// ========================================== // PHP-NUKE: Shout Box // ========================== // // Copyright (c) 2003-2005 by Aric Bolf (SuperCat) // http://www.OurScripts.net // // Copyright (c) 2002 by Quiecom // http://www.Quiecom.com // // This program is free software. You can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation // =========================================== if (!eregi("modules.php", $_SERVER['PHP_SELF'])) { die ("You can't access this file directly..."); } $module_name = basename(dirname(__FILE__)); get_lang($module_name); $pagetitle = "- "._SHOUTHISTORY.""; $index = 1; include("config.php"); global $db, $user, $cookie, $prefix, $username; cookiedecode($user); $username = $cookie[1]; if ($username == "") { $username = "Anonymous"; } $sql = "select * from ".$prefix."_shoutbox_conf"; $result = $db->sql_query($sql); $conf = $db->sql_fetchrow($result); //do IP test then ban if on list $uip = $_SERVER['REMOTE_ADDR']; if($conf['ipblock'] == "yes") { $sql = "select * from ".$prefix."_shoutbox_ipblock"; $ipresult = $db->sql_query($sql); while ($badips = $db->sql_fetchrow($ipresult)) { if (eregi("\*", $badips['name'])) { // Allow for Subnet bans like 123.456.* $badipsArray = explode(".",$badips['name']); $uipArray = explode(".",$uip); $i = 0; foreach($badipsArray as $badipsPart) { if ($badipsPart == "*") { $Action = "UserBanned"; break; } if ($badipsPart != $uipArray[$i] AND $badipsPart != "*") { break; } $i++; } } else { if($uip == $badips['name']) { $Action = "UserBanned"; break; } } } } //do name test then ban if on list (only applies to registered users) if($conf['nameblock'] == "yes" AND $Action != "UserBanned") { $sql = "select * from ".$prefix."_shoutbox_nameblock"; $nameresult = $db->sql_query($sql); while ($badname = $db->sql_fetchrow($nameresult)) { if($username == $badname['name']) { $Action = "UserBanned"; break; } } } function searchHistory($where, $sbsearchtext, $results, $style, $timeframe, $order) { include("config.php"); global $db, $user, $cookie, $prefix, $username, $AvatarFound; include("header.php"); cookiedecode($user); $username = $cookie[1]; if ($username == "") { $username = "Anonymous"; } if (is_user($user)) { $username = $cookie[1]; if ($username != '') { $sqlF = "SELECT user_timezone, user_dateformat from ".$prefix."_users WHERE username='$username'"; $resultF = $db->sql_query($sqlF); $userSetup = $db->sql_fetchrow($resultF); } } $sql = "select * from ".$prefix."_shoutbox_date"; $resultD = $db->sql_query($sql); $rowD = $db->sql_fetchrow($resultD); // search form OpenTable(); showSearchBox($sbsearchtext, $where, $style, $results, $timeframe, $order); echo "\n"; echo "

"; CloseTable(); echo "
"; // show results OpenTable(); if ($results > 50) { $results = 50; } if ($results < 10) { $results = 10; } echo "\n"; echo "\n"; //echo "\n"; // build SQL query based on user choices //$sql = "select * from ".$prefix."_shoutbox_shouts WHERE name='$sbsearchtext' ORDER BY id desc LIMIT $results"; // search by Nicknames only if ($where == 'Nicknames') { $SearchArray = explode(" ",$sbsearchtext); $c = count($SearchArray); $d = 0; $sql = "select * from ".$prefix."_shoutbox_shouts WHERE name"; foreach($SearchArray as $SearchPart) { $d++; if ($style == 'Exact') { $sql .= "='".$SearchPart."'"; } else { $sql .= " LIKE '%".$SearchPart."%'"; } if ($d < $c) { $sql .= " OR name"; } } } elseif ($where == 'Both') { // search by Nicknames and Shouts if ($style == 'Exact') { $sql = "select * from ".$prefix."_shoutbox_shouts WHERE name='$sbsearchtext' OR comment='$sbsearchtext'"; } else { $SearchArray = explode(" ",$sbsearchtext); $c = count($SearchArray); $d = 0; $sql = "select * from ".$prefix."_shoutbox_shouts WHERE name"; foreach($SearchArray as $SearchPart) { $d++; $sql .= " LIKE '%".$SearchPart."%' OR comment LIKE '%".$SearchPart."%'"; if ($d < $c) { $sql .= " OR name"; } } } } else { // search by Shouts only if ($style == 'Exact') { $sql = "select * from ".$prefix."_shoutbox_shouts WHERE comment LIKE '%".$sbsearchtext."%'"; } else { $SearchArray = explode(" ",$sbsearchtext); $c = count($SearchArray); $d = 0; $sql = "select * from ".$prefix."_shoutbox_shouts WHERE comment"; foreach($SearchArray as $SearchPart) { $d++; $sql .= " LIKE '%".$SearchPart."%'"; if ($d < $c) { $sql .= " AND comment"; } } } } if (($order == '') OR ($order == 'newest')) { $sql .= " ORDER BY id desc"; } else { $sql .= " ORDER BY id asc"; } $sql .= " LIMIT $results"; // end building SQL query $result = $db->sql_query($sql); $numrows = $db->sql_numrows($result); if ($numrows > 0) { $sqlz = "select * from ".$prefix."_shoutbox_conf"; $resultz = $db->sql_query($sqlz); $conf = $db->sql_fetchrow($resultz); $post = 0; $loop = 0; $flag = 1; $ThemeSel = get_theme(); $sql = "select * from ".$prefix."_shoutbox_themes WHERE themeName='$ThemeSel'"; $resultT = $db->sql_query($sql); $rowColor = $db->sql_fetchrow($resultT); while ($row = $db->sql_fetchrow($result)) { if ($flag == 1) { $bgcolor = $rowColor['menuColor1']; } if ($flag == 2) { $bgcolor = $rowColor['menuColor2']; } $comment = str_replace('src=', 'src="', $row['comment']); $comment = str_replace('.gif>', '.gif" alt="" />', $comment); $comment = str_replace('.jpg>', '.jpg" alt="" />', $comment); $comment = str_replace('.png>', '.png" alt="" />', $comment); $comment = str_replace('.bmp>', '.bmp" alt="" />', $comment); // BB code [b]word[/b] [i]word[/i] [u]word[/u] if ((eregi("[b]", $comment)) AND (eregi("[/b]", $comment)) AND (substr_count("$comment","[b]") == substr_count("$comment","[/b]"))) { $comment = eregi_replace("\[b\]","","$comment"); $comment = eregi_replace("\[\/b\]","","$comment"); } if ((eregi("[i]", $comment)) AND (eregi("[/i]", $comment)) AND (substr_count("$comment","[i]") == substr_count("$comment","[/i]"))) { $comment = eregi_replace("\[i\]","","$comment"); $comment = eregi_replace("\[\/i\]","","$comment"); } if ((eregi("[u]", $comment)) AND (eregi("[/u]", $comment)) AND (substr_count("$comment","[u]") == substr_count("$comment","[/u]"))) { $comment = eregi_replace("\[u\]","","$comment"); $comment = eregi_replace("\[\/u\]","","$comment"); } $sqlN = "SELECT * FROM ".$prefix."_users WHERE username='$row[name]'"; $nameresultN = $db->sql_query($sqlN); $rowN = $db->sql_fetchrow($nameresultN); // Disallow Anonymous users from seeing links to users' accounts if ($username == "Anonymous") { if (($rowN['user_avatar']) && ($rowN['user_avatar'] != "blank.gif") && ($rowN['user_avatar'] != "gallery/blank.gif") && (stristr($rowN['user_avatar'],'.') == TRUE)) { echo "\n"; } else { echo "\n"; } } else { // check to see if nickname is a user in the DB and not Anonymous if (($rowN) && ($rowN['username'] != "Anonymous")) { if (($rowN['user_avatar']) && ($rowN['user_avatar'] != "blank.gif") && ($rowN['user_avatar'] != "gallery/blank.gif") && (stristr($rowN['user_avatar'],'.') == TRUE)) { echo "\n"; } else { echo "\n"; } } else { echo "\n"; } } if ($flag == 1) { $flag = 2; } elseif ($flag == 2) { $flag =1; } } } else { echo ""; } echo "

"._SEARCHRESULTS."

$\"\"$

"._SEARCHRESULTS."

"; echo ""; echo "

"; $row_avatar = $rowN['user_avatar']; $av_found = findAvatar($row_avatar); echo "$av_found"; echo "

"; echo "$row[name]: $comment"; if ($conf['date'] == "yes") { if ($row['timestamp'] != '') { // reads unix timestamp and formats it to the viewer's timezone if (is_user($user)) { // time adjustment for following user's timezone $displayTime = $userSetup['user_timezone'] - $conf['serverTimezone']; $displayTime = $displayTime * 3600; $newTimestamp = $row['timestamp'] + $displayTime; $unixTime = date("$userSetup[user_dateformat]", $newTimestamp); echo "
$unixTime"; } else { // adjustmet for timezone offset $displayTime = $conf['timeOffset'] * 3600; $newTimestamp = $row['timestamp'] + $displayTime; $unixDay = date("$rowD[date]", $newTimestamp); $unixTime = date("$rowD[time]", $newTimestamp); echo "
$unixDay $unixTime"; } } else { echo "
$row[date] $row[time]"; } } echo "

"; echo "

"; echo ""; echo "

"; $row_avatar = $rowN['user_avatar']; $av_found = findAvatar($row_avatar); echo "$av_found"; echo "

$row[name]: $comment
"; if ($conf['date'] == "yes") { if ($row['timestamp'] != '') { // reads unix timestamp and formats it to the viewer's timezone if (is_user($user)) { // time adjustment for following user's timezone $displayTime = $userSetup['user_timezone'] - $conf['serverTimezone']; $displayTime = $displayTime * 3600; $newTimestamp = $row['timestamp'] + $displayTime; $unixTime = date("$userSetup[user_dateformat]", $newTimestamp); echo "$unixTime"; } else { // adjustmet for timezone offset $displayTime = $conf['timeOffset'] * 3600; $newTimestamp = $row['timestamp'] + $displayTime; $unixDay = date("$rowD[date]", $newTimestamp); $unixTime = date("$rowD[time]", $newTimestamp); echo "$unixDay $unixTime"; } } else { echo "$row[date] $row[time]"; } } // registered users edit/delete posts if (($conf['delyourlastpost'] == "yes") && ($username == $row['name'])) { echo " [ "._EDIT." | "._DELETE." ]"; } echo "

"; echo "

"; echo "$row[name]: $comment
"; if ($conf['date'] == "yes") { if ($row['timestamp'] != '') { // reads unix timestamp and formats it to the viewer's timezone if (is_user($user)) { // time adjustment for following user's timezone $displayTime = $userSetup['user_timezone'] - $conf['serverTimezone']; $displayTime = $displayTime * 3600; $newTimestamp = $row['timestamp'] + $displayTime; $unixTime = date("$userSetup[user_dateformat]", $newTimestamp); echo "$unixTime"; } else { // adjustmet for timezone offset $displayTime = $conf['timeOffset'] * 3600; $newTimestamp = $row['timestamp'] + $displayTime; $unixDay = date("$rowD[date]", $newTimestamp); $unixTime = date("$rowD[time]", $newTimestamp); echo "$unixDay $unixTime"; } } else { echo "$row[date] $row[time]"; } } // registered users edit/delete posts if (($conf['delyourlastpost'] == "yes") && ($username == $row['name'])) { echo " [ "._EDIT." | "._DELETE." ]"; } echo "

\n"; echo "

"._NORESULTS."

"; CloseTable(); include("footer.php"); } function showSearchBox($sbsearchtext, $where, $style, $results, $timeframe, $order) { echo "

\n"; echo "\n"; echo "\n"; //echo "\n"; echo ""; echo "

"._SEARCHBOX."
$\"\"$	"._SEARCHBOX."
"; if (($where == 'Shouts') OR ($where == '')) { $wSEL1 = " selected=\"selected\""; } else { $wSEL1 = ""; } if ($where == 'Nicknames') { $wSEL2 = " selected=\"selected\""; } else { $wSEL2 = ""; } if ($where == 'Both') { $wSEL3 = " selected=\"selected\""; } else { $wSEL3 = ""; } echo " "; if (($style == 'Exact') OR ($style == '')) { $sSEL1 = " selected=\"selected\""; } else { $sSEL1 = ""; } if ($style == 'Any') { $sSEL2 = " selected=\"selected\""; } else { $sSEL2 = ""; } echo " "; if (($results == 10) OR ($results == '')) { $rSEL10 = " selected=\"selected\""; } else { $rSEL10 = ""; } if ($results == 20) { $rSEL20 = " selected=\"selected\""; } else { $rSEL20 = ""; } if ($results == 30) { $rSEL30 = " selected=\"selected\""; } else { $rSEL30 = ""; } if ($results == 50) { $rSEL50 = " selected=\"selected\""; } else { $rSEL50 = ""; } echo " "; // Search by time frame: // if (($timeframe == 0) OR ($timeframe == '')) { $tfSEL0 = " selected=\"selected\""; } else { $tfSEL0 = ""; } // if ($timeframe == 3) { $tfSEL3 = " selected=\"selected\""; } else { $tfSEL3 = ""; } // if ($timeframe == 6) { $tfSEL6 = " selected=\"selected\""; } else { $tfSEL6 = ""; } // if ($timeframe == 12) { $tfSEL12 = " selected=\"selected\""; } else { $tfSEL12 = ""; } // echo ""; if (($order == 'newest') OR ($order == '')) { $oSEL1 = " selected=\"selected\""; } else { $oSEL1 = ""; } if ($order == 'oldest') { $oSEL2 = " selected=\"selected\""; } else { $oSEL2 = ""; } echo ""; echo "
"; echo " "; echo "

"; } function shoutDelete($page, $shoutID) { global $db, $user, $cookie, $prefix; $sql = "select * from ".$prefix."_shoutbox_conf"; $result = $db->sql_query($sql); $conf = $db->sql_fetchrow($result); if ($conf['delyourlastpost'] == "yes") { $sql = "select * from ".$prefix."_shoutbox_shouts where id='$shoutID'"; $nameresult = $db->sql_query($sql); $row = $db->sql_fetchrow($nameresult); include("config.php"); cookiedecode($user); $username = $cookie[1]; if ($row['name'] == $username) { $sqlD = "DELETE FROM ".$prefix."_shoutbox_shouts WHERE id='$shoutID'"; $db->sql_query($sqlD); } } Header("Location: modules.php?name=Shout_Box&page=$page"); exit; } function shoutEdit($page, $shoutID, $ShoutError) { include("config.php"); global $db, $user, $cookie, $prefix; include("header.php"); $sql = "select * from ".$prefix."_shoutbox_conf"; $result = $db->sql_query($sql); $conf = $db->sql_fetchrow($result); OpenTable(); if ($conf['delyourlastpost'] == "yes") { $sql = "select * from ".$prefix."_shoutbox_shouts where id='$shoutID'"; $nameresult = $db->sql_query($sql); $row = $db->sql_fetchrow($nameresult); cookiedecode($user); $username = $cookie[1]; if ($row['name'] == $username) { // strip out link code here (added back in later if saved) $ShoutComment = $row['comment']; $ShoutComment = ereg_replace("[URL]", "",$ShoutComment); $ShoutComment = ereg_replace("\">FTP]", "",$ShoutComment); $ShoutComment = ereg_replace("\">IRC]", "",$ShoutComment); $ShoutComment = ereg_replace("\">TeamSpeak]", "",$ShoutComment); $ShoutComment = ereg_replace("\">AIM]", "",$ShoutComment); $ShoutComment = ereg_replace("\">Gopher]", "",$ShoutComment); $ShoutComment = ereg_replace("\">E-Mail]", "",$ShoutComment); $i = 0; $ShoutNew = ''; $ShoutArray = explode(" ",$ShoutComment); foreach($ShoutArray as $ShoutPart) { if (eregi("mailto:", $ShoutPart)) { // find mailto: $ShoutPart = eregi_replace("mailto:", "",$ShoutPart); // strip out mailto: $ShoutPart = eregi_replace("%", " ",$ShoutPart); $ShoutPart = trim($ShoutPart); // decode address to ascii $c = 0; $AddyArray = explode(" ",$ShoutPart); foreach($AddyArray as $AddyPart) { $AddyNew[$c] = chr(hexdec($AddyPart)); $c++; } $ShoutPart = implode("",$AddyNew); $ShoutNew[$i] = "mailto:$ShoutPart"; // add mailto: back in } else { $ShoutNew[$i] = $ShoutPart; } $i++; } $ShoutComment = implode(" ",$ShoutNew); // strip smilies code here (added back in later if saved) $sql = "select * from ".$prefix."_shoutbox_emoticons"; $eresult = $db->sql_query($sql); while ($emoticons = $db->sql_fetchrow($eresult)) { $ShoutComment = str_replace($emoticons['image'],$emoticons['text'],$ShoutComment); } echo ""; } else { echo ""._EDITINGOTHERSDISALLOWED.""; } } else { echo ""._EDITINGDISABLEDBYADMIN.""; } CloseTable(); include("footer.php"); } function shoutSave($page, $shoutID, $ShoutComment) { include("config.php"); global $db, $user, $cookie, $prefix; $sql = "select * from ".$prefix."_shoutbox_conf"; $result = $db->sql_query($sql); $conf = $db->sql_fetchrow($result); if ($conf['delyourlastpost'] == "yes") { $sql = "select * from ".$prefix."_shoutbox_shouts where id='$shoutID'"; $nameresult = $db->sql_query($sql); $row = $db->sql_fetchrow($nameresult); include("config.php"); cookiedecode($user); $username = $cookie[1]; if ($row['name'] == $username) { $ShoutComment = trim($ShoutComment); // remove whitespace off ends of shout $ShoutComment = preg_replace('/\s+/', ' ', $ShoutComment); // convert double spaces in middle of shout to single space $num = strlen($ShoutComment); if ($num < 1) { $ShoutError = ""._SHOUTTOOSHORT.""; } if ($num > 2500) { $ShoutError = ""._SHOUTTOOLONG.""; } if (!$ShoutComment) { $ShoutError = ""._NOSHOUT.""; } if ($ShoutComment == ""._SB_MESSAGE."") { $ShoutError = ""._NOSHOUT.""; } $ShoutComment = ereg_replace(" [.] ", ".",$ShoutComment); if (eregi(".xxx", $ShoutComment) AND $conf['blockxxx'] == "yes") { $ShoutError = ""._XXXBLOCKED.""; $ShoutComment = ""; } if (eregi("javascript:(.*)", $ShoutComment)) { $ShoutError = ""._JSINSHOUT.""; $ShoutComment = ""; } $ShoutComment = htmlspecialchars($ShoutComment, ENT_QUOTES); $ShoutComment = ereg_replace("&", "&",$ShoutComment); // Scan for links in the shout. If there is, replace it with [URL] or block it if disallowed $i = 0; $ShoutNew = ''; $ShoutArray = explode(" ",$ShoutComment); foreach($ShoutArray as $ShoutPart) { if (is_array($ShoutPart) == TRUE) { $ShoutPart = $ShoutPart[0]; } if (eregi("http:\/\/", $ShoutPart)) { if ($conf['urlonoff'] == "no") { $ShoutError = ""._URLNOTALLOWED.""; break; } // fix for users adding text to the beginning of links: HACKhttp://www.website.com $ShoutPartL = strtolower($ShoutPart); $spot = strpos($ShoutPartL,"http://"); if ($spot > 0) { $ShoutPart = substr($ShoutPart, $spot); } $ShoutNew[$i] = "[URL]"; } elseif (eregi("ftp:\/\/", $ShoutPart)) { if ($conf['urlonoff'] == "no") { $ShoutError = ""._URLNOTALLOWED.""; break; } $ShoutPartL = strtolower($ShoutPart); $spot = strpos($ShoutPartL,"ftp://"); if ($spot > 0) { $ShoutPart = substr($ShoutPart, $spot); } $ShoutNew[$i] = "[FTP]"; } elseif (eregi("irc:\/\/", $ShoutPart)) { if ($conf['urlonoff'] == "no") { $ShoutError = ""._URLNOTALLOWED.""; break; } $ShoutPartL = strtolower($ShoutPart); $spot = strpos($ShoutPartL,"irc://"); if ($spot > 0) { $ShoutPart = substr($ShoutPart, $spot); } $ShoutNew[$i] = "[IRC]"; } elseif (eregi("teamspeak:\/\/", $ShoutPart)) { if ($conf['urlonoff'] == "no") { $ShoutError = ""._URLNOTALLOWED.""; break; } $ShoutPartL = strtolower($ShoutPart); $spot = strpos($ShoutPartL,"teamspeak://"); if ($spot > 0) { $ShoutPart = substr($ShoutPart, $spot); } $ShoutNew[$i] = "[TeamSpeak]"; } elseif (eregi("aim:goim", $ShoutPart)) { if ($conf['urlonoff'] == "no") { $ShoutError = ""._URLNOTALLOWED.""; break; } $ShoutPartL = strtolower($ShoutPart); $spot = strpos($ShoutPartL,"aim:goim"); if ($spot > 0) { $ShoutPart = substr($ShoutPart, $spot); } $ShoutNew[$i] = "[AIM]"; } elseif (eregi("gopher:\/\/", $ShoutPart)) { if ($conf['urlonoff'] == "no") { $ShoutError = ""._URLNOTALLOWED.""; break; } $ShoutPartL = strtolower($ShoutPart); $spot = strpos($ShoutPartL,"gopher://"); if ($spot > 0) { $ShoutPart = substr($ShoutPart, $spot); } $ShoutNew[$i] = "[Gopher]"; } elseif (eregi("mailto:", $ShoutPart)) { $ShoutPartL = strtolower($ShoutPart); $spot = strpos($ShoutPartL,"mailto:"); if ($spot > 0) { $ShoutPart = substr($ShoutPart, $spot); } // email encoding to stop harvesters $ShoutPart = bin2hex($ShoutPart); $ShoutPart = chunk_split($ShoutPart, 2, '%'); $ShoutPart = '%' . substr($ShoutPart, 0, strlen($ShoutPart) - 1); $ShoutNew[$i] = "[E-Mail]"; } elseif (eregi("www\.", $ShoutPart)) { if ($conf['urlonoff'] == "no") { $ShoutError = ""._URLNOTALLOWED.""; break; } $ShoutPartL = strtolower($ShoutPart); $spot = strpos($ShoutPartL,"www."); if ($spot > 0) { $ShoutPart = substr($ShoutPart, $spot); } $ShoutPart = "http://" . $ShoutPart; $ShoutNew[$i] = "[URL]"; } elseif (eregi('@', $ShoutPart) AND eregi('\.', $ShoutPart)) { // \b[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}\b // email encoding to stop harvesters $ShoutPart = bin2hex($ShoutPart); $ShoutPart = chunk_split($ShoutPart, 2, '%'); $ShoutPart = '%' . substr($ShoutPart, 0, strlen($ShoutPart) - 1); $ShoutNew[$i] = "[E-Mail]"; } elseif ((eregi("\.(us|tv|cc|ws|ca|de|jp|ro|be|fm|ms|tc|ph|dk|st|ac|gs|vg|sh|kz|as|lt|to)", substr("$ShoutPart", -3,3))) OR (eregi("\.(com|net|org|mil|gov|biz|pro|xxx)", substr("$ShoutPart", -4,4))) OR (eregi("\.(info|name|mobi)", substr("$ShoutPart", -5,5))) OR (eregi("\.(co\.uk|co\.za|co\.nz|co\.il)", substr("$ShoutPart", -6,6)))) { if ($conf['urlonoff'] == "no") { $ShoutError = ""._URLNOTALLOWED.""; break; } $ShoutPart = "http://" . $ShoutPart; $ShoutNew[$i] = "[URL]"; } elseif (strlen(html_entity_decode($ShoutPart, ENT_QUOTES)) > 21) { $ShoutNew[$i] = htmlspecialchars(wordwrap(html_entity_decode($ShoutPart, ENT_QUOTES), 21, " ", 1), ENT_QUOTES); $ShoutNew[$i] = str_replace("[ b]", " [b]",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[b ]", " [b]",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[ /b]", "[/b] ",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[/ b]", "[/b] ",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[/b ]", "[/b] ",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[ i]", " [i]",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[i ]", " [i]",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[ /i]", "[/i] ",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[/ i]", "[/i] ",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[/i ]", "[/i] ",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[ u]", " [u]",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[u ]", " [u]",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[ /u]", "[/u] ",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[/ u]", "[/u] ",$ShoutNew[$i]); $ShoutNew[$i] = str_replace("[/u ]", "[/u] ",$ShoutNew[$i]); } else { $ShoutNew[$i] = $ShoutPart; } $i++; } if ($ShoutError == "") { $ShoutComment = implode(" ",$ShoutNew); } //Smilies from database $ShoutArrayReplace = explode(" ",$ShoutComment); $ShoutArrayScan = $ShoutArrayReplace; $sql = "select * from ".$prefix."_shoutbox_emoticons"; $eresult = $db->sql_query($sql); while ($emoticons = $db->sql_fetchrow($eresult)) { $i = 0; foreach($ShoutArrayScan as $ShoutPart) { if ($ShoutPart == $emoticons['text']) { $ShoutArrayReplace[$i] = $emoticons['image']; } $i++; } } $ShoutComment = implode(" ",$ShoutArrayReplace); //look for bad words, then censor them. if($conf['censor'] == "yes") { $ShoutArrayReplace = explode(" ",$ShoutComment); $ShoutArrayScan = $ShoutArrayReplace; $sql = "select * from ".$prefix."_shoutbox_censor"; $cresult = $db->sql_query($sql); while ($censor = $db->sql_fetchrow($cresult)) { $i = 0; foreach($ShoutArrayScan as $ShoutPart) { $ShoutPart = strtolower($ShoutPart); $censor['text'] = strtolower($censor['text']); if ($ShoutPart == $censor['text']) { $ShoutArrayReplace[$i] = $censor['replacement']; } $i++; } } $ShoutComment = implode(" ",$ShoutArrayReplace); /* // Phrase censor - Needs work before implementing $sql = "select * from ".$prefix."_shoutbox_emoticons"; $eresult = $db->sql_query($sql); while ($emoticons = $db->sql_fetchrow($eresult)) { $ShoutComment = str_replace($emoticons[1],$emoticons[2],$ShoutComment); } */ } if (!$ShoutError) { $sqlU = "UPDATE ".$prefix."_shoutbox_shouts set comment='$ShoutComment' WHERE id='$shoutID'"; $db->sql_query($sqlU); } else { Header("Location: modules.php?name=Shout_Box&Action=Edit&shoutID=$shoutID&page=$page&ShoutError=$ShoutError"); exit; } } } Header("Location: modules.php?name=Shout_Box&page=$page"); exit; } function findAvatar($row_avatar) { global $db, $prefix; // Find avatar path // modules/Forums/images/avatars/gallery $sql = "SELECT * FROM ".$prefix."_bbconfig WHERE config_name='avatar_gallery_path'"; $result = $db->sql_query($sql); $avatar_gallery_path = $db->sql_fetchrow($result); // modules/Forums/images/avatars $sql = "SELECT * FROM ".$prefix."_bbconfig WHERE config_name='avatar_path'"; $result = $db->sql_query($sql); $avatar_path = $db->sql_fetchrow($result); if (eregi('http://',$row_avatar) == TRUE) { // offsite avatars $AvatarFound = " $\"\"$ "; } else { $agp = "$avatar_gallery_path[config_value]/$row_avatar"; $ap = "$avatar_path[config_value]/$row_avatar"; if (file_exists($agp) == TRUE) { $AvatarFound = " $\"\"$ "; } elseif (file_exists($ap) == TRUE) { $AvatarFound = " $\"\"$ "; } else { $AvatarFound = " $\"\"$ "; } } return $AvatarFound; } function showHistory($page) { include("config.php"); global $db, $user, $cookie, $prefix, $username, $AvatarFound; include("header.php"); cookiedecode($user); $username = $cookie[1]; if ($username == "") { $username = "Anonymous"; } $sql = "select * from ".$prefix."_shoutbox_conf"; $result = $db->sql_query($sql); $conf = $db->sql_fetchrow($result); if (is_user($user)) { $username = $cookie[1]; if ($username != '') { $sqlF = "SELECT user_timezone, user_dateformat from ".$prefix."_users WHERE username='$username'"; $resultF = $db->sql_query($sqlF); $userSetup = $db->sql_fetchrow($resultF); } } $sql = "select * from ".$prefix."_shoutbox_date"; $resultD = $db->sql_query($sql); $rowD = $db->sql_fetchrow($resultD); // count number of shouts in DB $sql = "SELECT id FROM ".$prefix."_shoutbox_shouts"; $result = $db->sql_query($sql); $numrows = $db->sql_numrows($result); $shout_pages = 1; $shoutsViewed = $conf['shoutsperpage']; while ($numrows >= $shoutsViewed) { $shout_pages++; $numrows = ($numrows - $shoutsViewed); } if ($shout_pages == 0) { $shout_pages = 1; } if (!$page) { $page = 1; } if ($page < 1) { $page = 1; } if ($page > $shout_pages) { $page = $shout_pages; } if ($page > 1) { $offset = ($page * $shoutsViewed); $offset1 = ($offset - $shoutsViewed); } else { $offset1 = 0; } // search form OpenTable(); $sbsearchtext = ''; $where = ''; $style = ''; $results = ''; $timeframe = ''; $order = ''; showSearchBox($sbsearchtext, $where, $style, $results, $timeframe, $order); CloseTable(); echo "
"; OpenTable(); $post = 0; $loop = 0; $flag = 1; $ThemeSel = get_theme(); $sql = "select * from ".$prefix."_shoutbox_themes WHERE themeName='$ThemeSel'"; $result = $db->sql_query($sql); $rowColor = $db->sql_fetchrow($result); echo "

\n"; echo "\n"; echo "\n"; //echo "\n"; $sql = "SELECT * FROM ".$prefix."_shoutbox_shouts ORDER BY id desc LIMIT ".$offset1.",$shoutsViewed"; $resultt = $db->sql_query($sql); while ($row = $db->sql_fetchrow($resultt)) { if ($flag == 1) { $bgcolor = $rowColor['menuColor1']; } if ($flag == 2) { $bgcolor = $rowColor['menuColor2']; } $comment = str_replace('src=', 'src="', $row['comment']); $comment = str_replace('.gif>', '.gif" alt="" />', $comment); $comment = str_replace('.jpg>', '.jpg" alt="" />', $comment); $comment = str_replace('.png>', '.png" alt="" />', $comment); $comment = str_replace('.bmp>', '.bmp" alt="" />', $comment); // BB code [b]word[/b] [i]word[/i] [u]word[/u] if ((eregi("[b]", $comment)) AND (eregi("[/b]", $comment)) AND (substr_count("$comment","[b]") == substr_count("$comment","[/b]"))) { $comment = eregi_replace("\[b\]","","$comment"); $comment = eregi_replace("\[\/b\]","","$comment"); } if ((eregi("[i]", $comment)) AND (eregi("[/i]", $comment)) AND (substr_count("$comment","[i]") == substr_count("$comment","[/i]"))) { $comment = eregi_replace("\[i\]","","$comment"); $comment = eregi_replace("\[\/i\]","","$comment"); } if ((eregi("[u]", $comment)) AND (eregi("[/u]", $comment)) AND (substr_count("$comment","[u]") == substr_count("$comment","[/u]"))) { $comment = eregi_replace("\[u\]","","$comment"); $comment = eregi_replace("\[\/u\]","","$comment"); } $sqlN = "SELECT * FROM ".$prefix."_users WHERE username='$row[name]'"; $nameresultN = $db->sql_query($sqlN); $rowN = $db->sql_fetchrow($nameresultN); // Disallow Anonymous users from seeing links to users' accounts if ($username == "Anonymous") { if (($rowN['user_avatar']) && ($rowN['user_avatar'] != "blank.gif") && ($rowN['user_avatar'] != "gallery/blank.gif") && (stristr($rowN['user_avatar'],'.') == TRUE)) { echo "\n"; } else { echo "\n"; } } else { // check to see if nickname is a user in the DB and not Anonymous if (($rowN) && ($rowN['username'] != "Anonymous")) { if (($rowN['user_avatar']) && ($rowN['user_avatar'] != "blank.gif") && ($rowN['user_avatar'] != "gallery/blank.gif") && (stristr($rowN['user_avatar'],'.') == TRUE)) { echo "\n"; } else { echo "\n"; } } else { echo "\n"; } } if ($flag == 1) { $flag = 2; } elseif ($flag == 2) { $flag =1; } } echo "

"._SHOUTBOXHISTORY."

$\"\"$

"._SHOUTBOXHISTORY."

"; echo ""; echo "

"; $row_avatar = $rowN['user_avatar']; $av_found = findAvatar($row_avatar); echo "$av_found"; echo "

"; echo "

"; echo ""; echo "

"; $row_avatar = $rowN['user_avatar']; $av_found = findAvatar($row_avatar); echo "$av_found"; echo "

"; echo "

"; echo "$row[name]: $comment
"; if ($conf['date'] == "yes") { if ($row['timestamp'] != '') { // reads unix timestamp and formats it to the viewer's timezone if (is_user($user)) { // time adjustment for following user's timezone $displayTime = $userSetup['user_timezone'] - $conf['serverTimezone']; $displayTime = $displayTime * 3600; $newTimestamp = $row['timestamp'] + $displayTime; $unixTime = date("$userSetup[user_dateformat]", $newTimestamp); echo "$unixTime"; } else { // adjustmet for timezone offset $displayTime = $conf['timeOffset'] * 3600; $newTimestamp = $row['timestamp'] + $displayTime; $unixDay = date("$rowD[date]", $newTimestamp); $unixTime = date("$rowD[time]", $newTimestamp); echo "$unixDay $unixTime"; } } else { echo "$row[date] $row[time]"; } } // registered users edit/delete posts if (($conf['delyourlastpost'] == "yes") && ($username == $row['name'])) { echo " [ "._EDIT." | "._DELETE." ]"; } echo "

"; $num1 = ($page-4); if ($num1 < 1) { $num1 = 1; } $num2 = ($num1+8); if ($num2 > $shout_pages) { $num2 = $shout_pages; } $num5 = ($num2-8); if ($num5 < $num1) { $num1 = $num5; if ($num1 < 1) { $num1 = 1; } } $num3 = ($page-1); $num4 = ($page+1); $menuLinks = ""; $count = $num1; while ($count <= $shout_pages AND $count <= $num2) { if ($count == $page) { $menuLinks .= "$count"; } else { $menuLinks .= "$count"; } if ($count < $num2) { $menuLinks .= " "; } $count++; } $menuLinks .= "

"; if ($page > 1) { $menuLinks .= ""._PREVIOUS." \n"; } if ($page != $shout_pages) { $menuLinks .= ""._PAGE." $page / $shout_pages\n"; } else { $menuLinks .= ""._PAGE." $page / $shout_pages\n"; } if ($page < $shout_pages) { $menuLinks .= " "._NEXT."\n"; } echo "$menuLinks"; echo "

"; // End menu build CloseTable(); include("footer.php"); } function showBanned() { include("config.php"); include("header.php"); OpenTable(); echo "

"._YOUAREBANNEDM."

"; CloseTable(); include("footer.php"); } switch($Action) { case "UserBanned": showBanned(); break; case "Search": searchHistory($where, $sbsearchtext, $results, $style, $timeframe, $order); break; case "Delete": shoutDelete($page, $shoutID); break; case "Edit": if ($ShoutError == '') { $ShoutError = 'none'; } shoutEdit($page, $shoutID, $ShoutError); break; case "Save": shoutSave($page, $shoutID, $ShoutComment); break; default: showHistory($page); break; } ?>