- <?php
- /**
- * @package uForum
- * @file includes/classes/secure.php
- * @version $Id$
- * @copyright 2007-2010 (c) PioDer <pioder@wp.pl>
- * @link http://www.pioder.pl/
- * @license see LICENSE.txt
- **/
- if ( !defined('IN_uF') )
- {
- die('Hacking attempt');
- }
- class Secure
- {
- function forum_exists($fid)
- {
- global $lng;
- $sql = "SELECT * FROM ".FORUMS_TABLE." WHERE f_id='$fid'";
- $query = DataBase::sql_query($sql,GENERAL,'Could not obtain forum information.');
- $result = DataBase::fetch($query);
- $result = $result['f_id'];
- if ($result=='')
- {
- message_forum($lng['no_forum'],'index.php');
- }
- }
- function UseCensorList($text)
- {
- global $forum_config;
- if ($forum_config['use_censorlist'])
- {
- $sql = "SELECT * FROM ".CENSORLIST_TABLE.";";
- $query = DataBase::sql_query($sql,GENERAL,'Could not obtain censorlist information.');
- while($word = DataBase::fetch($query))
- {
- $text = str_replace($word['word'],$word['replace'], $text);
- }
- }
- return $text;
- }
- function generate_code()
- {
- $number = array(
- 1 => 1,
- 2 => 2,
- 3 => 4,
- 4 => 6,
- 5 => 10,
- 6 => 20,
- 7 => 30,
- 8 => 40,
- 9 => 50,
- 10 => 60,
- 11 => 70,
- 12 => 80,
- 13 => 90,
- 14 => 100
- );
- $first_id = rand(1,14);
- $second_id = rand(1,14);
- $first_num = $number[$first_id];
- $second_num = $number[$second_id];
- return array($first_num, $second_num, ($first_num + $second_num));
- }
-
- function message_u_exists($mid)
- {
- global $lng;
- $sql = "SELECT * FROM ".PM_INBOX_TABLE." WHERE m_id='$mid'";
- $query = DataBase::sql_query($sql,GENERAL,'Could not obtain user information.');
- $result = DataBase::fetch($query);
- $result = $result['m_id'];
- if ($result=='')
- {
- message_forum($lng['no_message'],'pms.php');
- }
- }
- function message_author_loged($mid)
- {
- global $lng;
- $sql = "SELECT * FROM ".PM_SENTBOX_TABLE." WHERE m_id='$mid'";
- $query = DataBase::sql_query($sql,GENERAL,'Could not obtain user information.');
- $result = DataBase::fetch($query);
- $result = $result['u_n_id'];
- if ($result!=$_SESSION['uid'])
- {
- message_forum($lng['merror_1'],'index.php');
- }
- }
- function message_user_loged($mid)
- {
- global $lng;
- $sql = "SELECT * FROM ".PM_INBOX_TABLE." WHERE m_id='$mid'";
- $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain user information.'));
- $result = $result['u_id'];
- if ($result!=$_SESSION['uid'])
- {
- message_forum($lng['merror_2'],'index.php');
- }
- }
- function message_a_exists($mid)
- {
- global $lng;
- $sql = "SELECT * FROM ".PM_SENTBOX_TABLE." WHERE m_id='$mid'";
- $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain user information.'));
- $result = $result['m_id'];
- if ($result=='')
- {
- message_forum($lng['no_message'],'index.php');
- }
- }
- function topic_exists($tid)
- {
- global $lng;
- $sql = "SELECT * FROM `".TOPICS_TABLE."` WHERE `t_id`='$tid'";
- $query = DataBase::sql_query($sql,GENERAL,'Could not obtain topic information.');
- $result = DataBase::fetch($query);
- $result = $result['t_id'];
- if ($result=='')
- {
- message_forum($lng['no_topic'],'index.php');
- }
- }
- function post_exists($pid)
- {
- global $lng;
- $sql = "SELECT * FROM ".POSTS_TABLE." WHERE p_id='$pid'";
- $query = DataBase::sql_query($sql,GENERAL,'Could not obtain topic information.');
- $result = DataBase::fetch($query);
- $result = $result['p_id'];
- if ($result=='')
- {
- message_forum($lng['no_post'],'pms.php');
- }
- }
- function user_exists($uid)
- {
- global $lng;
- $sql = "SELECT * FROM ".USERS_TABLE." WHERE u_id='$uid'";
- $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain user information.'));
- $result = $result['u_id'];
- if (($result=='') or ($result=='-1'))
- {
- message_forum($lng['no_user'],'index.php');
- }
- }
- function group_exists($gid)
- {
- global $lng;
- if ($gid != 'mods' || $gid!='admins')
- {
- $sql = "SELECT `g_id` FROM `".GROUPS_TABLE."` WHERE g_id='$gid'";
- $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain group information.'));
- $result = $result['g_id'];
- if ($result=='')
- {
- message_forum($lng['no_group'],'groups.php');
- }
- }
- }
- function TagsReplace($text)
- {
- $text = strip_tags($text,ALLOWED_TAGS);
- $text = str_replace('?>', '?>', $text);
- $text = str_replace('<?', '<?', $text);
- $text = str_replace('javascript:', '', $text);
- $text = Secure::UseCensorlist($text);
- $text = Post::SmilesReplace($text);
- return $text;
- }
- function TopicLocked($tid)
- {
- global $lng;
- $sql = "SELECT `f_id`,`lock` FROM `".TOPICS_TABLE."` WHERE `t_id`='$tid'";
- $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain topic information'));
- $fid = $result['f_id'];
- $sql2 = "SELECT `lock` FROM `".FORUMS_TABLE."` WHERE `f_id`='$fid'";
- $result2 = DataBase::fetch(DataBase::sql_query($sql2,GENERAL,'Could not obtain forum information'));
- if (($result['lock']=='1') or ($result2['lock']=='1'))
- {
- message_forum($lng['no_posting_topic_locked'],'topic.php?t='.$tid);
- }
- }
- function ForumLocked($fid)
- {
- global $lng;
- $sql = "SELECT `lock` FROM `".FORUMS_TABLE."` WHERE `f_id`='$fid'";
- $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain forum information'));
- if ($result['lock']=='1')
- {
- message_forum($lng['no_posting_forum_locked'],'forum.php?f='.$fid);
- }
- }
- }
- ?>
|