version 1.1.1.1, 2002/03/15 00:09:03 |
version 1.13, 2002/06/10 14:23:45 |
|
|
<? |
<? |
/* |
/* |
Module: WolBoard.php3 |
Module: WolBoard.php3 |
|
|
Author: Martin Karas a.k.a. Wolcano |
Author: Martin Karas a.k.a. Wolcano |
Date: 14.03.2002 |
Date: 24.04.2002 |
Mail: wolcano@pobox.sk |
Mail: wolcano@pobox.sk |
Version: v4.4 |
Version: v5.2 |
|
License: not chosen yet - this file is strictly private, |
|
you may not copy/change/distribute it without authors |
Description: Simple message-board. Uses two external files to store |
explicit premission. |
data - messages, usernames and e-mails. Main functions are show_data_form, |
Description: Simple message-board. Can store data in files or |
show_messages. Other runtime information (new user creation form, etc) are |
PEAR-compliant DB (not fully implemented yet) |
shown not using function calls. |
Copyright: Platon SDG http://www.platon.sk |
|
|
|
|
TODO: |
|
* zmena hesla/e-mailu usera |
|
* zmazanie usera (suicide) |
|
* moznost nastavit si pocet messages pre kazdeho usera zvlast |
|
* OPTIONS_DIALOG (autorefresh, pagesize, nick, pass, email...all) |
|
* stalost nastaveni uzivatela (cookies?) |
|
* plne implementovat pracu s DB/PEAR |
|
|
|
|
TODO: (see TODO file) |
|
|
External files specification: |
External files specification: |
$message_file :== (<message_line><eoln>)* |
$message_file :== (<message_line><eoln>)* |
|
|
<user_line> :== <username>:<email>:<md5sum_of_password> |
<user_line> :== <username>:<email>:<md5sum_of_password> |
|
|
Database specification: |
Database specification: |
create table messages <unknown for now> |
See "sql/" files. |
|
|
create table users <unknown> |
|
|
|
|
|
Input parameters: |
Input parameters: |
$pagesize - # of messages per page |
$pagesize - # of messages per page |
$page - #th page |
$page - #th page |
$autorefresh - refresh time (secs) |
$autorefresh - refresh time (secs) |
// $admin - user mantainance |
// $admin - user/message mantainance |
$style - message view style (0 = board, 1 = chat) |
$style - message view style (0 = board, 1 = chat) |
$time - message time index |
$time - message time index |
$nick - |
$nick - user nickname |
$pass - |
$pass - password |
$message - |
$message - text of the posted message |
$header - shows only header |
$header - shows only header |
$body - show only body |
$body - show only body |
$bodyframe - target body frame |
$bodyframe - target body frame |
$headerframe - targer header frame |
$headerframe - targer header frame |
$disablepart - Wont show some parts of the whole document |
$disablepart - Wont show some parts of the whole document |
(0 - none, 1 - body, 2 - head, 3 - both) |
(0 - none, 1 - body, 2 - head, 3 - both) |
$setframes - 1 - create frames |
$setframes - 1 - create <framesset> |
0 - disable frames (?? :)) |
0 - disable frames (?? :)) |
|
$frameset - are the frames set? :) |
|
$setframes - do we want to create framewires? |
|
|
$createuser - (internal) |
$createuser - (internal) |
$deleteok - (internal) |
$deleteok - (internal) |
$newnick - (internal) |
$newnick - (internal) |
$archive - archive file prefix |
$archive - archive file prefix |
$archive_no - index of archived file |
$archive_no - index of archived file |
$submit_type |
$submit_type - submit button type |
|
$reply_to - index of message you want to reply (inserts quoted message) |
|
$rootlogin - wether should display the root login dialog |
|
|
CHANGE LOG: |
CHANGE LOG: |
* 4.4 - PEAR basic implementation (not functional fully) |
* 5.4 - "fixed" adduser bug (now ignoring result of flock() :() |
* 4.3 - starting MySQL DB implementation |
- added root login for viewing deleted messages |
* 4.2 - started documentation |
* 5.3 - external CSS file |
- removed autosubmit on nick change |
* 5.2 - added "reply" link |
- changed default autorefresh to 5 mins |
* 5.1 - updated SQL queries |
*FIX* now rawurldecoding username (previously rawurlencoded) |
- sprtinf()-ed and quote()-ed all SQL queries |
* 4.1 - undocumented :) |
- some bug fixes |
|
* 5.0 - DB implementation finished (hopefully) |
|
- now allowing some html tags (specified by (array) $allowed_tags) |
|
- no more dependent on external <framesets>! :) we do the dirty work |
|
ourself (try setting the setframes=1 GET parameter) |
|
* 4.4.2 - 3/4 implementation DB done |
|
* 4.4 - DB/PEAR drafts |
|
- sources moved to CVS |
|
* 4.3 - starting MySQL DB implementation |
|
* 4.2 - started documentation |
|
- removed autosubmit on nick change |
|
- changed default autorefresh to 5 mins |
|
*FIX* now rawurldecoding username (previously rawurlencoded) |
|
* 4.1 - undocumented :) |
*/ |
*/ |
|
|
|
|
// IMPORTANT CONSTANTS (change if needed) |
// IMPORTANT CONSTANTS (change if needed) |
$WB_version = "4.4"; |
$WB_version = "5.2"; |
$WB_name = "Wol's Message Board"; |
$WB_name = "Wol's Message Board"; |
$strip_slashes = 1; |
$strip_slashes = 1; |
$DEFAULT_HEAD_FRAME = ""; |
$DEFAULT_HEAD_FRAME = ""; |
$DEFAULT_BODY_FRAME = ""; |
$DEFAULT_BODY_FRAME = ""; |
|
$css_file = "style.css"; |
$use_virtual_delete = 1; //use delete flagging instead of real delete |
$use_virtual_delete = 1; //use delete flagging instead of real delete |
$root_name = "root"; |
$root_name = "root"; |
$root_md5_password = "896ae34257056a6edb7643e3db85bb21"; |
$root_md5_password = "896ae34257056a6edb7643e3db85bb21"; |
|
|
// Filesystem defaults |
// Filesystem defaults |
$message_file = "board_messages.txt"; |
$message_file = "messages.dat"; |
$user_file = "board_emails.txt"; |
$user_file = "users.dat"; |
$move_old_mesages = 1; |
$move_old_mesages = 1; |
$old_messages_folder = "history/"; |
$old_messages_folder = "history/"; |
$hist_file_prefix = "board_hist_file_"; // used in REGEXPs! alphabeticals only |
$hist_file_prefix = "board_hist_file_"; // used in REGEXPs! alphabeticals only |
|
|
$use_db = 0; |
$use_db = 0; |
$db_message_table = "wolboard_messages"; |
$db_message_table = "wolboard_messages"; |
$db_user_table = "wolboard_users"; |
$db_user_table = "wolboard_users"; |
$db_host = "db.host.sk"; |
//$db_host = "db.host.sk"; |
|
$db_host = "localhost"; |
$db_database = "syndrome"; |
$db_database = "syndrome"; |
$db_user = "syndrome";// THIS HAS TO BE CHANGED TO "syndrome" |
$db_user = ""; |
$db_pass = "kofola"; |
$db_pass = ""; |
|
|
|
$allowed_tags = array( |
|
"<b>", "</b>", |
|
"<i>", "</i>", |
|
"<u>", "</u>", |
|
"<del>", "</del>", |
|
"©" |
|
); |
|
|
|
|
// FUNCTIONS |
// FUNCTIONS |
|
|
function good($a) { |
function good($a) { |
return (isset($a) |
return (isset($a) |
&& ( |
&& ( |
|
|
(!is_string($a) && ($a != 0)) |
(!is_string($a) && ($a != 0)) |
) |
) |
); |
); |
} |
} // good($a) |
|
|
function link_replace($link, $paramname, $paramvalue) { |
function link_replace($link, $paramname, $paramvalue) { |
$link = eregi_replace("&$", "", $link); |
$link = eregi_replace("&$", "", $link); |
$link = eregi_replace("&?$paramname=[^&]*", "", $link); |
$link = eregi_replace("&?$paramname=[^&]*", "", $link); |
if ($paramvalue) |
if ($paramvalue) |
$link .= "&$paramname=$paramvalue"; |
$link .= "&$paramname=$paramvalue"; |
return $link; |
return $link; |
} |
} // link_replace($link, $paramname, $paramvalue) |
|
|
function show_array($a) { |
function show_array($a) { |
echo "<table border=1>\n"; |
echo "<table border=1>\n"; |
|
|
for($i = 0; $i < sizeof($a); $i++) { |
for($i = 0; $i < sizeof($a); $i++) { |
echo "<tr>\n"; |
echo "<tr>\n"; |
echo "<td>"; |
echo "<td>"; |
echo $keys[$i]."</td>\n<td>"; |
echo $keys[$i] . "</td>\n<td>"; |
|
|
if ((is_array($a[$keys[$i]])) && ($keys[$i] !== "GLOBALS")) { |
if ((is_array($a[$keys[$i]])) && ($keys[$i] !== "GLOBALS")) { |
show_array($a[$keys[$i]]); |
show_array($a[$keys[$i]]); |
|
|
echo "</td>\n</tr>\n"; |
echo "</td>\n</tr>\n"; |
} |
} |
echo "</table>"; |
echo "</table>"; |
} |
} // show_array($a) |
|
|
function array_copy($a, $i, $n = "x") { |
function array_copy($a, $i, $n = "x") { |
if (($n == "x") || ($n > (sizeof($a) - $i))) |
if (($n == "x") || ($n > (sizeof($a) - $i))) |
$n = sizeof($a) - $i; |
$n = sizeof($a) - $i; |
|
|
for($j = 0; $j < $n; $j++) { |
for($j = 0; $j < $n; $j++) { |
$ret[$j] = $a[$j + $i]; |
$ret[$j] = $a[$j + $i]; |
} |
} |
|
|
return $ret; |
return $ret; |
} |
} // array_copy($a, $i, $n = "x") |
|
|
function array_chunk($a, $n) { |
function array_chunk($a, $n) { |
if (!is_array($a)) |
if (!is_array($a)) |
|
|
$ret[$i] = array_copy($a, $i*$n, $n); |
$ret[$i] = array_copy($a, $i*$n, $n); |
} |
} |
return $ret; |
return $ret; |
} |
} // array_chunk($a, $n) |
|
|
function w_chk($n, $v) { |
function w_chk($n, $v) { |
return ($v?"$n=$v&":""); |
return ($v ? "$n=$v&" : ""); |
} |
} // w_chk($n, $v) |
|
|
function create_link() { |
function create_link() { |
global $pagesize, $page, $autorefresh, $admin, $style, |
global $pagesize, $page, $autorefresh, $admin, $style, |
$time, $nick, $pass, $message, $createuser, $deleteok, |
$time, $nick, $pass, $message, $createuser, $deleteok, |
$autorefresh, $disablepart, $frameset, $headframe, |
$autorefresh, $disablepart, $frameset, $headframe, |
$bodyframe, $archive, $archive_no; |
$bodyframe, $archive, $archive_no; |
return eregi_replace("&$", "", |
return eregi_replace("&$", "", |
w_chk("nick", $nick). |
w_chk("nick", $nick) . |
w_chk("pagesize", $pagesize). |
w_chk("pagesize", $pagesize) . |
w_chk("page", $page). |
w_chk("page", $page) . |
// w_chk("time", $time). |
// w_chk("time", $time) . |
// w_chk("pass", $pass). |
// w_chk("pass", $pass) . |
// w_chk("message", $message). |
// w_chk("message", $message) . |
// w_chk("deleteok", $deleteok). |
// w_chk("deleteok", $deleteok) . |
// w_chk("createuser", $createuser). |
// w_chk("createuser", $createuser) . |
// w_chk("newnick", $newnick). |
// w_chk("newnick", $newnick) . |
w_chk("autorefresh", $autorefresh). |
w_chk("autorefresh", $autorefresh) . |
w_chk("style", $style). |
w_chk("style", $style) . |
w_chk("admin", $admin). |
w_chk("admin", $admin) . |
w_chk("disablepart", $disablepart). |
w_chk("disablepart", $disablepart) . |
w_chk("frameset", $frameset). |
w_chk("frameset", $frameset) . |
w_chk("headframe", $headframe). |
w_chk("headframe", $headframe) . |
w_chk("bodyframe", $bodyframe). |
w_chk("bodyframe", $bodyframe) . |
w_chk("archive", $archive). |
w_chk("archive", $archive) . |
w_chk("archive_no", $archive_no) |
w_chk("archive_no", $archive_no) |
); |
); |
} |
} // create_link() |
|
|
|
function split_url_vars($s) { |
|
$a = explode('&', $s); |
|
$i = 0; |
|
$s = array(); |
|
while ($i < sizeof($a)) { |
|
$b = explode('=', $a[$i]); |
|
$s[htmlspecialchars(urldecode($b[0]))] = |
|
htmlspecialchars(urldecode($b[1])); |
|
$i++; |
|
} |
|
return $s; |
|
} // split_url_vars($s) |
|
|
|
function create_hidden_inputs($a, $val = 0) { |
|
if (is_array($a)) { |
|
$k = array_keys($a); |
|
$ret = ''; |
|
for($i = 0; $i < sizeof($a); $i++) { |
|
$ret .= "<input type=hidden name=\"$k[$i]\" ". |
|
"value=\"" . $a[$k[$i]] . "\">\n"; |
|
} |
|
return $ret; |
|
} |
|
else { |
|
return "<input type=hidden name=\"$a\" value=\"$val\">\n"; |
|
} |
|
} // create_hidden_inputs($a); |
|
|
|
function create_reply($msg_arr) { |
|
/* |
|
$msg_arr keys: time, name, message, email |
|
*/ |
|
$quote_string = "> "; |
|
$ret = $msg_arr["name"] . |
|
" (" . |
|
format_time($msg_arr["time"]) . |
|
")<br>\n$quote_string" . |
|
eregi_replace("\n", "\n$quote_string", $msg_arr["message"]) . |
|
"<br>"; |
|
return $ret; |
|
} // create_reply($msg_arr) |
|
|
function wait_read_lock($f, $max_wait = 9999) { |
function wait_read_lock($f, $max_wait = 9999) { |
$start = time(); |
$start = time(); |
while ((!flock($f, 1)) && ($start + $max_wait < time())) |
while ((!flock($f, 1)) && ($start + $max_wait < time())) |
sleep(1); |
sleep(1); |
return ($start + $max_wait < time())? |
return ($start + $max_wait < time()); |
1:0; |
} // wait_read_lock($f, $max_wait = 9999) |
} |
|
|
|
function wait_write_lock($f, $max_wait = 9999) { |
function wait_write_lock($f, $max_wait = 9999) { |
$start = time(); |
$start = time(); |
while ((!flock($f, 2)) && ($start + $max_wait < time())) |
while ((!flock($f, 2)) && ($start + $max_wait < time())) |
sleep(1); |
sleep(1); |
} |
return ($start + $max_wait < time()); |
|
} // wait_write_lock($f, $max_wait = 9999) |
|
|
function release_lock($f) { |
function release_lock($f) { |
flock($f, 3); |
flock($f, 3); |
return 1; |
return 1; |
} |
} // release_lock($f) |
|
|
function show_options($optnames, $optvalues, $selected) { |
function show_options($optnames, $optvalues, $selected) { |
if (!is_array($optvalues)) |
if (!is_array($optvalues)) |
|
|
for($i = 0; $i < sizeof($optvalues); $i++) { |
for($i = 0; $i < sizeof($optvalues); $i++) { |
$ret .= "<option"; |
$ret .= "<option"; |
if (good($optvalues[$i])) { |
if (good($optvalues[$i])) { |
$ret .= " value=".$optvalues[$i]; |
$ret .= " value=" . $optvalues[$i]; |
if ($optvalues[$i] == $selected) { |
if ($optvalues[$i] == $selected) { |
$found++; |
$found++; |
$ret .= " selected"; |
$ret .= " selected"; |
|
|
if ((!$found) && ($selected != "")) |
if ((!$found) && ($selected != "")) |
$ret .= "<option value=$selected selected>Custom</option>\n"; |
$ret .= "<option value=$selected selected>Custom</option>\n"; |
echo $ret; |
echo $ret; |
} |
} // show_options($optnames, $optvalues, $selected) |
|
|
function get_user($str, $i = 0) { |
function get_user($str, $i = 0) { |
$tmp = strtok(trim($str), ":"); |
$tmp = strtok(trim($str), ":"); |
|
|
else |
else |
// (0) from $USER_FILE |
// (0) from $USER_FILE |
return $tmp; |
return $tmp; |
} |
} // get_user($str, $i = 0) |
|
|
function get_users($usr_file, $use_db = 0, $db_conn = 0) { |
function get_users($usr_file, $use_db = 0, $db_conn = 0) { |
if ($use_db) |
if (!$use_db) { |
// Working with files |
// Working with files |
$fp = fopen($usr_file, "r"); |
$fp = fopen($usr_file, "r"); |
wait_read_lock($fp); |
wait_read_lock($fp); |
|
|
} |
} |
else { |
else { |
// Working with DB |
// Working with DB |
$res = $db_conn->query("select nick from $usr_file where nick <> ''"); |
// $usr_file stores Table name |
|
if (!$db_conn) |
|
return false; |
|
|
|
$sql = "SELECT nick FROM $usr_file"; |
|
$res = $db_conn->query($sql); |
|
|
|
if (DB::isError($res)) |
|
return false; |
|
|
$i = 0; |
$i = 0; |
while ($tmp = $res->fetchRow()) { |
while ($tmp = $res->fetchRow()) { |
$ret[$i] = $tmp[0]; |
$ret[$i++] = $tmp["nick"]; |
$i++; |
|
} |
} |
$db_conn->free; |
|
|
$res->free(); |
return $ret; |
return $ret; |
} |
} |
} |
} // get_users($usr_file, $use_db = 0, $db_conn = 0) |
|
|
function format_time($time, $style = 0) { |
function format_time($time, $style = 0) { |
switch($style) { |
switch($style) { |
case 1: |
case 1: |
|
|
default: |
default: |
return date("H:i:s - d. M Y", $time); |
return date("H:i:s - d. M Y", $time); |
} |
} |
} |
} // format_time($time, $style = 0) |
|
|
function get_time($str) { |
function get_time($str) { |
return strtok(trim($str), ":"); |
return strtok(trim($str), ":"); |
} |
} // get_time($str) |
|
|
function get_pass($str) { |
function get_pass($str) { |
return rawurldecode(trim(strtr(strrchr($str, ":"), ":", ";"))); |
return rawurldecode(trim(strtr(strrchr($str, ":"), ":", " "))); |
} |
} // get_pass($str) |
|
|
function get_email($str) { |
function get_email($str) { |
if (ereg("[^:]*:([^:]*):", $str, $regs)) |
if (ereg("[^:]*:([^:]*):", $str, $regs)) |
return $regs[1]; |
return $regs[1]; |
else |
else |
return ""; |
return ""; |
} |
} // get_email($str) |
|
|
function write_mail($usr_file, $user, $mail = "", $pass = "", $use_db = 0, $db_conn) { |
function write_mail($usr_file, $user, $mail = '', $pass = '', $root_name = '', $use_db = 0, $db_conn) { |
$pass = md5(rawurlencode($pass)); |
$pass = md5(rawurlencode($pass)); |
|
if ($user == $root_name) |
|
return false; |
if (!$use_db) { |
if (!$use_db) { |
// Working with files |
// Working with files |
$fp = fopen($usr_file, "a"); |
$fp = fopen($usr_file, "a"); |
|
wait_write_lock($fp); |
|
/* |
|
// this should work, but doesn't :((( |
|
// won't use this shitty file locking mechanism |
if (!wait_write_lock($fp)) |
if (!wait_write_lock($fp)) |
return false; |
return false; |
fwrite($fp, strtr($user, ":", ";").":".strtr($mail, ":", ";"). |
*/ |
":".$pass."\n"); |
fwrite($fp, strtr($user, ":", ";") . ":" . strtr($mail, ":", ";") . |
|
":" . $pass . "\n"); |
release_lock($fp); |
release_lock($fp); |
fclose($fp); |
fclose($fp); |
return true; |
return true; |
} |
} |
else { |
else { |
// Working with DB |
// Working with DB |
$user = addslashes($user); |
if (!$db_conn) |
$mail = addslashes($mail); |
return false; |
$res = $db_conn->query("insert into $usr_file values". |
|
"('$user', '$mail', '$pass', '', '', '')");//!!!TODO |
$sql = sprintf("INSERT INTO %s (nick, email, pass) VALUES (%s, %s, %s)", |
return (DB::isError($res)); |
$usr_file, $db_conn->quote($user), |
|
$db_conn->quote($mail), $db_conn->quote($pass)); |
|
|
|
$res = $db_conn->query($sql); |
|
|
|
return !(DB::isError($res)); |
} |
} |
} |
} // write_mail($usr_file, $user, $mail = "", $pass = "", $use_db = 0, $db_conn) |
|
|
function change_mail($usr_file, $user, $newmail = "", $pass = "", |
function change_mail($usr_file, $user, $newmail = "", $pass = "", |
$use_db = 0, $db_conn = 0) { |
$use_db = 0, $db_conn = 0) { |
function set_mail($usr_line, $newmail) { |
function set_mail($usr_line, $newmail) { |
$ret = strtok($usr_line, ":"); |
$ret = strtok($usr_line, ":"); |
strtok(":"); |
strtok(":"); |
$ret .= $newmail.":".strtok(":"); |
$ret .= $newmail . ":" . strtok(":"); |
return $ret; |
return $ret; |
} |
} |
|
|
//check if valid data is sent |
|
//we dont want to run for now |
|
if (true)//!!!!!!!! |
|
return 0; |
|
|
|
if (!$use_db) { |
if (!$use_db) { |
|
//check if valid data is sent |
|
//we dont want to run for now |
|
if (true)//!!!!!!!! |
|
return 0; |
|
|
// Using files |
// Using files |
$fp = fopen($usr_file, "w+"); |
$fp = fopen($usr_file, "w+"); |
wait_write_lock($fp); |
wait_write_lock($fp); |
|
|
} |
} |
$i++; |
$i++; |
} |
} |
|
|
if ($found) { |
if ($found) { |
fwrite($fp, $u); |
fwrite($fp, $u); |
release_lock($fp); |
release_lock($fp); |
fclose($fp); |
fclose($fp); |
return 1; |
return 1; |
} |
} |
else |
else |
return 0; |
return 0; |
} |
} |
else { |
else { |
// Using DB |
// Using DB |
//!!!TODO |
if (!$db_conn) |
// "update $usr_file set mail = '$newmail' where name = '$user' and pass = '$pass'" |
return false; |
return 0; |
|
|
$sql = sprintf("UPDATE %s SET mail = %s WHERE name = %s AND pass = %s", |
|
$usr_file, $db_conn->quote($newmail), |
|
$db_conn->quote($user), $db_conn->quote($pass)); |
|
$res = $db_conn->query($sql); |
|
|
|
return !(DB::isError($res)); |
} |
} |
} |
} |
|
|
function delete_mail($usr_file, $user = "", $mail = "", $pass = "", |
function delete_mail($usr_file, $user = "", $mail = "", $pass = "", |
$use_db = 0, $db_conn = 0) { |
$use_db = 0, $db_conn = 0) { |
//!!!! TODO |
|
if (!$use_db) { |
if (!$use_db) { |
|
//!!!! TODO |
// Use files |
// Use files |
return 0; |
return false; |
} |
} |
else { |
else { |
// Use DB |
// Use DB |
// "update $usr_file set mail = ''". |
if (!$db_conn) |
// where name = '$user' and pass = '$pass' and mail = '$mail'" |
return false; |
return 0; |
|
|
$sql = sprintf("UPDATE %s SET mail = '' WHERE ". |
|
"name = %s AND pass = %s AND mail = %s", |
|
$usr_file, $db_conn->quote($user), |
|
$db_conn->quote($pass), $db_conn->quote($mail)); |
|
$res = $db_conn->query($sql); |
|
|
|
return !(DB::isError($res)); |
} |
} |
} |
} |
|
|
function get_emails($usr_file, $use_db = 0, $db_conn = 0) { |
function get_emails($usr_file, $use_db = 0, $db_conn = 0) { |
if (!$use_db) { |
if (!$use_db) { |
// Use files |
// Use files |
|
|
$f = file($usr_file); |
$f = file($usr_file); |
for($i = 0; $i < sizeof($f); $i++) |
for($i = 0; $i < sizeof($f); $i++) |
$ret[get_user($f[$i], 0)] = get_email($f[$i]); |
$ret[get_user($f[$i], 0)] = get_email($f[$i]); |
|
|
release_lock($fp); |
release_lock($fp); |
return $ret; |
return $ret; |
} |
} |
else { |
else { |
// Use DB |
// Use DB |
// TODO |
if (!$db_conn) |
// "select * from $usr_file where status = 1" |
return false; |
return ""; |
|
|
$sql = sprintf("SELECT nick, email FROM %s", $usr_file); |
|
$res = $db_conn->query($sql); |
|
if (DB::isError($res)) |
|
return false; |
|
|
|
while ($row = $res->fetchRow()) { |
|
$rows[$row["nick"]] = $row["email"]; |
|
} |
|
|
|
$res->free(); |
|
|
|
return $rows; |
} |
} |
} |
} // get_emails($usr_file, $use_db = 0, $db_conn = 0) |
|
|
function read_messages($msg_file, $usr_file, $full = 0, $use_db = 0, |
function read_messages($msg_file, $usr_file, $full = 0, $use_db = 0, |
$db_messages = 0, $db_users = 0) { |
$db_conn = 0) { |
if (!$use_db) { |
if (!$use_db) { |
$mails = get_emails($usr_file, 0); |
$mails = get_emails($usr_file, 0); |
$mfp = fopen($msg_file, "r"); |
$mfp = fopen($msg_file, "r"); |
|
|
} |
} |
else { |
else { |
// Use DB |
// Use DB |
if ($full) |
if (!$db_conn) |
$q = board_db_query("select autor_id, ". |
return false; |
"text, created from $msg_file"); |
|
else |
$sql = sprintf("SELECT author_id, created AS time, " . |
$q = board_db_query("select autor_id, ". |
"text AS message FROM %s", $msg_file); |
"text, created from $msg_file where flags = 0"); |
if (!$full) |
// TODO |
$sql .= " WHERE flags = 0"; |
|
|
|
$res = $db_conn->query($sql); |
|
if (DB::isError($res)) |
|
return false; |
|
|
|
$j = 0; |
|
while ($row = $res->fetchRow()) { |
|
$authors[$row["author_id"]][] = $j; |
|
$t = $row["time"]; |
|
|
|
$row["time"] = mktime( |
|
$row["time"][8] . $row["time"][9], |
|
$row["time"][10] . $row["time"][11], |
|
$row["time"][12] . $row["time"][13], |
|
$row["time"][4] . $row["time"][5], |
|
$row["time"][6] . $row["time"][7], |
|
$row["time"][0] . $row["time"][1] . |
|
$row["time"][2] . $row["time"][3] |
|
); |
|
|
|
$row["message"] = rawurldecode($row["message"]); |
|
$messages[$j++] = $row; |
|
} |
|
$res->free; |
|
|
|
$sql = sprintf("SELECT id, nick AS name, email FROM %s", $usr_file); |
|
if (is_array($authors)) { |
|
$sql .= " WHERE"; |
|
$ids = array_keys($authors); |
|
for ($i = 0;;) { |
|
$sql .= " id = '" . $db_conn->quote($ids[$i]) . "'"; |
|
|
|
if ($i < sizeof($ids)) |
|
break; |
|
|
|
if ((++$i) < sizeof($ids)) |
|
$sql .= " OR"; |
|
} |
|
} |
|
|
|
$res = $db_conn->query($sql); |
|
|
|
if (DB::isError($res)) |
|
return false; |
|
|
|
while ($row = $res->fetchRow()) |
|
for ($i = 0; $i < sizeof($authors[$row["id"]]); $i++) { |
|
$messages[$authors[$row["id"]][$i]]["name"] = rawurldecode($row["name"]); |
|
$messages[$authors[$row["id"]][$i]]["email"] = $row["email"]; |
|
} |
|
|
|
$res->free(); |
|
|
|
return $messages; |
} |
} |
} |
} |
|
|
|
|
return false; |
return false; |
else |
else |
return true; |
return true; |
} |
} // need_to_split($a, $max, $min) |
|
|
function split_messages_to_more_files($msgs, $max_len, $min_len, |
function split_messages_to_more_files($msgs, $max_len, $min_len, |
$hist_dir, $hist_file_prefix = "board_hist_file_", $index_style = 0) { |
$hist_dir, $hist_file_prefix = "board_hist_file_", $index_style = 0) { |
|
|
$new_index = ++$i; |
$new_index = ++$i; |
break; |
break; |
} |
} |
|
|
for($i = 0; $i < (sizeof($full) - 1); $i++) { |
for($i = 0; $i < (sizeof($full) - 1); $i++) { |
$new_file = $hist_dir.$hist_file_prefix.($new_index + $i); |
$new_file = $hist_dir . $hist_file_prefix . ($new_index + $i); |
$fp = fopen($new_file, "a"); |
$fp = fopen($new_file, "a"); |
wait_write_lock($fp); |
wait_write_lock($fp); |
fwrite($fp, implode($full[$i], "")); |
fwrite($fp, implode($full[$i], "")); |
release_lock($fp); |
release_lock($fp); |
} |
} |
$msgs = $full[sizeof($full) - 1]; |
$msgs = $full[sizeof($full) - 1]; |
|
|
return $msgs; |
return $msgs; |
} |
} |
|
|
function write_message($msg_file, $user = "Anonym", $text = "<no message>", |
function validate_message($message, $allowed_tags) { |
$time = 0, $old_messages_folder, $max_msgs_in_one_file, |
$message = trim($message); |
$min_msgs_in_board, $hist_file_prefix, $use_db = 0, $db_conn = 0) { |
//some fun :) |
|
$message = ereg_replace("ignor[^a-zA-Z]*", "igno-what? © Wol ", $message); |
|
$message = rawurlencode(nl2br(htmlspecialchars($message))); |
|
|
|
for ($i = 0; $i < sizeof($allowed_tags); $i++) { |
|
$message = str_replace( |
|
rawurlencode(htmlspecialchars($allowed_tags[$i])), |
|
$allowed_tags[$i], |
|
$message |
|
); |
|
} |
|
|
|
return $message; |
|
} // validate_message($message, $allowed_tags) |
|
|
|
function write_message($msg_file, $usr_file, $user = "Anonym", $text = "<no message>", |
|
$time = 0, $old_messages_folder, $max_msgs_in_one_file, $min_msgs_in_board, |
|
$hist_file_prefix, $allowed_tags, $use_db = 0, $db_conn = 0) { |
|
|
if (($time == 0) || !ereg("^[0-9]*$", $time)) |
if (($time == 0) || !ereg("^[0-9]*$", $time)) |
$time = time(); |
$time = time(); |
$user = rawurlencode($user); |
$text = validate_message($text, $allowed_tags); |
$text = trim($text); |
|
$text = str_replace("ignorant", "ign-co? (c) Wol", $text); //some fun :) |
|
if ($text[0] == '*') // this is used as the deleted flag prefix |
|
$text = " ".$text; |
|
|
|
if (!$use_db) { |
if (!$use_db) { |
// Use files |
// Use files |
$new_msg = |
$user = rawurlencode($user); |
$time.":". |
if ($text[0] == '*') // this is used as the deleted flag prefix |
$user.":". |
$text = " " . $text; |
rawurlencode(nl2br(htmlspecialchars($text)))."\n"; |
$new_msg = |
|
"$time:$user:$text\n"; |
$msgs = file($msg_file); |
$msgs = file($msg_file); |
$msgs[] = $new_msg; |
$msgs[] = $new_msg; |
|
|
if (need_to_split($msgs, $max_msgs_in_one_file, $min_msgs_in_board)) { |
if (need_to_split($msgs, $max_msgs_in_one_file, |
|
$min_msgs_in_board)) { |
$fp = fopen($msg_file, "w"); |
$fp = fopen($msg_file, "w"); |
wait_write_lock($fp); |
wait_write_lock($fp); |
sort($msgs); |
sort($msgs); |
|
|
wait_write_lock($fp); |
wait_write_lock($fp); |
fwrite($fp, $new_msg); |
fwrite($fp, $new_msg); |
} |
} |
|
|
release_lock($fp); |
release_lock($fp); |
fclose($fp); |
fclose($fp); |
return 1; |
return 1; |
} |
} |
else { |
else { |
// Use DB |
// Use DB |
// TOdO |
// $msg_file stores Message Table name |
// "insert into $msg_file values (". |
if (!$db_conn) |
// "'$user', '$text', '$time', '', '')" |
return false; |
return 0; |
|
|
// get the authors id |
|
$sql = sprintf("SELECT id FROM %s WHERE nick=%s", |
|
$usr_file, $db_conn->quote($user)); |
|
$author_id = $db_conn->getOne($sql); |
|
|
|
if (DB::isError($author_id)) |
|
return false; |
|
|
|
/* |
|
$row = $res->fetchRow(); |
|
$res->free(); |
|
$author_id = $row["id"]; |
|
*/ |
|
|
|
$sql = sprintf("INSERT INTO %s (author_id, created, text) VALUES " . |
|
"(%s, sysdate(), %s)", |
|
$msg_file, $db_conn->quote($author_id), $db_conn->quote($text)); |
|
$res = $db_conn->query($sql); |
|
|
|
return !(DB::isError($res)); |
} |
} |
} |
} |
|
|
|
|
function delete_message($msg_file, $usr_file, $user, $time, $pass, |
function delete_message($msg_file, $usr_file, $user, $time, $pass, |
$use_virtual_delete, $use_db = 0, $db_messages = 0, $db_users = 0) { |
$use_virtual_delete, $use_db = 0, $db_conn = 0) { |
if (!$use_db) { |
if (!$use_db) { |
// Use files |
// Use files |
$found = false; |
$found = false; |
|
|
} |
} |
else |
else |
$found = true; |
$found = true; |
|
|
if (!$found) |
if (!$found) |
return 1; |
return 1; |
|
|
if (!(($user == "") && ($pass == ""))) |
if (!(($user == "") && ($pass == ""))) |
if (get_pass($p[--$i]) != md5($pass)) |
if (get_pass($p[--$i]) != md5($pass)) |
return 2; |
return 2; |
|
|
$fp = fopen($msg_file, "r"); |
$fp = fopen($msg_file, "r"); |
wait_read_lock($fp); |
wait_read_lock($fp); |
$f = file($msg_file); |
$f = file($msg_file); |
|
|
else |
else |
$f = array(); |
$f = array(); |
} |
} |
|
|
// we supppose the array to be sorted (sorting while insert) |
// we supppose the array to be sorted (sorting while insert) |
//sort($f); |
//sort($f); |
|
|
release_lock($fp); |
release_lock($fp); |
|
|
$fp = fopen($msg_file, "w"); |
$fp = fopen($msg_file, "w"); |
wait_write_lock($fp); |
wait_write_lock($fp); |
if (is_array($f)) |
if (is_array($f)) |
fwrite($fp, trim(implode($f, ""))."\n"); |
fwrite($fp, trim(implode($f, "")) . "\n"); |
else |
else |
if (trim($f) != "") |
if (trim($f) != "") |
fwrite($fp, trim($f)."\n"); |
fwrite($fp, trim($f) . "\n"); |
release_lock($fp); |
release_lock($fp); |
fclose($fp); |
fclose($fp); |
|
|
return 0; |
return 0; |
} |
} |
else { |
else { |
// Use DB |
// Use DB |
// TODO |
if (!$db_conn) |
// if ! "select count(*) from $usr_file where name = '$user' and pass = '$pass'" |
return false; |
// if $use_virtual_delete |
|
// "select message, id from $msg_file where name = '$user' and time='$time'" |
$pass = md5($pass); |
// else |
$time = date("YmdHis", $time); |
// "delete from $msg_file where name = '$user' and time='$time'" |
|
return -1; |
$sql = sprintf("SELECT id FROM %s WHERE nick=%s AND pass=%s", |
|
$usr_file, $db_conn->quote($user), $db_conn->quote($pass)); |
|
$author_id = $db_conn->getOne($sql); |
|
|
|
if (DB::isError($author_id)) |
|
return 2; // wrong password (or no such user) |
|
|
|
switch($use_virtual_delete) { |
|
case true: |
|
$sql = sprintf("SELECT id FROM %s WHERE flags=1 AND author_id=%s " . |
|
"AND created=%s", |
|
$msg_file, $db_conn->quote($author_id), $db_conn->quote($time)); |
|
$res = $db_conn->query($sql); |
|
|
|
if (DB::isError($res)) |
|
return false; |
|
|
|
if ($res->numRows() == 0) { |
|
$res->free(); |
|
$sql = sprintf("UPDATE %s SET created=%s, deleted=sysdate(), " . |
|
"flags=1 WHERE author_id = %s AND created=%s", |
|
$msg_file, $db_conn->quote($time), |
|
$db_conn->quote($author_id), $db_conn->quote($time)); |
|
break; |
|
} |
|
// else continue to hard delete |
|
case false: |
|
$sql = sprintf("DELETE FROM %s WHERE author_id=%s AND created=%s", |
|
$msg_file, $db_conn->quote($author_id), $db_conn->quote($time)); |
|
} |
|
//echo "!@#$sql#@!"; |
|
$res = $db_conn->query($sql); |
|
|
|
if (DB::isError($res)) |
|
return 4; // unknown error (or No such message) |
|
else |
|
return 0; |
} |
} |
} |
} |
|
|
function show_data_form($user_file, $self, $nick, |
function show_root_login_form($rootnick, $user_nick = '') { |
|
global $self; |
|
echo "\n<center><h3><b>Admin login</b></h3><br><br>"; |
|
echo "\n<center>\n<form name=rootlogin method=get action=$self>\n"; |
|
echo create_hidden_inputs(split_url_vars(link_replace(link_replace(create_link(), 'nick', $rootnick), 'newnick', $user_nick))); |
|
echo "<table align=center>\n"; |
|
echo "\t\n<tr>\n\t\t<td>Password:</td><td><input type=password name=pass></td></tr>\n"; |
|
echo "\t\n<tr>\n\t\t<td colspan=2 align=center><input type=submit name=submit_type value=Login>\n</td></tr>\n"; |
|
echo "\t<tr><td align=center colspan=2><a href=$self?" . |
|
create_link() . |
|
">cancel</a></td></tr>\n"; |
|
echo "</table>\n"; |
|
echo "</form>\n</center>\n"; |
|
} // show_root_login_form($rootnick, $user_nick) |
|
|
|
function show_data_form($user_file, $self, $nick, $message, |
$style, $WB_name, $autorefresh, $pagesize, $use_db = 0, $db_conn = 0) { |
$style, $WB_name, $autorefresh, $pagesize, $use_db = 0, $db_conn = 0) { |
|
// TODO !!!!!! |
global $headframe; |
global $headframe; |
global $bodyframe; |
global $bodyframe; |
global $show_body; |
global $show_body; |
global $frameset; |
global $frameset; |
?> |
?> |
<center> |
<center> |
<font color="#C0C0C0" face="Courier" size=5><b><?echo $WB_name?></b></font><br> |
<h3><?echo $WB_name?></h3> |
Current time is <?echo format_time(time())?>. |
Current time is <?echo format_time(time())?>. |
<br> |
<br> |
<table border=0> |
<table border=0> |
<form name=data method=POST action="<? |
<form name=data method=GET action="<?echo "$self"?>" target="<?echo $bodyframe?>"> |
echo "$self?"; |
<? |
$tmp = link_replace(create_link(), "page", ""); |
$tmp = link_replace(create_link(), 'page', ''); |
if (good($frameset)) |
if (good($frameset)) |
$tmp = link_replace($tmp, "disablepart", "2"); |
$tmp = link_replace($tmp, 'disablepart', '2'); |
echo $tmp; |
echo create_hidden_inputs(split_url_vars($tmp)); |
?>" target="<?echo $bodyframe?>"> |
?> |
<tr> |
<tr> |
<td align=center valign=middle rowspan=3> |
<td align=center valign=middle rowspan=3> |
<textarea name="message" cols=30 rows=5></textarea></td> |
<textarea name="message" cols=40 rows=<? |
<td align=center valign=middle><font face="Arial" color=#ffcc00 size=3>Nick</font></td> |
echo (sizeof(explode("\n",$message)) + 5)?>><?echo $message?></textarea></td> |
|
<td align=center valign=middle>Nick</td> |
<td align=left valign=middle> |
<td align=left valign=middle> |
<select name="nick"> |
<select name="nick"> |
<option value="Anonym"><choose></option> |
<option value="Anonym"><choose></option> |
<? |
<? |
|
$nicknames = get_users($user_file, $use_db, $db_conn); |
$nicknames = get_users($user_file $use_db, $db_conn); |
|
sort($nicknames); |
if (good($nicknames)) { |
show_options( |
sort($nicknames); |
$nicknames, |
show_options( |
$nicknames, |
$nicknames, |
$nick); |
$nicknames, |
|
$nick); |
|
} |
|
|
|
unset($nicknames); |
?> |
?> |
</select> |
</select> |
</td> |
</td> |
</tr> |
</tr> |
<tr> |
<tr> |
<td valign=middle align=center colspan=2 rowspan=1><input type=submit name=submit_type value="Send"<? |
<td valign=middle align=center colspan=1 rowspan=1><input type=submit name=submit_type value="Send"<? |
echo "showing=$show_body"; |
// TODO redo the JS inline function (it doesn't clear the memo now) |
if (!$show_body) //!!!!!!!!!!!!TOTO NEJDE - JS clearovanie textarea v combo prikaze, aspon nie v tomto zdrojaku :( |
if (!$show_body) |
echo " onClick=\"javascript:submit();message.value=''\""; |
echo " onClick=\"javascript:submit();message.value=''\""; |
|
|
?>></td> |
?>></td> |
|
<td align=center> |
|
<a href="<?echo $self . "?" . link_replace(create_link(), "createuser", "1")?>">New nick</a> |
|
</td> |
</tr> |
</tr> |
<tr></tr> |
<tr></tr> |
<tr> |
<tr> |
<td align=center> |
|
<a href="<?echo $self."?".link_replace(create_link(), "createuser", "1")?>">New nick</a> |
|
</td> |
|
<td align=right><? |
<td align=right><? |
if (!$style) |
if (!$style) |
echo "Board\t /</td><td><a href=$self?". |
echo "Board /</td><td><a href=$self?" . |
link_replace(create_link(), "style", "1").">Chat</a></td>"; |
link_replace(create_link(), "style", "1") . ">Chat</a></td>"; |
else |
else |
echo "<a href=$self?".link_replace(create_link(), "style", "0"). |
echo "<a href=$self?" . link_replace(create_link(), "style", "0") . |
">Board</a> /</td><td>Chat</td>"; |
">Board</a> /</td><td>Chat</td>"; |
?> |
?> |
</tr> |
</tr> |
<tr> |
<tr> |
<td align=center colspan=1>Autorefresh time: |
<td align=center colspan=1>Autorefresh time: |
<select name=autorefresh onChange="javascript:form.submit()"> |
<select name=autorefresh onChange="javascript:form.submit()"> |
<? |
<? |
show_options( |
show_options( |
array("10 secs","30 secs", "1 min", "5 min", "10 min", "30 min", "infinite"), |
array("10 secs", "30 secs", "1 min", "5 min", "10 min", "30 min", "infinite"), |
array("10", "30", "60", "300", "600", "1800", "999999999"), |
array("10", "30", "60", "300", "600", "1800", "999999999"), |
$autorefresh); |
$autorefresh); |
?> |
?> |
</select> |
</select> |
</td><td align=center colspan=1>Page size: |
</td><td align=center colspan=1>Page size: |
<select name=pagesize onChange="javascript:form.submit()"> |
<select name=pagesize onChange="javascript:form.submit()"> |
<? |
<? |
show_options( |
show_options( |
array("10", "25", "50", "100", "all"), |
array("10", "25", "50", "100", "all"), |
array("10", "25", "50", "100", "999999"), |
array("10", "25", "50", "100", "999999"), |
$pagesize); |
$pagesize); |
?> |
?> |
</select> |
</select> |
</td><td align=center><a href="boardframes.html" target=_top>Switch </a><a href="boardframes.html" target=_blank>to</a> <a href="boardframes.html" target=_parent>frames</a></td> |
</td> |
|
<td align=center> |
|
<a href="<? |
|
echo "$self?" . link_replace(link_replace(create_link(), "setframes", 1), "disablepart", 3); |
|
?>" target=_top>Switch to frames</a> <font size=-3><a href="<? |
|
echo $self . '?' . link_replace(create_link(), 'rootlogin', '1'); |
|
?>">π</a></font> |
|
</td> |
</tr> |
</tr> |
</form> |
</form> |
</table> |
</table> |
Line 723 Current time is <?echo format_time(time( |
|
Line 979 Current time is <?echo format_time(time( |
|
global $self; |
global $self; |
$lastpage = ceil($nummsgs / $pagesize); |
$lastpage = ceil($nummsgs / $pagesize); |
|
|
echo "<center>Messages ".($firstmsg + 1)."-". |
echo "<center>Messages " . ($firstmsg + 1) . "-" . |
($lastmsg + 1)." of $nummsgs<br>"; |
($lastmsg + 1) . " of $nummsgs<br>"; |
|
|
// REWIND to begin |
// REWIND to begin |
if ($firstmsg == 0) |
if ($firstmsg == 0) |
echo "<<"; |
echo "<<"; |
else |
else |
echo "<a href=$self?".link_replace(create_link(), "page", "1")."><<</a>"; |
echo "<a href=$self?" . link_replace(create_link(), "page", "1") . "><<</a>"; |
echo " "; |
echo " "; |
|
|
// PREVIOUS PAGE |
// PREVIOUS PAGE |
if ($firstmsg == 0) |
if ($firstmsg == 0) |
echo "<"; |
echo "<"; |
else |
else |
echo "<a href=$self?".link_replace(create_link(), "page", ($currentpage-1))."><</a>"; |
echo "<a href=$self?" . link_replace(create_link(), "page", ($currentpage-1)) . |
|
"><</a>"; |
|
|
echo " "; |
echo " "; |
|
|
// OTHER PAGES |
// OTHER PAGES |
for ($i = 1; $i <= $lastpage; $i++) { |
for ($i = 1; $i <= $lastpage; $i++) { |
echo ($i == $currentpage)?"$i ":"<a href=$self?". |
echo ($i == $currentpage) ? "$i " : "<a href=$self?" . |
link_replace(create_link(), "page", $i).">".$i."</a> "; |
link_replace(create_link(), "page", $i) . ">" . $i . "</a> "; |
} |
} |
|
|
// NEXT PAGE |
// NEXT PAGE |
if ($lastmsg >= ($nummsgs - 1)) |
if ($lastmsg >= ($nummsgs - 1)) |
echo ">"; |
echo ">"; |
else |
else |
echo "<a href=$self?". |
echo "<a href=$self?" . |
link_replace(create_link(), "page", ($currentpage+1)). |
link_replace(create_link(), "page", ($currentpage+1)) . |
">></a>"; |
">></a>"; |
|
|
echo " "; |
echo " "; |
Line 760 Current time is <?echo format_time(time( |
|
Line 1017 Current time is <?echo format_time(time( |
|
// REWIND PAGE to end |
// REWIND PAGE to end |
if ($lastmsg >= ($nummsgs - 1)) |
if ($lastmsg >= ($nummsgs - 1)) |
echo ">>"; |
echo ">>"; |
else |
else |
echo "<a href=$self?". |
echo "<a href=$self?" . |
link_replace(create_link(), "page", $lastpage). |
link_replace(create_link(), "page", $lastpage) . |
">>></a>"; |
">>></a>"; |
|
|
echo "</center>\n"; |
echo "</center>\n"; |
} |
} // show_page_walk($currentpage, $pagesize, $nummsgs, $firstmsg, $lastmsg) |
|
|
function show_nonrefresh_head() { |
function show_nonrefresh_head() { |
global $WB_name, $WB_version; |
global $WB_name, $WB_version; |
Line 774 Current time is <?echo format_time(time( |
|
Line 1031 Current time is <?echo format_time(time( |
|
<html> |
<html> |
<head> |
<head> |
<title><?echo "$WB_name v$WB_version"?></title> |
<title><?echo "$WB_name v$WB_version"?></title> |
|
<link rel="stylesheet" href="<?echo $css_file?>" type="text/css"> |
</head> |
</head> |
<body bgcolor="black" text="#C0C0C0" link="#888ff" alink="#888ff" vlink="#888ff"> |
<body> |
<? |
<? |
} |
} // show_nonrefresh_head() |
|
|
function show_delete_dialog($nick, $time) { |
function show_delete_dialog($nick, $time) { |
global $self; |
global $self; |
echo "\n<center><font color=#C0C0C0 face=Courier size=4><b>Delete message</font></b><br><br>"; |
echo "\n<center><h3><b>Delete message</b></h3><br><br>"; |
echo "\n<center>\n<form name=deletemessage method=post action=$self?". |
echo "\n<center>\n<form name=deletemessage method=get action=$self>\n"; |
link_replace(link_replace(create_link(), "deleteok", 1), |
echo create_hidden_inputs(split_url_vars(link_replace(link_replace(create_link(), "deleteok", 1), "time", $time))); |
"time", $time).">\n"; |
|
echo "<table align=center>\n"; |
echo "<table align=center>\n"; |
echo "\t\n<tr>\n\t\t<td>Nick:</td><td><input type=text value=\"$nick\" readonly></td></tr>\n"; |
echo "\t\n<tr>\n\t\t<td>Your Nick:</td><td><input type=text value=\"$nick\" readonly></td></tr>\n"; |
echo "\t\n<tr>\n\t\t<td>Message No.:</td><td><input type=text value=\"$time\" readonly></td></tr>\n"; |
echo "\t\n<tr>\n\t\t<td>Message No.:</td><td><input type=text value=\"$time\" readonly></td></tr>\n"; |
echo "\t\n<tr>\n\t\t<td>Password:</td><td><input type=password name=pass></td></tr>\n"; |
echo "\t\n<tr>\n\t\t<td>Password:</td><td><input type=password name=pass></td></tr>\n"; |
echo "\t\n<tr>\n\t\t<td colspan=2 align=center><input type=submit name=submit_type value=Delete>\n</td></tr>\n"; |
echo "\t\n<tr>\n\t\t<td colspan=2 align=center><input type=submit name=submit_type value=Delete>\n</td></tr>\n"; |
echo "\t<tr><td align=center colspan=2><a href=$self?". |
echo "\t<tr><td align=center colspan=2><a href=$self?" . |
create_link(). |
create_link() . |
">cancel</a></td></tr>\n"; |
">cancel</a></td></tr>\n"; |
echo "</table>\n"; |
echo "</table>\n"; |
echo "</form>\n</center>\n"; |
echo "</form>\n</center>\n"; |
} |
} // show_delete_dialog($nick, $time) |
|
|
function show_createuser_dialog($newnick, $email) { |
function show_createuser_dialog($newnick, $email) { |
global $self; |
global $self; |
echo "\n<center><font color=#C0C0C0 face=Courier size=4><b>Create new user</font></b><br><br>"; |
echo "\n<center><h3><b>Create new user</b></h3><br><br>"; |
echo "<table size=90% align=center>\n"; |
echo "<table size=90% align=center>\n"; |
|
|
echo "\n<form name=createuser method=post action=$self?". |
echo "\n<form name=createuser method=get action=$self>"; |
|
echo create_hidden_inputs(split_url_vars( |
link_replace(link_replace( |
link_replace(link_replace( |
create_link(), "createok", 1), "createuser", 1 |
create_link(), "createok", 1), "createuser", 1 |
). |
))); |
">\n"; |
|
echo "\t<tr>\n\t\t<td>New Nick:</td><td><input type=text name=newnick maxsize=16 value=$newnick></td>\n"; |
echo "\t<tr>\n\t\t<td>New Nick:</td><td><input type=text name=newnick maxsize=16 value=$newnick></td>\n"; |
echo "\t<tr><td>E-mail:</td><td><input type=text name=mail value=$email></td>\n\t</tr>\n"; |
echo "\t<tr><td>E-mail:</td><td><input type=text name=mail value=$email></td>\n\t</tr>\n"; |
echo "\t<tr><td>Password:</td><td><input type=password name=pass></td>\n\t</tr>\n"; |
echo "\t<tr><td>Password:</td><td><input type=password name=pass></td>\n\t</tr>\n"; |
echo "\t<tr><td align=center colspan=2><input type=submit name=submit_type value=Create></td>\n\t</tr>\n"; |
echo "\t<tr><td align=center colspan=2><input type=submit name=submit_type value=Create></td>\n\t</tr>\n"; |
echo "\t<tr><td align=center colspan=2><a href=$self?". |
echo "\t<tr><td align=center colspan=2><a href=$self?" . |
link_replace(create_link(), "createuser", ""). |
link_replace(create_link(), "createuser", "") . |
">cancel</a></td></tr>\n"; |
">cancel</a></td></tr>\n"; |
echo "</form>\n</table>\n</center>\n"; |
echo "</form>\n</table>\n</center>\n"; |
} |
} // show_createuser_dialog($newnick, $email) |
|
|
function show_message($message, $style = 0) { |
function show_message($message, $style = 0) { |
global $self; |
global $self; |
|
global $headframe; |
switch($style) { |
switch($style) { |
case 1: |
case 1: |
// Chat message line |
// Chat message line |
echo "<tr><td valign=top>"; |
echo "<tr><td valign=top class=time>"; |
echo "<a href=$self?". |
echo "<a href=$self?" . |
link_replace( |
link_replace( |
link_replace( |
link_replace( |
create_link(), "time", $message["time"] |
create_link(), "time", $message["time"] |
), |
), |
"nick", |
"nick", |
$message["name"]). |
$message["name"]) . |
">".format_time($message["time"], 1)."</a>_"; |
" class=time>" . format_time($message["time"], 1) . "</a></td>"; |
if ($message["email"] != "") |
if ($message["email"] != "") |
echo "<a href=\"mailto:".$message["email"]. |
echo "<td valign=top class=email><a href=\"mailto:" . $message["email"] . |
"\""." class=\"amsg\">". |
"\">" . $message["name"] . "</a>"; |
$message["name"]."</a>"; |
else |
else |
echo "<td valign=top class=nick>" . $message["name"]; |
echo $message["name"]; |
echo ":</td><td class=msg width=99%>" . $message["message"]; |
echo ":</td><td>".$message["message"]; |
|
echo "</td></tr>\n"; |
echo "</td></tr>\n"; |
break; |
break; |
default: |
default: |
// Board message style |
// Board message style |
echo "<tr><td>"; |
// remark this /* to a //* and the modes will switch |
|
/* |
|
echo "<tr><td valign=top class=email>"; |
|
if ($message["email"] != "") |
|
echo "<a href=\"mailto:" . $message["email"] . "\">\n"; |
|
echo $message["name"] . "</a></td>\n"; |
|
echo "\t<td class=time>" . format_time($message["time"]) . "</td>"; |
|
echo "<td><a href=$self?" . |
|
link_replace( |
|
link_replace( |
|
create_link(), "time", $message["time"] |
|
), |
|
"nick", |
|
$message["name"]) . |
|
">delete</a>\n"; |
|
echo "</td></tr><tr><td colspan=3>"; |
|
echo "\t" . $message["message"] . "\n"; |
|
echo "</td></tr>\n"; |
|
/*/ |
|
echo "<tr><td valign=top>"; |
if ($message["email"] != "") |
if ($message["email"] != "") |
echo "<a href=\"mailto:" . |
echo "<a href=\"mailto:" . $message["email"] . "\">\n"; |
$message["email"] . |
echo $message["name"] . "</a>\n"; |
"\" class=\"amsg\">\n"; |
echo "" . format_time($message["time"]) . ""; |
echo "\t" . $message["name"] . "\n"; |
echo " <a href=$self?" . |
echo "</a>\n\t - "; |
|
echo "\t" . format_time($message["time"])."\n"; |
|
echo "\t\t - <a href=$self?" . |
|
link_replace( |
link_replace( |
link_replace( |
link_replace( |
create_link(), "time", $message["time"] |
create_link(), "time", $message["time"] |
), |
), |
"nick", |
"nick", |
$message["name"]). |
$message["name"]) . |
">delete</a>\n"; |
">delete</a>\n"; |
echo "<br>"; |
echo "<a href=$self?" . |
|
link_replace( |
|
create_link(), |
|
"reply_to", |
|
rawurlencode($message["name"]."#".$message["time"]) |
|
) . |
|
" target=$headframe>reply</a>\n"; |
|
echo "</td></tr><tr><td>"; |
echo "\t" . $message["message"] . "\n"; |
echo "\t" . $message["message"] . "\n"; |
echo "</td></tr>\n"; |
echo "</td></tr>\n"; |
|
|
|
//*/ |
break; |
break; |
} |
} |
} |
} // show_message($message, $style = 0) |
|
|
function show_messages($message_file, $user_file, $page, $pagesize, |
function show_messages($message_file, $user_file, $page, $pagesize, |
$msg_style = 0, $show_all = 0, $use_db = 0, $db_messages = 0, $db_users = 0) { |
$msg_style = 0, $show_all = 0, $use_db = 0, $db_conn = 0) { |
|
|
$messages = read_messages($message_file, $user_file, $show_all, |
$messages = read_messages($message_file, $user_file, $show_all, |
$use_db, $db_messages, $db_users); |
$use_db, $db_conn); |
|
|
|
if (!good($messages)) |
|
$messages = array(); |
$n = sizeof($messages); |
$n = sizeof($messages); |
global $self;//!!!!! TODO |
global $self; |
|
|
if ($n <= 0) { |
if ($n <= 0) { |
echo "<center><font color=red><b>No messages YeT !</b></font></center>"; |
echo "<center><font color=red><b>No messages YeT !</b></font></center>"; |
} |
} |
Line 881 Current time is <?echo format_time(time( |
|
Line 1166 Current time is <?echo format_time(time( |
|
$page = 1; |
$page = 1; |
if ($page >= ($n / $pagesize)) |
if ($page >= ($n / $pagesize)) |
$page = ceil($n / $pagesize); |
$page = ceil($n / $pagesize); |
|
|
$first = $pagesize * ($page - 1); |
$first = $pagesize * ($page - 1); |
$last = ($pagesize * $page) - 1; |
$last = ($pagesize * $page) - 1; |
|
|
if ($first < 0) |
if ($first < 0) |
$first = 0; |
$first = 0; |
if ($first > $n) |
if ($first > $n) |
$first = $n - 1; |
$first = $n - 1; |
|
|
if ($last > ($n - 1)) |
if ($last > ($n - 1)) |
$last = $n - 1; |
$last = $n - 1; |
if ($last < $first) |
if ($last < $first) |
$last = $first; |
$last = $first; |
|
|
show_page_walk($page, $pagesize, $n, $first, $last); |
show_page_walk($page, $pagesize, $n, $first, $last); |
|
|
echo "<table width=100%>"; |
echo "<table border=0>"; |
for ($i = $first; $i <= $last; $i++) { |
for ($i = $first; $i <= $last; $i++) { |
show_message($messages[sizeof($messages) - 1 - $i], $msg_style); |
show_message($messages[sizeof($messages) - 1 - $i], $msg_style); |
} |
} |
echo "</table>"; |
echo "</table>"; |
|
|
show_page_walk($page, $pagesize, $n, $first, $last); |
show_page_walk($page, $pagesize, $n, $first, $last); |
} |
} |
} |
} |
Line 913 Current time is <?echo format_time(time( |
|
Line 1198 Current time is <?echo format_time(time( |
|
// /////////////////////////////////////////////// |
// /////////////////////////////////////////////// |
|
|
// DEFAULTS |
// DEFAULTS |
if ($use_db) { |
|
require_once "db.php"; |
|
$db_messages = DB::connect("mysql://$db_user:$db_pass/$db_host/$db_message_table"); |
|
$db_users = DB::connect("mysql://$db_user:$db_pass/$db_host/$db_user_table"); |
|
if (DB::isError($db_messages)) { |
|
$use_db = 0; |
|
} |
|
if (DB::isError($db_users)) |
|
if (!(DB::isError($db_messages))) |
|
$db_messages->disconnect(); |
|
$use_db = 0; |
|
} |
|
if ($use_db) { |
|
$user_file = $db_users; |
|
$message_file = $db_messages; |
|
} |
|
} |
|
|
|
if (!good($self)) |
if (!good($self)) |
$self = $PHP_SELF; |
$self = $PHP_SELF; |
|
|
|
$abs_self = "http://" . $GLOBALS["HTTP_HOST"] . $self; |
|
|
|
header ("Cache-Control: no-cache, must-revalidate"); |
|
header ("Pragma: no-cache"); |
|
|
if ($strip_slashes) { |
if ($strip_slashes) { |
$message = stripslashes($message); |
$message = stripslashes($message); |
Line 943 Current time is <?echo format_time(time( |
|
Line 1216 Current time is <?echo format_time(time( |
|
$bodyframe = stripslashes($bodyframe); |
$bodyframe = stripslashes($bodyframe); |
$headerframe = stripslashes($headerframe); |
$headerframe = stripslashes($headerframe); |
$disablepart = stripslashes($disablepart); |
$disablepart = stripslashes($disablepart); |
$setframes = stripslashes($setframes); |
|
$newnick = stripslashes($newnick); |
$newnick = stripslashes($newnick); |
} |
} |
|
|
|
|
|
settype($pagesize, integer); |
if ($pagesize < 10) |
if ($pagesize < 10) |
$pagesize = 50; |
$pagesize = 50; |
settype($pagesize, integer); |
|
|
settype($autorefresh, integer); |
if ($autorefresh < 10) |
if ($autorefresh < 10) |
$autorefresh = 300; |
$autorefresh = 300; |
settype($autorefresh, integer); |
|
|
|
|
if (!good($disablepart) || ($disablepart > 3) || ($disablepart < 0)) |
if (!good($disablepart) || ($disablepart>3) || ($disablepart<0)) |
|
$disablepart = 0; |
$disablepart = 0; |
|
|
if (!good($headframe)) |
if (!good($headframe)) |
$headframe = $DEFAULT_HEAD_FRAME; |
$headframe = $DEFAULT_HEAD_FRAME; |
|
|
if (!good($bodyframe)) |
if (!good($bodyframe)) |
$bodyframe = $DEFAULT_BODY_FRAME; |
$bodyframe = $DEFAULT_BODY_FRAME; |
|
|
switch ($disablepart) { |
switch ($disablepart) { |
case 0: |
case 0: |
$show_body = true; |
$show_body = true; |
Line 983 Current time is <?echo format_time(time( |
|
Line 1256 Current time is <?echo format_time(time( |
|
break; |
break; |
} |
} |
|
|
if (!good($page)) |
if (!good($page)) |
$page = 0; |
$page = 0; |
|
|
|
// check for superuser view |
|
if ($nick == $root_name) { |
|
if (md5($pass) == $root_md5_password) |
|
$superuser = 1; |
|
else { |
|
unset($nick); |
|
$superuser = 0; |
|
} |
|
} |
|
|
|
// SHOW ROOT LOGIN FORM |
|
if ($rootlogin) { |
|
show_nonrefresh_head(); |
|
show_root_login_form($root_name, $nick); |
|
$show_body = false; |
|
$show_head = false; |
|
} |
|
|
if (!isset($nick) && good($newnick)) |
if (!isset($nick) && good($newnick)) |
$nick = $newnick; |
$nick = $newnick; |
|
|
if (!good($mail)) |
if (!good($mail)) |
$mail = get_email($nick); |
$mail = get_email($nick); |
|
|
if (good($archive)) |
if (good($archive)) |
$hist_file_prefix = $archive; |
$hist_file_prefix = $archive; |
|
|
if (good($archive_no) && !$use_db) |
if (good($archive_no) && !$use_db) |
$message_file = $old_messages_folder.$hist_file_prefix.$archive_no; |
$message_file = $old_messages_folder . $hist_file_prefix . $archive_no; |
|
|
//header ("Cache-Control: no-cache, must-revalidate"); |
if ($use_db) { |
//header ("Pragma: no-cache"); |
require_once "DB.php"; |
|
|
|
$db_handle = DB::connect("mysql://$db_user:$db_pass" |
|
. "@$db_host/$db_database"); |
|
if (DB::isError($db_handle)) { |
|
echo $db_handle->getMessage(); |
|
$db_handle = 0; |
|
$use_db = 0; |
|
//exit; |
|
} |
|
if ($use_db) { |
|
$db_handle->setFetchMode(DB_FETCHMODE_ASSOC); |
|
$user_file = $db_user_table; |
|
$message_file = $db_message_table; |
|
} |
|
} |
|
|
|
// Insert quoted REPLY TO message |
|
if (good($reply_to)) { |
|
$pivot = strrpos($reply_to, "#"); |
|
if (!($pivot === false)) { |
|
$tmp_name = substr($reply_to, 0, $pivot); |
|
$tmp_time = substr($reply_to, $pivot + 1); |
|
$messages = read_messages($message_file, $user_file, $superuser, |
|
$use_db, $db_conn); |
|
for ($i = 0; $i < sizeof($messages); $i++) { |
|
if (($messages[$i]["time"] == $tmp_time) && |
|
($messages[$i]["name"] == $tmp_name)){ |
|
$found = true; |
|
break; |
|
} |
|
} |
|
if ($found) { |
|
$tmp_msg = create_reply($messages[$i]); |
|
if (good($message)) { |
|
$tmp_msg .= $message; |
|
} |
|
$message = $tmp_msg; |
|
$message = strip_tags($message); |
|
} |
|
} |
|
} |
|
|
// CREATE NEW USER |
// CREATE NEW USER |
if ($createuser) { |
if ($createuser) { |
$mails = get_emails($user_file, $use_db, $db_users); |
$mails = get_emails($user_file, $use_db, $db_handle); |
|
if ((!($mails === false)) && |
|
good($newnick) && |
|
($mails[$newnick] == "") && |
|
good($createok) && |
|
($createok == 1)) { |
|
if (!write_mail($user_file, $newnick, $mail, $pass, $root_name, $use_db, $db_handle)) { |
|
//echo "drblo to"; // something failed, ignoring for now |
|
die(); |
|
} |
|
|
if (good($newnick) && |
header("HTTP/1.0 302 Found"); |
($mails[$newnick] == "") && |
header("Location: $abs_self?" . create_link()); |
good($mail) && |
die(); |
good($createok) && |
} |
($createok == 1)) |
|
write_mail($user_file, $newnick, $mail, $pass, $use_db, $db_users); |
|
else { |
else { |
show_nonrefresh_head(); |
show_nonrefresh_head(); |
show_createuser_dialog($newnick, $email); |
show_createuser_dialog($newnick, $email); |
|
$show_head = false; |
$show_body = false; |
$show_body = false; |
} |
} |
} |
} |
|
|
// WRITE MESSAGE TO DB |
// WRITE MESSAGE TO DB |
if (good($message) && good($submit_type)) |
if (good($message) && good($submit_type)) { |
write_message($message_file, $nick, $message, 0, |
if (write_message($message_file, $user_file, $nick, $message, 0, |
$old_messages_folder, $max_msgs_in_one_file, |
$old_messages_folder, $max_msgs_in_one_file, $min_msgs_in_board, |
$min_msgs_in_board, $hist_file_prefix, $use_db, $db_messages); |
$hist_file_prefix, $allowed_tags, $use_db, $db_handle)) |
|
; // something failed, ignoring for now |
|
|
|
$message = ''; |
|
header('HTTP/1.0 302 Found'); |
|
header("Location: $abs_self?" . create_link()); |
|
die(); |
|
} |
|
|
// DELETE MESSAGE FROM DB |
// DELETE MESSAGE FROM DB |
if (good($time)) { |
if (good($time)) { |
if (good($deleteok) && ($deleteok == 1)){ |
if (good($deleteok) && ($deleteok == 1)){ |
|
header('HTTP/1.0 302 Found'); |
|
header("Location: $abs_self?" . create_link()); |
switch(delete_message($message_file, $user_file, $nick, |
switch(delete_message($message_file, $user_file, $nick, |
$time, $pass, $use_virtual_delete, $use_db, $db_messages, $db_users)) { |
$time, $pass, $use_virtual_delete, $use_db, $db_handle)) { |
// TOTO ESTE DOROBIT - SPRAVANIE SA |
|
// SKRIPTU KED NASTANU PROBLEMY PRI DELETOVANI SPRAVY |
|
case 0: // All OK |
case 0: // All OK |
// echo "<center>Message deleted succesfully<br></center>\n"; |
echo "<center>Message deleted succesfully<br></center>\n"; |
break; |
break; |
case 1: // No such user |
case 1: // No such user |
// echo "<center>Error while deleting: There is no such user!<br></center>\n"; |
echo "<center>Error while deleting: There is no such user!<br></center>\n"; |
break; |
break; |
case 2: // Wrong password |
case 2: // Wrong password |
// echo "<center>Error while deleting: Wrong password!<br></center>\n"; |
echo "<center>Error while deleting: Wrong password!<br></center>\n"; |
break; |
break; |
case 3: // No such message |
case 3: // No such message |
// echo "<center>Error while deleting: No such message!<br></center>\n"; |
echo "<center>Error while deleting: No such message!<br></center>\n"; |
break; |
break; |
default:// Unknown error |
default:// Unknown error |
// echo "<center>Fatal Error while deleting: unknown error code!</center><br>\n"; |
echo "<center>Fatal Error while deleting: unknown error code!</center><br>\n"; |
break; |
break; |
} |
} |
|
die(); |
} else { |
} else { |
show_nonrefresh_head(); |
show_nonrefresh_head(); |
show_delete_dialog($nick, $time); |
show_delete_dialog($nick, $time); |
$show_body = false; |
$show_body = false; |
|
$show_head = false; |
} |
} |
} |
} |
|
|
// check for superuser view |
|
if (($nick == $root_name) && (md5($pass) == $root_md5_password)) |
|
$superuser = 1; |
|
else |
|
$superuser = 0; |
|
|
|
// We don't want to show body, when other form is shown |
// We don't want to show body, when other form is shown |
|
|
?> |
?> |
<html> |
<html> |
<head> |
<head> |
<title><?echo "$WB_name v$WB_version"?></title> |
<title><?echo "$WB_name v$WB_version"?></title> |
<? |
<link rel="stylesheet" href="<?echo $css_file?>" type="text/css"> |
if ($show_head) { |
|
?> |
|
</head> |
</head> |
<body bgcolor=black text=#C0C0C0 link=#888ff alink=#888ff vlink=#888ff> |
<body> |
<? |
<? |
show_data_form($user_file, $self, $nick, $style, $WB_name, |
/* |
$autorefresh, $pagesize, $use_db, $db_users); |
If set, do nothing, just create frames and recursively call self |
|
*/ |
|
if (good($setframes)) { |
|
$frmlnk = |
|
link_replace( |
|
link_replace( |
|
link_replace(create_link(), "frameset", 1), |
|
"bodyframe", |
|
"bodyframe"), |
|
"headframe", |
|
"headframe" |
|
); |
|
echo "<frameset rows=\"230,*\" framespacing=0 cols=*>\n"; |
|
echo "<frame name=headframe src=\"$self?" . |
|
link_replace($frmlnk, "disablepart", 1) . |
|
"\">\n"; |
|
echo "<frame name=bodyframe src=\"$self?" . |
|
link_replace($frmlnk, "disablepart", 2) . |
|
"\" scrolling=AUTO>\n"; |
|
echo "</frameset>\n"; |
|
echo "</html>"; |
|
$show_body = false; |
|
$show_head = false; |
} |
} |
|
|
|
if ($show_head) { |
|
show_data_form($user_file, $self, $nick, $message, $style, |
|
$WB_name, $autorefresh, $pagesize, $use_db, $db_handle); |
|
} |
|
|
if ($show_body) { |
if ($show_body) { |
echo "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"$autorefresh URL=$self?". |
echo "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"$autorefresh URL=$self?" . |
create_link()."\">\n"; |
create_link() . "\">\n"; |
?> |
|
</head> |
|
<body bgcolor=black text=#C0C0C0 link=#888ff alink=#888ff vlink=#888ff> |
|
<? |
|
show_messages($message_file, $user_file, $page, $pagesize, |
show_messages($message_file, $user_file, $page, $pagesize, |
$style, $superuser, $use_db, $db_messages, $db_users); |
$style, $superuser, $use_db, $db_handle); |
} |
} |
|
|
if ($use_db) { |
if ($use_db && $db_handle) { |
$user_file->disconnect(); |
$db_handle->disconnect(); |
$message_file->disconnect(); |
|
} |
} |
?> |
?> |
</p> |
|
</body> |
</body> |
</html> |
</html> |