* @link http://pioder.gim2przemysl.int.pl/ * @license GNU GPL v3 **/ if ( !defined('IN_uF') ) { die('Hacking attempt'); } class Secure { function forum_exists($fid) { global $lng; $sql = "SELECT * FROM ".FORUMS_TABLE." WHERE f_id='$fid'"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain forum information.'); $result = DataBase::fetch($query); $result = $result['f_id']; if ($result=='') { message_forum($lng['no_forum'],'index.php'); } } function UseCensorList($text) { global $forum_config; if ($forum_config['use_censorlist']) { $sql = "SELECT * FROM ".CENSORLIST_TABLE.";"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain censorlist information.'); while($word = DataBase::fetch($query)) { $text = str_replace($word['word'],'[censored]', $text); } } return $text; } function generate_code() { $number = array( 1 => 1, 2 => 2, 3 => 4, 4 => 6, 5 => 10, 6 => 20, 7 => 30, 8 => 40, 9 => 50, 10 => 60, 11 => 70, 12 => 80, 13 => 90, 14 => 100 ); $first_id = rand(1,14); $second_id = rand(1,14); $first_num = $number[$first_id]; $second_num = $number[$second_id]; return array($first_num, $second_num, ($first_num + $second_num)); } function message_u_exists($mid) { global $lng; $sql = "SELECT * FROM ".PM_INBOX_TABLE." WHERE m_id='$mid'"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain user information.'); $result = DataBase::fetch($query); $result = $result['m_id']; if ($result=='') { message_forum($lng['no_message'],'pms.php'); } } function message_author_loged($mid) { global $lng; $sql = "SELECT * FROM ".PM_SENTBOX_TABLE." WHERE m_id='$mid'"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain user information.'); $result = DataBase::fetch($query); $result = $result['u_n_id']; if ($result!=$_SESSION['uid']) { message_forum($lng['merror_1'],'index.php'); } } function message_user_loged($mid) { global $lng; $sql = "SELECT * FROM ".PM_INBOX_TABLE." WHERE m_id='$mid'"; $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain user information.')); $result = $result['u_id']; if ($result!=$_SESSION['uid']) { message_forum($lng['merror_2'],'index.php'); } } function message_a_exists($mid) { global $lng; $sql = "SELECT * FROM ".PM_SENTBOX_TABLE." WHERE m_id='$mid'"; $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain user information.')); $result = $result['m_id']; if ($result=='') { message_forum($lng['no_message'],'index.php'); } } function topic_exists($tid) { global $lng; $sql = "SELECT * FROM `".TOPICS_TABLE."` WHERE `t_id`='$tid'"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain topic information.'); $result = DataBase::fetch($query); $result = $result['t_id']; if ($result=='') { message_forum($lng['no_topic'],'index.php'); } } function post_exists($pid) { global $lng; $sql = "SELECT * FROM ".POSTS_TABLE." WHERE p_id='$pid'"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain topic information.'); $result = DataBase::fetch($query); $result = $result['p_id']; if ($result=='') { message_forum($lng['no_post'],'pms.php'); } } function user_exists($uid) { global $lng; $sql = "SELECT * FROM ".USERS_TABLE." WHERE u_id='$uid'"; $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain user information.')); $result = $result['u_id']; if (($result=='') or ($result=='-1')) { message_forum($lng['no_user'],'index.php'); } } function group_exists($gid) { global $lng; $sql = "SELECT `g_id` FROM `".GROUPS_TABLE."` WHERE g_id='$gid'"; $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain group information.')); $result = $result['g_id']; if ($result=='') { message_forum($lng['no_group'],'groups.php'); } } function TagsReplace($text) { $text = strip_tags($text,ALLOWED_TAGS); $text = str_replace('?>', '?>', $text); $text = str_replace('