// * Typed in using the Dvorak keyboard layout. Look Mum! No QWERTY! // // ####### Licence: ############################################# // // 1. You may modify, mangle or use as you wish. // 2 You may not distribute this script to anyone. // 3. If you use this script, please visit // // and post in the shoutbox there. // 4. If you make any cool stylesheets, e-mail them brett@hotmail.com and he'll // make them available for others if you wish... // 5. Link to must be visible on pages // the shoutbox is on. You may move it from the current location, but it has // to be visible to all users. // 6. Do not claim you wrote this script, because Brett Taylor did. // (It was then modified by Christian Boisjoli.) // 7. Do not remove or modify this notice. So there. // 8. By using the script you agree to the terms of the licence. // 9. We accept no responsibility for damages, losses, or problems caused by the // script. It's supplied AS IS. // // NOTES TO PPL READING MY CODE: // 1. I know i could have written my functions better without the globals. // $brettscarefactor[1] = 0; // 2. Seperating Code from HTML? When I see a good example of how it's meant // to be done, i'll change it. But it's pretty good how it is now if you // ask me :) // $brettscarefactor[2] = 0; // 3. I am a New Zealander. I know no other verbal language (except maybe // l337sp33k), so my comments/vars/funcs/html are all in english. // $brettscarefactor[3] = 0; // 4. If you change anything, i'd love to see what you've done. Put your URL in // my shoutbox at so I can come look :) // $brettscarefactor[4] = 1; // - Brett require_once ("shoutboxconf.php"); require_once ("shoutboxsmileys.php"); require_once ("shoutbox_censor.php"); // *BOB* --- Sets the refresh URL to be the viewshoutbox.php script in the same dir as the shoutbox.php script // *BOB* --- This means that the user doesn't need to configure it. $page = $PHP_SELF; $c = strlen($page); while (substr($page,$c,1) <> "/") { $page = substr($page,0,$c); $c--; } $page .= "viewshoutbox.php"; // location to refresh to // SELECT ACTION TO PERFORM switch ($action) { case "show": // show current shouts showShouts(); break; case "add": // add form submissions addShouts(); break; case "deleteshout": // add form submissions if ($REMOTE_ADDR == getIP($timestamp)) { deleteShout($timestamp); $error = _PROCESS_DELETED; header ("Location: ".$page."?error=".$error."&showall=".$showall); } else { // there was an error, so lets send the fields back for them. $error = _PROCESS_DELETEFAILED; header ("Location: ".$page."?error=".$error."&showall=".$showall); } break; } // This adds a shout to the file function addShouts() { global $nick, $shout, $url, $page, $showall, $maxshoutlen, $lang; $defaultnick = trim(_FORM_NAME); $defaultshout = trim(_FORM_MESSAGE); $defaulturl = trim(_FORM_URL); $nick = trim($nick); $shout = trim($shout); $url = trim($url); # michel v was there :) /* $sbvars = array('defaultnick', 'defaultshout', 'defaulturl', 'nick', 'shout', 'url'); foreach ($sbvars as $sbvar) { $$sbvar = str_replace('<', '<', $$sbvar); $$sbvar = str_replace('>', '>', $$sbvar); if (stristr($sbvar, 'url')) { $$sbvar = eregi_replace('javascript:', 'iamsuchawannabehacker:', $$sbvar); } #if (!get_magic_quotes_gpc()) { # $$sbvar = addslashes($$sbvar); #} } */ $url = eregi_replace('javascript:', 'iamsuchawannabehacker:', $url); if ($url == $defaulturl || $url=="") { unset($url); }; if (isset($url) && !strstr($url,"http://")) {$error = _PROCESS_INVALIDURL;} // invalid url if (!isset($shout) || $shout == $defaultshout || $shout == "") {$error = _PROCESS_INVALIDMSG;} // invalid msg if (!isset($nick)|| $nick == $defaultnick || $nick=="") {$error = _PROCESS_INVALIDNAME;} // invalid name if ($checkurl) { if (!@fopen($url,"r")) { $error = _PROCESS_URLFAILED; } } // if url doesn't exist if (strlen($shout) > $maxshoutlen) { $error = _PROCESS_TOOLONG; // too long $shout = substr($shout,0,$maxshoutlen); } if (isFlooding() >= 3) { $error .= _PROCESS_FLOODING; } // Quick dirty fix. $nick = str_replace(array("\r\n","\r","\n"), " ", $nick); $shout = str_replace(array("\r\n","\r","\n"), " ", $shout); $url = str_replace(array("\r\n","\r","\n"), " ", $url); if (!isset($error)) { // check for null or default posts //$nick = htmlspecialchars($nick,ENT_QUOTES); //$shout = htmlspecialchars($shout,ENT_QUOTES); //$url = htmlspecialchars($url,ENT_QUOTES); writeShouts ($nick, $shout, $url); // calls from selected module // we're clear!, so lets get back shall we? // *BOB* --- Set the users nick and url in a cookie for next time: setcookie("shoutinfo","$nick|$url",2147483647); header ("Location: ".$page."?showall=".$showall); } else { // there was an error, so lets send the fields back for them. header ("Location: ".$page."?error=".$error."&nick=".$nick."&shout=".$shout."&url=".$url."&showall=".$showall); } } // This displays the shouts function showShouts () { global $showamount, $linelength, $direction, $showall, $censormode, $emoticons, $emoticon_theme, $emoticon_text, $REMOTE_ADDR, $lang, $deletetime; $count=0; $colour=0; // used to change the backgrounh colours $shoutcount = countShouts(); // called from database module $start = $shoutcount - $showamount; if ($showall == TRUE) { // if we're to show everything, actually only show the last 400 $start = $shoutcount - 400; } if ($start<0) { $start=0; } //echo $start.", ".($shoutcount-$start).", ".$showamount."
" ; $urlchecks[] = "http://"; $urlchecks[] = "ftp://"; $urlchecks[] = "https://"; $records = getShouts($start, $shoutcount, $direction); for ($count=0;$count!=count($records);$count++) { $shouts=$records[$count]; unset($url); if (trim($shouts['nick'])!="" && trim($shouts['shout'])!="" && trim($shouts['time'])!="") { $nick = wordwrap($shouts['nick'],$linelength,"
",1); $ex_shout=explode(" ",$shouts['shout']); for ($value=0;$value",1); $ex_shout[$value] = htmlspecialchars($ex_shout[$value],ENT_QUOTES); if ($foundurl != "") { $ex_shout[$value] = "".$ex_shout[$value].""; } } $shout = implode(" ",$ex_shout); $shout = str_replace("<br>","
",$shout); if ($emoticons == "TRUE") { $shout = parseEmoticons($shout, $emoticon_theme, $emoticon_text); } if ($censormode == "TRUE") { $shout = parseCensorship($shout); } $date = formatDate($shouts['time']); if ($colour==0) {$colour=1;} else {$colour=0;} // ########## LAYOUT HERE! ########### if (strstr($shouts['url'],"http://")) { $url = processLink($nick,$shouts['url']); } else { $url = processNoLink($nick); } if (($shouts['ipaddress'] == $REMOTE_ADDR) && ($shouts['time'] > time()-$deletetime)) { // $shout = processDeleteLink($shout, $shouts['time']); } echo outputShout($url,$nick,$shout,$date,$colour,$count); // ########################################## } } // end for } // end showShouts() function isFlooding() { global $REMOTE_ADDR, $floodtime; $countshouts = countShouts(); $records = getShouts($countshouts-3,$countshouts,1); $floodcount = 0; if (count($records)>0) { foreach ($records as $shouts) { if ( ($shouts['ipaddress'] == $REMOTE_ADDR) && ($shouts['time'] > time()-$floodtime) ) { // $floodcount++; } } } return ($floodcount); } require_once ("shoutbox_cookies.php"); ?>