".constant($tmpdata[1]); else $tmp.=""; $oldcat=$tmpdata[2]; } if ($tmpdata[0]==$value) $flist.=""; return $flist; } function build_level_select() { $sql = "SELECT * FROM ".$GLOBALS['DBprefix']."UserLevel ORDER BY l_level"; return build_select($sql,$udata['u__level']); } function build_userlevel_select($level=0) { $sql = "SELECT * FROM ".$GLOBALS['DBprefix']."UserLevel WHERE l_level!=0 AND l_level<1024"; return build_select($sql,$level); } function error($errmsg) { if (!$GLOBALS['admin']) load_style("message.php"); $tmp_link1 = "".MSG_go_back.""; $tmp_link2 = "".MSG_go_mainpage.""; output_message(MSG_e.$errmsg,$tmp_link1,$tmp_link2,""); exit(); } function message($textmsg,$golink=0) { if ($_POST['refpage']) $tmp_link1 = $_POST['refpage']; elseif ($GLOBALS['refpage']) $tmp_link1 = $GLOBALS['refpage']; elseif ($_SERVER['HTTP_REFERER']) $tmp_link1 =$_SERVER['HTTP_REFERER']; else $tmp_link1 = "javascript:history(-1)"; if (strpos($tmp_link1,"javascript:")===false && strpos($tmp_link1,"IB2XP")===false && !isset($_COOKIE['IB2XP'])) { if (strpos($tmp_link1,"?")===false) $tmp_link1.="?"; else $tmp_link1.="&"; $tmp_link1.="IB2XP".$GLOBALS['DBprefix']."=".session_id(); } $tmp_link2 = "".MSG_go_mainpage.""; if ($golink) $newlink=$tmp_link1; if (substr($tmp_link1,0,7)=="http://") $tmp_link1=preg_replace("|http://[^/]+/|is","",$tmp_link1); output_message($textmsg,"".MSG_go_back."",$tmp_link2,"",$newlink); } function topic_message($textmsg,$golink=0) { $tmp_message = $textmsg; $tmp_link1 = "".MSG_go_topic.""; $tmp_link2 = "".MSG_go_forum.""; $tmp_link3 = "".MSG_go_mainpage.""; if ($golink) $newlink="index.php?t=".$GLOBALS['topic']."#last"; output_message($tmp_message,$tmp_link1,$tmp_link2,$tmp_link3,$newlink); } function month_replace($date) { $date=str_replace("January",MSG_January,$date); $date=str_replace("February",MSG_February,$date); $date=str_replace("March",MSG_March,$date); $date=str_replace("April",MSG_April,$date); $date=str_replace("May",MSG_May,$date); $date=str_replace("June",MSG_June,$date); $date=str_replace("July",MSG_July,$date); $date=str_replace("August",MSG_August,$date); $date=str_replace("September",MSG_September,$date); $date=str_replace("October",MSG_October,$date); $date=str_replace("November",MSG_November,$date); $date=str_replace("December",MSG_December,$date); $date=str_replace("Jan",MSG_Jan,$date); $date=str_replace("Feb",MSG_Feb,$date); $date=str_replace("Mar",MSG_Mar,$date); $date=str_replace("Apr",MSG_Apr,$date); $date=str_replace("May",MSG_May,$date); $date=str_replace("Jun",MSG_Jun,$date); $date=str_replace("Jul",MSG_Jul,$date); $date=str_replace("Aug",MSG_Aug,$date); $date=str_replace("Sep",MSG_Sep,$date); $date=str_replace("Oct",MSG_Oct,$date); $date=str_replace("Nov",MSG_Nov,$date); $date=str_replace("Dec",MSG_Dec,$date); $date=str_replace("Monday",MSG_Monday,$date); $date=str_replace("Tuesday",MSG_Tuesday,$date); $date=str_replace("Wednesday",MSG_Wednesday,$date); $date=str_replace("Thursday",MSG_Thursday,$date); $date=str_replace("Friday",MSG_Friday,$date); $date=str_replace("Saturday",MSG_Saturday,$date); $date=str_replace("Sunday",MSG_Sunday,$date); $date=str_replace("Mon",MSG_Mon,$date); $date=str_replace("Tue",MSG_Tue,$date); $date=str_replace("Wed",MSG_Wed,$date); $date=str_replace("Thu",MSG_Thu,$date); $date=str_replace("Fri",MSG_Fri,$date); $date=str_replace("Sat",MSG_Sat,$date); $date=str_replace("Sun",MSG_Sun,$date); return $date; } function long_date_out($date) { $date=$date+$GLOBALS['inuser']['u_timeregion']-$GLOBALS['opt_timeregion']; if ($date<0) $date=0; if ($date) $date=date($GLOBALS['inuser']['u_lformat'],$date); else $date=MSG_none; return month_replace($date); } function short_date_out($date) { $date=$date+$GLOBALS['inuser']['u_timeregion']-$GLOBALS['opt_timeregion']; if ($date<0) $date=0; if ($date) $date=date($GLOBALS['inuser']['u_sformat'],$date); else $date=MSG_none; return month_replace($date); } function addlinks(&$text) { $text = " ".$text." "; $text = str_replace("<"," <",$text); $text = str_replace(">","> ",$text); $text = preg_replace("/\n/","",$text); $text = preg_replace("/\r/","",$text); $text = preg_replace("/ ([^:\t \n\[]+?\@[^\t \n\[]+?) /is"," $1 ",$text); $text = preg_replace("/ (http:\/\/\S+?) /is"," $1 ",$text); $text = preg_replace("/ (www\.\S+?) /is"," $1 ",$text); $text = preg_replace("/ ([\w-\.]+?\.ru) /is"," $1 ",$text); $text = preg_replace("/ ([\w-\.]+?\.com) /is"," $1 ",$text); $text = preg_replace("/ ([\w-\.]+?\.net) /is"," $1 ",$text); $text = preg_replace("/ ([\w-\.]+?\.org) /is"," $1 ",$text); $text = str_replace(" <","<",$text); $text = str_replace("> ",">",$text); } function check_hidden($posts,$text) { if (!$GLOBALS['inuserposts'] && $GLOBALS['inuserid']>3) { $link=$GLOBALS['link']; $sql = "SELECT COUNT(*) FROM ".$GLOBALS['DBprefix']."Post WHERE p_uid=".$GLOBALS['inuserid']." AND p__premoderate=0"; $res = db_query($sql,$link); list($count)=db_fetch_row($res); db_free_result($res); $GLOBALS['inuserposts']=$count; } if ($posts<=$GLOBALS['inuserposts']) return $text; else return "
".MSG_p_posthide." ".format_word($posts,MSG_p1,MSG_p2,MSG_p3).".
"; } function check_level($level,$text) { if ($level<=$GLOBALS['inuserlevel']) return $text; else return "
".MSG_p_levelhide.".
"; } function check_url($url) { $url=strtolower($url); $res=1; if (strpos($url,"script:")!==false) $res=0; if (strpos($url,"/admin")===0) $res=0; $forumurl=strtolower($GLOBALS['opt_url']); $forumurl=str_replace("www.","",$forumurl); $forumurl=preg_replace("|/$|s","",$forumurl); $url=str_replace("www.","",$url); if (strpos($url,$forumurl."/admin")!==false) $res=0; if (strpos($url,"a=do_logout")!==false) $res=0; if (strpos($url,"\"")!==false) $res=0; return $res; } function check_img($imgtext) { preg_match("/src=\"([^\"]+?)\"[\s>]/is",$imgtext,$matches); if (!$matches[1]) preg_match("/src='([^']+?)'[\s>]/is",$imgtext,$matches); if (!$matches[1]) preg_match("/src=(\S+?)/is",$imgtext,$matches); $tmptext=str_replace($matches[1],"",$imgtext); if (preg_match("/\Won\w+?=/is",$tmptext) || preg_match("/\Wurl\(/is",$tmptext)) { $GLOBALS['hackattempt']++; return "
HACK ATTEMPT: ".htmlspecialchars($imgtext)."
"; } if (strpos($matches[1],$GLOBALS['opt_url']."/smiles")===false) $imgtext=preg_replace("|<(img .*?)>|is","<$1 onLoad=\"ch_img(this)\">",$imgtext); if (check_url($matches[1])) return $imgtext; else { $GLOBALS['hackattempt']++; return "
HACK ATTEMPT: ".$matches[1]."
"; } } function check_link($linktext) { preg_match("/href=\"([^\"]+?)\"[\s>]/is",$linktext,$matches); if (!$matches[1]) preg_match("/href='([^']+?)'[\s>]/is",$linktext,$matches); if (!$matches[1]) preg_match("/href=(\S+?)[\s>]/is",$linktext,$matches); $tmptext=str_replace($matches[1],"",$linktext); if (preg_match("/\Won\w+?=/is",$tmptext) || preg_match("/\Wurl\(/is",$tmptext)) { $GLOBALS['hackattempt']++; return "
HACK ATTEMPT: ".htmlspecialchars($linktext)."
"; } if (check_url($matches[1])) return $linktext; else { $GLOBALS['hackattempt']++; return "
HACK ATTEMPT: ".substr($matches[1],0,50)."
"; } } function process_code($text,$html) { if ($html) $text=nl2br(htmlspecialchars(str_replace("
","\n",$text))); $text=str_replace(" ","  ",$text); $text=str_replace("\t","  ",$text); $text="
$text

"; $text=str_replace("[","[*___",$text); $text=str_replace("]","___*]",$text); if (is_array($GLOBALS['smiles'])) foreach ($GLOBALS['smiles'] as $sm_code=>$sm_file) if ($GLOBALS['smileshow'][$sm_code]) { $text=str_replace("\"$sm_code\"",$sm_code,$text); } return $text; } function code_back($text) { $text=str_replace("[*___","[",$text); $text=str_replace("___*]","]",$text); return $text; } function table_parse($text) { $text ="".$text; $text = preg_replace("/\[tr\](.*?)\[\/tr\]/is","$1",$text); $text = preg_replace("/\[td\](.*?)\[\/td\]/is","",$text); $text = preg_replace("/\[td colspan=(\d+)\](.*?)\[\/td\]/is","",$text); $text.="
$1$2
"; return $text; } function boardcode(&$text,$html=0,$tid,$pid) { if (strpos($text,"[")!==false) { $text=preg_replace("/\[nocode\](.*?)\[\/nocode\]/ise","str_replace(\"[\",\"[\",str_replace(\"]\",\"]\",\"$1\"))",$text); $text=preg_replace("/\[nohtml\](.*?)\[\/nohtml\]/ise","nl2br(str_replace(\"<\",\"<\",str_replace(\">\",\">\",str_replace(\"
\",\"\n\",\"$1\"))))",$text); $cutid=getvar('cutid'); if ($pid==$cutid || $tid==0 || $GLOBALS['action']=="do_print") { $text=preg_replace("/\[cut\](.*?)\[\/cut\]/is","$1",$text); $text=preg_replace("/\[cut=\".*?\"\](.*?)\[\/cut\]/is","$1",$text); } else { $text=preg_replace("/\[cut\](.*?)\[\/cut\]/is","".MSG_p_uncut."",$text); $text=preg_replace("/\[cut=\"(.*?)\"\](.*?)\[\/cut\]/is","$1",$text); } preg_match_all("/\[code\](.*?)\[\/code\]/is",$text,$matches); foreach ($matches[1] as $curmatch) { $newcode=process_code($curmatch,$html); $text=str_replace("[code]".$curmatch."[/code]","[code]".$newcode."[/code]",$text); } $text = str_replace("[hr]","
",$text); $text = str_replace("[br]","
",$text); $text = preg_replace("/\[quote\](.*?)\[\/quote\]/is","
$1
",$text); $text = preg_replace("/\[q\](.*?)\[\/q\]/is","
$1
",$text); $text = preg_replace("/\[quote=(.+?)\](.*?)\[\/quote\]/is","$1 ".MSG_written.":
$2
",$text);//.short_date_out($2)." $text = preg_replace("/\[q=(.+?)\](.*?)\[\/q\]/is","$1 ".MSG_written.":
$2
",$text); $text = preg_replace("/\[q(\d+)\](.*?)\[\/q$1\]/is","
$2
",$text); $text = preg_replace("/\[url\](\w+?:\/\/[^\"]+?)\[\/url\]/is","$1",$text); $text = preg_replace("/\[url\]([^\"]+?)\[\/url\]/is","$1",$text); $text = preg_replace("/\[url=(\w+?:\/\/[^\"]+?)\](.+?)\[\/url\]/is","$2",$text); $text = preg_replace("/\[url=([^\"]+?)\]([^\"]+?)\[\/url\]/is","$2",$text); $text = preg_replace("/\[url2=([^\"]+?)\](.+?)\[\/url2\]/is","$2",$text); $text = preg_replace("/\[email\](\S+?\@\S+?)\[\/email\]/is","$1",$text); $text = preg_replace("/\[email=(\S+?\@\S+?)\](.+?)\[\/email\]/is","$2",$text); $text = str_replace("[b]","",$text); $text = str_replace("[/b]","",$text); $text = str_replace("[i]","",$text); $text = str_replace("[/i]","",$text); $text = str_replace("[u]","",$text); $text = str_replace("[/u]","",$text); $text = str_replace("[s]","",$text); $text = str_replace("[/s]","",$text); $text = preg_replace("/\[font=([\w ]+?)\]/is","",$text); $text = preg_replace("/\[color=([#\w\d]+?)\]/is","",$text); $text = preg_replace("/\[size=(\d+?)\]/is","",$text); $text = str_replace("[/font]","",$text); $text = str_replace("[/color]","",$text); $text = str_replace("[/size]","",$text); $text = str_replace("[list]","",$text); if (!$GLOBALS['opt_imgtag']) { $text = preg_replace("/\[img\](.+?)\[\/img\]/is","",$text); $text = preg_replace("/\[img=(.+?)\]/is","",$text); } else { $text = preg_replace("/\[img\](\S+?)\[\/img\]/is","\"".MSG_image."\"",$text); $text = preg_replace("/\[img=(\S+?)\]/is","\"".MSG_image."\"",$text); } $text = preg_replace("/(
)?\[table(.*?)\](.*?)\[\/table\](
)?/ise","table_parse(\"$3\");",$text); $text = preg_replace("/<\/td>(\s*
\s*)+<",$text); $text = preg_replace("/<\/tr>(\s*
\s*)+<",$text); $text = preg_replace("/(\s*
\s*)+<",$text); $text = preg_replace("/(\s*
\s*)+<",$text); $text = preg_replace("/\[off\](.*?)\[\/off\]/is","
".MSG_offtopic.": $1
",$text); $text = preg_replace("/\[center\](.*?)\[\/center\]/is","
$1
",$text); $text = preg_replace("/\[right\](.*)\[\/right\]/is","
$1
",$text); $text = preg_replace("/\[translit\](.*)\[\/translit\]/esi","untransliterate(\"$1\")",$text); $text = preg_replace("/()/ise","check_img(\"$1\")",$text); if (!$html) $text = preg_replace("/()/ise","check_link(\"$1\")",$text); $text = preg_replace("/()/ise","\"
HACK ATTEMPT: \".htmlspecialchars(\"$1\").\"
\"",$text); $text = preg_replace("/\[hide=(\d+?)\](.*?)\[\/hide\]/esi","check_hidden($1,\"$2\")",$text); $text = preg_replace("/\[level=(\d+?)\](.*?)\[\/level\]/esi","check_level($1,\"$2\")",$text); preg_match_all("/\[code\](.*?)\[\/code\]/is",$text,$matches); foreach ($matches[1] as $curmatch) { $newcode=code_back($curmatch); $text=str_replace("[code]".$curmatch."[/code]",$newcode,$text); } } $text = str_replace("(c)","©",$text); $text = str_replace("(C)","©",$text); $text = str_replace("(r)","®",$text); $text = str_replace("(R)","®",$text); $text = str_replace("(tm)","™",$text); $text = str_replace("(TM)","™",$text); $text = str_replace(" -- "," — ",$text); } function sign_code(&$text) { if (strpos($text,"[")!==false) { $text = preg_replace("/\[br\]/","
",$text); $text = str_replace("[b]","",$text); $text = str_replace("[/b]","",$text); $text = str_replace("[i]","",$text); $text = str_replace("[/i]","",$text); $text = str_replace("[u]","",$text); $text = str_replace("[/u]","",$text); $text = str_replace("[s]","",$text); $text = str_replace("[/s]","",$text); $text = preg_replace("/\[font=([^<>]+?)\]/is","",$text); $text = preg_replace("/\[color=([^<>]+?)\]/is","",$text); $text = preg_replace("/\[size=([^<>]+?)\]/is","",$text); $text = str_replace("[/font]","",$text); $text = str_replace("[/color]","",$text); $text = str_replace("[/size]","",$text); $text = preg_replace("/\[url\](\w+?:\/\/[^\"]+?)\[\/url\]/is","
$1",$text); $text = preg_replace("/\[url\]([^\"]+?)\[\/url\]/is","$1",$text); $text = preg_replace("/\[url=(\w+?:\/\/[^\"]+?)\](.+?)\[\/url\]/is","$2",$text); $text = preg_replace("/\[url=([^\"]+?)\]([^\"]+?)\[\/url\]/is","$2",$text); $text = preg_replace("/\[url=(\S+?)\](.+?)\[\/url\]/is","$2",$text); $text = preg_replace("/\[email\]([\w\d.-]+?\@[\w\d.-]+?)\[\/email\]/is","$1",$text); $text = preg_replace("/\[email=([\w\d.-]+?\@[\w\d.-]+?)\](.+?)\[\/email\]/is","$2",$text); } $text = str_replace("(c)","©",$text); $text = str_replace("(C)","©",$text); $text = str_replace("(r)","®",$text); $text = str_replace("(R)","®",$text); $text = str_replace("(tm)","™",$text); $text = str_replace("(TM)","™",$text); if ($GLOBALS['opt_sigpics']) { $text = preg_replace("/\[img\](\S+?)\[\/img\]/is","",$text); $text = preg_replace("/\[img=(\S+?)\]/is","",$text); $text = preg_replace("/()/ise","check_img(\"$1\")",$text); $text = preg_replace("/(.*?<\/a>)/ise","check_link(\"$1\")",$text); } return $text; } function textout($text,$html,$bcode,$smiles,$tid=0,$pid=0) { if ($html) $text=nl2br($text); else $text=nl2br(htmlspecialchars($text)); $text=str_replace(""","\"",$text); addlinks($text); if ($smiles) smiles($text); if ($bcode) boardcode($text,$html,$tid,$pid); if ($hlight=getvar('hl')) { $hlight=preg_replace("/[.,:;\-\?()\\!+\-*]+/"," ",$hlight); $hls=explode(" ",$hlight); foreach ($hls as $curhl) { if ($curhl && strlen($curlh)>3) $text=preg_replace("|([ >.,:;\-?()\\!\"\]]+)($curhl\S*?)([ <.,:;\-?()\\!\"\[]+)|is","$1$2$3",$text); } } if ($text) { $count=preg_match_all("/]+?>(\S*?)<\/a>/is",$text,$matches); if ($count) foreach ($matches[1] as $curmatch) { if (strlen($curmatch)>60) $text=str_replace(">".$curmatch."<",">".substr($curmatch,0,30)."...".substr($curmatch,-10,10)."<",$text); } } if ($GLOBALS['action']=="do_print") { $text = preg_replace("/(.*?)<\/a>/is","$4 ($2)",$text); } $text=preg_replace("/&#(\d{3,4};)/is","&#$1",$text); return $text; } function build_avatar_select() { $dir=opendir($GLOBALS['opt_dir']."/avatars"); while ($curfile=readdir($dir)) if (!is_dir($GLOBALS['opt_dir']."/avatars/".$curfile)) $avatarselect.="