"big\">" . "<tr class=\"header\">" . "<th colspan=\"5\">" . "Outbox" . "</th>" . "</tr>" . "<tr class=\"subheader\">" . "<th>" . "Subject" . "</th>" . "<td class=\"left\">" . "To" . "</td>" . "<td class=\"left\">" . "Date" . "</td>" . "<td class=\"left\">" . "Status" . "</td>" . "<td class=\"center\">" . "Delete" . "</td>" . "</tr>";
while ($mail = mysql_fetch_array($result)) {
$count++;
if ($count == '1') {
$class = "";
} else {
$class = "bsup";
}
if ($mail['for_user'] == "0") {
$receiver = "Your Alliance";
} else {
$foruser = mysql_query("SELECT tribe, kingdom FROM stats WHERE id = {$mail['for_user']}");
$foruser = mysql_fetch_array($foruser);
$receiver = cleanHTML($foruser['tribe']) . "(#{$foruser['kingdom']})";
}
if (empty($mail['subject'])) {
$mail['subject'] = 'No Subject';
}
$outbox .= "<tr class=\"data\">" . "<th class=\"" . $class . "\">" . "<a href=\"main.php?cat=game&page=mail&set=readout&mid=" . $mail['id'] . "\">" . cleanHTML($mail['subject']) . "</a>" . "</th>" . "<td class=\"" . $class . " left\">" . $receiver . "</td>" . "<td class=\"" . $class . " left\">" . $mail['date'] . "</td>" . "<td class=\"" . $class . " left\">" . $mail['new'] . "</td>" . "<td class=\"" . $class . " center\">" . "<input name=\"posts[]\" type=\"checkbox\" value=\"" . $mail['id'] . "\" />" . "</td>" . "</tr>";
}
$outbox .= "</table>" . "<br /><br />" . "| <a href='#' onclick=\"var posts=document.getElementsByName('mail')[0]['posts[]']; for(var i=0,len=posts.length;i<len;i++) posts[i].checked=true;\">Check All</a>" . " | <a href='#' onclick=\"var posts=document.getElementsByName('mail')[0]['posts[]']; for(var i=0,len=posts.length;i<len;i++) posts[i].checked=false;\">Uncheck All</a> |" . "<br /><br />" . "<input type=\"submit\" name=\"submit\" value=\"Delete\" />" . "</form>";
echo $outbox;
}
if ($set == "readout") {
$result = mysql_query("SELECT * from messages WHERE from_user ='******' AND id = '{$mid}' AND action = 'sent' AND new != 'deleted'");
$read = mysql_fetch_array($result);
$read['subject'] = stripslashes(stripslashes($read['subject']));
$read['text'] = stripslashes(stripslashes($read['text']));
if ($read['for_user'] == "0") {
$receiver = "Your Alliance";
} else {
$foruser = mysql_query("SELECT tribe, kingdom FROM stats WHERE id = {$read['for_user']}");
$foruser = mysql_fetch_array($foruser);
$receiver = "{$foruser['tribe']}(#{$foruser['kingdom']})";
}
$readout = "<table cellpadding=\"0\" cellspacing=\"0\" class=\"medium\">" . "<tr class=\"header\">" . "<th>" . "Message to: " . $receiver . "</th>" . "</tr>" . "<tr class=\"subheader\">" . "<th>" . "Subject: " . cleanHTML($read['subject']) . "</th>" . "</tr>" . "<tr class=\"message\">" . "<td>" . "<br />" . cleanHTML($read['text']) . "<br />" . "</td>" . "</tr>" . "</table>" . "<br />" . '<div class="center">' . "| <a href=main.php?cat=game&page=mail&set=deleteout&mid={$mid}>Delete</a> | " . "<a href=main.php?cat=game&page=mail&set=outbox>Return To Outbox</a> |</div>";
echo $readout;
}
if ($set == "read") {
$result = mysql_query("SELECT * from messages WHERE for_user ='******' AND id = '{$mid}' AND action = 'received' AND new != 'deleted'");
$read = mysql_fetch_array($result);
mysql_grab($read['from_user'], 'd', 'stats');
$read['subject'] = stripslashes(stripslashes($read['subject']));
$read['text'] = stripslashes(stripslashes($read['text']));
$readin = "<br /><table cellpadding=\"0\" cellspacing=\"0\" class=\"medium\">" . "<tr class=\"header\">" . "<th>" . "Message from: " . stripslashes($d_stats['name']) . "</th>" . "</tr>" . "<tr class=\"subheader\">" . "<th>" . "Subject: " . cleanHTML($read['subject']) . "</th>" . "</tr>" . "<tr class=\"message\">" . "<td>" . "<br />" . cleanHTML($read['text']) . "<br />" . "</td>" . "</tr>" . "</table>" . "<br />" . '<div class="center">' . "| <a href=main.php?cat=game&page=mail&set=reply&mid={$mid}>Reply</a> | " . "<a href=main.php?cat=game&page=mail&set=delete&mid={$mid}>Delete</a> | " . "<a href=main.php?cat=game&page=mail&set=view&mid={$d_stats['id']}>Return To Inbox</a> | " . '</div>';
echo $readin;
$old = mysql_query("UPDATE messages SET new ='old' WHERE id ='{$mid}'");
$mid2 = $mid + 1;
$select = mysql_query("SELECT action FROM messages WHERE id = '{$mid2}'");
$select = mysql_fetch_array($select);
if ($select['action'] == 'sent') {
$old = mysql_query("UPDATE messages SET new ='old' WHERE id ='{$mid2}'");
}
}
if ($set == "delete") {
$email_name = "UPDATE messages SET new = 'deleted' WHERE id ='{$mid}' AND for_user = '******' AND action = 'received'";
$delete = mysql_query($email_name, $connection);
echo '<div id="textMedium"><p>' . "The message has been deleted.<br /><br />";
echo "<a href=main.php?cat=game&page=mail&set=view>Return To Inbox</a></p>" . '</div';
}
if ($set == "delete2") {
$sql = "UPDATE messages SET new = 'deleted' WHERE for_user = '******' AND action = 'received' ";
$sql .= " AND id IN (";
$posts = $_POST["posts"];
$postcount = count($posts);
for ($i = 0; $i < $postcount; $i++) {
$sql .= "{$posts[$i]}";
if ($i != $postcount - 1) {
$sql .= ",";
}
}
$sql .= ")";
$delete = mysql_query($sql, $connection);
echo '<div id="textMedium"><p>' . "The selected messages are deleted.<br /><br />";
echo "<a href=main.php?cat=game&page=mail&set=view>Return To Inbox</a></p>" . '</div';
}
if ($set == "deleteout") {
$email_name = "UPDATE messages SET new = 'deleted' WHERE id ='{$mid}' AND from_user = '******' AND action = 'sent'";
$delete = mysql_query($email_name, $connection);
echo '<div id="textMedium"><p>' . "The message has been deleted.<br /><br />";
echo "<a href=main.php?cat=game&page=mail&set=outbox>Return To Outbox</a></p>" . '</div';
}
if ($set == "deleteout2") {
$sql = "UPDATE messages SET new = 'deleted' WHERE from_user = '******' AND action = 'sent' ";
$sql .= " AND id IN (";
$posts = $_POST["posts"];
$postcount = count($posts);
for ($i = 0; $i < $postcount; $i++) {
$sql .= "{$posts[$i]}";
if ($i != $postcount - 1) {
$sql .= ",";
}
}
$sql .= ")";
$delete = mysql_query($sql, $connection);
echo '<div id="textMedium"><p>' . "The selected messages are deleted.<br /><br />";
echo "<a href=main.php?cat=game&page=mail&set=outbox>Return To Outbox</a></p>" . '</div';
}
if ($set == "reply") {
if ($action != "post") {
$result = mysql_query("SELECT * from messages WHERE for_user ='******' AND id = '{$mid}' AND action = 'received'");
$reply = mysql_fetch_array($result);
$subject = "Re: " . cleanHTML($reply['subject']) . " ";
$replyText = "<form action=\"main.php?cat=game&page=mail&set=reply&mid={$mid}&action=post\" method=\"post\">" . "<br />" . "Subject: <input type=\"text\" name=\"subject\" size=\"30\" value=\"" . $subject . "\" />" . "<br />" . "<textarea name=\"message\" rows=\"10\" cols=\"70\" wrap=\"virtual\"></textarea>" . "<br />" . "<input type=\"submit\" name=\"submit\" value=\"Send Message\" />" . "</form>";
echo $replyText;
}
if ($action == "post") {
$result = mysql_query("SELECT * from messages WHERE for_user ='******' AND id = '{$mid}' AND action = 'received'");
$reply = mysql_fetch_array($result);
send_mail($userid, $reply['from_user'], $subject, $message);
echo "<a href=main.php?cat=game&page=mail>Return To Mailbox</a>";
}
}
if ($set == "block") {
if (isset($_POST['tribe']) && $_POST['tribe'] != 'spacer' && $action == "block") {
$blocker_id = $objSrcUser->get_userid();
$blocked_id = quote_smart($_POST['tribe']);
$objTrgUser = new clsUser($blocked_id);
$blocked_name = $objTrgUser->get_stat(TRIBE);
echo '<br /><div class="center">' . "You have blocked {$blocked_name} from sending you any more mail.</div>";
block_mail($blocker_id, $blocked_id);
}
if (isset($_GET['id']) && $_GET['id'] > 0 && $action == "unblock") {
$blocker_id = $objSrcUser->get_userid();
$blocked_id = quote_smart($_GET['id']);
$objTrgUser = new clsUser($blocked_id);
$blocked_name = $objTrgUser->get_stat(TRIBE);
echo '<br /><div class="center">' . "You have unblocked {$blocked_name}, they can send you mail again.</div>";
unblock_mail($blocker_id, $blocked_id);
}
$tribes = mysql_query("select tribe,id from stats where kingdom = {$kingdom} order by tribe");
$blockTargets = "<option value=\"spacer\"></option";
while ($allistats = mysql_fetch_assoc($tribes)) {
$tribe = stripslashes($allistats['tribe']);
$id = $allistats['id'];
$blockTargets .= "<option value=\"{$id}\">{$tribe}</option>";
}
echo "<br /><table cellspacing=\"0\" cellpadding=\"0\" class=\"small\">" . "<tr class=\"header\"><th colspan=\"2\">Block Mail</th></tr>" . "<tr class=\"subheader\"><th colspan=\"2\" class=\"center\">Select spammer</th></tr>" . "<tr class=\"data\"><form action=\"main.php?cat=game&page=mail&set=block\" method=\"post\">" . "<th>Alliance:</th><td><input maxlength=\"4\" size=\"3\" name=\"kingdom\" value=\"{$kingdom}\" />" . "<input type=\"submit\" value=\"Change\" /></td></form></tr>" . "<form action=\"main.php?cat=game&page=mail&set=block&action=block\" method=\"post\">" . "<tr class=\"data\"><th>Tribe:</th><td><select name=\"tribe\">{$blockTargets}</select>" . "<input type=\"submit\" value=\"Block\" name=\"Block\" /></td></tr></form>" . "</table><br /><br />";
$blocked_users = get_blocks_mail($objSrcUser->get_userid());
echo "<table cellspacing=\"0\" cellpadding=\"0\" class=\"small\">" . "<tr class=\"header\"><th colspan=\"2\">Blocked users</th></tr>" . "<tr class=\"subheader\"><th colspan=\"2\" class=\"center\">Remove?</th></tr>";
foreach ($blocked_users as $blocked_user) {
echo "<tr class=\"data\"><th>{$blocked_user['tribe']}</th>" . "<td><a href=\"main.php?cat=game&page=mail&set=block&" . "action=unblock&id={$blocked_user['blocked_id']}\">Remove?</td></tr>";
}
echo "</table>";
}
}
function formatText($text, $permalink = '', $post_id = '', $rss = NULL)
{
//unify carriage returns between Windows / UNIX, and sanitise HTML against injection
$text = safeHTML(preg_replace('/\\r\\n?/', "\n", $text));
//these arrays will hold any portions of text that have to be temporarily removed to avoid interference with the
//markup processing, i.e code spans / blocks
$pre = array();
$code = array();
/* preformatted text (code blocks):
-------------------------------------------------------------------------------------------------------------- */
/* example: or: (latex in particular since it uses % as a comment marker)
% title $ title
⋮ ⋮
% $
*/
while (preg_match('/^(?-s:(\\h*)([%$])(.*?))\\n(.*?)\\n\\h*\\2(["”»]?)$/msu', $text, $m, PREG_OFFSET_CAPTURE)) {
//format the code block
$pre[] = "<pre><span class=\"ct\">{$m[2][0]}{$m[3][0]}</span>\n" . (strlen($m[1][0]) ? preg_replace("/^\\s{1," . strlen($m[1][0]) . "}/m", '', $m[4][0]) : $m[4][0]) . "\n<span class=\"cb\">{$m[2][0]}</span></pre>";
//replace the code block with a placeholder:
//(we will have to remove the code chunks from the source text to avoid the other markup processing from
//munging it and then restore the chunks back later)
$text = substr_replace($text, "\n&PRE_" . (count($pre) - 1) . ";\n" . $m[5][0], $m[0][1], strlen($m[0][0]));
}
/* inline code / teletype text:
-------------------------------------------------------------------------------------------------------------- */
// example: `code` or ``code``
while (preg_match('/(?<=[\\s\\p{Z}\\p{P}]|^)(`+)(.*?)(?<!`)\\1(?!`)/m', $text, $m, PREG_OFFSET_CAPTURE)) {
//format the code block
$code[] = '<code>' . $m[1][0] . $m[2][0] . $m[1][0] . '</code>';
//same as with normal code blocks, replace them with a placeholder
$text = substr_replace($text, '&CODE_' . (count($code) - 1) . ';', $m[0][1], strlen($m[0][0]));
}
/* hyperlinks:
-------------------------------------------------------------------------------------------------------------- */
//find full URLs and turn into HTML hyperlinks. we also detect e-mail addresses automatically
while (preg_match('/(?:
((?:(?:http|ftp)s?|irc)?:\\/\\/) # $1 = protocol
| ([a-z0-9\\._%+\\-]+@) # $2 = email name
)( # $3 = friendly URL (no protocol)
[-\\.\\p{L}\\p{M}\\p{N}]+ # domain (letters, diacritics, numbers & dash only)
(?:\\.[\\p{L}\\p{M}\\p{N}]+)+ # TLDs (also letters, diacritics & numbers only)
)(?(2)| # email ends here
(\\/)? # $4 = slash is excluded from friendly URL
(?(4)( # $5 = folders and filename, relative URL
(?> # folders and filename
"(?!\\/?>|\\s|$)| # ignore the end of an HTML hyperlink
\\)(?![:\\.,"”»]?(?:\\s|$))| # ignore brackets on end with punctuation
[:\\.,”»](?!\\s|$)| # ignore various characters on the end
[^\\s:)\\.,"”»] # the rest, including bookmark
)*
)?)
)/xiu', $text, $m, PREG_OFFSET_CAPTURE, @($m[0][1] + strlen($replace)))) {
$text = substr_replace($text, $replace = '<a href="' . ($p = @$m[2][0] ? 'mailto:' . $m[2][0] : ($m[1][0] ? $m[1][0] : 'http://')) . htmlspecialchars($m[3][0] . @$m[4][0] . @$m[5][0], ENT_COMPAT, 'UTF-8', false) . '"' . ($p . $m[3][0] !== FORUM_URL ? ' rel="nofollow external"' : '') . '>' . $m[0][0] . '</a>', $m[0][1], strlen($m[0][0]));
}
/* inline formatting:
-------------------------------------------------------------------------------------------------------------- */
$text = preg_replace(array('/(?<=\\s|^)_(?!_)(.*?)(?<!_)_(?=\\s|$)/m', '/(?<![*\\w])\\*(?!\\*)(.*?)(?<!\\*)\\*(?![*\\w])/'), array('<em>_$1_</em>', '<strong>*$1*</strong>'), $text);
/* divider: "---"
-------------------------------------------------------------------------------------------------------------- */
$text = preg_replace('/(?:\\n|\\A)\\h*(---+)\\h*(?:\\n?$|\\Z)/m', "\n\n<p class=\"hr\">\$1</p>\n", $text);
/* blockquotes:
-------------------------------------------------------------------------------------------------------------- */
/* example:
“this is the first quote level.
“this is the second quote level.”
back to the first quote level.”
*/
do {
$text = preg_replace(array('/(?:\\n|\\A)\\h*("(?!\\s+)((?>(?1)|.)*?)\\s*")\\h*(?:\\n?$|\\Z)/msu', '/(?:\\n|\\A)\\h*(“(?!\\s+)((?>(?1)|.)*?)\\s*”)\\h*(?:\\n?$|\\Z)/msu', '/(?:\\n|\\A)\\h*(«(?!\\s+)((?>(?1)|.)*?)\\s*»)\\h*(?:\\n?$|\\Z)/msu'), "\n\n<blockquote>\n\n" . "<span class=\"ql\">“</span>\n\$2\n<span class=\"qr\">”</span>\n\n" . "</blockquote>\n", $text, -1, $c);
} while ($c);
//remove the extra linebreaks addeded between our theme quotes
//(required so that extra `<br />`s don’t get added!)
$text = preg_replace(array('/“<\\/span>\\n(?!\\n)/', '/\\n<span class="qr">/'), array('“</span>', '<span class="qr">'), $text);
/* name references:
-------------------------------------------------------------------------------------------------------------- */
//name references (e.g. "@bob") will link back to the last reply in the thread made by that person.
//this requires that the whole RSS thread is passed to this function to refer to
if (!is_null($rss)) {
//first, produce a list of all authors in the thread
$names = array();
foreach ($rss->channel->xpath('./item/author') as $name) {
$names[] = $name[0];
}
$names = array_unique($names);
//remove duplicates
$names = array_map('strtolower', $names);
//set all to lowercase
$names = array_map('safeHTML', $names);
//HTML encode names as they will be in the source text
//sort the list of names Z-A so that longer names and names with spaces occur first,
//this is so that we don’t choose "Bob" over "Bob Monkhouse" when matching names
rsort($names);
//find all possible name references in the text:
//(that is, any "@" followed by text up to the end of a line. note that this means that what might be
//matched may include additional text that *isn't* part of the name, e.g. "@bob How are you?")
$offset = 0;
while (preg_match('/(?:^|\\s+)(@.+)/m', $text, $m, PREG_OFFSET_CAPTURE, $offset)) {
//check each of the known names in the thread and see if one fits the source text reference
//e.g. does "@bob How are you?" begin with "bob"
foreach ($names as $name) {
if (stripos($m[1][0], $name) === 1) {
//locate the last post made by that author in the thread to link to
foreach ($rss->channel->item as $item) {
if (safeHTML(strtolower($item->author)) == $name) {
//replace the reference with the link to the post
$text = substr_replace($text, '<a href="' . safeHTML($item->link) . '"' . (isMod($name) ? ' class="nnf_mod"' : '') . '>' . substr($m[1][0], 0, strlen($name) + 1) . '</a>', $m[1][1], strlen($name) + 1);
//move on to the next reference, no need to check any further names for this one
$offset = $m[1][1] + strlen($name) + strlen($item->link) + 15 + 1;
break 2;
}
}
}
}
//failing any match, continue searching
//(avoid getting stuck in an infinite loop)
$offset = $m[1][1] + 1;
}
}
/* titles
-------------------------------------------------------------------------------------------------------------- */
//example: :: title
$replace = '';
$titles = array();
while (preg_match('/(?:\\n|\\A)(::.*)(?:\\n?$|\\Z)/mu', $text, $m, PREG_OFFSET_CAPTURE, @($m[0][1] + strlen($replace)))) {
//generate a unique HTML ID for the title:
//flatten the title text into a URL-safe string of [a-z0-9_]
$translit = safeTransliterate(strip_tags($m[1][0]));
//if a title already exsits with that ID, append a number until an available ID is found.
$c = 0;
do {
$id = $translit . ($c++ ? '_' . ($c - 1) : '');
} while (in_array($id, $titles));
//add the current ID to the list of used IDs
$titles[] = $id;
//remove hyperlinks in the title (since the title will be a hyperlink too)
//if a user-link is present, keep the mod class if present
$m[1][0] = preg_replace('/<a href="[^"]+"( class="nnf_mod")?>(.*?)<\\/a>/', "<b\$1>\$2</b>", $m[1][0]);
//create the replacement HTML, including an anchor link
$text = substr_replace($text, $replace = "\n\n<h2 id=\"{$post_id}::{$id}\">" . "<a href=\"" . safeHTML($permalink) . "#{$post_id}::{$id}\">" . $m[1][0] . "</a>" . "</h2>\n", $m[0][1], strlen($m[0][0]));
}
/* finalise:
-------------------------------------------------------------------------------------------------------------- */
//add paragraph tags between blank lines
foreach (preg_split('/\\n{2,}/', safeTrim($text), -1, PREG_SPLIT_NO_EMPTY) as $chunk) {
//if not a blockquote, title, hr or pre-block, wrap in a paragraph
if (!preg_match('/^<\\/?(?:bl|h2|p)|^&PRE_/', $chunk)) {
$chunk = "<p>\n" . str_replace("\n", "<br />\n", $chunk) . "\n</p>";
}
$text = @($result .= "\n{$chunk}");
}
//restore code spans/blocks
foreach ($code as $i => $html) {
$text = str_replace("&CODE_{$i};", $html, $text);
}
foreach ($pre as $i => $html) {
$text = str_replace("&PRE_{$i};", $html, $text);
}
return $text;
}
$f = fopen("{$FILE}.rss", 'r+');
flock($f, LOCK_EX);
$xml = simplexml_load_string(fread($f, filesize("{$FILE}.rss"))) or (require FORUM_LIB . 'error_xml.php');
//find the post using the ID (we need to know the numerical index for later)
for ($i = 0; $i < count($xml->channel->item); $i++) {
if (strstr($xml->channel->item[$i]->link, '#') == "#{$ID}") {
break;
}
}
$post = $xml->channel->item[$i];
/* has the un/pw been submitted to authenticate the append?
-------------------------------------------------------------------------------------------------------------- */
if (AUTH && TEXT && CAN_REPLY && (IS_MOD || strtolower(NAME) == strtolower($post->author) && (!FORUM_LOCK || FORUM_LOCK == 'threads' || IS_MEMBER))) {
//append the given text to the reply
//(see 'theme.config.php' if it exists, otherwise 'theme.config.default.php' for `THEME_APPEND`)
$post->description .= "\n" . sprintf(THEME_APPEND, safeHTML(NAME), gmdate('r', time()), date(DATE_FORMAT, time())) . formatText(TEXT, $xml);
//commit the data
rewind($f);
ftruncate($f, 0);
fwrite($f, $xml->asXML());
//close the lock / file
flock($f, LOCK_UN);
fclose($f);
//try set the modified date of the file back to the time of the last reply
//(appending to a post does not push the thread back to the top of the index)
//note: this may fail if the file is not owned by the Apache process
@touch("{$FILE}.rss", strtotime($xml->channel->item[0]->pubDate));
//regenerate the folder's RSS file
indexRSS();
//return to the appended post
header('Location: ' . FORUM_URL . url('thread', PATH_URL, $FILE, $PAGE) . "#{$ID}", true, 303);
function generateComments($id)
{
global $db, $PMF_LANG;
$result = $db->query("SELECT usr, email, comment, datum FROM " . SQLPREFIX . "faqcomments WHERE id = " . $id);
$output = "";
if ($db->num_rows($result) > 0) {
while ($row = $db->fetch_object($result)) {
$output .= "<p class=\"comment\">\n";
$output .= "<strong>" . $PMF_LANG["msgCommentBy"] . "<a href=\"mailto:" . safeEmail($row->email) . "\">" . $row->usr . "</a> (" . date('Y-m-d H:i:s', $row->datum) . "):</strong>\n";
$output .= "<br />" . safeHTML($row->comment) . "\n</p>";
}
}
return $output;
}
function submit()
{
//unset($_SESSION['RSM_error']);
//unset($_SESSION['RSM_post']);
$session = JFactory::getSession();
$session->set('RSM_error', '');
$session->set('RSM_post', '');
$session->set('RSM_rc', '');
$isfalse = false;
$RSM_error = array();
if (fetchParam('login_to_submit_testimonial') == 'true') {
$user =& JFactory::getUser();
$usr_id = $user->get('id');
if ($usr_id > 0) {
} else {
$isfalse = true;
$RSM_error[] = JText::_('RSM_MSG_ERR_LOGIN_FAIL');
}
}
if (fetchParam('show_single_name_field') != 'false') {
if (trim($_POST['fname']) == '') {
$isfalse = true;
$RSM_error[] = JText::_('RSM_MSG_ERR_NAME');
}
} else {
if (trim($_POST['fname']) == '') {
$isfalse = true;
$RSM_error[] = JText::_('RSM_MSG_ERR_FNAME');
}
if (trim($_POST['lname']) == '') {
$isfalse = true;
$RSM_error[] = JText::_('RSM_MSG_ERR_LNAME');
}
}
if (!eregi("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$", trim($_POST['email']))) {
$isfalse = true;
$RSM_error[] = JText::_('RSM_MSG_ERR_EMAIL');
}
if (fetchParam('show_image') == 'true') {
if (is_uploaded_file($_FILES['testi_pic']['tmp_name'])) {
$max_s = fetchParam('image_max_size');
$max_h = fetchParam('image_max_height');
$max_w = fetchParam('image_max_width');
$err = '';
$img_settings = getimagesize($_FILES['testi_pic']['tmp_name']);
if ($img_settings[2] != 1 && $img_settings[2] != 2 && $img_settings[2] != 3) {
$isfalse = true;
$RSM_error[] = JText::_('RSM_MSG_ERR_PICTURE_NOT_SUPPORTED');
} else {
if ($_FILES['testi_pic']['size'] > $max_s * 1024) {
$isfalse = true;
$RSM_error[] = JText::sprintf('RSM_MSG_ERR_PICTURE_IS_OVER_SIZE', $max_w, $max_h, $max_s);
} else {
if ($img_settings[0] > $max_w) {
$isfalse = true;
$RSM_error[] = JText::sprintf('RSM_MSG_ERR_PICTURE_IS_OVER_SIZE', $max_w, $max_h, $max_s);
} else {
if ($img_settings[1] > $max_h) {
$isfalse = true;
$RSM_error[] = JText::sprintf('RSM_MSG_ERR_PICTURE_IS_OVER_SIZE', $max_w, $max_h, $max_s);
} else {
}
}
}
}
}
}
if (fetchParam('show_captcha') != 'false') {
if (fetchParam('use_recaptcha') == 'true') {
require_once JPATH_BASE . DS . 'components' . DS . 'com_rsmonials' . DS . 'includes' . DS . 'recaptchalib.php';
$rs_rc_privatekey = fetchParam('recaptcha_private_key');
$rs_rc_resp = recaptcha_check_answer($rs_rc_privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if ($rs_rc_resp->is_valid) {
} else {
$rs_rc_error = $rs_rc_resp->error;
$isfalse = true;
$RSM_error[] = JText::_('RSM_MSG_ERR_SECURITY_CODE');
}
} else {
if ($session->get("RSM_code") != $_POST['security_code']) {
$isfalse = true;
$RSM_error[] = JText::_('RSM_MSG_ERR_SECURITY_CODE');
}
}
}
if (trim($_POST['comments']) == '') {
$isfalse = true;
$RSM_error[] = JText::_('RSM_MSG_ERR_COMMENTS');
}
if ($isfalse == false) {
foreach ($_POST as $key => $value) {
$_POST[$key] = safeHTML($value);
}
$database =& JFactory::getDBO();
if (fetchParam('auto_approval') == 'true') {
$tesistatus = 1;
} else {
$tesistatus = 2;
}
$database->setQuery("insert into `#__" . RSWEBSOLS_TABLE_PREFIX . "`(`id`, `fname`, `lname`, `about`, `location`, `website`, `email`, `comment`, `date`, `status`) values('', '" . $database->getEscaped($_POST['fname']) . "', '" . $database->getEscaped($_POST['lname']) . "', '" . $database->getEscaped($_POST['about']) . "', '" . $database->getEscaped($_POST['location']) . "', '" . $database->getEscaped($_POST['website']) . "', '" . $database->getEscaped($_POST['email']) . "', '" . $database->getEscaped($_POST['comments']) . "', '" . date('Y-m-d') . "', '" . $tesistatus . "')");
$database->query();
if (is_uploaded_file($_FILES['testi_pic']['tmp_name'])) {
$new_t_id = $database->insertid();
$upload_dir_path = JPATH_ROOT . DS . 'images' . DS . 'com_rsmonials';
if (!file_exists($upload_dir_path)) {
mkdir($upload_dir_path, 0755);
}
$upload_path = $upload_dir_path . DS . $new_t_id . '.';
$img_settings = getimagesize($_FILES['testi_pic']['tmp_name']);
if ($img_settings[2] == 1) {
$upload_path .= 'gif';
} else {
if ($img_settings[2] == 2) {
$upload_path .= 'jpg';
} else {
if ($img_settings[2] == 3) {
$upload_path .= 'png';
}
}
}
move_uploaded_file($_FILES['testi_pic']['tmp_name'], $upload_path);
}
if (fetchParam('admin_email_alert') == 'true') {
$smFrom = $_POST['email'];
$smName = $_POST['fname'] . ' ' . $_POST['lname'];
$smSubject = JText::_('RSM_EMAIL_ADMIN_SUBJECT');
$smBody = JText::_('RSM_EMAIL_ADMIN_BODY');
sendMail($smFrom, $smName, $smSubject, $smBody);
}
header('location:' . JRoute::_("index.php?option=com_rsmonials&Itemid=" . $_REQUEST['Itemid'] . "&saved=true", false) . '');
exit;
} else {
//$_SESSION['RSM_error'] = $RSM_error;
//$_SESSION['RSM_post'] = $_POST;
$session->set('RSM_error', $RSM_error);
$session->set('RSM_post', $_POST);
$session->set('RSM_rc', $rs_rc_error);
header('location:' . JRoute::_("index.php?option=com_rsmonials&Itemid=" . $_REQUEST['Itemid'] . "&err=true#submitform", false) . '');
exit;
}
}
$xml = simplexml_load_string(fread($f, filesize("{$FILE}.rss"))) or die('Malformed XML');
if (!(NAME == $xml->channel->item[0]->author && formatText(TEXT) == $xml->channel->item[0]->description && !$xml->channel->xpath("category[text()='locked']"))) {
//where to?
//(we won’t use `page=last` here as we are effecitvely handing the user a permalink here)
$page = ceil(count($xml->channel->item) / FORUM_POSTS);
$url = FORUM_URL . PATH_URL . $FILE . ($page > 1 ? "?page={$page}" : '') . '#' . base_convert(microtime(), 10, 36);
//add the comment to the thread
$item = $xml->channel->item[0]->insertBefore('item');
//add the "RE:" prefix, and reply number to the title
//(see 'theme.config.php' if it exists, otherwise 'theme.config.deafult.php',
//in the theme's folder for the definition of `THEME_RE`)
$item->addChild('title', safeHTML(sprintf(THEME_RE, count($xml->channel->item) - 1, $xml->channel->title)));
$item->addChild('link', $url);
$item->addChild('author', safeHTML(NAME));
$item->addChild('pubDate', gmdate('r'));
$item->addChild('description', safeHTML(formatText(TEXT)));
//write the file: first move the write-head to 0, remove the file's contents, and then write new ones
rewind($f);
ftruncate($f, 0);
fwrite($f, $xml->asXML());
} else {
//if a double-post, link back to the previous post
$url = $xml->channel->item[0]->link;
}
//close the lock / file
flock($f, LOCK_UN);
fclose($f);
//regenerate the forum / sub-forums's RSS file
indexRSS();
//refresh page to see the new post added
header("Location: {$url}", true, 303);
flock($f, LOCK_EX);
$xml = simplexml_load_string(fread($f, filesize("{$FILE}.rss"))) or (require FORUM_LIB . 'error_xml.php');
//find the post using the ID (we need to know the numerical index for later)
for ($i = 0; $i < count($xml->channel->item); $i++) {
if (strstr($xml->channel->item[$i]->link, '#') == "#{$ID}") {
break;
}
}
$post = $xml->channel->item[$i];
/* has the un/pw been submitted to authenticate the append?
-------------------------------------------------------------------------------------------------------------- */
if (AUTH && TEXT && CAN_REPLY && (IS_MOD || strtolower(NAME) == strtolower($post->author) && (FORUM_LOCK != 'posts' || IS_MEMBER))) {
//check for duplicate append:
if (substr(unformatText($post->description), -strlen($_ = unformatText(formatText(TEXT)))) !== $_) {
//append the given text to the reply
$post->description = formatText(unformatText($post->description) . "\n\n" . sprintf(THEME_APPENDED, safeHTML(NAME), date(DATE_FORMAT, time())) . "\n\n" . TEXT, FORUM_URL . url(PATH_URL, $FILE, $PAGE), $ID, $xml);
//commit the data
rewind($f);
ftruncate($f, 0);
fwrite($f, $xml->asXML());
//close the lock / file
flock($f, LOCK_UN);
fclose($f);
//try set the modified date of the file back to the time of the last reply
//(appending to a post does not push the thread back to the top of the index)
//note: this may fail if the file is not owned by the Apache process
@touch("{$FILE}.rss", strtotime($xml->channel->item[0]->pubDate));
//regenerate the folder's RSS file
indexRSS();
}
//return to the appended post
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS"
* basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
* License for the specific language governing rights and limitations
* under the License.
*/
if (!defined('IS_VALID_PHPMYFAQ')) {
header('Location: http://' . $_SERVER['SERVER_NAME'] . dirname($_SERVER['SCRIPT_NAME']));
exit;
}
$captcha = new PMF_Captcha($db, $sids, $pmf->language, $_SERVER['HTTP_USER_AGENT'], $_SERVER['REMOTE_ADDR']);
if (isset($_POST['user']) && $_POST['user'] != '' && isset($_POST['mail']) && checkEmail($_POST['mail']) && isset($_POST['comment']) && $_POST['comment'] != '' && IPCheck($_SERVER['REMOTE_ADDR']) && checkBannedWord(htmlspecialchars(strip_tags($_POST['comment']))) && checkCaptchaCode()) {
$id = isset($_POST["id"]) ? (int) $_POST["id"] : 0;
Tracking("save_comment", $id);
$helped = "";
// not used in this version - maybe in the future
$comment = nl2br($db->escape_string(safeHTML($_POST["comment"])));
$comment_by_user = $db->escape_string(safeHTML($_POST["user"]));
$comment_by_mail = $db->escape_string(safeHTML($_POST["mail"]));
$result = $db->query("INSERT INTO " . SQLPREFIX . "faqcomments (id_comment, id, usr, email, comment, datum, helped) VALUES (" . $db->nextID(SQLPREFIX . "faqcomments", "id_comment") . ", " . $id . ", '" . $comment_by_user . "', '" . $comment_by_mail . "', '" . $comment . "', " . time() . ", '" . $helped . "')");
$tpl->processTemplate("writeContent", array("msgCommentHeader" => $PMF_LANG["msgWriteComment"], "Message" => $PMF_LANG["msgCommentThanks"]));
} else {
if (IPCheck($_SERVER["REMOTE_ADDR"]) == FALSE) {
$tpl->processTemplate("writeContent", array("msgCommentHeader" => $PMF_LANG["msgWriteComment"], "Message" => $PMF_LANG["err_bannedIP"]));
} else {
Tracking("error_save_comment", $id);
$tpl->processTemplate("writeContent", array("msgCommentHeader" => $PMF_LANG["msgWriteComment"], "Message" => $PMF_LANG["err_SaveComment"]));
}
}
$tpl->includeTemplate("writeContent", "index");
function formatText($text)
{
//unify carriage returns between Windows / UNIX, and sanitise HTML against injection
$text = safeHTML(preg_replace('/\\r\\n?/', "\n", $text));
/* preformatted text (code blocks):
-------------------------------------------------------------------------------------------------------------- */
/* example: or: (latex in partiular since it uses % as a comment marker)
% title $ title
⋮ ⋮
% $
*/
$pre = array();
while (preg_match('/^(?-s:(\\h*)([%$])(.*?))\\n(.*?)\\n\\h*\\2(["”»]?)$/msu', $text, $m, PREG_OFFSET_CAPTURE)) {
//format the code block
$pre[] = "<pre><span class=\"ct\">{$m[2][0]}{$m[3][0]}</span>\n" . (strlen($m[1][0]) ? preg_replace("/^\\s{1," . strlen($m[1][0]) . "}/m", '', $m[4][0]) : $m[4][0]) . "\n<span class=\"cb\">{$m[2][0]}</span></pre>";
//replace the code block with a placeholder:
//(we will have to remove the code chunks from the source text to avoid the other markup processing from
//munging it and then restore the chunks back later)
$text = substr_replace($text, "\n&__PRE__;" . $m[5][0], $m[0][1], strlen($m[0][0]));
}
/* inline code / teletype text:
-------------------------------------------------------------------------------------------------------------- */
// example: `code` or ``code``
$code = array();
while (preg_match('/(?<=\\s|^)(`+)(.*?)(?<!`)\\1(?!`)/m', $text, $m, PREG_OFFSET_CAPTURE)) {
//format the code block
$code[] = '<code>' . $m[1][0] . $m[2][0] . $m[1][0] . '</code>';
//same as with normal code blocks, replace them with a placeholder
$text = substr_replace($text, "&__CODE__;", $m[0][1], strlen($m[0][0]));
}
/* hyperlinks:
-------------------------------------------------------------------------------------------------------------- */
//find full URLs and turn into HTML hyperlinks. we also detect e-mail addresses automatically
$text = preg_replace('/(?:
((?:(?:http|ftp)s?|irc)?:\\/\\/) # $1 = protocol
( # $2 = friendly URL (no protocol)
[a-z0-9\\.\\-]{1,}(?:\\.[a-z]{2,6})+ # domain name
)(\\/)? # $3 = slash is excluded from friendly URL
(?(3)( # $4 = folders and filename, relative URL
(?> # folders and filename
\\)(?![:\\.,"”»]?(?:\\s|$))| # ignore brackets on end with punctuation
[:\\.,"”»](?!\\s|$)| # ignore various characters on the end
[^\\s:)\\.,"”»] # the rest, including bookmark
)*
)?)
|
([a-z0-9\\._%+\\-]+@[a-z0-9\\.\\-]{1,}(?:\\.[a-z]{2,6})+) # $5 = e-mail
)/exiu', '"<a href=\\"".("$5"?"mailto:$5":("$1"?"$1":"http://")."$2$3$4")."\\" rel=\\"nofollow\\">$0</a>"', $text);
/* inline formatting:
-------------------------------------------------------------------------------------------------------------- */
$text = preg_replace(array('/(?<!\\w)_(?!_)(.*?)(?<!_)_(?!\\w)/', '/(?<![*\\w])\\*(?!\\*)(.*?)(?<!\\*)\\*(?![*\\w])/'), array('<em>_$1_</em>', '<strong>*$1*</strong>'), $text);
/* titles and dividers
-------------------------------------------------------------------------------------------------------------- */
/* example: (titles) / (dividers)
:: title ---
*/
$text = preg_replace(array('/(?:\\n|\\A)(::.*)(?:\\n?$|\\Z)/mu', '/(?:\\n|\\A)\\h*(---+)\\h*(?:\\n?$|\\Z)/m'), array("\n\n<h2>\$1</h2>\n", "\n\n<p class=\"hr\">\$1</p>\n"), $text);
/* blockquotes:
-------------------------------------------------------------------------------------------------------------- */
/* example:
“this is the first quote level.
“this is the second quote level.”
back to the first quote level.”
*/
do {
$text = preg_replace(array('/(?:\\n|\\A)\\h*("(?!\\s+)((?>(?1)|.)*?)\\s*")\\h*(?:\\n?$|\\Z)/msu', '/(?:\\n|\\A)\\h*(“(?!\\s+)((?>(?1)|.)*?)\\s*”)\\h*(?:\\n?$|\\Z)/msu', '/(?:\\n|\\A)\\h*(«(?!\\s+)((?>(?1)|.)*?)\\s*»)\\h*(?:\\n?$|\\Z)/msu'), "\n\n<blockquote>\n\n<span class=\"ql\">“</span>\n\$2\n<span class=\"qr\">”</span>\n\n</blockquote>\n", $text, -1, $c);
} while ($c);
//remove the extra linebreaks addeded between our theme quotes
//(required so that extra `<br />`s don’t get added!)
$text = preg_replace(array('/“<\\/span>\\n/', '/\\n<span class="qr">/'), array('“</span>', '<span class="qr">'), $text);
/* finalise:
-------------------------------------------------------------------------------------------------------------- */
//add paragraph tags between blank lines
foreach (preg_split('/\\n{2,}/', trim($text), -1, PREG_SPLIT_NO_EMPTY) as $chunk) {
//if not a blockquote, title or hr, wrap in a paragraph
if (!preg_match('/^<\\/?(?:bl|h2|p)|^&_/', $chunk)) {
$chunk = "<p>\n" . str_replace("\n", "<br />\n", $chunk) . "\n</p>";
}
$text = @($result .= "\n{$chunk}");
}
//restore code blocks/spans
foreach ($pre as $html) {
$text = preg_replace('/&__PRE__;/', $html, $text, 1);
}
foreach ($code as $html) {
$text = preg_replace('/&__CODE__;/', $html, $text, 1);
}
return $text;
}
function make_post($poster_id, $thread, $alli, $type, $post)
{
$objTmpUser = new clsUser($poster_id);
$arrStats = $objTmpUser->get_stats();
$post = safeHTML($post);
$orkTime = $GLOBALS['orkTime'];
mysql_query("INSERT INTO forum (poster_id,type,poster_kd,parent_id,post,date_time,updated,poster_name,poster_tribe,level) VALUES ({$poster_id},{$type},{$alli},{$thread},'{$post}','{$orkTime}','{$orkTime}','" . get_coloured_name($poster_id, $type) . "','{$arrStats['tribe']}',{$arrStats['level']})") or die('mysql error: ' . mysql_error());
mysql_query("UPDATE forum SET updated = '{$orkTime}' WHERE post_id = {$thread}") or die('mysql error: ' . mysql_error());
mysql_query("UPDATE user,stats SET allianceforum = allianceforum + 1 WHERE user.id = stats.id AND kingdom = {$alli}") or die('mysql error: ' . mysql_error());
}
function formatText($text, $rss = NULL)
{
//unify carriage returns between Windows / UNIX, and sanitise HTML against injection
$text = safeHTML(preg_replace('/\\r\\n?/', "\n", $text));
/* preformatted text (code blocks):
-------------------------------------------------------------------------------------------------------------- */
/* example: or: (latex in partiular since it uses % as a comment marker)
% title $ title
⋮ ⋮
% $
*/
$pre = array();
while (preg_match('/^(?-s:(\\h*)([%$])(.*?))\\n(.*?)\\n\\h*\\2(["”»]?)$/msu', $text, $m, PREG_OFFSET_CAPTURE)) {
//format the code block
$pre[] = "<pre><span class=\"ct\">{$m[2][0]}{$m[3][0]}</span>\n" . (strlen($m[1][0]) ? preg_replace("/^\\s{1," . strlen($m[1][0]) . "}/m", '', $m[4][0]) : $m[4][0]) . "\n<span class=\"cb\">{$m[2][0]}</span></pre>";
//replace the code block with a placeholder:
//(we will have to remove the code chunks from the source text to avoid the other markup processing from
//munging it and then restore the chunks back later)
$text = substr_replace($text, "\n&__PRE__;" . $m[5][0], $m[0][1], strlen($m[0][0]));
}
/* inline code / teletype text:
-------------------------------------------------------------------------------------------------------------- */
// example: `code` or ``code``
$code = array();
while (preg_match('/(?<=\\s|^)(`+)(.*?)(?<!`)\\1(?!`)/m', $text, $m, PREG_OFFSET_CAPTURE)) {
//format the code block
$code[] = '<code>' . $m[1][0] . $m[2][0] . $m[1][0] . '</code>';
//same as with normal code blocks, replace them with a placeholder
$text = substr_replace($text, "&__CODE__;", $m[0][1], strlen($m[0][0]));
}
/* hyperlinks:
-------------------------------------------------------------------------------------------------------------- */
//find full URLs and turn into HTML hyperlinks. we also detect e-mail addresses automatically
while (preg_match('/(?:
((?:(?:http|ftp)s?|irc)?:\\/\\/) # $1 = protocol
| ([a-z0-9\\._%+\\-]+@) # $2 = email name
)( # $3 = friendly URL (no protocol)
[^\\p{Z}\\p{C}\\.\\/&\\x{23}@"”»]+ # domain name (not "separator", "other" and slash)
(?:\\.[^\\p{Z}\\p{C}\\.\\/&\\x{23}@"”»]+)+ # top-level domain
)(?(2)| # email ends here
(\\/)? # $4 = slash is excluded from friendly URL
(?(4)( # $5 = folders and filename, relative URL
(?> # folders and filename
"(?!\\/?>|\\s|$)| # ignore the end of an HTML hyperlink
\\)(?![:\\.,"”»]?(?:\\s|$))| # ignore brackets on end with punctuation
[:\\.,”»](?!\\s|$)| # ignore various characters on the end
[^\\s:)\\.,"”»] # the rest, including bookmark
)*
)?)
)/xiu', $text, $m, PREG_OFFSET_CAPTURE, @($m[0][1] + strlen($replace)))) {
$text = substr_replace($text, $replace = '<a href="' . (@$m[2][0] ? 'mailto:' . $m[2][0] : ($m[1][0] ? $m[1][0] : 'http://')) . htmlspecialchars($m[3][0] . @$m[4][0] . @$m[5][0], ENT_COMPAT, 'UTF-8', false) . '" rel="nofollow">' . $m[0][0] . '</a>', $m[0][1], strlen($m[0][0]));
}
/* inline formatting:
-------------------------------------------------------------------------------------------------------------- */
$text = preg_replace(array('/(?<!\\w)_(?!_)(.*?)(?<!_)_(?!\\w)/', '/(?<![*\\w])\\*(?!\\*)(.*?)(?<!\\*)\\*(?![*\\w])/'), array('<em>_$1_</em>', '<strong>*$1*</strong>'), $text);
/* titles and dividers
-------------------------------------------------------------------------------------------------------------- */
/* example: (titles) / (dividers)
:: title ---
*/
$text = preg_replace(array('/(?:\\n|\\A)(::.*)(?:\\n?$|\\Z)/mu', '/(?:\\n|\\A)\\h*(---+)\\h*(?:\\n?$|\\Z)/m'), array("\n\n<h2>\$1</h2>\n", "\n\n<p class=\"hr\">\$1</p>\n"), $text);
/* blockquotes:
-------------------------------------------------------------------------------------------------------------- */
/* example:
“this is the first quote level.
“this is the second quote level.”
back to the first quote level.”
*/
do {
$text = preg_replace(array('/(?:\\n|\\A)\\h*("(?!\\s+)((?>(?1)|.)*?)\\s*")\\h*(?:\\n?$|\\Z)/msu', '/(?:\\n|\\A)\\h*(“(?!\\s+)((?>(?1)|.)*?)\\s*”)\\h*(?:\\n?$|\\Z)/msu', '/(?:\\n|\\A)\\h*(«(?!\\s+)((?>(?1)|.)*?)\\s*»)\\h*(?:\\n?$|\\Z)/msu'), "\n\n<blockquote>\n\n<span class=\"ql\">“</span>\n\$2\n<span class=\"qr\">”</span>\n\n</blockquote>\n", $text, -1, $c);
} while ($c);
//remove the extra linebreaks addeded between our theme quotes
//(required so that extra `<br />`s don’t get added!)
$text = preg_replace(array('/“<\\/span>\\n/', '/\\n<span class="qr">/'), array('“</span>', '<span class="qr">'), $text);
/* name references:
-------------------------------------------------------------------------------------------------------------- */
//name references (e.g. "@bob") will link back to the last reply in the thread made by that person.
//this requires that the whole RSS thread is passed to this function to refer to
if (!is_null($rss)) {
//first, produce a list of all authors in the thread
$names = array();
foreach ($rss->channel->xpath('./item/author') as $name) {
$names[] = $name[0];
}
$names = array_map('strtolower', $names);
//set all to lowercase
$names = array_map('safeHTML', $names);
//HTML encode names as they will be in the source text
$names = array_unique($names);
//remove duplicates
//sort the list of names Z-A so that longer names and names with spaces occur first,
//this is so that we don’t choose "Bob" over "Bob Monkhouse" when matching names
rsort($names);
//find all possible name references in the text:
//(that is, any "@" followed by text up to the end of a line. note that this means that what might be
//matched may include additional text that *isn't* part of the name, e.g. "@bob How are you?")
$offset = 0;
while (preg_match('/(?:^|\\s+)(@.+)/m', $text, $m, PREG_OFFSET_CAPTURE, $offset)) {
//check each of the known names in the thread and see if one fits the source text reference
//e.g. does "@bob How are you?" begin with "bob"
foreach ($names as $name) {
if (stripos($m[1][0], $name) === 1) {
//locate the last post made by that author in the thread to link to
foreach ($rss->channel->item as $item) {
if (safeHTML(strtolower($item->author)) == $name) {
//replace the reference with the link to the post
$text = substr_replace($text, '<a href="' . $item->link . '">' . substr($m[1][0], 0, strlen($name) + 1) . '</a>', $m[1][1], strlen($name) + 1);
//move on to the next reference, no need to check any further names for this one
$offset = $m[1][1] + strlen($name) + strlen($item->link) + 15 + 1;
break 2;
}
}
}
}
//failing any match, continue searching
//(avoid getting stuck in an infinite loop)
$offset = $m[1][1] + 1;
}
}
/* finalise:
-------------------------------------------------------------------------------------------------------------- */
//add paragraph tags between blank lines
foreach (preg_split('/\\n{2,}/', trim($text), -1, PREG_SPLIT_NO_EMPTY) as $chunk) {
//if not a blockquote, title or hr, wrap in a paragraph
if (!preg_match('/^<\\/?(?:bl|h2|p)|^&_/', $chunk)) {
$chunk = "<p>\n" . str_replace("\n", "<br />\n", $chunk) . "\n</p>";
}
$text = @($result .= "\n{$chunk}");
}
//restore code blocks/spans
foreach ($pre as $html) {
$text = preg_replace('/&__PRE__;/', $html, $text, 1);
}
foreach ($code as $html) {
$text = preg_replace('/&__CODE__;/', $html, $text, 1);
}
return $text;
}
$datum = date("YmdHis");
$content = $db->escape_string(safeHTML(nl2br($_POST["content"])));
$contentlink = $db->escape_string(safeHTML($_POST["contentlink"]));
if (substr($contentlink, 7) != "") {
$content = $content . "<br />" . $PMF_LANG["msgInfo"] . "<a href=\"http://" . substr($contentlink, 7) . "\" target=\"_blank\">" . $contentlink . "</a>";
}
if (isset($_SERVER["HTTP_ACCEPT_LANGUAGE"])) {
$lang = trim(strtolower(substr($_SERVER["HTTP_ACCEPT_LANGUAGE"], 0, 2)));
} else {
$lang = "en";
}
$thema = $db->escape_string(safeHTML($_POST["thema"]));
$selected_category = $_POST["rubrik"];
$keywords = $db->escape_string(safeHTML($_POST["keywords"]));
$author = $db->escape_string(safeHTML($_POST["username"]));
$usermail = $IDN->encode($db->escape_string(safeHTML($_POST["usermail"])));
$db->query(sprintf("INSERT INTO %sfaqdata (id, lang, solution_id, revision_id, active, thema, content, keywords, author, email, comment, datum) VALUES (%d, '%s', %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')", SQLPREFIX, $db->nextID(SQLPREFIX . "faqdata", "id"), $lang, getSolutionId(), 0, 'no', $thema, $content, $keywords, $author, $usermail, 'y', $datum));
foreach ($selected_category as $_category) {
$db->query(sprintf("INSERT INTO %sfaqcategoryrelations (category_id, category_lang, record_id, record_lang) VALUES (%d, '%s', %d, '%s')", SQLPREFIX, intval($_category), $lang, $db->insert_id(SQLPREFIX . 'faqdata', 'id'), $lang));
}
$db->query(sprintf("INSERT INTO %sfaqvisits (id, lang, visits, last_visit) VALUES (%d, '%s', %d, %d)", SQLPREFIX, $db->insert_id(SQLPREFIX . 'faqdata', 'id'), $lang, 1, time()));
$additional_header = array();
$additional_header[] = 'MIME-Version: 1.0';
$additional_header[] = 'Content-Type: text/plain; charset=' . $PMF_LANG['metaCharset'];
if (strtolower($PMF_LANG['metaCharset']) == 'utf-8') {
$additional_header[] = 'Content-Transfer-Encoding: 8bit';
}
$additional_header[] = 'From: ' . $usermail;
$subject = unhtmlentities($PMF_CONF["title"]);
if (function_exists('mb_encode_mimeheader')) {
$subject = mb_encode_mimeheader($subject);
