/**
* This function returns the HTML code for displaying
* the list of available smilies when posting a topic
*/
public function show()
{
global $CONF_FORUM, $LANG_GF_SMILIES;
// Check and see if glMessenger is installed
if ($CONF_FORUM['use_smilies_plugin'] && function_exists('msg_showsmilies')) {
return msg_showsmilies();
} else {
// Use native smilies
$image = gf_getImage('pixel');
$retval = "\n<!-- LIST OF SMILIES START -->\n";
$retval .= "<div id='forum_smilies'>\n";
foreach ($this->data as $key => $value) {
// each smilie defined in the $this->data array
$symbol = $value['symbol'];
$class = 'frm_sml_' . $key;
$alt = '';
if (isset($LANG_GF_SMILIES[$key])) {
$alt = htmlentities($LANG_GF_SMILIES[$key], ENT_QUOTES);
}
$retval .= " <a href=\"javascript:emoticon('{$symbol}')\">\n";
$retval .= " <img class='frm_sml {$class}'\n";
$retval .= " src='{$image}'\n";
$retval .= " alt='{$alt}'\n";
$retval .= " title='{$alt}'" . XHTML . ">\n";
$retval .= " </a>\n";
}
$retval .= "</div>\n";
$retval .= "<!-- LIST OF SMILIES END -->\n";
}
return $retval;
}
$msg_row->parse('output', 'msg_row');
$rows .= $msg_row->finish($msg_row->get_var('output'));
echo $msg_row->finish($msg_row->get_var('output'));
if (get_magic_quotes_gpc()) {
$msg_new->set_var('preview', stripslashes($_POST['message']));
} else {
$msg_new->set_var('preview', $_POST['message']);
}
}
$msg_new->set_var('phpself', $phpself);
$msg_new->set_var('imgset', $CONF_MSG['imgset']);
$msg_new->set_var('LANG_to', $LANG_MSG['TO']);
$msg_new->set_var('LANG_subject', $LANG_MSG['SUBJECT']);
$msg_new->set_var('subject', $subject);
if ($CONF_MSG['smiliesEnabled']) {
$msg_new->set_var('smilies', msg_showsmilies());
} else {
$msg_new->set_var('smilies', '');
}
$msg_new->set_var('toname', $toname);
$msg_new->set_var('touid', $touid);
$msg_new->set_var('buddies', $buddies);
$msg_new->set_var('LANG_memberslist', $LANG_MSG['MEMBERSLIST']);
$msg_new->set_var('LANG_mybuddies', $LANG_MSG['MYBUDDIES']);
$msg_new->set_var('LANG_members', $LANG_MSG['MEMBERS']);
$msg_new->set_var('LANG_submit', $LANG_MSG['SUBMIT']);
$msg_new->set_var('LANG_preview', $LANG_MSG['PREVIEW']);
if (SEC_hasRights('messenger.broadcast')) {
if (isset($_POST['chk_broadcast'])) {
$msg_new->set_var('broadcast_option', '<label for="chk01">' . $LANG_MSG['BROADCAST'] . '</label>: <input type="Checkbox" name="chk_broadcast" id="chk01" checked>');
} else {
/**
* BBCode editor
*
* @param string $editorText Text being edited
* @param string $formName Name of the form containing the bbcode editor
* @param string $textName Name of the textarea field
* @param array $additionalCodes Additional BBcodes
* @param array $disabledCode array of bbcodes to disable
* @return string complete HTML for the editor
*/
function BBC_editor($editorText, $formName, $textName, $additionalCodes = array(), $disabledCodes = array())
{
global $_CONF, $LANG_BBCODE;
$retval = '';
$smileys = '';
$standardCodes = array();
$standardCodes = array(array('name' => 'bold', 'label' => $LANG_BBCODE['bold_label'], 'help' => $LANG_BBCODE['bold_help'], 'start_tag' => '[b]', 'end_tag' => '[/b]', 'select' => ''), array('name' => 'italic', 'label' => $LANG_BBCODE['italic_label'], 'help' => $LANG_BBCODE['italic_help'], 'start_tag' => '[i]', 'end_tag' => '[/i]', 'select' => ''), array('name' => 'underline', 'label' => $LANG_BBCODE['underline_label'], 'help' => $LANG_BBCODE['underline_help'], 'start_tag' => '[u]', 'end_tag' => '[/u]', 'select' => ''), array('name' => 'quote', 'label' => $LANG_BBCODE['quote_label'], 'help' => $LANG_BBCODE['quote_help'], 'start_tag' => '[quote]', 'end_tag' => '[/quote]', 'select' => ''), array('name' => 'code', 'label' => $LANG_BBCODE['code_label'], 'help' => $LANG_BBCODE['code_help'], 'start_tag' => '[code]', 'end_tag' => '[/code]', 'select' => ''), array('name' => 'list', 'label' => $LANG_BBCODE['list_label'], 'help' => $LANG_BBCODE['list_help'], 'start_tag' => '[list]', 'end_tag' => '[/list]', 'select' => ''), array('name' => 'olist', 'label' => $LANG_BBCODE['olist_label'], 'help' => $LANG_BBCODE['olist_help'], 'start_tag' => '[list=]', 'end_tag' => '[/list]', 'select' => ''), array('name' => 'listitem', 'label' => $LANG_BBCODE['listitem_label'], 'help' => $LANG_BBCODE['listitem_help'], 'start_tag' => '[*]', 'end_tag' => '[/*]', 'select' => ''), array('name' => 'img', 'label' => $LANG_BBCODE['img_label'], 'help' => $LANG_BBCODE['img_help'], 'start_tag' => '[img]', 'end_tag' => '[/img]', 'select' => ''), array('name' => 'url', 'label' => $LANG_BBCODE['url_label'], 'help' => $LANG_BBCODE['url_help'], 'start_tag' => '[url]', 'end_tag' => '[/url]', 'select' => ''), array('name' => 'smileys', 'label' => $LANG_BBCODE['smiley_label'], 'help' => $LANG_BBCODE['smiley_help'], 'start_tag' => 'smileys', 'end_tag' => '', 'select' => ''), array('name' => 'size', 'label' => $LANG_BBCODE['size_label'], 'help' => $LANG_BBCODE['size_help'], 'start_tag' => '[size=]', 'end_tag' => '[/size]', 'select' => array('7' => $LANG_BBCODE['size_tiny'], '9' => $LANG_BBCODE['size_small'], '12' => '*' . $LANG_BBCODE['size_normal'], '18' => $LANG_BBCODE['size_large'], '24' => $LANG_BBCODE['size_huge'])), array('name' => 'color', 'label' => $LANG_BBCODE['color_label'], 'help' => $LANG_BBCODE['color_help'], 'start_tag' => '[color=]', 'end_tag' => '[/color]', 'select' => array('#' => '*' . $LANG_BBCODE['color_default'], 'darkred' => $LANG_BBCODE['color_darkred'], 'red' => $LANG_BBCODE['color_red'], 'orange' => $LANG_BBCODE['color_orange'], 'brown' => $LANG_BBCODE['color_brown'], 'yellow' => $LANG_BBCODE['color_yellow'], 'green' => $LANG_BBCODE['color_green'], 'olive' => $LANG_BBCODE['color_olive'], 'cyan' => $LANG_BBCODE['color_cyan'], 'blue' => $LANG_BBCODE['color_blue'], 'darkblue' => $LANG_BBCODE['color_darkblue'], 'indigo' => $LANG_BBCODE['color_indigo'], 'violet' => $LANG_BBCODE['color_violet'], 'white' => $LANG_BBCODE['color_white'], 'black' => $LANG_BBCODE['color_black'])));
$T = new Template($_CONF['path_layout'] . 'bbcode/', 'keep');
$T->set_file(array('editor' => 'editor.thtml'));
$offset = 0;
$bbtags = 'var bbtags = new Array(';
$buttons = array();
$first = 1;
if (is_array($standardCodes)) {
foreach ($standardCodes as $bbcode) {
if (in_array($bbcode['name'], $disabledCodes) === TRUE) {
continue;
}
if ($first == 1) {
$first = 0;
} else {
$bbtags .= ',';
}
$bbtags .= "'" . $bbcode['start_tag'] . "','" . $bbcode['end_tag'] . "'";
$buttons[] = array($bbcode['label'], $bbcode['help'], $offset, $bbcode['select'], $bbcode['start_tag'], $bbcode['end_tag']);
$offset = $offset + 2;
}
}
if (is_array($additionalCodes)) {
foreach ($additionalCodes as $bbcode) {
if (in_array($bbcode['name'], $disabledCodes) === TRUE) {
continue;
}
if ($first == 1) {
$first = 0;
} else {
$bbtags .= ',';
}
$bbtags .= "'" . $bbcode['start_tag'] . "','" . $bbcode['end_tag'] . "'";
$buttons[] = array($bbcode['label'], $bbcode['help'], $offset, $bbcode['select'], $bbcode['start_tag'], $bbcode['end_tag']);
$offset = $offset + 2;
}
}
$bbtags .= ');';
$buttonText = '';
$buttonSelectText = '';
if (is_array($buttons)) {
foreach ($buttons as $button) {
if (is_array($button[3])) {
$selectText = '';
$selected = 0;
$indexoffset = 0;
$selectoffset = 0;
foreach ($button[3] as $value => $option) {
if (substr($option, 0, 1) == "*") {
$option = substr($option, 1);
$selected = 1;
$selectoffset = $indexoffset;
} else {
$selected = 0;
}
$selectText .= '<option value="' . $value . '"' . ($selected == 1 ? ' selected="selected"' : '') . '>' . $option . '</option>' . LB;
$indexoffset++;
}
$start_tag = substr($button[4], 0, -1);
$end_tag = $button[5];
$buttonSelectText .= '<span style="white-space:nowrap;">' . $button[0] . ': ';
$buttonSelectText .= '<select name="bbcodesel' . $button[2] . '" id="bbcodesel' . $button[2] . '" title="' . $button[1] . '" onchange="bbfontstyle(\'' . $start_tag . '\' + this.form.bbcodesel' . $button[2] . '.options[this.form.bbcodesel' . $button[2] . '.selectedIndex].value + \']\', \'' . $end_tag . '\');this.form.bbcodesel' . $button[2] . '.selectedIndex = ' . $selectoffset . ';">' . LB;
$buttonSelectText .= $selectText;
$buttonSelectText .= '</select></span>' . LB;
} else {
if ($button[4] == 'smileys') {
if (function_exists('msg_showsmilies')) {
$buttonText .= '<input class="button2" type="button" title="' . $LANG_BBCODE['smiley_help'] . '" style="text-decoration: underline; width: 40px;" value="' . $LANG_BBCODE['smiley_label'] . '" name="toggleV" id="toggleV" accesskey="s"/>' . LB;
$smileys = msg_showsmilies();
}
} else {
$buttonText .= '<input class="button2" type="button" title="' . $button[1] . '" onclick="bbstyle(' . $button[2] . ')" style="width: 30px;" value=" ' . $button[0] . ' " name="addbbcode' . $button[2] . '" accesskey="b"/>' . LB;
}
}
}
}
$buttonText = $buttonText . $buttonSelectText;
$T->set_var('tags', $bbtags);
$T->set_var('buttons', $buttonText);
$T->set_var(array('form_name' => $formName, 'text_name' => $textName, 'bbocode_text' => htmlentities($editorText, ENT_QUOTES, COM_getEncodingt()), 'smileys' => $smileys));
$T->parse('output', 'editor');
$retval .= $T->finish($T->get_var('output'));
return $retval;
}
/**
* Displays the comment form
*
* @param string $title Title of comment
* @param string $comment Text of comment
* @param string $sid ID of object comment belongs to
* @param int $pid ID of parent comment
* @param string $type Type of object comment is posted to
* @param string $mode Mode, e.g. 'preview'
* @param string $postmode Indicates if comment is plain text or HTML
* @return string HTML for comment form
*
*/
function CMT_commentForm($title, $comment, $sid, $pid = '0', $type, $mode, $postmode)
{
global $_CONF, $_TABLES, $_USER, $LANG03, $LANG12, $LANG_LOGIN, $LANG_ACCESS;
$retval = '';
$cid = 0;
$edit_comment = '';
$filter = sanitizer::getInstance();
$AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']);
$filter->setAllowedelements($AllowedElements);
$filter->setNamespace('glfusion', 'comment');
// never trust $uid ...
if (COM_isAnonUser()) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
$commentuid = $uid;
if (($mode == 'edit' || $mode == 'preview_edit') && isset($_REQUEST['cid'])) {
$cid = COM_applyFilter($_REQUEST['cid']);
$commentuid = DB_getItem($_TABLES['comments'], 'uid', "cid = " . (int) $cid);
}
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
$retval .= SEC_loginRequiredForm();
return $retval;
} else {
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
$last = 0;
if ($mode != 'edit' && $mode != 'preview' && $mode != 'preview_new' && $mode != 'preview_edit') {
//not edit mode or preview changes
$last = COM_checkSpeedlimit('comment');
}
if ($last > 0) {
$retval .= COM_showMessageText($LANG03[7] . $last . $LANG03[8], $LANG12[26], false);
} else {
if (empty($postmode)) {
$postmode = $_CONF['comment_postmode'];
}
$AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']);
$filter->setPostmode($postmode);
$filter->setCensorData(true);
$filter->setAllowedElements($AllowedElements);
$comment = $filter->filterHTML($comment);
$display_comment = $filter->displayText($comment);
$edit_comment = $filter->editableText($comment);
$filter->setPostmode('text');
$title = $filter->displayText($title);
$title = $filter->editableText($title);
$filter->setPostmode($postmode);
$_POST['title'] = $title;
$_POST['comment'] = $display_comment;
// Preview mode:
if (($mode == $LANG03[14] || $mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') && !empty($title) && !empty($comment)) {
$start = new Template($_CONF['path_layout'] . 'comment');
$start->set_file(array('comment' => 'startcomment.thtml'));
$start->set_var('hide_if_preview', 'style="display:none"');
// Clean up all the vars
$A = array();
foreach ($_POST as $key => $value) {
if ($key == 'pid' || $key == 'cid') {
$A[$key] = (int) COM_applyFilter($_POST[$key], true);
} else {
if ($key == 'title' || $key == 'comment') {
// these have already been filtered above
$A[$key] = $_POST[$key];
} else {
if ($key == 'username') {
$A[$key] = @htmlspecialchars(COM_checkWords(strip_tags($_POST[$key])), ENT_QUOTES, COM_getEncodingt());
} else {
$A[$key] = COM_applyFilter($_POST[$key]);
}
}
}
}
//correct time and username for edit preview
if ($mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') {
$A['nice_date'] = DB_getItem($_TABLES['comments'], 'UNIX_TIMESTAMP(date)', "cid = " . (int) $cid);
if ($_USER['uid'] != $commentuid) {
$A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $commentuid);
}
}
if (empty($A['username'])) {
$A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $uid);
}
$author_id = PLG_getItemInfo($type, $sid, 'author');
$thecomments = CMT_getComment($A, 'flat', $type, 'ASC', false, true, 0, $author_id);
$start->set_var('comments', $thecomments);
$retval .= '<a name="comment_entry"></a>';
$retval .= COM_startBlock($LANG03[14]) . $start->finish($start->parse('output', 'comment')) . COM_endBlock();
} else {
if ($mode == 'preview_new' || $mode == 'preview_edit') {
$retval .= COM_showMessageText($LANG03[12], $LANG03[17], true);
$mode = 'error';
}
}
$comment_template = new Template($_CONF['path_layout'] . 'comment');
$comment_template->set_file('form', 'commentform.thtml');
if ($mode == 'preview_new') {
$comment_template->set_var('mode', 'new');
$comment_template->set_var('show_anchor', '');
} else {
if ($mode == 'preview_edit') {
$comment_template->set_var('mode', 'edit');
$comment_template->set_var('show_anchor', '');
} else {
$comment_template->set_var('mode', $mode);
$comment_template->set_var('show_anchor', 1);
}
}
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
if ($_CONF['show_fullname'] == 1) {
$comment_template->set_var('lang_username', $LANG_ACCESS['name']);
} else {
$comment_template->set_var('lang_username', $LANG03[5]);
}
$comment_template->set_var('sid', $sid);
$comment_template->set_var('pid', $pid);
$comment_template->set_var('type', $type);
if ($mode == 'edit' || $mode == 'preview_edit') {
//edit modes
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[41]));
$comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . @htmlspecialchars(COM_applyFilter($_REQUEST['cid']), ENT_COMPAT, COM_getEncodingt()) . '"/>');
} else {
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
$comment_template->set_var('cid', '');
}
$comment_template->set_var('CSRF_TOKEN', SEC_createToken());
$comment_template->set_var('token_name', CSRF_TOKEN);
if (!COM_isAnonUser()) {
$comment_template->set_var('uid', $_USER['uid']);
$name = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
$comment_template->set_var('username', $name);
$comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout');
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]);
$comment_template->set_var('username_disabled', 'disabled="disabled"');
$comment_template->set_var('suballowed', true);
$isSub = 0;
if ($mode == 'preview_edit' || $mode == 'preview_new') {
$isSub = isset($_POST['subscribe']) ? 1 : 0;
} else {
if (PLG_isSubscribed('comment', $type, $sid)) {
$isSub = 1;
}
}
if ($isSub == 0) {
$subchecked = '';
} else {
$subchecked = 'checked="checked"';
}
$comment_template->set_var('subchecked', $subchecked);
} else {
//Anonymous user
$comment_template->set_var('uid', 1);
if (isset($_POST['username'])) {
$name = $filter->sanitizeUsername(COM_applyFilter($_POST['username']));
//for preview
} else {
$name = $LANG03[24];
//anonymous user
}
$usernameblock = '<input type="text" name="username" size="16" value="' . $name . '" maxlength="32"/>';
$comment_template->set_var('username', $name);
// $usernameblock);
$comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new');
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
$comment_template->set_var('username_disabled', '');
}
if ($postmode == 'html') {
$comment_template->set_var('htmlmode', true);
}
$comment_template->set_var('lang_title', $LANG03[16]);
$comment_template->set_var('title', @htmlspecialchars($title, ENT_COMPAT, COM_getEncodingt()));
$comment_template->set_var('lang_comment', $LANG03[9]);
$comment_template->set_var('comment', $edit_comment);
$comment_template->set_var('lang_postmode', $LANG03[2]);
$comment_template->set_var('postmode', $postmode);
$comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
$comment_template->set_var('allowed_html', $filter->getAllowedHTML() . '<br/>' . COM_AllowedAutotags('', false, 'glfusion', 'comment'));
$comment_template->set_var('lang_importantstuff', $LANG03[18]);
$comment_template->set_var('lang_instr_line1', $LANG03[19]);
$comment_template->set_var('lang_instr_line2', $LANG03[20]);
$comment_template->set_var('lang_instr_line3', $LANG03[21]);
$comment_template->set_var('lang_instr_line4', $LANG03[22]);
$comment_template->set_var('lang_instr_line5', $LANG03[23]);
if ($mode == 'edit' || $mode == 'preview_edit') {
//editing comment or preview changes
$comment_template->set_var('lang_preview', $LANG03[28]);
} else {
//new comment
$comment_template->set_var('lang_preview', $LANG03[14]);
}
if (function_exists('msg_replaceEmoticons')) {
$comment_template->set_var('smilies', msg_showsmilies());
}
$comment_template->unset_var('save_type');
PLG_templateSetVars('comment', $comment_template);
if ($mode == 'preview_edit' || $mode == 'edit' && $_CONF['skip_preview'] == 1) {
//for editing
$comment_template->set_var('save_type', 'saveedit');
$comment_template->set_var('lang_save', $LANG03[29]);
$comment_template->set_var('save_option', '<input type="submit" name="saveedit" value="' . $LANG03[29] . '"/>');
} elseif ($_CONF['skip_preview'] == 1 || $mode == 'preview_new') {
//new comment
$comment_template->set_var('save_type', 'savecomment');
$comment_template->set_var('lang_save', $LANG03[11]);
$comment_template->set_var('save_option', '<input type="submit" name="savecomment" value="' . $LANG03[11] . '"/>');
}
$comment_template->set_var('end_block', COM_endBlock());
$comment_template->parse('output', 'form');
$retval .= $comment_template->finish($comment_template->get_var('output'));
}
}
return $retval;
}
