/** * clean_encode_message * * clean message or potentially dangerous (X)HTML and encode UBB to XHTML * * @author DigiOz Guestbook, Scott Trevithick * @copyright DigiOz.com, 2009. * @param string $yourmessage The string to reformat * @return string $yourmessage The reformatted string **/ function clean_encode_message($yourmessage) { require_once 'class.UBBCodeN.php'; $myUBB = new UBBCodeN(); $yourmessage = $myUBB->encode($yourmessage); // $yourmessage = str_replace('"','"', $yourmessage); $yourmessage = entify_nonprinting_chars($yourmessage); return $yourmessage; }
if ($gbIPLogKey == 1) { $message_ip_log = $_SERVER['REMOTE_ADDR']; $message_ip_address_log = gethostbyaddr($_SERVER['REMOTE_ADDR']); $message_time_log = $date; add_to_post_log($yourname, $message_ip_log, $message_ip_address_log, $message_time_log); } // Notify administrator of new email if option is selected ---------------------------------------- if ($notify_admin == 1) { mail("{$notify_admin_email}", "{$notify_subject}", "{$notify_message}"); } // Make user input safe, insert emoticons, and encode UBB code ------------------------------------- $yourname = clean_encode_message(stripslashes($yourname)); $youremail = stripslashes($youremail); $yourmessage = smiley_face($yourmessage); $myUBB = new UBBCodeN(); $yourmessage = $myUBB->encode($yourmessage); $yourmessage = stripcslashes($yourmessage); // Call for filtering bad words ------------------------------------------------------------------- if ($gbBadWordsKey == 1) { $yourmessage = swap_bad_words($yourmessage); } // Write the verified guestbook entry to file ---------------------------------------------------- $gbXML = new gbXML('messages', 'message', 'data/data.xml'); $id = $gbXML->get_max_value_for_tag('id'); ++$id; $tmpArray = array('id' => $id, 'date' => $date, 'name' => $yourname, 'email' => $youremail, 'msg' => $yourmessage); if ($gbXML->append_record_to_file($tmpArray) === TRUE) { // Give Confirmation that the Guestbook Entry was written ---------------------------------------- echo "<p>{$result1}</p>"; echo "<p>{$date}</p>"; echo "<div class=\"gbookRecordBanner\"></div>";