示例#1
0
    } else {
        $tem = str_replace('[securityimg]', '', $tem);
        $tem = str_replace('[securityfld]', '', $tem);
    }
    $tem = preg_replace('/\\[mesfld,\\s*([0-9]+),\\s*([0-9]+)\\]/', '<textarea name="message" cols="\\1" rows="\\2"></textarea>', $tem);
    echo $tem;
} else {
    if ($action == 'send') {
        $name = isset($VARS['sender_name']) ? ltrim($VARS['sender_name']) : '';
        $friend_name = isset($VARS['friend_name']) ? ltrim($VARS['friend_name']) : '';
        $email = isset($VARS['sender_email']) ? ltrim($VARS['sender_email']) : '';
        $friend_email = isset($VARS['friend_email']) ? ltrim($VARS['friend_email']) : '';
        $message = isset($VARS['message']) ? html_entity_decode($VARS['message']) : '';
        $captcha_code = isset($VARS['code']) ? $VARS['code'] : '';
        $confirm_id = isset($VARS['confirm_id']) ? $VARS['confirm_id'] : '';
        if ((!isset($stf_captcha) || $stf_captcha) && !is_valid_captcha_code($captcha_code, $confirm_id, $id, 'send')) {
            echo $com13;
        } else {
            if (!$name || !$friend_name || !$email || !$friend_email || !$message) {
                echo $error23;
            } else {
                if (!is_valid_email($email) || !is_valid_email($friend_email)) {
                    echo $snd7;
                } else {
                    $file = file(FNEWS_ROOT_PATH . 'news/news.' . $id . '.php');
                    $news_info = get_line_data('news', $file[1]);
                    $subject = "{$snd0} {$friend_name}, {$snd1}";
                    $message = <<<html
{$friend_name},

========================================
示例#2
0
 $pass = isset($VARS['pass']) ? ltrim(substr($VARS['pass'], 0, 40)) : '';
 $code = isset($VARS['code']) ? $VARS['code'] : '';
 $confirm_id = isset($VARS['confirm_id']) ? $VARS['confirm_id'] : '';
 $remember = isset($VARS['remember']);
 $next = isset($VARS['fn_next']) ? $VARS['fn_next'] : null;
 if ($next === null) {
     return;
 } else {
     $next_url = parse_url($next);
     $current_url = parse_url(current_url());
     // Don't redirect to completely different website.
     if ($next_url['scheme'] != $current_url['scheme'] || $next_url['host'] != $current_url['host']) {
         return;
     }
 }
 if ($com_captcha && !is_valid_captcha_code($code, $confirm_id, $id, 'comments')) {
     echo $com13;
 } else {
     if (!$name || !$comment) {
         echo $com1;
     } else {
         if ($comlength > 0 && strlen($comment) > $comlength) {
             printf($com14, $comlength);
         } else {
             if (!is_valid_email($email) && $email != '') {
                 echo $com2;
             } elseif (is_flooding()) {
                 echo $com4 . ' ' . $floodtime . ' ' . $com5;
             } else {
                 $news_user = false;
                 $passok = false;