} else { $tpl->set('{shortarea}', ''); $tpl->set('{fullarea}', ''); } if ($id) { $row = $db->super_query("SELECT * FROM " . PREFIX . "_post LEFT JOIN " . PREFIX . "_post_extras ON (" . PREFIX . "_post.id=" . PREFIX . "_post_extras.news_id) WHERE id = '{$id}' AND approve = '0'"); if ($id == $row['id'] and ($member_id['name'] == $row['autor'] or $user_group[$member_id['user_group']]['allow_all_edit'])) { $found = true; } else { $found = false; } } if ($found) { $cat_list = explode(',', $row['category']); $categories_list = CategoryNewsSelection($cat_list, 0); $tpl->set('{title}', $parse->decodeBBCodes($row['title'], false)); $tpl->set('{alt-name}', $row['alt_name']); if ($config['allow_site_wysiwyg'] or $row['allow_br'] != '1') { $row['short_story'] = $parse->decodeBBCodes($row['short_story'], TRUE, $config['allow_site_wysiwyg']); $row['full_story'] = $parse->decodeBBCodes($row['full_story'], TRUE, $config['allow_site_wysiwyg']); } else { $row['short_story'] = $parse->decodeBBCodes($row['short_story'], false); $row['full_story'] = $parse->decodeBBCodes($row['full_story'], false); } $tpl->set('{short-story}', $row['short_story']); $tpl->set('{full-story}', $row['full_story']); $tpl->set('{tags}', $row['tags']); if ($row['votes']) { $poll = $db->super_query("SELECT * FROM " . PREFIX . "_poll where news_id = '{$row['id']}'"); $poll['title'] = $parse->decodeBBCodes($poll['title'], false); $poll['frage'] = $parse->decodeBBCodes($poll['frage'], false);
msg("info", $lang['addnews_ok'], $lang['rss_added'], "?mod=rss"); } msg("error", $lang['addnews_error'], $lang['rss_notadded'], "?mod=rss"); } elseif ($_REQUEST['action'] == "news" and $id) { include_once ENGINE_DIR . '/classes/rss.class.php'; include_once ENGINE_DIR . '/classes/parse.class.php'; $parse = new ParseFilter(array(), array(), 1, 1); $parse->leech_mode = true; $rss = $db->super_query("SELECT * FROM " . PREFIX . "_rss WHERE id='{$id}'"); $xml = new xmlParser(stripslashes($rss['url']), $rss['max_news']); $xml->pre_lastdate = $rss['lastdate']; $xml->pre_parse($rss['date']); $i = 0; foreach ($xml->content as $content) { if ($rss['text_type']) { $xml->content[$i]['title'] = $parse->decodeBBCodes($xml->content[$i]['title'], false); $xml->content[$i]['description'] = $parse->decodeBBCodes($xml->content[$i]['description'], false); $xml->content[$i]['date'] = date("Y-m-d H:i:s", $xml->content[$i]['date']); } else { $xml->content[$i]['title'] = $parse->decodeBBCodes($xml->content[$i]['title'], false); $xml->content[$i]['description'] = $parse->decodeBBCodes($xml->content[$i]['description'], true, "yes"); $xml->content[$i]['date'] = date("Y-m-d H:i:s", $xml->content[$i]['date']); } $i++; } echoheader("<i class=\"icon-rss\"></i>" . $lang['opt_rss'], $lang['header_rs_1']); echo <<<HTML <script type="text/javascript"> \tfunction doFull( link, news_id, rss_id ) \t{
$full_story = $db->safesql($parse->BB_Parse($full_story)); $short_story = $db->safesql($parse->BB_Parse($short_story)); } else { $full_story = $db->safesql($parse->BB_Parse($full_story, false)); $short_story = $db->safesql($parse->BB_Parse($short_story, false)); } if ($row['xfields'] != "") { $xfields = xfieldsload(); $postedxfields = xfieldsdataload($row['xfields']); $filecontents = array(); $newpostedxfields = array(); if (!empty($postedxfields)) { foreach ($xfields as $name => $value) { if ($value[3] == "textarea" and $postedxfields[$value[0]] != "") { if ($config['allow_admin_wysiwyg'] == "yes" or $row['allow_br'] != '1') { $postedxfields[$value[0]] = $parsexf->decodeBBCodes($postedxfields[$value[0]], true, "yes"); $newpostedxfields[$value[0]] = $parsexf->BB_Parse($parsexf->process($postedxfields[$value[0]])); } else { $postedxfields[$value[0]] = $parsexf->decodeBBCodes($postedxfields[$value[0]], false); $newpostedxfields[$value[0]] = $parsexf->BB_Parse($parsexf->process($postedxfields[$value[0]]), false); } } elseif ($postedxfields[$value[0]] != "") { $newpostedxfields[$value[0]] = $parsexf->process(stripslashes($postedxfields[$value[0]])); } } if (count($newpostedxfields)) { foreach ($newpostedxfields as $xfielddataname => $xfielddatavalue) { if ($xfielddatavalue == "") { continue; } $xfielddatavalue = str_replace("|", "|", $xfielddatavalue);
} } } if ($member_id['user_group'] == 1) { $have_perm = 1; } if (!$have_perm) { die($lang['editnews_error']); } if (!$user_group[$member_id['user_group']]['allow_html']) { $config['allow_quick_wysiwyg'] = false; } $news_txt = $row['short_story']; $full_txt = $row['full_story']; if ($row['allow_br'] and !$config['allow_quick_wysiwyg']) { $news_txt = $parse->decodeBBCodes($news_txt, false); $full_txt = $parse->decodeBBCodes($full_txt, false); $fix_br = "checked"; } else { if ($config['allow_quick_wysiwyg']) { $news_txt = $parse->decodeBBCodes($news_txt, true, "yes"); $full_txt = $parse->decodeBBCodes($full_txt, true, "yes"); } else { $news_txt = $parse->decodeBBCodes($news_txt, true, "no"); $full_txt = $parse->decodeBBCodes($full_txt, true, "no"); } $fix_br = ""; } $row['title'] = $parse->decodeBBCodes($row['title'], false); $xfields = xfieldsload(); $xfieldsdata = xfieldsdataload($row['xfields']);
die("error"); } $row['date'] = strtotime($row['date']); $have_perm = 0; if ($is_logged and ($member_id['name'] == $row['autor'] and $row['is_register'] and $user_group[$member_id['user_group']]['allow_editc'] or $user_group[$member_id['user_group']]['edit_allc'])) { $have_perm = 1; } if ($user_group[$member_id['user_group']]['edit_limit'] and $row['date'] + $user_group[$member_id['user_group']]['edit_limit'] * 60 < $_TIME) { $have_perm = 0; } if (!$have_perm) { die("error"); } if ($config['allow_comments_wysiwyg'] != "yes") { include_once ENGINE_DIR . '/ajax/bbcode.php'; $comm_txt = $parse->decodeBBCodes($row['text'], false); } else { $comm_txt = $parse->decodeBBCodes($row['text'], true, "yes"); if ($user_group[$member_id['user_group']]['allow_url']) { $link_icon = "\"LinkDialog\", \"DLELeech\","; } else { $link_icon = ""; } if ($user_group[$member_id['user_group']]['allow_image']) { $link_icon .= "\"ImageDialog\","; } $bb_code = <<<HTML <script type="text/javascript"> function show_editor( root ) { \t
$tpl->set('{group-icon}', ""); } if ($is_logged and $user_group[$row['user_group']]['time_limit'] and ($member_id['user_id'] == $row['user_id'] or $member_id['user_group'] < 3)) { $tpl->set_block("'\\[time_limit\\](.*?)\\[/time_limit\\]'si", "\\1"); if ($row['time_limit']) { $tpl->set('{time_limit}', langdate("j F Y H:i", $row['time_limit'])); } else { $tpl->set('{time_limit}', $lang['no_limit']); } } else { $tpl->set_block("'\\[time_limit\\](.*?)\\[/time_limit\\]'si", ""); } $_IP = $db->safesql($_SERVER['REMOTE_ADDR']); $tpl->set('{ip}', $_IP); $tpl->set('{allowed-ip}', stripslashes(str_replace("|", "\n", $row['allowed_ip']))); $tpl->set('{editinfo}', $parse->decodeBBCodes($row['info'], false)); if ($user_group[$row['user_group']]['allow_signature']) { $tpl->set('{editsignature}', $parse->decodeBBCodes($row['signature'], false)); } else { $tpl->set('{editsignature}', $lang['sig_not_allowed']); } if ($row['comm_num']) { $tpl->set('[comm-num]', ""); $tpl->set('[/comm-num]', ""); $tpl->set('{comm-num}', $row['comm_num']); $tpl->set('{comments}', "<a href=\"{$PHP_SELF}?do=lastcomments&userid=" . $row['user_id'] . "\">" . $lang['last_comm'] . "</a>"); $tpl->set_block("'\\[not-comm-num\\](.*?)\\[/not-comm-num\\]'si", ""); } else { $tpl->set('{comments}', $lang['last_comm']); $tpl->set('{comm-num}', 0); $tpl->set_block("'\\[comm-num\\](.*?)\\[/comm-num\\]'si", "");
$row = $db->super_query("SELECT user_id FROM " . PREFIX . "_comments WHERE id='{$c_id}'"); if ($row['user_id']) { $db->query("UPDATE " . USERPREFIX . "_users SET comm_num=comm_num-1 where user_id='{$row['user_id']}'"); } $db->query("DELETE FROM " . PREFIX . "_comments WHERE id='{$c_id}'"); } clear_cache(); $db->query("INSERT INTO " . USERPREFIX . "_admin_logs (name, date, ip, action, extras) values ('" . $db->safesql($member_id['name']) . "', '{$_TIME}', '{$_IP}', '19', '')"); msg("info", $lang['mass_head'], $lang['mass_delokc'], "?mod=cmoderation"); } echoheader("", ""); $entries = ""; $db->query("SELECT " . PREFIX . "_comments.id, post_id, " . PREFIX . "_comments.autor, text, ip , " . PREFIX . "_post.title, " . PREFIX . "_post.date as newsdate, " . PREFIX . "_post.alt_name, " . PREFIX . "_post.category FROM " . PREFIX . "_comments LEFT JOIN " . PREFIX . "_post ON " . PREFIX . "_comments.post_id=" . PREFIX . "_post.id WHERE " . PREFIX . "_comments.approve = '0' ORDER BY " . PREFIX . "_comments.date DESC"); while ($row = $db->get_array()) { if ($config['allow_comments_wysiwyg']) { $row['text'] = $parse->decodeBBCodes($row['text']); } else { $row['text'] = $parse->decodeBBCodes($row['text'], false); } $row['text'] = "<textarea id='edit-comm-{$row['id']}' name=\"selected_text[{$row['id']}]\" style=\"width:98%; height:100px;font-family:verdana; font-size:11px; border:1px solid #E0E0E0\" class=\"bk\">" . $row['text'] . "</textarea><input type=\"hidden\" name=\"post_id[{$row['id']}]\" value=\"{$row['post_id']}\">"; $row['newsdate'] = strtotime($row['newsdate']); if ($config['allow_alt_url'] == "yes") { if ($config['seo_type'] == 1 or $config['seo_type'] == 2) { if (intval($row['category']) and $config['seo_type'] == 2) { $full_link = $config['http_home_url'] . get_url(intval($row['category'])) . "/" . $row['post_id'] . "-" . $row['alt_name'] . ".html"; } else { $full_link = $config['http_home_url'] . $row['post_id'] . "-" . $row['alt_name'] . ".html"; } } else { $full_link = $config['http_home_url'] . date('Y/m/d/', $row['newsdate']) . $row['alt_name'] . ".html"; }
$id = $row['id']; } if (!$config['registration_rules']) { $lang['rules_descr'] = $lang['rules_descr'] . " <font color=\"red\">" . $lang['rules_check'] . "</font>"; } } else { $row = $db->super_query("SELECT * FROM " . PREFIX . "_static where id='{$id}'"); } if ($row['allow_br'] == 2) { if ($member_id['user_group'] != 1) { msg("error", $lang['index_denied'], $lang['static_not_allowed']); } $row['template'] = htmlspecialchars(stripslashes($row['template'])); } else { if ($row['allow_br'] != '1' or $config['allow_static_wysiwyg'] == "yes") { $row['template'] = $parse->decodeBBCodes($row['template'], true, $config['allow_static_wysiwyg']); } else { $row['template'] = $parse->decodeBBCodes($row['template'], false); } } $skinlist = SelectSkin($row['template_folder']); $row['descr'] = stripslashes($row['descr']); $row['metatitle'] = stripslashes($row['metatitle']); $itemdate = @date("Y-m-d H:i", $row['date']); $js_array[] = "engine/skins/calendar.js"; echoheader("static", "static"); echo <<<HTML <!-- calendar stylesheet --> <link rel="stylesheet" type="text/css" media="all" href="engine/skins/calendar-blue.css" title="win2k-cold-1" /> <script language="javascript">
protected function _parseBB($text_forum, $id = 0, $type = 'pm') { $this->_init_parse(); if ($type == 'post' && iconv_strpos($text_forum, "[attachment=", 0, DLE_CHARSET) !== false) { $this->_db_disconnect(); $this->db->query("SELECT id, name, onserver, dcount FROM " . PREFIX . "_files WHERE news_id={$id}"); while ($file = $this->db->get_row()) { preg_match("#\\[attachment={$file['id']}:(.+?)\\]#i", $text_forum, $matche); $size = formatsize(@filesize(ROOT_DIR . '/uploads/files/' . $file['onserver'])); $file['name'] = explode("/", $file['name']); $file['name'] = end($file['name']); if (!empty($matche)) { $file['name'] = $matche[1]; } if ($GLOBALS['config']['files_count'] == 'yes') { $link = "[URL=\"{$GLOBALS['config']['http_home_url']}engine/download.php?id={$file['id']}\"]{$file['name']}[/URL] [{$size}] ({$this->lang['att_dcount']} {$file['dcount']})"; } else { $link = "[URL=\"{$GLOBALS['config']['http_home_url']}engine/download.php?id={$file['id']}\"]{$file['name']}[/URL] [{$size}]"; } $text_forum = preg_replace("#\\[attachment={$file['id']}(:.+?)?\\]#i", $link, $text_forum); } $this->_db_connect(); } if ($type == 'post') { $text_forum = preg_replace('#\\[[^U]+\\]#i', '', $text_forum); $text_forum = $this->_parse->decodeBBCodes($text_forum, false); $text_forum = preg_replace('#\\[page=[0-9]+\\]#si', "", $text_forum); $text_forum = str_replace('{PAGEBREAK}', '', $text_forum); $text_forum = preg_replace('#\\[hide\\](.*?)\\[/hide\\]#si', "\\1", $text_forum); } $text_forum = html_entity_decode($text_forum); $text_forum = preg_replace('#\\[s\\](.*?)\\[/s\\]#si', "\\1", $text_forum); //$text_forum = preg_replace('#\[spoiler(=.+?)?\](.*?)\[/spoiler\]#si', "\\2", $text_forum); $text_forum = preg_replace('#\\[img=(.+?)\\](.*?)\\[/img\\]#si', "[\\1][img]\\2[/img][/\\1]", $text_forum); /*$text_forum = preg_replace('#<.+?>#s', '', $text_forum);*/ $smilies_arr = explode(",", $GLOBALS['config']['smilies']); foreach ($smilies_arr as $smile) { $smile = trim($smile); $find[] = "#:{$smile}:#si"; $replace[] = "[img]" . $GLOBALS['config']['http_home_url'] . "engine/data/emoticons/{$smile}.gif[/img]"; } $text_forum = preg_replace($find, $replace, $text_forum); $text_forum = str_replace('leech', 'url', $text_forum); if ($type == 'post') { $text_forum = preg_replace("#\\[video\\s*=\\s*(\\S.+?)\\s*\\]#ie", "\$this->_parse->build_video('\\1')", $text_forum); $text_forum = preg_replace("#\\[audio\\s*=\\s*(\\S.+?)\\s*\\]#ie", "\$this->_parse->build_audio('\\1')", $text_forum); $text_forum = preg_replace("#\\[flash=([^\\]]+)\\](.+?)\\[/flash\\]#ies", "\$this->_parse->build_flash('\\1', '\\2')", $text_forum); $text_forum = preg_replace("#\\[youtube=([^\\]]+)\\]#ies", "\$this->_parse->build_youtube('\\1')", $text_forum); $text_forum = preg_replace("'\\[thumb\\]([^\\[]*)([/\\\\])(.*?)\\[/thumb\\]'ie", "\$this->build_thumb('\$1\$2\$3', '\$1\$2thumbs\$2\$3')", $text_forum); $text_forum = preg_replace("'\\[thumb=(.*?)\\]([^\\[]*)([/\\\\])(.*?)\\[/thumb\\]'ie", "\$this->build_thumb('\$2\$3\$4', '\$2\$3thumbs\$3\$4', '\$1')", $text_forum); $text_forum = str_replace('D27CDB6E', 'F27CDB6E', $text_forum); preg_match_all('#<object .+?</object>#si', $text_forum, $mathes); if (!empty($mathes[0])) { foreach ($mathes[0] as $obj) { $obj_new = str_replace("\n", '', $obj); $obj_new = str_replace("\r", '', $obj_new); $obj_new = str_replace("\t", '', $obj_new); $obj_new = preg_replace('# {2,}#si', " ", $obj_new); $text_forum = str_replace($obj, $obj_new, $text_forum); $text_forum = urldecode($text_forum); } } } $text_forum = preg_replace('#<!--.+?-->#s', '', $text_forum); $text_forum = str_replace('{THEME}', $GLOBALS['config']['http_home_url'] . 'templates/' . $GLOBALS['config']['skin'], $text_forum); return $text_forum; }
$rss['search'] = str_replace("{skip}", ".*", $rss['search']); $rss['search'] = preg_replace("![\n\r\t]!s", "", $rss['search']); $rss['search'] = preg_replace("!>[ ]{1,}<!s", "><", $rss['search']); if ($rss['search'] != "" && preg_match("!" . $rss['search'] . "!Us", $content, $found)) { $temp = array(); for ($i = 1; $i < sizeof($found); $i++) { $temp[] = $found[$i]; } $content = implode("", $temp); if ($_POST['rss_charset'] != strtolower($config['charset']) and $content != "") { $content = convert($_POST['rss_charset'], strtolower($config['charset']), $content); } if ($content != "") { $content .= "<br /><br /><i>" . $lang['rss_info'] . " " . $link['host'] . "</i>"; } if ($rss['text_type']) { $content = $parse->decodeBBCodes($content, false); } else { $content = $parse->decodeBBCodes($content, true, "yes"); } if ($content != "") { $buffer = <<<HTML <textarea class="bk" style="width:98%;height:300px;" id="full_{$news_id}" name="content[{$news_id}][full]">{$content}</textarea> HTML; } else { $buffer = "<font color='red'>" . $lang['rss_error'] . "</font>"; } } else { $buffer = "<font color='red'>" . $lang['rss_error'] . "</font>"; } echo $buffer;
} else { msg("error", $lang['user_err'], $lang['opt_errpass'], "?mod=options&action=personal"); } } else { $sql_update = "UPDATE " . USERPREFIX . "_users set email='{$editmail}', fullname='{$editfullname}', land='{$editland}', allow_mail='{$edithidemail}', xfields='{$filecontents}', timezone='{$timezone}' WHERE user_id='{$member_id['user_id']}'"; } $db->query($sql_update); msg("info", $lang['user_editok'], $lang['opt_peok'], "?mod=options&action=personal"); } elseif ($action == "syscon") { if ($member_id['user_group'] != 1) { msg("error", $lang['opt_denied'], $lang['opt_denied']); } include_once ENGINE_DIR . '/classes/parse.class.php'; $parse = new ParseFilter(array(), array(), 1, 1); $config['offline_reason'] = str_replace('"', '"', $config['offline_reason']); $config['offline_reason'] = $parse->decodeBBCodes($config['offline_reason'], false); if ($auto_detect_config) { $config['http_home_url'] = ""; } $config['admin_allowed_ip'] = str_replace("|", "\n", $config['admin_allowed_ip']); $config['speedbar_separator'] = htmlspecialchars($config['speedbar_separator'], ENT_QUOTES, $config['charset']); $config['category_separator'] = htmlspecialchars($config['category_separator'], ENT_QUOTES, $config['charset']); echoheader("<i class=\"icon-cogs\"></i>" . $lang['opt_all'], $lang['opt_general_sys']); function showRow($title = "", $description = "", $field = "", $class = "") { echo "<tr>\n <td class=\"col-xs-10 col-sm-6 col-md-7 {$class}\"><h6>{$title}</h6><span class=\"note large\">{$description}</span></td>\n <td class=\"col-xs-2 col-md-5 settingstd {$class}\">{$field}</td>\n </tr>"; } function makeDropDown($options, $name, $selected) { $output = "<select class=\"uniform\" style=\"min-width:100px;\" name=\"{$name}\">\r\n"; foreach ($options as $value => $description) {
$edit['photo'] = 0; } } break; case "edit": if (!intval($id)) { $tpl->msg($auto->lang['error'], $auto->lang['no_auto'], $PHP_SELF . "edit"); } $edit = $base->SelectOne('auto_autos', array('*'), array('id' => $id)); foreach ($edit as $key => &$value) { if (!$value) { $value = ''; } } $parser = new ParseFilter(); $edit['description'] = $parser->decodeBBCodes($edit['description'], false); if ($edit['exp_date']) { $edit['exp_date'] = date("Y-m-d H:i", $edit['exp_date']); } if ($edit['block_date']) { $edit['block_date'] = date("Y-m-d H:i", $edit['block_date']); } $hidden_array['subaction'] = 'save'; $hidden_array['referal'] = $_SERVER['HTTP_REFERER']; $auto->lang['btn_add'] = $auto->lang['btn_save']; $hidden_array['id'] = $id; if (empty($edit['photo'])) { $edit['photo'] = 0; } break; case "save":
$name = str_replace("\$", "$", $name); $name = str_replace("{", "{", $name); $name = str_replace("}", "}", $name); } fwrite($handler, "'{$name}' => \"{$value}\",\n\n"); } fwrite($handler, ");\n\n?>"); fclose($handler); clear_cache(); msg("info", $lang['opt_sysok'], "{$lang['opt_sysok_1']}<br /><br /><a href={$PHP_SELF}?mod=nextgame>{$lang['db_prev']}</a>"); } require ENGINE_DIR . "/data/nextgame.config.php"; include_once ENGINE_DIR . '/classes/parse.class.php'; $parse = new ParseFilter(array(), array(), 1, 1); $nextgame['message_invite'] = str_replace('"', '"', $nextgame['message_invite']); $nextgame['message_invite'] = $parse->decodeBBCodes($nextgame['message_invite'], false); echoheader("", ""); echo <<<HTML <link rel="stylesheet" type="text/css" media="all" href="engine/skins/calendar-blue.css" title="win2k-cold-1" /> <form action="" method="post"> <div style="padding-top:5px;padding-bottom:2px;"> <table width="100%"> <tr> <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td> <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td> <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td> </tr> <tr> <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td> <td style="padding:5px;" bgcolor="#FFFFFF"> <table width="100%">
\t \t</div> \t </div> </div> HTML; echofooter(); } elseif ($_GET['action'] == "edit" or $_GET['action'] == "add") { echoheader("<i class=\"icon-bar-chart\"></i>" . $lang['header_votes'], $lang['editvote']); $canedit = false; $start_date = ""; $stop_date = ""; if ($_GET['action'] == "edit" && $id != '') { $canedit = true; $row = $db->super_query("SELECT * FROM " . PREFIX . "_vote WHERE id='{$id}' LIMIT 0,1"); $title = $parse->decodeBBCodes($row['title'], false); $body = $parse->decodeBBCodes($row['body'], false); $icategory = explode(',', $row['category']); if ($row['category'] == "all") { $all_cats = "selected"; } else { $all_cats = ""; } if ($row['start']) { $start_date = @date("Y-m-d H:i", $row['start']); } if ($row['end']) { $end_date = @date("Y-m-d H:i", $row['end']); } $groups = get_groups(explode(',', $row['grouplevel'])); if ($row['grouplevel'] == "all") {
if ($word_arr[0] != $word_id) { fwrite($new_words, $old_words_line); } } fclose($new_words); } elseif ($action == "edit") { // Check if Filter was specified if (!$word_id) { msg("error", $lang['word_error'], $lang['word_nof'], "{$PHP_SELF}?mod=wordfilter"); } // Search & Load filter in to the Form $all_words = file(ENGINE_DIR . '/data/wordfilter.db.php'); foreach ($all_words as $word_line) { $word_arr = explode("|", $word_line); if ($word_arr[0] == $word_id) { $word_arr[1] = $parse->decodeBBCodes($word_arr[1], false); $word_arr[2] = $parse->decodeBBCodes($word_arr[2], false); if ($word_arr[3]) { $selected = "selected"; } else { $selected = ""; } if ($word_arr[4]) { $selected_1 = "selected"; } else { $selected_1 = ""; } $selected_2[$word_arr[5]] = "selected"; $selected_3[$word_arr[6]] = "selected"; $msg = "<script type=\"text/javascript\" language=\"javascript\">onload=focus;function focus(){document.forms[0].word_find.focus();}</script>\n\t\t<form action=\"{$PHP_SELF}\" method=post>\n\n<table width=\"100%\">\n <tr>\n <td style=\"padding:2px;\" width=\"140px;\" align=\"left\">{$lang['word_word']}</td>\n <td style=\"padding:2px;\" align=\"left\"><input class=\"edit bk\" style=\"width:250px;\" value=\"{$word_arr['1']}\" type=text name=word_find></td>\n\n </tr>\n <tr>\n <td style=\"padding:2px;\" align=\"left\">{$lang['word_rep']}</td>\n <td style=\"padding:2px;\" align=\"left\"><input class=\"edit bk\" style=\"width:250px;\" value=\"{$word_arr['2']}\" type=text name=word_replace></td>\n </tr>\n <tr>\n <td style=\"padding:2px;\" align=\"left\">{$lang['filter_type']}</td>\n <td style=\"padding:2px;\" align=\"left\"><select name=type><option value=\"0\">{$lang['filter_type_1']}</option><option value=\"1\" {$selected}>{$lang['filter_type_2']}</option></select></td>\n\n </tr>\n <tr>\n <td style=\"padding:2px;\" align=\"left\">{$lang['filter_register']}</td>\n <td style=\"padding:2px;\" align=\"left\"><select name=register><option value=\"0\">{$lang['opt_sys_no']}</option><option value=\"1\" {$selected_1}>{$lang['opt_sys_yes']}</option></select></td>\n\n </tr>\n <tr>\n <td style=\"padding:2px;\" align=\"left\">{$lang['filter_search']}</td>\n <td style=\"padding:2px;\" align=\"left\"><select name=\"filter_search\"><option value=\"0\" {$selected_2[0]}>{$lang['filter_search_0']}</option><option value=\"1\" {$selected_2[1]}>{$lang['filter_search_1']}</option><option value=\"2\" {$selected_2[2]}>{$lang['filter_search_2']}</option></select></td>\n\n </tr>\n <tr>\n <td style=\"padding:2px;\" align=\"left\">{$lang['filter_action']}</td>\n <td style=\"padding:2px;\" align=\"left\"><select name=\"filter_action\"><option value=\"0\" {$selected_3[0]}>{$lang['filter_action_0']}</option><option value=\"1\" {$selected_3[1]}>{$lang['filter_action_1']}</option></select></td>\n\n </tr>\n <tr>\n <td style=\"padding:2px;\" align=\"left\"> </td>\n <td style=\"padding:2px;\" align=\"left\"><input type=\"submit\" value=\" {$lang['user_save']} \" class=\"btn btn-success\"></td>\n\n </tr>\n</table>\n\n\t\t<input type=hidden name=action value=doedit>\n\t\t<input type=hidden name=word_id value=\"{$word_arr['0']}\">\n\t\t<input type=hidden name=mod value=wordfilter>\n\t\t<input type=hidden name=user_hash value=\"{$dle_login_hash}\">\n\t\t</form>"; // Messages
die("error"); } $row['date'] = strtotime($row['date']); $have_perm = 0; if ($is_logged and ($member_id['name'] == $row['autor'] and $row['is_register'] and $user_group[$member_id['user_group']]['allow_editc'] or $user_group[$member_id['user_group']]['edit_allc'])) { $have_perm = 1; } if ($user_group[$member_id['user_group']]['edit_limit'] and $row['date'] + $user_group[$member_id['user_group']]['edit_limit'] * 60 < $_TIME) { $have_perm = 0; } if (!$have_perm) { die("error"); } if (!$config['allow_comments_wysiwyg']) { include_once ENGINE_DIR . '/ajax/bbcode.php'; $comm_txt = $parse->decodeBBCodes($row['text'], false); $params = "onfocus=\"setNewField(this.name, document.getElementById( 'dlemasscomments' ) )\""; } else { $comm_txt = $parse->decodeBBCodes($row['text'], true, $config['allow_comments_wysiwyg']); $params = "class=\"ajaxwysiwygeditor\""; if ($config['allow_comments_wysiwyg'] == "1") { if ($user_group[$member_id['user_group']]['allow_url']) { $link_icon = "\"LinkDialog\", \"DLELeech\","; } else { $link_icon = ""; } if ($user_group[$member_id['user_group']]['allow_image']) { $link_icon .= "\"ImageDialog\","; } $bb_code = <<<HTML
} header("Location: ?mod=editusers&action=edituser&id=" . $row['user_id'] . $skin); die("User not found"); } } $row = $db->super_query("SELECT " . USERPREFIX . "_users.*, " . USERPREFIX . "_banned.days, " . USERPREFIX . "_banned.descr, " . USERPREFIX . "_banned.date as banned_date FROM " . USERPREFIX . "_users LEFT JOIN " . USERPREFIX . "_banned ON " . USERPREFIX . "_users.user_id=" . USERPREFIX . "_banned.users_id WHERE user_id = '{$id}'"); if (!$row['user_id']) { die("User not found"); } if ($member_id['user_group'] != 1 and $row['user_group'] == 1) { die($lang['edit_not_admin']); } include_once ENGINE_DIR . '/classes/parse.class.php'; $parse = new ParseFilter(); $parse->safe_mode = true; $row['fullname'] = $parse->decodeBBCodes($row['fullname'], false); $row['icq'] = $parse->decodeBBCodes($row['icq'], false); $row['land'] = $parse->decodeBBCodes($row['land'], false); $row['info'] = $parse->decodeBBCodes($row['info'], false); $row['signature'] = $parse->decodeBBCodes($row['signature'], false); $row['descr'] = $parse->decodeBBCodes($row['descr'], false); $skin = trim(totranslit($_REQUEST['skin'], false, false)); if ($skin) { $css_path = $config['http_home_url'] . "templates/" . $skin . "/frame.css"; } else { $css_path = "engine/skins/frame.css"; } echo <<<HTML <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru" lang="ru"> <head>
if ($user_group[$member_id['user_group']]['allow_all_edit']) { $have_perm = 1; $allow_list = explode(',', $user_group[$member_id['user_group']]['cat_add']); foreach ($cat_list as $selected) { if ($allow_list[0] != "all" and !in_array($selected, $allow_list) and $row['approve']) { $have_perm = 0; } } } if ($member_id['user_group'] == 1) { $have_perm = 1; } if (!$have_perm) { msg("error", $lang['addnews_denied'], $lang['edit_denied'], "{$PHP_SELF}?mod=editnews&action=list"); } $row['title'] = $parse->decodeBBCodes($row['title'], false); $row['title'] = str_replace("&", "&", $row['title']); $row['descr'] = $parse->decodeBBCodes($row['descr'], false); $row['keywords'] = $parse->decodeBBCodes($row['keywords'], false); $row['expires'] = $row['expires'] == "0000-00-00" ? "" : $row['expires']; $row['metatitle'] = stripslashes($row['metatitle']); if ($row['allow_br'] != '1' or $config['allow_admin_wysiwyg']) { $row['short_story'] = $parse->decodeBBCodes($row['short_story'], true, $config['allow_admin_wysiwyg']); $row['full_story'] = $parse->decodeBBCodes($row['full_story'], true, $config['allow_admin_wysiwyg']); } else { $row['short_story'] = $parse->decodeBBCodes($row['short_story'], false); $row['full_story'] = $parse->decodeBBCodes($row['full_story'], false); } $access = permload($row['access']); if ($row['votes']) { $poll = $db->super_query("SELECT * FROM " . PREFIX . "_poll where news_id = '{$row['id']}'");
public function _parse_post($text_forum, $id) { require_once ENGINE_DIR . '/classes/parse.class.php'; $parse = new ParseFilter(array(), array(), 1, 1); function build_thumb(ParseFilter &$parse, $gurl = "", $url = "", $align = "") { $url = trim($url); $gurl = trim($gurl); $option = explode("|", trim($align)); $align = $option[0]; if ($align != "left" and $align != "right") { $align = ''; } $url = $parse->clear_url(urldecode($url)); $gurl = $parse->clear_url(urldecode($gurl)); if ($gurl == "" or $url == "") { return; } if ($align == '') { return "[{$align}][url=\"{$gurl}\"][img]{$url}[/img][/url][/{$align}]"; } else { return "[url=\"{$gurl}\"][img]{$url}[/img][/url]"; } } function decode_img($img, $txt) { $txt = stripslashes($txt); $align = false; if (strpos($txt, "align=\"") !== false) { $align = preg_replace("#(.+?)align=\"(.+?)\"(.*)#is", "\\2", $txt); } if ($align != "left" and $align != "right") { $align = false; } if ($align) { return "[{$align}][img]" . $img . "[/img][/{$align}]"; } else { return "[img]" . $img . "[/img]"; } } //$text_forum = stripslashes($text_forum); if (strpos($text_forum, "[attachment=") !== false) { $this->_db_disconnect(); $text_forum = show_attach($text_forum, $id); $this->_db_connect(); } $text_forum = preg_replace('#\\[.+?\\]#', '', $text_forum); $text_forum = preg_replace("#<img src=[\"'](\\S+?)['\"](.+?)>#ie", "decode_img('\\1', '\\2')", $text_forum); $text_forum = $parse->decodeBBCodes($text_forum, false); $text_forum = nl2br(preg_replace('#<.+?>#s', '', $text_forum)); $text_forum = str_replace('leech', 'url', $text_forum); $text_forum = preg_replace("#\\[video\\s*=\\s*(\\S.+?)\\s*\\]#ie", "\$parse->build_video('\\1')", $text_forum); $text_forum = preg_replace("#\\[audio\\s*=\\s*(\\S.+?)\\s*\\]#ie", "\$parse->build_audio('\\1')", $text_forum); $text_forum = preg_replace("#\\[flash=([^\\]]+)\\](.+?)\\[/flash\\]#ies", "\$parse->build_flash('\\1', '\\2')", $text_forum); $text_forum = preg_replace("#\\[youtube=([^\\]]+)\\]#ies", "\$parse->build_youtube('\\1')", $text_forum); $text_forum = preg_replace("'\\[thumb\\]([^\\[]*)([/\\\\])(.*?)\\[/thumb\\]'ie", "build_thumb(\$parse, '\$1\$2\$3', '\$1\$2thumbs\$2\$3')", $text_forum); $text_forum = preg_replace("'\\[thumb=(.*?)\\]([^\\[]*)([/\\\\])(.*?)\\[/thumb\\]'ie", "build_thumb(\$parse, '\$2\$3\$4', '\$2\$3thumbs\$3\$4', '\$1')", $text_forum); $text_forum = preg_replace('#<!--.+?-->#s', '', $text_forum); return $text_forum; }