\\1', $buffer); $buffer = preg_replace('(\[i\](.*)\[/i\])s', '\\1', $buffer); $buffer = preg_replace('(\[red\](.*)\[/red\])s', '\\1', $buffer); $buffer = preg_replace('(\[green\](.*)\[/green\])s', '\\1', $buffer); $buffer = preg_replace('(\[blue\](.*)\[/blue\])s', '\\1', $buffer); $buffer = preg_replace('(\[purple\](.*)\[/purple\])s', '\\1', $buffer); $buffer = preg_replace('(\[yellow\](.*)\[/yellow\])s', '\\1', $buffer); $buffer = preg_replace('(%(.*)%)s', '&(37;\\1&)37;', $buffer); $buffer = preg_replace('(\n)', "
\n", $buffer); $buffer = preg_replace('(\r\n)', "
\n", $buffer); $buffer = preg_replace('(\r)', "
\n", $buffer); return htmlspecialchars($buffer); } /** control e-mail address * @param string $email e-mail address * * @return bool is right address syntax * * @copyright Jakub Vrána, http://php.vrana.cz */ function check_email($email) { $atom = '[-a-z0-9!#$%&\'*+/=?^_`{|}~]'; $domain = '[a-z0-9]([-a-z0-9]{0,61}[a-z0-9])'; return preg_match("(^$atom+(\\.$atom+)*@($domain?\\.)+$domain\$)i", $email); } /** control www address * @param string $url www address * * @return bool is right address syntax * * @copyright Jan Tojnar, http://jtojnar.php5.cz */ function check_url($url) { return preg_match('(^http[s]?://[-a-z0-9]*\.[-a-z0-9]+\.[a-z]+$)i', $url); } /** returns text of shoutboard * @param string $file page filename * * @return string shoutboard html * * @copyright Jan Tojnar, http://jtojnar.php5.cz/ */ function sboard_generate($file) { $sbnum = 0; $sbError = ''; $email = null; $hemail = null; ++$sbnum; $name = htmlspecialchars($_POST['name'] ?? ''); $www = htmlspecialchars($_POST['www'] ?? ''); $post = htmlspecialchars($_POST['post'] ?? ''); $ip = $_SERVER['REMOTE_ADDR'] ?? ''; $timestamp = date(rplc('%dateFormat%')); $formCaptchaSum = sha1($_POST['captcha'] ?? ''); $showmail = $_POST['showmail'] ?? ''; $checkedshowmailfalse = $showmail == 'false' ? ' checked="checked"' : ''; $checkedshowmailtrue = empty($showmail) ? ' checked="checked"' : ($showmail == 'true' ? ' checked="checked"' : ''); if ($showmail == 'true') { $email = htmlspecialchars($_POST['email'] ?? ''); } else { $hemail = htmlspecialchars($_POST['email'] ?? ''); } $formCaptchaSumPre = $_POST['captchasum'] ?? ''; $captcha = random_int(0, 9) . random_int(0, 9) . random_int(0, 9) . random_int(0, 9); $_SESSION['captcha'] = $captcha; $captchasum = sha1($captcha); //echo($timestamp); //echo($post); if (isset($_POST['post'])) { if (empty($post)) { $sbError .= '

' . '%misspost%' . "

\n"; } if (empty($name)) { $sbError .= '

' . '%missname%' . "

\n"; } if ($formCaptchaSumPre != $formCaptchaSum) { $sbError .= '

' . '%wrongcode%' . "

\n"; } if (!empty($email) && !check_email($email)) { $sbError .= '

' . '%wrongmail%' . "

\n"; } if (!empty($www) && !check_url($www)) { $sbError .= '

' . '%wrongwww%' . "

\n"; } if (empty($sbError)) { $sbmail = !empty($email) ? "{$email}\n" : (!empty($hemail) ? "{$hemail}" : ''); $sbwww = !empty($www) ? "{$www}\n" : ''; $post = bb2html($post); $write = <<

{$name} {$timestamp} {$ip} {$sbmail}{$sbwww}

{$post} EOT; $shoutfile = fopen($file . 'c' . $sbnum, 'a+'); chmod($file . 'c' . $sbnum, 0777); if (fwrite($shoutfile, $write)) { $sbError .= '

' . '%saved%' . "

\n"; unset($name,$email,$www,$captcha,$post,$ip,$timestamp,$formCaptchaSum,$formCaptchaSumPre,$captchasum,$sbname,$sbdate,$sbwww,$sbmail); fclose($shoutfile); } else { $sbError .= '

' . '%notsaved%' . "

\n"; } } } if (file_exists($file . 'c' . $sbnum)) { $comments = preg_replace('(([^<]+))', '', preg_replace('(([^<]+))', '', file_get_contents($file . 'c' . $sbnum))); } else { $comments = ''; } $form = $comments . "

" . (empty($sbError) ? '' : '

' . rplc($sbError) . '

') . <<

%name:% %req%
%email:%
%showmail%: %yes%%no%
%www:%

%message:% %req%: {$post}

%sbhelp%

EOT; return $form; }