danwin1210/le-chat-php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: danwin1210:v1.1
Branches Tags
danwin1210:master
danwin1210:v1.24.1 danwin1210:v1.24 danwin1210:v1.23.7 danwin1210:v1.23.6 danwin1210:v1.23.5 danwin1210:v1.23.4 danwin1210:v1.23.3 danwin1210:v1.23.2 danwin1210:v1.23.1 danwin1210:v1.23 danwin1210:v1.22.1 danwin1210:v1.22 danwin1210:v1.21 danwin1210:v1.20.6 danwin1210:v1.20.5 danwin1210:v1.20.4 danwin1210:v1.20.3 danwin1210:v1.20.2 danwin1210:v1.20.1 danwin1210:v1.20 danwin1210:v1.19.2 danwin1210:v1.19.1 danwin1210:v1.19 danwin1210:v1.18 danwin1210:v1.17 danwin1210:v1.16.4 danwin1210:v1.16.3 danwin1210:v1.16.2 danwin1210:v1.16.1 danwin1210:v1.16 danwin1210:v1.15.3 danwin1210:v1.15.2 danwin1210:v1.15.1 danwin1210:v1.15 danwin1210:v1.14.1 danwin1210:v1.14 danwin1210:v1.13.1 danwin1210:v1.13 danwin1210:v1.12.3 danwin1210:v1.12.2 danwin1210:v1.12.1 danwin1210:v1.12 danwin1210:v1.11.2 danwin1210:v1.11.1 danwin1210:v1.11 danwin1210:v1.10 danwin1210:v1.9.2 danwin1210:v1.9.1 danwin1210:v1.9 danwin1210:v1.8 danwin1210:v1.7 danwin1210:v1.6 danwin1210:v1.5 danwin1210:v1.4 danwin1210:v1.3 danwin1210:v1.2 danwin1210:v1.1 danwin1210:v1.0
...
compare: danwin1210:v1.5
Branches Tags
danwin1210:master
danwin1210:v1.24.1 danwin1210:v1.24 danwin1210:v1.23.7 danwin1210:v1.23.6 danwin1210:v1.23.5 danwin1210:v1.23.4 danwin1210:v1.23.3 danwin1210:v1.23.2 danwin1210:v1.23.1 danwin1210:v1.23 danwin1210:v1.22.1 danwin1210:v1.22 danwin1210:v1.21 danwin1210:v1.20.6 danwin1210:v1.20.5 danwin1210:v1.20.4 danwin1210:v1.20.3 danwin1210:v1.20.2 danwin1210:v1.20.1 danwin1210:v1.20 danwin1210:v1.19.2 danwin1210:v1.19.1 danwin1210:v1.19 danwin1210:v1.18 danwin1210:v1.17 danwin1210:v1.16.4 danwin1210:v1.16.3 danwin1210:v1.16.2 danwin1210:v1.16.1 danwin1210:v1.16 danwin1210:v1.15.3 danwin1210:v1.15.2 danwin1210:v1.15.1 danwin1210:v1.15 danwin1210:v1.14.1 danwin1210:v1.14 danwin1210:v1.13.1 danwin1210:v1.13 danwin1210:v1.12.3 danwin1210:v1.12.2 danwin1210:v1.12.1 danwin1210:v1.12 danwin1210:v1.11.2 danwin1210:v1.11.1 danwin1210:v1.11 danwin1210:v1.10 danwin1210:v1.9.2 danwin1210:v1.9.1 danwin1210:v1.9 danwin1210:v1.8 danwin1210:v1.7 danwin1210:v1.6 danwin1210:v1.5 danwin1210:v1.4 danwin1210:v1.3 danwin1210:v1.2 danwin1210:v1.1 danwin1210:v1.0

5 Commits
v1.1 ... v1.5

Author SHA1 Message Date
Daniel Winzen
bb4ca51db8 Added incognito mode 2015-04-20 18:09:03 +02:00
Daniel Winzen
92643bad03 Various changes and additions 2015-04-10 08:53:07 +02:00
Daniel Winzen
be34272e1b Bugfixes on logout and kicking 2015-04-04 20:36:50 +02:00
Daniel Winzen
e6265ba296 Moved rules to database to make changes more easily in the setup 2015-04-02 18:19:36 +02:00
Daniel Winzen
8bf25230f2 Include letters when generating captchas not only numbers 2015-04-02 16:37:11 +02:00
6 changed files with 189 additions and 127 deletions
Expand all files Collapse all files

13
CHANGELOG
View File

@ -1,3 +1,16 @@
Version 1.5 - Apr. 20, 2015
Added incognito mode
Version 1.4 - Apr. 10, 2015
Various changes and additions
Version 1.3 - Apr. 4, 2015
Bugfixes on logout and kicking
Version 1.2 - Apr. 2, 2015
Include letters when generating captchas not only numbers
Moved rules to database to make changes more easily in the setup
Version 1.1 - Apr. 2, 2015 Version 1.1 - Apr. 2, 2015
Some simplifications Some simplifications
Added ignore feature Added ignore feature

1
README
View File

@ -60,6 +60,7 @@ Then copy the script to your web-server directory and call the script in your br
http://(server)/(script-name).php?action=setup http://(server)/(script-name).php?action=setup
Now you can create the Superadmin account. With this account you can administer the chat and add new members and set the guest access. Now you can create the Superadmin account. With this account you can administer the chat and add new members and set the guest access.
As soon as you are done with the setup, all necessary database tables will be created and the chat can be used. As soon as you are done with the setup, all necessary database tables will be created and the chat can be used.
Note: If you updated the script, please visit http://(server)/(script-name).php?action=setup again, to make sure, that any database changes are applied and no errors occure.
TRANSLATING: TRANSLATING:

1
README.md
View File

@ -45,6 +45,7 @@ Then copy the script to your web-server directory and call the script in your br
http://(server)/(script-name).php?action=setup http://(server)/(script-name).php?action=setup
Now you can create the Superadmin account. With this account you can administer the chat and add new members and set the guest access. Now you can create the Superadmin account. With this account you can administer the chat and add new members and set the guest access.
As soon as you are done with the setup, all necessary database tables will be created and the chat can be used. As soon as you are done with the setup, all necessary database tables will be created and the chat can be used.
Note: If you updated the script, please visit http://(server)/(script-name).php?action=setup again, to make sure, that any database changes are applied and no errors occure.
Translating: Translating:
------------ ------------

287
chat.php
View File

@ -55,9 +55,9 @@ if(!isSet($_REQUEST['action'])){
}elseif($_REQUEST['action']=='post'){ }elseif($_REQUEST['action']=='post'){
check_session(); check_session();
if(isSet($_REQUEST['kick']) && isSet($_REQUEST['sendto']) && valid_nick($_REQUEST['sendto'])){ if(isSet($_REQUEST['kick']) && isSet($_REQUEST['sendto']) && valid_nick($_REQUEST['sendto'])){
if($U['status']>=5 || ($countmods==0 && $U['status']>=3)){ if($U['status']>=5 || ($C['memkick'] && $countmods==0 && $U['status']>=3)){
kick_chatter(array($_REQUEST['sendto']), $_REQUEST['message']); if(isSet($_REQUEST['what']) && $_REQUEST['what']=='purge') kick_chatter(array($_REQUEST['sendto']), $_REQUEST['message'], true);
if(isSet($_REQUEST['what']) && $_REQUEST['what']=='purge') del_all_messages($_REQUEST['sendto']); else kick_chatter(array($_REQUEST['sendto']), $_REQUEST['message'], false);
} }
}elseif(isSet($_REQUEST['message']) && isSet($_REQUEST['sendto']) && !preg_match('/^\s*$/',$_REQUEST['message'])){ }elseif(isSet($_REQUEST['message']) && isSet($_REQUEST['sendto']) && !preg_match('/^\s*$/',$_REQUEST['message'])){
validate_input(); validate_input();
@ -108,12 +108,8 @@ if(!isSet($_REQUEST['action'])){
send_admin(); send_admin();
}elseif($_REQUEST['do']=='kick'){ }elseif($_REQUEST['do']=='kick'){
if(!isSet($_REQUEST['name'])) send_admin(); if(!isSet($_REQUEST['name'])) send_admin();
kick_chatter($_REQUEST['name'], $_REQUEST['kickmessage']); if(isSet($_REQUEST['what']) && $_REQUEST['what']=='purge') kick_chatter($_REQUEST['name'], $_REQUEST['kickmessage'], true);
if(isSet($_REQUEST['what']) && $_REQUEST['what']=='purge'){ else kick_chatter($_REQUEST['name'], $_REQUEST['kickmessage'], false);
foreach($_REQUEST['name'] as $name){
del_all_messages($name);
}
}
send_admin(); send_admin();
}elseif($_REQUEST['do']=='logout'){ }elseif($_REQUEST['do']=='logout'){
if(!isSet($_REQUEST['name'])) send_admin(); if(!isSet($_REQUEST['name'])) send_admin();
@ -162,6 +158,11 @@ if(!isSet($_REQUEST['action'])){
} }
}elseif($_REQUEST['do']=='messages'){ }elseif($_REQUEST['do']=='messages'){
update_messages(); update_messages();
}elseif($_REQUEST['do']=='rules'){
$_REQUEST['rulestxt']=preg_replace("/\r\n/", '<br>', $_REQUEST['rulestxt']);
$_REQUEST['rulestxt']=preg_replace("/\n/", '<br>', $_REQUEST['rulestxt']);
$_REQUEST['rulestxt']=preg_replace("/\r/", '<br>', $_REQUEST['rulestxt']);
update_setting('rulestxt', $_REQUEST['rulestxt']);
} }
send_setup(); send_setup();
}elseif($_REQUEST['action']=='init'){ }elseif($_REQUEST['action']=='init'){
@ -243,42 +244,56 @@ function send_redirect(){
} }
} }
function send_captcha($code){ function send_captcha(){
global $C; global $C, $I, $mysqli;
$length=strlen($C['captchachars']);
$code='';
for($i=0;$i<5;$i++) {
$code .= $C['captchachars'][rand(0, $length-1)];
}
$randid=rand(0, 99999999);
$enc=base64_encode(openssl_encrypt("$code, $randid", 'aes-128-cbc', $C['captchapass'], 0, '1234567890123456'));
$stmt=mysqli_prepare($mysqli, 'INSERT INTO `captcha` (`id`, `time`) VALUES (?, \''.time().'\')');
mysqli_stmt_bind_param($stmt, 'd', $randid);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$im=imagecreatetruecolor(55, 24); $im=imagecreatetruecolor(55, 24);
$bg=imagecolorallocate($im, 0, 0, 0); $bg=imagecolorallocate($im, 0, 0, 0);
$fg=imagecolorallocate($im, 255, 255, 255); $fg=imagecolorallocate($im, 255, 255, 255);
imagefill($im, 0, 0, $bg); imagefill($im, 0, 0, $bg);
imagestring($im, 5, 5, 5, $code, $fg); imagestring($im, 5, 5, 5, $code, $fg);
echo "<tr><td align=\"left\">$I[copy]";
echo '<img width="55" height="24" src="data:image/gif;base64,';
ob_start(); ob_start();
imagegif($im); imagegif($im);
imagedestroy($im); imagedestroy($im);
return '<img width="55" height="24" src="data:image/gif;base64,'.base64_encode(ob_get_clean()).'">'; echo base64_encode(ob_get_clean()).'">';
echo '</td><td align="right">'.hidden('challenge', $enc).'<input type="text" name="captcha" size="15" autocomplete="off"></td></tr>';
} }
function send_setup(){ function send_setup(){
global $H, $I, $mysqli, $C; global $H, $I, $mysqli, $C, $U;
$ga=get_setting('guestaccess'); $ga=get_setting('guestaccess');
print_start(); print_start();
echo "<center><h2>$I[setup]</h2><table cellspacing=\"0\">"; echo "<center><h2>$I[setup]</h2><table cellspacing=\"0\">";
thr(); thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[guestacc]</b></td><td align=\"right\">"; echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[guestacc]</b></td><td align=\"right\">";
echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'guestaccess').hidden('nick', $_REQUEST['nick']).hidden('pass', $_REQUEST['pass'])."<table cellspacing=\"0\">"; echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'guestaccess').hidden('session', $U['session']).'<table cellspacing="0">';
echo "<tr><td align=\"left\">&nbsp;<input type=\"radio\" name=\"set\" id=\"set1\" value=\"1\""; echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set1" value="1"';
if($ga==1) echo " checked"; if($ga==1) echo ' checked';
echo "><label for=\"set1\">&nbsp;$I[guestallow]</label></td><td>&nbsp;</td><tr>"; echo "><label for=\"set1\">&nbsp;$I[guestallow]</label></td><td>&nbsp;</td><tr>";
echo "<tr><td align=\"left\">&nbsp;<input type=\"radio\" name=\"set\" id=\"set2\" value=\"2\""; echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set2" value="2"';
if($ga==2) echo " checked"; if($ga==2) echo ' checked';
echo "><label for=\"set2\">&nbsp;$I[guestwait]</label></td><td>&nbsp;</td><tr>"; echo "><label for=\"set2\">&nbsp;$I[guestwait]</label></td><td>&nbsp;</td><tr>";
echo "<tr><td align=\"left\">&nbsp;<input type=\"radio\" name=\"set\" id=\"set3\" value=\"3\""; echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set3" value="3"';
if($ga==3) echo " checked"; if($ga==3) echo ' checked';
echo "><label for=\"set3\">&nbsp;$I[adminallow]</label></td><td>&nbsp;</td><tr>"; echo "><label for=\"set3\">&nbsp;$I[adminallow]</label></td><td>&nbsp;</td><tr>";
echo "<tr><td align=\"left\">&nbsp;<input type=\"radio\" name=\"set\" id=\"set0\" value=\"0\""; echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set0" value="0"';
if($ga==0) echo " checked"; if($ga==0) echo ' checked';
echo "><label for=\"set0\">&nbsp;$I[guestdisallow]</label></td><td>&nbsp;</td></tr><tr><td>&nbsp;</td><td align=\"right\">".submit($I['change'])."</td></tr></table></form></td></tr></table></td></tr>"; echo "><label for=\"set0\">&nbsp;$I[guestdisallow]</label></td><td>&nbsp;</td></tr><tr><td>&nbsp;</td><td align=\"right\">".submit($I['change']).'</td></tr></table></form></td></tr></table></td></tr>';
thr(); thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[sysmessages]</b></td><td align=\"right\">"; echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[sysmessages]</b></td><td align=\"right\">";
echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'messages').hidden('nick', $_REQUEST['nick']).hidden('pass', $_REQUEST['pass'])."<table cellspacing=\"0\">"; echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'messages').hidden('session', $U['session']).'<table cellspacing="0">';
echo "<tr><td>&nbsp;$I[msgenter]</td><td>&nbsp;<input type=\"text\" name=\"msgenter\" value=\"".get_setting('msgenter').'"></td></tr>'; echo "<tr><td>&nbsp;$I[msgenter]</td><td>&nbsp;<input type=\"text\" name=\"msgenter\" value=\"".get_setting('msgenter').'"></td></tr>';
echo "<tr><td>&nbsp;$I[msgexit]</td><td>&nbsp;<input type=\"text\" name=\"msgexit\" value=\"".get_setting('msgexit').'"></td></tr>'; echo "<tr><td>&nbsp;$I[msgexit]</td><td>&nbsp;<input type=\"text\" name=\"msgexit\" value=\"".get_setting('msgexit').'"></td></tr>';
echo "<tr><td>&nbsp;$I[msgmemreg]</td><td>&nbsp;<input type=\"text\" name=\"msgmemreg\" value=\"".get_setting('msgmemreg').'"></td></tr>'; echo "<tr><td>&nbsp;$I[msgmemreg]</td><td>&nbsp;<input type=\"text\" name=\"msgmemreg\" value=\"".get_setting('msgmemreg').'"></td></tr>';
@ -289,7 +304,12 @@ function send_setup(){
echo "<tr><td>&nbsp;$I[msgclean]</td><td>&nbsp;<input type=\"text\" name=\"msgclean\" value=\"".get_setting('msgclean').'"></td></tr>'; echo "<tr><td>&nbsp;$I[msgclean]</td><td>&nbsp;<input type=\"text\" name=\"msgclean\" value=\"".get_setting('msgclean').'"></td></tr>';
echo '<tr><td>&nbsp;</td><td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>'; echo '<tr><td>&nbsp;</td><td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>';
thr(); thr();
echo "</table><$H[form]>".hidden('action', 'setup').submit($I['logout']).'</form>'; echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[rules]</b></td><td align=\"right\">";
echo "<$H[form]>".hidden('action', 'setup').hidden('do', 'rules').hidden('session', $U['session']).'<table cellspacing="0">';
echo '<tr><td colspan=2><textarea name="rulestxt" rows="4" cols="60">'.htmlspecialchars(get_setting('rulestxt')).'</textarea></td></tr>';
echo '<tr><td>&nbsp;</td><td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "</table><$H[form]>".hidden('action', 'logout').hidden('session', $U['session']).submit($I['logout']).'</form>';
print_credits(); print_credits();
print_end(); print_end();
} }
@ -317,11 +337,12 @@ function send_update(){
} }
function send_alogin(){ function send_alogin(){
global $H, $I; global $H, $I, $C;
print_start(); print_start();
echo "<center><$H[form]>".hidden('action', 'setup').'<table>'; echo "<center><$H[form]>".hidden('action', 'setup').'<table>';
echo "<tr><td align=\"left\">$I[nick]</td><td><input type=\"text\" name=\"nick\" size=\"15\"></td></tr>"; echo "<tr><td align=\"left\">$I[nick]</td><td><input type=\"text\" name=\"nick\" size=\"15\"></td></tr>";
echo "<tr><td align=\"left\">$I[pass]</td><td><input type=\"password\" name=\"pass\" size=\"15\"></td></tr>"; echo "<tr><td align=\"left\">$I[pass]</td><td><input type=\"password\" name=\"pass\" size=\"15\"></td></tr>";
if($C['enablecaptcha']) send_captcha();
echo "<tr><td colspan=\"2\" align=\"right\">".submit($I['login']).'</td></tr></table></form>'; echo "<tr><td colspan=\"2\" align=\"right\">".submit($I['login']).'</td></tr></table></form>';
print_credits(); print_credits();
print_end(); print_end();
@ -608,10 +629,10 @@ function send_waiting_room(){
setcookie($C['cookiename'], false); setcookie($C['cookiename'], false);
send_error($I['expire']); send_error($I['expire']);
} }
$stmt=mysqli_prepare($mysqli, 'SELECT `session`, `nickname`, `displayname`, `status`, `refresh`, `fontinfo`, `style`, `lastpost`, `passhash`, `postid`, `boxwidth`, `boxheight`, `useragent`, `kickmessage`, `bgcolour`, `notesboxheight`, `notesboxwidth`, `entry`, `timestamps`, `embed` FROM `sessions` WHERE `session`=?'); $stmt=mysqli_prepare($mysqli, 'SELECT `session`, `nickname`, `displayname`, `status`, `refresh`, `fontinfo`, `style`, `lastpost`, `passhash`, `postid`, `boxwidth`, `boxheight`, `useragent`, `kickmessage`, `bgcolour`, `notesboxheight`, `notesboxwidth`, `entry`, `timestamps`, `embed`, `incognito` FROM `sessions` WHERE `session`=?');
mysqli_stmt_bind_param($stmt, 's', $_REQUEST['session']); mysqli_stmt_bind_param($stmt, 's', $_REQUEST['session']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $U['session'], $U['nickname'], $U['displayname'], $U['status'], $U['refresh'], $U['fontinfo'], $U['style'], $U['lastpost'], $U['passhash'], $U['postid'], $U['boxwidth'], $U['boxheight'], $U['useragent'], $U['kickmessage'], $U['bgcolour'], $U['notesboxheight'], $U['notesboxwidth'], $U['entry'], $U['timestamps'], $U['embed']); mysqli_stmt_bind_result($stmt, $U['session'], $U['nickname'], $U['displayname'], $U['status'], $U['refresh'], $U['fontinfo'], $U['style'], $U['lastpost'], $U['passhash'], $U['postid'], $U['boxwidth'], $U['boxheight'], $U['useragent'], $U['kickmessage'], $U['bgcolour'], $U['notesboxheight'], $U['notesboxwidth'], $U['entry'], $U['timestamps'], $U['embed'], $U['incognito']);
if(mysqli_stmt_fetch($stmt)) add_user_defaults(); if(mysqli_stmt_fetch($stmt)) add_user_defaults();
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
if(!isSet($U['session'])){ if(!isSet($U['session'])){
@ -647,7 +668,7 @@ function send_waiting_room(){
echo "</head>$H[begin_body]<center><h2>$I[waitingroom]</h2><p>".sprintf($I['admwaittext'], $U['displayname']).'</p><br><p>'.sprintf($I['waitreload'], $C['defaultrefresh']).'</p><br><br>'; echo "</head>$H[begin_body]<center><h2>$I[waitingroom]</h2><p>".sprintf($I['admwaittext'], $U['displayname']).'</p><br><p>'.sprintf($I['waitreload'], $C['defaultrefresh']).'</p><br><br>';
} }
echo "<hr><form action=\"$_SERVER[SCRIPT_NAME]\" method=\"post\">".hidden('action', 'wait').hidden('session', $U['session']).submit($I['reload']).'</form><br>'; echo "<hr><form action=\"$_SERVER[SCRIPT_NAME]\" method=\"post\">".hidden('action', 'wait').hidden('session', $U['session']).submit($I['reload']).'</form><br>';
echo "<h2>$I[rules]</h2><b>$C[rulestxt]</b></center>"; echo "<h2>$I[rules]</h2><b>".get_setting('rulestxt').'</b></center>';
print_end(); print_end();
} }
} }
@ -708,7 +729,7 @@ function send_post(){
} }
} }
echo '</select>'; echo '</select>';
if($U['status']>=5 || ($countmods==0 && $U['status']>=3)){ if($U['status']>=5 || ($C['memkick'] && $countmods==0 && $U['status']>=3)){
echo "<input type=\"checkbox\" name=\"kick\" id=\"kick\" value=\"kick\"><label for=\"kick\">&nbsp;$I[kick]</label>"; echo "<input type=\"checkbox\" name=\"kick\" id=\"kick\" value=\"kick\"><label for=\"kick\">&nbsp;$I[kick]</label>";
echo "<input type=\"checkbox\" name=\"what\" id=\"what\" value=\"purge\" checked><label for=\"what\">&nbsp;$I[alsopurge]</label>"; echo "<input type=\"checkbox\" name=\"what\" id=\"what\" value=\"purge\" checked><label for=\"what\">&nbsp;$I[alsopurge]</label>";
} }
@ -729,7 +750,7 @@ function send_post(){
function send_help(){ function send_help(){
global $U, $C, $H, $I; global $U, $C, $H, $I;
print_start(); print_start();
echo "<h2>$I[rules]</h2>$C[rulestxt]<br><br><hr><h2>$I[help]</h2>$I[helpguest]"; echo "<h2>$I[rules]</h2>".get_setting('rulestxt')."<br><br><hr><h2>$I[help]</h2>$I[helpguest]";
if($C['imgembed'] || $C['vidembed']) echo "<br>$I[helpembed]"; if($C['imgembed'] || $C['vidembed']) echo "<br>$I[helpembed]";
if($U['status']>=3){ if($U['status']>=3){
echo "<br>$I[helpmem]<br>"; echo "<br>$I[helpmem]<br>";
@ -816,11 +837,20 @@ function send_profile($arg=''){
if($U['timestamps']) echo ' checked'; if($U['timestamps']) echo ' checked';
echo "></td><td><label for=\"timestamps\"><b>$I[timestamps]</b></label></td></tr></table></td></tr></table></td></tr>"; echo "></td><td><label for=\"timestamps\"><b>$I[timestamps]</b></label></td></tr></table></td></tr></table></td></tr>";
thr(); thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[embed]</b></td><td align=\"right\"><table cellspacing=\"0\">"; if($C['imgembed'] || $C['vidembed']){
echo "<tr><td>&nbsp;</td><td><input type=\"checkbox\" name=\"embed\" id=\"embed\" value=\"on\""; echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[embed]</b></td><td align=\"right\"><table cellspacing=\"0\">";
if($U['embed']) echo ' checked'; echo "<tr><td>&nbsp;</td><td><input type=\"checkbox\" name=\"embed\" id=\"embed\" value=\"on\"";
echo "></td><td><label for=\"embed\"><b>$I[embed]</b></label></td></tr></table></td></tr></table></td></tr>"; if($U['embed']) echo ' checked';
thr(); echo "></td><td><label for=\"embed\"><b>$I[embed]</b></label></td></tr></table></td></tr></table></td></tr>";
thr();
}
if($U['status']>=5 && $C['incognito']){
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[incognito]</b></td><td align=\"right\"><table cellspacing=\"0\">";
echo "<tr><td>&nbsp;</td><td><input type=\"checkbox\" name=\"incognito\" id=\"incognito\" value=\"on\"";
if($U['incognito']) echo ' checked';
echo "></td><td><label for=\"incognito\"><b>$I[incognito]</b></label></td></tr></table></td></tr></table></td></tr>";
thr();
}
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[pbsize]</b></td><td align=\"right\"><table cellspacing=\"0\">"; echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[pbsize]</b></td><td align=\"right\"><table cellspacing=\"0\">";
echo "<tr><td>&nbsp;</td><td>$I[width]</td><td><input type=\"text\" name=\"boxwidth\" size=\"3\" maxlength=\"3\" value=\"$U[boxwidth]\"></td>"; echo "<tr><td>&nbsp;</td><td>$I[width]</td><td><input type=\"text\" name=\"boxwidth\" size=\"3\" maxlength=\"3\" value=\"$U[boxwidth]\"></td>";
echo "<td>&nbsp;</td><td>$I[height]</td><td><input type=\"text\" name=\"boxheight\" size=\"3\" maxlength=\"3\" value=\"$U[boxheight]\"></td>"; echo "<td>&nbsp;</td><td>$I[height]</td><td><input type=\"text\" name=\"boxheight\" size=\"3\" maxlength=\"3\" value=\"$U[boxheight]\"></td>";
@ -887,33 +917,23 @@ function send_colours(){
} }
function send_login(){ function send_login(){
global $C, $H, $I, $mysqli, $L; global $C, $H, $I, $L;
setcookie('test', '1'); setcookie('test', '1');
print_start(); print_start();
echo "<center><h1>$C[chatname]</h1><$H[form] target=\"_parent\">".hidden('action', 'login'); echo "<center><h1>$C[chatname]</h1><$H[form] target=\"_parent\">".hidden('action', 'login');
if($C['enablecaptcha']){
$code=rand(0, 99999);
$randid=rand(0, 99999999);
$enc=base64_encode(openssl_encrypt("$code, $randid", 'aes-128-cbc', $C['captchapass'], 0, '1234567890123456'));
$stmt=mysqli_prepare($mysqli, 'INSERT INTO `captcha` (`id`, `time`) VALUES (?, \''.time().'\')');
mysqli_stmt_bind_param($stmt, 'd', $randid);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
echo hidden('challenge', $enc);
}
echo "<table border=\"2\" width=\"1\" rules=\"none\"><tr><td align=\"left\">$I[nick]</td><td align=\"right\"><input type=\"text\" name=\"nick\" size=\"15\"></td></tr>"; echo "<table border=\"2\" width=\"1\" rules=\"none\"><tr><td align=\"left\">$I[nick]</td><td align=\"right\"><input type=\"text\" name=\"nick\" size=\"15\"></td></tr>";
echo "<tr><td align=\"left\">$I[pass]</td><td align=\"right\"><input type=\"password\" name=\"pass\" size=\"15\"></td></tr>"; echo "<tr><td align=\"left\">$I[pass]</td><td align=\"right\"><input type=\"password\" name=\"pass\" size=\"15\"></td></tr>";
if($C['enablecaptcha']){ if($C['enablecaptcha']) send_captcha();
echo "<tr><td align=\"left\">$I[copy]"; if(get_setting('guestaccess')>0){
echo send_captcha($code); echo "<tr><td colspan=\"2\" align=\"center\">$I[choosecol]<br><select style=\"text-align:center;\" name=\"colour\"><option value=\"\">* $I[randomcol] *</option>";
echo '</td><td align="right"><input type="text" name="captcha" size="15" autocomplete="off"></td></tr>'; print_colours();
echo '</select></td></tr>';
}else{
echo "<tr><td colspan=\"2\" align=\"center\">$I[noguests]</td></tr>";
} }
echo "<tr><td colspan=\"2\" align=\"center\">$I[choosecol]<br><select style=\"text-align:center;\" name=\"colour\"><option value=\"\">* $I[randomcol] *</option>"; echo '<tr><td colspan="2" align="center">'.submit($I['enter'])."</td></tr></table></form>";
print_colours(); get_nowchatting();
echo '</select></td></tr>'; echo "<h2>$I[rules]</h2><b>".get_setting('rulestxt')."</b><br><br><p>$I[changelang]";
$nowchatting=get_nowchatting();
echo '<tr><td colspan="2" align="center">'.submit($I['enter'])."</td></tr></table></form>$nowchatting";
echo "<h2>$I[rules]</h2><b>$C[rulestxt]</b><br><br><p>$I[changelang]";
foreach($L as $lang=>$name){ foreach($L as $lang=>$name){
echo " <a href=\"$_SERVER[SCRIPT_NAME]?lang=$lang\">$name</a>"; echo " <a href=\"$_SERVER[SCRIPT_NAME]?lang=$lang\">$name</a>";
} }
@ -960,16 +980,17 @@ function print_memberslist(){
// session management // session management
function create_session(){ function create_session($setup){
global $U, $C, $I, $mysqli; global $U, $C, $I, $mysqli;
$U['nickname']=cleanup_nick($_REQUEST['nick']); $U['nickname']=cleanup_nick($_REQUEST['nick']);
$U['passhash']=md5(sha1(md5($U['nickname'].$_REQUEST['pass']))); $U['passhash']=md5(sha1(md5($U['nickname'].$_REQUEST['pass'])));
$U['colour']=$_REQUEST['colour']; if(!$setup) $U['colour']=$_REQUEST['colour'];
else $U['colour']=$C['coltxt'];
$U['status']=1; $U['status']=1;
if(!valid_nick($U['nickname'])) send_error(sprintf($I['invalnick'], $C['maxname']));
check_member(); check_member();
add_user_defaults(); add_user_defaults();
if($C['enablecaptcha'] && ($U['status']==1 || !$C['dismemcaptcha'])){ if($setup) $U['incognito']=true;
if($C['enablecaptcha'] && ($U['status']==1 || (!$C['dismemcaptcha'] || $setup))){
$captcha=explode(',', openssl_decrypt(base64_decode($_REQUEST['challenge']), 'aes-128-cbc', $C['captchapass'], 0, '1234567890123456')); $captcha=explode(',', openssl_decrypt(base64_decode($_REQUEST['challenge']), 'aes-128-cbc', $C['captchapass'], 0, '1234567890123456'));
if(current($captcha)!==$_REQUEST['captcha']) send_error($I['wrongcaptcha']); if(current($captcha)!==$_REQUEST['captcha']) send_error($I['wrongcaptcha']);
$stmt=mysqli_prepare($mysqli, 'SELECT * FROM `captcha` WHERE `id`=?'); $stmt=mysqli_prepare($mysqli, 'SELECT * FROM `captcha` WHERE `id`=?');
@ -985,7 +1006,8 @@ function create_session(){
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
} }
if($U['status']==1){ if($U['status']==1){
if(!allowed_nick($U['nickname'])) send_error(sprintf($I['invalnick'], $C['maxname'])); if(!valid_nick($U['nickname'])) send_error(sprintf($I['invalnick'], $C['maxname']));
if(!valid_pass($_REQUEST['pass'])) send_error(sprintf($I['invalpass'], $C['minpass']));
$ga=get_setting('guestaccess'); $ga=get_setting('guestaccess');
if($ga==0) send_error($I['noguests']); if($ga==0) send_error($I['noguests']);
} }
@ -1017,14 +1039,14 @@ function write_new_session(){
do{ do{
$U['session']=md5(time().rand().$U['nickname']); $U['session']=md5(time().rand().$U['nickname']);
}while(isSet($sids[$U['session']]));// check for hash collision }while(isSet($sids[$U['session']]));// check for hash collision
$stmt=mysqli_prepare($mysqli, 'INSERT INTO `sessions`(`session`, `nickname`, `displayname`, `status`, `refresh`, `fontinfo`, `style`, `lastpost`, `passhash`, `postid`, `boxwidth`, `boxheight`, `useragent`, `bgcolour`, `notesboxwidth`, `notesboxheight`, `entry`, `timestamps`, `embed`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); $stmt=mysqli_prepare($mysqli, 'INSERT INTO `sessions`(`session`, `nickname`, `displayname`, `status`, `refresh`, `fontinfo`, `style`, `lastpost`, `passhash`, `postid`, `boxwidth`, `boxheight`, `useragent`, `bgcolour`, `notesboxwidth`, `notesboxheight`, `entry`, `timestamps`, `embed`, `incognito`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
mysqli_stmt_bind_param($stmt, 'sssddssdsdddssddddd', $U['session'], $U['nickname'], $U['displayname'], $U['status'], $U['refresh'], $U['fontinfo'], $U['style'], $U['lastpost'], $U['passhash'], $U['postid'], $U['boxwidth'], $U['boxheight'], $U['useragent'], $U['bgcolour'], $U['notesboxwidth'], $U['notesboxheight'], $U['entry'], $U['timestamps'], $U['embed']); mysqli_stmt_bind_param($stmt, 'sssddssdsdddssdddddd', $U['session'], $U['nickname'], $U['displayname'], $U['status'], $U['refresh'], $U['fontinfo'], $U['style'], $U['lastpost'], $U['passhash'], $U['postid'], $U['boxwidth'], $U['boxheight'], $U['useragent'], $U['bgcolour'], $U['notesboxwidth'], $U['notesboxheight'], $U['entry'], $U['timestamps'], $U['embed'], $U['incognito']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
setcookie($C['cookiename'], $U['session']); setcookie($C['cookiename'], $U['session']);
if($C['msglogin'] && $U['status']>=3) add_system_message(sprintf(get_setting('msgenter'), $U['displayname'])); if($C['msglogin'] && $U['status']>=3 && !$U['incognito']) add_system_message(sprintf(get_setting('msgenter'), $U['displayname']));
}elseif($inuse){ }elseif($inuse){
send_error($I['invalpass']); send_error($I['wrongpass']);
}elseif($U['status']==0){ }elseif($U['status']==0){
setcookie($C['cookiename'], false); setcookie($C['cookiename'], false);
send_error("$I[kicked]<br>$U[kickmessage]"); send_error("$I[kicked]<br>$U[kickmessage]");
@ -1069,10 +1091,10 @@ function approve_session(){
function check_login(){ function check_login(){
global $mysqli, $C, $U, $I, $M; global $mysqli, $C, $U, $I, $M;
if(isSet($_POST['session'])){ if(isSet($_POST['session'])){
$stmt=mysqli_prepare($mysqli, 'SELECT `session`, `nickname`, `displayname`, `status`, `refresh`, `fontinfo`, `style`, `lastpost`, `passhash`, `postid`, `boxwidth`, `boxheight`, `useragent`, `kickmessage`, `bgcolour`, `notesboxheight`, `notesboxwidth`, `entry`, `timestamps`, `embed` FROM `sessions` WHERE `session`=?'); $stmt=mysqli_prepare($mysqli, 'SELECT `session`, `nickname`, `displayname`, `status`, `refresh`, `fontinfo`, `style`, `lastpost`, `passhash`, `postid`, `boxwidth`, `boxheight`, `useragent`, `kickmessage`, `bgcolour`, `notesboxheight`, `notesboxwidth`, `entry`, `timestamps`, `embed`, `incognito` FROM `sessions` WHERE `session`=?');
mysqli_stmt_bind_param($stmt, 's', $_POST['session']); mysqli_stmt_bind_param($stmt, 's', $_POST['session']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $U['session'], $U['nickname'], $U['displayname'], $U['status'], $U['refresh'], $U['fontinfo'], $U['style'], $U['lastpost'], $U['passhash'], $U['postid'], $U['boxwidth'], $U['boxheight'], $U['useragent'], $U['kickmessage'], $U['bgcolour'], $U['notesboxheight'], $U['notesboxwidth'], $U['entry'], $U['timestamps'], $U['embed']); mysqli_stmt_bind_result($stmt, $U['session'], $U['nickname'], $U['displayname'], $U['status'], $U['refresh'], $U['fontinfo'], $U['style'], $U['lastpost'], $U['passhash'], $U['postid'], $U['boxwidth'], $U['boxheight'], $U['useragent'], $U['kickmessage'], $U['bgcolour'], $U['notesboxheight'], $U['notesboxwidth'], $U['entry'], $U['timestamps'], $U['embed'], $U['incognito']);
if(mysqli_stmt_fetch($stmt)){ if(mysqli_stmt_fetch($stmt)){
if($U['status']==0){ if($U['status']==0){
setcookie($C['cookiename'], false); setcookie($C['cookiename'], false);
@ -1087,7 +1109,7 @@ function check_login(){
} }
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
}else{ }else{
create_session(); create_session(false);
} }
if($U['status']==1){ if($U['status']==1){
$ga=get_setting('guestaccess'); $ga=get_setting('guestaccess');
@ -1126,10 +1148,10 @@ function kill_session(){
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
} }
elseif($C['msglogout'] && $U['status']>=3) add_system_message(sprintf(get_setting('msgexit'), $U['displayname'])); elseif($C['msglogout'] && $U['status']>=3 && !$U['incognito']) add_system_message(sprintf(get_setting('msgexit'), $U['displayname']));
} }
function kick_chatter($names, $mes){ function kick_chatter($names, $mes, $purge){
global $C, $U, $P, $mysqli; global $C, $U, $P, $mysqli;
$lonick=''; $lonick='';
$lines=parse_sessions(); $lines=parse_sessions();
@ -1141,6 +1163,7 @@ function kick_chatter($names, $mes){
if(($temp['nickname']==$U['nickname'] && $U['nickname']==$name) || ($U['status']>$temp['status'] && (($temp['nickname']==$name && $temp['status']>0) || ($name=='&' && $temp['status']==1)))){ if(($temp['nickname']==$U['nickname'] && $U['nickname']==$name) || ($U['status']>$temp['status'] && (($temp['nickname']==$name && $temp['status']>0) || ($name=='&' && $temp['status']==1)))){
mysqli_stmt_bind_param($stmt, 'ss', $mes, $temp['session']); mysqli_stmt_bind_param($stmt, 'ss', $mes, $temp['session']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
if($purge) del_all_messages($temp['nickname']);
$lonick.="$temp[displayname], "; $lonick.="$temp[displayname], ";
$i++; $i++;
unset($P[$name]); unset($P[$name]);
@ -1150,11 +1173,11 @@ function kick_chatter($names, $mes){
} }
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
if($C['msgkick']){ if($C['msgkick']){
if($names[0]=='&'){ if($lonick!==''){
add_system_message(get_setting('msgallkick')); if($names[0]=='&'){
}else{ add_system_message(get_setting('msgallkick'));
$lonick=preg_replace('/\,\s$/','',$lonick); }else{
if($lonick!==''){ $lonick=preg_replace('/\,\s$/','',$lonick);
if($i>1){ if($i>1){
add_system_message(sprintf(get_setting('msgmultikick'), $lonick)); add_system_message(sprintf(get_setting('msgmultikick'), $lonick));
}else{ }else{
@ -1163,6 +1186,8 @@ function kick_chatter($names, $mes){
} }
} }
} }
if($lonick!=='') return true;
return false;
} }
function logout_chatter($names){ function logout_chatter($names){
@ -1181,7 +1206,7 @@ function logout_chatter($names){
if($temp['status']==1){ if($temp['status']==1){
mysqli_stmt_bind_param($stmt1, 's', $temp['nickname']); mysqli_stmt_bind_param($stmt1, 's', $temp['nickname']);
mysqli_stmt_bind_param($stmt2, 's', $temp['nickname']); mysqli_stmt_bind_param($stmt2, 's', $temp['nickname']);
mysqli_stmt_bind_param($stmt3, 's', $temp['nickname'], $temp['nickname']); mysqli_stmt_bind_param($stmt3, 'ss', $temp['nickname'], $temp['nickname']);
mysqli_stmt_execute($stmt1); mysqli_stmt_execute($stmt1);
mysqli_stmt_execute($stmt2); mysqli_stmt_execute($stmt2);
mysqli_stmt_execute($stmt3); mysqli_stmt_execute($stmt3);
@ -1230,7 +1255,7 @@ function check_session(){
function get_nowchatting(){ function get_nowchatting(){
global $M, $G, $P, $I; global $M, $G, $P, $I;
parse_sessions(); parse_sessions();
return sprintf($I['curchat'], count($P)).'<br>'.implode(' &nbsp; ', $M).' &nbsp; '.implode(' &nbsp; ', $G); echo sprintf($I['curchat'], count($P)).'<br>'.implode(' &nbsp; ', $M).' &nbsp; '.implode(' &nbsp; ', $G);
} }
function parse_sessions(){ function parse_sessions(){
@ -1278,8 +1303,10 @@ function parse_sessions(){
$P[$temp['nickname']]=[$temp['nickname'], $temp['status'], $temp['style']]; $P[$temp['nickname']]=[$temp['nickname'], $temp['status'], $temp['style']];
$G[]=$temp['displayname']; $G[]=$temp['displayname'];
}elseif($temp['status']>2){ }elseif($temp['status']>2){
$P[$temp['nickname']]=[$temp['nickname'], $temp['status'], $temp['style']]; if(!$temp['incognito']){
$M[]=$temp['displayname']; $P[$temp['nickname']]=[$temp['nickname'], $temp['status'], $temp['style']];
$M[]=$temp['displayname'];
}
if($temp['status']>=5) $countmods++; if($temp['status']>=5) $countmods++;
} }
} }
@ -1292,10 +1319,10 @@ function parse_sessions(){
function check_member(){ function check_member(){
global $U, $I, $mysqli; global $U, $I, $mysqli;
$stmt=mysqli_prepare($mysqli, 'SELECT `nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `fontface`, `fonttags`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `lastlogin`, `timestamps`, `embed` FROM `members` WHERE `nickname`=?'); $stmt=mysqli_prepare($mysqli, 'SELECT `nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `fontface`, `fonttags`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `lastlogin`, `timestamps`, `embed`, `incognito` FROM `members` WHERE `nickname`=?');
mysqli_stmt_bind_param($stmt, 's', $U['nickname']); mysqli_stmt_bind_param($stmt, 's', $U['nickname']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $temp['nickname'], $temp['passhash'], $temp['status'], $temp['refresh'], $temp['colour'], $temp['bgcolour'], $temp['fontface'], $temp['fonttags'], $temp['boxwidth'], $temp['boxheight'], $temp['notesboxwidth'], $temp['notesboxheight'], $temp['lastlogin'], $temp['timestamps'], $temp['embed']); mysqli_stmt_bind_result($stmt, $temp['nickname'], $temp['passhash'], $temp['status'], $temp['refresh'], $temp['colour'], $temp['bgcolour'], $temp['fontface'], $temp['fonttags'], $temp['boxwidth'], $temp['boxheight'], $temp['notesboxwidth'], $temp['notesboxheight'], $temp['lastlogin'], $temp['timestamps'], $temp['embed'], $U['incognito']);
if(mysqli_stmt_fetch($stmt)){ if(mysqli_stmt_fetch($stmt)){
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
if($temp['passhash']==$U['passhash']){ if($temp['passhash']==$U['passhash']){
@ -1305,7 +1332,7 @@ function check_member(){
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
}else{ }else{
send_error($I['invalpass']); send_error($I['wrongpass']);
} }
}else{ }else{
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
@ -1328,10 +1355,10 @@ function register_guest($status){
global $P, $U, $C, $I, $mysqli; global $P, $U, $C, $I, $mysqli;
if($_REQUEST['name']=='') send_admin(); if($_REQUEST['name']=='') send_admin();
if(!isSet($P[$_REQUEST['name']])) send_admin(sprintf($I['cantreg'], $_REQUEST['name'])); if(!isSet($P[$_REQUEST['name']])) send_admin(sprintf($I['cantreg'], $_REQUEST['name']));
$stmt=mysqli_prepare($mysqli, 'SELECT `session`, `nickname`, `displayname`, `passhash`, `refresh`, `fontinfo`, `bgcolour`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `timestamps`, `embed` FROM `sessions` WHERE `nickname`=? AND `status`=\'1\''); $stmt=mysqli_prepare($mysqli, 'SELECT `session`, `nickname`, `displayname`, `passhash`, `refresh`, `fontinfo`, `bgcolour`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `timestamps`, `embed`, `incognito` FROM `sessions` WHERE `nickname`=? AND `status`=\'1\'');
mysqli_stmt_bind_param($stmt, 's', $_REQUEST['name']); mysqli_stmt_bind_param($stmt, 's', $_REQUEST['name']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $reg['session'], $reg['nickname'], $reg['displayname'], $reg['passhash'], $reg['refresh'], $reg['fontinfo'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $reg['timestamps'], $reg['embed']); mysqli_stmt_bind_result($stmt, $reg['session'], $reg['nickname'], $reg['displayname'], $reg['passhash'], $reg['refresh'], $reg['fontinfo'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $reg['timestamps'], $reg['embed'], $reg['incognito']);
if(mysqli_stmt_fetch($stmt)){ if(mysqli_stmt_fetch($stmt)){
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
$reg['status']=$status; $reg['status']=$status;
@ -1352,8 +1379,8 @@ function register_guest($status){
if(mysqli_stmt_num_rows($stmt)>0) send_admin(sprintf($I['alreadyreged'], $_REQUEST['name'])); if(mysqli_stmt_num_rows($stmt)>0) send_admin(sprintf($I['alreadyreged'], $_REQUEST['name']));
mysqli_stmt_free_result($stmt); mysqli_stmt_free_result($stmt);
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
$stmt=mysqli_prepare($mysqli, 'INSERT INTO `members`(`nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `regedby`, `timestamps`, `embed`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); $stmt=mysqli_prepare($mysqli, 'INSERT INTO `members`(`nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `regedby`, `timestamps`, `embed`, `incognito`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
mysqli_stmt_bind_param($stmt, 'ssddssddddsdd', $reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['colour'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $U['nickname'], $reg['timestamps'], $reg['embed']); mysqli_stmt_bind_param($stmt, 'ssddssddddsddd', $reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['colour'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $U['nickname'], $reg['timestamps'], $reg['embed'], $reg['incognito']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
if($reg['status']==3) add_system_message(sprintf(get_setting('msgmemreg'), $reg['displayname'])); if($reg['status']==3) add_system_message(sprintf(get_setting('msgmemreg'), $reg['displayname']));
@ -1366,6 +1393,7 @@ function register_new(){
if($_REQUEST['name']=='') send_admin(); if($_REQUEST['name']=='') send_admin();
if(isSet($P[$_REQUEST['name']])) send_admin(sprintf($I['cantreg'], $_REQUEST['name'])); if(isSet($P[$_REQUEST['name']])) send_admin(sprintf($I['cantreg'], $_REQUEST['name']));
if(!valid_nick($_REQUEST['name'])) send_admin(sprintf($I['invalnick'], $C['maxname'])); if(!valid_nick($_REQUEST['name'])) send_admin(sprintf($I['invalnick'], $C['maxname']));
if(!valid_pass($_REQUEST['pass'])) send_admin(sprintf($I['invalpass'], $C['minpass']));
$stmt=mysqli_prepare($mysqli, 'SELECT * FROM `members` WHERE `nickname`=?'); $stmt=mysqli_prepare($mysqli, 'SELECT * FROM `members` WHERE `nickname`=?');
mysqli_stmt_bind_param($stmt, 's', $_REQUEST['name']); mysqli_stmt_bind_param($stmt, 's', $_REQUEST['name']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
@ -1386,10 +1414,11 @@ function register_new(){
'notesboxheight'=>$C['notesboxheight'], 'notesboxheight'=>$C['notesboxheight'],
'regedby' =>$U['nickname'], 'regedby' =>$U['nickname'],
'timestamps' =>$C['timestamps'], 'timestamps' =>$C['timestamps'],
'embed' =>$C['embed'] 'embed' =>$C['embed'],
'incognito' =>false
); );
$stmt=mysqli_prepare($mysqli, 'INSERT INTO `members`(`nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `boxwidth`, `boxheight`,`notesboxwidth`, `notesboxheight`, `regedby`, `timestamps`, `embed`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); $stmt=mysqli_prepare($mysqli, 'INSERT INTO `members`(`nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `boxwidth`, `boxheight`,`notesboxwidth`, `notesboxheight`, `regedby`, `timestamps`, `embed`, `incognito`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
mysqli_stmt_bind_param($stmt, 'ssddssddddsdd', $reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['colour'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $reg['regedby'], $reg['timestamps'], $reg['embed']); mysqli_stmt_bind_param($stmt, 'ssddssddddsddd', $reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['colour'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $reg['regedby'], $reg['timestamps'], $reg['embed'], $reg['incognito']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
send_admin(sprintf($I['successreg'], $reg['nickname'])); send_admin(sprintf($I['successreg'], $reg['nickname']));
@ -1460,6 +1489,8 @@ function amend_profile(){
else $U['timestamps']=false; else $U['timestamps']=false;
if(isSet($_REQUEST['embed'])) $U['embed']=true; if(isSet($_REQUEST['embed'])) $U['embed']=true;
else $U['embed']=false; else $U['embed']=false;
if($U['status']>=5 && isSet($_REQUEST['incognito'])) $U['incognito']=true;
else $U['incognito']=false;
if($U['boxwidth']>=1000) $U['boxwidth']=40; if($U['boxwidth']>=1000) $U['boxwidth']=40;
if($U['boxheight']>=1000) $U['boxheight']=3; if($U['boxheight']>=1000) $U['boxheight']=3;
if($U['notesboxwidth']>=1000) $U['notesboxwidth']=80; if($U['notesboxwidth']>=1000) $U['notesboxwidth']=80;
@ -1482,13 +1513,13 @@ function save_profile(){
if($U['passhash']!==$U['oldhash']) send_profile($I['wrongpass']); if($U['passhash']!==$U['oldhash']) send_profile($I['wrongpass']);
$U['passhash']=$U['newhash']; $U['passhash']=$U['newhash'];
amend_profile(); amend_profile();
$stmt=mysqli_prepare($mysqli, 'UPDATE `sessions` SET `refresh`=?, `displayname`=?, `fontinfo`=?, `style`=?, `passhash`=?, `boxwidth`=?, `boxheight`=?, `bgcolour`=?, `notesboxwidth`=?, `notesboxheight`=?, `timestamps`=?, `embed`=? WHERE `session`=?'); $stmt=mysqli_prepare($mysqli, 'UPDATE `sessions` SET `refresh`=?, `displayname`=?, `fontinfo`=?, `style`=?, `passhash`=?, `boxwidth`=?, `boxheight`=?, `bgcolour`=?, `notesboxwidth`=?, `notesboxheight`=?, `timestamps`=?, `embed`=?, `incognito`=? WHERE `session`=?');
mysqli_stmt_bind_param($stmt, 'dssssddsdddds', $U['refresh'], $U['displayname'], $U['fontinfo'], $U['style'], $U['passhash'], $U['boxwidth'], $U['boxheight'], $U['bgcolour'], $U['notesboxwidth'], $U['notesboxheight'], $U['timestamps'], $U['embed'], $U['session']); mysqli_stmt_bind_param($stmt, 'dssssddsddddds', $U['refresh'], $U['displayname'], $U['fontinfo'], $U['style'], $U['passhash'], $U['boxwidth'], $U['boxheight'], $U['bgcolour'], $U['notesboxwidth'], $U['notesboxheight'], $U['timestamps'], $U['embed'], $U['incognito'], $U['session']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
if($U['status']>=2){ if($U['status']>=2){
$stmt=mysqli_prepare($mysqli, 'UPDATE `members` SET `passhash`=?, `refresh`=?, `colour`=?, `bgcolour`=?, `fontface`=?, `fonttags`=?, `boxwidth`=?, `boxheight`=?, `notesboxwidth`=?, `notesboxheight`=?, `timestamps`=?, `embed`=? WHERE `nickname`=?'); $stmt=mysqli_prepare($mysqli, 'UPDATE `members` SET `passhash`=?, `refresh`=?, `colour`=?, `bgcolour`=?, `fontface`=?, `fonttags`=?, `boxwidth`=?, `boxheight`=?, `notesboxwidth`=?, `notesboxheight`=?, `timestamps`=?, `embed`=?, `incognito`=? WHERE `nickname`=?');
mysqli_stmt_bind_param($stmt, 'sdssssdddddds', $U['passhash'], $U['refresh'], $U['colour'], $U['bgcolour'], $U['fontface'], $U['fonttags'], $U['boxwidth'], $U['boxheight'], $U['notesboxwidth'], $U['notesboxheight'], $U['timestamps'], $U['embed'], $U['nickname']); mysqli_stmt_bind_param($stmt, 'sdssssddddddds', $U['passhash'], $U['refresh'], $U['colour'], $U['bgcolour'], $U['fontface'], $U['fonttags'], $U['boxwidth'], $U['boxheight'], $U['notesboxwidth'], $U['notesboxheight'], $U['timestamps'], $U['embed'], $U['incognito'], $U['nickname']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
} }
@ -1535,6 +1566,7 @@ function add_user_defaults(){
if(!isSet($U['notesboxheight'])) $U['notesboxheight']=30; if(!isSet($U['notesboxheight'])) $U['notesboxheight']=30;
if(!isSet($U['timestamps'])) $U['timestamps']=$C['timestamps']; if(!isSet($U['timestamps'])) $U['timestamps']=$C['timestamps'];
if(!isSet($U['embed'])) $U['embed']=$C['embed']; if(!isSet($U['embed'])) $U['embed']=$C['embed'];
if(!isSet($U['incognito'])) $U['incognito']=false;
if(!isSet($U['lastpost'])) $U['lastpost']=time(); if(!isSet($U['lastpost'])) $U['lastpost']=time();
if(!isSet($U['entry'])) $U['entry']=0; if(!isSet($U['entry'])) $U['entry']=0;
if(!isSet($U['postid'])) $U['postid']='OOOOOO'; if(!isSet($U['postid'])) $U['postid']='OOOOOO';
@ -1627,7 +1659,7 @@ function apply_filter($pm){
if(!$pm) $U['message']=preg_replace("/$filter[match]/i", $filter['replace'], $U['message'], -1, $count); if(!$pm) $U['message']=preg_replace("/$filter[match]/i", $filter['replace'], $U['message'], -1, $count);
elseif(!$filter['allowinpm']) $U['message']=preg_replace("/$filter[match]/i", $filter['replace'], $U['message'], -1, $count); elseif(!$filter['allowinpm']) $U['message']=preg_replace("/$filter[match]/i", $filter['replace'], $U['message'], -1, $count);
if($count>0 && $filter['kick']){ if($count>0 && $filter['kick']){
kick_chatter(array($U['nickname']), ''); kick_chatter(array($U['nickname']), '', false);
send_error("$I[kicked]"); send_error("$I[kicked]");
} }
} }
@ -1788,26 +1820,25 @@ function print_messages($delstatus=''){
// this and that // this and that
function valid_admin(){ function valid_admin(){
global $mysqli; if(isSet($_REQUEST['session'])){
if(isSet($_REQUEST['nick']) && isSet($_REQUEST['pass'])){ check_session();
$stmt=mysqli_prepare($mysqli, 'SELECT * FROM `members` WHERE `nickname`=? AND `passhash`=? AND `status`>=\'7\''); return true;
mysqli_stmt_bind_param($stmt, 'ss', $_REQUEST['nick'], $pass=md5(sha1(md5($_REQUEST['nick'].$_REQUEST['pass'])))); }
mysqli_stmt_execute($stmt); elseif(isSet($_REQUEST['nick']) && isSet($_REQUEST['pass'])){
mysqli_stmt_store_result($stmt); create_session(true);
if(mysqli_stmt_num_rows($stmt)>0) return true; return true;
mysqli_stmt_free_result($stmt);
mysqli_stmt_close($stmt);
} }
return false; return false;
} }
function valid_nick($nick){ function valid_nick($nick){
return preg_match('/^[a-z0-9]*$/i', $nick); global $C;
return preg_match("/^[a-z0-9]{1,$C[maxname]}$/i", $nick);
} }
function allowed_nick($nick){ function valid_pass($pass){
global $C; global $C;
return preg_match("/^.{1,$C[maxname]}$/", $nick); return preg_match('/^.{'.$C['minpass'].',}$/', $pass);
} }
function cleanup_nick($nick){ function cleanup_nick($nick){
@ -1928,18 +1959,20 @@ function init_chat(){
if(mysqli_num_rows($result)>0){ if(mysqli_num_rows($result)>0){
$suwrite=$I['initsuexist']; $suwrite=$I['initsuexist'];
} }
}elseif(!valid_nick($_REQUEST['sunick']) || $_REQUEST['sunick']==''){ }elseif(!valid_nick($_REQUEST['sunick'])){
$suwrite=sprintf($I['invalnick'], $C['maxname']); $suwrite=sprintf($I['invalnick'], $C['maxname']);
}elseif(!valid_pass($_REQUEST['supass'])){
$suwrite=sprintf($I['invalpass'], $C['minpass']);
}elseif($_REQUEST['supass']!==$_REQUEST['supassc']){ }elseif($_REQUEST['supass']!==$_REQUEST['supassc']){
$suwrite=$I['noconfirm']; $suwrite=$I['noconfirm'];
}else{ }else{
mysqli_multi_query($mysqli, 'CREATE TABLE IF NOT EXISTS `captcha` (`id` int(10) unsigned NOT NULL, `time` int(10) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '. mysqli_multi_query($mysqli, 'CREATE TABLE IF NOT EXISTS `captcha` (`id` int(10) unsigned NOT NULL, `time` int(10) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '.
'CREATE TABLE IF NOT EXISTS `filter` (`id` tinyint(3) unsigned NOT NULL, `match` tinytext NOT NULL, `replace` text NOT NULL, `allowinpm` tinyint(1) unsigned NOT NULL, `regex` tinyint(1) unsigned NOT NULL, `kick` tinyint(1) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '. 'CREATE TABLE IF NOT EXISTS `filter` (`id` tinyint(3) unsigned NOT NULL, `match` tinytext NOT NULL, `replace` text NOT NULL, `allowinpm` tinyint(1) unsigned NOT NULL, `regex` tinyint(1) unsigned NOT NULL, `kick` tinyint(1) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '.
'CREATE TABLE IF NOT EXISTS `ignored` (`id` int(10) unsigned NOT NULL, `ignored` tinytext NOT NULL, `by` tinytext NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '. 'CREATE TABLE IF NOT EXISTS `ignored` (`id` int(10) unsigned NOT NULL, `ignored` tinytext NOT NULL, `by` tinytext NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '.
'CREATE TABLE IF NOT EXISTS `members` (`id` tinyint(3) unsigned NOT NULL, `nickname` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `passhash` tinytext NOT NULL, `status` tinyint(3) unsigned NOT NULL, `refresh` tinyint(3) unsigned NOT NULL, `colour` tinytext NOT NULL, `bgcolour` tinytext NOT NULL, `fontface` tinytext NOT NULL, `fonttags` tinytext NOT NULL, `boxwidth` tinyint(3) unsigned NOT NULL, `boxheight` tinyint(3) unsigned NOT NULL, `notesboxheight` tinyint(3) unsigned NOT NULL, `notesboxwidth` tinyint(3) unsigned NOT NULL, `regedby` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `lastlogin` int(10) unsigned NOT NULL, `timestamps` tinyint(1) unsigned NOT NULL, `embed` tinyint(1) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '. 'CREATE TABLE IF NOT EXISTS `members` (`id` tinyint(3) unsigned NOT NULL, `nickname` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `passhash` tinytext NOT NULL, `status` tinyint(3) unsigned NOT NULL, `refresh` tinyint(3) unsigned NOT NULL, `colour` tinytext NOT NULL, `bgcolour` tinytext NOT NULL, `fontface` tinytext NOT NULL, `fonttags` tinytext NOT NULL, `boxwidth` tinyint(3) unsigned NOT NULL, `boxheight` tinyint(3) unsigned NOT NULL, `notesboxheight` tinyint(3) unsigned NOT NULL, `notesboxwidth` tinyint(3) unsigned NOT NULL, `regedby` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `lastlogin` int(10) unsigned NOT NULL, `timestamps` tinyint(1) unsigned NOT NULL, `embed` tinyint(1) unsigned NOT NULL, `incognito` tinyint(1) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '.
'CREATE TABLE IF NOT EXISTS `messages` (`id` int(10) unsigned NOT NULL, `postdate` int(10) unsigned NOT NULL, `postid` int(10) unsigned NOT NULL, `poststatus` tinyint(3) unsigned NOT NULL, `poster` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `recipient` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `text` text NOT NULL, `delstatus` tinyint(3) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '. 'CREATE TABLE IF NOT EXISTS `messages` (`id` int(10) unsigned NOT NULL, `postdate` int(10) unsigned NOT NULL, `postid` int(10) unsigned NOT NULL, `poststatus` tinyint(3) unsigned NOT NULL, `poster` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `recipient` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `text` text NOT NULL, `delstatus` tinyint(3) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '.
'CREATE TABLE IF NOT EXISTS `notes` (`id` int(10) unsigned NOT NULL, `type` tinytext NOT NULL, `lastedited` int(10) unsigned NOT NULL, `editedby` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `text` text NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '. 'CREATE TABLE IF NOT EXISTS `notes` (`id` int(10) unsigned NOT NULL, `type` tinytext NOT NULL, `lastedited` int(10) unsigned NOT NULL, `editedby` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `text` text NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '.
'CREATE TABLE IF NOT EXISTS `sessions` (`id` int(10) unsigned NOT NULL, `session` tinytext NOT NULL, `nickname` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `displayname` text NOT NULL, `status` tinyint(3) unsigned NOT NULL, `refresh` tinyint(3) unsigned NOT NULL, `fontinfo` tinytext NOT NULL, `style` text NOT NULL, `lastpost` int(10) unsigned NOT NULL, `passhash` tinytext NOT NULL, `postid` int(10) unsigned NOT NULL, `boxwidth` tinyint(3) unsigned NOT NULL, `boxheight` tinyint(3) unsigned NOT NULL, `useragent` text NOT NULL, `kickmessage` text NOT NULL, `bgcolour` tinytext NOT NULL, `notesboxheight` tinyint(3) unsigned NOT NULL, `notesboxwidth` tinyint(3) unsigned NOT NULL, `entry` int(10) unsigned NOT NULL, `timestamps` tinyint(1) unsigned NOT NULL, `embed` tinyint(1) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '. 'CREATE TABLE IF NOT EXISTS `sessions` (`id` int(10) unsigned NOT NULL, `session` tinytext NOT NULL, `nickname` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `displayname` text NOT NULL, `status` tinyint(3) unsigned NOT NULL, `refresh` tinyint(3) unsigned NOT NULL, `fontinfo` tinytext NOT NULL, `style` text NOT NULL, `lastpost` int(10) unsigned NOT NULL, `passhash` tinytext NOT NULL, `postid` int(10) unsigned NOT NULL, `boxwidth` tinyint(3) unsigned NOT NULL, `boxheight` tinyint(3) unsigned NOT NULL, `useragent` text NOT NULL, `kickmessage` text NOT NULL, `bgcolour` tinytext NOT NULL, `notesboxheight` tinyint(3) unsigned NOT NULL, `notesboxwidth` tinyint(3) unsigned NOT NULL, `entry` int(10) unsigned NOT NULL, `timestamps` tinyint(1) unsigned NOT NULL, `embed` tinyint(1) unsigned NOT NULL, `incognito` tinyint(1) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '.
'CREATE TABLE IF NOT EXISTS `settings` (`id` tinyint(3) unsigned NOT NULL, `setting` tinytext NOT NULL, `value` tinytext NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '. 'CREATE TABLE IF NOT EXISTS `settings` (`id` tinyint(3) unsigned NOT NULL, `setting` tinytext NOT NULL, `value` tinytext NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; '.
'ALTER TABLE `captcha` ADD UNIQUE KEY `id` (`id`); '. 'ALTER TABLE `captcha` ADD UNIQUE KEY `id` (`id`); '.
'ALTER TABLE `filter` ADD PRIMARY KEY (`id`); '. 'ALTER TABLE `filter` ADD PRIMARY KEY (`id`); '.
@ -1957,6 +1990,7 @@ function init_chat(){
'ALTER TABLE `sessions` MODIFY `id` int(10) unsigned NOT NULL AUTO_INCREMENT; '. 'ALTER TABLE `sessions` MODIFY `id` int(10) unsigned NOT NULL AUTO_INCREMENT; '.
'ALTER TABLE `settings` MODIFY `id` tinyint(3) unsigned NOT NULL AUTO_INCREMENT; '. 'ALTER TABLE `settings` MODIFY `id` tinyint(3) unsigned NOT NULL AUTO_INCREMENT; '.
'INSERT INTO `settings` (`setting`,`value`) VALUES (\'guestaccess\',\'0\'); '. 'INSERT INTO `settings` (`setting`,`value`) VALUES (\'guestaccess\',\'0\'); '.
'INSERT INTO `settings` (`setting`,`value`) VALUES (\'rulestxt\', \'1. YOUR_RULS<br>2. YOUR_RULES\'); '.
'INSERT INTO `settings` (`setting`,`value`) VALUES (\'msgenter\',\'%s entered the chat.\'); '. 'INSERT INTO `settings` (`setting`,`value`) VALUES (\'msgenter\',\'%s entered the chat.\'); '.
'INSERT INTO `settings` (`setting`,`value`) VALUES (\'msgexit\',\'%s left the chat.\'); '. 'INSERT INTO `settings` (`setting`,`value`) VALUES (\'msgexit\',\'%s left the chat.\'); '.
'INSERT INTO `settings` (`setting`,`value`) VALUES (\'msgmemreg\',\'%s is now a registered member.\'); '. 'INSERT INTO `settings` (`setting`,`value`) VALUES (\'msgmemreg\',\'%s is now a registered member.\'); '.
@ -1979,17 +2013,18 @@ function init_chat(){
'notesboxwidth' =>$C['notesboxwidth'], 'notesboxwidth' =>$C['notesboxwidth'],
'notesboxheight'=>$C['notesboxheight'], 'notesboxheight'=>$C['notesboxheight'],
'timestamps' =>$C['timestamps'], 'timestamps' =>$C['timestamps'],
'embed' =>$C['embed'] 'embed' =>$C['embed'],
'incognito' =>false
); );
$stmt=mysqli_prepare($mysqli, 'INSERT INTO `members` (`nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `timestamps`, `embed`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'); $stmt=mysqli_prepare($mysqli, 'INSERT INTO `members` (`nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `timestamps`, `embed`, `incognito`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
mysqli_stmt_bind_param($stmt, 'ssddssdddddd', $reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['colour'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $reg['timestamps'], $reg['embed']); mysqli_stmt_bind_param($stmt, 'ssddssddddddd', $reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['colour'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $reg['timestamps'], $reg['embed'], $reg['incognito']);
mysqli_stmt_execute($stmt); mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt); mysqli_stmt_close($stmt);
$suwrite=$I['susuccess']; $suwrite=$I['susuccess'];
} }
print_start(); print_start();
echo "<center><h2>$I[init]</h2><br><h3>$I[sulogin]</h3>$suwrite<br><br><br>"; echo "<center><h2>$I[init]</h2><br><h3>$I[sulogin]</h3>$suwrite<br><br><br>";
echo "<$H[form]>".hidden('action', 'setup').hidden('nick', $_REQUEST['sunick']).hidden('pass', $_REQUEST['supass']).submit($I['initgosetup']).'</form>'; echo "<$H[form]>".hidden('action', 'setup').submit($I['initgosetup']).'</form>';
print_credits(); print_credits();
print_end(); print_end();
} }
@ -2003,6 +2038,13 @@ function update_db(){
mysqli_query($mysqli, 'ALTER TABLE `ignored` ADD PRIMARY KEY (`id`)'); mysqli_query($mysqli, 'ALTER TABLE `ignored` ADD PRIMARY KEY (`id`)');
mysqli_query($mysqli, 'ALTER TABLE `ignored` MODIFY `id` int(10) unsigned NOT NULL AUTO_INCREMENT'); mysqli_query($mysqli, 'ALTER TABLE `ignored` MODIFY `id` int(10) unsigned NOT NULL AUTO_INCREMENT');
} }
if($dbversion<3){
mysqli_query($mysqli, 'INSERT INTO `settings` (`setting`, `value`) VALUES (\'rulestxt\', \'1. YOUR_RULS<br>2. YOUR_RULES\')');
}
if($dbversion<4){
mysqli_query($mysqli, 'ALTER TABLE `members` ADD `incognito` TINYINT(1) UNSIGNED NOT NULL');
mysqli_query($mysqli, 'ALTER TABLE `sessions` ADD `incognito` TINYINT(1) UNSIGNED NOT NULL');
}
update_setting('dbversion', $C['dbversion']); update_setting('dbversion', $C['dbversion']);
send_update(); send_update();
} }
@ -2079,7 +2121,7 @@ function check_db(){
$mysqli=mysqli_connect($C['dbhost'], $C['dbuser'], $C['dbpass'], $C['dbname']); $mysqli=mysqli_connect($C['dbhost'], $C['dbuser'], $C['dbpass'], $C['dbname']);
if(mysqli_connect_errno($mysqli)){ if(mysqli_connect_errno($mysqli)){
if($_REQUEST['action']=='setup'){ if($_REQUEST['action']=='setup'){
die($I['nosetupdb']); die($I['nodbsetup']);
}else{ }else{
die($I['nodb']); die($I['nodb']);
} }
@ -2105,9 +2147,9 @@ function load_lang(){
function load_config(){ function load_config(){
global $C; global $C;
$C=array( $C=array(
'version' =>'1.1', // Script version 'version' =>'1.5', // Script version
'dbversion' =>2, // Database version 'dbversion' =>4, // Database version
'showcredits' =>true, // Allow showing credits 'showcredits' =>false, // Allow showing credits
'colbg' =>'000000', // Background colour 'colbg' =>'000000', // Background colour
'coltxt' =>'FFFFFF', // Default text colour 'coltxt' =>'FFFFFF', // Default text colour
'collnk' =>'0000FF', // Link colour 'collnk' =>'0000FF', // Link colour
@ -2125,6 +2167,7 @@ function load_config(){
'defaultrefresh'=>30, // Seconds to refresh the messages 'defaultrefresh'=>30, // Seconds to refresh the messages
'maxmessage' =>2000, // Longest number of characters for a message 'maxmessage' =>2000, // Longest number of characters for a message
'maxname' =>20, // Longest number of chatacters for a name 'maxname' =>20, // Longest number of chatacters for a name
'minpass' =>5, // Shortest number of chatacters for a password
'boxwidth' =>40, // Default post box width 'boxwidth' =>40, // Default post box width
'boxheight' =>3, // Default post box height 'boxheight' =>3, // Default post box height
'notesboxwidth' =>80, // Default notes box width 'notesboxwidth' =>80, // Default notes box width
@ -2134,23 +2177,25 @@ function load_config(){
'dbpass' =>'YOUR_DB_PASS', // Database password 'dbpass' =>'YOUR_DB_PASS', // Database password
'dbname' =>'public_chat', // Database 'dbname' =>'public_chat', // Database
'captchapass' =>'YOUR_PASS', // Password used for captcha encryption 'captchapass' =>'YOUR_PASS', // Password used for captcha encryption
'captchachars' =>'0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', // Characters used for captcha generation
'enablecaptcha' =>true, // Enable captcha? ture/false 'enablecaptcha' =>true, // Enable captcha? ture/false
'dismemcaptcha' =>false, // Disable captcha for members? ture/false 'dismemcaptcha' =>false, // Disable captcha for members? ture/false
'embed' =>true, // Default for displaying embedded imgs/vids or turn them into links true/false 'embed' =>true, // Default for displaying embedded imgs/vids or turn them into links true/false
'imgembed' =>true, // Allow image embedding in chat using [img] tag? ture/false Warning: this might leak session data to the image hoster when cookies are disabled. 'imgembed' =>true, // Allow image embedding in chat using [img] tag? ture/false Warning: this might leak session data to the image hoster when cookies are disabled.
'vidembed' =>true, // Allow video embedding in chat using [vid] tag? ture/false Warning: this might leak session data to the video hoster when cookies are disabled. 'vidembed' =>false, // Allow video embedding in chat using [vid] tag? ture/false Warning: this might leak session data to the video hoster when cookies are disabled.
'suguests' =>false, // Adds option to add applicants. They will have a reserved nick protected with a password, but don't count as member true/false 'suguests' =>false, // Adds option to add applicants. They will have a reserved nick protected with a password, but don't count as member true/false
'timestamps' =>true, // Display timestamps in front of the messages by default true/false 'timestamps' =>true, // Display timestamps in front of the messages by default true/false
'incognito' =>true, // Allow mods and admins to be invisable true/false
'forceredirect' =>false, // Force redirect script or only use when no cookies available? ture/false 'forceredirect' =>false, // Force redirect script or only use when no cookies available? ture/false
'msglogout' =>false, // Add a message on member logout 'msglogout' =>false, // Add a message on member logout
'msglogin' =>true, // Add a message on member login 'msglogin' =>true, // Add a message on member login
'msgkick' =>true, // Add a message when kicking someone 'msgkick' =>true, // Add a message when kicking someone
'memkick' =>true, // Let a member kick guests if no mod is present
'sendmail' =>false, // Send mail on new message - only activate on low traffic chat or your inbox will fill up very fast! 'sendmail' =>false, // Send mail on new message - only activate on low traffic chat or your inbox will fill up very fast!
'mailsender' =>'www-data <www-data@localhost>', // Send mail using this e-Mail address 'mailsender' =>'www-data <www-data@localhost>', // Send mail using this e-Mail address
'mailreceiver' =>'Webmaster <webmaster@localhost>', // Send mail to this e-Mail address 'mailreceiver' =>'Webmaster <webmaster@localhost>', // Send mail to this e-Mail address
'redirect' =>"$_SERVER[SCRIPT_NAME]?action=redirect&url=", // Redirect script default: "$_SERVER[SCRIPT_NAME]?action=redirect&url=" 'redirect' =>"$_SERVER[SCRIPT_NAME]?action=redirect&url=", // Redirect script default: "$_SERVER[SCRIPT_NAME]?action=redirect&url="
'lang' =>'en', // Default language 'lang' =>'en' // Default language
'rulestxt' =>'1. YOUR_RULS<br>2. YOUR_RULES' // Rules - divide multiple rules by <br> to make them appear in a new line
); );
} }
?> ?>

7
lang_de.php
View File

@ -20,12 +20,12 @@
$I=array( $I=array(
'nodb' => 'Keine Verbindung zur Datenbank!', 'nodb' => 'Keine Verbindung zur Datenbank!',
'nodsetupb' => 'Keine Verbindung zur Datenbank, bitte erstelle eine Datenbank und bearbeite das Skript, um die korrekte Datenbank mit angegebenem Benutzernamen und Passwort zu benutzen.', 'nodbsetup' => 'Keine Verbindung zur Datenbank, bitte erstelle eine Datenbank und bearbeite das Skript, um die korrekte Datenbank mit angegebenem Benutzernamen und Passwort zu benutzen.',
'changelang' => 'Sprache ändern:', 'changelang' => 'Sprache ändern:',
'expire' => 'Ungültige/abgelaufene Sitzung', 'expire' => 'Ungültige/abgelaufene Sitzung',
'kicked' => 'Rausgeschmissen!', 'kicked' => 'Rausgeschmissen!',
'invalnick' => 'Ungültiger Nickname (Maximal %d Zeichen, keine Sonderzeichen erlaubt)', 'invalnick' => 'Ungültiger Nickname (Maximal %d Zeichen, keine Sonderzeichen erlaubt)',
'invalpass' => 'Falsches Passwort!', 'invalpass' => 'Ungültiges Passwort (Mindestens %d Zeichen)',
'noconfirm' => 'Passwordbestätigung stimmt nicht überein!', 'noconfirm' => 'Passwordbestätigung stimmt nicht überein!',
'incorregex' => 'Ungültiger regulärer Ausdruck!', 'incorregex' => 'Ungültiger regulärer Ausdruck!',
'bottom' => 'Unten', 'bottom' => 'Unten',
@ -143,6 +143,7 @@ $I=array(
'fontexample' => 'Beispiel für deine gewählte Schrift', 'fontexample' => 'Beispiel für deine gewählte Schrift',
'timestamps' => 'Zeitstempel anzeigen', 'timestamps' => 'Zeitstempel anzeigen',
'embed' => 'Bilder/Videos einbetten', 'embed' => 'Bilder/Videos einbetten',
'incognito' => 'Inkognito Modus',
'pbsize' => 'Postboxgröße', 'pbsize' => 'Postboxgröße',
'nbsize' => 'Notizboxgröße', 'nbsize' => 'Notizboxgröße',
'width' => 'Breite:', 'width' => 'Breite:',
@ -189,7 +190,7 @@ $I=array(
'cantchgstat' => 'Der Status von %s kann nicht geändert werden.', 'cantchgstat' => 'Der Status von %s kann nicht geändert werden.',
'succdel' => '%s wurde erfolgriech aus der Datenbank gelöscht.', 'succdel' => '%s wurde erfolgriech aus der Datenbank gelöscht.',
'succchg' => 'Status of %s successfully changed.', 'succchg' => 'Status of %s successfully changed.',
'wrongpass' => 'Passwort ist falsch.', 'wrongpass' => 'Falsches Passwort!',
'succprofile' => 'Dein Profil wurde erfolgreich gespeichert.', 'succprofile' => 'Dein Profil wurde erfolgreich gespeichert.',
'backtologin' => 'Zurück zur Anmeldeseite.', 'backtologin' => 'Zurück zur Anmeldeseite.',
'backtochat' => 'Zurück zum Chat.', 'backtochat' => 'Zurück zum Chat.',

7
lang_en.php
View File

@ -21,12 +21,12 @@
//Language: English //Language: English
$I=array( $I=array(
'nodb' => 'No Connection to Database!', 'nodb' => 'No Connection to Database!',
'nodsetupb' => 'No Connection to Database, please create a database and edit the script to use the correct database with given username and password!', 'nodbsetup' => 'No Connection to Database, please create a database and edit the script to use the correct database with given username and password!',
'changelang' => 'Change language:', 'changelang' => 'Change language:',
'expire' => 'Invalid/expired session', 'expire' => 'Invalid/expired session',
'kicked' => 'Kicked!', 'kicked' => 'Kicked!',
'invalnick' => 'Invalid nickname (%d characters maximum, no special characters allowed)', 'invalnick' => 'Invalid nickname (%d characters maximum, no special characters allowed)',
'invalpass' => 'Invalid password!', 'invalpass' => 'Invalid password (At least %d characters)',
'noconfirm' => 'Password confirmation does not match!', 'noconfirm' => 'Password confirmation does not match!',
'incorregex' => 'Incorrect regular expression!', 'incorregex' => 'Incorrect regular expression!',
'bottom' => 'Bottom', 'bottom' => 'Bottom',
@ -144,6 +144,7 @@ $I=array(
'fontexample' => 'Example for your chosen font', 'fontexample' => 'Example for your chosen font',
'timestamps' => 'Show Timestamps', 'timestamps' => 'Show Timestamps',
'embed' => 'Embed images/videos', 'embed' => 'Embed images/videos',
'incognito' => 'Incognito mode',
'pbsize' => 'Post box size', 'pbsize' => 'Post box size',
'nbsize' => 'Notes box size', 'nbsize' => 'Notes box size',
'width' => 'Width:', 'width' => 'Width:',
@ -190,7 +191,7 @@ $I=array(
'cantchgstat' => 'Can\'t change status of %s', 'cantchgstat' => 'Can\'t change status of %s',
'succdel' => '%s successfully deleted from database.', 'succdel' => '%s successfully deleted from database.',
'succchg' => 'Status of %s successfully changed.', 'succchg' => 'Status of %s successfully changed.',
'wrongpass' => 'Password is wrong.', 'wrongpass' => 'Wrong Password!',
'succprofile' => 'Your profile has successfully been saved.', 'succprofile' => 'Your profile has successfully been saved.',
'backtologin' => 'Back to the login page.', 'backtologin' => 'Back to the login page.',
'backtochat' => 'Back to the chat.', 'backtochat' => 'Back to the chat.',