/** * Initialize meta_content */ function meta_content_init($row_data, $mode = 'topic') { global $meta_content; $meta_content['cat_id'] = 0; $meta_content['forum_id'] = 0; $meta_content['topic_id'] = 0; $meta_content['post_id'] = 0; if ($mode == 'topic') { $meta_content['forum_id'] = $row_data['forum_id']; $meta_content['forum_name'] = strip_tags(stripslashes($row_data['forum_name'])); $meta_content['forum_name_clean'] = $row_data['forum_name_clean']; $meta_content['topic_id'] = $row_data['topic_id']; $meta_content['topic_title'] = strip_tags(stripslashes($row_data['topic_title'])); $meta_content['topic_title_clean'] = $row_data['topic_title_clean']; $meta_content['topic_tags'] = $row_data['topic_tags']; $meta_content['title_compl_infos'] = $row_data['title_compl_infos']; $meta_content['page_title'] = $meta_content['forum_name'] . ' :: ' . $meta_content['topic_title']; $meta_content['description'] = $meta_content['forum_name'] . ' - ' . $meta_content['topic_title']; $meta_content['keywords'] = $meta_content['topic_tags']; $meta_content['keywords'] = empty($meta_content['keywords']) ? str_replace(array(' ', ',, '), array(', ', ', '), ip_clean_string($meta_content['topic_title'], $lang['ENCODING'], true)) : $meta_content['keywords']; } if ($mode == 'forum') { $meta_content['forum_name'] = strip_tags(stripslashes($row_data['forum_name'])); $meta_content['forum_name_clean'] = $row_data['forum_name_clean']; $meta_content['page_title'] = $meta_content['forum_name']; $meta_content['description'] = $meta_content['forum_name'] . (empty($row_data['forum_desc']) ? '' : ' - ' . strip_tags(stripslashes($row_data['forum_desc']))); $meta_content['keywords'] = $meta_content['forum_name'] . ', '; } return $meta_content; }
function make_url_friendly($url) { global $lang; // Remove Re: in case of replies $url = strtolower(str_replace('Re: ', '', $url)); $url = ip_clean_string($url, $lang['ENCODING']); $url = $url == '' ? 'urlrw' : $url; return $url; }
function cms_block_flash() { global $db, $cache, $config, $template, $theme, $images, $user, $lang, $table_prefix, $block_id, $cms_config_vars, $cms_config_layouts, $cms_page; if (empty($cms_config_layouts[$cms_page_id_tmp]['md_flash_src'])) { return; } $flash_src = $cms_config_layouts[$cms_page_id_tmp]['md_flash_src']; $flash_id = str_replace('.', '_', ip_clean_string($cms_config_layouts[$cms_page_id_tmp]['md_flash_id'], 'utf-8', false, true)); $flash_w = (int) $cms_config_layouts[$cms_page_id_tmp]['md_flash_w']; $flash_h = (int) $cms_config_layouts[$cms_page_id_tmp]['md_flash_h']; if ($flash_w <= 0 || $flash_w >= 1000) { $flash_w = 400; } if ($flash_h <= 0 || $flash_h >= 1000) { $flash_h = 300; } $template->assign_vars(array('FLASH_SRC' => $flash_src, 'FLASH_ID' => $flash_id, 'FLASH_W' => $flash_w, 'FLASH_H' => $flash_h)); }
$class_topics_tags = new class_topics_tags(); // COMMON - END // CONFIG - BEGIN $table_fields = array( 'tag_count' => array('lang_key' => 'TAG_COUNT', 'view_level' => AUTH_ALL), 'tag_text' => array('lang_key' => 'TAG_TEXT', 'view_level' => AUTH_ALL), ); // CONFIG - END // VARS - BEGIN $tag_id = request_var('tag_id', 0); $tag_id = ($tag_id < 0) ? 0 : $tag_id; $tag_text = request_var('tag_text', '', true); $tag_text = ip_clean_string(urldecode(trim($tag_text)), $lang['ENCODING'], true); $mode_types = array('cloud', 'list', 'view', 'replace'); $mode = request_var('mode', $mode_types[0]); $mode = check_var_value($mode, $mode_types); $action_types = array('list'); $action = request_var('action', $action_types[0]); $action = check_var_value($action, $action_types); $start = request_var('start', 0); $start = ($start < 0) ? 0 : $start; $per_page = request_var('per_page', 0); $per_page = (empty($per_page) || ($per_page < 20) || ($per_page > 300)) ? $config['topics_per_page'] : $per_page;
/** * Create clean topic title */ function create_clean_topic_title($topic_id = 0, $forum_id = 0, $topic_title = '', $forum_name = '') { global $db, $lang; if (empty($topic_id)) { return false; } if (empty($forum_id)) { $sql = "SELECT forum_id FROM " . TOPICS_TABLE . " WHERE topic_id = " . $topic_id; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $forum_id = $row['forum_id']; } $db->sql_freeresult($result); } if (empty($forum_id)) { return false; } if (empty($forum_name)) { $sql = "SELECT * FROM " . FORUMS_TABLE . " WHERE forum_id = " . $forum_id; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (empty($row['forum_name_clean'])) { if (!function_exists('update_clean_forum_name')) { @(include_once IP_ROOT_PATH . 'includes/functions_admin_forums.' . PHP_EXT); } $forum_name = substr(ip_clean_string($row['forum_name'], $lang['ENCODING']), 0, 254); update_clean_forum_name($row['forum_id'], $forum_name); } else { $forum_name = $row['forum_name_clean']; } } $db->sql_freeresult($result); } if (empty($topic_title)) { $sql = "SELECT * FROM " . TOPICS_TABLE . " WHERE topic_id = " . $topic_id; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $topic_title = empty($row['topic_title_clean']) ? $row['topic_title'] : $row['topic_title_clean']; } $db->sql_freeresult($result); } $topic_title = substr(ip_clean_string($topic_title, $lang['ENCODING']), 0, 254); $forum_name = substr(ip_clean_string($forum_name, $lang['ENCODING']), 0, 254); $sql = "UPDATE " . TOPICS_TABLE . " SET topic_title_clean = " . $db->sql_validate_value($topic_title) . ", topic_ftitle_clean = " . $db->sql_validate_value($forum_name) . " WHERE topic_id = " . $topic_id; $result = $db->sql_query($sql); return true; }
$db->sql_freeresult($result); $total_topics = sizeof($topic_rowset); // Okay, lets dump out the page... if($total_topics) { for($i = 0; $i < $total_topics; $i++) { $forum_id = $topic_rowset[$i]['forum_id']; $forum_id_append = (!empty($forum_id) ? (POST_FORUM_URL . '=' . $forum_id) : ''); $topic_id = $topic_rowset[$i]['topic_id']; $topic_id_append = (!empty($topic_id) ? (POST_TOPIC_URL . '=' . $topic_id) : ''); $topic_title = censor_text($topic_rowset[$i]['topic_title']); $topic_title_clean = (empty($topic_rowset[$i]['topic_title_clean'])) ? substr(ip_clean_string($topic_title, $lang['ENCODING']), 0, 254) : $topic_rowset[$i]['topic_title_clean']; if (empty($topic_rowset[$i]['topic_title_clean'])) { update_clean_topic_title($topic_id, $topic_title_clean); } $topic_title_prefix = (empty($topic_rowset[$i]['title_compl_infos'])) ? '' : $topic_rowset[$i]['title_compl_infos'] . ' '; $topic_title = $topic_title_prefix . $topic_title; // Convert and clean special chars! $topic_title = htmlspecialchars_clean($topic_title); $topic_title_plain = htmlspecialchars($topic_title); if (($config['url_rw'] == '1') || (($config['url_rw_guests'] == '1') && ($user->data['user_id'] == ANONYMOUS))) { $view_topic_url = append_sid(str_replace ('--', '-', make_url_friendly($topic_title) . '-vt' . $topic_id . '.html')); } else
function process_tag(&$item) { global $db, $cache, $config, $user, $lang, $topic_id, $local_urls, $meta_content; if (function_exists('create_server_url')) { $server_url = create_server_url(); $local_urls = empty($local_urls) ? array($server_url) : array_merge(array($server_url), $local_urls); } else { $host = getenv('HTTP_HOST'); $host = !empty($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : (!empty($host) ? $host : $config['server_name']); $server_url = 'http://' . $host . $config['script_path']; } //LIW - BEGIN $max_image_width = intval($config['liw_max_width']); //LIW - END $tag = $item['tag']; //echo 'process_tag(', $tag, ')<br />'; $start = substr($this->text, $item['start'], $item['start_len']); $end = substr($this->text, $item['end'], $item['end_len']); $content = substr($this->text, $item['start'] + $item['start_len'], $item['end'] - $item['start'] - $item['start_len']); $error = array('valid' => false, 'start' => $this->process_text($start), 'end' => $this->process_text($end)); if (isset($item['valid']) && $item['valid'] == false) { return $error; } // check if empty item is allowed if (!strlen($content)) { $allow_empty = true; if ($item['is_html'] && isset($this->allowed_html[$tag]['allow_empty']) && !$this->allowed_html[$tag]['allow_empty']) { $allow_empty = false; } if (!$item['is_html'] && isset($this->allowed_bbcode[$tag]['allow_empty']) && !$this->allowed_bbcode[$tag]['allow_empty']) { $allow_empty = false; } if (!$allow_empty) { return array('valid' => true, 'html' => '', 'end' => '', 'allow_nested' => false); } } // check if nested item is allowed if ($item['iteration']) { if ($item['is_html'] && !$this->allowed_html[$tag]['nested']) { return $error; } if (!$item['is_html'] && !$this->allowed_bbcode[$tag]['nested']) { return $error; } } // Simple tags: B, EM, STRONG, I, U, TT, STRIKE, SUP, SUB, DIV, SPAN, CENTER if ($tag === 'b' || $tag === 'em' || $tag === 'strong' || $tag === 'i' || $tag === 'u' || $tag === 'tt' || $tag === 'strike' || $tag === 'sup' || $tag === 'sub' || $tag === 'div' || $tag === 'span' || $tag === 'center') { $extras = $this->allow_styling ? array('style', 'class', 'name') : array('class', 'name'); $html = '<' . $tag . $this->add_extras($item['params'], $extras) . '>'; return array('valid' => true, 'start' => $html, 'end' => '</' . $tag . '>'); } // COLOR if ($tag === 'color') { $extras = $this->allow_styling ? array('class') : array(); $color = $this->valid_color(isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['color']) ? $item['params']['color'] : false)); if ($color === false) { return $error; } $html = '<span style="' . ($this->allow_styling && isset($item['params']['style']) ? htmlspecialchars($this->valid_style($item['params']['style'], '')) : '') . 'color: ' . $color . ';"' . $this->add_extras($item['params'], $extras) . '>'; return array('valid' => true, 'start' => $html, 'end' => '</span>'); } // RAINBOW if ($tag === 'rainbow') { /* if($this->is_sig && !$config['allow_all_bbcode']) { return $error; } */ $html = $this->rainbow($content); return array('valid' => true, 'html' => $html, 'allow_nested' => false); } // GRADIENT if ($tag === 'gradient') { /* if($this->is_sig && !$config['allow_all_bbcode']) { return $error; } */ $default_color1 = '#000080'; $color1 = $this->valid_color(isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['cols']) ? $item['params']['cols'] : $default_color1), true); $color1 = $color1 === false ? $default_color1 : $color1; $default_color2 = '#aaccee'; $color2 = $this->valid_color(isset($item['params']['cole']) ? $item['params']['cole'] : $default_color2, true); $color2 = $color2 === false ? $default_color2 : $color2; $mode = $this->process_text(isset($item['params']['mode']) ? $item['params']['mode'] : ''); $default_iterations = 10; $iterations = intval(isset($item['params']['iterations']) ? $item['params']['iterations'] : $default_iterations); $iterations = $iterations < 10 || $iterations > 100 ? $default_iterations : $iterations; $html = $this->gradient($content, $color1, $color2, $mode, $iterations); return array('valid' => true, 'html' => $html, 'allow_nested' => false); } // HIGHLIGHT if ($tag === 'highlight') { $extras = $this->allow_styling ? array('class') : array(); $default_param = '#ffffaa'; $color = isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['color']) ? $item['params']['color'] : $default_param); $color = $this->valid_color($color); if ($color === false) { return $error; } $html = '<span style="' . ($this->allow_styling && isset($item['params']['style']) ? htmlspecialchars($this->valid_style($item['params']['style'], '')) : '') . 'background-color: ' . $color . ';"' . $this->add_extras($item['params'], $extras) . '>'; return array('valid' => true, 'start' => $html, 'end' => '</span>'); } // SIZE if ($tag === 'size') { $extras = $this->allow_styling ? array('class') : array(); $default_param = 0; $size = intval(isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['size']) ? $item['params']['size'] : $default_param)); if ($size > 0 && $size < 7) { // vBulletin-style sizes switch ($size) { case 1: $size = 7; break; case 2: $size = 8; break; case 3: $size = 10; break; case 4: $size = 12; break; case 5: $size = 15; break; case 6: $size = 24; break; } } if ($size < 6 || $size > 48) { return $error; } $html = '<span style="' . ($this->allow_styling && isset($item['params']['style']) ? htmlspecialchars($this->valid_style($item['params']['style'], '')) : '') . 'font-size: ' . $size . 'px; line-height: 116%;"' . $this->add_extras($item['params'], $extras) . '>'; return array('valid' => true, 'start' => $html, 'end' => '</span>'); } // Single tags: HR if ($tag === 'hr') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } $extras = $this->allow_styling ? array('style', 'class') : array(); $color = $this->valid_color(isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['color']) ? $item['params']['color'] : false)); $html = '<' . $tag . ($color === false ? $this->allow_styling && isset($item['params']['style']) ? ' style="' . htmlspecialchars($this->valid_style($item['params']['style'], '')) . '"' : '' : ' style="border-color: ' . $color . ';"') . ' />'; return array('valid' => true, 'html' => $html); } // ALIGN if ($tag === 'align') { $extras = $this->allow_styling ? array('style', 'class') : array(); $default_param = 'left'; $align = isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['align']) ? $item['params']['align'] : $default_param); if ($align === 'left' || $align === 'right' || $align === 'center' || $align === 'justify') { $html = '<div style="text-align: ' . $align . ';' . ($align === 'center' ? ' margin-left: auto; margin-right: auto;' : '') . '">'; return array('valid' => true, 'start' => $html, 'end' => '</div>'); } else { return $error; } } // IMG if ($tag === 'img') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } // main parameters $params = array('src' => false, 'alt' => false, 'slide' => false); // additional allowed parameters $extras = $this->allow_styling ? array('width', 'height', 'border', 'style', 'class', 'title', 'align') : array('width', 'height', 'border', 'title', 'align'); if ($config['thumbnail_highslide']) { $slideshow = !empty($item['params']['slide']) ? ', { slideshowGroup: \'' . $this->process_text($item['params']['slide']) . '\' } ' : ''; } $liw_bypass = false; // [img=blah]blah2[/img] if (isset($item['params']['param'])) { $params['src'] = $item['params']['param']; $img_url = $params['src']; $img_url_enc = urlencode(ip_utf8_decode($params['src'])); $path_parts = pathinfo($img_url); $params['alt'] = !empty($content) ? $content : ip_clean_string($path_parts['filename'], $lang['ENCODING'], true); } elseif (isset($item['params']['src'])) { $params['src'] = $item['params']['src']; $img_url = $params['src']; $img_url_enc = urlencode(ip_utf8_decode($params['src'])); $path_parts = pathinfo($img_url); $params['alt'] = isset($item['params']['alt']) ? $item['params']['alt'] : (!empty($content) ? $content : ip_clean_string($path_parts['filename'], $lang['ENCODING'], true)); for ($i = 0; $i < sizeof($extras); $i++) { if (!empty($item['params'][$extras[$i]])) { if ($extras[$i] === 'style') { $style = $this->valid_style($item['params']['style']); if ($style !== false) { $params['style'] = $style; } } else { $params[$extras[$i]] = $item['params'][$extras[$i]]; } } } } elseif (!empty($content)) { $params['src'] = $content; $img_url = $params['src']; $img_url_enc = urlencode(ip_utf8_decode($params['src'])); $path_parts = pathinfo($img_url); $params['alt'] = isset($item['params']['alt']) ? $item['params']['alt'] : (isset($params['title']) ? $params['title'] : ip_clean_string($path_parts['filename'], $lang['ENCODING'], true)); // LIW - BEGIN if ($config['liw_enabled'] == 1 && $max_image_width > 0 && $config['thumbnail_posts'] == 0) { $liw_bypass = true; if (isset($item['params']['width'])) { $item['params']['width'] = $item['params']['width'] > $max_image_width ? $max_image_width : $item['params']['width']; } else { $image_size = @getimagesize($content); $item['params']['width'] = $image_size[0] > $max_image_width ? $max_image_width : $image_size[0]; } } // LIW - END for ($i = 0; $i < sizeof($extras); $i++) { if (!empty($item['params'][$extras[$i]])) { if ($extras[$i] === 'style') { $style = $this->valid_style($item['params']['style']); if ($style !== false) { $params['style'] = $style; } } else { $params[$extras[$i]] = $item['params'][$extras[$i]]; } } } } $is_smiley = false; if (substr($params['src'], 0, strlen(BBCODE_SMILIES_PATH)) == BBCODE_SMILIES_PATH) { $is_smiley = true; } if (!$is_smiley && $config['thumbnail_posts'] && $liw_bypass == false) { $process_thumb = !empty($config['thumbnail_cache']) ? true : false; $thumb_exists = false; $thumb_processed = false; $is_light_view = false; if (isset($item['params']['thumb'])) { if ($item['params']['thumb'] == 'false') { $process_thumb = false; } } if (!empty($process_thumb)) { $thumb_processed = true; $pic_id = $img_url; $pic_fullpath = str_replace(array(' '), array('%20'), $pic_id); $pic_id = str_replace('http://', '', str_replace('https://', '', $pic_id)); $pic_path[] = array(); $pic_path = explode('/', $pic_id); $pic_filename = end($pic_path); $file_part = explode('.', strtolower($pic_filename)); $pic_filetype = end($file_part); $thumb_ext_array = array('gif', 'jpg', 'png'); if (in_array($pic_filetype, $thumb_ext_array)) { $user_dir = ''; $users_images_path = str_replace('http://', '', str_replace('https://', '', $server_url . str_replace(IP_ROOT_PATH, '', POSTED_IMAGES_PATH))); $pic_title = substr($pic_filename, 0, strlen($pic_filename) - strlen($pic_filetype) - 1); $pic_title_reg = preg_replace('/[^A-Za-z0-9]+/', '_', $pic_title); $pic_thumbnail = 'mid_' . md5($pic_id) . '_' . $pic_filename; if (strpos($pic_id, $users_images_path) !== false) { $user_dir = str_replace($pic_filename, '', str_replace($users_images_path, '', $pic_id)); $pic_thumbnail = $pic_filename; } $pic_thumbnail_fullpath = POSTED_IMAGES_THUMBS_PATH . $user_dir . $pic_thumbnail; // Light View - BEGIN $light_view = request_var('light_view', 0); // Force to false for debugging purpose... $light_view = 0; if (!empty($light_view) && !empty($user_dir)) { $is_light_view = true; $pic_thumbnail_fullpath = POSTED_IMAGES_THUMBS_S_PATH . $user_dir . $pic_thumbnail; } // Light View - END if (file_exists($pic_thumbnail_fullpath)) { $thumb_exists = true; $params['src'] = $server_url . str_replace(IP_ROOT_PATH, '', $pic_thumbnail_fullpath); } } } $cache_image = true; $cache_append = ''; if (isset($item['params']['cache'])) { if ($item['params']['cache'] == 'false') { //$bbc_eamp = '&'; $bbc_eamp = '&'; $cache_image = false; $cache_append = 'cache=false' . $bbc_eamp . 'rand=' . md5(rand()) . $bbc_eamp; } else { $cache_image = true; } } if (!empty($process_thumb) && ($thumb_exists == false || $cache_image == false)) { $pic_thumbnail_script = $server_url . CMS_PAGE_IMAGE_THUMBNAIL . '?' . $cache_append . 'pic_id=' . $img_url_enc; // Light View - BEGIN if (!empty($thumb_processed) && !empty($is_light_view)) { $img_url_enc = $user_dir . $pic_thumbnail; $pic_thumbnail_script = $server_url . CMS_PAGE_IMAGE_THUMBNAIL_S . '?' . $cache_append . 'pic_id=' . $img_url_enc; } // Light View - END $params['src'] = $pic_thumbnail_script; } } // generate html $html = '<img'; foreach ($params as $var => $value) { if ($this->process_text($value) != '') { $html .= ' ' . $var . '="' . $this->process_text($value) . '"'; } if ($var == 'src' && !$this->is_sig) { $meta_content['og_img'][] = $value; } } if (!isset($params['title'])) { $html .= ' title="' . $this->process_text($params['alt']) . '"'; } $html .= ' />'; // add url /* if (strpos($params['src'], trim($config['server_name'])) == false) { $html = $this->process_text($params['alt']); } */ // Light View - BEGIN if (!empty($thumb_processed) && !empty($is_light_view)) { $item['inurl'] = true; } // Light View - END if (empty($item['inurl']) && !$is_smiley) { if ($this->allow_hs && $config['thumbnail_posts'] && $config['thumbnail_highslide']) { $extra_html = ' class="highslide" onclick="return hs.expand(this' . $slideshow . ')"'; } else { $extra_html = ' target="_blank" title="' . $lang['OpenNewWindow'] . '"'; } $html = '<a href="' . $this->process_text($img_url) . '"' . $extra_html . '>' . $html . '</a>'; } return array('valid' => true, 'html' => $html, 'allow_nested' => false); } // IMGBA if ($tag === 'imgba') { if ($this->is_sig) { return $error; } // main parameters $params = array('before' => false, 'after' => false, 'width' => false, 'w' => false, 'height' => false, 'h' => false, 'alt' => false, 'title' => false); foreach ($params as $k => $v) { $params[$k] = $item['params'][$k]; } if (empty($params['before']) || empty($params['after'])) { return $error; } $path_parts = pathinfo($params['before']); (int) ($params['width'] = !empty($params['w']) ? intval($params['w']) : intval($params['width'])); (int) ($params['height'] = !empty($params['h']) ? intval($params['h']) : intval($params['height'])); $params['alt'] = !empty($params['alt']) ? $params['alt'] : ip_clean_string($path_parts['filename'], $lang['ENCODING'], true); if (empty($params['width']) || empty($params['height'])) { return $error; } // Since we passed the main tests, we may force all needed JS inclusions... $config['jquery_ui'] = true; $config['jquery_ui_ba'] = true; $max_width = 600; $or_width = $params['width']; $or_height = $params['height']; if ($params['width'] > $max_width) { $params['width'] = $max_width; $params['height'] = $max_width / ($or_width / $or_height); } // additional allowed parameters $extras = $this->allow_styling ? array('style', 'class') : array(); for ($i = 0; $i < sizeof($extras); $i++) { if (!empty($item['params'][$extras[$i]])) { if ($extras[$i] === 'style') { $style = $this->valid_style($item['params']['style']); if ($style !== false) { $params['style'] = $style; } } else { $params[$extras[$i]] = $item['params'][$extras[$i]]; } } } $container = 'imgba_' . substr(md5($params['before']), 0, 6); $imgba_error = false; $allowed_ext = array('gif', 'jpeg', 'jpg', 'png'); $img_test_array = array('before', 'after'); // Few "pseudo-security" tests foreach ($img_test_array as $img_test) { $file_ext = substr(strrchr($params[$img_test], '.'), 1); //if (!in_array($file_ext, $allowed_ext) || (strpos($params[$img_test], $server_url) !== 0) || (strpos($params[$img_test], '?') !== 0)) if (!in_array($file_ext, $allowed_ext)) { $imgba_error = true; } } if (!empty($imgba_error)) { return $error; } // generate html $html = ''; $html .= '<div id="' . $container . '"'; foreach ($params as $var => $value) { if (in_array($value, array('width', 'height')) && $this->process_text($value) != '') { $html .= ' ' . $var . '="' . $this->process_text($value) . '"'; } } $html .= '>'; $img_alt = $this->process_text($params['alt']); $img_title = !empty($params['title']) ? ' title="' . $this->process_text($params['title']) . '"' : ''; $html .= '<div><img src="' . $params['before'] . '" width="' . $params['width'] . '" height="' . $params['height'] . '" alt="Before: ' . $img_alt . '"' . $img_title . ' /></div>'; $html .= '<div><img src="' . $params['after'] . '" width="' . $params['width'] . '" height="' . $params['height'] . '" alt="After: ' . $img_alt . '"' . $img_title . ' /></div>'; $html .= '</div>'; $html .= '<script type="text/javascript">$(function(){ $(\'#' . $container . '\').beforeAfter({imagePath: \'' . $server_url . 'templates/common/jquery/\', showFullLinks: true, cursor: \'e-resize\', dividerColor: \'#dd2222\', beforeLinkText: \'' . $lang['IMG_BA_SHOW_ONLY_BEFORE'] . '\', afterLinkText: \'' . $lang['IMG_BA_SHOW_ONLY_AFTER'] . '\'}); });</script>'; return array('valid' => true, 'html' => $html, 'allow_nested' => false); } // ALBUMIMG if ($tag === 'albumimg') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } // main parameters $params = array('src' => false, 'alt' => false); // additional allowed parameters $extras = $this->allow_styling ? array('width', 'height', 'border', 'style', 'class', 'title', 'align') : array('width', 'height', 'border', 'title', 'align'); // [albumimg=blah]blah2[/albumimg] if (isset($item['params']['param'])) { $params['src'] = $item['params']['param']; $pic_url = $item['params']['param']; $params['alt'] = $content; } elseif (isset($item['params']['src'])) { $params['src'] = $item['params']['src']; $pic_url = $item['params']['src']; $params['alt'] = isset($item['params']['alt']) ? $item['params']['alt'] : $content; for ($i = 0; $i < sizeof($extras); $i++) { if (!empty($item['params'][$extras[$i]])) { if ($extras[$i] === 'style') { $style = $this->valid_style($item['params']['style']); if ($style !== false) { $params['style'] = $style; } } else { $params[$extras[$i]] = $item['params'][$extras[$i]]; } } } } elseif (!empty($content)) { $params['src'] = $content; $pic_url = $content; $params['alt'] = isset($item['params']['alt']) ? $item['params']['alt'] : (isset($params['title']) ? $params['title'] : ''); for ($i = 0; $i < sizeof($extras); $i++) { if (!empty($item['params'][$extras[$i]])) { if ($extras[$i] === 'style') { $style = $this->valid_style($item['params']['style']); if ($style !== false) { $params['style'] = $style; } } else { $params[$extras[$i]] = $item['params'][$extras[$i]]; } } } } // generate html $pic_url = $server_url . 'album_showpage.' . PHP_EXT . '?pic_id=' . $pic_url; if (isset($item['params']['mode'])) { $pic_mode = $item['params']['mode']; if ($pic_mode === 'full') { $params['src'] = $server_url . 'album_picm.' . PHP_EXT . '?pic_id=' . $params['src']; } else { $params['src'] = $server_url . 'album_thumbnail.' . PHP_EXT . '?pic_id=' . $params['src']; } } else { $params['src'] = $server_url . 'album_thumbnail.' . PHP_EXT . '?pic_id=' . $params['src']; } $html = '<img'; foreach ($params as $var => $value) { $html .= ' ' . $var . '="' . $this->process_text($value) . '"'; if ($var == 'src' && !$this->is_sig) { $meta_content['og_img'][] = $value; } } if (!isset($params['title'])) { $html .= ' title="' . $this->process_text($params['alt']) . '"'; } $html .= ' />'; // add url if (empty($item['inurl'])) { $html = '<a href="' . $this->process_text($pic_url) . '" title="' . $lang['Click_enlarge_pic'] . '">' . $html . '</a>'; } return array('valid' => true, 'html' => $html, 'allow_nested' => false); } // ATTACHMENT if ($tag === 'attachment' || $tag === 'download') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } $html = ''; $params['id'] = isset($item['params']['param']) ? intval($item['params']['param']) : (isset($item['params']['id']) ? intval($item['params']['id']) : false); $params['title'] = isset($item['params']['title']) ? $this->process_text($item['params']['title']) : false; $params['description'] = isset($item['params']['description']) ? $this->process_text($item['params']['description']) : (!empty($content) ? $this->process_text($content) : false); $params['icon'] = isset($item['params']['icon']) ? $this->process_text($item['params']['icon']) : false; $color = $this->valid_color(isset($item['params']['color']) ? $item['params']['color'] : false); $bgcolor = $this->valid_color(isset($item['params']['bgcolor']) ? $item['params']['bgcolor'] : false); $errored = false; if ($params['id'] <= 0) { $errored = true; } if (!$errored) { if ($tag === 'attachment') { if (!function_exists('get_attachment_details')) { include_once IP_ROOT_PATH . 'includes/functions_bbcode.' . PHP_EXT; } $is_auth_ary = auth(AUTH_READ, AUTH_LIST_ALL, $user->data); $is_download_auth_ary = auth(AUTH_DOWNLOAD, AUTH_LIST_ALL, $user->data); $attachment_details = get_attachment_details($params['id']); if ($attachment_details == false || !$is_auth_ary[$attachment_details['forum_id']]['auth_read'] || !$is_download_auth_ary[$attachment_details['forum_id']]['auth_download']) { $errored = true; } } else { if (!function_exists('get_download_details')) { include_once IP_ROOT_PATH . 'includes/functions_bbcode.' . PHP_EXT; } $attachment_details = get_download_details($params['id']); $errored = $attachment_details == false ? true : false; } } if (!$errored) { if ($tag === 'attachment') { $params['title'] = $params['title'] ? $params['title'] : (!empty($attachment_details['real_filename']) ? $attachment_details['real_filename'] : ' '); $params['description'] = $params['description'] ? $params['description'] : (!empty($attachment_details['comment']) ? $attachment_details['comment'] : ' '); $params['icon'] = IP_ROOT_PATH . FILES_ICONS_DIR . ($params['icon'] ? $params['icon'] : 'default.png'); $download_url = IP_ROOT_PATH . 'download.' . PHP_EXT . '?id=' . $params['id']; } else { $params['title'] = $params['title'] ? $params['title'] : (!empty($attachment_details['file_name']) ? $attachment_details['file_name'] : ' '); $params['description'] = $params['description'] ? $params['description'] : (!empty($attachment_details['file_desc']) ? $attachment_details['file_desc'] : ' '); $params['icon'] = IP_ROOT_PATH . FILES_ICONS_DIR . ($params['icon'] ? $params['icon'] : (!empty($attachment_details['file_posticon']) ? $attachment_details['file_posticon'] : 'default.png')); $attachment_details['filesize'] = $attachment_details['file_size']; $attachment_details['download_count'] = $attachment_details['file_dls']; $download_url = IP_ROOT_PATH . 'dload.' . PHP_EXT . '?action=file&file_id=' . $params['id']; } $params['title'] = htmlspecialchars($params['title']); $params['description'] = htmlspecialchars($params['description']); $params['icon'] = file_exists($params['icon']) ? $params['icon'] : IP_ROOT_PATH . FILES_ICONS_DIR . 'default.png'; $style = $color || $bgcolor ? ' style="' . ($color ? 'color: ' . $color . ';' : '') . ($bgcolor ? 'background-color: ' . $bgcolor . ';' : '') . '"' : ''; $html .= '<div class="mg_attachtitle"' . $style . '>' . $params['title'] . '</div>'; $html .= '<div class="mg_attachdiv"><table>'; $html .= '<tr><td style="width: 15%;"><b class="gensmall">' . $lang['Description'] . ':</b></td><td style="width: 75%;"><span class="gensmall">' . $params['description'] . '</span></td><td rowspan="3" class="row-center" style="width: 10%;"><img src="' . $params['icon'] . '" alt="' . $params['description'] . '" /><br /><a href="' . append_sid($download_url) . '" title="' . $lang['Download'] . ' ' . $params['title'] . '"><b>' . $lang['Download'] . '</b></a></td></tr>'; $html .= '<tr><td><b class="gensmall">' . $lang['FILESIZE'] . ':</b></td><td><span class="gensmall">' . round($attachment_details['filesize'] / 1024, 2) . ' KB</span></td></tr>'; $html .= '<tr><td><b class="gensmall">' . $lang['DOWNLOADED'] . ':</b></td><td><span class="gensmall">' . $attachment_details['download_count'] . '</span></td></tr>'; $html .= '</table></div>'; } else { $style = $color || $bgcolor ? ' style="' . ($color ? 'color: ' . $color . ';' : '') . ($bgcolor ? 'background-color: ' . $bgcolor . ';' : '') . '"' : ''; $html .= '<div class="mg_attachtitle"' . $style . '>' . $lang['Not_Authorized'] . '</div>'; $html .= '<div class="mg_attachdiv"><div style="text-align: center;">' . $lang['FILE_NOT_AUTH'] . '</div></div>'; } return array('valid' => true, 'html' => $html, 'allow_nested' => false); } // LIST if ($tag === 'list' || $tag === 'ul' || $tag === 'ol') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } $extras = $this->allow_styling ? array('style', 'class') : array(); // check if nested tags are all [*] $nested_count = 0; for ($i = 0; $i < sizeof($item['items']); $i++) { $tag2 = $item['items'][$i]['tag']; if ($tag2 === '*' || $tag2 === 'li') { $nested_count++; } } if (!$nested_count) { // no <li> items. return error return $error; } // replace "list" with html tag if ($tag === 'list') { if (isset($item['params']['param']) || isset($item['params']['type'])) { $tag = 'ol'; } else { $tag = 'ul'; } } // valid tag. process subitems to make sure there are no extra items and remove all code between elements $last_item = false; for ($i = 0; $i < sizeof($item['items']); $i++) { $item2 =& $item['items'][$i]; $tag2 = $item2['tag']; if ($tag2 === '*' || $tag2 === 'li') { // mark as valid $item2['list_valid'] = true; if ($last_item === false) { // change start position to end of [list] $pos = !empty($pos) ? $pos : 0; $pos2 = $item2['start'] + $item2['start_len']; $item2['start'] = $pos; $item2['start_len'] = $pos2 - $pos; $item2['first_entry'] = true; } $last_item =& $item['items'][$i]; } } // generate html $html = '<' . $tag; if (isset($item['params']['param'])) { $html .= ' type="' . htmlspecialchars($item['params']['param']) . '"'; } elseif (isset($item['params']['type'])) { $html .= ' type="' . htmlspecialchars($item['params']['type']) . '"'; } $html .= $this->add_extras($item['params'], $extras) . '>'; return array('valid' => true, 'start' => $html, 'end' => '</li></' . $tag . '>'); } // [*], LI if ($tag === '*' || $tag === 'li') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } $extras = $this->allow_styling ? array('style', 'class') : array(); // if not marked as valid return error if (empty($item['list_valid'])) { return $error; } $html = '<li'; if (empty($item['first_entry'])) { // add closing tag for previous list entry $html = '</li>' . $html; } $html .= $this->add_extras($item['params'], $extras) . '>'; return array('valid' => true, 'start' => $html, 'end' => ''); } // FONT if ($tag === 'font') { $fonts = array('Arial', 'Arial Black', 'Comic Sans MS', 'Courier New', 'Impact', 'Lucida Console', 'Lucida Sans Unicode', 'Microsoft Sans Serif', 'Symbol', 'Tahoma', 'Times New Roman', 'Traditional Arabic', 'Trebuchet MS', 'Verdana', 'Webdings', 'Wingdings'); if (defined('FONTS_DIR')) { foreach ($cache->obtain_fonts() as $font_file) { $fonts[] = substr($font_file, 0, -4); } } $extras = $this->allow_styling ? array('style', 'class') : array(); $default_param = 'Verdana'; $font = isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['font']) ? $item['params']['font'] : $default_param); $font = in_array($font, $fonts) ? $font : $default_param; $html = '<span style="font-family: \'' . $font . '\';">'; return array('valid' => true, 'start' => $html, 'end' => '</span>'); } // CELL if ($tag === 'cell') { $extras = $this->allow_styling ? array('style', 'class', 'align', 'border') : array('class', 'align'); $width = isset($item['params']['width']) ? ' width: ' . intval($item['params']['width']) . 'px;' : ''; $height = isset($item['params']['height']) ? ' height: ' . intval($item['params']['height']) . 'px;' : ''; $padding = isset($item['params']['padding']) ? ' padding: ' . intval($item['params']['padding']) . 'px;' : ''; $margin = isset($item['params']['margin']) ? ' margin: ' . intval($item['params']['margin']) . 'px;' : ''; $borderwidth = isset($item['params']['borderwidth']) ? ' border-width: ' . intval($item['params']['borderwidth']) . 'px;' : ''; $bgcolor = $this->valid_color(isset($item['params']['bgcolor']) ? $item['params']['bgcolor'] : false); $bgcolor = $bgcolor !== false ? ' background-color: ' . $bgcolor . ';' : ''; $bordercolor = $this->valid_color(isset($item['params']['bordercolor']) ? $item['params']['bordercolor'] : false); $bordercolor = $bordercolor !== false ? ' border-color: ' . $bordercolor . ';' : ''; $color = $this->valid_color(isset($item['params']['color']) ? $item['params']['color'] : false); $color = $color !== false ? ' color: ' . $color . ';' : ''; $html = '<div style="' . ($this->allow_styling && isset($item['params']['style']) ? htmlspecialchars($this->valid_style($item['params']['style'], '')) : '') . $height . $width . $bgcolor . $bordercolor . $borderwidth . $color . $padding . $margin . '"' . $this->add_extras($item['params'], $extras) . '>'; return array('valid' => true, 'start' => $html, 'end' => '</div>'); } // URL, A if ($tag === 'url' || $tag === 'a') { $extras = $this->allow_styling ? array('style', 'class', 'name', 'title') : array('name', 'title'); $allow_nested = true; $strip_text = false; $show_content = true; $url = ''; // get url if (!empty($item['params']['param'])) { $url = $item['params']['param']; } elseif (!empty($item['params']['href'])) { $url = $item['params']['href']; } elseif (!$item['is_html']) { $url = $content; $allow_nested = false; $strip_text = true; } else { return $error; } if ($url === $content && strlen($content) > 64) { $content = htmlspecialchars(substr($content, 0, 35) . '...' . substr($content, strlen($content) - 15)); $show_content = false; } // check if its email if (substr(strtolower($url), 0, 7) === 'mailto:') { $item['tag'] = 'email'; return $this->process_tag($item); } // check for invalid urls $url = $this->valid_url($url, ''); if (empty($url)) { return $error; } // check nested items if (!$allow_nested) { for ($i = 0; $i < sizeof($item['items']); $i++) { $item['items'][$i]['valid'] = false; } } else { for ($i = 0; $i < sizeof($item['next']); $i++) { $tag2 = $item['next'][$i]['tag']; $is_html = $item['next'][$i]['item']['is_html']; $item['next'][$i]['item']['inurl'] = true; if ($is_html && !$this->allowed_html[$tag2]['inurl']) { $item['next'][$i]['item']['valid'] = false; } if (!$is_html && !$this->allowed_bbcode[$tag2]['inurl']) { $item['next'][$i]['item']['valid'] = false; } } } // check for incomplete url if (substr(strtolower($url), 0, 4) === 'www.') { $url = 'http://' . $url; } // remove extra characters at the end $last_char = substr($url, strlen($url) - 1); $last_char_i = ord($last_char); if ($last_char_i > 32 && $last_char_i < 47 || $last_char_i > 57 && $last_char_i < 65) { $url = substr($url, 0, strlen($url) - 1); } // check if url is local $is_local_url = false; if (!empty($local_urls)) { foreach ($local_urls as $local_url) { if (strlen($url) > strlen($local_url) && strpos($url, $local_url) === 0) { $is_local_url = true; } } } if (empty($is_local_url) && strpos($url, ':') === false) { $is_local_url = true; } // generate html $url_target = isset($item['params']['target']) && ($item['params']['target'] != 0 || $item['params']['target'] != 'false') ? true : false; $html = '<a' . ($this->allow_styling && isset($item['params']['class']) ? '' : ' class="post-url"') . ' href="' . htmlspecialchars($url) . '"' . ($is_local_url && empty($url_target) ? '' : ' target="_blank"' . (!empty($item['params']['nofollow']) || $this->is_sig ? ' rel="nofollow"' : '')) . $this->add_extras($item['params'], $extras) . '>'; if ($config['disable_html_guests'] && !$user->data['session_logged_in']) { return array('valid' => true, 'html' => $lang['Links_For_Guests'], 'allow_nested' => false); } else { if ($show_content) { return array('valid' => true, 'start' => $html, 'end' => '</a>'); } else { return array('valid' => true, 'html' => $html . $content . '</a>', 'allow_nested' => false); } } } // EMAIL if ($tag === 'email') { $extras = $this->allow_styling ? array('style', 'class', 'name', 'title') : array('name', 'title'); $allow_nested = true; $strip_text = false; $url = ''; // get url if (!empty($item['params']['param'])) { $url = $item['params']['param']; } elseif (!empty($item['params']['href'])) { $url = $item['params']['href']; } elseif (!empty($item['params']['addr'])) { $url = $item['params']['addr']; } else { $url = $content; $pos = strpos($url, '?'); if ($pos) { $content = substr($url, 0, $pos); } if (substr(strtolower($url), 0, 7) === 'mailto:') { $content = substr($content, 7); } $allow_nested = false; $strip_text = true; } if (empty($url)) { return $error; } // disable nested items for ($i = 0; $i < sizeof($item['items']); $i++) { $item['items'][$i]['valid'] = false; } // generate html if (substr(strtolower($url), 0, 7) === 'mailto:') { $url = substr($url, 7); } $email = '<a' . ($this->allow_styling && isset($item['params']['class']) ? '' : ' class="post-email"') . ' href="mailto:' . htmlspecialchars($url) . '"' . $this->add_extras($item['params'], $extras) . '>' . $content . '</a>'; $pos = strpos($url, '?'); if ($pos) { $str = substr($url, 0, $pos); } else { $str = $url; } if (defined('IN_AJAX_CHAT')) { $html = htmlspecialchars(str_replace(array('@', '.'), array(' [at] ', ' [dot] '), $str)); } else { $noscript = '<noscript>' . htmlspecialchars(str_replace(array('@', '.'), array(' [at] ', ' [dot] '), $str)) . '</noscript>'; // make javascript from it $html = BBCODE_NOSMILIES_START . '<script type="text/javascript">' . "\n" . '// <![CDATA[' . "\n"; $bit_lenght = 5; for ($i = 0; $i < strlen($email); $i += $bit_lenght) { $str = substr($email, $i, $bit_lenght); //$str = preg_replace('/[^A-Za-z0-9_\-@.]+/', '_', $str); $html .= 'document.write(\'' . str_replace('/', '\\/', addslashes($str)) . '\');' . "\n"; } $html .= "\n" . '// ]]>' . "\n" . '</script>' . "\n" . $noscript . BBCODE_NOSMILIES_END; } return array('valid' => true, 'html' => $html, 'allow_nested' => false); } // QUOTE if ($tag === 'quote' || $tag === 'blockquote' || $tag === 'ot') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } if ($item['iteration'] > $config['quote_iterations']) { return $error; } // check user $target_user = ''; $post_rev = ''; if (isset($item['params']['param'])) { $target_user = htmlspecialchars($item['params']['param']); } elseif (isset($item['params']['user'])) { $target_user = htmlspecialchars($item['params']['user']); if (isset($item['params']['userid']) && intval($item['params']['userid'])) { $target_user = '******' . CMS_PAGE_PROFILE . '?mode=viewprofile&' . POST_USERS_URL . '=' . intval($item['params']['userid']) . '">' . $target_user . '</a>'; } } // generate html $html = '<blockquote class="quote"'; if (isset($item['params']['post']) && intval($item['params']['post'])) { $post_rev = $user->data['is_bot'] ? ' ' : '[<a href="#" onclick="open_postreview(\'show_post.php?p=' . intval($item['params']['post']) . '\'); return false;" class="genmed">' . $lang['ReviewPost'] . '</a>]'; $html .= ' cite="' . CMS_PAGE_VIEWTOPIC . '?' . POST_POST_URL . '=' . intval($item['params']['post']) . '#p' . intval($item['params']['post']) . '"'; } $html .= '>'; if ($target_user) { if ($tag === 'ot') { $html .= '<div class="quote-user"><div class="error-message" style="display:inline;">' . $lang['OffTopic'] . '</div> ' . $target_user . ': ' . $post_rev . '</div>'; } else { $html .= '<div class="quote-user">' . $target_user . ' ' . $lang['wrote'] . ': ' . $post_rev . '</div>'; } } else { if ($tag === 'ot') { $html .= '<div class="quote-nouser"> <div class="error-message" style="display: inline;">' . $lang['OffTopic'] . '</div>:</div>'; } else { $html .= '<div class="quote-nouser">' . $lang['Quote'] . ':</div>'; } } $html .= '<div class="post-text post-text-hide-flow">'; return array('valid' => true, 'start' => $html, 'end' => '</div></blockquote>'); } // INLINE CODE if ($tag === 'c') { $extras = $this->allow_styling ? array('style', 'name') : array('name'); $html = '<code class="inline"' . $this->add_extras($item['params'], $extras) . '>'; return array('valid' => true, 'start' => $html, 'end' => '</code>'); } // CODE if ($tag === 'code') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } // replace spaces and tabs with if (!defined('EXTRACT_CODE')) { /* $search = array( ' ', "\t" ); $replace = array( ' ', ' ' ); $text = str_replace($search, $replace, $this->process_text($content, false, true)); */ $text = $this->process_text($content, false, true); } else { $text = $this->process_text($content, false, true); $search = array('[highlight]', '[/highlight]'); $replace = array('', ''); $text = str_replace($search, $replace, $text); } // check filename if (isset($item['params']['filename'])) { $item['params']['file'] = $item['params']['filename']; } if (defined('EXTRACT_CODE') && $this->code_counter == EXTRACT_CODE) { $GLOBALS['code_text'] = $text; if (!empty($item['params']['file'])) { $GLOBALS['code_filename'] = $item['params']['file']; } } if (substr($text, 0, 1) === "\n") { $text = substr($text, 1); } elseif (substr($text, 0, 2) === "\r\n") { $text = substr($text, 2); } $linenumbers = true; if (isset($item['params']['linenumbers'])) { $linenumbers = $item['params']['linenumbers'] == 'true' ? true : false; } if ($linenumbers == true) { // convert to list if (isset($item['params']['syntax'])) { if ($item['params']['syntax'] == 'php') { /* $html = strtr($text, array_flip(get_html_translation_table(HTML_ENTITIES))); $html = highlight_string($html, true); $html_search = array('<font color="', '</font', ' '); $xhtml_replace = array('<code style="color:', '</code', ' '); //$xhtml_replace = array('<div style="display:inline;color:', '</div', ' '); //$xhtml_replace = array('<span style="display:inline;color:', '</span', ' '); $html = str_replace ($html_search, $xhtml_replace, $html); $html = '<li class="code-row"><div class="code-row-text">' . $html . '</div></li>'; */ /* $html_search = array('<br />'); $xhtml_replace = array('</div></li><li class="code-row"><div class="code-row-text">'); $html = str_replace ($html_search, $xhtml_replace, $html); */ //PHP Highlight - Start $code_ary = explode("\n", $text); $open_php_tag = 0; $close_php_tag = 0; for ($i = 0; $i < sizeof($code_ary); $i++) { if ($code_ary[$i] == '' || $code_ary[$i] == ' ' || $code_ary[$i] == ' ' || $code_ary[$i] == "\n" || $code_ary[$i] == "\r" || $code_ary[$i] == "\n\r") { $html .= '<li class="code-row"><span class="code-row-text"> </span></li>'; } else { $prefix = strpos(' ' . $code_ary[$i], '<?') ? '' : '<?php '; $suffix = strpos(' ' . $code_ary[$i], '?>') ? '' : '?>'; $code_ary[$i] = str_replace(array('<', '>'), array('<', '>'), $code_ary[$i]); $code_ary[$i] = highlight_string(strtr($prefix . $code_ary[$i] . $suffix, array_flip(get_html_translation_table(HTML_ENTITIES))), true); $html_search = array('<code>', '</code>'); $xhtml_replace = array('', ''); $code_ary[$i] = str_replace($html_search, $xhtml_replace, $code_ary[$i]); if ($open_php_tag || $prefix != '') { $html_search = array('<?php'); $xhtml_replace = array(''); $code_ary[$i] = str_replace($html_search, $xhtml_replace, $code_ary[$i]); } if ($close_php_tag || $suffix != '') { $html_search = array('?> ', '?>'); $xhtml_replace = array('', ''); $code_ary[$i] = str_replace($html_search, $xhtml_replace, $code_ary[$i]); } $prefix == '' ? $open_php_tag++ : ($open_php_tag ? $open_php_tag-- : ''); $suffix == '' ? $close_php_tag++ : ($close_php_tag ? $close_php_tag-- : ''); $html .= '<li class="code-row"><span class="code-row-text">' . $code_ary[$i] . ' </span></li>'; } } $html_search = array('<font color="', '</font', ' ', '<code style="color:#0000BB"></code>', '<code style="color:#0000BB"> </code>', '> <'); $xhtml_replace = array('<code style="color:', '</code', ' ', '', '', '> <'); $html = str_replace($html_search, $xhtml_replace, $html); //PHP Highlight - End } else { $search = array("\n", '[highlight]', '[/highlight]'); $replace = array(' </span></li><li class="code-row"><span class="code-row-text">', '<span class="code-row-highlight">', '</span>'); $html = '<li class="code-row code-row-first"><span class="code-row-text">' . str_replace($search, $replace, $text) . ' </span></li>'; } } else { $search = array("\n", '[highlight]', '[/highlight]'); $replace = array(' </span></li><li class="code-row"><span class="code-row-text">', '<span class="code-row-highlight">', '</span>'); $html = '<li class="code-row code-row-first"><span class="code-row-text">' . str_replace($search, $replace, $text) . ' </span></li>'; } $str = '<li class="code-row"><div class="code-row-text"> </div></li>'; if (substr($html, strlen($html) - strlen($str)) === $str) { $html = substr($html, 0, strlen($html) - strlen($str)); } $start = isset($item['params']['start']) ? intval($item['params']['start']) : 1; $can_download = !empty($this->code_post_id) ? $this->code_post_id : 0; if ($can_download) { //$download_text = ' [<a href="download.php?post=' . $can_download; $download_text = ' [<a href="download_post.' . PHP_EXT . '?post=' . $can_download; if ($this->code_counter) { $download_text .= '&item=' . $this->code_counter; } $download_text .= '">' . $lang['Download'] . '</a>]'; } else { $download_text = ''; } $code_id = substr(md5($content . mt_rand()), 0, 8); $str = BBCODE_NOSMILIES_START . '<div class="code">'; $str .= '<div class="code-header" id="codehdr2_' . $code_id . '" style="position: relative;">' . $lang['Code'] . ':' . (empty($item['params']['file']) ? '' : ' (' . htmlspecialchars($item['params']['file']) . ')') . $download_text . ' [<a href="#" onclick="ShowHide(\'code_' . $code_id . '\',\'code2_' . $code_id . '\',\'\'); ShowHide(\'codehdr_' . $code_id . '\', \'codehdr2_' . $code_id . '\', \'\'); return false;">' . $lang['Hide'] . '</a>]</div>'; $str .= '<div class="code-header" id="codehdr_' . $code_id . '" style="position: relative; display: none;">' . $lang['Code'] . ':' . (empty($item['params']['file']) ? '' : ' (' . htmlspecialchars($item['params']['file']) . ')') . $download_text . ' [<a href="#" onclick="ShowHide(\'code_' . $code_id . '\',\'code2_' . $code_id . '\',\'\'); ShowHide(\'codehdr_' . $code_id . '\',\'codehdr2_' . $code_id . '\',\'\'); return false;">' . $lang['Show'] . '</a>]</div>'; $html = $str . '<div class="code-content" id="code_' . $code_id . '" style="position: relative;"><ol class="code-list" start="' . $start . '">' . $html . '</ol></div></div>' . BBCODE_NOSMILIES_END; // check highlight // format: highlight="1,2,3-10" if (isset($item['params']['highlight'])) { $search = '<li class="code-row'; $replace = '<li class="code-row code-row-highlight'; $search_len = strlen($search); $replace_len = strlen($replace); // get highlight string $items = array(); $str = $item['params']['highlight']; $list = explode(',', $str); for ($i = 0; $i < sizeof($list); $i++) { $str = trim($list[$i]); if (strpos($str, '-')) { $row = explode('-', $str); if (sizeof($row) == 2) { $num1 = intval($row[0]); if ($num1 == 0) { $num1 = 1; } $num2 = intval($row[1]); if ($num1 > 0 && $num2 > $num1 && $num2 - $num1 < 256) { for ($j = $num1; $j <= $num2; $j++) { $items['row' . $j] = true; } } } } else { $num = intval($str); if ($num) { $items['row' . $num] = true; } } } if (sizeof($items)) { // process all lines $num = $start - 1; $pos = strpos($html, $search); $total = sizeof($items); $found = 0; while ($pos !== false) { $num++; if (isset($items['row' . $num])) { $found++; $html = substr($html, 0, $pos) . $replace . substr($html, $pos + $search_len); $pos += $replace_len; } else { $pos += $search_len; } $pos = $found < $total ? strpos($html, $search, $pos) : false; } } } // $html = BBCODE_NOSMILIES_START . '<div class="code"><div class="code-header">Code:</div><div class="code-content">' . $text . '</div></div>' . BBCODE_NOSMILIES_END; $this->code_counter++; return array('valid' => true, 'html' => $html, 'allow_nested' => false); } else { $syntax_highlight = false; if (isset($item['params']['syntax'])) { if ($item['params']['syntax'] == 'php') { $html = strtr($text, array_flip(get_html_translation_table(HTML_ENTITIES))); $html = highlight_string($html, true); $html_search = array('<code>', '</code>', '<font color="', '</font', ' ', '<code style="color:#0000BB"></code>', '<code style="color:#0000BB"> </code>'); $xhtml_replace = array('', '', '<code style="color:', '</code', ' ', '', ''); $html = str_replace($html_search, $xhtml_replace, $html); $syntax_highlight = true; } } if ($syntax_highlight == false) { $html = $text; $search = array('[highlight]', '[/highlight]'); $replace = array('</span><span class="code-row code-row-highlight">', '</span><span class="code-row-text">'); $html = str_replace($search, $replace, $html); $html = str_replace(array("\n", "\r\n"), array("<br />\n", "<br />\r\n"), $html); } $can_download = !empty($this->code_post_id) ? $this->code_post_id : 0; if ($can_download) { $download_text = ' [<a href="download_post.' . PHP_EXT . '?post=' . $can_download; if ($this->code_counter) { $download_text .= '&item=' . $this->code_counter; } $download_text .= '">' . $lang['Download'] . '</a>]'; } else { $download_text = ''; } $code_id = substr(md5($content . mt_rand()), 0, 8); $str = BBCODE_NOSMILIES_START . '<div class="code">'; $str .= '<div class="code-header" id="codehdr2_' . $code_id . '" style="position: relative;">' . $lang['Code'] . ':' . (empty($item['params']['file']) ? '' : ' (' . htmlspecialchars($item['params']['file']) . ')') . $download_text . ' [<a href="#" onclick="ShowHide(\'code_' . $code_id . '\',\'code2_' . $code_id . '\',\'\'); ShowHide(\'codehdr_' . $code_id . '\',\'codehdr2_' . $code_id . '\',\'\'); return false;">' . $lang['Hide'] . '</a>] [<a href="#" onclick="select_text(\'code_' . $code_id . '\'); return false;">' . $lang['Select'] . '</a>]</div>'; $str .= '<div class="code-header" id="codehdr_' . $code_id . '" style="position: relative; display: none;">' . $lang['Code'] . ':' . (empty($item['params']['file']) ? '' : ' (' . htmlspecialchars($item['params']['file']) . ')') . $download_text . ' [<a href="#" onclick="ShowHide(\'code_' . $code_id . '\',\'code2_' . $code_id . '\',\'\'); ShowHide(\'codehdr_' . $code_id . '\',\'codehdr2_' . $code_id . '\',\'\'); return false;">' . $lang['Show'] . '</a>]</div>'; $html = $str . '<div class="code-content" id="code_' . $code_id . '" style="position: relative;"><span class="code-row-text">' . $html . '</span></div></div>' . BBCODE_NOSMILIES_END; $this->code_counter++; return array('valid' => true, 'html' => $html, 'allow_nested' => false); } } // CODEBLOCK if ($tag === 'codeblock') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } if (!defined('EXTRACT_CODE')) { /* $search = array( ' ', "\t" ); $replace = array( ' ', ' ' ); $text = str_replace($search, $replace, $this->process_text($content, false, true)); */ $text = $this->process_text($content, false, true); } else { $text = $this->process_text($content, false, true); $search = array('[highlight]', '[/highlight]'); $replace = array('', ''); $text = str_replace($search, $replace, $text); } // check filename if (isset($item['params']['filename'])) { $item['params']['file'] = $item['params']['filename']; } if (defined('EXTRACT_CODE') && $this->code_counter == EXTRACT_CODE) { $GLOBALS['code_text'] = $text; if (!empty($item['params']['file'])) { $GLOBALS['code_filename'] = $item['params']['file']; } } if (substr($text, 0, 1) === "\n") { $text = substr($text, 1); } elseif (substr($text, 0, 2) === "\r\n") { $text = substr($text, 2); } $syntax_highlight = false; if (isset($item['params']['syntax'])) { if ($item['params']['syntax'] == 'php') { $html = strtr($text, array_flip(get_html_translation_table(HTML_ENTITIES))); $html = highlight_string($html, true); $html_search = array('<code>', '</code>', '<font color="', '</font', ' ', '<code style="color:#0000BB"></code>', '<code style="color:#0000BB"> </code>'); $xhtml_replace = array('', '', '<code style="color:', '</code', ' ', '', ''); $html = str_replace($html_search, $xhtml_replace, $html); $syntax_highlight = true; } } if ($syntax_highlight == false) { $html = $text; $search = array('[highlight]', '[/highlight]'); $replace = array('</span><span class="code-row code-row-highlight">', '</span><span class="code-row-text">'); $html = str_replace($search, $replace, $html); $html = str_replace(array("\n", "\r\n"), array("<br />\n", "<br />\r\n"), $html); } $can_download = !empty($this->code_post_id) ? $this->code_post_id : 0; if ($can_download) { $download_text = ' [<a href="download_post.' . PHP_EXT . '?post=' . $can_download; if ($this->code_counter) { $download_text .= '&item=' . $this->code_counter; } $download_text .= '">' . $lang['Download'] . '</a>]'; } else { $download_text = ''; } $code_id = substr(md5($content . mt_rand()), 0, 8); $str = BBCODE_NOSMILIES_START . '<div class="code">'; $str .= '<div class="code-header" id="codehdr2_' . $code_id . '" style="position: relative;">' . $lang['Code'] . ':' . (empty($item['params']['file']) ? '' : ' (' . htmlspecialchars($item['params']['file']) . ')') . $download_text . ' [<a href="#" onclick="ShowHide(\'code_' . $code_id . '\',\'code2_' . $code_id . '\',\'\'); ShowHide(\'codehdr_' . $code_id . '\',\'codehdr2_' . $code_id . '\',\'\'); return false;">' . $lang['Hide'] . '</a>] [<a href="#" onclick="select_text(\'code_' . $code_id . '\'); return false;">' . $lang['Select'] . '</a>]</div>'; $str .= '<div class="code-header" id="codehdr_' . $code_id . '" style="position: relative; display: none;">' . $lang['Code'] . ':' . (empty($item['params']['file']) ? '' : ' (' . htmlspecialchars($item['params']['file']) . ')') . $download_text . ' [<a href="#" onclick="ShowHide(\'code_' . $code_id . '\',\'code2_' . $code_id . '\',\'\'); ShowHide(\'codehdr_' . $code_id . '\',\'codehdr2_' . $code_id . '\',\'\'); return false;">' . $lang['Show'] . '</a>]</div>'; $html = $str . '<div class="code-content" id="code_' . $code_id . '" style="position: relative;"><span class="code-row-text">' . $html . '</span></div></div>' . BBCODE_NOSMILIES_END; $this->code_counter++; return array('valid' => true, 'html' => $html, 'allow_nested' => false); } // HIDE if ($tag === 'hide') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } if ($item['iteration'] > 1) { return $error; } $show = false; if (defined('IS_ICYPHOENIX') && $user->data['session_logged_in']) { if ($user->data['user_level'] == ADMIN || $user->data['user_level'] == MOD) { $show = true; } else { $sql = "SELECT p.poster_id, p.topic_id\n\t\t\t\t\t\tFROM " . POSTS_TABLE . " p\n\t\t\t\t\t\tWHERE p.topic_id = " . intval($topic_id) . "\n\t\t\t\t\t\tAND p.poster_id = " . $user->data['user_id']; $db->sql_return_on_error(true); $result = $db->sql_query($sql); $db->sql_return_on_error(false); if ($result) { $show = $db->sql_numrows($result) ? true : false; $db->sql_freeresult($result); } $sql = "SELECT *\n\t\t\t\t\t\tFROM " . POSTS_LIKES_TABLE . "\n\t\t\t\t\t\tWHERE topic_id = " . intval($topic_id) . "\n\t\t\t\t\t\tAND user_id = " . $user->data['user_id']; $db->sql_return_on_error(true); $result = $db->sql_query($sql); $db->sql_return_on_error(false); if ($result) { $show = $db->sql_numrows($result) || $show == true ? true : false; $db->sql_freeresult($result); } } } // generate html $html = '<blockquote class="quote"><div class="quote-nouser">' . $lang['xs_bbc_hide_message'] . ':</div><div class="post-text post-text-hide-flow">'; if (!$show) { return array('valid' => true, 'html' => $html . $lang['xs_bbc_hide_message_explain'] . '</div></blockquote>', 'allow_nested' => false); } else { return array('valid' => true, 'start' => $html, 'end' => '</div></blockquote>'); } } // SPOILER if ($tag === 'spoiler') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } if ($item['iteration'] > 1) { return $error; } $spoiler_id = substr(md5($content . mt_rand()), 0, 8); $str = '<div class="spoiler">'; $str .= '<div class="code-header" id="spoilerhdr_' . $spoiler_id . '" style="position: relative;">' . $lang['bbcb_mg_spoiler'] . ': [ <a href="#" onclick="ShowHide(\'spoiler_' . $spoiler_id . '\', \'spoiler2_' . $spoiler_id . '\', \'\'); ShowHide(\'spoilerhdr_' . $spoiler_id . '\', \'spoilerhdr2_' . $spoiler_id . '\', \'\'); return false;">' . $lang['Show'] . '</a> ]</div>'; $str .= '<div class="code-header" id="spoilerhdr2_' . $spoiler_id . '" style="position: relative; display: none;">' . $lang['bbcb_mg_spoiler'] . ': [ <a href="#" onclick="ShowHide(\'spoiler_' . $spoiler_id . '\', \'spoiler2_' . $spoiler_id . '\', \'\'); ShowHide(\'spoilerhdr_' . $spoiler_id . '\', \'spoilerhdr2_' . $spoiler_id . '\', \'\'); return false;">' . $lang['Hide'] . '</a> ]</div>'; $str .= '<div class="spoiler-content" id="spoiler2_' . $spoiler_id . '" style="position: relative; display: none;">' . $html; return array('valid' => true, 'start' => $str, 'end' => '</div></div>'); } // USER // Insert the username and avatar for the selected id if ($tag === 'user') { if ($this->is_sig) { return $error; } if (isset($item['params']['param'])) { $bb_userid = (int) $item['params']['param']; } else { $bb_userid = (int) $content; } if ($bb_userid < 2) { return $error; } $bb_user_data = get_userdata($bb_userid); if (empty($bb_user_data)) { return $error; } $bb_name_link = colorize_username($bb_user_data['user_id'], $bb_user_data['username'], $bb_user_data['user_color'], $bb_user_data['user_active']); $bb_avatar_img = user_get_avatar($bb_user_data['user_id'], $bb_user_data['user_level'], $bb_user_data['user_avatar'], $bb_user_data['user_avatar_type'], $bb_user_data['user_allowavatar'], '', 30); $html = $bb_avatar_img . ' ' . $bb_name_link; return array('valid' => true, 'html' => $html); } // LANGVAR // Insert the content of a lang var into post... maybe we need to filter something? if ($tag === 'langvar') { if (isset($item['params']['param'])) { $langvar = $item['params']['param']; } else { $langvar = $content; } $html = isset($lang[$langvar]) ? $lang[$langvar] : ''; return array('valid' => true, 'html' => $html); } // LANGUAGE // Parse the content only if in the same language of the user viewing it!!! if ($tag === 'language') { $language = ''; if (isset($item['params']['param'])) { $language = $item['params']['param']; } $content = $config['default_lang'] != $language ? '' : $content; // We need this trick to process BBCodes withing language BBCode if (empty($content)) { return array('valid' => true, 'html' => ''); } else { return array('valid' => true, 'start' => '', 'end' => ''); } } // SEARCH if ($tag === 'search') { if (empty($content)) { return $error; } $str = '<a href="' . CMS_PAGE_SEARCH . '?search_keywords=' . urlencode($this->process_text($content)) . '">'; return array('valid' => true, 'start' => $str, 'end' => '</a>'); } // TAG if ($tag === 'tag') { if (empty($content)) { return $error; } $str = '<a href="tags.' . PHP_EXT . '?tag_text=' . urlencode($this->process_text($content)) . '">'; return array('valid' => true, 'start' => $str, 'end' => '</a>'); } // Random number or quote (quote not implemented yet) if ($tag === 'random') { $max_n = 6; $max_n = intval(isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['max']) ? $item['params']['max'] : 6)); $max_n = $max_n <= 0 ? 6 : $max_n; /* include_once(IP_ROOT_PATH . 'language/lang_' . $config['default_lang'] . '/lang_randomquote.' . PHP_EXT); $randomquote_phrase = $randomquote[rand(0, sizeof($randomquote) - 1)]; */ $html = rand(1, $max_n); return array('valid' => true, 'html' => $html); } // MARQUEE if ($tag === 'marquee') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } $extras = $this->allow_styling ? array('style', 'class') : array(); $directions_array = array('up', 'right', 'down', 'left'); $default_param = 'right'; $direction = isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['direction']) ? $item['params']['direction'] : $default_param); $direction = in_array($direction, $directions_array) ? $direction : $default_param; $default_scroll = '120'; $scrolldelay = isset($item['params']['scrolldelay']) ? intval($item['params']['scrolldelay']) : $default_scroll; $scrolldelay = $scrolldelay > 10 && $scrolldelay < 601 ? $scrolldelay : $default_scroll; $default_behavior = 'scroll'; $behavior = isset($item['params']['behavior']) ? intval($item['params']['behavior']) : $default_behavior; $behavior = $behavior === 'alternate' || $behavior === 'slide' ? $behavior : $default_behavior; $html = '<marquee behavior="' . $behavior . '" direction="' . $direction . '" scrolldelay="' . $scrolldelay . '" loop="true" onmouseover="this.stop()" onmouseout="this.start()">'; return array('valid' => true, 'start' => $html, 'end' => '</marquee>'); } // Active Content - BEGIN // Added by Tom XS2 Build 054 if ($config['switch_bbcb_active_content'] == 1) { // FLASH, SWF, FLV, VIDEO, REAL, QUICK, STREAM, EMFF, VIMEO, YOUTUBE, GOOGLEVIDEO if ($tag === 'flash' || $tag === 'swf' || $tag === 'flv' || $tag === 'video' || $tag === 'ram' || $tag === 'quick' || $tag === 'stream' || $tag === 'emff' || $tag === 'mp3' || $tag === 'vimeo' || $tag === 'youtube' || $tag === 'googlevideo') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } $content = $this->process_text(isset($item['params']['param']) ? $item['params']['param'] : $content); $color_1 = $this->valid_color(isset($item['params']['colors']) ? $item['params']['colors'] : false); $color_2 = $this->valid_color(isset($item['params']['colore']) ? $item['params']['colore'] : false); $width_array = array(320, 425, 400, 480, 540, 640); $height_array = array(240, 350, 300, 360, 420, 480, 385); // 4/3 YouTube width and height: 425x350 // 16/9 YouTube width and height: 640x385 $default_width = $tag === 'vimeo' || $tag === 'youtube' || $tag === 'googlevideo' ? 640 : 320; $width = isset($item['params']['width']) ? intval($item['params']['width']) : $default_width; $width = $width > 10 && $width < 641 ? $width : $default_width; $default_height = $tag === 'vimeo' || $tag === 'youtube' || $tag === 'googlevideo' ? 385 : 240; $height = isset($item['params']['height']) ? intval($item['params']['height']) : $default_height; $height = $height > 10 && $height < 481 ? $height : $default_height; if ($tag === 'flash' || $tag === 'swf') { $html = '<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0" width="' . $width . '" height="' . $height . '"><param name="movie" value="' . $content . '"><param name="quality" value="high"><param name="scale" value="noborder"><param name="wmode" value="transparent"><param name="bgcolor" value="#000000"><embed src="' . $content . '" quality="high" scale="noborder" wmode="transparent" bgcolor="#000000" width="' . $width . '" height="' . $height . '" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash"></embed></object>'; } elseif ($tag === 'flv') { $html = '<object type="application/x-shockwave-flash" width="' . $width . '" height="' . $height . '" wmode="transparent" data="flv_player.swf?file=' . $content . '&autoStart=false"><param name="movie" value="flv_player.swf?file=' . $content . '&autoStart=false"/><param name="wmode" value="transparent"/></object>'; } elseif ($tag === 'video') { $html = '<div align="center"><embed src="' . $content . '" width="' . $width . '" height="' . $height . '" autostart="false"></embed></div>'; } elseif ($tag === 'ram') { $html = '<div align="center"><embed src="' . $content . '" align="center" width="275" height="40" type="audio/x-pn-realaudio-plugin" console="cons" controls="ControlPanel" autostart="false"></embed></div>'; } elseif ($tag === 'quick') { $html = '<object classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" codebase="http://www.apple.com/qtactivex/qtplugin.cab#version=6,0,2,0" width="' . $width . '" height="' . $height . '" align="middle"><param name="controller" value="true"><param name="type" value="video/quicktime"><param name="autoplay" value="true"><param name="target" value="myself"><param name="src" value="' . $content . '"><param name="pluginspage" value="http://www.apple.com/quicktime/download/indext.html"><param name="kioskmode" value="true"><embed src="' . $content . '" width="' . $width . '" height="' . $height . '" align="middle" kioskmode="true" controller="true" target="myself" type="video/quicktime" border="0" pluginspage="http://www.apple.com/quicktime/download/indext.html"></embed></object>'; } elseif ($tag === 'stream') { $html = '<object id="wmp" width="' . $width . '" height="' . $height . '" classid="CLSID:22d6f312-b0f6-11d0-94ab-0080c74c7e95" codebase="http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab#Version=6,0,0,0" standby="Loading Microsoft Windows Media Player components..." type="application/x-oleobject"><param name="FileName" value="' . $content . '"><param name="ShowControls" value="1"><param name="ShowDisplay" value="0"><param name="ShowStatusBar" value="1"><param name="AutoSize" value="1"><embed type="application/x-mplayer2" pluginspage="http://www.microsoft.com/windows95/downloads/contents/wurecommended/s_wufeatured/mediaplayer/default.asp" src="' . $content . '" name="MediaPlayer2" showcontrols="1" showdisplay="0" showstatusbar="1" autosize="1" visible="1" animationatstart="0" transparentatstart="1" loop="0" height="70" width="300"></embed></object>'; } elseif ($tag === 'emff' || $tag === 'mp3') { $html = '<object data="emff_player.swf" type="application/x-shockwave-flash" width="200" height="55" align="top" ><param name="FlashVars" value="src=' . $content . '" /><param name="movie" value="emff_player.swf" /><param name="quality" value="high" /><param name="bgcolor" value="#f8f8f8" /></object>'; } elseif ($tag === 'vimeo') { $width = in_array($width, $width_array) ? $width : 640; $height = in_array($height, $height_array) ? $height : 385; $html = '<object type="application/x-shockwave-flash" width="' . $width . '" height="' . $height . '" data="http://www.vimeo.com/moogaloop.swf?clip_id=' . $content . '"><param name="quality" value="best" /><param name="allowfullscreen" value="true" /><param name="scale" value="showAll" /><param name="movie" value="http://www.vimeo.com/moogaloop.swf?clip_id=' . $content . '" /></object><br /><a href="http://www.vimeo.com/moogaloop.swf?clip_id=' . $content . '" target="_blank">Link</a><br />'; } elseif ($tag === 'youtube') { //check URL type $video_file = $content; if (strpos($content, 'youtu.be') !== false) { // Short URL // parse the URL to split it in parts $parsed_url = parse_url($content); // get the path and delete the initial / simbol $video_file = str_replace('/', '', $parsed_url['path']); } elseif (strrpos($content, 'youtube') !== false) { // Long URL // parse the URL to split it in parts $parsed_url = parse_url($content); // get the query part (vars) and parse them into name and value parse_str($parsed_url['query'], $qvars); // send the value to the destination var. $video_file = $qvars['v']; } $video_file = preg_replace('/[^A-Za-z0-9_-]+/', '', $video_file); $color_append = ''; if ($color_1 || $color_2) { $color_append .= $color_1 ? '&color1=0x' . str_replace('#', '', $color_1) : ''; $color_append .= $color_2 ? '&color2=0x' . str_replace('#', '', $color_2) : ''; } $width = in_array($width, $width_array) ? $width : 640; $height = in_array($height, $height_array) ? $height : 385; $video_link = '<br /><a href="http://youtube.com/watch?v=' . $video_file . $color_append . '" target="_blank">YouTube Link</a><br />'; // OLD OBJECT Version //$html = '<object width="' . $width . '" height="' . $height . '"><param name="movie" value="http://www.youtube.com/v/' . $video_file . $color_append . '" /><embed src="http://www.youtube.com/v/' . $video_file . $color_append . '" type="application/x-shockwave-flash" width="' . $width . '" height="' . $height . '"></embed></object>' . $video_link; // IFRAME Version $html = '<iframe width="' . $width . '" height="' . $height . '" src="http://www.youtube.com/embed/' . $video_file . '?autoplay=0' . $color_append . '" frameborder="0"></iframe>' . $video_link; } elseif ($tag === 'googlevideo') { $width = in_array($width, $width_array) ? $width : 640; $height = in_array($height, $height_array) ? $height : 385; $html = '<object width="' . $width . '" height="' . $height . '"><param name="movie" value="http://video.google.com/googleplayer.swf?docId=' . $content . '"></param><embed style="width:' . $width . 'px; height:' . $height . 'px;" id="VideoPlayback" align="middle" type="application/x-shockwave-flash" src="http://video.google.com/googleplayer.swf?docId=' . $content . '" allowScriptAccess="sameDomain" quality="best" bgcolor="#f8f8f8" scale="noScale" salign="TL" FlashVars="playerMode=embedded"></embed></object><br /><a href="http://video.google.com/videoplay?docid=' . $content . '" target="_blank">Link</a><br />'; } return array('valid' => true, 'html' => $html); } } // Active Content - END // SMILEY if ($tag === 'smiley') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } $extras = $this->allow_styling ? array('style', 'class') : array(); $text = htmlspecialchars(isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['text']) ? $item['params']['text'] : $content)); if (isset($item['params']['smilie'])) { if ($item['params']['smilie'] == 'standard' || $item['params']['smilie'] == 'random') { //$smilie = $item['params']['smilie']; $smilie = '1'; } else { $smilie = intval($item['params']['smilie']); } } else { $smilie = '1'; } $default_fontcolor = '000000'; $fontcolor = $this->valid_color(isset($item['params']['fontcolor']) ? $item['params']['fontcolor'] : $default_fontcolor); $fontcolor = $fontcolor === false ? $default_fontcolor : str_replace('#', '', $fontcolor); $default_shadowcolor = '888888'; $shadowcolor = $this->valid_color(isset($item['params']['shadowcolor']) ? $item['params']['shadowcolor'] : $default_shadowcolor); $shadowcolor = $shadowcolor === false ? $default_shadowcolor : str_replace('#', '', $shadowcolor); $default_shieldshadow = 0; $shieldshadow = isset($item['params']['shieldshadow']) ? $item['params']['shieldshadow'] == 1 ? 1 : $default_param : $default_param; //$html = '<img src="text2shield.' . PHP_EXT . '?smilie=' . $smilie . '&fontcolor=' . $fontcolor . '&shadowcolor=' . $shadowcolor . '&shieldshadow=' . $shieldshadow . '&text=' . $text . '" alt="Smiley" title="Smiley" />'; $html = '<img src="text2shield.' . PHP_EXT . '?smilie=' . $smilie . '&fontcolor=' . $fontcolor . '&shadowcolor=' . $shadowcolor . '&shieldshadow=' . $shieldshadow . '&text=' . urlencode(ip_utf8_decode($text)) . '" alt="' . $text . '" title="' . $text . '" />'; return array('valid' => true, 'html' => $html, 'allow_nested' => false); } // OPACITY if ($tag === 'opacity') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } if (isset($item['params']['param'])) { $opacity = intval($item['params']['param']); if ($opacity > 0 && $opacity < 101) { $opacity = $opacity; } } else { $opacity = '100'; } $opacity_dec = $opacity / 100; $html = '<div class="opacity" style="opacity: ' . $opacity_dec . '; filter: Alpha(Opacity=' . $opacity . ');">'; return array('valid' => true, 'start' => $html, 'end' => '</div>'); } // FADE if ($tag === 'fade') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } if (isset($item['params']['param'])) { $opacity = intval($item['params']['param']); if ($opacity > 0 && $opacity < 101) { $opacity = $opacity; } } else { $opacity = '100'; } $opacity_dec = $opacity / 100; $html = '<div style="display: inline; height: 1; opacity: ' . $opacity_dec . '; filter: Alpha(Opacity=' . $opacity . ',FinishOpacity=0,Style=1,StartX=0,FinishX=100%);">'; //$html = '<div style="display:inline;height:1;filter:Alpha(Opacity=' . $opacity . ',FinishOpacity=0,Style=1,StartX=0,FinishX=100%);">'; return array('valid' => true, 'start' => $html, 'end' => '</div>'); } // IE AND HTML 4 ONLY TAGS - BEGIN // Let's add a global IF so we can skip them all in once to speed up things... // Enable these tags only if you know how to make them work... if ($tag === 'glow' || $tag === 'shadow' || $tag === 'blur' || $tag === 'wave' || $tag === 'fliph' || $tag === 'flipv') { return array('valid' => true, 'start' => '', 'end' => ''); } /* if(($tag === 'glow') || ($tag === 'shadow') || ($tag === 'blur') || ($tag === 'wave') || ($tag === 'fliph') || ($tag === 'flipv')) { // GLOW if($tag === 'glow') { $default_color = '#fffffa'; $color = $this->valid_color((isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['color']) ? $item['params']['color'] : $default_color))); if($color === false) { return $error; } $html = '<div style="display: inline; filter: glow(color=' . $color . '); height: 20px;">'; return array( 'valid' => true, 'start' => $html, 'end' => '</div>', ); } // SHADOW if($tag === 'shadow') { $default_color = '#666666'; $color = $this->valid_color((isset($item['params']['param']) ? $item['params']['param'] : (isset($item['params']['color']) ? $item['params']['color'] : $default_color))); if($color === false) { return $error; } $html = '<div style="display: inline; filter: shadow(color=' . $color . '); height: 20;">'; return array( 'valid' => true, 'start' => $html, 'end' => '</div>', ); } // BLUR if($tag === 'blur') { if($this->is_sig && !$config['allow_all_bbcode']) { return $error; } if(isset($item['params']['param'])) { $strenght = intval($item['params']['param']); if (($strenght > 0) && ($strenght < 101)) { $strenght = $strenght; } } else { $strenght = '100'; } $strenght_dec = $strenght / 100; $html = '<div style="display: inline; width: 100%; height: 20; filter: Blur(add=1,direction=270,strength=' . $strenght . ');">'; return array( 'valid' => true, 'start' => $html, 'end' => '</div>', ); } // WAVE if($tag === 'wave') { if($this->is_sig && !$config['allow_all_bbcode']) { return $error; } if(isset($item['params']['param'])) { $strenght = intval($item['params']['param']); if (($strenght > 0) && ($strenght < 101)) { $strenght = $strenght; } } else { $strenght = '100'; } $strenght_dec = $strenght / 100; $html = '<div style="display: inline; width: 100%; height: 20; filter: Wave(add=1,direction=270,strength=' . $strenght . ');">'; return array( 'valid' => true, 'start' => $html, 'end' => '</div>', ); } // FLIPH, FLIPV if(($tag === 'fliph') || ($tag === 'flipv')) { if($this->is_sig && !$config['allow_all_bbcode']) { return $error; } $html = '<div style="display: inline; filter: ' . $tag . '; height: 1;">'; return array( 'valid' => true, 'start' => $html, 'end' => '</div>', ); } } */ // OLD IE AND HTML 4 ONLY TAGS - END // TEX if ($tag === 'tex') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } $html = '<img src="cgi-bin/mimetex.cgi?' . $content . '" alt="" border="0" style="vertical-align: middle;" />'; return array('valid' => true, 'html' => $html, 'allow_nested' => false); } // TABLE if ($tag === 'table') { if ($this->is_sig && !$config['allow_all_bbcode']) { return $error; } // additional allowed parameters $extras = $this->allow_styling ? array('style', 'class', 'align', 'width', 'height', 'border', 'cellspacing', 'cellpadding') : array('style', 'class', 'align', 'width'); if (isset($item['params']['param'])) { $table_class = $item['params']['param']; } else { $table_class = ''; } for ($i = 0; $i < sizeof($extras); $i++) { if (!empty($item['params'][$extras[$i]])) { if ($extras[$i] === 'style') { $style = $this->valid_style($item['params']['style']); if ($style !== false) { $params['style'] = $style; } } else { $params[$extras[$i]] = $item['params'][$extras[$i]]; } } } if (!isset($params['class'])) { $params['class'] = $table_class; } // generate html $html = '<table'; foreach ($params as $var => $value) { $html .= ' ' . $var . '="' . $this->process_text($value) . '"'; } $html .= ' >' . $content . '</table>'; return array('valid' => true, 'html' => $html, 'allow_nested' => true); } /* // TR if($tag === 'tr') { if($this->is_sig && !$config['allow_all_bbcode']) { return $error; } // generate html $html = '<tr>' . $content . '</tr>'; return array( 'valid' => true, 'html' => $html, 'allow_nested' => true, ); } // TD if($tag === 'td') { if($this->is_sig && !$config['allow_all_bbcode']) { return $error; } // additional allowed parameters $extras = $this->allow_styling ? array('class', 'align', 'width', 'height') : array('class', 'align', 'width', 'height'); for($i = 0; $i < sizeof($extras); $i++) { if(!empty($item['params'][$extras[$i]])) { if($extras[$i] === 'style') { $style = $this->valid_style($item['params']['style']); if($style !== false) { $params['style'] = $style; } } else { $params[$extras[$i]] = $item['params'][$extras[$i]]; } } } // generate html $html = '<td'; foreach($params as $var => $value) { $html .= ' ' . $var . '="' . $this->process_text($value) . '"'; } $html .= ' >' . $content . '</td>'; return array( 'valid' => true, 'html' => $html, 'allow_nested' => true, ); } */ // To use IFRAMES you just need to decomment this block of code (and allow the tag on top of this file)... good luck! // IFRAME //<iframe src="index.html" scrolling="no" width="100%" height="190" frameborder="0" marginheight="0" marginwidth="0"></iframe> //[iframe height=100]docs/index.html[/iframe] //[iframe src=docs/index.html height=100] [/iframe] /* if($tag === 'iframe') { if(isset($item['params']['param'])) { $params['src'] = $item['params']['param']; } elseif(isset($item['params']['src'])) { $params['src'] = $item['params']['src']; } elseif(!empty($content)) { $params['src'] = $content; } if(isset($item['params']['scrolling']) && ($params['scrolling'] == 'no')) { $params['scrolling'] = 'no'; //$params['scrolling'] = $item['params']['scrolling']; } else { $params['scrolling'] = 'yes'; } if(isset($item['params']['width'])) { $params['width'] = $item['params']['width']; } else { $params['width'] = '100%'; } if(isset($item['params']['height'])) { $params['height'] = $item['params']['height']; } else { $params['height'] = '600'; } foreach($params as $var => $value) { if ($this->process_text($value) != '') { $html .= ' ' . $var . '="' . $this->process_text($value) . '"'; } } $extras = $this->allow_styling ? array('style', 'class') : array('class'); $html = '<iframe' . $html . '>'; return array( 'valid' => true, 'start' => $html, 'end' => '</iframe>' ); } */ // Invalid tag return $error; }
function cache_tree($write = false) { global $db, $cache, $config, $user, $lang, $tree; $parents = array(); // read categories $cats = array(); $sql = "SELECT forum_id, parent_id, main_type, forum_name, forum_name_clean, forum_desc, icon, forum_order\n\t\t\t\t\tFROM " . FORUMS_TABLE . "\n\t\t\t\t\tWHERE forum_type = " . FORUM_CAT . "\n\t\t\t\t\tORDER BY forum_order, forum_id"; $result = $db->sql_query($sql, 0, 'forums_cats_', FORUMS_CACHE_FOLDER); while ($row = $db->sql_fetchrow($result)) { if ($row['parent_id'] == $row['forum_id']) { $row['parent_id'] = 0; } if (empty($row['main_type'])) { $row['main_type'] = POST_CAT_URL; $row['forum_order'] = $row['forum_order'] + 9000000; } $row['main'] = $row['parent_id'] == 0 ? 'Root' : $row['main_type'] . $row['parent_id']; $idx = sizeof($cats); if (empty($row['forum_name_clean'])) { if (!function_exists('update_clean_forum_name')) { @(include_once IP_ROOT_PATH . 'includes/functions_admin_forums.' . PHP_EXT); } $row['forum_name_clean'] = substr(ip_clean_string($row['forum_name_clean'], $lang['ENCODING']), 0, 254); update_clean_forum_name($row['forum_id'], $row['forum_name_clean']); } $cats[$idx] = $row; $parents[POST_CAT_URL][$row['main']][] = $idx; } $db->sql_freeresult($result); // read forums $sql = "SELECT * FROM " . FORUMS_TABLE . " WHERE forum_type <> " . FORUM_CAT . " ORDER BY forum_order, forum_id"; $result = $db->sql_query($sql, 0, 'forums_', FORUMS_CACHE_FOLDER); while ($row = $db->sql_fetchrow($result)) { $main_type = empty($row['main_type']) ? POST_CAT_URL : $row['main_type']; $row['main'] = $row['parent_id'] == 0 ? 'Root' : $main_type . $row['parent_id']; $idx = sizeof($forums); if (empty($row['forum_name_clean'])) { if (!function_exists('update_clean_forum_name')) { @(include_once IP_ROOT_PATH . 'includes/functions_admin_forums.' . PHP_EXT); } $row['forum_name_clean'] = substr(ip_clean_string($row['forum_name'], $lang['ENCODING']), 0, 254); update_clean_forum_name($row['forum_id'], $row['forum_name_clean']); } $forums[$idx] = $row; $parents[POST_FORUM_URL][$row['main']][] = $idx; } $db->sql_freeresult($result); // build the tree $tree = array(); cache_tree_level('Root', $parents, $cats, $forums); // Obtain list of moderators of each forum $moderators = array(); $moderators = $cache->obtain_moderators(true); foreach ($moderators as $k => $v) { if ($k == 'users') { foreach ($moderators[$k] as $moderator_row) { $idx = $tree['keys'][POST_FORUM_URL . $moderator_row['forum_id']]; $tree['mods'][$idx]['user_id'][] = $moderator_row['user_id']; $tree['mods'][$idx]['username'][] = $moderator_row['username']; $tree['mods'][$idx]['user_active'][] = $moderator_row['user_active']; $tree['mods'][$idx]['user_color'][] = $moderator_row['user_color']; } } elseif ($k == 'groups') { foreach ($moderators[$k] as $moderator_row) { $idx = $tree['keys'][POST_FORUM_URL . $moderator_row['forum_id']]; $tree['mods'][$idx]['group_id'][] = $moderator_row['group_id']; $tree['mods'][$idx]['group_name'][] = $moderator_row['group_name']; $tree['mods'][$idx]['group_color'][] = $moderator_row['group_color']; } } } if ($write) { cache_tree_output(); } }
function generate_topic_title($topic_id, $topic_data, $max_title_length) { global $config, $bbcode, $lang, $lofi; $max_title_length = (int) $max_title_length > 255 || $max_title_length < 15 ? 255 : $max_title_length; $topic_title = censor_text($topic_data['topic_title']); $topic_title_clean = empty($topic_data['topic_title_clean']) ? substr(ip_clean_string($topic_title, $lang['ENCODING']), 0, 254) : $topic_data['topic_title_clean']; if (empty($topic_data['topic_title_clean'])) { if (!function_exists('update_clean_topic_title')) { @(include_once IP_ROOT_PATH . 'includes/functions_topics.' . PHP_EXT); } update_clean_topic_title($topic_id, $topic_title_clean); } $topic_title_prefix = empty($topic_data['title_compl_infos']) ? '' : trim($topic_data['title_compl_infos']) . ' '; // Convert and clean special chars! $topic_title = htmlspecialchars_clean($topic_title); // SMILEYS IN TITLE - BEGIN if ($config['smilies_topic_title'] == true && !$lofi) { if (!class_exists('bbcode')) { include IP_ROOT_PATH . 'includes/bbcode.' . PHP_EXT; } if (empty($bbcode)) { $bbcode = new bbcode(); } $bbcode->allow_smilies = $config['allow_smilies'] && $topic_data['enable_smilies'] ? true : false; $topic_title = $bbcode->parse_only_smilies($topic_title); } // SMILEYS IN TITLE - END $topic_title = $topic_title_prefix . $topic_title; $topic_title_plain = htmlspecialchars(strip_tags($topic_title)); $topic_title_short = $topic_title; if (strlen($topic_title) > $max_title_length - 3) { // remove tags from the short version, in case a smiley or a quick title prefix is in there $topic_title_short = substr(strip_tags($topic_title), 0, intval($max_title_length)) . '...'; } $topic_title_data = array('title' => $topic_title, 'title_clean' => $topic_title_clean, 'title_plain' => $topic_title_plain, 'title_prefix' => $topic_title_prefix, 'title_short' => $topic_title_short); return $topic_title_data; }
private function init_posting() { global $db, $config, $user, $lang; include IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT; $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . (int) $this->poster_id; $result = $db->sql_query($sql); $poster_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); // backward posting (from the oldest to the newest) $i = sizeof($this->items) > $this->posting_limit ? $this->posting_limit - 1 : sizeof($this->items); $j = 0; while ($i >= 0 && ($this->posting_limit == 0 || $this->posting_limit > $j)) { $subject = substr($this->items[$i]['title'], 0, 254); // check if this topic is not already posted $sql = 'SELECT topic_title FROM ' . TOPICS_TABLE . ' WHERE topic_title = "' . $db->sql_escape($subject) . '" AND topic_poster = ' . (int) $this->poster_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Do we have a new item to post ? if (strnatcasecmp($row['topic_title'], $subject)) { // templates RSS / ATOM has different indexes for messages $temp = $this->feed_type == 'rss' || $this->feed_type == 'rdf' ? 'description' : 'content'; $message = $this->html_to_bbcode($this->feed_name . "\n\n" . $this->items[$i][$temp]); $post_time = time(); // Icy Phoenix Posting - BEGIN // Force the user to be admin to avoid flood check... $user->data['user_level'] = ADMIN; $topic_title_clean = substr(ip_clean_string($subject, $lang['ENCODING']), 0, 254); $forum_id = $this->poster_forum_destination_id; $topic_id = 0; $post_id = 0; $post_mode = 'newtopic'; $post_data = array(); $poll_data = array('title' => '', 'start' => time(), 'length' => 0, 'max_options' => 1, 'change' => 0); if (POSTING_DEBUG) { die($subject . '<br /><br />' . $message); } else { prepare_post($post_mode, $post_data, 1, 0, 0, '', $poster_data['username'], $subject, $message, '', array(), $poll_data, '', '', '', '', '', '', '', 0, 0); submit_post($post_mode, $post_data, '', '', $forum_id, $topic_id, $post_id, $topic_type, 1, 0, 1, 0, 1, $poster_data['username'], $subject, $topic_title_clean, '', $message, '', '', $poll_data, '', '', '', '', '', '', 0, 0, false, '', 0, 0); } // Icy Phoenix Posting - END } // change $i to the next (ehm previous :D ) item $i--; $j++; } // TODO rebuild/sync forums latest topics and post counts // redirect to index if (!$this->cron_init) { redirect(create_server_url()); } }
$message = censor_text($message); $break = "\n\r"; $line = '-----------------------------------'; $download_file .= $break . $line . $break . $poster . $break . $post_date . $break . $break . $post_subject . $break . $line . $break . $message . $break; } $disp_folder = ($download == -1) ? 'Topic_'.$topic_id : 'Post_'.$download; if (!$is_auth_read['auth_read']) { $download_file = sprintf($lang['Sorry_auth_read'], $is_auth_read['auth_read_type']); $disp_folder = 'Download'; } $filename = ip_clean_string($config['sitename'], $lang['ENCODING']) . '_' . $disp_folder . '_' . gmdate('Ymd') . '.txt'; header('Content-Type: text/x-delimtext; name="' . $filename . '"'); header('Content-Disposition: attachment;filename="' . $filename . '"'); header('Content-Transfer-Encoding: plain/text'); header('Content-Length: ' . strlen($download_file)); print $download_file; exit; } $is_auth = array(); $is_auth = auth(AUTH_ALL, $forum_id, $user->data, $forum_row); if (!$is_auth['auth_read']) { message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_auth_read'], $is_auth['auth_read_type'])); }
function replace_tag($tag_old, $tag_new) { global $db, $lang; $topics_data = array(); $tag_new = substr(ip_clean_string($tag_new, $lang['ENCODING'], true), 0, 50); // Get all topics with $tag_old $sql = "SELECT tag_id\n\t\t\t\t\t\tFROM " . TOPICS_TAGS_LIST_TABLE . "\n\t\t\t\t\t\tWHERE tag_text = '" . $db->sql_escape($tag_old) . "'"; $db->sql_return_on_error(true); $result = $db->sql_query($sql); $db->sql_return_on_error(false); if ($result) { $row = $db->sql_fetchrow($result); $tag_old_id = (int) $row['tag_id']; $db->sql_freeresult($result); if (!empty($tag_old_id)) { // Let's get all topics now... $sql = "SELECT m.topic_id, t.forum_id, t.topic_tags, t.topic_title\n\t\t\t\t\t\t\t\tFROM " . TOPICS_TAGS_MATCH_TABLE . " m, " . TOPICS_TABLE . " t\n\t\t\t\t\t\t\t\tWHERE m.tag_id = " . $tag_old_id . "\n\t\t\t\t\t\t\t\t\tAND t.topic_id = m.topic_id"; $db->sql_return_on_error(true); $result = $db->sql_query($sql); $db->sql_return_on_error(false); if ($result) { // Now that we know that $tag_old exists, and there are topics with that tag... let's check if $tag_new exists and create the new entry where needed $tag_new_id = 0; $sql_tag = "SELECT tag_id\n\t\t\t\t\t\t\t\t\tFROM " . TOPICS_TAGS_LIST_TABLE . "\n\t\t\t\t\t\t\t\t\tWHERE tag_text = '" . $db->sql_escape($tag_new) . "'"; $db->sql_return_on_error(true); $result_tag = $db->sql_query($sql_tag); $db->sql_return_on_error(false); if ($result_tag) { $row = $db->sql_fetchrow($result_tag); $tag_new_id = (int) $row['tag_id']; $db->sql_freeresult($result_tag); } if (empty($tag_new_id)) { $tag_new_id = false; $sql_ary = array('tag_text' => $tag_new, 'tag_count' => 0); $sql_tag = "INSERT INTO " . TOPICS_TAGS_LIST_TABLE . " " . $db->sql_build_array('INSERT', $sql_ary); $db->sql_query($sql_tag); $tag_new_id = $db->sql_nextid(); } // Let's loop now! while ($row = $db->sql_fetchrow($result)) { $topics_data[] = $row; $forum_id = $row['forum_id']; $topic_id = $row['topic_id']; $topics_array = array($topic_id); $tags = $this->get_topics_tags($topics_array); if (!in_array($tag_new, $tags)) { $sql_add = "UPDATE " . TOPICS_TAGS_LIST_TABLE . " SET tag_count = (tag_count + 1) WHERE tag_id = " . $tag_new_id; $db->sql_query($sql_add); if (!$this->check_tag_match_exists($tag_new_id, $topic_id)) { $sql_ary = array('tag_id' => $tag_new_id, 'topic_id' => $topic_id, 'forum_id' => $forum_id); $sql_add = "INSERT INTO " . TOPICS_TAGS_MATCH_TABLE . " " . $db->sql_build_array('INSERT', $sql_ary); $db->sql_query($sql_add); } } $sql_tc = "UPDATE " . TOPICS_TAGS_LIST_TABLE . " SET tag_count = (tag_count - 1) WHERE tag_id = " . $tag_old_id; $db->sql_query($sql_tc); $this->remove_tag_from_match(array($tag_old_id), $topic_id); $new_tags_list = ''; $new_tags_list_ary = array(); foreach ($tags as $tag_text) { if ($tag_text != $tag_old) { $new_tags_list_ary[] = $tag_text; } } if (!in_array($tag_new, $new_tags_list_ary)) { $new_tags_list_ary[] = $tag_new; } $new_tags_list = implode(', ', $new_tags_list_ary); $sql_topic = "UPDATE " . TOPICS_TABLE . " SET topic_tags = '" . $db->sql_escape($new_tags_list) . "' WHERE topic_id = " . $topic_id; $db->sql_query($sql_topic); } } } } $this->remove_zero_tags(); return $topics_data; }
/** * Update clean forum name for all forums */ function update_all_clean_forum_names() { global $db, $lang; $sql = "SELECT * FROM " . FORUMS_TABLE . " ORDER BY forum_order, forum_id"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (empty($row['forum_name_clean'])) { $row['forum_name_clean'] = substr(ip_clean_string($row['forum_name'], $lang['ENCODING']), 0, 254); update_clean_forum_name($row['forum_id'], $row['forum_name_clean']); } } $db->sql_freeresult($result); return true; }
if (($draft == true) && ($draft_confirm == false)) { $template->assign_block_vars('save_draft_confirm', array()); } } // MG Drafts - END // MG Featured Image - BEGIN $post_featured_image = $post_info['post_images']; // MG Featured Image - END // Convert and clean special chars! $subject = (($mode == 'editpost') ? $subject : htmlspecialchars_clean($subject)); $topic_desc = !empty($topic_desc) ? htmlspecialchars_clean($topic_desc) : ''; $topic_title_clean = (empty($topic_title_clean) ? $subject : trim($topic_title_clean)); $topic_title_clean = substr(ip_clean_string($topic_title_clean, $lang['ENCODING']), 0, 254); $topic_tags = (empty($topic_tags) ? '' : trim($topic_tags)); if (!empty($topic_tags)) { $ttags = explode(', ', $topic_tags); foreach ($ttags as $ttag) { if (!empty($ttag)) { $template->assign_block_vars('ttag', array( 'TTAG' => $ttag ) ); } }
function create_meta_content() { global $db, $cache, $config, $lang; global $meta_content; if (!empty($meta_content['post_id']) && $meta_content['post_id'] > 0 || !empty($meta_content['topic_id']) && $meta_content['topic_id'] > 0) { if (!empty($meta_content['post_id']) && $meta_content['post_id'] > 0) { $sql = "SELECT f.forum_name, f.forum_name_clean, t.topic_title, t.topic_title_clean, t.topic_tags, t.title_compl_infos, p.topic_id, p.forum_id\n\t\t\t\t\t\t\tFROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f\n\t\t\t\t\t\t\tWHERE p.post_id = '" . $meta_content['post_id'] . "'\n\t\t\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\t\t\tAND f.forum_id = p.forum_id\n\t\t\t\t\t\t\tLIMIT 1"; // Mighty Gorgon: shall we cache this as well? Maybe too many files... better avoid... //$result = $db->sql_query($sql, 0, 'posts_meta_', TOPICS_CACHE_FOLDER); $db->sql_return_on_error(true); $result = $db->sql_query($sql); $db->sql_return_on_error(false); } else { $sql = "SELECT f.forum_name, f.forum_name_clean, t.forum_id, t.topic_id, t.topic_title, t.topic_title_clean, t.topic_tags, t.title_compl_infos\n\t\t\t\t\t\t\tFROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f\n\t\t\t\t\t\t\tWHERE t.topic_id = '" . $meta_content['topic_id'] . "'\n\t\t\t\t\t\t\t\tAND f.forum_id = t.forum_id\n\t\t\t\t\t\t\tLIMIT 1"; $db->sql_return_on_error(true); $result = CACHE_TOPICS_META ? $db->sql_query($sql, 0, 'topics_meta_', TOPICS_CACHE_FOLDER) : $db->sql_query($sql); $db->sql_return_on_error(false); } if ($result) { while ($meta_row = $db->sql_fetchrow($result)) { $meta_content['forum_id'] = $meta_row['forum_id']; $meta_content['forum_name'] = strip_tags(stripslashes($meta_row['forum_name'])); $meta_content['forum_name_clean'] = $meta_row['forum_name_clean']; $meta_content['topic_id'] = $meta_row['topic_id']; $meta_content['topic_title'] = strip_tags(stripslashes($meta_row['topic_title'])); $meta_content['topic_title_clean'] = $meta_row['topic_title_clean']; $meta_content['topic_tags'] = $meta_row['topic_tags']; $meta_content['title_compl_infos'] = $meta_row['title_compl_infos']; $meta_content['keywords'] = $meta_content['topic_tags']; $meta_content['keywords'] = empty($meta_content['keywords']) ? str_replace(array(' ', ',, '), array(', ', ', '), ip_clean_string($meta_content['topic_title'], $lang['ENCODING'], true)) : $meta_content['keywords']; $meta_content['description'] = $meta_content['forum_name'] . ' - ' . $meta_content['topic_title']; $meta_content['page_title'] = $meta_content['forum_name'] . ' :: ' . $meta_content['page_title']; } $db->sql_freeresult($result); } } elseif (!empty($meta_content['forum_id']) && $meta_content['forum_id'] > 0) { $sql = "SELECT f.forum_name, f.forum_name_clean, f.forum_desc\n\t\t\t\t\t\tFROM " . FORUMS_TABLE . " f\n\t\t\t\t\t\tWHERE f.forum_id = '" . $meta_content['forum_id'] . "'\n\t\t\t\t\t\t\tAND f.forum_type = " . FORUM_POST . "\n\t\t\t\t\t\tLIMIT 1"; $db->sql_return_on_error(true); $result = $db->sql_query($sql); $db->sql_return_on_error(false); if ($result) { while ($meta_row = $db->sql_fetchrow($result)) { $meta_content['forum_name'] = strip_tags(stripslashes($meta_row['forum_name'])); $meta_content['forum_name_clean'] = $meta_row['forum_name_clean']; $meta_content['description'] = $meta_content['forum_name'] . (empty($meta_row['forum_desc']) ? '' : ' - ' . strip_tags(stripslashes($meta_row['forum_desc']))); $meta_content['keywords'] = $meta_content['forum_name'] . ', '; } $db->sql_freeresult($result); } } elseif (!empty($meta_content['cat_id']) && $meta_content['cat_id'] > 0) { $sql = "SELECT c.forum_name AS cat_name, c.forum_name_clean AS cat_name_clean, c.forum_desc\n\t\t\t\t\t\tFROM " . FORUMS_TABLE . " c\n\t\t\t\t\t\tWHERE c.forum_id = " . $meta_content['cat_id'] . "\n\t\t\t\t\t\t\tAND f.forum_type = " . FORUM_CAT . "\n\t\t\t\t\t\tLIMIT 1"; $db->sql_return_on_error(true); $result = $db->sql_query($sql); $db->sql_return_on_error(false); if ($result) { while ($meta_row = $db->sql_fetchrow($result)) { $meta_content['cat_name'] = strip_tags(stripslashes($meta_row['cat_name'])); $meta_content['cat_name_clean'] = $meta_row['cat_name_clean']; $meta_content['description'] = $meta_content['cat_name'] . (empty($meta_row['cat_desc']) ? '' : ' - ' . strip_tags(stripslashes($meta_row['cat_desc']))); $meta_content['keywords'] = $meta_content['cat_name'] . ', '; } $db->sql_freeresult($result); } } else { /* $meta_content['description'] = ''; $meta_content['keywords'] = ''; */ } if (!empty($meta_content['cat_id']) && !empty($meta_content['cat_title']) && empty($meta_content['cat_title_clean'])) { $meta_content['cat_title_clean'] = ip_clean_string($meta_row['cat_title'], $lang['ENCODING']); if (!function_exists('update_clean_cat_title')) { @(include_once IP_ROOT_PATH . 'includes/functions_admin_forums.' . PHP_EXT); } update_clean_cat_title($meta_content['cat_id'], $meta_content['cat_title_clean']); } if (!empty($meta_content['forum_id']) && !empty($meta_content['forum_name']) && empty($meta_content['forum_name_clean'])) { $meta_content['forum_name_clean'] = ip_clean_string($meta_row['forum_name'], $lang['ENCODING']); if (!function_exists('update_clean_forum_name')) { @(include_once IP_ROOT_PATH . 'includes/functions_admin_forums.' . PHP_EXT); } update_clean_forum_name($meta_content['forum_id'], $meta_content['forum_name_clean']); } if (!empty($meta_content['topic_id']) && !empty($meta_content['topic_title']) && empty($meta_content['topic_title_clean'])) { $meta_content['topic_title_clean'] = ip_clean_string($meta_row['topic_title'], $lang['ENCODING']); if (!function_exists('update_clean_topic_title')) { @(include_once IP_ROOT_PATH . 'includes/functions_topics.' . PHP_EXT); } update_clean_topic_title($meta_content['topic_id'], $meta_content['topic_title_clean']); } // Mighty Gorgon: shall we UTF8 decode also page_title and meta? /* $meta_content['page_title'] = ip_utf8_decode($meta_content['page_title']); $meta_content['description'] = ip_utf8_decode($meta_content['description']); $meta_content['keywords'] = ip_utf8_decode($meta_content['keywords']); */ return true; }
} } } // Process if ($cancel) { $mode = ''; } elseif ($submit) { // do some check $error = false; $error_msg = ''; // forum name if (empty($item['name'])) { admin_add_error('Forum_name_missing'); } $item['name_clean'] = empty($item['name_clean']) ? $item['name'] : $item['name_clean']; $item['name_clean'] = substr(ip_clean_string($item['name_clean'], $lang['ENCODING']), 0, 254); // check move dest if (!empty($item['move'])) { $type = substr($item['move'], 0, 1); $id = intval(substr($item['move'], 1)); $werror = false; if ($type != POST_FORUM_URL || $id == 0) { $werror = true; } elseif (!isset($tree['keys'][$type . $id])) { $werror = true; } elseif (!empty($tree['data'][$tree['keys'][$type . $id]]['forum_link'])) { $werror = true; } if ($werror) { admin_add_error('Nowhere_to_move'); }
if (!isset($_GET['mode']) || !isset($_GET['pfid'])) { message_die(GENERAL_ERROR, 'Required GET variables not set', 'Could not reach admin page; Insufficient data', __LINE__, __FILE__); } $mode = request_var('mode', ''); $pfid = request_var('pfid', ''); if ($pfid != 'x') { $pfid = request_var('pfid', 0); } if ($mode == 'add') { $template->set_filenames(array('body' => ADM_TPL . 'add_profile_field.tpl')); $template->assign_vars(array('TEXT_FIELD_CHECKED' => ' checked="checked"', 'NOT_REQUIRED_CHECKED' => ' checked="checked"', 'ALLOW_VIEW_CHECKED' => ' checked="checked"', 'VIEW_IN_PROFILE_CHECKED' => ' checked="checked"', 'ABOUT_CHECKED' => ' checked="checked"', 'NO_VIEW_IN_MEMBERLIST' => ' checked="checked"', 'NO_VIEW_IN_TOPIC' => ' checked="checked"', 'AUTHOR_CHECKED' => ' checked="checked"', 'L_ADD_FIELD_TITLE' => $lang['add_field_title'], 'L_ADD_FIELD_EXPLAIN' => $lang['add_field_explain'], 'S_ADD_FIELD_ACTION' => append_sid($filename . '?mode=update&pfid=x'))); } elseif ($mode == 'update') { $template->set_filenames(array('body' => ADM_TPL . 'admin_message_body.tpl')); $name = request_post_var('field_name', '', true); // Sanitize the name... $name = preg_replace('/[^a-z0-9_]+/', '', ip_clean_string($name, false, false, true)); if (empty($name)) { message_die(GENERAL_ERROR, $lang['enter_a_name']); } $description = request_post_var('field_descrition', '', true); $type = request_post_var('field_type', 0); $text_field_default = request_post_var('text_field_default', '', true); $text_field_maxlen = request_post_var('text_field_maxlen', TEXT_FIELD_MAXLENGTH); $text_field_maxlen = $text_field_maxlen > TEXT_FIELD_MAXLENGTH ? TEXT_FIELD_MAXLENGTH : $text_field_maxlen; $text_area_default = request_post_var('text_area_default', '', true); $text_area_maxlen = request_post_var('text_area_maxlen', TEXTAREA_MINLENGTH); $text_area_maxlen = $text_area_maxlen > TEXTAREA_MAXLENGTH ? TEXTAREA_MAXLENGTH : $text_area_maxlen; $radio_values = request_post_var('radio_values', '', true); $radio_default_value = request_post_var('radio_default_value', '', true); $radio_values = explode("\n", str_replace("\r", '', $radio_values)); if (empty($radio_default_value)) {