$I[accessdenied]

".sprintf($I['loggedinas'], style_this($U['nickname'], $U['style'])); echo "
<$H[form]>$H[commonform]".hidden('action', 'logout'); if(!isSet($_REQUEST['session'])){ hidden('session', $U['session']); } echo submit($I['logout'], 'id="exitbutton"')."

$I[setup]

<$H[form]>$H[commonform]".hidden('action', 'setup').hidden('do', 'save'); if(!isSet($_REQUEST['session'])){ echo hidden('session', $U['session']); } echo ''; thr(); $ga=(int) get_setting('guestaccess'); echo "'; thr(); $englobal=(int) get_setting('englobalpass'); echo "'; thr(); $ga=(int) get_setting('guestreg'); echo "'; thr(); echo "'; foreach($C['text_settings'] as $setting){ thr(); echo ''; } foreach($C['colour_settings'] as $setting){ thr(); echo ''; } thr(); echo "'; foreach($C['textarea_settings'] as $setting){ thr(); echo ''; } foreach($C['number_settings'] as $setting){ thr(); echo ''; } foreach($C['bool_settings'] as $setting){ thr(); echo ''; } thr(); echo '

$I[guestacc] "; echo ''; echo '$I[guestallow]"; echo '$I[guestwait]"; echo '$I[adminallow]"; echo '$I[guestdisallow]"; echo '

$I[globalloginpass] "; echo ''; echo ''; echo ''; echo ' '; echo '$I[disabled]"; echo '$I[enabled]"; echo '$I[onlyguests]"; echo '

$I[guestreg] "; echo ''; echo '$I[disabled]"; echo '$I[assuguest]"; echo '$I[asmember]"; echo '

$I[sysmessages] "; echo ''; foreach($C['msg_settings'] as $setting){ echo "'; } echo '  $I[$setting]

'.$I[$setting].' '; echo "'; echo '

'.$I[$setting].' '; echo "'; echo '

$I[captcha] "; echo ''; if(!extension_loaded('gd')){ echo ""; }else{ echo ''; } echo ' $I[gdextrequired] '; $dismemcaptcha=(bool) get_setting('dismemcaptcha'); echo '$I[enabled]"; echo '$I[onlyguests]"; echo ' '; $captcha=(int) get_setting('captcha'); echo '$I[disabled]"; echo '$I[simple]"; echo '$I[moderate]"; echo '$I[extreme]"; echo '

'.$I[$setting].' '; echo "".htmlspecialchars(get_setting($setting)).''; echo '

'.$I[$setting].' '; echo "'; echo '

'; if($setting==='enablejs' && !extension_loaded('json')){ echo ""; } echo ' '.$I[$setting].' '; echo ""; $value=(bool) get_setting($setting); echo '$I[disabled]"; echo '$I[enabled]"; echo ' $I[jsonextrequired]

'.submit($I['apply']).'

'; if($U['status']==8){ echo ''; echo "'; echo "

<$H[form]>$H[commonform]".hidden('action', 'setup').hidden('do', 'backup'); if(!isSet($_REQUEST['session'])){ hidden('session', $U['session']); } echo submit($I['backuprestore']).'

<$H[form]>$H[commonform]".hidden('action', 'setup').hidden('do', 'destroy'); if(!isSet($_REQUEST['session'])){ hidden('session', $U['session']); } echo submit($I['destroy'], 'class="delbutton"').'

'; } echo "<$H[form]>$H[commonform]".hidden('action', 'logout'); if(!isSet($_REQUEST['session'])){ hidden('session', $U['session']); } echo submit($I['logout'], 'id="exitbutton"')."$H[credit]

$I[backuprestore]

"; thr(); if(!extension_loaded('json')){ echo ""; }else{ echo "'; thr(); echo "'; } thr(); echo ""; echo '

$I[jsonextrequired]

<$H[form]>$H[commonform]".hidden('action', 'setup').hidden('do', 'backup'); echo ' '; echo "$I[settings]"; echo "$I[filter]"; echo "$I[members]"; echo "$I[notes]"; echo ' '.submit($I['backup']).'

<$H[form]>$H[commonform]".hidden('action', 'setup').hidden('do', 'restore'); echo ''; echo "'; echo " ".htmlspecialchars(json_encode($code)).' $I[settings]"; echo "$I[filter]"; echo "$I[members]"; echo "$I[notes]"; echo ' '.submit($I['restore']).' '; echo '

<$H[form]>$H[commonform]".hidden('action', 'setup').submit($I['initgosetup'], 'class="backbutton"')."

'; print_end(); } function send_destroy_chat(){ global $H, $I; print_start('destroy_chat'); echo "

$I[confirm]
"; echo "<$H[form] target=\"_parent\">$H[commonform]".hidden('action', 'setup').hidden('do', 'destroy').hidden('confirm', 'yes').submit($I['yes'], 'class="delbutton"').'	'; echo "<$H[form]>$H[commonform]".hidden('action', 'setup').submit($I['no'], 'class="backbutton"').'

'; print_end(); } function send_init(){ global $H, $I, $L; print_start('init'); echo ""; print_end(); } function send_update(){ global $H, $I; print_start('update'); echo ""; print_end(); } function send_alogin(){ global $H, $I, $L; print_start('alogin'); echo ""; print_end(); } function send_admin($arg=''){ global $A, $H, $I, $P, $U, $db; $ga=(int) get_setting('guestaccess'); print_start('admin'); $chlist="$I[choose]"; $chlist.="$I[allguests]"; array_multisort(array_map('strtolower', array_keys($P)), SORT_ASC, SORT_STRING, $P); foreach($P as $user){ if($user[2]<$U['status']){ $chlist.="$user[0]"; } } $chlist.=''; echo ""; print_end(); } function send_sessions(){ global $H, $I, $U; $lines=parse_sessions(); print_start('sessions'); echo ""; print_end(); } function manage_filter(){ global $I, $db, $memcached; if(isSet($_REQUEST['id'])){ $_REQUEST['match']=htmlspecialchars($_REQUEST['match']); if(isSet($_REQUEST['regex']) && $_REQUEST['regex']==1){ if(@preg_match("/$_REQUEST[match]/", '')===false){ send_filter($I['incorregex']); } $reg=1; }else{ $_REQUEST['match']=preg_replace('/([^\w\d])/', "\\\\$1", $_REQUEST['match']); $reg=0; } if(isSet($_REQUEST['allowinpm']) && $_REQUEST['allowinpm']==1){ $pm=1; }else{ $pm=0; } if(isSet($_REQUEST['kick']) && $_REQUEST['kick']==1){ $kick=1; }else{ $kick=0; } if(preg_match('/^[0-9]*$/', $_REQUEST['id'])){ if(empty($_REQUEST['match'])){ $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'filter WHERE id=?;'); $stmt->execute(array($_REQUEST['id'])); if(MEMCACHED){ $memcached->delete(DBNAME . '-' . PREFIX . 'filter'); } }else{ $stmt=$db->prepare('UPDATE ' . PREFIX . 'filter SET filtermatch=?, filterreplace=?, allowinpm=?, regex=?, kick=? WHERE id=?;'); $stmt->execute(array($_REQUEST['match'], $_REQUEST['replace'], $pm, $reg, $kick, $_REQUEST['id'])); if(MEMCACHED){ $memcached->delete(DBNAME . '-' . PREFIX . 'filter'); } } }elseif(preg_match('/^\+$/', $_REQUEST['id'])){ $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'filter (filtermatch, filterreplace, allowinpm, regex, kick) VALUES (?, ?, ?, ?, ?);'); $stmt->execute(array($_REQUEST['match'], $_REQUEST['replace'], $pm, $reg, $kick)); if(MEMCACHED){ $memcached->delete(DBNAME . '-' . PREFIX . 'filter'); } } } } function manage_linkfilter(){ global $I, $db, $memcached; if(isSet($_REQUEST['id'])){ $_REQUEST['match']=htmlspecialchars($_REQUEST['match']); if(isSet($_REQUEST['regex']) && $_REQUEST['regex']==1){ if(@preg_match("/$_REQUEST[match]/", '')===false){ send_linkfilter($I['incorregex']); } $reg=1; }else{ $_REQUEST['match']=preg_replace('/([^\w\d])/', "\\\\$1", $_REQUEST['match']); $reg=0; } if(preg_match('/^[0-9]*$/', $_REQUEST['id'])){ if(empty($_REQUEST['match'])){ $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'linkfilter WHERE id=?;'); $stmt->execute(array($_REQUEST['id'])); if(MEMCACHED){ $memcached->delete(DBNAME . '-' . PREFIX . 'linkfilter'); } }else{ $stmt=$db->prepare('UPDATE ' . PREFIX . 'linkfilter SET filtermatch=?, filterreplace=?, regex=? WHERE id=?;'); $stmt->execute(array($_REQUEST['match'], $_REQUEST['replace'], $reg, $_REQUEST['id'])); if(MEMCACHED){ $memcached->delete(DBNAME . '-' . PREFIX . 'linkfilter'); } } }elseif(preg_match('/^\+$/', $_REQUEST['id'])){ $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'linkfilter (filtermatch, filterreplace, regex) VALUES (?, ?, ?);'); $stmt->execute(array($_REQUEST['match'], $_REQUEST['replace'], $reg)); if(MEMCACHED){ $memcached->delete(DBNAME . '-' . PREFIX . 'linkfilter'); } } } } function send_filter($arg=''){ global $H, $I, $U, $db, $memcached; print_start('filter'); echo ""; print_end(); } function send_linkfilter($arg=''){ global $H, $I, $U, $db, $memcached; print_start('linkfilter'); echo ""; print_end(); } function send_frameset(){ global $H, $I, $U; echo "$H[meta_html]"; echo ''; print_stylesheet(); if(isSet($_COOKIE['test'])){ echo "<body>$I[noframes]$H[backtologin]</body>"; }else{ echo "<body>$I[noframes]$H[backtologin]</body>"; } exit; } function send_messages($js){ global $I, $U; if(!$js){ if(isSet($_COOKIE[COOKIENAME])){ print_start('messages', $U['refresh'], "$_SERVER[SCRIPT_NAME]?action=view"); if(get_setting('enablejs')==1 && extension_loaded('json')){ echo ""; } }else{ print_start('messages', $U['refresh'], "$_SERVER[SCRIPT_NAME]?action=view&session=$U[session]&lang=$U[lang]"); if(get_setting('enablejs')==1 && extension_loaded('json')){ echo ""; } } }else{ print_start('messages'); } echo ''; echo '$I[bottom]'; if($js){ echo ""; } echo "$I[top]"; print_end(); } function send_notes($type){ global $H, $I, $U, $db; print_start('notes'); echo ''; print_end(); } function send_approve_waiting(){ global $H, $I, $db; print_start('approve_waiting'); echo ""; print_end(); } function send_waiting_room(){ global $H, $I, $U, $countmods, $db; parse_sessions(); $ga=(int) get_setting('guestaccess'); if($ga===3 && ($countmods>0 || !get_setting('modfallback'))){ $wait=false; }else{ $wait=true; } if(!isSet($U['session'])){ setcookie(COOKIENAME, false); send_error($I['expire']); } if($U['status']==0){ setcookie(COOKIENAME, false); send_error("$I[kicked]
$U[kickmessage]"); } $timeleft=get_setting('entrywait')-(time()-$U['lastpost']); if($wait && ($timeleft<=0 || $ga===1)){ $U['entry']=$U['lastpost']; $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET entry=lastpost WHERE session=?;'); $stmt->execute(array($U['session'])); send_frameset(); }elseif(!$wait && $U['entry']!=0){ send_frameset(); }else{ $refresh=(int) get_setting('defaultrefresh'); if(isSet($_COOKIE['test'])){ header("Refresh: $refresh; URL=$_SERVER[SCRIPT_NAME]?action=wait"); print_start('waitingroom', $refresh, "$_SERVER[SCRIPT_NAME]?action=wait"); }else{ header("Refresh: $refresh; URL=$_SERVER[SCRIPT_NAME]?action=wait&session=$U[session]"); print_start('waitingroom', $refresh, "$_SERVER[SCRIPT_NAME]?action=wait&session=$U[session]&lang=$U[lang]"); } echo "'; print_end(); } } function send_choose_messages(){ global $H, $I, $U; print_start('choose_messages'); frmadm('clean'); echo hidden('what', 'selected').submit($I['delselmes'], 'class="delbutton"').'

'; print_messages($U['status']); echo "
$H[backtochat]"; print_end(); } function send_del_confirm(){ global $I; print_start('del_confirm'); echo "'; print_end(); } function send_post(){ global $I, $P, $U, $countmods; $U['postid']=substr(time(), -6); print_start('post'); if(!isSet($_REQUEST['sendto'])){ $_REQUEST['sendto']=''; } echo ''; print_end(); } function send_help(){ global $H, $I, $U; print_start('help'); $rulestxt=get_setting('rulestxt'); if(!empty($rulestxt)){ echo "

$I[rules]

$rulestxt

---

"; } echo "

$I[help]

$I[helpguest]"; if(get_setting('imgembed')){ echo "
$I[helpembed]"; } if($U['status']>=3){ echo "
$I[helpmem]
"; if($U['status']>=5){ echo "
$I[helpmod]
"; if($U['status']>=7){ echo "
$I[helpadm]
"; } } } echo "

---

"; print_end(); } function send_profile($arg=''){ global $F, $H, $I, $L, $P, $U, $db; print_start('profile'); echo ""; print_end(); } function send_controls(){ global $H, $I, $U; print_start('controls'); echo ''; echo "'; echo "'; echo "'; if($U['status']>=5){ echo "'; echo "'; } if($U['status']>=3){ echo "'; } echo "'; echo "'; echo '

<$H[form] target=\"post\">$H[commonform]".hidden('action', 'post').submit($I['reloadpb']).'

<$H[form] target=\"view\">$H[commonform]".hidden('action', 'view').submit($I['reloadmsgs']).'

<$H[form] target=\"view\">$H[commonform]".hidden('action', 'profile').submit($I['chgprofile']).'

<$H[form] target=\"view\">$H[commonform]".hidden('action', 'admin').submit($I['adminbtn']).'

<$H[form] target=\"view\">$H[commonform]".hidden('action', 'notes').submit($I['notes']).'

<$H[form] target=\"_blank\">$H[commonform]".hidden('action', 'login').submit($I['clone']).'

<$H[form] target=\"view\">$H[commonform]".hidden('action', 'help').submit($I['randh']).'

<$H[form] target=\"_parent\">$H[commonform]".hidden('action', 'logout').submit($I['exit'], 'id="exitbutton"').'

'; print_end(); } function send_logout(){ global $H, $I, $U; print_start('logout'); echo '"; print_end(); } function send_colours(){ global $H, $I; print_start('colours'); echo "'; print_end(); } function send_login(){ global $H, $I, $L; setcookie('test', '1'); print_start('login'); $ga=(int) get_setting('guestaccess'); $englobal=(int) get_setting('englobalpass'); echo '"; print_end(); } function send_error($err){ global $H, $I; print_start('error'); echo "

$I[error]: $err

$H[backtologin]"; print_end(); } function send_fatal_error($err){ global $H, $I; echo "$H[meta_html]"; echo ""; echo ""; echo ''; echo "

$I[fatalerror]: $err

"; print_end(); } function print_chatters(){ global $I, $P, $U, $db; echo ''; if($U['status']>=5 && get_setting('guestaccess')==3){ $result=$db->query('SELECT COUNT(*) FROM ' . PREFIX . 'sessions WHERE entry=0 AND status=1;'); $temp=$result->fetch(PDO::FETCH_NUM); if($temp[0]>0){ echo ''; } } foreach($P as $user){ if($user[2]<=2){ $G[]=style_this($user[0], $user[1]); }else{ $M[]=style_this($user[0], $user[1]); } } if(!empty($M)){ echo "'; if(!empty($G)){ echo ''; } } if(!empty($G)){ echo "'; } echo '

'; frmadm('approve'); echo submit(sprintf($I['approveguests'], $temp[0])).'		$I[members]:		".implode('   ', $M).'		$I[guests]:		".implode('   ', $G).'

'; } // session management function create_session($setup){ global $I, $U, $db, $memcached; $U['nickname']=preg_replace('/\s+/', '', $_REQUEST['nick']); $U['passhash']=md5(sha1(md5($U['nickname'].$_REQUEST['pass']))); if(!check_member()){ add_user_defaults(); } $U['entry']=$U['lastpost']=time(); if($setup){ $U['incognito']=1; } if(get_setting('captcha')>0 && ($U['status']==1 || get_setting('dismemcaptcha')==0)){ if(!isSet($_REQUEST['challenge'])){ send_error($I['wrongcaptcha']); } if(!MEMCACHED){ $stmt=$db->prepare('SELECT code FROM ' . PREFIX . 'captcha WHERE id=?;'); $stmt->execute(array($_REQUEST['challenge'])); $stmt->bindColumn(1, $code); if(!$stmt->fetch(PDO::FETCH_BOUND)){ send_error($I['captchaexpire']); } $timeout=time()-get_setting('captchatime'); $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'captcha WHERE id=? OR timeexecute(array($_REQUEST['challenge'], $timeout)); }else{ if(!$code=$memcached->get(DBNAME . '-' . PREFIX . "captcha-$_REQUEST[challenge]")){ send_error($I['captchaexpire']); } $memcached->delete(DBNAME . '-' . PREFIX . "captcha-$_REQUEST[challenge]"); } if($_REQUEST['captcha']!=$code){ send_error($I['wrongcaptcha']); } } if($U['status']==1){ $ga=(int) get_setting('guestaccess'); if(!valid_nick($U['nickname'])){ send_error(sprintf($I['invalnick'], get_setting('maxname'))); } if(!valid_pass($_REQUEST['pass'])){ send_error(sprintf($I['invalpass'], get_setting('minpass'))); } if($ga===0){ send_error($I['noguests']); }elseif($ga===3){ $U['entry']=0; } if(get_setting('englobalpass')!=0 && isSet($_REQUEST['globalpass']) && $_REQUEST['globalpass']!=get_setting('globalpass')){ send_error($I['wrongglobalpass']); } } write_new_session(); } function write_new_session(){ global $I, $P, $U, $db; $lines=parse_sessions(); $sids; $reentry=false; foreach($lines as $temp){ $sids[$temp['session']]=true;// collect all existing ids if($temp['nickname']===$U['nickname']){// nick already here? if($U['passhash']===$temp['passhash']){ $U=$temp; if($U['status']==0){ setcookie(COOKIENAME, false); send_error("$I[kicked]
$U[kickmessage]"); } setcookie(COOKIENAME, $U['session']); $reentry=true; break; }else{ send_error($I['wrongpass']); } } } // create new session: if(!$reentry){ do{ $U['session']=md5(time().mt_rand().$U['nickname']); }while(isSet($sids[$U['session']]));// check for hash collision if(isSet($_SERVER['HTTP_USER_AGENT'])){ $useragent=htmlspecialchars($_SERVER['HTTP_USER_AGENT']); }else{ $useragent=''; } if(get_setting('trackip')){ $ip=$_SERVER['REMOTE_ADDR']; }else{ $ip=''; } $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'sessions (session, nickname, status, refresh, style, lastpost, passhash, boxwidth, boxheight, useragent, bgcolour, notesboxwidth, notesboxheight, entry, timestamps, embed, incognito, ip) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);'); $stmt->execute(array($U['session'], $U['nickname'], $U['status'], $U['refresh'], $U['style'], $U['lastpost'], $U['passhash'], $U['boxwidth'], $U['boxheight'], $useragent, $U['bgcolour'], $U['notesboxwidth'], $U['notesboxheight'], $U['entry'], $U['timestamps'], $U['embed'], $U['incognito'], $ip)); setcookie(COOKIENAME, $U['session']); if($U['status']>=3 && !$U['incognito']){ add_system_message(sprintf(get_setting('msgenter'), style_this($U['nickname'], $U['style']))); } $P[$U['nickname']]=[$U['nickname'], $U['style'], $U['status']]; } } function approve_session(){ global $db; if(isSet($_REQUEST['what'])){ if($_REQUEST['what']==='allowchecked' && isSet($_REQUEST['csid'])){ $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET entry=lastpost WHERE nickname=?;'); foreach($_REQUEST['csid'] as $nick){ $stmt->execute(array($nick)); } }elseif($_REQUEST['what']==='allowall' && isSet($_REQUEST['alls'])){ $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET entry=lastpost WHERE nickname=?;'); foreach($_REQUEST['alls'] as $nick){ $stmt->execute(array($nick)); } }elseif($_REQUEST['what']==='denychecked' && isSet($_REQUEST['csid'])){ $time=60*(get_setting('kickpenalty')-get_setting('guestexpire'))+time(); $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET lastpost=?, status=0, kickmessage=? WHERE nickname=? AND status=1;'); foreach($_REQUEST['csid'] as $nick){ $stmt->execute(array($time, $_REQUEST['kickmessage'], $nick)); } }elseif($_REQUEST['what']==='denyall' && isSet($_REQUEST['alls'])){ $time=60*(get_setting('kickpenalty')-get_setting('guestexpire'))+time(); $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET lastpost=?, status=0, kickmessage=? WHERE nickname=? AND status=1;'); foreach($_REQUEST['alls'] as $nick){ $stmt->execute(array($time, $_REQUEST['kickmessage'], $nick)); } } } } function check_login(){ global $I, $U, $db; $ga=(int) get_setting('guestaccess'); if(isSet($_POST['session'])){ $stmt=$db->prepare('SELECT * FROM ' . PREFIX . 'sessions WHERE session=?;'); $stmt->execute(array($_POST['session'])); if($U=$stmt->fetch(PDO::FETCH_ASSOC)){ if($U['status']==0){ setcookie(COOKIENAME, false); send_error("$I[kicked]
$U[kickmessage]"); }else{ setcookie(COOKIENAME, $U['session']); } }else{ setcookie(COOKIENAME, false); send_error($I['expire']); } }elseif(get_setting('englobalpass')==1 && (!isSet($_POST['globalpass']) || $_POST['globalpass']!=get_setting('globalpass'))){ send_error($I['wrongglobalpass']); }elseif(!isSet($_REQUEST['nick']) || !isSet($_REQUEST['pass'])){ send_login(); }else{ if(!empty($_REQUEST['regpass']) && $_REQUEST['regpass']!==$_REQUEST['pass']){ send_error($I['noconfirm']); } create_session(false); if(!empty($_REQUEST['regpass'])){ $guestreg=(int) get_setting('guestreg'); if($guestreg===1){ register_guest(2, $_REQUEST['nick']); $U['status']=2; }elseif($guestreg===2){ register_guest(3, $_REQUEST['nick']); $U['status']=3; } } } if($U['status']==1){ if($ga===2 || $ga===3){ $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET entry=0 WHERE session=?;'); $stmt->execute(array($U['session'])); send_waiting_room(); } } } function kill_session(){ global $I, $U, $db; parse_sessions(); setcookie(COOKIENAME, false); if(!isSet($U['session'])){ send_error($I['expire']); } if($U['status']==0){ send_error("$I[kicked]
$U[kickmessage]"); } $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'sessions WHERE session=?;'); $stmt->execute(array($U['session'])); if($U['status']==1){ $stmt=$db->prepare('UPDATE ' . PREFIX . "messages SET poster='' WHERE poster=? AND poststatus=9;"); $stmt->execute(array($U['nickname'])); $stmt=$db->prepare('UPDATE ' . PREFIX . "messages SET recipient='' WHERE recipient=? AND poststatus=9;"); $stmt->execute(array($U['nickname'])); $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'ignored WHERE ign=? OR ignby=?;'); $stmt->execute(array($U['nickname'], $U['nickname'])); $db->exec('DELETE FROM ' . PREFIX . "messages WHERE poster='' AND recipient='' AND poststatus=9;"); }elseif($U['status']>=3 && !$U['incognito']){ add_system_message(sprintf(get_setting('msgexit'), style_this($U['nickname'], $U['style']))); } } function kick_chatter($names, $mes, $purge){ global $P, $U, $db; $lonick=''; $lines=parse_sessions(); $time=60*(get_setting('kickpenalty')-get_setting('guestexpire'))+time(); $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET lastpost=?, status=0, kickmessage=? WHERE session=? AND status!=0;'); $i=0; foreach($names as $name){ foreach($lines as $temp){ if(($temp['nickname']===$U['nickname'] && $U['nickname']===$name) || ($U['status']>$temp['status'] && (($temp['nickname']===$name && $temp['status']>0) || ($name==='&' && $temp['status']==1)))){ $stmt->execute(array($time, $mes, $temp['session'])); if($purge){ del_all_messages($temp['nickname'], 10, 0); } $lonick.=style_this($temp['nickname'], $temp['style']).', '; ++$i; unset($P[$name]); } } } if(!empty($lonick)){ if($names[0]==='&'){ add_system_message(get_setting('msgallkick')); }else{ $lonick=preg_replace('/\,\s$/','',$lonick); if($i>1){ add_system_message(sprintf(get_setting('msgmultikick'), $lonick)); }else{ add_system_message(sprintf(get_setting('msgkick'), $lonick)); } } } if(!empty($lonick)){ return true; } return false; } function logout_chatter($names){ global $P, $U, $db; $lines=parse_sessions(); $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'sessions WHERE session=? AND statusprepare('UPDATE ' . PREFIX . "messages SET poster='' WHERE poster=? AND poststatus=9;"); $stmt2=$db->prepare('UPDATE ' . PREFIX . "messages SET recipient='' WHERE recipient=? AND poststatus=9;"); $stmt3=$db->prepare('DELETE FROM ' . PREFIX . 'ignored WHERE ign=? OR ignby=?;'); foreach($names as $name){ foreach($lines as $temp){ if($temp['nickname']===$name || ($name==='&' && $temp['status']==1)){ $stmt->execute(array($temp['session'], $U['status'])); if($temp['status']==1){ $stmt1->execute(array($temp['nickname'])); $stmt2->execute(array($temp['nickname'])); $stmt3->execute(array($temp['nickname'], $temp['nickname'])); } unset($P[$name]); } } } $db->exec('DELETE FROM ' . PREFIX . "messages WHERE poster='' AND recipient='' AND poststatus=9;"); } function check_session(){ global $I, $U; parse_sessions(); if(!isSet($U['session'])){ setcookie(COOKIENAME, false); send_error($I['expire']); } if($U['status']==0){ setcookie(COOKIENAME, false); send_error("$I[kicked]
$U[kickmessage]"); } if($U['entry']==0){ send_waiting_room(); } } function get_nowchatting(){ global $I, $P; parse_sessions(); echo sprintf($I['curchat'], count($P)).'
'; foreach($P as $user){ echo style_this($user[0], $user[1]).'   '; } } function parse_sessions(){ global $P, $U, $countmods, $db; $guestexpire=time()-60*get_setting('guestexpire'); $memberexpire=time()-60*get_setting('memberexpire'); $result=$db->prepare('SELECT nickname, status FROM ' . PREFIX . 'sessions WHERE (status<=2 AND lastpost2 AND lastpostexecute(array($guestexpire, $memberexpire)); if($tmp=$result->fetchAll(PDO::FETCH_ASSOC)){ $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'sessions WHERE nickname=?;'); $stmt1=$db->prepare('UPDATE ' . PREFIX . "messages SET poster='' WHERE poster=? AND poststatus=9;"); $stmt2=$db->prepare('UPDATE ' . PREFIX . "messages SET recipient='' WHERE recipient=? AND poststatus=9;"); $stmt3=$db->prepare('DELETE FROM ' . PREFIX . 'ignored WHERE ign=? OR ignby=?;'); foreach($tmp as $temp){ $stmt->execute(array($temp['nickname'])); if($temp['status']<=1){ $stmt1->execute(array($temp['nickname'])); $stmt2->execute(array($temp['nickname'])); $stmt3->execute(array($temp['nickname'], $temp['nickname'])); } } $db->exec('DELETE FROM ' . PREFIX . "messages WHERE poster='' AND recipient='' AND poststatus=9;"); } $result=$db->query('SELECT * FROM ' . PREFIX . 'sessions ORDER BY status DESC, lastpost DESC;'); if(!$lines=$result->fetchAll(PDO::FETCH_ASSOC)) $lines=array(); if(isSet($_REQUEST['session'])){ foreach($lines as $temp){ if($temp['session']===$_REQUEST['session']){ $U=$temp; break; } } } $countmods=0; $P=array(); foreach($lines as $temp){ if($temp['entry']!=0 && $temp['status']>0){ if(!$temp['incognito']){ $P[$temp['nickname']]=[$temp['nickname'], $temp['style'], $temp['status']]; } if($temp['status']>=5){ ++$countmods; } } } return $lines; } // member handling function check_member(){ global $I, $U, $db; $stmt=$db->prepare('SELECT * FROM ' . PREFIX . 'members WHERE nickname=?;'); $stmt->execute(array($U['nickname'])); if($temp=$stmt->fetch(PDO::FETCH_ASSOC)){ if($temp['passhash']===$U['passhash']){ $U=$temp; $time=time(); $stmt=$db->prepare('UPDATE ' . PREFIX . 'members SET lastlogin=? WHERE nickname=?;'); $stmt->execute(array($time, $U['nickname'])); return true; }else{ send_error($I['wrongpass']); } } return false; } function read_members(){ global $A, $db; $result=$db->query('SELECT * FROM ' . PREFIX . 'members;'); while($temp=$result->fetch(PDO::FETCH_ASSOC)){ $A[$temp['nickname']][0]=$temp['nickname']; $A[$temp['nickname']][1]=$temp['status']; $A[$temp['nickname']][2]=$temp['style']; } } function register_guest($status, $nick){ global $A, $I, $P, $U, $db; if(!isSet($P[$nick])){ return sprintf($I['cantreg'], $nick); } read_members(); if(isSet($A[$nick])){ return sprintf($I['alreadyreged'], $nick); } $stmt=$db->prepare('SELECT * FROM ' . PREFIX . 'sessions WHERE nickname=? AND status=1;'); $stmt->execute(array($nick)); if($reg=$stmt->fetch(PDO::FETCH_ASSOC)){ $reg['status']=$status; $P[$nick][2]=$status; $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET status=? WHERE session=?;'); $stmt->execute(array($reg['status'], $reg['session'])); }else{ return sprintf($I['cantreg'], $nick); } $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'members (nickname, passhash, status, refresh, bgcolour, boxwidth, boxheight, regedby, timestamps, embed, style) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?);'); $stmt->execute(array($reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $U['nickname'], $reg['timestamps'], $reg['embed'], $reg['style'])); if($reg['status']==3){ add_system_message(sprintf(get_setting('msgmemreg'), style_this($reg['nickname'], $reg['style']))); }else{ add_system_message(sprintf(get_setting('msgsureg'), style_this($reg['nickname'], $reg['style']))); } return sprintf($I['successreg'], $reg['nickname']); } function register_new($nick, $pass){ global $A, $I, $P, $U, $db; $nick=preg_replace('/\s+/', '', $nick); if(empty($nick)){ return ''; }elseif(isSet($P[$nick])){ return sprintf($I['cantreg'], $nick); }elseif(!valid_nick($nick)){ return sprintf($I['invalnick'], get_setting('maxname')); }elseif(!valid_pass($pass)){ return sprintf($I['invalpass'], get_setting('minpass')); } read_members(); if(isSet($A[$nick])){ return sprintf($I['alreadyreged'], $nick); } $reg=array( 'nickname' =>$nick, 'passhash' =>md5(sha1(md5($nick.$pass))), 'status' =>3, 'refresh' =>get_setting('defaultrefresh'), 'bgcolour' =>get_setting('colbg'), 'regedby' =>$U['nickname'], 'timestamps' =>get_setting('timestamps'), 'style' =>'color:#'.get_setting('coltxt').';' ); $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'members (nickname, passhash, status, refresh, bgcolour, regedby, timestamps, style) VALUES (?, ?, ?, ?, ?, ?, ?, ?);'); $stmt->execute(array($reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['bgcolour'], $reg['regedby'], $reg['timestamps'], $reg['style'])); return sprintf($I['successreg'], $reg['nickname']); } function change_status($nick, $status){ global $I, $P, $U, $db; if(empty($nick)){ return ''; }elseif($U['status']<=$status || !preg_match('/^[023567\-]$/', $status)){ return sprintf($I['cantchgstat'], $nick); } $stmt=$db->prepare('SELECT * FROM ' . PREFIX . 'members WHERE nickname=? AND statusexecute(array($nick, $U['status'])); if($stmt->fetch(PDO::FETCH_ASSOC)){ if($_REQUEST['set']==='-'){ $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'members WHERE nickname=?;'); $stmt->execute(array($nick)); $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET status=1 WHERE nickname=?;'); $stmt->execute(array($nick)); if(isSet($P[$nick])){ $P[$nick][2]=1; } return sprintf($I['succdel'], $nick); }else{ $stmt=$db->prepare('UPDATE ' . PREFIX . 'members SET status=? WHERE nickname=?;'); $stmt->execute(array($status, $nick)); $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET status=? WHERE nickname=?;'); $stmt->execute(array($status, $nick)); if(isSet($P[$nick])){ $P[$nick][2]=$status; } return sprintf($I['succchg'], $nick); } }else{ return sprintf($I['cantchgstat'], $nick); } } function passreset($nick, $pass){ global $I, $U, $db; if(empty($nick)){ return ''; } $stmt=$db->prepare('SELECT * FROM ' . PREFIX . 'members WHERE nickname=? AND statusexecute(array($nick, $U['status'])); if($stmt->fetch(PDO::FETCH_ASSOC)){ $passhash=md5(sha1(md5($nick.$pass))); $stmt=$db->prepare('UPDATE ' . PREFIX . 'members SET passhash=? WHERE nickname=?;'); $stmt->execute(array($passhash, $nick)); $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET passhash=? WHERE nickname=?;'); $stmt->execute(array($passhash, $nick)); return sprintf($I['succpassreset'], $nick); }else{ return sprintf($I['cantresetpass'], $nick); } } function amend_profile(){ global $F, $U; if(isSet($_REQUEST['refresh'])){ $U['refresh']=$_REQUEST['refresh']; } if($U['refresh']<5){ $U['refresh']=5; }elseif($U['refresh']>150){ $U['refresh']=150; } if(preg_match('/^[a-f0-9]{6}$/i', $_REQUEST['colour'])){ $U['colour']=$_REQUEST['colour']; }else{ preg_match('/#([0-9a-f]{6})/i', $U['style'], $matches); $U['colour']=$matches[1]; } if(preg_match('/^[a-f0-9]{6}$/i', $_REQUEST['bgcolour'])){ $U['bgcolour']=$_REQUEST['bgcolour']; } $fonttags=''; if($U['status']>=3 && isSet($_REQUEST['bold'])){ $fonttags.='b'; } if($U['status']>=3 && isSet($_REQUEST['italic'])){ $fonttags.='i'; } if($U['status']>=3 && isSet($F[$_REQUEST['font']])){ $fontface=$F[$_REQUEST['font']]; }else{ $fontface=''; } $U['style']=get_style("#$U[colour] $fontface <$fonttags>"); if($_REQUEST['boxwidth']>0 && $_REQUEST['boxwidth']<1000){ $U['boxwidth']=$_REQUEST['boxwidth']; } if($_REQUEST['boxheight']>0 && $_REQUEST['boxheight']<1000){ $U['boxheight']=$_REQUEST['boxheight']; } if(isSet($_REQUEST['notesboxwidth']) && $_REQUEST['notesboxwidth']>0 && $_REQUEST['notesboxwidth']<1000){ $U['notesboxwidth']=$_REQUEST['notesboxwidth']; } if(isSet($_REQUEST['notesboxheight']) && $_REQUEST['notesboxheight']>0 && $_REQUEST['notesboxheight']<1000){ $U['notesboxheight']=$_REQUEST['notesboxheight']; } if(isSet($_REQUEST['timestamps'])){ $U['timestamps']=1; }else{ $U['timestamps']=0; } if(isSet($_REQUEST['embed'])){ $U['embed']=1; }else{ $U['embed']=0; } if($U['status']>=5 && isSet($_REQUEST['incognito']) && get_setting('incognito')){ $U['incognito']=1; }else{ $U['incognito']=0; } } function save_profile(){ global $I, $U, $db; if(!isSet($_REQUEST['oldpass'])){ $_REQUEST['oldpass']=''; } if(!isSet($_REQUEST['newpass'])){ $_REQUEST['newpass']=''; } if(!isSet($_REQUEST['confirmpass'])){ $_REQUEST['confirmpass']=''; } if($_REQUEST['newpass']!==$_REQUEST['confirmpass']){ return $I['noconfirm']; }elseif(!empty($_REQUEST['newpass']) && valid_pass($_REQUEST['newpass'])){ $U['oldhash']=md5(sha1(md5($U['nickname'].$_REQUEST['oldpass']))); $U['newhash']=md5(sha1(md5($U['nickname'].$_REQUEST['newpass']))); }else{ $U['oldhash']=$U['newhash']=$U['passhash']; } if($U['passhash']!==$U['oldhash']){ return $I['wrongpass']; } $U['passhash']=$U['newhash']; amend_profile(); $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET refresh=?, style=?, passhash=?, boxwidth=?, boxheight=?, bgcolour=?, notesboxwidth=?, notesboxheight=?, timestamps=?, embed=?, incognito=? WHERE session=?;'); $stmt->execute(array($U['refresh'], $U['style'], $U['passhash'], $U['boxwidth'], $U['boxheight'], $U['bgcolour'], $U['notesboxwidth'], $U['notesboxheight'], $U['timestamps'], $U['embed'], $U['incognito'], $U['session'])); if($U['status']>=2){ $stmt=$db->prepare('UPDATE ' . PREFIX . 'members SET passhash=?, refresh=?, bgcolour=?, boxwidth=?, boxheight=?, notesboxwidth=?, notesboxheight=?, timestamps=?, embed=?, incognito=?, style=? WHERE nickname=?;'); $stmt->execute(array($U['passhash'], $U['refresh'], $U['bgcolour'], $U['boxwidth'], $U['boxheight'], $U['notesboxwidth'], $U['notesboxheight'], $U['timestamps'], $U['embed'], $U['incognito'], $U['style'], $U['nickname'])); } if(!empty($_REQUEST['unignore'])){ $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'ignored WHERE ign=? AND ignby=?;'); $stmt->execute(array($_REQUEST['unignore'], $U['nickname'])); } if(!empty($_REQUEST['ignore'])){ $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'ignored (ign, ignby) VALUES (?, ?);'); $stmt->execute(array($_REQUEST['ignore'], $U['nickname'])); } if($U['status']>1 && !empty($_REQUEST['newnickname'])){ $msg=set_new_nickname(); if($msg!==''){ return $msg; } } if(!empty($_REQUEST['newpass']) && !valid_pass($_REQUEST['newpass'])){ return sprintf($I['invalpass'], get_setting('minpass')); } return $I['succprofile']; } function set_new_nickname(){ global $I, $U, $db; if(!isSet($_REQUEST['new_pass']) || !valid_pass($_REQUEST['new_pass'])){ return sprintf($I['nopass'], get_setting('minpass')); } if(!valid_nick($_REQUEST['newnickname'])){ return sprintf($I['invalnick'], get_setting('maxname')); } $U['passhash']=md5(sha1(md5($_REQUEST['newnickname'].$_REQUEST['new_pass']))); $stmt=$db->prepare('SELECT id FROM ' . PREFIX . 'sessions WHERE nickname=? UNION SELECT id FROM ' . PREFIX . 'members WHERE nickname=?;'); $stmt->execute(array($_REQUEST['newnickname'], $_REQUEST['newnickname'])); if($stmt->fetch(PDO::FETCH_NUM)){ return $I['nicknametaken']; }else{ if($U['status']>1){ $entry=0; }else{ $entry=$U['entry']; } $stmt=$db->prepare('UPDATE ' . PREFIX . 'members SET nickname=?, passhash=? WHERE nickname=?;'); $stmt->execute(array($_REQUEST['newnickname'], $U['passhash'], $U['nickname'])); $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET nickname=?, passhash=? WHERE nickname=?;'); $stmt->execute(array($_REQUEST['newnickname'], $U['passhash'], $U['nickname'])); $stmt=$db->prepare('UPDATE ' . PREFIX . 'messages SET poster=? WHERE poster=? AND postdate>?;'); $stmt->execute(array($_REQUEST['newnickname'], $U['nickname'], $entry)); $stmt=$db->prepare('UPDATE ' . PREFIX . 'messages SET recipient=? WHERE recipient=? AND postdate>?;'); $stmt->execute(array($_REQUEST['newnickname'], $U['nickname'], $entry)); $stmt=$db->prepare('UPDATE ' . PREFIX . 'ignored SET ignby=? WHERE ignby=?;'); $stmt->execute(array($_REQUEST['newnickname'], $U['nickname'])); $stmt=$db->prepare('UPDATE ' . PREFIX . 'ignored SET ign=? WHERE ign=?;'); $stmt->execute(array($_REQUEST['newnickname'], $U['nickname'])); $U['nickname']=$_REQUEST['newnickname']; } return ''; } function add_user_defaults(){ global $U; $U['refresh']=get_setting('defaultrefresh'); $U['bgcolour']=get_setting('colbg'); if(!isSet($_REQUEST['colour']) || !preg_match('/^[a-f0-9]{6}$/i', $_REQUEST['colour'])){ do{ $U['colour']=sprintf('%02X', mt_rand(0, 256)).sprintf('%02X', mt_rand(0, 256)).sprintf('%02X', mt_rand(0, 256)); }while(abs(greyval($U['colour'])-greyval(get_setting('colbg')))<75); }else{ $U['colour']=$_REQUEST['colour']; } $U['style']=get_style("#$U[colour]"); $U['boxwidth']=40; $U['boxheight']=3; $U['notesboxwidth']=80; $U['notesboxheight']=30; $U['timestamps']=get_setting('timestamps'); $U['embed']=1; $U['incognito']=0; $U['status']=1; } // message handling function validate_input(){ global $P, $U, $db; $maxmessage=get_setting('maxmessage'); $U['message']=substr($_REQUEST['message'], 0, $maxmessage); $U['rejected']=substr($_REQUEST['message'], $maxmessage); if($U['postid']===$_REQUEST['postid']){// ignore double post=reload from browser or proxy $U['message']=''; }elseif((time()-$U['lastpost'])<=1){// time between posts too short, reject! $U['rejected']=$_REQUEST['message']; $U['message']=''; } if(preg_match('/&[^;]{0,8}$/', $U['message']) && preg_match('/^([^;]{0,8};)/', $U['rejected'], $match)){ $U['message'].=$match[0]; $U['rejected']=preg_replace("/^$match[0]", '', $U['rejected']); } if(!empty($U['rejected'])){ $U['rejected']=trim($U['rejected']); $U['rejected']=htmlspecialchars($U['rejected']); } $U['message']=htmlspecialchars($U['message']); $U['message']=preg_replace("/(\r?\n|\r\n?)/", '
', $U['message']); if(isSet($_REQUEST['multi'])){ $U['message']=preg_replace('/\s*
/', '
', $U['message']); $U['message']=preg_replace('/
(
)+/', '

', $U['message']); $U['message']=preg_replace('/

\s*$/', '
', $U['message']); $U['message']=preg_replace('/^
\s*$/', '', $U['message']); }else{ $U['message']=str_replace('
', ' ', $U['message']); } $U['message']=trim($U['message']); $U['message']=preg_replace('/\s+/', ' ', $U['message']); $U['delstatus']=$U['status']; $U['recipient']=''; if($_REQUEST['sendto']==='*'){ $U['poststatus']='1'; $U['displaysend']=sprintf(get_setting('msgsendall'), style_this($U['nickname'], $U['style'])); }elseif($_REQUEST['sendto']==='?' && $U['status']>=3){ $U['poststatus']='3'; $U['displaysend']=sprintf(get_setting('msgsendmem'), style_this($U['nickname'], $U['style'])); }elseif($_REQUEST['sendto']==='#' && $U['status']>=5){ $U['poststatus']='5'; $U['displaysend']=sprintf(get_setting('msgsendmod'), style_this($U['nickname'], $U['style'])); }elseif($_REQUEST['sendto']==='&' && $U['status']>=6){ $U['poststatus']='6'; $U['displaysend']=sprintf(get_setting('msgsendadm'), style_this($U['nickname'], $U['style'])); }else{// known nick in room? $stmt=$db->prepare('SELECT * FROM ' . PREFIX . 'ignored WHERE (ignby=? AND ign=?) OR (ignby=? AND ign=?);'); $stmt->execute(array($U['nickname'], $_REQUEST['sendto'], $_REQUEST['sendto'], $U['nickname'])); if(!$stmt->fetch(PDO::FETCH_NUM)){ foreach($P as $chatter){ if($_REQUEST['sendto']===$chatter[0]){ $U['recipient']=$chatter[0]; $U['displayrecp']=style_this($chatter[0], $chatter[1]); break; } } } if(!empty($U['recipient'])){ $U['poststatus']='9'; $U['delstatus']='9'; $U['displaysend']=sprintf(get_setting('msgsendprv'), style_this($U['nickname'], $U['style']), $U['displayrecp']); }else{// nick left already or ignores us $U['message']=''; $U['rejected']=''; } } if(isSet($U['poststatus'])){ apply_filter(); create_hotlinks(); apply_linkfilter(); if(add_message()){ $U['lastpost']=time(); $stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET lastpost=?, postid=? WHERE session=?;'); $stmt->execute(array($U['lastpost'], $_REQUEST['postid'], $U['session'])); } } } function apply_filter(){ global $I, $U, $db, $memcached; if($U['poststatus']!==9 && preg_match('~^/me~i', $U['message'])){ $U['displaysend']=substr($U['displaysend'], 0, -3); $U['message']=preg_replace("~^/me~i", '', $U['message']); } $U['message']=preg_replace_callback('/\@([a-z0-9]{1,})/i', function ($matched){ global $A, $P; if(isSet($P[$matched[1]])){ return style_this($matched[0], $P[$matched[1]][1]); } $nick=strtolower($matched[1]); foreach($P as $user){ if(strtolower($user[0])===$nick){ return style_this($matched[0], $user[1]); } } read_members(); if(isSet($A[$matched[1]])){ return style_this($matched[0], $A[$matched[1]][2]); } foreach($A as $user){ if(strtolower($user[0])===$nick){ return style_this($matched[0], $user[2]); } } return "$matched[0]"; }, $U['message']); if(MEMCACHED){ $filters=$memcached->get(DBNAME . '-' . PREFIX . 'filter'); } if(!MEMCACHED || $memcached->getResultCode()!==Memcached::RES_SUCCESS){ $filters=array(); $result=$db->query('SELECT id, filtermatch, filterreplace, allowinpm, regex, kick FROM ' . PREFIX . 'filter;'); while($filter=$result->fetch(PDO::FETCH_ASSOC)){ $filters[]=array('id'=>$filter['id'], 'match'=>$filter['filtermatch'], 'replace'=>$filter['filterreplace'], 'allowinpm'=>$filter['allowinpm'], 'regex'=>$filter['regex'], 'kick'=>$filter['kick']); } if(MEMCACHED) $memcached->set(DBNAME . '-' . PREFIX . 'filter', $filters); } foreach($filters as $filter){ if($U['poststatus']!==9){ $U['message']=preg_replace("/$filter[match]/i", $filter['replace'], $U['message'], -1, $count); }elseif(!$filter['allowinpm']){ $U['message']=preg_replace("/$filter[match]/i", $filter['replace'], $U['message'], -1, $count); } if(isSet($count) && $count>0 && $filter['kick']){ kick_chatter(array($U['nickname']), '', false); send_error("$I[kicked]"); } } } function apply_linkfilter(){ global $U, $db, $memcached; if(MEMCACHED){ $filters=$memcached->get(DBNAME . '-' . PREFIX . 'linkfilter'); } if(!MEMCACHED || $memcached->getResultCode()!==Memcached::RES_SUCCESS){ $filters=array(); $result=$db->query('SELECT id, filtermatch, filterreplace, regex FROM ' . PREFIX . 'linkfilter;'); while($filter=$result->fetch(PDO::FETCH_ASSOC)){ $filters[]=array('id'=>$filter['id'], 'match'=>$filter['filtermatch'], 'replace'=>$filter['filterreplace'], 'regex'=>$filter['regex']); } if(MEMCACHED){ $memcached->set(DBNAME . '-' . PREFIX . 'linkfilter', $filters); } } foreach($filters as $filter){ $U['message']=preg_replace_callback("/(.*?(?=<\/a>))<\/a>/i", function ($matched) use(&$filter){ return "".preg_replace("/$filter[match]/i", $filter['replace'], $matched[2]).''; } , $U['message']); } $redirect=get_setting('redirect'); if(get_setting('imgembed')){ $U['message']=preg_replace_callback('/\[img\]\s?(.*?(?=<\/a>))<\/a>/i', function ($matched){ return str_ireplace('[/img]', '', "

"); } , $U['message']); } if(empty($redirect)){ $redirect="$_SERVER[SCRIPT_NAME]?action=redirect&url="; } if(get_setting('forceredirect')){ $U['message']=preg_replace_callback('/(.*?(?=<\/a>))<\/a>/', function ($matched) use($redirect){ return "$matched[2]"; } , $U['message']); }elseif(preg_match_all('/(.*?(?=<\/a>))<\/a>/', $U['message'], $matches)){ foreach($matches[1] as $match){ if(!preg_match('~^http(s)?://~', $match)){ $U['message']=preg_replace_callback('/(.*?(?=<\/a>))<\/a>/', function ($matched) use($redirect){ return "$matched[2]"; } , $U['message']); } } } } function create_hotlinks(){ global $U; //Make hotlinks for URLs, redirect through dereferrer script to prevent session leakage // 1. all explicit schemes with whatever xxx://yyyyyyy $U['message']=preg_replace('~(\w*://[^\s<>]+)~i', "<<$1>>", $U['message']); // 2. valid URLs without scheme: $U['message']=preg_replace('~((?:[^\s<>]*:[^\s<>]*@)?[a-z0-9\-]+(?:\.[a-z0-9\-]+)+(?::\d*)?/[^\s<>]*)(?![^<>]*>)~i', "<<$1>>", $U['message']); // server/path given $U['message']=preg_replace('~((?:[^\s<>]*:[^\s<>]*@)?[a-z0-9\-]+(?:\.[a-z0-9\-]+)+:\d+)(?![^<>]*>)~i', "<<$1>>", $U['message']); // server:port given $U['message']=preg_replace('~([^\s<>]*:[^\s<>]*@[a-z0-9\-]+(?:\.[a-z0-9\-]+)+(?::\d+)?)(?![^<>]*>)~i', "<<$1>>", $U['message']); // au:th@server given // 3. likely servers without any hints but not filenames like *.rar zip exe etc. $U['message']=preg_replace('~((?:[a-z0-9\-]+\.)*[a-z2-7]{16}\.onion)(?![^<>]*>)~i', "<<$1>>", $U['message']);// *.onion $U['message']=preg_replace('~([a-z0-9\-]+(?:\.[a-z0-9\-]+)+(?:\.(?!rar|zip|exe|gz|7z|bat|doc)[a-z]{2,}))(?=[^a-z0-9\-\.]|$)(?![^<>]*>)~i', "<<$1>>", $U['message']);// xxx.yyy.zzz // Convert every <<....>> into proper links: $U['message']=preg_replace_callback('/<<([^<>]+)>>/', function ($matches){ if(strpos($matches[1], '://')===false){ return "$matches[1]"; }else{ return "$matches[1]"; } } , $U['message']); } function add_message(){ global $U; if(empty($U['message'])){ return false; } $newmessage=array( 'postdate' =>time(), 'poststatus' =>$U['poststatus'], 'poster' =>$U['nickname'], 'recipient' =>$U['recipient'], 'text' =>"$U[displaysend]".style_this($U['message'], $U['style']).'', 'delstatus' =>$U['delstatus'] ); write_message($newmessage); return true; } function add_system_message($mes){ if(empty($mes)){ return; } $sysmessage=array( 'postdate' =>time(), 'poststatus' =>1, 'poster' =>'', 'recipient' =>'', 'text' =>"$mes", 'delstatus' =>9 ); write_message($sysmessage); } function write_message($message){ global $I, $db; if(MSGENCRYPTED){ if(!extension_loaded('openssl')){ send_fatal_error($I['opensslextrequired']); } $message['text']=openssl_encrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456'); } $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'messages (postdate, poststatus, poster, recipient, text, delstatus) VALUES (?, ?, ?, ?, ?, ?);'); $stmt->execute(array($message['postdate'], $message['poststatus'], $message['poster'], $message['recipient'], $message['text'], $message['delstatus'])); $limit=get_setting('keeplimit')*get_setting('messagelimit'); $stmt=$db->query('SELECT id FROM ' . PREFIX . "messages ORDER BY id DESC LIMIT 1 OFFSET $limit"); if($id=$stmt->fetch(PDO::FETCH_NUM)){ $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'messages WHERE id<=?;'); $stmt->execute(array($id[0])); } if($message['poststatus']<9 && get_setting('sendmail')){ $subject='New Chat message'; $headers='From: '.get_setting('mailsender')."\r\nX-Mailer: PHP/".phpversion()."\r\nContent-Type: text/html; charset=UTF-8\r\n"; $body='$message[text]"; mail(get_setting('mailreceiver'), $subject, $body, $headers); } } function clean_room(){ global $db; $db->query('DELETE FROM ' . PREFIX . 'messages;'); $msg=get_setting('msgclean'); add_system_message(sprintf($msg, get_setting('chatname'))); } function clean_selected(){ global $db; if(isSet($_REQUEST['mid'])){ $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'messages WHERE id=?;'); foreach($_REQUEST['mid'] as $mid){ $stmt->execute(array($mid)); } } } function del_all_messages($nick, $status, $entry){ global $U, $db; if($nick===$U['nickname']) $status=10; if($U['status']>1){ $entry=0; } $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'messages WHERE poster=? AND delstatus?;'); $stmt->execute(array($nick, $status, $entry)); } function del_last_message(){ global $U, $db; if($U['status']>1){ $entry=0; }else{ $entry=$U['entry']; } $stmt=$db->prepare('SELECT id FROM ' . PREFIX . 'messages WHERE poster=? AND postdate>? ORDER BY id DESC LIMIT 1;'); $stmt->execute(array($U['nickname'], $entry)); if($id=$stmt->fetch(PDO::FETCH_NUM)){ $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'messages WHERE id=?;'); $stmt->execute(array($id[0])); } } function print_messages($delstatus=''){ global $U, $db; $dateformat=get_setting('dateformat'); $messagelimit=(int) get_setting('messagelimit'); if(!isSet($_COOKIE[COOKIENAME]) && get_setting('forceredirect')==0){ $injectRedirect=true; $redirect=get_setting('redirect'); if(empty($redirect)){ $redirect="$_SERVER[SCRIPT_NAME]?action=redirect&url="; } }else{ $injectRedirect=false; } if(get_setting('imgembed') && (!$U['embed'] || !isSet($_COOKIE[COOKIENAME]))){ $removeEmbed=true; }else{ $removeEmbed=false; } if($U['timestamps'] && !empty($dateformat)){ $timestamps=true; }else{ $timestamps=false; } $expire=time()-60*get_setting('messageexpire'); $db->exec('DELETE FROM ' . PREFIX . 'messages WHERE id IN (SELECT * FROM (SELECT id FROM ' . PREFIX . "messages WHERE postdate<$expire) AS t);"); if(!empty($delstatus)){ $stmt=$db->prepare('SELECT postdate, id, text FROM ' . PREFIX . 'messages WHERE '. 'id IN (SELECT * FROM (SELECT id FROM ' . PREFIX . "messages WHERE poststatus=1 ORDER BY id DESC LIMIT $messagelimit) AS t) ". 'OR (poststatus>1 AND (poststatusexecute(array($U['status'], $U['nickname'], $U['nickname'])); while($message=$stmt->fetch(PDO::FETCH_ASSOC)){ if(MSGENCRYPTED){ if(!extension_loaded('openssl')){ send_fatal_error($I['opensslextrequired']); } $message['text']=openssl_decrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456'); } if($injectRedirect){ $message['text']=preg_replace_callback('/(.*?(?=<\/a>))<\/a>/', function ($matched) use ($redirect){ return "$matched[2]"; } , $message['text']); } if($removeEmbed){ $message['text']=preg_replace_callback('/<\/a>/', function ($matched){ return "$matched[1]"; } , $message['text']); } echo ""; } }else{ if(!isSet($_REQUEST['id'])){ $_REQUEST['id']=0; } $stmt=$db->prepare('SELECT id, postdate, text FROM ' . PREFIX . 'messages WHERE ('. 'id IN (SELECT * FROM (SELECT id FROM ' . PREFIX . "messages WHERE poststatus=1 ORDER BY id DESC LIMIT $messagelimit) AS t) ". 'OR (poststatus>1 AND poststatus<=?) '. 'OR (poststatus=9 AND ( (poster=? AND recipient NOT IN (SELECT ign FROM ' . PREFIX . 'ignored WHERE ignby=?) ) OR recipient=?) )'. ') AND poster NOT IN (SELECT ign FROM ' . PREFIX . 'ignored WHERE ignby=?) AND id>? ORDER BY id DESC;'); $stmt->execute(array($U['status'], $U['nickname'], $U['nickname'], $U['nickname'], $U['nickname'], $_REQUEST['id'])); while($message=$stmt->fetch(PDO::FETCH_ASSOC)){ if(MSGENCRYPTED){ if(!extension_loaded('openssl')){ send_fatal_error($I['opensslextrequired']); } $message['text']=openssl_decrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456'); } if($injectRedirect){ $message['text']=preg_replace_callback('/(.*?(?=<\/a>))<\/a>/', function ($matched) use($redirect) { return "$matched[2]"; } , $message['text']); } if($removeEmbed){ $message['text']=preg_replace_callback('/<\/a>/', function ($matched){ return "$matched[1]"; } , $message['text']); } echo '"; if($_REQUEST['id']<$message['id']){ $_REQUEST['id']=$message['id']; } } } } // this and that function get_ignored(){ global $db; $ignored=array(); $result=$db->query('SELECT ign, ignby FROM ' . PREFIX . 'ignored;'); while($tmp=$result->fetch(PDO::FETCH_ASSOC)){ $ignored[]=array('ignored'=>$tmp['ign'], 'by'=>$tmp['ignby']); } return $ignored; } function valid_admin(){ global $U; if(isSet($_REQUEST['session'])){ check_session(); }elseif(isSet($_REQUEST['nick']) && isSet($_REQUEST['pass'])){ create_session(true); } if(isSet($U['status'])){ if($U['status']>=7){ return true; } send_access_denied(); } return false; } function valid_nick($nick){ return preg_match('/^[a-z0-9]{1,'.get_setting('maxname').'}$/i', $nick); } function valid_pass($pass){ return preg_match('/^.{'.get_setting('minpass').',}$/', $pass); } function get_timeout($lastpost, $expire){ $s=($lastpost+60*$expire)-time(); $m=floor($s/60); $s-=$m*60; $h=floor($m/60); $m-=$h*60; $s=substr("0$s", -2, 2); if($h>0){ $m=substr("0$m", -2, 2); echo "$h:$m:$s"; } echo "$m:$s"; } function print_colours(){ global $I; // Prints a short list with selected named HTML colours and filters out illegible text colours for the given background. // It's a simple comparison of weighted grey values. This is not very accurate but gets the job done well enough. $colours=array('Beige'=>'F5F5DC', 'Black'=>'000000', 'Blue'=>'0000FF', 'BlueViolet'=>'8A2BE2', 'Brown'=>'A52A2A', 'Cyan'=>'00FFFF', 'DarkBlue'=>'00008B', 'DarkGreen'=>'006400', 'DarkRed'=>'8B0000', 'DarkViolet'=>'9400D3', 'DeepSkyBlue'=>'00BFFF', 'Gold'=>'FFD700', 'Grey'=>'808080', 'Green'=>'008000', 'HotPink'=>'FF69B4', 'Indigo'=>'4B0082', 'LightBlue'=>'ADD8E6', 'LightGreen'=>'90EE90', 'LimeGreen'=>'32CD32', 'Magenta'=>'FF00FF', 'Olive'=>'808000', 'Orange'=>'FFA500', 'OrangeRed'=>'FF4500', 'Purple'=>'800080', 'Red'=>'FF0000', 'RoyalBlue'=>'4169E1', 'SeaGreen'=>'2E8B57', 'Sienna'=>'A0522D', 'Silver'=>'C0C0C0', 'Tan'=>'D2B48C', 'Teal'=>'008080', 'Violet'=>'EE82EE', 'White'=>'FFFFFF', 'Yellow'=>'FFFF00', 'YellowGreen'=>'9ACD32'); $greybg=greyval(get_setting('colbg')); foreach($colours as $name=>$colour){ if(abs($greybg-greyval($colour))>75){ echo "$I[$name]"; } } } function greyval($colour){ return hexdec(substr($colour, 0, 2))*.3+hexdec(substr($colour, 2, 2))*.59+hexdec(substr($colour, 4, 2))*.11; } function get_style($styleinfo){ $fbold=preg_match('/(|:bold)/', $styleinfo); $fitalic=preg_match('/(|:italic)/', $styleinfo); $fsmall=strpos($styleinfo, ':smaller'); preg_match('/(#[a-f0-9]{6})/i', $styleinfo, $match); if(isSet($match[0])){ $fcolour=$match[0]; } preg_match('/font-family:([^;]+);/', $styleinfo, $match); if(isSet($match[1])){ $sface=$match[1]; } $fstyle=''; if(isSet($fcolour)){ $fstyle.="color:$fcolour;"; } if(isSet($sface)){ $fstyle.="font-family:$sface;"; } if($fsmall){ $fstyle.='font-size:smaller;'; } if($fitalic){ $fstyle.='font-style:italic;'; } if($fbold){ $fstyle.='font-weight:bold;'; } return $fstyle; } function style_this($text, $styleinfo){ return "$text"; } function check_init(){ global $db, $memcached; if(!MEMCACHED || !$found=$memcached->get(DBNAME . '-' . PREFIX . 'num-tables')){ if(DBDRIVER===0){ $result=$db->query("SHOW TABLES LIKE '" . PREFIX . "settings';"); $found=($result->fetch(PDO::FETCH_ASSOC)!==false); }else{ $found=$db->query('SELECT * FROM ' . PREFIX . 'settings LIMIT 1;'); } if(MEMCACHED){ $memcached->set(DBNAME . '-' . PREFIX . 'num-tables', $found); } } return $found; } function destroy_chat(){ global $C, $H, $I, $U, $db; setcookie(COOKIENAME, false); print_start('destory'); $db->exec('DROP TABLE ' . PREFIX . 'captcha;'); $db->exec('DROP TABLE ' . PREFIX . 'filter;'); $db->exec('DROP TABLE ' . PREFIX . 'ignored;'); $db->exec('DROP TABLE ' . PREFIX . 'linkfilter;'); $db->exec('DROP TABLE ' . PREFIX . 'members;'); $db->exec('DROP TABLE ' . PREFIX . 'messages;'); $db->exec('DROP TABLE ' . PREFIX . 'notes;'); $db->exec('DROP TABLE ' . PREFIX . 'sessions;'); $db->exec('DROP TABLE ' . PREFIX . 'settings;'); if(MEMCACHED){ $memcached->delete(DBNAME . '-' . PREFIX . 'num-tables'); $memcached->delete(DBNAME . '-' . PREFIX . 'filter'); $memcached->delete(DBANEM . '-' . PREFIX . 'linkfilter'); foreach($C['settings'] as $setting){ $memcached->delete(DBNAME . '-' . PREFIX . "settings-$setting"); } $memcached->delete(DBNAME . '-' . PREFIX . 'settings-dbversion'); $memcached->delete(DBNAME . '-' . PREFIX . 'settings-msgencrypted'); } echo "

$I[destroyed]

"; echo "<$H[form]>".hidden('lang', $U['lang']).hidden('action', 'setup').submit($I['init'])."$H[credit]

"; print_end(); } function init_chat(){ global $H, $I, $db, $memcached; $suwrite=''; if(check_init()){ $suwrite=$I['initdbexist']; $result=$db->query('SELECT * FROM ' . PREFIX . 'members WHERE status=8;'); if($result->fetch(PDO::FETCH_ASSOC)){ $suwrite=$I['initsuexist']; } }elseif(!preg_match('/^[a-z0-9]{1,20}$/i', $_REQUEST['sunick'])){ $suwrite=sprintf($I['invalnick'], 20); }elseif(!preg_match('/^.{5,}$/', $_REQUEST['supass'])){ $suwrite=sprintf($I['invalpass'], 5); }elseif($_REQUEST['supass']!==$_REQUEST['supassc']){ $suwrite=$I['noconfirm']; }else{ if(DBDRIVER===0){//MySQL $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "captcha (id int(10) unsigned NOT NULL AUTO_INCREMENT, time int(10) unsigned NOT NULL, code char(5) NOT NULL, PRIMARY KEY (id) USING BTREE) ENGINE=MEMORY DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "filter (id int(10) unsigned NOT NULL AUTO_INCREMENT, filtermatch varchar(255) NOT NULL, filterreplace varchar(20000) NOT NULL, allowinpm tinyint(1) unsigned NOT NULL, regex tinyint(1) unsigned NOT NULL, kick tinyint(1) unsigned NOT NULL, PRIMARY KEY (id) USING BTREE) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "ignored (id int(10) unsigned NOT NULL AUTO_INCREMENT, ign varchar(50) NOT NULL, ignby varchar(50) NOT NULL, PRIMARY KEY (id) USING BTREE, INDEX(ign) USING BTREE, INDEX(ignby) USING BTREE) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "linkfilter (id int(10) unsigned NOT NULL AUTO_INCREMENT, filtermatch varchar(255) NOT NULL, filterreplace varchar(255) NOT NULL, regex tinyint(1) unsigned NOT NULL, PRIMARY KEY (id) USING BTREE) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "members (id int(10) unsigned NOT NULL AUTO_INCREMENT, nickname varchar(50) NOT NULL, passhash char(32) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, status tinyint(3) unsigned NOT NULL, refresh tinyint(3) unsigned NOT NULL, bgcolour char(6) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, boxwidth tinyint(3) unsigned NOT NULL DEFAULT 40, boxheight tinyint(3) unsigned NOT NULL DEFAULT 3, notesboxheight tinyint(3) unsigned NOT NULL DEFAULT 30, notesboxwidth tinyint(3) unsigned NOT NULL DEFAULT 80, regedby varchar(50) NOT NULL, lastlogin int(10) unsigned NOT NULL, timestamps tinyint(1) unsigned NOT NULL, embed tinyint(1) unsigned NOT NULL DEFAULT 1, incognito tinyint(1) unsigned NOT NULL DEFAULT 0, style varchar(255) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, PRIMARY KEY (id) USING BTREE, UNIQUE(nickname) USING BTREE) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "messages (id int(10) unsigned NOT NULL AUTO_INCREMENT, postdate int(10) unsigned NOT NULL, poststatus tinyint(3) unsigned NOT NULL, poster varchar(50) NOT NULL, recipient varchar(50) NOT NULL, text varchar(20000) NOT NULL, delstatus tinyint(3) unsigned NOT NULL, PRIMARY KEY (id) USING BTREE, INDEX(poster) USING BTREE, INDEX(recipient) USING BTREE, INDEX(postdate) USING BTREE, INDEX(poststatus) USING BTREE) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "notes (id int(10) unsigned NOT NULL AUTO_INCREMENT, type char(5) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, lastedited int(10) unsigned NOT NULL, editedby varchar(50) NOT NULL, text varchar(20000) NOT NULL, PRIMARY KEY (id) USING BTREE) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "sessions (id int(10) unsigned NOT NULL AUTO_INCREMENT, session char(32) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, nickname varchar(50) NOT NULL, status tinyint(3) unsigned NOT NULL, refresh tinyint(3) unsigned NOT NULL, style varchar(255) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, lastpost int(10) unsigned NOT NULL, passhash char(32) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, postid char(6) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL DEFAULT '000000', boxwidth tinyint(3) unsigned NOT NULL DEFAULT 40, boxheight tinyint(3) unsigned NOT NULL DEFAULT 3, useragent varchar(255) NOT NULL, kickmessage varchar(255) NOT NULL, bgcolour char(6) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, notesboxheight tinyint(3) unsigned NOT NULL DEFAULT 30, notesboxwidth tinyint(3) unsigned NOT NULL DEFAULT 80, entry int(10) unsigned NOT NULL, timestamps tinyint(1) unsigned NOT NULL, embed tinyint(1) unsigned NOT NULL DEFAULT 1, incognito tinyint(1) unsigned NOT NULL DEFAULT 0, ip varchar(45) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, PRIMARY KEY (id) USING BTREE, UNIQUE(session) USING BTREE, UNIQUE(nickname) USING BTREE, INDEX(status) USING BTREE, INDEX(lastpost) USING BTREE) ENGINE=MEMORY DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "settings (setting varchar(50) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, value varchar(20000) NOT NULL, PRIMARY KEY (setting) USING BTREE) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;"); }elseif(DBDRIVER===1){//PostgreSQL $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "captcha (id serial PRIMARY KEY, time integer NOT NULL, code char(5) NOT NULL);"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "filter (id serial PRIMARY KEY, filtermatch varchar(255) NOT NULL, filterreplace varchar(20000) NOT NULL, allowinpm smallint NOT NULL, regex smallint NOT NULL, kick smallint NOT NULL);"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "ignored (id serial PRIMARY KEY, ign varchar(50) NOT NULL, ignby varchar(50) NOT NULL);"); $db->exec('CREATE INDEX ign ON ' . PREFIX . 'ignored (ign);'); $db->exec('CREATE INDEX ignby ON ' . PREFIX . 'ignored (ignby);'); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "linkfilter (id serial PRIMARY KEY, filtermatch varchar(255) NOT NULL, filterreplace varchar(255) NOT NULL, regex smallint NOT NULL);"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "members (id serial PRIMARY KEY, nickname varchar(50) NOT NULL UNIQUE, passhash char(32) NOT NULL, status smallint NOT NULL, refresh smallint NOT NULL, bgcolour char(6) NOT NULL, boxwidth smallint NOT NULL DEFAULT 40, boxheight smallint NOT NULL DEFAULT 3, notesboxheight smallint NOT NULL DEFAULT 30, notesboxwidth smallint NOT NULL DEFAULT 80, regedby varchar(50) DEFAULT '', lastlogin integer DEFAULT 0, timestamps smallint NOT NULL, embed smallint DEFAULT 1, incognito smallint DEFAULT 0, style varchar(255) NOT NULL);"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "messages (id serial PRIMARY KEY, postdate integer NOT NULL, poststatus smallint NOT NULL, poster varchar(50) NOT NULL, recipient varchar(50) NOT NULL, text varchar(20000) NOT NULL, delstatus smallint NOT NULL);"); $db->exec('CREATE INDEX poster ON ' . PREFIX . 'messages (poster);'); $db->exec('CREATE INDEX recipient ON ' . PREFIX . 'messages (recipient);'); $db->exec('CREATE INDEX postdate ON ' . PREFIX . 'messages (postdate);'); $db->exec('CREATE INDEX poststatus ON ' . PREFIX . 'messages (poststatus);'); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "notes (id serial PRIMARY KEY, type char(5) NOT NULL, lastedited integer NOT NULL, editedby varchar(50) NOT NULL, text varchar(20000) NOT NULL);"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "sessions (id serial PRIMARY KEY, session char(32) NOT NULL UNIQUE, nickname varchar(50) NOT NULL UNIQUE, status smallint NOT NULL, refresh smallint NOT NULL, style varchar(255) NOT NULL, lastpost integer NOT NULL, passhash char(32) NOT NULL, postid char(6) NOT NULL DEFAULT '000000', boxwidth smallint NOT NULL DEFAULT 40, boxheight smallint NOT NULL DEFAULT 3, useragent varchar(255) NOT NULL, kickmessage varchar(255) DEFAULT '', bgcolour char(6) NOT NULL, notesboxheight smallint NOT NULL DEFAULT 30, notesboxwidth smallint NOT NULL DEFAULT 80, entry integer NOT NULL, timestamps smallint NOT NULL, embed smallint DEFAULT 1, incognito smallint DEFAULT 0, ip varchar(45) NOT NULL);"); $db->exec('CREATE INDEX status ON ' . PREFIX . 'sessions (status);'); $db->exec('CREATE INDEX lastpost ON ' . PREFIX . 'sessions (lastpost);'); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "settings (setting varchar(50) PRIMARY KEY, value varchar(20000) NOT NULL);"); }else{//sqlite $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "captcha (id INTEGER PRIMARY KEY, time INTEGER NOT NULL, code TEXT NOT NULL);"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "filter (id INTEGER PRIMARY KEY, filtermatch TEXT NOT NULL, filterreplace TEXT NOT NULL, allowinpm INTEGER NOT NULL, regex INTEGER NOT NULL, kick INTEGER NOT NULL);"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "ignored (id INTEGER PRIMARY KEY, ign TEXT NOT NULL, ignby TEXT NOT NULL);"); $db->exec('CREATE INDEX IF NOT EXISTS ign ON ' . PREFIX . 'ignored (ign);'); $db->exec('CREATE INDEX IF NOT EXISTS ignby ON ' . PREFIX . 'ignored (ignby);'); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "linkfilter (id INTEGER PRIMARY KEY, filtermatch TEXT NOT NULL, filterreplace TEXT NOT NULL, regex INTEGER NOT NULL);"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "members (id INTEGER PRIMARY KEY, nickname TEXT NOT NULL UNIQUE, passhash TEXT NOT NULL, status INTEGER NOT NULL, refresh INTEGER NOT NULL, bgcolour TEXT NOT NULL, boxwidth INTEGER NOT NULL DEFAULT 40, boxheight INTEGER NOT NULL DEFAULT 3, notesboxheight INTEGER NOT NULL DEFAULT 30, notesboxwidth INTEGER NOT NULL DEFAULT 80, regedby TEXT DEFAULT '', lastlogin INTEGER DEFAULT 0, timestamps INTEGER NOT NULL, embed INTEGER NOT NULL DEFAULT 1, incognito INTEGER NOT NULL DEFAULT 0, style TEXT NOT NULL);"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "messages (id INTEGER PRIMARY KEY, postdate INTEGER NOT NULL, poststatus INTEGER NOT NULL, poster TEXT NOT NULL, recipient TEXT NOT NULL, text TEXT NOT NULL, delstatus INTEGER NOT NULL);"); $db->exec('CREATE INDEX IF NOT EXISTS poster ON ' . PREFIX . 'messages (poster);'); $db->exec('CREATE INDEX IF NOT EXISTS recipient ON ' . PREFIX . 'messages (recipient);'); $db->exec('CREATE INDEX IF NOT EXISTS postdate ON ' . PREFIX . 'messages (postdate);'); $db->exec('CREATE INDEX IF NOT EXISTS poststatus ON ' . PREFIX . 'messages (poststatus);'); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "notes (id INTEGER PRIMARY KEY, type TEXT NOT NULL, lastedited INTEGER NOT NULL, editedby TEXT NOT NULL, text TEXT NOT NULL);"); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "sessions (id INTEGER PRIMARY KEY, session TEXT NOT NULL UNIQUE, nickname TEXT NOT NULL UNIQUE, status INTEGER NOT NULL, refresh INTEGER NOT NULL, style TEXT NOT NULL, lastpost INTEGER NOT NULL, passhash TEXT NOT NULL, postid TEXT NOT NULL DEFAULT '000000', boxwidth INTEGER NOT NULL DEFAULT 40, boxheight INTEGER NOT NULL DEFAULT 3, useragent TEXT NOT NULL, kickmessage TEXT DEFAULT '', bgcolour TEXT NOT NULL, notesboxheight INTEGER NOT NULL DEFAULT 30, notesboxwidth INTEGER NOT NULL DEFAULT 80, entry INTEGER NOT NULL, timestamps INTEGER NOT NULL, embed INTEGER NOT NULL DEFAULT 1, incognito INTEGER NOT NULL DEFAULT 0, ip TEXT NOT NULL);"); $db->exec('CREATE INDEX IF NOT EXISTS status ON ' . PREFIX . 'sessions (status);'); $db->exec('CREATE INDEX IF NOT EXISTS lastpost ON ' . PREFIX . 'sessions (lastpost);'); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "settings (setting TEXT NOT NULL PRIMARY KEY, value TEXT NOT NULL);"); } $settings=array(array('guestaccess', '0'), array('globalpass', ''), array('englobalpass', '0'), array('captcha', '0'), array('dateformat', 'm-d H:i:s'), array('rulestxt', ''), array('msgencrypted', '0'), array('dbversion', DBVERSION), array('css', 'a:visited{color:#B33CB4;} a:active{color:#FF0033;} a:link{color:#0000FF;} input,select,textarea{color:#FFFFFF;background-color:#000000;} a img{width:15%} a:hover img{width:35%} .error{color:#FF0033;} .delbutton{background-color:#660000;} .backbutton{background-color:#004400;} #exitbutton{background-color:#AA0000;}'), array('memberexpire', '60'), array('guestexpire', '15'), array('kickpenalty', '10'), array('entrywait', '120'), array('messageexpire', '14400'), array('messagelimit', '150'), array('maxmessage', 2000), array('captchatime', '600'), array('colbg', '000000'), array('coltxt', 'FFFFFF'), array('maxname', '20'), array('minpass', '5'), array('defaultrefresh', '20'), array('dismemcaptcha', '0'), array('suguests', '0'), array('imgembed', '1'), array('timestamps', '1'), array('trackip', '0'), array('captchachars', '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), array('memkick', '1'), array('forceredirect', '0'), array('redirect', ''), array('incognito', '1'), array('enablejs', '0'), array('chatname', 'My Chat'), array('topic', ''), array('msgsendall', $I['sendallmsg']), array('msgsendmem', $I['sendmemmsg']), array('msgsendmod', $I['sendmodmsg']), array('msgsendadm', $I['sendadmmsg']), array('msgsendprv', $I['sendprvmsg']), array('msgenter', $I['entermsg']), array('msgexit', $I['exitmsg']), array('msgmemreg', $I['memregmsg']), array('msgsureg', $I['suregmsg']), array('msgkick', $I['kickmsg']), array('msgmultikick', $I['multikickmsg']), array('msgallkick', $I['allkickmsg']), array('msgclean', $I['cleanmsg']), array('numnotes', '3'), array('keeplimit', '3'), array('mailsender', 'www-data '), array('mailreceiver', 'Webmaster '), array('sendmail', '0'), array('modfallback', '1'), array('guestreg', '0')); $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'settings (setting, value) VALUES (?, ?);'); foreach($settings as $pair){ $stmt->execute($pair); } if(MEMCACHED){ $memcached->delete(DBNAME . '-' . PREFIX . 'num-tables'); } $reg=array( 'nickname' =>$_REQUEST['sunick'], 'passhash' =>md5(sha1(md5($_REQUEST['sunick'].$_REQUEST['supass']))), 'status' =>8, 'refresh' =>20, 'bgcolour' =>'000000', 'timestamps' =>1, 'style' =>'color:#FFFFFF;' ); $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'members (nickname, passhash, status, refresh, bgcolour, timestamps, style) VALUES (?, ?, ?, ?, ?, ?, ?);'); $stmt->execute(array($reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['bgcolour'], $reg['timestamps'], $reg['style'])); $suwrite=$I['susuccess']; } print_start('init'); echo "

$I[init]

$I[sulogin]

$suwrite


"; echo "<$H[form]>$H[commonform]".hidden('action', 'setup').submit($I['initgosetup'])."$H[credit]

"; print_end(); } function update_db(){ global $F, $I, $db, $memcached; $dbversion=(int) get_setting('dbversion'); if($dbversionexec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "ignored (id int(10) unsigned NOT NULL AUTO_INCREMENT, ignored tinytext NOT NULL, `by` tinytext NOT NULL, PRIMARY KEY (id)) ENGINE=InnoDB DEFAULT CHARSET=utf8;"); } if($dbversion<3){ $db->exec('INSERT INTO ' . PREFIX . "settings (setting, value) VALUES ('rulestxt', '');"); } if($dbversion<4){ $db->exec('ALTER TABLE ' . PREFIX . 'members ADD incognito TINYINT(1) UNSIGNED NOT NULL;'); $db->exec('ALTER TABLE ' . PREFIX . 'sessions ADD incognito TINYINT(1) UNSIGNED NOT NULL;'); } if($dbversion<5){ $db->exec('INSERT INTO ' . PREFIX . "settings (setting, value) VALUES ('globalpass', '');"); } if($dbversion<6){ $db->exec('INSERT INTO ' . PREFIX . "settings (setting, value) VALUES ('dateformat', 'm-d H:i:s');"); } if($dbversion<7){ $db->exec('ALTER TABLE ' . PREFIX . 'captcha ADD code TINYTEXT CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL;'); } if($dbversion<8){ $db->exec('INSERT INTO ' . PREFIX . "settings (setting, value) VALUES ('captcha', '0'), ('englobalpass', '0');"); $ga=(int) get_setting('guestaccess'); if($ga===-1){ update_setting('guestaccess', 0); update_setting('englobalpass', 1); }elseif($ga===4){ update_setting('guestaccess', 1); update_setting('englobalpass', 2); } } if($dbversion<9){ $db->exec('INSERT INTO ' . PREFIX . "settings (setting,value) VALUES ('msgencrypted', '0');"); $db->exec('ALTER TABLE ' . PREFIX . 'settings MODIFY value text NOT NULL;'); $db->exec('ALTER TABLE ' . PREFIX . 'messages DROP postid;'); } if($dbversion<10){ $db->exec('INSERT INTO ' . PREFIX . "settings (setting, value) VALUES ('css', 'a:visited{color:#B33CB4;} a:active{color:#FF0033;} a:link{color:#0000FF;} input,select,textarea{color:#FFFFFF;background-color:#000000;} a img{width:15%} a:hover img{width:35%} .error{color:#FF0033;} .delbutton{background-color:#660000;} .backbutton{background-color:#004400;} #exitbutton{background-color:#AA0000;}'), ('memberexpire', '60'), ('guestexpire', '15'), ('kickpenalty', '10'), ('entrywait', '120'), ('messageexpire', '14400'), ('messagelimit', '150'), ('maxmessage', 2000), ('captchatime', '600');"); $db->exec('ALTER TABLE ' . PREFIX . 'sessions ADD ip tinytext NOT NULL;'); } if($dbversion<11){ $db->exec('ALTER TABLE ' , PREFIX . 'captcha CHARACTER SET utf8 COLLATE utf8_bin;'); $db->exec('ALTER TABLE ' . PREFIX . 'filter CHARACTER SET utf8 COLLATE utf8_bin;'); $db->exec('ALTER TABLE ' . PREFIX . 'ignored CHARACTER SET utf8 COLLATE utf8_bin;'); $db->exec('ALTER TABLE ' . PREFIX . 'members CHARACTER SET utf8 COLLATE utf8_bin;'); $db->exec('ALTER TABLE ' . PREFIX . 'messages CHARACTER SET utf8 COLLATE utf8_bin;'); $db->exec('ALTER TABLE ' . PREFIX . 'notes CHARACTER SET utf8 COLLATE utf8_bin;'); $db->exec('ALTER TABLE ' . PREFIX . 'sessions CHARACTER SET utf8 COLLATE utf8_bin;'); $db->exec('ALTER TABLE ' . PREFIX . 'settings CHARACTER SET utf8 COLLATE utf8_bin;'); $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . "linkfilter (id int(10) unsigned NOT NULL, `match` tinytext NOT NULL, `replace` tinytext NOT NULL, regex tinyint(1) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;"); $db->exec('ALTER TABLE ' . PREFIX . 'linkfilter ADD PRIMARY KEY (id), MODIFY id int(10) unsigned NOT NULL AUTO_INCREMENT;'); $db->exec('ALTER TABLE ' . PREFIX . 'sessions DROP fontinfo, DROP displayname;'); $db->exec('ALTER TABLE ' . PREFIX . 'members ADD style TEXT NOT NULL;'); $result=$db->query('SELECT * FROM ' . PREFIX . 'members;'); $stmt=$db->prepare('UPDATE ' . PREFIX . 'members SET style=? WHERE id=?;'); while($temp=$result->fetch(PDO::FETCH_ASSOC)){ if(isSet($F[$temp['fontface']])){ $fontface=$F[$temp['fontface']]; }else{ $fontface=''; } $style=get_style("#$temp[colour] $fontface <$temp[fonttags]>"); $stmt->execute(array($style, $temp['id'])); } $db->exec('ALTER TABLE ' . PREFIX . 'members DROP colour, DROP fontface, DROP fonttags;'); $db->exec('INSERT INTO ' . PREFIX . "settings (setting, value) VALUES ('colbg', '000000'), ('coltxt', 'FFFFFF'), ('maxname', '20'), ('minpass', '5'), ('defaultrefresh', '20'), ('dismemcaptcha', '0'), ('suguests', '0'), ('imgembed', '1'), ('timestamps', '1'), ('trackip', '0'), ('captchachars', '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), ('memkick', '1'), ('forceredirect', '0'), ('redirect', ''), ('incognito', '1');"); } if($dbversion<12){ $db->exec('ALTER TABLE ' . PREFIX . 'captcha MODIFY code char(5) NOT NULL, DROP INDEX id, ADD PRIMARY KEY (id) USING BTREE;'); $db->exec('ALTER TABLE ' . PREFIX . 'captcha ENGINE=MEMORY;'); $db->exec('ALTER TABLE ' . PREFIX . 'filter MODIFY id int(10) unsigned NOT NULL AUTO_INCREMENT, MODIFY `match` varchar(255) NOT NULL, MODIFY replace varchar(20000) NOT NULL;'); $db->exec('ALTER TABLE ' . PREFIX . 'ignored MODIFY ignored varchar(50) NOT NULL, MODIFY `by` varchar(50) NOT NULL, ADD INDEX(ignored) USING BTREE, ADD INDEX(`by`) USING BTREE;'); $db->exec('ALTER TABLE ' . PREFIX . 'linkfilter MODIFY match varchar(255) NOT NULL, MODIFY replace varchar(255) NOT NULL;'); $db->exec('ALTER TABLE ' . PREFIX . "members MODIFY id int(10) unsigned NOT NULL AUTO_INCREMENT, MODIFY nickname varchar(50) NOT NULL, MODIFY passhash char(32) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, MODIFY bgcolour char(6) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, MODIFY boxwidth tinyint(3) NOT NULL DEFAULT '40', MODIFY boxheight tinyint(3) NOT NULL DEFAULT '3', MODIFY notesboxheight tinyint(3) NOT NULL DEFAULT '30', MODIFY notesboxwidth tinyint(3) NOT NULL DEFAULT '80', MODIFY regedby varchar(50) NOT NULL, MODIFY embed tinyint(1) NOT NULL DEFAULT '1', MODIFY incognito tinyint(1) NOT NULL DEFAULT '0', MODIFY style varchar(255) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, ADD UNIQUE(nickname) USING BTREE;"); $db->exec('ALTER TABLE ' . PREFIX . 'messages MODIFY poster varchar(50) NOT NULL, MODIFY recipient varchar(50) NOT NULL, MODIFY text varchar(20000) NOT NULL, ADD INDEX(poster) USING BTREE, ADD INDEX(recipient) USING BTREE, ADD INDEX(postdate) USING BTREE, ADD INDEX(poststatus) USING BTREE;'); $db->exec('ALTER TABLE ' . PREFIX . 'notes MODIFY type char(5) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, MODIFY editedby varchar(50) NOT NULL, MODIFY text varchar(20000) NOT NULL;'); $db->exec('ALTER TABLE ' . PREFIX . "sessions MODIFY session char(32) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, MODIFY nickname varchar(50) NOT NULL, MODIFY style varchar(255) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, MODIFY passhash char(32) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, MODIFY postid char(6) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL DEFAULT '000000', MODIFY boxwidth tinyint(3) unsigned NOT NULL DEFAULT '40', MODIFY boxheight tinyint(3) unsigned NOT NULL DEFAULT '3', MODIFY notesboxheight tinyint(3) unsigned NOT NULL DEFAULT '30', MODIFY notesboxwidth tinyint(3) unsigned NOT NULL DEFAULT '80', MODIFY bgcolour char(6) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, MODIFY useragent varchar(255) NOT NULL, MODIFY kickmessage varchar(255) NOT NULL, MODIFY embed tinyint(1) unsigned NOT NULL DEFAULT '1', MODIFY incognito tinyint(1) unsigned NOT NULL DEFAULT '0', MODIFY ip varchar(45) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, ADD UNIQUE(session) USING BTREE, ADD UNIQUE(nickname) USING BTREE, ADD INDEX(status) USING BTREE, ADD INDEX(lastpost) USING BTREE;"); $db->exec('ALTER TABLE ' . PREFIX . 'sessions ENGINE=MEMORY;'); $db->exec('ALTER TABLE ' . PREFIX . 'settings MODIFY id int(10) unsigned NOT NULL, MODIFY setting varchar(50) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL, MODIFY value varchar(20000) NOT NULL;'); $db->exec('ALTER TABLE ' . PREFIX . 'settings DROP PRIMARY KEY, DROP id, ADD PRIMARY KEY(setting) USING BTREE;'); $db->exec('INSERT INTO ' . PREFIX . "settings (setting, value) VALUES ('enablejs', '0'), ('chatname', 'My Chat'), ('topic', ''), ('msgsendall', '$I[sendallmsg]'), ('msgsendmem', '$I[sendmemmsg]'), ('msgsendmod', '$I[sendmodmsg]'), ('msgsendadm', '$I[sendadmmsg]'), ('msgsendprv', '$I[sendprvmsg]'), ('numnotes', '3');"); } if($dbversion<13){ $db->exec('ALTER TABLE ' . PREFIX . 'filter CHANGE `match` filtermatch varchar(255) NOT NULL, CHANGE `replace` filterreplace varchar(20000) NOT NULL;'); $db->exec('ALTER TABLE ' . PREFIX . 'ignored CHANGE ignored ign varchar(50) NOT NULL, CHANGE `by` ignby varchar(50) NOT NULL;'); $db->exec('ALTER TABLE ' . PREFIX . 'linkfilter CHANGE `match` filtermatch varchar(255) NOT NULL, CHANGE `replace` filterreplace varchar(255) NOT NULL;'); $db->exec('ALTER TABLE ' . PREFIX . 'sessions MODIFY ip varchar(45) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL;'); } if($dbversion<14){ if(MEMCACHED){ $memcached->delete(DBNAME . '-' . PREFIX . 'members'); $memcached->delete(DBNAME . '-' . PREFIX . 'ignored'); } if(DBDRIVER===0){//MySQL - previously had a wrong SQL syntax and the captcha table was not created. $db->exec('CREATE TABLE IF NOT EXISTS ' . PREFIX . 'captcha (id int(10) unsigned NOT NULL AUTO_INCREMENT, time int(10) unsigned NOT NULL, code char(5) NOT NULL, PRIMARY KEY (id) USING BTREE) ENGINE=MEMORY DEFAULT CHARSET=utf8 COLLATE=utf8_bin;'); } } if($dbversion<15){ $db->exec('INSERT INTO ' . PREFIX . "settings (setting, value) VALUES ('keeplimit', '3'), ('mailsender', 'www-data '), ('mailreceiver', 'Webmaster '), ('sendmail', '0'), ('modfallback', '1'), ('guestreg', '0');"); } update_setting('dbversion', DBVERSION); if(get_setting('msgencrypted')!=MSGENCRYPTED){ if(!extension_loaded('openssl')){ send_fatal_error($I['opensslextrequired']); } $result=$db->query('SELECT id, text FROM ' . PREFIX . 'messages;'); $stmt=$db->prepare('UPDATE ' . PREFIX . 'messages SET text=? WHERE id=?;'); while($message=$result->fetch(PDO::FETCH_ASSOC)){ if(MSGENCRYPTED){ $message['text']=openssl_encrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456'); }else{ $message['text']=openssl_decrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456'); } $stmt->execute(array($message['text'], $message['id'])); } $result=$db->query('SELECT id, text FROM ' . PREFIX . 'notes;'); $stmt=$db->prepare('UPDATE ' . PREFIX . 'notes SET text=? WHERE id=?;'); while($message=$result->fetch(PDO::FETCH_ASSOC)){ if(MSGENCRYPTED){ $message['text']=openssl_encrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456'); }else{ $message['text']=openssl_decrypt($message['text'], 'aes-256-cbc', ENCRYPTKEY, 0, '1234567890123456'); } $stmt->execute(array($message['text'], $message['id'])); } update_setting('msgencrypted', (int)MSGENDCRYPTED); } send_update(); } } function get_setting($setting){ global $db, $memcached; if(!MEMCACHED || !$value=$memcached->get(DBNAME . '-' . PREFIX . "settings-$setting")){ $stmt=$db->prepare('SELECT value FROM ' . PREFIX . 'settings WHERE setting=?;'); $stmt->execute(array($setting)); $stmt->bindColumn(1, $value); $stmt->fetch(PDO::FETCH_BOUND); if(MEMCACHED){ $memcached->set(DBNAME . '-' . PREFIX . "settings-$setting", $value); } } return $value; } function update_setting($setting, $value){ global $db, $memcached; $stmt=$db->prepare('UPDATE ' . PREFIX . 'settings SET value=? WHERE setting=?;'); $stmt->execute(array($value, $setting)); if(MEMCACHED){ $memcached->set(DBNAME . '-' . PREFIX . "settings-$setting", $value); } } // configuration, defaults and internals function check_db(){ global $I, $db, $memcached; $options=array(PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT); try{ if(DBDRIVER===0){ if(!extension_loaded('pdo_mysql')){ send_fatal_error($I['pdo_mysqlextrequired']); } $db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, $options); }elseif(DBDRIVER===1){ if(!extension_loaded('pdo_pgsql')){ send_fatal_error($I['pdo_pgsqlextrequired']); } $db=new PDO('pgsql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, $options); }else{ if(!extension_loaded('pdo_sqlite')){ send_fatal_error($I['pdo_sqliteextrequired']); } $db=new PDO('sqlite:' . SQLITEDBFILE, NULL, NULL, $options); } }catch(PDOException $e){ try{ //Attempt to create database if(DBDRIVER===0){ $db=new PDO('mysql:host=' . DBHOST, DBUSER, DBPASS, $options); if(false!==$db->exec('CREATE DATABASE ' . DBNAME)){ $db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, $options); }else{ send_fatal_error($I['nodbsetup']); } }elseif(DBDRIVER===1){ $db=new PDO('pgsql:host=' . DBHOST, DBUSER, DBPASS, $options); if(false!==$db->exec('CREATE DATABASE ' . DBNAME)){ $db=new PDO('pgsql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, $options); }else{ send_fatal_error($I['nodbsetup']); } } }catch(PDOException $e){ if(isSet($_REQUEST['action']) && $_REQUEST['action']==='setup'){ send_fatal_error($I['nodbsetup']); }else{ send_fatal_error($I['nodb']); } } } if(MEMCACHED){ if(!extension_loaded('memcached')){ send_fatal_error($I['memcachedextrequired']); } $memcached=new Memcached(); $memcached->addServer(MEMCACHEDHOST, MEMCACHEDPORT); } } function load_fonts(){ global $F; $F=array( 'Arial' =>"font-family:'Arial','Helvetica','sans-serif';", 'Book Antiqua' =>"font-family:'Book Antiqua','MS Gothic';", 'Comic' =>"font-family:'Comic Sans MS','Papyrus';", 'Comic small' =>"font-family:'Comic Sans MS','Papyrus';font-size:smaller;", 'Courier' =>"font-family:'Courier New','Courier','monospace';", 'Cursive' =>"font-family:'Cursive','Papyrus';", 'Fantasy' =>"font-family:'Fantasy','Futura','Papyrus';", 'Garamond' =>"font-family:'Garamond','Palatino','serif';", 'Georgia' =>"font-family:'Georgia','Times New Roman','Times','serif';", 'Serif' =>"font-family:'MS Serif','New York','serif';", 'System' =>"font-family:'System','Chicago','sans-serif';", 'Times New Roman' =>"font-family:'Times New Roman','Times','serif';", 'Verdana' =>"font-family:'Verdana','Geneva','Arial','Helvetica','sans-serif';", 'Verdana small' =>"font-family:'Verdana','Geneva','Arial','Helvetica','sans-serif';font-size:smaller;" ); } function load_html(){ global $H, $I, $U; $H=array(// default HTML 'form' =>"form action=\"$_SERVER[SCRIPT_NAME]\" method=\"post\"", 'meta_html' =>"", 'credit' =>'

LE CHAT-PHP - ' . VERSION . '', 'commonform' =>hidden('lang', $U['lang']) ); if(isSet($_REQUEST['session'])){ $H['commonform'].=hidden('session', $_REQUEST['session']); } $H=$H+array( 'backtologin' =>"<$H[form] target=\"_parent\">".hidden('lang', $U['lang']).submit($I['backtologin'], 'class="backbutton"').'', 'backtochat' =>"<$H[form]>$H[commonform]".hidden('action', 'view').submit($I['backtochat'], 'class="backbutton"').'' ); } function load_lang(){ global $I, $L, $U; $L=array( 'de' =>'Deutsch', 'en' =>'English', 'es_AR' =>'Español (Argentina)', 'es_ES' =>'Español (España)', 'fr' =>'Français', 'id' =>'Bahasa Indonesia', 'ru' =>'Русский' ); if(isSet($_REQUEST['lang']) && array_key_exists($_REQUEST['lang'], $L)){ $U['lang']=$_REQUEST['lang']; setcookie('language', $U['lang']); }elseif(isSet($_COOKIE['language']) && array_key_exists($_COOKIE['language'], $L)){ $U['lang']=$_COOKIE['language']; }else{ $U['lang']=LANG; } include('lang_en.php'); //always include English if($U['lang']!=='en'){ include("lang_$U[lang].php"); //replace with translation if available foreach($T as $name=>$translation){ $I[$name]=$translation; } } } function load_config(){ define('VERSION', '1.15.3'); // Script version define('DBVERSION', 15); // Database version define('MSGENCRYPTED', false); // Store messages encrypted in the database to prevent other database users from reading them - true/false - visit the setup page after editing! define('ENCRYPTKEY', 'MY_KEY'); // Encryption key for messages define('DBHOST', 'localhost'); // Database host define('DBUSER', 'www-data'); // Database user define('DBPASS', 'YOUR_DB_PASS'); // Database password define('DBNAME', 'public_chat'); // Database define('PERSISTENT', true); // Use persistent database conection true/false define('PREFIX', ''); // Prefix - Set this to a unique value for every chat, if you have more than 1 chats on the same database or domain - use only alpha-numeric values (A-Z, a-z, 0-9, or _) other symbols might break the queries define('MEMCACHED', false); // Enable/disable memcached caching true/false - needs memcached extension and a memcached server. if(MEMCACHED){ define('MEMCACHEDHOST', 'localhost'); // Memcached host define('MEMCACHEDPORT', '11211'); // Memcached port } define('DBDRIVER', 0); // Selects the database driver to use - 0=MySQL, 1=PostgreSQL, 2=sqlite if(DBDRIVER===2){ define('SQLITEDBFILE', 'public_chat.sqlite'); // Filepath of the sqlite database, if sqlite is used - make sure it is writable for the webserver user } define('COOKIENAME', PREFIX . 'chat_session'); // Cookie name storing the session information define('LANG', 'en'); // Default language } ?>