\\1', $buffer); $buffer = preg_replace("#\[i\](.*)\[/i\]#D", '\\1', $buffer); $buffer = preg_replace("#\[red\](.*)\[/red\]#D", '\\1', $buffer); $buffer = preg_replace("#\[green\](.*)\[/green\]#D", '\\1', $buffer); $buffer = preg_replace("#\[blue\](.*)\[/blue\]#D", '\\1', $buffer); $buffer = preg_replace("#\[purple\](.*)\[/purple\]#D", '\\1', $buffer); $buffer = preg_replace("#\[yellow\](.*)\[/yellow\]#D", '\\1', $buffer); $buffer = preg_replace('/%(.*)%/D', '%\\1%', $buffer); $buffer = preg_replace("/\n/D", "
\n", $buffer); $buffer = preg_replace("/\r\n/D", "
\n", $buffer); $buffer = preg_replace("/\r/D", "
\n", $buffer); return htmlspecialchars($buffer); } /** control e-mail address. * @param string $email e-mail address * * @return bool is right address syntax * * @copyright Jakub Vrána, http://php.vrana.cz */ function check_email($email) { $atom = '[-a-z0-9!#$%&\'*+/=?^_`{|}~]'; $domain = '[a-z0-9]([-a-z0-9]{0,61}[a-z0-9])'; return eregi("^$atom+(\\.$atom+)*@($domain?\\.)+$domain\$", $email); } /** control www address. * @param string $url www address * * @return bool is right address syntax * * @copyright Jan Tojnar, http://jtojnar.php5.cz */ function check_url($url) { return preg_match("#^http[s]?://[-a-z0-9]*\.[-a-z0-9]+\.[a-z]+$#Di", $url); } /** returns text of shoutboard. * @param string $file page filename * * @return string shoutboard html * * @copyright Jan Tojnar, http://jtojnar.php5.cz/ */ function sboard_generate($file) { ++$sbnum; $name = htmlspecialchars($_POST['name']); $www = htmlspecialchars($_POST['www']); $post = htmlspecialchars($_POST['post']); $ip = $_SERVER['REMOTE_ADDR']; $timestamp = date(rplc('%dateFormat%')); $formCaptchaSum = sha1($_POST['captcha']); $showmail = $_POST['showmail']; $checkedshowmailfalse = $showmail == 'false' ? ' checked="checked"' : ''; $checkedshowmailtrue = empty($showmail) ? ' checked="checked"' : ($showmail == 'true' ? ' checked="checked"' : ''); if ($showmail == 'true') { $email = htmlspecialchars($_POST['email']); } else { $hemail = htmlspecialchars($_POST['email']); } $formCaptchaSumPre = $_POST['captchasum']; $captcha = random_int(0, 9) . random_int(0, 9) . random_int(0, 9) . random_int(0, 9); $_SESSION['captcha'] = $captcha; $captchasum = sha1($captcha); //echo($timestamp); //echo($post); if (isset($_POST['post'])) { if (empty($post)) { $sbError .= '

' . '%misspost%' . "

\n"; } if (empty($name)) { $sbError .= '

' . '%missname%' . "

\n"; } if ($formCaptchaSumPre != $formCaptchaSum) { $sbError .= '

' . '%wrongcode%' . "

\n"; } if (!empty($email) && !check_email($email)) { $sbError .= '

' . '%wrongmail%' . "

\n"; } if (!empty($www) && !check_url($www)) { $sbError .= '

' . '%wrongwww%' . "

\n"; } if (empty($sbError)) { $sbmail = !empty($email) ? "{$email}\n" : (!empty($hemail) ? "{$hemail}" : ''); $sbwww = !empty($www) ? "{$www}\n" : ''; $post = bb2html($post); $write = <<

{$name} {$timestamp} {$ip} {$sbmail}{$sbwww}

{$post} EOT; $shoutfile = fopen($file . 'c' . $sbnum, 'a+'); chmod($file . 'c' . $sbnum, 0777); if (fwrite($shoutfile, $write)) { $sbError .= '

' . '%saved%' . "

\n"; unset($name,$email,$www,$captcha,$post,$ip,$timestamp,$formCaptchaSum,$formCaptchaSumPre,$captchasum,$sbname,$sbdate,$sbwww,$sbmail); fclose($shoutfile); } else { $sbError .= '

' . '%notsaved%' . "

\n"; } } } if (file_exists($file . 'c' . $sbnum)) { $comments = preg_replace('#([^<]+)#D', '', preg_replace('#([^<]+)#D', '', file_get_contents($file . 'c' . $sbnum))); } else { $comments = ''; } $form = $comments . "

" . (empty($sbError) ? '' : '

' . rplc($sbError) . '

') . <<

%name:% %req%
%email:%
%showmail%: %yes%%no%
%www:%

%message:% %req%: {$post}

%sbhelp%

EOT; return $form; }