Opensource.Platon.SK CVS: wolboard/wolboard.php - diff

Up to [Platon] / wolboard

Diff for wolboard/wolboard.php between version 1.8 and 1.14

version 1.8, 2002/04/13 22:49:49

version 1.14, 2002/09/26 09:08:10

Line 3

Module: WolBoard.php3

Author: Martin Karas a.k.a. Wolcano

Date: 14.03.2002

Date: 24.04.2002

Mail: wolcano@pobox.sk

Version: v5.1

Version: v5.2

License: not chosen yet - this file is strictly private,

you may not copy/change/distribute it without authors

explicit premission.

Description: Simple message-board. Can store data in files or

PEAR-compliant DB (not fully implemented yet)

TODO: (see TODO file)

Line 24

Line 25

<user_line> :== <username>:<email>:<md5sum_of_password>

Database specification:

create table messages <unknown for now>

See "sql/" files.

create table users <unknown>

Input parameters:

$pagesize - # of messages per page

$page - #th page

Line 56

Line 54

$archive - archive file prefix

$archive_no - index of archived file

$submit_type - submit button type

$reply_to - index of message you want to reply (inserts quoted message)

$rootlogin - wether should display the root login dialog

CHANGE LOG:

* 5.4 - "fixed" adduser bug (now ignoring result of flock() :()

- added root login for viewing deleted messages

* 5.3 - external CSS file

* 5.2 - added "reply" link

* 5.1 - updated SQL queries

- sprtinf()-ed and quote()-ed all SQL queries

- some bug fixes

Line 78

Line 82

// IMPORTANT CONSTANTS (change if needed)

$WB_version = "5.1";

$WB_version = "5.2";

$WB_name = "Wol's Message Board";

$strip_slashes = 0;

$strip_slashes = 1;

$DEFAULT_HEAD_FRAME = "";

$DEFAULT_BODY_FRAME = "";

$css_file = "style.css";

$use_virtual_delete = 1; //use delete flagging instead of real delete

$root_name = "root";

$root_md5_password = "896ae34257056a6edb7643e3db85bb21";

// Filesystem defaults

$message_file = "board_messages.txt";

$message_file = "messages.dat";

$user_file = "board_emails.txt";

$user_file = "users.dat";

$move_old_mesages = 1;

$old_messages_folder = "history/";

$hist_file_prefix = "board_hist_file_"; // used in REGEXPs! alphabeticals only

Line 97

Line 102

$min_msgs_in_board = 50;

// Database defaults

$use_db = 1;

$use_db = 0;

$db_message_table = "wolboard_messages";

$db_user_table = "wolboard_users";

//$db_host = "db.host.sk";

Line 128

Line 133

function link_replace($link, $paramname, $paramvalue) {

$link = eregi_replace("&$", "", $link);

$link = eregi_replace("&?$paramname=[^&]*", "", $link);

$link = eregi_replace("(&|^)$paramname=[^&]*", "", $link);

if ($paramvalue)

$link .= "&$paramname=$paramvalue";

return $link;

Line 206

Line 211

);

} // create_link()

function split_url_vars($s) {

$a = explode('&', $s);

$i = 0;

$s = array();

while ($i < sizeof($a)) {

$b = explode('=', $a[$i]);

$s[htmlspecialchars(urldecode($b[0]))] =

htmlspecialchars(urldecode($b[1]));

$i++;

}

return $s;

} // split_url_vars($s)

function create_hidden_inputs($a, $val = 0) {

if (is_array($a)) {

$k = array_keys($a);

$ret = '';

for($i = 0; $i < sizeof($a); $i++) {

$ret .= "<input type=hidden name=\"$k[$i]\" ".

"value=\"" . $a[$k[$i]] . "\">\n";

}

return $ret;

}

else {

return "<input type=hidden name=\"$a\" value=\"$val\">\n";

}

} // create_hidden_inputs($a);

function create_reply($msg_arr) {

$msg_arr keys: time, name, message, email

$quote_string = "> ";

$ret = $msg_arr["name"] .

" (" .

format_time($msg_arr["time"]) .

")<br>\n$quote_string" .

eregi_replace("\n", "\n$quote_string", $msg_arr["message"]) .

"<br>";

return $ret;

} // create_reply($msg_arr)

function wait_read_lock($f, $max_wait = 9999) {

$start = time();

while ((!flock($f, 1)) && ($start + $max_wait < time()))

sleep(1);

return ($start + $max_wait < time())?

return ($start + $max_wait < time());

1:0;

} // wait_read_lock($f, $max_wait = 9999)

function wait_write_lock($f, $max_wait = 9999) {

$start = time();

while ((!flock($f, 2)) && ($start + $max_wait < time()))

sleep(1);

return ($start + $max_wait < time());

} // wait_write_lock($f, $max_wait = 9999)

function release_lock($f) {

Line 309

Line 356

} // get_time($str)

function get_pass($str) {

return rawurldecode(trim(strtr(strrchr($str, ":"), ":", ";")));

return rawurldecode(trim(strtr(strrchr($str, ":"), ":", " ")));

} // get_pass($str)

function get_email($str) {

Line 319

Line 366

return "";

} // get_email($str)

function write_mail($usr_file, $user, $mail = "", $pass = "", $use_db = 0, $db_conn) {

function write_mail($usr_file, $user, $mail = '', $pass = '', $root_name = '', $use_db = 0, $db_conn) {

$pass = md5(rawurlencode($pass));

if ($user == $root_name)

return false;

if (!$use_db) {

// Working with files

$fp = fopen($usr_file, "a");

wait_write_lock($fp);

// this should work, but doesn't :(((

// won't use this shitty file locking mechanism

if (!wait_write_lock($fp))

return false;

fwrite($fp, strtr($user, ":", ";") . ":" . strtr($mail, ":", ";") .

":" . $pass . "\n");

release_lock($fp);

Line 805

Line 859

}

function show_data_form($user_file, $self, $nick,

function show_root_login_form($rootnick, $user_nick = '') {

global $self;

echo "\n<center><h3><b>Admin login</b></h3><br><br>";

echo "\n<center>\n<form name=rootlogin method=get action=$self>\n";

echo create_hidden_inputs(split_url_vars(link_replace(link_replace(create_link(), 'nick', $rootnick), 'newnick', $user_nick)));

echo "<table align=center>\n";

echo "\t\n<tr>\n\t\t<td>Password:</td><td><input type=password name=pass></td></tr>\n";

echo "\t\n<tr>\n\t\t<td colspan=2 align=center><input type=submit name=submit_type value=Login>\n</td></tr>\n";

echo "\t<tr><td align=center colspan=2><a href=$self?" .

create_link() .

">cancel</a></td></tr>\n";

echo "</table>\n";

echo "</form>\n</center>\n";

} // show_root_login_form($rootnick, $user_nick)

function show_data_form($user_file, $self, $nick, $message,

$style, $WB_name, $autorefresh, $pagesize, $use_db = 0, $db_conn = 0) {

// TODO !!!!!!

global $headframe;

Line 814

Line 883

global $frameset;

Current time is <?echo format_time(time())?>.

<br>

<form name=data method=POST action="<?

<form name=data method=GET action="<?echo "$self"?>" target="<?echo $bodyframe?>">

echo "$self?";

$tmp = link_replace(create_link(), "page", "");

$tmp = link_replace(create_link(), 'page', '');

if (good($frameset))

$tmp = link_replace($tmp, "disablepart", "2");

$tmp = link_replace($tmp, 'disablepart', '2');

echo $tmp;

echo create_hidden_inputs(split_url_vars($tmp));

?>" target="<?echo $bodyframe?>">

<tr>

<textarea name="message" cols=40 rows=<?

echo (sizeof(explode("\n",$message)) + 5)?>><?echo $message?></textarea></td>

Line 849 Current time is <?echo format_time(time(

Line 919 Current time is <?echo format_time(time(

</td>

</tr>

<tr>

<td valign=middle align=center colspan=2 rowspan=1><input type=submit name=submit_type value="Send"<?

<td valign=middle align=center colspan=1 rowspan=1><input type=submit name=submit_type value="Send"<?

// TODO redo the JS inline function (it doesn't clear the memo now)

if (!$show_body)

echo " onClick=\"javascript:submit();message.value=''\"";

?>></td>

</tr>

<tr>

</td>

</tr>

<tr>

<td align=right><?

if (!$style)

echo "Board\t /</td><td><a href=$self?" .

echo "Board /</td><td><a href=$self?" .

link_replace(create_link(), "style", "1") . ">Chat</a></td>";

else

echo "<a href=$self?" . link_replace(create_link(), "style", "0") .

Line 893 Current time is <?echo format_time(time(

Line 963 Current time is <?echo format_time(time(

<a href="<?

echo "$self?" . link_replace(link_replace(create_link(), "setframes", 1), "disablepart", 3);

?>" target=_top>Switch to frames</a>

?>" target=_top>Switch to frames</a> <font size=-3><a href="<?

echo $self . '?' . link_replace(create_link(), 'rootlogin', '1');

?>">π</a></font>

</td>

</tr>

</form>

Line 959 Current time is <?echo format_time(time(

Line 1031 Current time is <?echo format_time(time(

<html>

<head>

</head>

<body>

} // show_nonrefresh_head()

function show_delete_dialog($nick, $time) {

global $self;

echo "\n<center><font color=#C0C0C0 face=Courier size=4><b>Delete message</font></b><br><br>";

echo "\n<center><h3><b>Delete message</b></h3><br><br>";

echo "\n<center>\n<form name=deletemessage method=post action=$self?" .

echo "\n<center>\n<form name=deletemessage method=get action=$self>\n";

link_replace(link_replace(create_link(), "deleteok", 1),

echo create_hidden_inputs(split_url_vars(link_replace(link_replace(create_link(), "deleteok", 1), "time", $time)));

"time", $time) . ">\n";

echo "<table align=center>\n";

echo "\t\n<tr>\n\t\t<td>Nick:</td><td><input type=text value=\"$nick\" readonly></td></tr>\n";

echo "\t\n<tr>\n\t\t<td>Your Nick:</td><td><input type=text value=\"$nick\" readonly></td></tr>\n";

echo "\t\n<tr>\n\t\t<td>Message No.:</td><td><input type=text value=\"$time\" readonly></td></tr>\n";

echo "\t\n<tr>\n\t\t<td>Password:</td><td><input type=password name=pass></td></tr>\n";

echo "\t\n<tr>\n\t\t<td colspan=2 align=center><input type=submit name=submit_type value=Delete>\n</td></tr>\n";

Line 984 Current time is <?echo format_time(time(

Line 1056 Current time is <?echo format_time(time(

function show_createuser_dialog($newnick, $email) {

global $self;

echo "\n<center><font color=#C0C0C0 face=Courier size=4><b>Create new user</font></b><br><br>";

echo "\n<center><h3><b>Create new user</b></h3><br><br>";

echo "<table size=90% align=center>\n";

echo "\n<form name=createuser method=post action=$self?" .

echo "\n<form name=createuser method=get action=$self>";

echo create_hidden_inputs(split_url_vars(

link_replace(link_replace(

create_link(), "createok", 1), "createuser", 1

) .

)));

">\n";

echo "\t<tr>\n\t\t<td>New Nick:</td><td><input type=text name=newnick maxsize=16 value=$newnick></td>\n";

echo "\t<tr><td>E-mail:</td><td><input type=text name=mail value=$email></td>\n\t</tr>\n";

echo "\t<tr><td>Password:</td><td><input type=password name=pass></td>\n\t</tr>\n";

Line 1004 Current time is <?echo format_time(time(

Line 1076 Current time is <?echo format_time(time(

function show_message($message, $style = 0) {

global $self;

global $headframe;

switch($style) {

case 1:

// Chat message line

Line 1026 Current time is <?echo format_time(time(

Line 1099 Current time is <?echo format_time(time(

break;

default:

// Board message style

// remark this /* so the modes switch

// remark this /* to a //* and the modes will switch

echo "<tr><td valign=top class=email>";

if ($message["email"] != "")

Line 1058 Current time is <?echo format_time(time(

Line 1131 Current time is <?echo format_time(time(

"nick",

$message["name"]) .

">delete</a>\n";

echo "<a href=$self?" .

link_replace(

create_link(),

"reply_to",

rawurlencode($message["name"]."#".$message["time"])

) .

" target=$headframe>reply</a>\n";

echo "</td></tr><tr><td>";

echo "\t" . $message["message"] . "\n";

echo "</td></tr>\n";

Line 1121 Current time is <?echo format_time(time(

Line 1201 Current time is <?echo format_time(time(

if (!good($self))

$self = $PHP_SELF;

$abs_self = "http://" . $GLOBALS["HTTP_HOST"] . $self;

header ("Cache-Control: no-cache, must-revalidate");

header ("Pragma: no-cache");

if ($strip_slashes) {

$message = stripslashes($message);

Line 1174 Current time is <?echo format_time(time(

Line 1259 Current time is <?echo format_time(time(

if (!good($page))

$page = 0;

// check for superuser view

if ($nick == $root_name) {

if (md5($pass) == $root_md5_password)

$superuser = 1;

else {

unset($nick);

$superuser = 0;

}

// SHOW ROOT LOGIN FORM

if ($rootlogin) {

show_nonrefresh_head();

show_root_login_form($root_name, $nick);

$show_body = false;

$show_head = false;

}

if (!isset($nick) && good($newnick))

$nick = $newnick;

Line 1186 Current time is <?echo format_time(time(

Line 1289 Current time is <?echo format_time(time(

if (good($archive_no) && !$use_db)

$message_file = $old_messages_folder . $hist_file_prefix . $archive_no;

//header ("Cache-Control: no-cache, must-revalidate");

//header ("Pragma: no-cache");

if ($use_db) {

require_once "DB.php";

Line 1206 Current time is <?echo format_time(time(

Line 1306 Current time is <?echo format_time(time(

$message_file = $db_message_table;

}

// Insert quoted REPLY TO message

if (good($reply_to)) {

$pivot = strrpos($reply_to, "#");

if (!($pivot === false)) {

$tmp_name = substr($reply_to, 0, $pivot);

$tmp_time = substr($reply_to, $pivot + 1);

$messages = read_messages($message_file, $user_file, $superuser,

$use_db, $db_conn);

for ($i = 0; $i < sizeof($messages); $i++) {

if (($messages[$i]["time"] == $tmp_time) &&

($messages[$i]["name"] == $tmp_name)){

$found = true;

break;

}

if ($found) {

$tmp_msg = create_reply($messages[$i]);

if (good($message)) {

$tmp_msg .= $message;

}

$message = $tmp_msg;

$message = strip_tags($message);

}

// CREATE NEW USER

if ($createuser) {

$mails = get_emails($user_file, $use_db, $db_handle);

Line 1214 Current time is <?echo format_time(time(

Line 1341 Current time is <?echo format_time(time(

($mails[$newnick] == "") &&

good($createok) &&

($createok == 1)) {

if (write_mail($user_file, $newnick, $mail, $pass, $use_db, $db_handle))

if (!write_mail($user_file, $newnick, $mail, $pass, $root_name, $use_db, $db_handle)) {

; // something failed, ignoring for now

//echo "drblo to"; // something failed, ignoring for now

die();

}

header("HTTP/1.0 302 Found");

header("Location: $abs_self?" . create_link());

die();

}

else {

show_nonrefresh_head();

Line 1231 Current time is <?echo format_time(time(

Line 1364 Current time is <?echo format_time(time(

$old_messages_folder, $max_msgs_in_one_file, $min_msgs_in_board,

$hist_file_prefix, $allowed_tags, $use_db, $db_handle))

; // something failed, ignoring for now

$message = '';

header('HTTP/1.0 302 Found');

header("Location: $abs_self?" . create_link());

die();

}

// DELETE MESSAGE FROM DB

if (good($time)) {

if (good($deleteok) && ($deleteok == 1)){

header('HTTP/1.0 302 Found');

header("Location: $abs_self?" . create_link());

switch(delete_message($message_file, $user_file, $nick,

$time, $pass, $use_virtual_delete, $use_db, $db_handle)) {

case 0: // All OK

// echo "<center>Message deleted succesfully<br></center>\n";

echo "<center>Message deleted succesfully<br></center>\n";

break;

case 1: // No such user

// echo "<center>Error while deleting: There is no such user!<br></center>\n";

echo "<center>Error while deleting: There is no such user!<br></center>\n";

break;

case 2: // Wrong password

// echo "<center>Error while deleting: Wrong password!<br></center>\n";

echo "<center>Error while deleting: Wrong password!<br></center>\n";

break;

case 3: // No such message

// echo "<center>Error while deleting: No such message!<br></center>\n";

echo "<center>Error while deleting: No such message!<br></center>\n";

break;

default:// Unknown error

// echo "<center>Fatal Error while deleting: unknown error code!</center><br>\n";

echo "<center>Fatal Error while deleting: unknown error code!</center><br>\n";

break;

}

die();

} else {

show_nonrefresh_head();

show_delete_dialog($nick, $time);

Line 1262 Current time is <?echo format_time(time(

Line 1403 Current time is <?echo format_time(time(

}

// check for superuser view

if (($nick == $root_name) && (md5($pass) == $root_md5_password))

$superuser = 1;

else

$superuser = 0;

// We don't want to show body, when other form is shown

Line 1274 Current time is <?echo format_time(time(

Line 1410 Current time is <?echo format_time(time(

<html>

<head>

</head>

<body>

If set, do nothing, just create frames and recursively call self

Line 1302 Current time is <?echo format_time(time(

Line 1441 Current time is <?echo format_time(time(

}

if ($show_head) {

show_data_form($user_file, $self, $nick, $message, $style,

</head>

$WB_name, $autorefresh, $pagesize, $use_db, $db_handle);

show_data_form($user_file, $self, $nick, $style, $WB_name,

$autorefresh, $pagesize, $use_db, $db_handle);

}

if ($show_body) {

echo "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"$autorefresh URL=$self?" .

create_link() . "\">\n";

</head>

show_messages($message_file, $user_file, $page, $pagesize,

$style, $superuser, $use_db, $db_handle);

}

Platon Group <platon@platon.org> http://platon.org/


Copyright © 2002-2006 Platon Group Site powered by Metafox CMS	Go to Top