danwin1210/le-chat-php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
dbb030e431cf0096e6b6682d3dfadb9607a4af23
le-chat-php/chat.php
Daniel Winzen dbb030e431 Bugfixes and minor changes
2015-07-12 18:16:33 +02:00

2421 lines
122 KiB
PHP
Executable File
Raw Blame History

<?php
/*
* LE CHAT-PHP - a PHP Chat based on LE CHAT - Main program
*
* Copyright (C) 2015 Daniel Winzen <d@winzen4.de>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
if($_SERVER['REQUEST_METHOD']=='HEAD') exit; // ignore HEAD requests
date_default_timezone_set('UTC');
$A=array();// All registered members
$C=array();// Configuration
$F=array();// Fonts
$G=array();// Guests: display names
$H=array();// HTML-stuff
$I=array();// Translations
$L=array();// Languages
$M=array();// Members: display names
$P=array();// All present users
$U=array();// This user data
$countmods=0;// Present moderators
$memcached;// Memcached connection
$mysqli;// MySQL database connection
load_fonts();
load_config();
load_lang();
load_html();
check_db();
// set session variable to cookie if cookies are enabled
if(!isSet($_REQUEST['session']) && isSet($_COOKIE[$C['cookiename']])){
$_REQUEST['session']=$_COOKIE[$C['cookiename']];
}
// main program: decide what to do based on queries
if(!isSet($_REQUEST['action'])){
send_login();
}elseif($_REQUEST['action']=='view'){
check_session();
send_messages();
}elseif($_REQUEST['action']=='redirect' && !empty($_GET['url'])){
send_redirect();
}elseif($_REQUEST['action']=='wait'){
send_waiting_room();
}elseif($_REQUEST['action']=='post'){
check_session();
if(isSet($_REQUEST['kick']) && isSet($_REQUEST['sendto']) && valid_nick($_REQUEST['sendto'])){
if($U['status']>=5 || ($C['memkick'] && $countmods==0 && $U['status']>=3)){
if(isSet($_REQUEST['what']) && $_REQUEST['what']=='purge') kick_chatter(array($_REQUEST['sendto']), $_REQUEST['message'], true);
else kick_chatter(array($_REQUEST['sendto']), $_REQUEST['message'], false);
}
}elseif(isSet($_REQUEST['message']) && isSet($_REQUEST['sendto'])){
validate_input();
}
send_post();
}elseif($_REQUEST['action']=='login'){
check_login();
send_frameset();
}elseif($_REQUEST['action']=='controls'){
check_session();
send_controls();
}elseif($_REQUEST['action']=='delete'){
check_session();
if($_REQUEST['what']=='all') del_all_messages($U['nickname'], 10);
if($_REQUEST['what']=='last') del_last_message();
send_post();
}elseif($_REQUEST['action']=='profile'){
check_session();
if(isSet($_REQUEST['do']) && $_REQUEST['do']=='save') save_profile();
send_profile();
}elseif($_REQUEST['action']=='logout'){
kill_session();
send_logout();
}elseif($_REQUEST['action']=='colours'){
check_session();
send_colours();
}elseif($_REQUEST['action']=='notes'){
check_session();
if(!$U['status']>=5) send_login();
send_notes('staff');
}elseif($_REQUEST['action']=='help'){
check_session();
send_help();
}elseif($_REQUEST['action']=='admnotes'){
check_session();
if(!$U['status']>=6) send_login();
send_notes('admin');
}elseif($_REQUEST['action']=='admin'){
check_session();
if(!$U['status']>=5) send_login();
if(!isSet($_REQUEST['do'])){
send_admin();
}elseif($_REQUEST['do']=='clean'){
if($_REQUEST['what']=='choose') send_choose_messages();
elseif($_REQUEST['what']=='selected') clean_selected();
elseif($_REQUEST['what']=='room') clean_room();
elseif($_REQUEST['what']=='nick') del_all_messages($_REQUEST['nickname'], $U['status']);
send_admin();
}elseif($_REQUEST['do']=='kick'){
if(!isSet($_REQUEST['name'])) send_admin();
if(isSet($_REQUEST['what']) && $_REQUEST['what']=='purge') kick_chatter($_REQUEST['name'], $_REQUEST['kickmessage'], true);
else kick_chatter($_REQUEST['name'], $_REQUEST['kickmessage'], false);
send_admin();
}elseif($_REQUEST['do']=='logout'){
if(!isSet($_REQUEST['name'])) send_admin();
logout_chatter($_REQUEST['name']);
send_admin();
}elseif($_REQUEST['do']=='sessions'){
if(isSet($_REQUEST['nick'])) kick_chatter(array($_REQUEST['nick']), '', false);
send_sessions();
}elseif($_REQUEST['do']=='register'){
register_guest(3);
check_session();
send_admin();
}elseif($_REQUEST['do']=='superguest'){
register_guest(2);
check_session();
send_admin();
}elseif($_REQUEST['do']=='status'){
change_status();
}elseif($_REQUEST['do']=='regnew'){
register_new();
}elseif($_REQUEST['do']=='approve'){
approve_session();
send_approve_waiting();
}elseif($_REQUEST['do']=='guestaccess'){
if(isSet($_REQUEST['set']) && preg_match('/^[0123]$/', $_REQUEST['set'])){
update_setting('guestaccess', $_REQUEST['set']);
}
}elseif($_REQUEST['do']=='filter'){
manage_filter();
send_filter();
}
send_admin();
}elseif($_REQUEST['action']=='setup'){
if(!$C['memcached'] || !$num_tables=$memcached->get("$C[dbname]-$C[prefix]num-tables")){
$tables=array("$C[prefix]captcha", "$C[prefix]filter", "$C[prefix]ignored", "$C[prefix]members", "$C[prefix]messages", "$C[prefix]notes", "$C[prefix]sessions", "$C[prefix]settings");
$num_tables=0;
$result=mysqli_query($mysqli, 'SHOW TABLES');
while($tmp=mysqli_fetch_array($result, MYSQLI_NUM)){
if(in_array($tmp[0],$tables)) ++$num_tables;
}
if($C['memcached']) $memcached->set("$C[dbname]-$C[prefix]num-tables", $num_tables, 60);
}
if($num_tables<7) send_init();
update_db();
if(!valid_admin()) send_alogin();
$setting_update=array('guestaccess', 'dateformat', 'captcha', 'css', 'memberexpire', 'guestexpire', 'kickpenalty', 'entrywait', 'captchatime', 'messageexpire', 'messagelimit', 'maxmessage');
if(!isSet($_REQUEST['do'])){
}elseif(in_array($_REQUEST['do'], $setting_update)){
if(isSet($_REQUEST[$_REQUEST['do']])){
update_setting($_REQUEST['do'], $_REQUEST[$_REQUEST['do']]);
}
}elseif($_REQUEST['do']=='messages'){
update_messages();
}elseif($_REQUEST['do']=='rules'){
if(isSet($_REQUEST['rulestxt'])){
$_REQUEST['rulestxt']=preg_replace("/\r\n/", '<br>', $_REQUEST['rulestxt']);
$_REQUEST['rulestxt']=preg_replace("/\n/", '<br>', $_REQUEST['rulestxt']);
$_REQUEST['rulestxt']=preg_replace("/\r/", '<br>', $_REQUEST['rulestxt']);
update_setting('rulestxt', $_REQUEST['rulestxt']);
}
}elseif($_REQUEST['do']=='globalpass'){
if(isSet($_REQUEST['globalpass'])){
update_setting('globalpass', $_REQUEST['globalpass']);
}
if(isSet($_REQUEST['englobalpass']) && preg_match('/^[012]$/', $_REQUEST['englobalpass'])){
update_setting('englobalpass', $_REQUEST['englobalpass']);
}
}
send_setup();
}elseif($_REQUEST['action']=='init'){
init_chat();
}else{
send_login();
}
mysqli_close($mysqli);
exit;
// html output subs
function print_stylesheet(){
global $C;
$css=get_setting('css');
echo "<style type=\"text/css\">body{background-color:#$C[colbg];color:#$C[coltxt];} $css</style>";
}
function print_end(){
global $mysqli;
echo '</body></html>';
mysqli_close($mysqli);
exit;
}
function frmpst($arg1='', $arg2=''){
global $C, $H, $U;
$string="<$H[form]>".hidden('action', $arg1).hidden('session', $U['session']).hidden('lang', $C['lang']);
if(!empty($arg2)){
$string.=hidden('what', $arg2).@hidden('sendto', $_REQUEST['sendto']).@hidden('multi', $_REQUEST['multi']);
}
return $string;
}
function frmadm($arg1=''){
global $C, $H, $U;
return "<$H[form]>".hidden('action', 'admin').hidden('do', $arg1).hidden('session', $U['session']).hidden('lang', $C['lang']);
}
function frmsetup($arg1=''){
global $C, $H, $U;
return "<$H[form]>".hidden('action', 'setup').hidden('do', $arg1).hidden('session', $U['session']).hidden('lang', $C['lang']);
}
function hidden($arg1='', $arg2=''){
return "<input type=\"hidden\" name=\"$arg1\" value=\"$arg2\">";
}
function submit($arg1='', $arg2=''){
return "<input type=\"submit\" value=\"$arg1\" $arg2>";
}
function thr(){
echo '<tr><td><hr></td></tr>';
}
function print_start($class='', $ref=0, $url=''){
global $H;
header('Content-Type: text/html; charset=UTF-8'); header('Pragma: no-cache'); header('Cache-Control: no-cache'); header('Expires: 0');
if(!empty($url)) header("Refresh: $ref; URL=$url");
echo "<!DOCTYPE html><html><head>$H[meta_html]";
if(!empty($url)) echo "<meta http-equiv=\"Refresh\" content=\"$ref; URL=$url\">";
print_stylesheet();
echo "</head><$H[begin_body] class=\"$class\">";
}
function send_redirect(){
global $I;
if(preg_match('~^http(s)?://~', $_GET['url'])){
print_start('redirect', 0, $_GET['url']);
echo "<p>$I[redirectto] <a href=\"$_GET[url]\">".htmlspecialchars($_GET['url']).'</a>.</p>';
}else{
print_start('redirect');
$url=preg_replace('~(.*)://~', 'http://', $_GET['url']);
echo "<p>$I[nonhttp] <a href=\"$_GET[url]\">".htmlspecialchars($_GET['url']).'</a>.</p>';
echo "<p>$I[httpredir] <a href=\"$url\">".htmlspecialchars($url).'</a>.</p>';
}
print_end();
}
function send_captcha(){
global $C, $I, $memcached, $mysqli;
$difficulty=get_setting('captcha');
if($difficulty==0) return;
$length=strlen($C['captchachars'])-1;
$code='';
for($i=0;$i<5;++$i){
$code.=$C['captchachars'][rand(0, $length)];
}
$randid=rand(0, 99999999);
$time=time();
if($C['memcached']){
$memcached->set("$C[dbname]-$C[prefix]captcha-$randid", $code, get_setting('captchatime'));
}else{
$stmt=mysqli_prepare($mysqli, "INSERT INTO `$C[prefix]captcha` (`id`, `time`, `code`) VALUES (?, ?, ?)");
mysqli_stmt_bind_param($stmt, 'iis', $randid, $time, $code);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
echo "<tr><td align=\"left\">$I[copy]";
if($difficulty==1){
$im=imagecreatetruecolor(55, 24);
$bg=imagecolorallocate($im, 0, 0, 0);
$fg=imagecolorallocate($im, 255, 255, 255);
imagefill($im, 0, 0, $bg);
imagestring($im, 5, 5, 5, $code, $fg);
echo '<img width="55" height="24" src="data:image/gif;base64,';
}elseif($difficulty==2){
$im=imagecreatetruecolor(55, 24);
$bg=imagecolorallocate($im, 0, 0, 0);
$fg=imagecolorallocate($im, 255, 255, 255);
imagefill($im, 0, 0, $bg);
$line=imagecolorallocate($im, 200, 200, 200);
for($i=0;$i<4;++$i){
imageline($im, 0, rand(0, 24), 55, rand(0, 24), $line);
}
$dots=imagecolorallocate($im, 200, 200, 200);
for($i=0;$i<100;++$i){
imagesetpixel($im, rand(0, 55), rand(0, 24), $dots);
}
imagestring($im, 5, 5, 5, $code, $fg);
echo '<img width="55" height="24" src="data:image/gif;base64,';
}elseif($difficulty==3){
$im=imagecreatetruecolor(150, 200);
$bg=imagecolorallocate($im, 0, 0, 0);
$fg=imagecolorallocate($im, 255, 255, 255);
imagefill($im, 0, 0, $bg);
$line=imagecolorallocate($im, 200, 200, 200);
for($i=0;$i<10;++$i){
imageline($im, 0, rand(0, 200), 150, rand(0, 200), $line);
}
$dots=imagecolorallocate($im, 200, 200, 200);
for($i=0;$i<1000;++$i){
imagesetpixel($im, rand(0, 150), rand(0, 200), $dots);
}
for($i=0;$i<5;++$i){
imagechar($im, 5, rand(10, 140), rand(10, 180), $C['captchachars'][rand(0, $length)], $fg);
}
$x=$y=array();
$follow=imagecolorallocate($im, 200, 0, 0);
for($i=0;$i<5;++$i){
$x[]=rand(10, 140);
$y[]=rand(10, 180);
imagechar($im, 5, $x[$i], $y[$i], $code[$i], $fg);
}
imagearc($im, $x[0]+4, $y[0]+8, 16, 16, 0, 360, $follow);
for($i=0;$i<4;++$i){
imageline($im, $x[$i]+4, $y[$i]+8, $x[$i+1]+4, $y[$i+1]+8, $follow);
}
echo '<img width="150" height="200" src="data:image/gif;base64,';
}
ob_start();
imagegif($im);
imagedestroy($im);
echo base64_encode(ob_get_clean()).'">';
echo '</td><td align="right">'.hidden('challenge', $randid).'<input type="text" name="captcha" size="15" autocomplete="off"></td></tr>';
}
function send_setup(){
global $C, $H, $I, $U;
$ga=get_setting('guestaccess');
print_start('setup');
echo "<center><h2>$I[setup]</h2><table cellspacing=\"0\">";
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[guestacc]</b></td><td align=\"right\">";
echo frmsetup('guestaccess').'<table cellspacing="0">';
echo '<tr><td align="left">&nbsp;<input type="radio" name="guestaccess" id="set1" value="1"';
if($ga==1) echo ' checked';
echo "><label for=\"set1\">&nbsp;$I[guestallow]</label></td><td>&nbsp;</td><tr>";
echo '<tr><td align="left">&nbsp;<input type="radio" name="guestaccess" id="set2" value="2"';
if($ga==2) echo ' checked';
echo "><label for=\"set2\">&nbsp;$I[guestwait]</label></td><td>&nbsp;</td><tr>";
echo '<tr><td align="left">&nbsp;<input type="radio" name="guestaccess" id="set3" value="3"';
if($ga==3) echo ' checked';
echo "><label for=\"set3\">&nbsp;$I[adminallow]</label></td><td>&nbsp;</td><tr>";
echo '<tr><td align="left">&nbsp;<input type="radio" name="guestaccess" id="set0" value="0"';
if($ga==0) echo ' checked';
echo "><label for=\"set0\">&nbsp;$I[guestdisallow]</label></td><td>&nbsp;</td></tr>";
echo '<tr><td>&nbsp;</td><td align="right">'.submit($I['change']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
$englobal=get_setting('englobalpass');
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[globalloginpass]</b></td><td align=\"right\">";
echo frmsetup('globalpass').'<table cellspacing="0">';
echo '<tr><td><select name="englobalpass">';
echo '<option value="0"'; if($englobal==0) echo ' selected'; echo ">$I[disabled]</option>";
echo '<option value="1"'; if($englobal==1) echo ' selected'; echo ">$I[enabled]</option>";
echo '<option value="2"'; if($englobal==2) echo ' selected'; echo ">$I[onlyguests]</option>";
echo '</select></td><td>&nbsp;</td>';
echo '<td><input type="text" name="globalpass" value="'.htmlspecialchars(get_setting('globalpass')).'"></td><td>&nbsp;</td>';
echo '<td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[sysmessages]</b></td><td align=\"right\">";
echo frmsetup('messages').'<table cellspacing="0">';
echo "<tr><td>&nbsp;$I[msgenter]</td><td>&nbsp;<input type=\"text\" name=\"msgenter\" value=\"".get_setting('msgenter').'"></td></tr>';
echo "<tr><td>&nbsp;$I[msgexit]</td><td>&nbsp;<input type=\"text\" name=\"msgexit\" value=\"".get_setting('msgexit').'"></td></tr>';
echo "<tr><td>&nbsp;$I[msgmemreg]</td><td>&nbsp;<input type=\"text\" name=\"msgmemreg\" value=\"".get_setting('msgmemreg').'"></td></tr>';
if($C['suguests']) echo "<tr><td>&nbsp;$I[msgsureg]</td><td>&nbsp;<input type=\"text\" name=\"msgsureg\" value=\"".get_setting('msgsureg').'"></td></tr>';
echo "<tr><td>&nbsp;$I[msgkick]</td><td>&nbsp;<input type=\"text\" name=\"msgkick\" value=\"".get_setting('msgkick').'"></td></tr>';
echo "<tr><td>&nbsp;$I[msgmultikick]</td><td>&nbsp;<input type=\"text\" name=\"msgmultikick\" value=\"".get_setting('msgmultikick').'"></td></tr>';
echo "<tr><td>&nbsp;$I[msgallkick]</td><td>&nbsp;<input type=\"text\" name=\"msgallkick\" value=\"".get_setting('msgallkick').'"></td></tr>';
echo "<tr><td>&nbsp;$I[msgclean]</td><td>&nbsp;<input type=\"text\" name=\"msgclean\" value=\"".get_setting('msgclean').'"></td></tr>';
echo '<tr><td>&nbsp;</td><td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[rules]</b></td><td align=\"right\">";
echo frmsetup('rules').'<table cellspacing="0">';
echo '<tr><td colspan="2"><textarea name="rulestxt" rows="4" cols="60">'.htmlspecialchars(get_setting('rulestxt')).'</textarea></td></tr>';
echo '<tr><td>&nbsp;</td><td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[dateformat]</b></td><td align=\"right\">";
echo frmsetup('dateformat').'<table cellspacing="0">';
echo '<tr><td><input type="text" name="dateformat" value="'.htmlspecialchars(get_setting('dateformat')).'"></td><td>&nbsp;</td>';
echo '<td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[captcha]</b></td><td align=\"right\">";
echo frmsetup('captcha').'<table cellspacing="0">';
echo '<tr><td><select name="captcha">';
$captcha=get_setting('captcha');
echo '<option value="0"'; if($captcha==0) echo ' selected'; echo ">$I[disabled]</option>";
echo '<option value="1"'; if($captcha==1) echo ' selected'; echo ">$I[simple]</option>";
echo '<option value="2"'; if($captcha==2) echo ' selected'; echo ">$I[moderate]</option>";
echo '<option value="3"'; if($captcha==3) echo ' selected'; echo ">$I[extreme]</option>";
echo '</select></td><td>&nbsp;</td>';
echo '<td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[css]</b></td><td align=\"right\">";
echo frmsetup('css').'<table cellspacing="0">';
echo '<tr><td colspan="2"><textarea name="css" rows="4" cols="60">'.htmlspecialchars(get_setting('css')).'</textarea></td></tr>';
echo '<tr><td>&nbsp;</td><td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>';
$number_settings=array('memberexpire', 'guestexpire', 'kickpenalty', 'entrywait', 'captchatime', 'messageexpire', 'messagelimit', 'maxmessage');
foreach($number_settings as $setting){
thr();
echo '<tr><td><table cellspacing="0" width="100%"><tr><td align="left"><b>'.$I[$setting].'</b></td><td align="right">';
echo frmsetup($setting).'<table cellspacing="0">';
echo "<tr><td colspan=\"2\"><input type=\"number\" name=\"$setting\" value=\"".htmlspecialchars(get_setting($setting)).'"></td><td>&nbsp;</td>';
echo '<td align="right">'.submit($I['apply']).'</td></tr></table></form></td></tr></table></td></tr>';
}
thr();
echo "</table><$H[form]>".hidden('action', 'logout').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['logout'])."</form>$H[credit]";
print_end();
}
function send_init(){
global $C, $H, $I, $L;
print_start('init');
echo "<center><h2>$I[init]</h2>";
echo "<$H[form]>".hidden('action', 'init').hidden('lang', $C['lang'])."<table cellspacing=\"0\" width=\"1\"><tr><td align=center><h3>$I[sulogin]</h3><table cellspacing=\"0\">";
echo "<tr><td>$I[sunick]</td><td><input type=\"text\" name=\"sunick\" size=\"15\"></td></tr>";
echo "<tr><td>$I[supass]</td><td><input type=\"password\" name=\"supass\" size=\"15\"></td></tr>";
echo "<tr><td>$I[suconfirm]</td><td><input type=\"password\" name=\"supassc\" size=\"15\"></td></tr>";
echo '</table></td></tr><tr><td align="center"><br>'.submit($I['initbtn']).'</td></tr></table></form>';
echo "<p>$I[changelang]";
foreach($L as $lang=>$name){
echo " <a href=\"$_SERVER[SCRIPT_NAME]?action=setup&lang=$lang\">$name</a>";
}
echo "</p>$H[credit]";
print_end();
}
function send_update(){
global $C, $H, $I;
print_start('update');
echo "<center><h2>$I[dbupdate]</h2><br><$H[form]>".hidden('action', 'setup').hidden('lang', $C['lang']).submit($I['initgosetup'])."</form><br>$H[credit]";
print_end();
}
function send_alogin(){
global $C, $H, $I, $L;
print_start('alogin');
echo "<center><$H[form]>".hidden('action', 'setup').hidden('lang', $C['lang']).'<table>';
echo "<tr><td align=\"left\">$I[nick]</td><td><input type=\"text\" name=\"nick\" size=\"15\"></td></tr>";
echo "<tr><td align=\"left\">$I[pass]</td><td><input type=\"password\" name=\"pass\" size=\"15\"></td></tr>";
send_captcha();
echo '<tr><td colspan="2" align="right">'.submit($I['login']).'</td></tr></table></form>';
echo "<p>$I[changelang]";
foreach($L as $lang=>$name){
echo " <a href=\"$_SERVER[SCRIPT_NAME]?action=setup&lang=$lang\">$name</a>";
}
echo "</p>$H[credit]";
print_end();
}
function send_admin($arg=''){
global $C, $H, $I, $P, $U;
$ga=get_setting('guestaccess');
print_start('admin');
$chlist="<select name=\"name[]\" size=\"5\" multiple><option value=\"\">$I[choose]</option>";
$chlist.="<option value=\"&\">$I[allguests]</option>";
array_multisort(array_map('strtolower', array_keys($P)), SORT_ASC, SORT_STRING, $P);
foreach($P as $user){
if($user[1]>0 && $user[1]<$U['status']) $chlist.="<option value=\"$user[0]\" style=\"$user[2]\">$user[0]</option>";
}
$chlist.='</select>';
echo "<center><h2>$I[admfunc]</h2><i>$arg</i><table cellspacing=\"0\">";
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[cleanmsgs]</b></td><td align=\"right\">";
echo frmadm('clean').'<table cellspacing="0"><tr><td><input type="radio" name="what" id="room" value="room">';
echo "<label for=\"room\">$I[room]</label></td><td>&nbsp;</td><td><input type=\"radio\" name=\"what\" id=\"choose\" value=\"choose\" checked>";
echo "<label for=\"choose\">$I[selection]</label></td><td>&nbsp;</td></tr><tr><td colspan=\"3\"><input type=\"radio\" name=\"what\" id=\"nick\" value=\"nick\">";
echo "<label for=\"nick\">$I[cleannick] </label><input type=\"text\" size=\"5\" name=\"nickname\"></td><td>&nbsp;</td><td align=\"right\">";
echo submit($I['clean'], 'class="delbutton"').'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo '<tr><td><table cellspacing="0" width="100%"><tr><td align="left">'.sprintf($I['kickchat'], get_setting('kickpenalty')).'</td></tr><tr><td align="right">';
echo frmadm('kick')."<table cellspacing=\"0\"><tr><td align=\"left\">$I[kickmsg]</td><td align=\"right\"><input type=\"text\" name=\"kickmessage\" size=\"30\"></td><td>&nbsp;</td><td>&nbsp;</td></tr>";
echo "<tr><td align=\"left\"><input type=\"checkbox\" name=\"what\" value=\"purge\" id=\"purge\"><label for=\"purge\">&nbsp;$I[kickpurge]</label></td><td align=\"right\">$chlist</td><td align=\"right\">";
echo submit($I['kick']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[logoutinact]</b></td><td align=\"right\">";
echo frmadm('logout')."<table cellspacing=\"0\"><tr><td>&nbsp;</td><td align=\"right\">$chlist</td><td align=\"right\">";
echo submit($I['logout']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[viewsess]</b></td><td align=\"right\">";
echo frmadm('sessions').'<table cellspacing="0"><tr><td>&nbsp;</td><td align="right">'.submit($I['view']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[filter]</b></td><td align=\"right\">";
echo frmadm('filter').'<table cellspacing="0"><tr><td>&nbsp;</td><td align="right">'.submit($I['view']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[guestacc]</b></td><td align=\"right\">";
echo frmadm('guestaccess').'<table cellspacing="0">';
echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set1" value="1"';
if($ga==1) echo ' checked';
echo "><label for=\"set1\">&nbsp;$I[guestallow]</label></td><td>&nbsp;</td><tr>";
echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set2" value="2"';
if($ga==2) echo ' checked';
echo "><label for=\"set2\">&nbsp;$I[guestwait]</label></td><td>&nbsp;</td><tr>";
echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set3" value="3"';
if($ga==3) echo ' checked';
echo "><label for=\"set3\">&nbsp;$I[adminallow]</label></td><td>&nbsp;</td><tr>";
echo '<tr><td align="left">&nbsp;<input type="radio" name="set" id="set0" value="0"';
if($ga==0) echo ' checked';
echo "><label for=\"set0\">&nbsp;$I[guestdisallow]</label></td><td>&nbsp;</td></tr>";
echo '<tr><td>&nbsp;</td><td align="right">'.submit($I['change']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
if($C['suguests']){
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[addsuguest]</b></td><td align=\"right\">";
echo frmadm('superguest')."<table cellspacing=\"0\"><tr><td>&nbsp;</td><td valign=\"bottom\"><select name=\"name\" size=\"1\"><option value=\"\">$I[choose]</option>";
foreach($P as $user){
if($user[1]==1) echo "<option value=\"$user[0]\" style=\"$user[2]\">$user[0]</option>";
}
echo '</select></td><td valign="bottom">'.submit($I['register']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
}
if($U['status']>=7){
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[admmembers]</b></td></tr><tr><td align=\"right\">";
echo frmadm('status')."<table cellspacing=\"0\"><tr><td>&nbsp;</td><td valign=\"bottom\" align=\"right\"><select name=\"name\" size=\"1\"><option value=\"\">$I[choose]</option>";
print_memberslist();
echo "</select><select name=\"set\" size=\"1\"><option value=\"\">$I[choose]</option><option value=\"-\">$I[memdel]</option><option value=\"0\">$I[memdeny]</option>";
if($C['suguests']) echo "<option value=\"2\">$I[memsuguest]</option>";
echo "<option value=\"3\">$I[memreg]</option>";
echo "<option value=\"5\">$I[memmod]</option>";
echo "<option value=\"6\">$I[memsumod]</option>";
if($U['status']>=8) echo "<option value=\"7\">$I[memadm]</option>";
echo '</select></td><td valign="bottom">'.submit($I['change']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[regguest]</b></td><td align=\"right\">";
echo frmadm('register')."<table cellspacing=\"0\"><tr><td>&nbsp;</td><td valign=\"bottom\"><select name=\"name\" size=\"1\"><option value=\"\">$I[choose]</option>";
foreach($P as $user){
if($user[1]==1) echo "<option value=\"$user[0]\" style=\"$user[2]\">$user[0]</option>";
}
echo '</select></td><td valign="bottom">'.submit($I['register']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[regmem]</b></td></tr><tr><td align=\"right\">";
echo frmadm('regnew')."<table cellspacing=\"0\"><tr><td>&nbsp;</td><td align=\"left\">$I[nick]</td><td><input type=\"text\" name=\"name\" size=\"20\"></td><td>&nbsp;</td></tr>";
echo "<tr><td>&nbsp;</td><td align=\"left\">$I[pass]</td><td><input type=\"password\" name=\"pass\" size=\"20\"></td><td valign=\"bottom\">";
echo submit($I['register']).'</td></tr></table></form></td></tr></table></td></tr>';
thr();
}
echo "</table>$H[backtochat]</center>";
print_end();
}
function send_sessions(){
global $C, $H, $I, $U;
$lines=parse_sessions();
print_start('sessions');
echo "<center><h1>$I[sessact]</h1><table border=\"0\" cellpadding=\"5\">";
echo "<thead valign=\"middle\"><tr><th><b>$I[sessnick]</b></th><th><b>$I[sesstimeout]</b></th><th><b>$I[sessua]</b></th>";
if($C['trackip']) echo "<th><b>$I[sesip]</b></th>";
echo "<th><b>$I[actions]</b></th></tr></thead><tbody valign=\"middle\">";
foreach($lines as $temp){
if($temp['status']!=0 && $temp['entry']==0 && (!$temp['incognito'] || $temp['status']<$U['status'])){
if($temp['status']==1 || $temp['status']==2) $s='&nbsp;(G)';
elseif($temp['status']==3) $s='';
elseif($temp['status']==5) $s='&nbsp;(M)';
elseif($temp['status']==6) $s='&nbsp;(SM)';
elseif($temp['status']==7) $s='&nbsp;(A)';
elseif($temp['status']==8) $s='&nbsp;(SA)';
echo '<tr><td align="left">'.style_this($temp['nickname'].$s, $temp['fontinfo']).'</td><td>'.get_timeout($temp['lastpost'], $temp['status']).'</td>';
if($U['status']>$temp['status'] || $U['session']==$temp['session']){
echo "<td align=\"left\">$temp[useragent]</td>";
if($C['trackip']) echo "<td align=\"left\">$temp[ip]</td>";
echo "<td align=\"left\">".frmadm('sessions').hidden('nick', $temp['nickname']).submit($I['kick']).'</form></td></tr>';
}else{
echo '<td align="left">-</td>';
if($C['trackip']) echo '<td align="left">-</td>';
echo '<td align="left">-</td></tr>';
}
}
}
echo "</tbody></table><br>$H[backtochat]</center>";
print_end();
}
function manage_filter(){
global $C, $I, $memcached, $mysqli;
if(isSet($_REQUEST['id'])){
$_REQUEST['match']=htmlspecialchars($_REQUEST['match']);
if(isSet($_REQUEST['regex']) && $_REQUEST['regex']==1){
if(!is_int(@preg_match("/$_REQUEST[match]/", ''))) send_filter($I['incorregex']);
$reg=1;
}else{
$_REQUEST['match']=preg_replace('/([^\w\d])/', "\\\\$1", $_REQUEST['match']);
$reg=0;
}
if(isSet($_REQUEST['allowinpm']) && $_REQUEST['allowinpm']==1) $pm=1;
else $pm=0;
if(isSet($_REQUEST['kick']) && $_REQUEST['kick']==1) $kick=1;
else $kick=0;
if(preg_match('/^[0-9]*$/', $_REQUEST['id'])){
if(empty($_REQUEST['match'])){
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]filter` WHERE `id`=?");
mysqli_stmt_bind_param($stmt, 'i', $_REQUEST['id']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]filter");
}else{
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]filter` SET `match`=?, `replace`=?, `allowinpm`=?, `regex`=?, `kick`=? WHERE `id`=?");
mysqli_stmt_bind_param($stmt, 'ssiiii', $_REQUEST['match'], $_REQUEST['replace'], $pm, $reg, $kick, $_REQUEST['id']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]filter");
}
}elseif(preg_match('/^\+$/', $_REQUEST['id'])){
$stmt=mysqli_prepare($mysqli, "INSERT INTO `$C[prefix]filter` (`match`, `replace`, `allowinpm`, `regex`, `kick`) VALUES (?, ?, ?, ?, ?)");
mysqli_stmt_bind_param($stmt, 'ssiii', $_REQUEST['match'], $_REQUEST['replace'], $pm, $reg, $kick);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]filter");
}
}
}
function send_filter($arg=''){
global $C, $H, $I, $U, $memcached, $mysqli;
print_start('filter');
echo "<center><h2>$I[filter]</h2><i>$arg</i><table cellspacing=\"0\">";
thr();
echo "<tr><th><table cellspacing=\"0\" width=\"100%\"><tr><td style=\"width:8em\"><center><b>$I[fid]</b></center></td>";
echo "<td style=\"width:12em\"><center><b>$I[match]</b></center></td>";
echo "<td style=\"width:12em\"><center><b>$I[replace]</b></center></td>";
echo "<td style=\"width:9em\"><center><b>$I[allowpm]</b></center></td>";
echo "<td style=\"width:5em\"><center><b>$I[regex]</b></center></td>";
echo "<td style=\"width:5em\"><center><b>$I[kick]</b></center></td>";
echo "<td style=\"width:5em\"><center><b>$I[apply]</b></center></td></tr></table></th></tr>";
if($C['memcached']) $filters=$memcached->get("$C[dbname]-$C[prefix]filter");
if(!$C['memcached'] || $memcached->getResultCode()!=Memcached::RES_SUCCESS){
$filters=array();
$result=mysqli_query($mysqli, "SELECT * FROM `$C[prefix]filter`");
while($filter=mysqli_fetch_array($result, MYSQLI_ASSOC)) $filters[]=$filter;
if($C['memcached']) $memcached->set("$C[dbname]-$C[prefix]filter", $filters);
}
foreach($filters as $filter){
if($filter['allowinpm']==1) $check=' checked';
else $check='';
if($filter['regex']==1) $checked=' checked';
else $checked='';
if($filter['kick']==1) $checkedk=' checked';
else $checkedk='';
if($filter['regex']==0) $filter['match']=preg_replace('/(\\\\(.))/', "$2", $filter['match']);
echo '<tr><td>'.frmadm('filter').hidden('id', $filter['id']);
echo "<table cellspacing=\"0\" width=\"100%\"><tr><td style=\"width:8em\"><b>$I[filter] $filter[id]:</b></td>";
echo "<td style=\"width:12em\"><input type=\"text\" name=\"match\" value=\"$filter[match]\" size=\"20\" style=\"$U[style]\"></td>";
echo '<td style="width:12em"><input type="text" name="replace" value="'.htmlspecialchars($filter['replace'])."\" size=\"20\" style=\"$U[style]\"></td>";
echo "<td style=\"width:9em\"><input type=\"checkbox\" name=\"allowinpm\" id=\"allowinpm-$filter[id]\" value=\"1\"$check><label for=\"allowinpm-$filter[id]\">$I[allowpm]</label></td>";
echo "<td style=\"width:5em\"><input type=\"checkbox\" name=\"regex\" id=\"regex-$filter[id]\" value=\"1\"$checked><label for=\"regex-$filter[id]\">$I[regex]</label></td>";
echo "<td style=\"width:5em\"><input type=\"checkbox\" name=\"kick\" id=\"kick-$filter[id]\" value=\"1\"$checkedk><label for=\"kick-$filter[id]\">$I[kick]</label></td>";
echo '<td align="right" style="width:5em">'.submit($I['change']).'</td></tr></table></form></td></tr>';
}
echo '<tr><td>'.frmadm('filter').hidden('id', '+');
echo "<table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\" style=\"width:8em\"><b>$I[newfilter]</b></td>";
echo "<td style=\"width:12em\"><input type=\"text\" name=\"match\" value=\"\" size=\"20\" style=\"$U[style]\"></td>";
echo "<td style=\"width:12em\"><input type=\"text\" name=\"replace\" value=\"\" size=\"20\" style=\"$U[style]\"></td>";
echo "<td style=\"width:9em\"><input type=\"checkbox\" name=\"allowinpm\" id=\"allowinpm\" value=\"1\"><label for=\"allowinpm\">$I[allowpm]</label></td>";
echo "<td style=\"width:5em\"><input type=\"checkbox\" name=\"regex\" id=\"regex\" value=\"1\"><label for=\"regex\">$I[regex]</label></td>";
echo "<td style=\"width:5em\"><input type=\"checkbox\" name=\"kick\" id=\"kick\" value=\"1\"><label for=\"kick\">$I[kick]</label></td>";
echo '<td align="right" style="width:5em">'.submit($I['add']).'</td></tr></table></form></td></tr>';
echo "</table><br>$H[backtochat]</center>";
print_end();
}
function send_frameset(){
global $C, $H, $I, $U, $mysqli;
header('Content-Type: text/html; charset=UTF-8'); header('Pragma: no-cache'); header('Cache-Control: no-cache'); header('Expires: 0');
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Frameset//EN\" \"http://www.w3.org/TR/html4/frameset.dtd\"><html><head>$H[meta_html]";
print_stylesheet();
if(isSet($_COOKIE['test'])){
echo "</head><frameset rows=\"100,*,60\" border=\"3\" frameborder=\"3\" framespacing=\"3\"><frame name=\"post\" src=\"$_SERVER[SCRIPT_NAME]?action=post\"><frame name=\"view\" src=\"$_SERVER[SCRIPT_NAME]?action=view\"><frame name=\"controls\" src=\"$_SERVER[SCRIPT_NAME]?action=controls\"><noframes><body>$I[noframes]$H[backtologin]</body></noframes></frameset></html>";
}else{
echo "</head><frameset rows=\"100,*,60\" border=\"3\" frameborder=\"3\" framespacing=\"3\"><frame name=\"post\" src=\"$_SERVER[SCRIPT_NAME]?action=post&amp;session=$U[session]&amp;lang=$C[lang]\"><frame name=\"view\" src=\"$_SERVER[SCRIPT_NAME]?action=view&amp;session=$U[session]&amp;lang=$C[lang]\"><frame name=\"controls\" src=\"$_SERVER[SCRIPT_NAME]?action=controls&amp;session=$U[session]&amp;lang=$C[lang]\"><noframes><body>$I[noframes]$H[backtologin]</body></noframes></frameset></html>";
}
mysqli_close($mysqli);
exit;
}
function send_messages(){
global $C, $I, $U;
if(isSet($_COOKIE[$C['cookiename']])){
$url="$_SERVER[SCRIPT_NAME]?action=view";
}else{
$url="$_SERVER[SCRIPT_NAME]?action=view&amp;session=$U[session]&amp;lang=$C[lang]";
}
print_start('messages', $U['refresh'], $url);
echo '<a name="top"></a>';
print_chatters();
echo "<table cellspacing=\"0\" width=\"100%\"><tr><td valign=\"top\" align=\"right\"><a href=\"$url#bottom\">$I[bottom]</a></td></tr></table>";
print_messages();
echo "<a name=\"bottom\"></a><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"right\"><a href=\"$url#top\">$I[top]</a></td></tr></table>";
print_end();
}
function send_notes($type){
global $C, $H, $I, $U, $mysqli;
print_start('notes');
$text='';
echo '<center>';
if($U['status']>=6){
echo "<table><tr><td><$H[form] target=\"view\">".hidden('action', 'admnotes').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['admnotes']).'</form></td>';
echo "<td><$H[form] target=\"view\">".hidden('action', 'notes').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['notes']).'</form></td></tr></table>';
}
if($type=='staff') echo "<h2>$I[staffnotes]</h2><p>";
else echo "<center><h2>$I[adminnotes]</h2><p>";
if(isset($_REQUEST['text'])){
if($C['msgencrypted']) $_REQUEST['text']=openssl_encrypt($_REQUEST['text'], 'aes-256-cbc', $C['encryptkey'], 0, '1234567890123456');
$time=time();
$stmt=mysqli_prepare($mysqli, "INSERT INTO `$C[prefix]notes` (`type`, `lastedited`, `editedby`, `text`) VALUES (?, ?, ?, ?)");
mysqli_stmt_bind_param($stmt, 'siss', $type, $time, $U['nickname'], $_REQUEST['text']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
echo "<b>$I[notessaved]</b> ";
}
$dateformat=get_setting('dateformat');
$stmt=mysqli_prepare($mysqli, "SELECT `lastedited`, `editedby`, `text` FROM `$C[prefix]notes` WHERE `type`=? ORDER BY `id` DESC LIMIT 1");
mysqli_stmt_bind_param($stmt, 's', $type);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $lastedited, $editedby, $text);
if(mysqli_stmt_fetch($stmt)) printf($I['lastedited'], $editedby, date($dateformat, $lastedited));
mysqli_stmt_close($stmt);
echo "</p><$H[form]>";
if($C['msgencrypted']) $text=openssl_decrypt($text, 'aes-256-cbc', $C['encryptkey'], 0, '1234567890123456');
if($type=='staff') echo hidden('action', 'notes');
else echo hidden('action', 'admnotes');
echo hidden('session', $U['session']).hidden('lang', $C['lang'])."<textarea name=\"text\" rows=\"$U[notesboxheight]\" cols=\"$U[notesboxwidth]\">".htmlspecialchars($text).'</textarea><br>';
echo submit($I['savenotes']).'</form><br></center>';
print_end();
}
function send_approve_waiting(){
global $C, $H, $I, $mysqli;
print_start('approve_waiting');
echo "<center><h2>$I[waitingroom]</h2>";
$result=mysqli_query($mysqli, "SELECT * FROM `$C[prefix]sessions` WHERE `entry`!='0' AND `status`='1' ORDER BY `id`");
if(mysqli_num_rows($result)>0){
echo frmadm('approve').'<table cellpadding="5">';
echo "<thead align=\"left\"><tr><th><b>$I[sessnick]</b></th><th><b>$I[sessua]</b></th></tr></thead><tbody align=\"left\" valign=\"middle\">";
while($temp=mysqli_fetch_array($result, MYSQLI_ASSOC)){
echo '<tr>'.hidden('alls[]', $temp['nickname'])."<td><input type=\"checkbox\" name=\"csid[]\" id=\"$temp[nickname]]\" value=\"$temp[nickname]\"><label for=\"$temp[nickname]\">&nbsp;$temp[displayname]</label></td><td>$temp[useragent]</td></tr>";
}
echo "</tbody></table><br><table><tr><td><input type=\"radio\" name=\"what\" value=\"allowchecked\" id=\"allowchecked\" checked></td><td><label for=\"allowchecked\">$I[allowchecked]</label></td>";
echo "<td><input type=\"radio\" name=\"what\" value=\"allowall\" id=\"allowall\"></td><td><label for=\"allowall\">$I[allowall]</label></td>";
echo "<td><input type=\"radio\" name=\"what\" value=\"denychecked\" id=\"denychecked\"></td><td><label for=\"denychecked\">$I[denychecked]</label></td>";
echo "<td><input type=\"radio\" name=\"what\" value=\"denyall\" id=\"denyall\"></td><td><label for=\"denyall\">$I[denyall]</label></td></tr><tr><td colspan=\"8\" align=\"center\">$I[denymessage] <input type=\"text\" name=\"kickmessage\" size=\"45\"></td>";
echo '</tr><tr><td colspan="8" align="center">'.submit($I['butallowdeny']).'</td></tr></table></form>';
}else{
echo "$I[waitempty]<br>";
}
echo "<br>$H[backtochat]</center>";
print_end();
}
function send_waiting_room(){
global $C, $H, $I, $U, $countmods, $mysqli;
parse_sessions();
$ga=get_setting('guestaccess');
if($ga==3 && $countmods>0) $wait=false;
else $wait=true;
if(!isSet($U['session'])){
setcookie($C['cookiename'], false);
send_error($I['expire']);
}
if($U['status']==0){
setcookie($C['cookiename'], false);
send_error("$I[kicked]<br>$U[kickmessage]");
}
$timeleft=get_setting('entrywait')-(time()-$U['entry']);
if($wait && ($timeleft<=0 || $ga==1)){
$U['entry']=0;
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `entry`=? WHERE `session`=?");
mysqli_stmt_bind_param($stmt, 'is', $U['entry'], $U['session']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
send_frameset();
}elseif(!$wait && $U['entry']==0){
send_frameset();
}else{
if(isSet($_COOKIE['test'])){
header("Refresh: $C[defaultrefresh]; URL=$_SERVER[SCRIPT_NAME]?action=wait");
print_start('waitingroom', $C['defaultrefresh'], "$_SERVER[SCRIPT_NAME]?action=wait");
}else{
header("Refresh: $C[defaultrefresh]; URL=$_SERVER[SCRIPT_NAME]?action=wait&session=$U[session]");
print_start('waitingroom', $C['defaultrefresh'], "$_SERVER[SCRIPT_NAME]?action=wait&amp;session=$U[session]&amp;lang=$C[lang]");
}
if($wait){
echo "<center><h2>$I[waitingroom]</h2><p>".sprintf($I['waittext'], $U['displayname'], $timeleft).'</p><br><p>'.sprintf($I['waitreload'], $C['defaultrefresh']).'</p><br><br>';
}else{
echo "<center><h2>$I[waitingroom]</h2><p>".sprintf($I['admwaittext'], $U['displayname']).'</p><br><p>'.sprintf($I['waitreload'], $C['defaultrefresh']).'</p><br><br>';
}
echo "<hr><form action=\"$_SERVER[SCRIPT_NAME]\" method=\"post\">".hidden('action', 'wait').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['reload']).'</form><br>';
echo "<h2>$I[rules]</h2><b>".get_setting('rulestxt').'</b></center>';
print_end();
}
}
function send_choose_messages(){
global $H, $I, $U;
print_start('choose_messages');
echo frmadm('clean').hidden('what', 'selected').submit($I['delselmes'], 'class="delbutton"').'<br><br>';
print_messages($U['status']);
echo "</form><br>$H[backtochat]";
print_end();
}
function send_post(){
global $C, $I, $P, $U, $countmods;
$U['postid']=substr(time(), -6);
print_start('post');
echo '<center><table cellspacing="0"><tr><td align="center">'.frmpst('post').hidden('postid', $U['postid']).@hidden('multi', $_REQUEST['multi']);
echo "<table cellspacing=\"0\"><tr><td valign=\"top\">$U[displayname]</td><td valign=\"top\">:</td>";
if(!isSet($U['rejected'])) $U['rejected']='';
if(isSet($_REQUEST['multi']) && $_REQUEST['multi']=='on'){
echo "<td valign=\"top\"><textarea name=\"message\" wrap=\"virtual\" rows=\"$U[boxheight]\" cols=\"$U[boxwidth]\" maxlength=\"".get_setting('maxmessage')."\" style=\"$U[style]\" autofocus>$U[rejected]</textarea></td>";
}else{
echo "<td valign=\"top\"><input type=\"text\" name=\"message\" value=\"$U[rejected]\" size=\"$U[boxwidth]\" maxlength=\"".get_setting('maxmessage')."\" style=\"$U[style]\" autofocus></td>";
}
echo '<td valign="top">'.submit($I['talkto']).'</td><td valign="top"><select name="sendto" size="1">';
echo '<option '; if(isSet($_REQUEST['sendto']) && $_REQUEST['sendto']=='*') echo 'selected '; echo "value=\"*\">-$I[toall]-</option>";
if($U['status']>=3){
echo '<option ';
if(isSet($_REQUEST['sendto']) && $_REQUEST['sendto']=='?') echo 'selected ';
echo "value=\"?\">-$I[tomem]-</option>";
}
if($U['status']>=5){
echo '<option ';
if(isSet($_REQUEST['sendto']) && $_REQUEST['sendto']=='#') echo 'selected ';
echo "value=\"#\">-$I[tostaff]-</option>";
}
if($U['status']>=6){
echo '<option ';
if(isSet($_REQUEST['sendto']) && $_REQUEST['sendto']=='&') echo 'selected ';
echo "value=\"&\">-$I[toadmin]-</option>";
}
$ignored=array();
$ignore=get_ignored();
foreach($ignore as $ign){
if($ign['ignored']==$U['nickname']) $ignored[]=$ign['by'];
if($ign['by']==$U['nickname']) $ignored[]=$ign['ignored'];
}
array_multisort(array_map('strtolower', array_keys($P)), SORT_ASC, SORT_STRING, $P);
foreach($P as $user){
if($U['nickname']!==$user[0] && !in_array($user[0], $ignored)){
echo '<option ';
if(isSet($_REQUEST['sendto']) && $_REQUEST['sendto']==$user[0]) echo 'selected ';
echo "value=\"$user[0]\" style=\"$user[2]\">$user[0]</option>";
}
}
echo '</select>';
if($U['status']>=5 || ($C['memkick'] && $countmods==0 && $U['status']>=3)){
echo "<input type=\"checkbox\" name=\"kick\" id=\"kick\" value=\"kick\"><label for=\"kick\">&nbsp;$I[kick]</label>";
echo "<input type=\"checkbox\" name=\"what\" id=\"what\" value=\"purge\" checked><label for=\"what\">&nbsp;$I[alsopurge]</label>";
}
echo '</td></tr></table></form></td></tr><tr><td height="8"></td></tr><tr><td align="center"><table cellspacing="0"><tr><td>';
echo frmpst('delete', 'last').submit($I['dellast'], 'class="delbutton"').'</form></td><td>'.frmpst('delete', 'all').submit($I['delall'], 'class="delbutton"').'</form></td><td width="10"></td><td>';
if(isSet($_REQUEST['multi']) && $_REQUEST['multi']=='on'){
$switch=$I['switchsingle'];
$multi='';
}else{
$switch=$I['switchmulti'];
$multi='on';
}
echo frmpst('post').@hidden('sendto', $_REQUEST['sendto']).hidden('multi', $multi).submit($switch).'</form></td>';
echo '</tr></table></td></tr></table></center>';
print_end();
}
function send_help(){
global $C, $H, $I, $U;
print_start('help');
echo "<h2>$I[rules]</h2>".get_setting('rulestxt')."<br><br><hr><h2>$I[help]</h2>$I[helpguest]";
if($C['imgembed']) echo "<br>$I[helpembed]";
if($U['status']>=3){
echo "<br>$I[helpmem]<br>";
if($U['status']>=5){
echo "<br>$I[helpmod]<br>";
if($U['status']>=7) echo "<br>$I[helpadm]<br>";
}
}
echo "<br><hr><center>$H[backtochat]$H[credit]";
print_end();
}
function send_profile($arg=''){
global $C, $F, $H, $I, $P, $U;
print_start('profile');
echo "<center><$H[form]>".hidden('action', 'profile').hidden('do', 'save').hidden('session', $U['session']).hidden('lang', $C['lang'])."<h2>$I[profile]</h2><i>$arg</i><table cellspacing=\"0\">";
thr();
array_multisort(array_map('strtolower', array_keys($P)), SORT_ASC, SORT_STRING, $P);
$ignored=array();
$ignore=get_ignored();
foreach($ignore as $ign){
if($ign['by']==$U['nickname']) $ignored[]=$ign['ignored'];
}
if(count($ignored)>0){
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[unignore]</b></td><td align=\"right\"><table cellspacing=\"0\">";
echo "<tr><td>&nbsp;</td><td><select name=\"unignore\" size=\"1\"><option value=\"\">$I[choose]</option>";
foreach($ignored as $ign){
$style='';
foreach($P as $user){
if($ign==$user[0]){
$style=" style=\"$user[2]\"";
break;
}
}
echo "<option value=\"$ign\"$style>$ign</option>";
}
echo '</select></td></tr></table></td></tr></table></td></tr>';
thr();
}
if(count($P)-count($ignored)>1){
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[ignore]</b></td><td align=\"right\"><table cellspacing=\"0\">";
echo "<tr><td>&nbsp;</td><td><select name=\"ignore\" size=\"1\"><option value=\"\">$I[choose]</option>";
foreach($P as $user){
if($U['nickname']!==$user[0] && !in_array($user[0], $ignored)){
echo "<option value=\"$user[0]\" style=\"$user[2]\">$user[0]</option>";
}
}
echo '</select></td></tr></table></td></tr></table></td></tr>';
thr();
}
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[refreshrate]</b></td><td align=\"right\"><table cellspacing=\"0\">";
echo "<tr><td>&nbsp;</td><td><input type=\"number\" name=\"refresh\" size=\"3\" maxlength=\"3\" min=\"5\" max=\"150\" value=\"$U[refresh]\"></td></tr></table></td></tr></table></td></tr>";
thr();
if(!isSet($_COOKIE[$C['cookiename']])) $session='&amp;session=$U[session]'; else $session='';
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[fontcolour]</b> (<a href=\"$_SERVER[SCRIPT_NAME]?action=colours$session\" target=\"view\">$I[viewexample]</a>)</td><td align=\"right\"><table cellspacing=\"0\">";
echo "<tr><td>&nbsp;</td><td><input type=\"text\" size=\"6\" maxlength=\"6\" pattern=\"[a-fA-F0-9]{6}\" value=\"$U[colour]\" name=\"colour\"></td></tr></table></td></tr></table></td></tr>";
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[bgcolour]</b> (<a href=\"$_SERVER[SCRIPT_NAME]?action=colours$session\" target=\"view\">$I[viewexample]</a>)</td><td align=\"right\"><table cellspacing=\"0\">";
echo "<tr><td>&nbsp;</td><td><input type=\"text\" size=\"6\" maxlength=\"6\" pattern=\"[a-fA-F0-9]{6}\" value=\"$U[bgcolour]\" name=\"bgcolour\"></td></tr></table></td></tr></table></td></tr>";
thr();
if($U['status']>=3){
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[fontface]</b></td><td align=\"right\"><table cellspacing=\"0\">";
echo "<tr><td>&nbsp;</td><td><select name=\"font\" size=\"1\"><option value=\"\">* $I[roomdefault] *</option>";
foreach($F as $name=>$font){
echo '<option style="'.get_style($font).'" ';
if(preg_match("/$font/", $U['fontinfo'])) echo 'selected ';
echo "value=\"$name\">$name</option>";
}
echo '</select></td><td>&nbsp;</td><td><input type="checkbox" name="bold" id="bold" value="on"';
if(preg_match('/<i?bi?>/', $U['fontinfo'])) echo ' checked';
echo "></td><td><label for=\"bold\"><b>$I[bold]</b></label></td><td>&nbsp;</td><td><input type=\"checkbox\" name=\"italic\" id=\"italic\" value=\"on\"";
if(preg_match('/<b?ib?>/', $U['fontinfo'])) echo ' checked';
echo "></td><td><label for=\"italic\"><i>$I[italic]</i></label></td></tr></table></td></tr></table></td></tr>";
thr();
}
echo "<tr><td align=\"center\">$U[displayname]&nbsp;: ".style_this($I['fontexample'], $U['fontinfo']).'</td></tr>';
thr();
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[timestamps]</b></td><td align=\"right\"><table cellspacing=\"0\">";
echo '<tr><td>&nbsp;</td><td><input type="checkbox" name="timestamps" id="timestamps" value="on"';
if($U['timestamps']) echo ' checked';
echo "></td><td><label for=\"timestamps\"><b>$I[enabled]</b></label></td></tr></table></td></tr></table></td></tr>";
thr();
if($C['imgembed']){
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[embed]</b></td><td align=\"right\"><table cellspacing=\"0\">";
echo '<tr><td>&nbsp;</td><td><input type="checkbox" name="embed" id="embed" value="on"';
if($U['embed'] && isSet($_COOKIE[$C['cookiename']])) echo ' checked';
echo "></td><td><label for=\"embed\"><b>$I[enabled]</b></label></td></tr></table></td></tr></table></td></tr>";
thr();
}
if($U['status']>=5 && $C['incognito']){
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[incognito]</b></td><td align=\"right\"><table cellspacing=\"0\">";
echo '<tr><td>&nbsp;</td><td><input type="checkbox" name="incognito" id="incognito" value="on"';
if($U['incognito']) echo ' checked';
echo "></td><td><label for=\"incognito\"><b>$I[enabled]</b></label></td></tr></table></td></tr></table></td></tr>";
thr();
}
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[pbsize]</b></td><td align=\"right\"><table cellspacing=\"0\">";
echo "<tr><td>&nbsp;</td><td>$I[width]</td><td><input type=\"number\" name=\"boxwidth\" size=\"3\" maxlength=\"3\" value=\"$U[boxwidth]\"></td>";
echo "<td>&nbsp;</td><td>$I[height]</td><td><input type=\"number\" name=\"boxheight\" size=\"3\" maxlength=\"3\" value=\"$U[boxheight]\"></td>";
echo '</tr></table></td></tr></table></td></tr>';
thr();
if($U['status']>=5){
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[nbsize]</b></td><td align=\"right\"><table cellspacing=\"0\">";
echo "<tr><td>&nbsp;</td><td>$I[width]</td><td><input type=\"number\" name=\"notesboxwidth\" size=\"3\" maxlength=\"3\" value=\"$U[notesboxwidth]\"></td>";
echo "<td>&nbsp;</td><td>$I[height]</td><td><input type=\"number\" name=\"notesboxheight\" size=\"3\" maxlength=\"3\" value=\"$U[notesboxheight]\"></td>";
echo '</tr></table></td></tr></table></td></tr>';
thr();
}
if($U['status']>=2){
echo "<tr><td><table cellspacing=\"0\" width=\"100%\"><tr><td align=\"left\"><b>$I[changepass]</b></td></tr>";
echo "<tr><td align=\"right\"><table cellspacing=\"0\"><tr><td>&nbsp;</td><td align=\"left\">$I[oldpass]</td><td><input type=\"password\" name=\"oldpass\" size=\"20\"></td></tr>";
echo "<tr><td>&nbsp;</td><td align=\"left\">$I[newpass]</td><td><input type=\"password\" name=\"newpass\" size=\"20\"></td></tr>";
echo "<tr><td>&nbsp;</td><td align=\"left\">$I[confirmpass]</td><td><input type=\"password\" name=\"confirmpass\" size=\"20\"></td></tr></table></td></tr></table></td></tr>";
thr();
}
echo '<tr><td align="center">'.submit($I['savechanges'])."</td></tr></table></form><br>$H[backtochat]</center>";
print_end();
}
function send_controls(){
global $C, $H, $I, $U;
print_start('controls');
echo '<center><table cellspacing="0"><tr>';
echo "<td><$H[form] target=\"post\">".hidden('action', 'post').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['reloadpb']).'</form></td>';
echo "<td><$H[form] target=\"view\">".hidden('action', 'view').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['reloadmsgs']).'</form></td>';
echo "<td><$H[form] target=\"view\">".hidden('action', 'profile').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['chgprofile']).'</form></td>';
if($U['status']>=5) echo "<td><$H[form] target=\"view\">".hidden('action', 'admin').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['adminbtn']).'</form></td>';
if($U['status']>=5) echo "<td><$H[form] target=\"view\">".hidden('action', 'notes').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['notes']).'</form></td>';
if($U['status']>=3) echo "<td><$H[form] target=\"_blank\">".hidden('action', 'login').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['clone']).'</form></td>';
echo "<td><$H[form] target=\"view\">".hidden('action', 'help').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['randh']).'</form></td>';
echo "<td><$H[form] target=\"_parent\">".hidden('action', 'logout').hidden('session', $U['session']).hidden('lang', $C['lang']).submit($I['exit'], 'id="exitbutton"').'</form></td>';
echo '</tr></table></center>';
print_end();
}
function send_logout(){
global $H, $I, $U;
print_start('logout');
echo '<center><h1>'.sprintf($I['bye'], $U['displayname'])."</h1>$H[backtologin]</center>";
print_end();
}
function send_colours(){
global $C, $H, $I;
print_start('colours');
echo "<center><h2>$I[colourtable]</h2><tt>";
for($red=0x00;$red<=0xFF;$red+=0x33){
for($green=0x00;$green<=0xFF;$green+=0x33){
for($blue=0x00;$blue<=0xFF;$blue+=0x33){
$hcol=sprintf('%02X', $red).sprintf('%02X', $green).sprintf('%02X', $blue);
echo "<font color=\"#$hcol\"><b>$hcol</b></font> ";
}
echo '<br>';
}
echo '<br>';
}
echo "</tt><$H[form]>".hidden('action', 'profile').hidden('session', $_REQUEST['session']).hidden('lang', $C['lang']).submit($I['backtoprofile'], ' class="backbutton"').'</form></center>';
print_end();
}
function send_login(){
global $C, $H, $I, $L;
setcookie('test', '1');
print_start('login');
$ga=get_setting('guestaccess');
$englobal=get_setting('englobalpass');
echo "<center><h1>$C[chatname]</h1><$H[form] target=\"_parent\">".hidden('action', 'login').hidden('lang', $C['lang']);
if($englobal==1 && isSet($_POST['globalpass'])) echo hidden('globalpass', $_POST['globalpass']);
echo '<table border="2" width="1" rules="none">';
if($englobal!=1 || (isSet($_POST['globalpass']) && $_POST['globalpass']==get_setting('globalpass'))){
echo "<tr><td align=\"left\">$I[nick]</td><td align=\"right\"><input type=\"text\" name=\"nick\" size=\"15\"></td></tr>";
echo "<tr><td align=\"left\">$I[pass]</td><td align=\"right\"><input type=\"password\" name=\"pass\" size=\"15\"></td></tr>";
send_captcha();
if($ga!=0){
if($englobal==2) echo "<tr><td align=\"left\">$I[globalloginpass]</td><td align=\"right\"><input type=\"password\" name=\"globalpass\" size=\"15\"></td></tr>";
echo "<tr><td colspan=\"2\" align=\"center\">$I[choosecol]<br><select style=\"text-align:center;\" name=\"colour\"><option value=\"\">* $I[randomcol] *</option>";
print_colours();
echo '</select></td></tr>';
}else{
echo "<tr><td colspan=\"2\" align=\"center\">$I[noguests]</td></tr>";
}
echo '<tr><td colspan="2" align="center">'.submit($I['enter']).'</td></tr></table></form>';
get_nowchatting();
echo "<h2>$I[rules]</h2><b>".get_setting('rulestxt').'</b><br>';
}else{
echo "<tr><td align=\"left\">$I[globalloginpass]</td><td align=\"right\"><input type=\"password\" name=\"globalpass\" size=\"15\"></td></tr>";
if($ga==0) echo "<tr><td colspan=\"2\" align=\"center\">$I[noguests]</td></tr>";
echo '<tr><td colspan="2" align="center">'.submit($I['enter']).'</td></tr></table></form>';
}
echo "<p>$I[changelang]";
foreach($L as $lang=>$name){
echo " <a href=\"$_SERVER[SCRIPT_NAME]?lang=$lang\">$name</a>";
}
echo "</p>$H[credit]";
print_end();
}
function send_error($err){
global $H, $I;
print_start('error');
echo "<h2>$I[error] $err</h2>$H[backtologin]";
print_end();
}
function print_chatters(){
global $C, $G, $I, $M, $U, $mysqli;
echo '<table cellspacing="0"><tr>';
if($U['status']>=5 && get_setting('guestaccess')==3){
$result=mysqli_query($mysqli, "SELECT COUNT(*) FROM `$C[prefix]sessions` WHERE `entry`!='0' AND `status`='1'");
$temp=mysqli_fetch_array($result, MYSQLI_NUM);
if($temp[0]>0) echo '<td valign="top">'.frmadm('approve').submit(sprintf($I['approveguests'], $temp[0])).'</form></td><td>&nbsp;</td>';
}
if(!empty($M)){
echo "<td valign=\"top\"><b>$I[members]</b></td><td>&nbsp;</td><td valign=\"top\">".implode(' &nbsp; ', $M).'</td>';
if(!empty($G)) echo '<td>&nbsp;&nbsp;</td>';
}
if(!empty($G)) echo "<td valign=\"top\"><b>$I[guests]</b></td><td>&nbsp;</td><td valign=\"top\">".implode(' &nbsp; ', $G).'</td>';
echo '</tr></table>';
}
function print_memberslist(){
global $A;
read_members();
array_multisort(array_map('strtolower', array_keys($A)), SORT_ASC, SORT_STRING, $A);
foreach($A as $member){
echo "<option value=\"$member[0]\" style=\"$member[2]\">$member[0]";
if($member[1]==0) echo ' (!)';
elseif($member[1]==2) echo ' (G)';
elseif($member[1]==5) echo ' (M)';
elseif($member[1]==6) echo ' (SM)';
elseif($member[1]==7) echo ' (A)';
elseif($member[1]==8) echo ' (SA)';
echo '</option>';
}
}
// session management
function create_session($setup){
global $C, $I, $U, $memcached, $mysqli;
$U['nickname']=cleanup_nick($_REQUEST['nick']);
$U['passhash']=md5(sha1(md5($U['nickname'].$_REQUEST['pass'])));
if(isSet($_REQUEST['colour'])) $U['colour']=$_REQUEST['colour'];
else $U['colour']=$C['coltxt'];
$U['status']=1;
check_member();
add_user_defaults();
if($setup) $U['incognito']=true;
if(get_setting('captcha')>0 && ($U['status']==1 || !$C['dismemcaptcha'])){
if(!isSet($_REQUEST['challenge'])) send_error($I['wrongcaptcha']);
if(!$C['memcached']){
$stmt=mysqli_prepare($mysqli, "SELECT `code` FROM `$C[prefix]captcha` WHERE `id`=?");
mysqli_stmt_bind_param($stmt, 'i', $_REQUEST['challenge']);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $code);
if(!mysqli_stmt_fetch($stmt)) send_error($I['captchaexpire']);
mysqli_stmt_close($stmt);
}else{
if(!$code=$memcached->get("$C[dbname]-$C[prefix]captcha-$_REQUEST[challenge]")) send_error($I['captchaexpire']);
$memcached->delete("$C[dbname]-$C[prefix]captcha-$_REQUEST[challenge]");
}
if($_REQUEST['captcha']!=$code) send_error($I['wrongcaptcha']);
$timeout=time()-get_setting('captchatime');
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]captcha` WHERE `id`=? OR `time`<?");
mysqli_stmt_bind_param($stmt, 'ii', $_REQUEST['challenge'], $timeout);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
if($U['status']==1){
if(!valid_nick($U['nickname'])) send_error(sprintf($I['invalnick'], $C['maxname']));
if(!valid_pass($_REQUEST['pass'])) send_error(sprintf($I['invalpass'], $C['minpass']));
if(get_setting('guestaccess')==0) send_error($I['noguests']);
if(get_setting('englobalpass')!=0 && isSet($_REQUEST['globalpass']) && $_REQUEST['globalpass']!=get_setting('globalpass')) send_error($I['wrongglobalpass']);
}
write_new_session();
}
function write_new_session(){
global $C, $I, $U, $mysqli;
// read and update current sessions
$lines=parse_sessions();
$sids; $inuse=false; $reentry=false;
foreach($lines as $temp){
$sids[$temp['session']]=true;// collect all existing ids
if($temp['nickname']==$U['nickname']){// nick already here?
if($U['passhash']==$temp['passhash']){
$U=$temp;
add_user_defaults();
setcookie($C['cookiename'], $U['session']);
$reentry=true;
break;
}else{
$inuse=true;
break;
}
}
}
// create new session:
if(!$inuse && !$reentry){
do{
$U['session']=md5(time().rand().$U['nickname']);
}while(isSet($sids[$U['session']]));// check for hash collision
if(isSet($_SERVER['HTTP_USER_AGENT'])) $useragent=htmlspecialchars($_SERVER['HTTP_USER_AGENT']);
else $useragent='';
$ip=$_SERVER['REMOTE_ADDR'];
$stmt=mysqli_prepare($mysqli, "INSERT INTO `$C[prefix]sessions` (`session`, `nickname`, `displayname`, `status`, `refresh`, `fontinfo`, `style`, `lastpost`, `passhash`, `postid`, `boxwidth`, `boxheight`, `useragent`, `bgcolour`, `notesboxwidth`, `notesboxheight`, `entry`, `timestamps`, `embed`, `incognito`, `ip`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
mysqli_stmt_bind_param($stmt, 'sssiissisiiissiiiiiis', $U['session'], $U['nickname'], $U['displayname'], $U['status'], $U['refresh'], $U['fontinfo'], $U['style'], $U['lastpost'], $U['passhash'], $U['postid'], $U['boxwidth'], $U['boxheight'], $useragent, $U['bgcolour'], $U['notesboxwidth'], $U['notesboxheight'], $U['entry'], $U['timestamps'], $U['embed'], $U['incognito'], $ip);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
setcookie($C['cookiename'], $U['session']);
if($U['status']>=3 && !$U['incognito']) add_system_message(sprintf(get_setting('msgenter'), $U['displayname']));
}elseif($inuse){
send_error($I['wrongpass']);
}elseif($U['status']==0){
setcookie($C['cookiename'], false);
send_error("$I[kicked]<br>$U[kickmessage]");
}
}
function approve_session(){
global $C, $mysqli;
if(isSet($_REQUEST['what'])){
if($_REQUEST['what']=='allowchecked' && isSet($_REQUEST['csid'])){
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `entry`='0' WHERE `nickname`=?");
foreach($_REQUEST['csid'] as $nick){
mysqli_stmt_bind_param($stmt, 's', $nick);
mysqli_stmt_execute($stmt);
}
mysqli_stmt_close($stmt);
}elseif($_REQUEST['what']=='allowall' && isSet($_REQUEST['alls'])){
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `entry`='0' WHERE `nickname`=?");
foreach($_REQUEST['alls'] as $nick){
mysqli_stmt_bind_param($stmt, 's', $nick);
mysqli_stmt_execute($stmt);
}
mysqli_stmt_close($stmt);
}elseif($_REQUEST['what']=='denychecked' && isSet($_REQUEST['csid'])){
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `lastpost`='".(60*(get_setting('kickpenalty')-get_setting('guestexpire'))+time())."', `status`='0', `kickmessage`=? WHERE `nickname`=? AND `status`='1'");
foreach($_REQUEST['csid'] as $nick){
mysqli_stmt_bind_param($stmt, 'ss', $_REQUEST['kickmessage'], $nick);
mysqli_stmt_execute($stmt);
}
mysqli_stmt_close($stmt);
}elseif($_REQUEST['what']=='denyall' && isSet($_REQUEST['alls'])){
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `lastpost`='".(60*(get_setting('kickpenalty')-get_setting('guestexpire'))+time())."', `status`='0', `kickmessage`=? WHERE `nickname`=? AND `status`='1'");
foreach($_REQUEST['alls'] as $nick){
mysqli_stmt_bind_param($stmt, 'ss', $_REQUEST['kickmessage'], $nick);
mysqli_stmt_execute($stmt);
}
mysqli_stmt_close($stmt);
}
}
}
function check_login(){
global $C, $I, $U, $mysqli;
$ga=get_setting('guestaccess');
if(isSet($_POST['session'])){
$stmt=mysqli_prepare($mysqli, "SELECT `session`, `nickname`, `displayname`, `status`, `refresh`, `fontinfo`, `style`, `lastpost`, `passhash`, `postid`, `boxwidth`, `boxheight`, `kickmessage`, `bgcolour`, `notesboxheight`, `notesboxwidth`, `entry`, `timestamps`, `embed`, `incognito` FROM `$C[prefix]sessions` WHERE `session`=?");
mysqli_stmt_bind_param($stmt, 's', $_POST['session']);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $U['session'], $U['nickname'], $U['displayname'], $U['status'], $U['refresh'], $U['fontinfo'], $U['style'], $U['lastpost'], $U['passhash'], $U['postid'], $U['boxwidth'], $U['boxheight'], $U['kickmessage'], $U['bgcolour'], $U['notesboxheight'], $U['notesboxwidth'], $U['entry'], $U['timestamps'], $U['embed'], $U['incognito']);
if(mysqli_stmt_fetch($stmt)){
mysqli_stmt_close($stmt);
if($U['status']==0){
setcookie($C['cookiename'], false);
send_error("$I[kicked]<br>$U[kickmessage]");
}else{
setcookie($C['cookiename'], $U['session']);
}
}else{
mysqli_stmt_close($stmt);
setcookie($C['cookiename'], false);
send_error($I['expire']);
}
}elseif(get_setting('englobalpass')==1 && (!isSet($_POST['globalpass']) || $_POST['globalpass']!=get_setting('globalpass'))){
send_error($I['wrongglobalpass']);
}elseif(!isSet($_REQUEST['nick']) || !isSet($_REQUEST['pass'])){
send_login();
}else{
create_session(false);
}
if($U['status']==1){
if($ga==2 || $ga==3){
$U['entry']=time();
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `entry`=? WHERE `session`=?");
mysqli_stmt_bind_param($stmt, 'is', $U['entry'], $U['session']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$_REQUEST['session']=$U['session'];
send_waiting_room();
}
}
}
function kill_session(){
global $C, $I, $U, $memcached, $mysqli;
parse_sessions();
setcookie($C['cookiename'], false);
if(!isSet($U['session'])) send_error($I['expire']);
if($U['status']==0) send_error("$I[kicked]<br>$U[kickmessage]");
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]sessions` WHERE `session`=?");
mysqli_stmt_bind_param($stmt, 's', $U['session']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($U['status']==1){
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]messages` SET `poster`='' WHERE `poster`=? AND `poststatus`='9'");
mysqli_stmt_bind_param($stmt, 's', $U['nickname']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]messages` SET `recipient`='' WHERE `recipient`=? AND `poststatus`='9'");
mysqli_stmt_bind_param($stmt, 's', $U['nickname']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]ignored` WHERE `ignored`=? OR `by`=?");
mysqli_stmt_bind_param($stmt, 'ss', $U['nickname'], $U['nickname']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]ignored");
}
elseif($U['status']>=3 && !$U['incognito']) add_system_message(sprintf(get_setting('msgexit'), $U['displayname']));
}
function kick_chatter($names, $mes, $purge){
global $C, $P, $U, $mysqli;
$lonick='';
$lines=parse_sessions();
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `lastpost`='".(60*(get_setting('kickpenalty')-get_setting('guestexpire'))+time())."', `status`='0', `kickmessage`=? WHERE `session`=? AND `status`!='0'");
$i=0;
foreach($names as $name){
foreach($lines as $temp){
if(($temp['nickname']==$U['nickname'] && $U['nickname']==$name) || ($U['status']>$temp['status'] && (($temp['nickname']==$name && $temp['status']>0) || ($name=='&' && $temp['status']==1)))){
mysqli_stmt_bind_param($stmt, 'ss', $mes, $temp['session']);
mysqli_stmt_execute($stmt);
if($purge) del_all_messages($temp['nickname'], 10);
$lonick.="$temp[displayname], ";
++$i;
unset($P[$name]);
}
}
}
mysqli_stmt_close($stmt);
if(!empty($lonick)){
if($names[0]=='&'){
add_system_message(get_setting('msgallkick'));
}else{
$lonick=preg_replace('/\,\s$/','',$lonick);
if($i>1){
add_system_message(sprintf(get_setting('msgmultikick'), $lonick));
}else{
add_system_message(sprintf(get_setting('msgkick'), $lonick));
}
}
}
if(!empty($lonick)) return true;
return false;
}
function logout_chatter($names){
global $C, $P, $U, $memcached, $mysqli;
$lines=parse_sessions();
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]sessions` WHERE `session`=? AND `status`<? AND `status`!='0'");
$stmt1=mysqli_prepare($mysqli, "UPDATE `$C[prefix]messages` SET `poster`='' WHERE `poster`=? AND `poststatus`='9'");
$stmt2=mysqli_prepare($mysqli, "UPDATE `$C[prefix]messages` SET `recipient`='' WHERE `recipient`=? AND `poststatus`='9'");
$stmt3=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]ignored` WHERE `ignored`=? OR `by`=?");
foreach($names as $name){
foreach($lines as $temp){
if($temp['nickname']==$name || ($name=='&' && $temp['status']==1)){
mysqli_stmt_bind_param($stmt, 'si', $temp['session'], $U['status']);
mysqli_stmt_execute($stmt);
if($temp['status']==1){
mysqli_stmt_bind_param($stmt1, 's', $temp['nickname']);
mysqli_stmt_bind_param($stmt2, 's', $temp['nickname']);
mysqli_stmt_bind_param($stmt3, 'ss', $temp['nickname'], $temp['nickname']);
mysqli_stmt_execute($stmt1);
mysqli_stmt_execute($stmt2);
mysqli_stmt_execute($stmt3);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]ignored");
}
unset($P[$name]);
}
}
}
mysqli_stmt_close($stmt);
mysqli_stmt_close($stmt1);
mysqli_stmt_close($stmt2);
mysqli_stmt_close($stmt3);
}
function update_session(){
global $C, $U, $mysqli;
if($U['postid']==$_REQUEST['postid']){// ignore double post=reload from browser or proxy
$_REQUEST['message']='';
}elseif(time()-$U['lastpost']<=1){// time between posts too short, reject!
$U['rejected']=$_REQUEST['message'];
$_REQUEST['message']='';
}else{// valid post
$U['postid']=substr($_REQUEST['postid'], 0, 6);
$U['lastpost']=time();
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `lastpost`=?, `postid`=? WHERE `session`=?");
mysqli_stmt_bind_param($stmt, 'iis', $U['lastpost'], $U['postid'], $U['session']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
}
function check_session(){
global $C, $I, $U;
parse_sessions();
if(!isSet($U['session'])){
setcookie($C['cookiename'], false);
send_error($I['expire']);
}
if($U['status']==0){
setcookie($C['cookiename'], false);
send_error("$I[kicked]<br>$U[kickmessage]");
}
}
function get_nowchatting(){
global $G, $I, $M, $P;
parse_sessions();
echo sprintf($I['curchat'], count($P)).'<br>'.implode(' &nbsp; ', $M).' &nbsp; '.implode(' &nbsp; ', $G);
}
function parse_sessions(){
global $C, $G, $M, $P, $U, $countmods, $memcached, $mysqli;
$result=mysqli_query($mysqli, "SELECT `nickname`, `status`, `session` FROM `$C[prefix]sessions` WHERE (`lastpost`<'".(time()-60*get_setting('guestexpire'))."' AND `status`<='2') OR (`lastpost`<'".(time()-60*get_setting('memberexpire'))."' AND `status`>'2')");
if(mysqli_num_rows($result)>0){
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]sessions` WHERE `nickname`=?");
$stmt1=mysqli_prepare($mysqli, "UPDATE `$C[prefix]messages` SET `poster`='' WHERE `poster`=? AND `poststatus`='9'");
$stmt2=mysqli_prepare($mysqli, "UPDATE `$C[prefix]messages` SET `recipient`='' WHERE `recipient`=? AND `poststatus`='9'");
$stmt3=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]ignored` WHERE `ignored`=? OR `by`=?");
while($temp=mysqli_fetch_array($result, MYSQLI_ASSOC)){
mysqli_stmt_bind_param($stmt, 's', $temp['nickname']);
mysqli_stmt_execute($stmt);
if($temp['status']<=1){
mysqli_stmt_bind_param($stmt1, 's', $temp['nickname']);
mysqli_stmt_bind_param($stmt2, 's', $temp['nickname']);
mysqli_stmt_bind_param($stmt3, 'ss', $temp['nickname'], $temp['nickname']);
mysqli_stmt_execute($stmt1);
mysqli_stmt_execute($stmt2);
mysqli_stmt_execute($stmt3);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]ignored");
}
}
mysqli_stmt_close($stmt);
mysqli_stmt_close($stmt1);
mysqli_stmt_close($stmt2);
mysqli_stmt_close($stmt3);
}
$lines=array();
$result=mysqli_query($mysqli, "SELECT * FROM `$C[prefix]sessions` ORDER BY `status` DESC, `lastpost` DESC");
while($line=mysqli_fetch_array($result, MYSQLI_ASSOC)) $lines[]=$line;
if(isSet($_REQUEST['session'])){
foreach($lines as $temp){
if($temp['session']==$_REQUEST['session']){
$U=$temp;
add_user_defaults();
break;
}
}
}
$countmods=0;
$G=array();
$M=array();
$P=array();
foreach($lines as $temp){
if($temp['entry']==0){
if($temp['status']==1 || $temp['status']==2){
$P[$temp['nickname']]=[$temp['nickname'], $temp['status'], $temp['style']];
$G[]=$temp['displayname'];
}elseif($temp['status']>2){
if(!$temp['incognito']){
$P[$temp['nickname']]=[$temp['nickname'], $temp['status'], $temp['style']];
$M[]=$temp['displayname'];
}
if($temp['status']>=5) ++$countmods;
}
}
}
return $lines;
}
// member handling
function check_member(){
global $C, $I, $U, $mysqli;
$stmt=mysqli_prepare($mysqli, "SELECT `nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `fontface`, `fonttags`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `lastlogin`, `timestamps`, `embed`, `incognito` FROM `$C[prefix]members` WHERE `nickname`=?");
mysqli_stmt_bind_param($stmt, 's', $U['nickname']);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $temp['nickname'], $temp['passhash'], $temp['status'], $temp['refresh'], $temp['colour'], $temp['bgcolour'], $temp['fontface'], $temp['fonttags'], $temp['boxwidth'], $temp['boxheight'], $temp['notesboxwidth'], $temp['notesboxheight'], $temp['lastlogin'], $temp['timestamps'], $temp['embed'], $temp['incognito']);
if(mysqli_stmt_fetch($stmt)){
if($temp['passhash']==$U['passhash']){
mysqli_stmt_close($stmt);
$U=$temp;
$time=time();
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]members` SET `lastlogin`=? WHERE `nickname`=?");
mysqli_stmt_bind_param($stmt, 'is', $time, $U['nickname']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}else{
mysqli_stmt_close($stmt);
send_error($I['wrongpass']);
}
}
}
function read_members(){
global $A, $C, $F, $memcached, $mysqli;
if($C['memcached']) $A=$memcached->get("$C[dbname]-$C[prefix]members");
if(!$C['memcached'] || $memcached->getResultCode()!=Memcached::RES_SUCCESS){
$result=mysqli_query($mysqli, "SELECT * FROM `$C[prefix]members`");
while($temp=mysqli_fetch_array($result, MYSQLI_ASSOC)){
$A[$temp['nickname']][0]=$temp['nickname'];
$A[$temp['nickname']][1]=$temp['status'];
$A[$temp['nickname']][2]=@get_style("#$temp[colour] {$F[$temp['fontface']]} <$temp[fonttags]>");
}
if($C['memcached']) $memcached->set("$C[dbname]-$C[prefix]members", $A);
}
}
function register_guest($status){
global $A, $C, $I, $P, $U, $memcached, $mysqli;
if(empty($_REQUEST['name'])) send_admin();
if(!isSet($P[$_REQUEST['name']])) send_admin(sprintf($I['cantreg'], $_REQUEST['name']));
read_members();
if(isSet($A[$_REQUEST['name']])) send_admin(sprintf($I['alreadyreged'], $_REQUEST['name']));
$stmt=mysqli_prepare($mysqli, "SELECT `session`, `nickname`, `displayname`, `passhash`, `refresh`, `fontinfo`, `bgcolour`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `timestamps`, `embed`, `incognito` FROM `$C[prefix]sessions` WHERE `nickname`=? AND `status`='1'");
mysqli_stmt_bind_param($stmt, 's', $_REQUEST['name']);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $reg['session'], $reg['nickname'], $reg['displayname'], $reg['passhash'], $reg['refresh'], $reg['fontinfo'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $reg['timestamps'], $reg['embed'], $reg['incognito']);
if(mysqli_stmt_fetch($stmt)){
mysqli_stmt_close($stmt);
$reg['status']=$status;
if(preg_match('/#([a-f0-9]{6})/i', $reg['fontinfo'], $match)) $reg['colour']=$match[1];
else $reg['colour']=$C['coltxt'];
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `status`=? WHERE `session`=?");
mysqli_stmt_bind_param($stmt, 'is', $reg['status'], $reg['session']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}else{
mysqli_stmt_close($stmt);
send_admin(sprintf($I['cantreg'], $_REQUEST['name']));
}
$stmt=mysqli_prepare($mysqli, "INSERT INTO `$C[prefix]members` (`nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `regedby`, `timestamps`, `embed`, `incognito`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
mysqli_stmt_bind_param($stmt, 'ssiissiiiisiii', $reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['colour'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $U['nickname'], $reg['timestamps'], $reg['embed'], $reg['incognito']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]members");
if($reg['status']==3) add_system_message(sprintf(get_setting('msgmemreg'), $reg['displayname']));
else add_system_message(sprintf(get_setting('msgsureg'), $reg['displayname']));
}
function register_new(){
global $A, $C, $I, $P, $U, $memcached, $mysqli;
$_REQUEST['name']=cleanup_nick($_REQUEST['name']);
if(empty($_REQUEST['name'])) send_admin();
if(isSet($P[$_REQUEST['name']])) send_admin(sprintf($I['cantreg'], $_REQUEST['name']));
if(!valid_nick($_REQUEST['name'])) send_admin(sprintf($I['invalnick'], $C['maxname']));
if(!valid_pass($_REQUEST['pass'])) send_admin(sprintf($I['invalpass'], $C['minpass']));
read_members();
if(isSet($A[$_REQUEST['name']])) send_admin(sprintf($I['alreadyreged'], $_REQUEST['name']));
$reg=array(
'nickname' =>$_REQUEST['name'],
'passhash' =>md5(sha1(md5($_REQUEST['name'].$_REQUEST['pass']))),
'status' =>3,
'refresh' =>$C['defaultrefresh'],
'colour' =>$C['coltxt'],
'bgcolour' =>$C['colbg'],
'boxwidth' =>40,
'boxheight' =>3,
'notesboxwidth' =>80,
'notesboxheight'=>30,
'regedby' =>$U['nickname'],
'timestamps' =>$C['timestamps'],
'embed' =>$C['embed'],
'incognito' =>false
);
$stmt=mysqli_prepare($mysqli, "INSERT INTO `$C[prefix]members` (`nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `boxwidth`, `boxheight`,`notesboxwidth`, `notesboxheight`, `regedby`, `timestamps`, `embed`, `incognito`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
mysqli_stmt_bind_param($stmt, 'ssiissiiiisiii', $reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['colour'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $reg['regedby'], $reg['timestamps'], $reg['embed'], $reg['incognito']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]members");
send_admin(sprintf($I['successreg'], $reg['nickname']));
}
function change_status(){
global $C, $I, $U, $memcached, $mysqli;
if(empty($_REQUEST['name'])) send_admin();
if($U['status']<=$_REQUEST['set'] || !preg_match('/^[023567\-]$/', $_REQUEST['set'])) send_admin(sprintf($I['cantchgstat'], $_REQUEST['name']));
$stmt=mysqli_prepare($mysqli, "SELECT * FROM `$C[prefix]members` WHERE `nickname`=? AND `status`<?");
mysqli_stmt_bind_param($stmt, 'si', $_REQUEST['name'], $U['status']);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
if(mysqli_stmt_num_rows($stmt)>0){
mysqli_stmt_free_result($stmt);
mysqli_stmt_close($stmt);
if($_REQUEST['set']=='-'){
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]members` WHERE `nickname`=?");
mysqli_stmt_bind_param($stmt, 's', $_REQUEST['name']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `status`='1' WHERE `nickname`=?");
mysqli_stmt_bind_param($stmt, 's', $_REQUEST['name']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]members");
send_admin(sprintf($I['succdel'], $_REQUEST['name']));
}else{
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]members` SET `status`=? WHERE `nickname`=?");
mysqli_stmt_bind_param($stmt, 'is', $_REQUEST['set'], $_REQUEST['name']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `status`=? WHERE `nickname`=?");
mysqli_stmt_bind_param($stmt, 'is', $_REQUEST['set'], $_REQUEST['name']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]members");
send_admin(sprintf($I['succchg'], $_REQUEST['name']));
}
}else{
send_admin(sprintf($I['cantchgstat'], $_REQUEST['name']));
mysqli_stmt_free_result($stmt);
mysqli_stmt_close($stmt);
}
}
function amend_profile(){
global $C, $F, $U;
if(isSet($_REQUEST['refresh'])) $U['refresh']=$_REQUEST['refresh'];
else $U['refresh']=$C['defaultrefresh'];
if($U['refresh']<5) $U['refresh']=5;
elseif($U['refresh']>150) $U['refresh']=150;
if(preg_match('/^[a-f0-9]{6}$/i', $_REQUEST['colour'])) $U['colour']=$_REQUEST['colour'];
else $U['colour']=$C['coltxt'];
if(preg_match('/^[a-f0-9]{6}$/i', $_REQUEST['bgcolour'])) $U['bgcolour']=$_REQUEST['bgcolour'];
else $U['bgcolour']=$C['colbg'];
$U['fonttags']='';
if($U['status']>=3 && isSet($_REQUEST['bold'])) $U['fonttags'].='b';
if($U['status']>=3 && isSet($_REQUEST['italic'])) $U['fonttags'].='i';
if($U['status']>=3 && isSet($F[$_REQUEST['font']])) $U['fontface']=$_REQUEST['font'];
@$U['fontinfo']="#$U[colour] {$F[$U['fontface']]} <$U[fonttags]>";
if(!isSet($U['fontinfo'])) $U['fontinfo']='';
$U['style']=get_style($U['fontinfo']);
$U['displayname']=style_this($U['nickname'], $U['fontinfo']);
if($_REQUEST['boxwidth']>0) $U['boxwidth']=$_REQUEST['boxwidth'];
if($_REQUEST['boxheight']>0) $U['boxheight']=$_REQUEST['boxheight'];
if(isSet($_REQUEST['notesboxwidth']) && $_REQUEST['notesboxwidth']>0) $U['notesboxwidth']=$_REQUEST['notesboxwidth'];
if(isSet($_REQUEST['notesboxheight']) && $_REQUEST['notesboxheight']>0) $U['notesboxheight']=$_REQUEST['notesboxheight'];
if(isSet($_REQUEST['timestamps'])) $U['timestamps']=true;
else $U['timestamps']=false;
if(isSet($_REQUEST['embed'])) $U['embed']=true;
else $U['embed']=false;
if($U['status']>=5 && isSet($_REQUEST['incognito']) && $C['incognito']) $U['incognito']=true;
else $U['incognito']=false;
if($U['boxwidth']>=1000) $U['boxwidth']=40;
if($U['boxheight']>=1000) $U['boxheight']=3;
if($U['notesboxwidth']>=1000) $U['notesboxwidth']=80;
if($U['notesboxheight']>=1000) $U['notesboxheight']=30;
}
function save_profile(){
global $C, $I, $U, $memcached, $mysqli;
if(!isSet($_REQUEST['oldpass'])) $_REQUEST['oldpass']='';
if(!isSet($_REQUEST['newpass'])) $_REQUEST['newpass']='';
if(!isSet($_REQUEST['confirmpass'])) $_REQUEST['confirmpass']='';
if($_REQUEST['newpass']!==$_REQUEST['confirmpass']){
send_profile($I['noconfirm']);
}elseif(!empty($_REQUEST['newpass'])){
$U['oldhash']=md5(sha1(md5($U['nickname'].$_REQUEST['oldpass'])));
$U['newhash']=md5(sha1(md5($U['nickname'].$_REQUEST['newpass'])));
}else{
$U['oldhash']=$U['newhash']=$U['passhash'];
}
if($U['passhash']!==$U['oldhash']) send_profile($I['wrongpass']);
$U['passhash']=$U['newhash'];
amend_profile();
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]sessions` SET `refresh`=?, `displayname`=?, `fontinfo`=?, `style`=?, `passhash`=?, `boxwidth`=?, `boxheight`=?, `bgcolour`=?, `notesboxwidth`=?, `notesboxheight`=?, `timestamps`=?, `embed`=?, `incognito`=? WHERE `session`=?");
mysqli_stmt_bind_param($stmt, 'issssiisiiiiis', $U['refresh'], $U['displayname'], $U['fontinfo'], $U['style'], $U['passhash'], $U['boxwidth'], $U['boxheight'], $U['bgcolour'], $U['notesboxwidth'], $U['notesboxheight'], $U['timestamps'], $U['embed'], $U['incognito'], $U['session']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($U['status']>=2){
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]members` SET `passhash`=?, `refresh`=?, `colour`=?, `bgcolour`=?, `fontface`=?, `fonttags`=?, `boxwidth`=?, `boxheight`=?, `notesboxwidth`=?, `notesboxheight`=?, `timestamps`=?, `embed`=?, `incognito`=? WHERE `nickname`=?");
mysqli_stmt_bind_param($stmt, 'sissssiiiiiiis', $U['passhash'], $U['refresh'], $U['colour'], $U['bgcolour'], $U['fontface'], $U['fonttags'], $U['boxwidth'], $U['boxheight'], $U['notesboxwidth'], $U['notesboxheight'], $U['timestamps'], $U['embed'], $U['incognito'], $U['nickname']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]members");
}
if(!empty($_REQUEST['unignore'])){
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]ignored` WHERE `ignored`=? AND `by`=?");
mysqli_stmt_bind_param($stmt, 'ss', $_REQUEST['unignore'], $U['nickname']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]ignored");
}
if(!empty($_REQUEST['ignore'])){
$stmt=mysqli_prepare($mysqli, "INSERT INTO `$C[prefix]ignored` (`ignored`,`by`) VALUES (?, ?)");
mysqli_stmt_bind_param($stmt, 'ss', $_REQUEST['ignore'], $U['nickname']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->delete("$C[dbname]-$C[prefix]ignored");
}
send_profile($I['succprofile']);
}
function add_user_defaults(){
global $C, $F, $H, $U;
if(!isSet($U['refresh'])) $U['refresh']=$C['defaultrefresh'];
if($U['refresh']<5) $U['refresh']=5;
elseif($U['refresh']>150) $U['refresh']=150;
if(!isSet($U['fontinfo'])){
if(!preg_match('/^[a-f0-9]{6}$/i', $U['colour'])){
$U['colour']=$C['coltxt'];
do{
$U['colour']=sprintf('%02X', rand(0, 256)).sprintf('%02X', rand(0, 256)).sprintf('%02X', rand(0, 256));
}while(abs(greyval($U['colour'])-greyval($C['colbg']))<75);
}
$U['fontinfo']="#$U[colour]";
@$U['fontinfo'].=" {$F[$U['fontface']]} <$U[fonttags]>";
}
if(!isSet($U['bgcolour'])) $U['bgcolour']=$C['colbg'];
$H['begin_body']="body style=\"background-color:#$U[bgcolour];\"";
if(!isSet($U['colour'])){
preg_match('/([0-9a-f]{6})/i', $U['fontinfo'], $matches);
$U['colour']=$matches[0];
}
if(!isSet($U['style'])) $U['style']=get_style($U['fontinfo']);
if(!isSet($U['boxwidth'])) $U['boxwidth']=40;
if(!isSet($U['boxheight'])) $U['boxheight']=3;
if(!isSet($U['notesboxwidth'])) $U['notesboxwidth']=80;
if(!isSet($U['notesboxheight'])) $U['notesboxheight']=30;
if(!isSet($U['timestamps'])) $U['timestamps']=$C['timestamps'];
if(!isSet($U['embed'])) $U['embed']=$C['embed'];
if(!isSet($U['incognito'])) $U['incognito']=false;
if(!isSet($U['lastpost'])) $U['lastpost']=time();
if(!isSet($U['entry'])) $U['entry']=0;
if(!isSet($U['postid'])) $U['postid']='OOOOOO';
if(!isSet($U['displayname'])) $U['displayname']=style_this($U['nickname'], $U['fontinfo']);
}
// message handling
function validate_input(){
global $P, $U;
$maxmessage=get_setting('maxmessage');
$U['message']=substr($_REQUEST['message'], 0, $maxmessage);
$U['rejected']=substr($_REQUEST['message'], $maxmessage);
if(preg_match('/&[^;]{0,8}$/', $U['message']) && preg_match('/^([^;]{0,8};)/', $U['rejected'], $match)){
$U['message'].=$match[0];
$U['rejected']=preg_replace("/^$match[0]", '', $U['rejected']);
}
if($U['rejected']){
$U['rejected']=trim($U['rejected']);
$U['rejected']=htmlspecialchars($U['rejected']);
}
$U['message']=htmlspecialchars($U['message']);
$U['message']=preg_replace("/\r\n/", '<br>', $U['message']);
$U['message']=preg_replace("/\n/", '<br>', $U['message']);
$U['message']=preg_replace("/\r/", '<br>', $U['message']);
if(isSet($_REQUEST['multi']) && $_REQUEST['multi']=='on'){
$U['message']=preg_replace('/<br>(<br>)+/', '<br><br>', $U['message']);
$U['message']=preg_replace('/<br><br>$/', '<br>', $U['message']);
}else{
$U['message']=preg_replace('/<br>/', ' ', $U['message']);
}
$U['message']=trim($U['message']);
$U['message']=preg_replace('/\s+/', ' ', $U['message']);
$U['delstatus']=$U['status'];
$U['recipient']='';
if($_REQUEST['sendto']=='*'){
$U['poststatus']='1';
$U['displaysend']="$U[displayname] - ";
}elseif($_REQUEST['sendto']=='?' && $U['status']>=3){
$U['poststatus']='3';
$U['displaysend']="[M] $U[displayname] - ";
}elseif($_REQUEST['sendto']=='#' && $U['status']>=5){
$U['poststatus']='5';
$U['displaysend']="[Staff] $U[displayname] - ";
}elseif($_REQUEST['sendto']=='&' && $U['status']>=6){
$U['poststatus']='6';
$U['displaysend']="[Admin] $U[displayname] - ";
}else{// known nick in room?
$ignored=get_ignored();
$ignore=false;
foreach($ignored as $ign){
if($ign['by']==$U['nickname'] && $ign['ignored']==$_REQUEST['sendto'] || ($ign['by']==$_REQUEST['sendto'] && $ign['ignored']==$U['nickname'])){
$ignore=true;
break;
}
}
if(!$ignore){
foreach($P as $chatter){
if($_REQUEST['sendto']==$chatter[0]){
$U['recipient']=$chatter[0];
$U['displayrecp']=style_this($chatter[0], $chatter[2]);
break;
}
}
}
if(!empty($U['recipient'])){
$U['poststatus']='9';
$U['delstatus']='9';
$U['displaysend']="[$U[displayname] to $U[displayrecp]] - ";
}else{// nick left already or ignores us
$U['message']='';
$U['rejected']='';
}
}
if(isSet($U['poststatus'])){
apply_filter();
create_hotlinks();
if(add_message()) update_session();
}
}
function apply_filter(){
global $C, $I, $U, $memcached, $mysqli;
if($U['poststatus']!=9 && preg_match('~^/me~i', $U['message'])){
$U['displaysend']=substr($U['displaysend'], 0, -3);
$U['message']=preg_replace("~^/me~i", '', $U['message']);
}
$U['message']=preg_replace_callback("/\@([a-z0-9]{1,$C[maxname]})/i", function ($matched){ global $P; if(isSet($P[$matched[1]])) return style_this($matched[0], $P[$matched[1]][2]); else return "$matched[0]";}, $U['message']);
if($C['memcached']) $filters=$memcached->get("$C[dbname]-$C[prefix]filter");
if(!$C['memcached'] || $memcached->getResultCode()!=Memcached::RES_SUCCESS){
$filters=array();
$result=mysqli_query($mysqli, "SELECT * FROM `$C[prefix]filter`");
while($filter=mysqli_fetch_array($result, MYSQLI_ASSOC)) $filters[]=$filter;
if($C['memcached']) $memcached->set("$C[dbname]-$C[prefix]filter", $filters);
}
foreach($filters as $filter){
if($U['poststatus']!=9) $U['message']=preg_replace("/$filter[match]/i", $filter['replace'], $U['message'], -1, $count);
elseif(!$filter['allowinpm']) $U['message']=preg_replace("/$filter[match]/i", $filter['replace'], $U['message'], -1, $count);
if($count>0 && $filter['kick']){
kick_chatter(array($U['nickname']), '', false);
send_error("$I[kicked]");
}
}
}
function create_hotlinks(){
global $C, $U;
//Make hotlinks for URLs, redirect through dereferrer script to prevent session leakage
// 1. all explicit schemes with whatever xxx://yyyyyyy
$U['message']=preg_replace('~(\w*://[^\s<>]+)~i', "<<$1>>", $U['message']);
// 2. valid URLs without scheme:
$U['message']=preg_replace('~((?:[^\s<>]*:[^\s<>]*@)?[a-z0-9\-]+(?:\.[a-z0-9\-]+)+(?::\d*)?/[^\s<>]*)(?![^<>]*>)~i', "<<$1>>", $U['message']); // server/path given
$U['message']=preg_replace('~((?:[^\s<>]*:[^\s<>]*@)?[a-z0-9\-]+(?:\.[a-z0-9\-]+)+:\d+)(?![^<>]*>)~i', "<<$1>>", $U['message']); // server:port given
$U['message']=preg_replace('~([^\s<>]*:[^\s<>]*@[a-z0-9\-]+(?:\.[a-z0-9\-]+)+(?::\d+)?)(?![^<>]*>)~i', "<<$1>>", $U['message']); // au:th@server given
// 3. likely servers without any hints but not filenames like *.rar zip exe etc.
$U['message']=preg_replace('~((?:[a-z0-9\-]+\.)*[a-z2-7]{16}\.onion)(?![^<>]*>)~i', "<<$1>>", $U['message']);// *.onion
$U['message']=preg_replace('~([a-z0-9\-]+(?:\.[a-z0-9\-]+)+(?:\.(?!rar|zip|exe|gz|7z|bat|doc)[a-z]{2,}))(?=[^a-z0-9\-\.]|$)(?![^<>]*>)~i', "<<$1>>", $U['message']);// xxx.yyy.zzz
// Convert every <<....>> into proper links:
$U['message']=preg_replace_callback('/<<([^<>]+)>>/', function ($matches){if(strpos($matches[1], '://')==false){ return "<a href=\"http://$matches[1]\" target=\"_blank\">$matches[1]</a>";}else{ return "<a href=\"$matches[1]\" target=\"_blank\">$matches[1]</a>"; }}, $U['message']);
if($C['imgembed']) $U['message']=preg_replace_callback('/\[img\]\s?<a href="(.*?(?="))" target="_blank">(.*?(?=<\/a>))<\/a>/i', function ($matched){ return str_ireplace('[/img]', '', "<br><a href=\"$matched[1]\" target=\"_blank\"><img src=\"$matched[1]\"></a><br>");}, $U['message']);
if($C['forceredirect']) $U['message']=preg_replace_callback('/<a href="(.*?(?="))" target="_blank">(.*?(?=<\/a>))<\/a>/', function ($matched){ global $C; return "<a href=\"$C[redirect]".urlencode($matched[1])."\" target=\"_blank\">$matched[2]</a>";}, $U['message']);
elseif(preg_match_all('/<a href="(.*?(?="))" target="_blank">(.*?(?=<\/a>))<\/a>/', $U['message'], $matches)){
foreach($matches[1] as $match){
if(!preg_match('~^http(s)?://~', $match)){
$U['message']=preg_replace_callback('/<a href="(.*?(?="))" target="_blank">(.*?(?=<\/a>))<\/a>/', function ($matched){ global $C; return "<a href=\"$C[redirect]".urlencode($matched[1])."\" target=\"_blank\">$matched[2]</a>";}, $U['message']);
break;
}
}
}
}
function add_message(){
global $U;
if(empty($U['message'])) return false;
$newmessage=array(
'postdate' =>time(),
'poststatus' =>$U['poststatus'],
'poster' =>$U['nickname'],
'recipient' =>$U['recipient'],
'text' =>$U['displaysend'].style_this($U['message'], $U['fontinfo']),
'delstatus' =>$U['delstatus']
);
write_message($newmessage);
return true;
}
function add_system_message($mes){
if(empty($mes)) return;
$sysmessage=array(
'postdate' =>time(),
'poststatus' =>1,
'poster' =>'',
'recipient' =>'',
'text' =>$mes,
'delstatus' =>9
);
write_message($sysmessage);
}
function write_message($message){
global $C, $mysqli;
if($C['msgencrypted']) $message['text']=openssl_encrypt($message['text'], 'aes-256-cbc', $C['encryptkey'], 0, '1234567890123456');
$stmt=mysqli_prepare($mysqli, "INSERT INTO `$C[prefix]messages` (`postdate`, `poststatus`, `poster`, `recipient`, `text`, `delstatus`) VALUES (?, ?, ?, ?, ?, ?)");
mysqli_stmt_bind_param($stmt, 'iisssi', $message['postdate'], $message['poststatus'], $message['poster'], $message['recipient'], $message['text'], $message['delstatus']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$limit=$C['keeplimit']*get_setting('messagelimit');
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]messages` WHERE `id` NOT IN (SELECT `id` FROM (SELECT `id` FROM `$C[prefix]messages` ORDER BY `id` DESC LIMIT ?) t )");
mysqli_stmt_bind_param($stmt, 'i', $limit);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['sendmail'] && $message['poststatus']<9){
$subject='New Chat message';
$headers="From: $C[mailsender]\r\nX-Mailer: PHP/".phpversion()."\r\nContent-Type: text/html; charset=UTF-8\r\n";
$body="<html><body stlye=\"background-color:#$C[colbg];color:#$C[coltxt];\">$message[text]</body></html>";
mail($C['mailreceiver'], $subject, $body, $headers);
}
}
function clean_room(){
global $C, $mysqli;
mysqli_query($mysqli, "DELETE FROM `$C[prefix]messages`");
$msg=get_setting('msgclean');
if(empty($msg)) return;
$sysmessage=array(
'postdate' =>time(),
'poster' =>'',
'recipient' =>'',
'poststatus' =>1,
'text' =>sprintf($msg, $C['chatname']),
'delstatus' =>9
);
write_message($sysmessage);
}
function clean_selected(){
global $C, $mysqli;
if(isSet($_REQUEST['mid'])){
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]messages` WHERE `id`=?");
foreach($_REQUEST['mid'] as $mid){
mysqli_stmt_bind_param($stmt, 'i', $mid);
mysqli_stmt_execute($stmt);
}
mysqli_stmt_close($stmt);
}
}
function del_all_messages($nick, $status){
global $C, $mysqli;
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]messages` WHERE `poster`=? AND `delstatus`<?");
mysqli_stmt_bind_param($stmt, 'si', $nick, $status);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
function del_last_message(){
global $C, $U, $mysqli;
$stmt=mysqli_prepare($mysqli, "DELETE FROM `$C[prefix]messages` WHERE `poster`=? ORDER BY `id` DESC LIMIT 1");
mysqli_stmt_bind_param($stmt, 's', $U['nickname']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
function print_messages($delstatus=''){
global $C, $U, $mysqli;
$dateformat=get_setting('dateformat');
$messagelimit=get_setting('messagelimit');
if(!isSet($_COOKIE[$C['cookiename']]) && !$C['forceredirect']) $injectRedirect=true; else $injectRedirect=false;
if($C['imgembed'] && (!$U['embed'] || !isSet($_COOKIE[$C['cookiename']]))) $removeEmbed=true; else $removeEmbed=false;
mysqli_query($mysqli, "DELETE FROM `$C[prefix]messages` WHERE `postdate`<='".(time()-60*get_setting('messageexpire'))."'");
if(!empty($delstatus)){
$stmt=mysqli_prepare($mysqli, "SELECT `postdate`, `id`, `text` FROM `$C[prefix]messages` WHERE ".
"`id` IN (SELECT * FROM (SELECT `id` FROM `$C[prefix]messages` WHERE `poststatus`='1' ORDER BY `id` DESC LIMIT ?) AS t) ".
"OR (`poststatus`>'1' AND (`poststatus`<? OR `poster`=? OR `recipient`=?) ) ORDER BY `id` DESC");
mysqli_stmt_bind_param($stmt, 'iiss', $messagelimit, $U['status'], $U['nickname'], $U['nickname']);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $message['postdate'], $message['id'], $message['text']);
while(mysqli_stmt_fetch($stmt)){
if($C['msgencrypted']) $message['text']=openssl_decrypt($message['text'], 'aes-256-cbc', $C['encryptkey'], 0, '1234567890123456');
if($injectRedirect){
$message['text']=preg_replace_callback('/<a href="(.*?(?="))" target="_blank">(.*?(?=<\/a>))<\/a>/', function ($matched){ global $C; return "<a href=\"$C[redirect]".urlencode($matched[1])."\" target=\"_blank\">$matched[2]</a>";}, $message['text']);
}
if($removeEmbed){
$message['text']=preg_replace_callback('/<img src="(.*?(?="))">/', function ($matched){ return $matched[1];}, $message['text']);
}
echo "<input type=\"checkbox\" name=\"mid[]\" id=\"$message[id]\" value=\"$message[id]\"><label for=\"$message[id]\">";
if($U['timestamps'] && !empty($dateformat)) echo ' <small>'.date($dateformat, $message['postdate']).' - </small>';
echo " $message[text]</label><br>";
}
}else{
$stmt=mysqli_prepare($mysqli, "SELECT `postdate`, `text` FROM `$C[prefix]messages` WHERE (".
"`id` IN (SELECT * FROM (SELECT `id` FROM `$C[prefix]messages` WHERE `poststatus`='1' ORDER BY `id` DESC LIMIT ?) AS t) ".
"OR (`poststatus`>'1' AND `poststatus`<=?) ".
"OR (`poststatus`='9' AND ( (`poster`=? AND `recipient` NOT IN (SELECT `ignored` FROM `$C[prefix]ignored` WHERE `by`=?) ) OR `recipient`=?) )".
") AND `poster` NOT IN (SELECT `ignored` FROM `$C[prefix]ignored` WHERE `by`=?) ORDER BY `id` DESC");
mysqli_stmt_bind_param($stmt, 'iissss', $messagelimit, $U['status'], $U['nickname'], $U['nickname'], $U['nickname'], $U['nickname']);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $message['postdate'], $message['text']);
while(mysqli_stmt_fetch($stmt)){
if($C['msgencrypted']) $message['text']=openssl_decrypt($message['text'], 'aes-256-cbc', $C['encryptkey'], 0, '1234567890123456');
if($injectRedirect){
$message['text']=preg_replace_callback('/<a href="(.*?(?="))" target="_blank">(.*?(?=<\/a>))<\/a>/', function ($matched){ global $C; return "<a href=\"$C[redirect]".urlencode($matched[1])."\" target=\"_blank\">$matched[2]</a>";}, $message['text']);
}
if($removeEmbed){
$message['text']=preg_replace_callback('/<img src="(.*?(?="))">/', function ($matched){ return $matched[1];}, $message['text']);
}
if($U['timestamps']) echo '<small>'.date($dateformat, $message['postdate']).' - </small>';
echo "$message[text]<br>";
}
}
mysqli_stmt_close($stmt);
}
// this and that
function get_ignored(){
global $C, $memcached, $mysqli;
if($C['memcached']) $ignored=$memcached->get("$C[dbname]-$C[prefix]ignored");
if(!$C['memcached'] || $memcached->getResultCode()!=Memcached::RES_SUCCESS){
$ignored=array();
$result=mysqli_query($mysqli, "SELECT * FROM `$C[prefix]ignored`");
while($tmp=mysqli_fetch_array($result, MYSQLI_ASSOC)){
$ignored[]=$tmp;
}
if($C['memcached']) $memcached->set("$C[dbname]-$C[prefix]ignored", $ignored);
}
return $ignored;
}
function valid_admin(){
global $U;
if(isSet($_REQUEST['session'])){
check_session();
}
elseif(isSet($_REQUEST['nick']) && isSet($_REQUEST['pass'])){
create_session(true);
}
if(isSet($U['status']) && $U['status']>=7) return true;
else return false;
}
function valid_nick($nick){
global $C;
return preg_match("/^[a-z0-9]{1,$C[maxname]}$/i", $nick);
}
function valid_pass($pass){
global $C;
return preg_match('/^.{'.$C['minpass'].',}$/', $pass);
}
function cleanup_nick($nick){
$nick=preg_replace('/\s+/', '', $nick);
return $nick;
}
function get_timeout($lastpost, $status){ // lastpost, status
if($status>2) $expire=get_setting('memberexpire');
else $expire=get_setting('guestexpire');
$s=($lastpost+60*$expire)-time();
$m=$s/60;$m=floor($m);$s-=$m*60;
$h=$m/60;$h=floor($h);$m-=$h*60;
$s=substr('0'.$s, -2, 2);
if($h>0){
$m=substr('0'.$m, -2, 2);
return "$h:$m:$s";
}
return "$m:$s";
}
function print_colours(){
global $C, $I;
// Prints a short list with selected named HTML colours and filters out illegible text colours for the given background.
// It's a simple comparison of weighted grey values. This is not very accurate but gets the job done well enough.
$colours=array('Beige'=>'F5F5DC', 'Black'=>'000000', 'Blue'=>'0000FF', 'BlueViolet'=>'8A2BE2', 'Brown'=>'A52A2A', 'Cyan'=>'00FFFF', 'DarkBlue'=>'00008B', 'DarkGreen'=>'006400', 'DarkRed'=>'8B0000', 'DarkViolet'=>'9400D3', 'DeepSkyBlue'=>'00BFFF', 'Gold'=>'FFD700', 'Grey'=>'808080', 'Green'=>'008000', 'HotPink'=>'FF69B4', 'Indigo'=>'4B0082', 'LightBlue'=>'ADD8E6', 'LightGreen'=>'90EE90', 'LimeGreen'=>'32CD32', 'Magenta'=>'FF00FF', 'Olive'=>'808000', 'Orange'=>'FFA500', 'OrangeRed'=>'FF4500', 'Purple'=>'800080', 'Red'=>'FF0000', 'RoyalBlue'=>'4169E1', 'SeaGreen'=>'2E8B57', 'Sienna'=>'A0522D', 'Silver'=>'C0C0C0', 'Tan'=>'D2B48C', 'Teal'=>'008080', 'Violet'=>'EE82EE', 'White'=>'FFFFFF', 'Yellow'=>'FFFF00', 'YellowGreen'=>'9ACD32');
$greybg=greyval($C['colbg']);
foreach($colours as $name=>$colour){
if(abs($greybg-greyval($colour))>75) echo "<option value=\"$colour\" style=\"color:#$colour\">$I[$name]</option>";
}
}
function greyval($colour){
return hexdec(substr($colour, 0, 2))*.3+hexdec(substr($colour, 2, 2))*.59+hexdec(substr($colour, 4, 2))*.11;
}
function get_style($styleinfo){
$fbold=preg_match('/(<i?bi?>|:bold)/', $styleinfo);
$fitalic=preg_match('/(<b?ib?>|:italic)/', $styleinfo);
$fsmall=preg_match('/(size="-1"|:smaller)/', $styleinfo);
preg_match('/(#.{6})/', $styleinfo, $match);
if(isSet($match[0])) $fcolour=$match[0];
preg_match('/face=\'([^"]+)\'/', $styleinfo, $match);
if(isSet($match[1])) $fface=$match[1];
preg_match('/font-family:([^;]+);/', $styleinfo, $match);
if(isSet($match[1])) $sface=$match[1];
if(isSet($fface)){
$sface=$fface;
$sface=preg_replace('/^/', "'", $sface);
$sface=preg_replace('/$/', "'", $sface);
$sface=preg_replace('/,/', "','", $sface);
}elseif(isSet($sface)){
$fface=$sface;
$fface=preg_replace("/'/", '', $fface);
}
$fstyle='';
if(isSet($fcolour)) $fstyle.="color:$fcolour;";
if(isSet($sface)) $fstyle.="font-family:$sface;";
if($fsmall) $fstyle.='font-size:smaller;';
if($fitalic) $fstyle.='font-style:italic;';
if($fbold) $fstyle.='font-weight:bold;';
return $fstyle;
}
function style_this($text, $styleinfo){
$fbold=preg_match('/(<i?bi?>|:bold)/', $styleinfo);
$fitalic=preg_match('/(<b?ib?>|:italic)/', $styleinfo);
$fsmall=preg_match('/(size="-1"|:smaller)/', $styleinfo);
preg_match('/(#.{6})/', $styleinfo, $match);
if(isSet($match[0])) $fcolour=$match[0];
preg_match('/face=\'([^"]+)\'/', $styleinfo, $match);
if(isSet($match[1])) $fface=$match[1];
preg_match('/font-family:([^;]+);/', $styleinfo, $match);
if(isSet($match[1])) $sface=$match[1];
if(isSet($fface)){
$sface=$fface;
$sface=preg_replace('/^/', "'", $sface);
$sface=preg_replace('/$/', "'", $sface);
$sface=preg_replace('/,/', "','", $sface);
}elseif(isSet($sface)){
$fface=$sface;
$fface=preg_replace("/'/", '', $fface);
}
$fstyle='';
if(isSet($fcolour)) $fstyle.="color:$fcolour;";
if(isSet($sface)) $fstyle.="font-family:$sface;";
if($fsmall) $fstyle.='font-size:smaller;';
if($fitalic) $fstyle.='font-style:italic;';
if($fbold) $fstyle.='font-weight:bold;';
$fstart='<font';
if(!isSet($fcolour)) $fstart.=" color=\"$fcolour\"";
if(isSet($fface)) $fstart.=" face=\"$fface\"";
if($fsmall) $fstart.=" size=\"-1\"";
if(!empty($fstyle)) $fstart.=" style=\"$fstyle\"";
$fstart.='>';
if($fbold) $fstart.='<b>';
if($fitalic) $fstart.='<i>';
$fend='';
if($fitalic) $fend.='</i>';
if($fbold) $fend.='</b>';
$fend.='</font>';
return "$fstart$text$fend";
}
function init_chat(){
global $C, $H, $I, $memcached, $mysqli;
$suwrite='';
if(!$C['memcached'] || !$num_tables=$memcached->get("$C[dbname]-$C[prefix]num-tables")){
$tables=array("$C[prefix]captcha", "$C[prefix]filter", "$C[prefix]ignored", "$C[prefix]members", "$C[prefix]messages", "$C[prefix]notes", "$C[prefix]sessions", "$C[prefix]settings");
$num_tables=0;
$result=mysqli_query($mysqli, 'SHOW TABLES');
while($tmp=mysqli_fetch_array($result, MYSQLI_NUM)){
if(in_array($tmp[0],$tables)) ++$num_tables;
}
if($C['memcached']) $memcached->set("$C[dbname]-$C[prefix]num-tables", $num_tables, 60);
}
if($num_tables>=7){
$suwrite=$I['initdbexist'];
$result=mysqli_query($mysqli, "SELECT * FROM `$C[prefix]members` WHERE `status`='8'");
if(mysqli_num_rows($result)>0){
$suwrite=$I['initsuexist'];
}
}elseif(!valid_nick($_REQUEST['sunick'])){
$suwrite=sprintf($I['invalnick'], $C['maxname']);
}elseif(!valid_pass($_REQUEST['supass'])){
$suwrite=sprintf($I['invalpass'], $C['minpass']);
}elseif($_REQUEST['supass']!==$_REQUEST['supassc']){
$suwrite=$I['noconfirm'];
}else{
mysqli_multi_query($mysqli, "CREATE TABLE IF NOT EXISTS `$C[prefix]captcha` (`id` int(10) unsigned NOT NULL, `time` int(10) unsigned NOT NULL, `code` tinytext NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; ".
"CREATE TABLE IF NOT EXISTS `$C[prefix]filter` (`id` tinyint(3) unsigned NOT NULL, `match` tinytext NOT NULL, `replace` text NOT NULL, `allowinpm` tinyint(1) unsigned NOT NULL, `regex` tinyint(1) unsigned NOT NULL, `kick` tinyint(1) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; ".
"CREATE TABLE IF NOT EXISTS `$C[prefix]ignored` (`id` int(10) unsigned NOT NULL, `ignored` tinytext NOT NULL, `by` tinytext NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; ".
"CREATE TABLE IF NOT EXISTS `$C[prefix]members` (`id` tinyint(3) unsigned NOT NULL, `nickname` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `passhash` tinytext NOT NULL, `status` tinyint(3) unsigned NOT NULL, `refresh` tinyint(3) unsigned NOT NULL, `colour` tinytext NOT NULL, `bgcolour` tinytext NOT NULL, `fontface` tinytext NOT NULL, `fonttags` tinytext NOT NULL, `boxwidth` tinyint(3) unsigned NOT NULL, `boxheight` tinyint(3) unsigned NOT NULL, `notesboxheight` tinyint(3) unsigned NOT NULL, `notesboxwidth` tinyint(3) unsigned NOT NULL, `regedby` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `lastlogin` int(10) unsigned NOT NULL, `timestamps` tinyint(1) unsigned NOT NULL, `embed` tinyint(1) unsigned NOT NULL, `incognito` tinyint(1) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; ".
"CREATE TABLE IF NOT EXISTS `$C[prefix]messages` (`id` int(10) unsigned NOT NULL, `postdate` int(10) unsigned NOT NULL, `poststatus` tinyint(3) unsigned NOT NULL, `poster` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `recipient` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `text` text NOT NULL, `delstatus` tinyint(3) unsigned NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; ".
"CREATE TABLE IF NOT EXISTS `$C[prefix]notes` (`id` int(10) unsigned NOT NULL, `type` tinytext NOT NULL, `lastedited` int(10) unsigned NOT NULL, `editedby` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `text` text NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; ".
"CREATE TABLE IF NOT EXISTS `$C[prefix]sessions` (`id` int(10) unsigned NOT NULL, `session` tinytext NOT NULL, `nickname` tinytext CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, `displayname` text NOT NULL, `status` tinyint(3) unsigned NOT NULL, `refresh` tinyint(3) unsigned NOT NULL, `fontinfo` tinytext NOT NULL, `style` text NOT NULL, `lastpost` int(10) unsigned NOT NULL, `passhash` tinytext NOT NULL, `postid` int(10) unsigned NOT NULL, `boxwidth` tinyint(3) unsigned NOT NULL, `boxheight` tinyint(3) unsigned NOT NULL, `useragent` text NOT NULL, `kickmessage` text NOT NULL, `bgcolour` tinytext NOT NULL, `notesboxheight` tinyint(3) unsigned NOT NULL, `notesboxwidth` tinyint(3) unsigned NOT NULL, `entry` int(10) unsigned NOT NULL, `timestamps` tinyint(1) unsigned NOT NULL, `embed` tinyint(1) unsigned NOT NULL, `incognito` tinyint(1) unsigned NOT NULL, `ip` tinytext NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; ".
"CREATE TABLE IF NOT EXISTS `$C[prefix]settings` (`id` tinyint(3) unsigned NOT NULL, `setting` tinytext NOT NULL, `value` text NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8; ".
"ALTER TABLE `$C[prefix]captcha` ADD UNIQUE KEY `id` (`id`); ".
"ALTER TABLE `$C[prefix]filter` ADD PRIMARY KEY (`id`); ".
"ALTER TABLE `$C[prefix]ignored` ADD PRIMARY KEY (`id`); ".
"ALTER TABLE `$C[prefix]members` ADD PRIMARY KEY (`id`); ".
"ALTER TABLE `$C[prefix]messages` ADD PRIMARY KEY (`id`); ".
"ALTER TABLE `$C[prefix]notes` ADD PRIMARY KEY (`id`); ".
"ALTER TABLE `$C[prefix]sessions` ADD PRIMARY KEY (`id`); ".
"ALTER TABLE `$C[prefix]settings` ADD PRIMARY KEY (`id`); ".
"ALTER TABLE `$C[prefix]filter` MODIFY `id` tinyint(3) unsigned NOT NULL AUTO_INCREMENT; ".
"ALTER TABLE `$C[prefix]ignored` MODIFY `id` int(10) unsigned NOT NULL AUTO_INCREMENT; ".
"ALTER TABLE `$C[prefix]members` MODIFY `id` tinyint(3) unsigned NOT NULL AUTO_INCREMENT; ".
"ALTER TABLE `$C[prefix]messages` MODIFY `id` int(10) unsigned NOT NULL AUTO_INCREMENT; ".
"ALTER TABLE `$C[prefix]notes` MODIFY `id` int(10) unsigned NOT NULL AUTO_INCREMENT; ".
"ALTER TABLE `$C[prefix]sessions` MODIFY `id` int(10) unsigned NOT NULL AUTO_INCREMENT; ".
"ALTER TABLE `$C[prefix]settings` MODIFY `id` tinyint(3) unsigned NOT NULL AUTO_INCREMENT; ".
"INSERT INTO `$C[prefix]settings` (`setting`,`value`) VALUES ('guestaccess','0'), ('globalpass',''), ('englobalpass','0'), ('captcha','0'), ('dateformat','m-d H:i:s'), ('rulestxt', ''), ('msgencrypted','0'), ('msgenter','%s entered the chat.'), ('msgexit','%s left the chat.'), ('msgmemreg','%s is now a registered member.'), ('msgsureg','%s is now a registered applicant.'), ('msgkick','%s has been kicked.'), ('msgmultikick','%s have been kicked.'), ('msgallkick','All chatters have been kicked.'), ('msgclean','%s has been cleaned.'), ('dbversion','$C[dbversion]'), ('css','a:visited{color:#B33CB4;} a:active{color:#FF0033;} a:link{color:#0000FF;} input,select,textarea{color:#FFFFFF;background-color:#000000;} a img{width:15%} a:hover img{width:35%} .error{color:#FF0033;} .delbutton{background-color:#660000;} .backbutton{background-color:#004400;} #exitbutton{background-color:#AA0000;}'), ('memberexpire','60'), ('guestexpire', '15'), ('kickpenalty', '10'), ('entrywait', '120'), ('messageexpire', '14400'), ('messagelimit', '150'), ('maxmessage', 2000), ('captchatime', '600');");
while(mysqli_more_results($mysqli)) mysqli_next_result($mysqli);
$reg=array(
'nickname' =>$_REQUEST['sunick'],
'passhash' =>md5(sha1(md5($_REQUEST['sunick'].$_REQUEST['supass']))),
'status' =>8,
'refresh' =>$C['defaultrefresh'],
'colour' =>$C['coltxt'],
'bgcolour' =>$C['colbg'],
'boxwidth' =>40,
'boxheight' =>3,
'notesboxwidth' =>80,
'notesboxheight'=>30,
'timestamps' =>$C['timestamps'],
'embed' =>$C['embed'],
'incognito' =>false
);
$stmt=mysqli_prepare($mysqli, "INSERT INTO `$C[prefix]members` (`nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `timestamps`, `embed`, `incognito`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
mysqli_stmt_bind_param($stmt, 'ssiissiiiiiii', $reg['nickname'], $reg['passhash'], $reg['status'], $reg['refresh'], $reg['colour'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $reg['timestamps'], $reg['embed'], $reg['incognito']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$suwrite=$I['susuccess'];
}
print_start('init');
echo "<center><h2>$I[init]</h2><br><h3>$I[sulogin]</h3>$suwrite<br><br><br>";
echo "<$H[form]>".hidden('action', 'setup').hidden('lang', $C['lang']).submit($I['initgosetup'])."</form>$H[credit]";
print_end();
}
function update_db(){
global $C, $mysqli;
$dbversion=get_setting('dbversion');
if($dbversion<$C['dbversion'] || get_setting('msgencrypted')!=$C['msgencrypted']){
if($dbversion<2){
mysqli_query($mysqli, "CREATE TABLE IF NOT EXISTS `$C[prefix]ignored` (`id` int(10) unsigned NOT NULL, `ignored` tinytext NOT NULL, `by` tinytext NOT NULL) ENGINE=InnoDB DEFAULT CHARSET=utf8");
mysqli_query($mysqli, "ALTER TABLE `$C[prefix]ignored` ADD PRIMARY KEY (`id`)");
mysqli_query($mysqli, "ALTER TABLE `$C[prefix]ignored` MODIFY `id` int(10) unsigned NOT NULL AUTO_INCREMENT");
}
if($dbversion<3){
mysqli_query($mysqli, "INSERT INTO `$C[prefix]settings` (`setting`, `value`) VALUES ('rulestxt', '')");
}
if($dbversion<4){
mysqli_query($mysqli, "ALTER TABLE `$C[prefix]members` ADD `incognito` TINYINT(1) UNSIGNED NOT NULL");
mysqli_query($mysqli, "ALTER TABLE `$C[prefix]sessions` ADD `incognito` TINYINT(1) UNSIGNED NOT NULL");
}
if($dbversion<5){
mysqli_query($mysqli, "INSERT INTO `$C[prefix]settings` (`setting`, `value`) VALUES ('globalpass', '')");
}
if($dbversion<6){
mysqli_query($mysqli, "INSERT INTO `$C[prefix]settings` (`setting`, `value`) VALUES ('dateformat', 'm-d H:i:s')");
}
if($dbversion<7){
mysqli_query($mysqli, "ALTER TABLE `$C[prefix]captcha` ADD `code` TINYTEXT CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL");
}
if($dbversion<8){
mysqli_query($mysqli, "INSERT INTO `$C[prefix]settings` (`setting`, `value`) VALUES ('captcha', '0'), ('englobalpass', '0')");
$ga=get_setting('guestaccess');
if($ga==-1){
update_setting('guestaccess', 0);
update_setting('englobalpass', 1);
}elseif($ga==4){
update_setting('guestaccess', 1);
update_setting('englobalpass', 2);
}
}
if($dbversion<9){
mysqli_query($mysqli, "INSERT INTO `$C[prefix]settings` (`setting`,`value`) VALUES ('msgencrypted', '0')");
mysqli_query($mysqli, "ALTER TABLE `$C[prefix]settings` CHANGE `value` `value` text NOT NULL");
mysqli_query($mysqli, "ALTER TABLE `$C[prefix]messages` DROP `postid`");
}
if($dbversion<10){
mysqli_query($mysqli, "INSERT INTO `$C[prefix]settings` (`setting`, `value`) VALUES ('css', 'a:visited{color:#B33CB4;} a:active{color:#FF0033;} a:link{color:#0000FF;} input,select,textarea{color:#FFFFFF;background-color:#000000;} a img{width:15%} a:hover img{width:35%} .error{color:#FF0033;} .delbutton{background-color:#660000;} .backbutton{background-color:#004400;} #exitbutton{background-color:#AA0000;}'), ('memberexpire', '60'), ('guestexpire', '15'), ('kickpenalty', '10'), ('entrywait', '120'), ('messageexpire', '14400'), ('messagelimit', '150'), ('maxmessage', 2000), ('captchatime', '600')");
mysqli_query($mysqli, "ALTER TABLE `$C[prefix]sessions` ADD `ip` TINYTEXT NOT NULL");
}
if(get_setting('msgencrypted')!=$C['msgencrypted']){
$result=mysqli_query($mysqli, "SELECT `id`, `text` FROM `$C[prefix]messages`");
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]messages` SET `text`=? WHERE `id`=?");
while($message=mysqli_fetch_array($result, MYSQLI_ASSOC)){
if($C['msgencrypted']) $message['text']=openssl_encrypt($message['text'], 'aes-256-cbc', $C['encryptkey'], 0, '1234567890123456');
else $message['text']=openssl_decrypt($message['text'], 'aes-256-cbc', $C['encryptkey'], 0, '1234567890123456');
mysqli_stmt_bind_param($stmt, 'si', $message['text'], $message['id']);
mysqli_stmt_execute($stmt);
}
mysqli_stmt_close($stmt);
$result=mysqli_query($mysqli, "SELECT `id`, `text` FROM `$C[prefix]notes`");
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]notes` SET `text`=? WHERE `id`=?");
while($message=mysqli_fetch_array($result, MYSQLI_ASSOC)){
if($C['msgencrypted']) $message['text']=openssl_encrypt($message['text'], 'aes-256-cbc', $C['encryptkey'], 0, '1234567890123456');
else $message['text']=openssl_decrypt($message['text'], 'aes-256-cbc', $C['encryptkey'], 0, '1234567890123456');
mysqli_stmt_bind_param($stmt, 'si', $message['text'], $message['id']);
mysqli_stmt_execute($stmt);
}
mysqli_stmt_close($stmt);
update_setting('msgencrypted', (int)$C['msgencrypted']);
}
update_setting('dbversion', $C['dbversion']);
send_update();
}
}
function update_messages(){
global $C;
update_setting('msgenter', $_REQUEST['msgenter']);
update_setting('msgexit', $_REQUEST['msgexit']);
update_setting('msgmemreg', $_REQUEST['msgmemreg']);
if($C['suguests']) update_setting('msgsureg', $_REQUEST['msgsureg']);
update_setting('msgkick', $_REQUEST['msgkick']);
update_setting('msgmultikick', $_REQUEST['msgmultikick']);
update_setting('msgallkick', $_REQUEST['msgallkick']);
update_setting('msgclean', $_REQUEST['msgclean']);
}
function get_setting($setting){
global $C, $memcached, $mysqli;
if(!$C['memcached'] || !$value=$memcached->get("$C[dbname]-$C[prefix]settings-$setting")){
$stmt=mysqli_prepare($mysqli, "SELECT `value` FROM `$C[prefix]settings` WHERE `setting`=?");
mysqli_stmt_bind_param($stmt, 's', $setting);
mysqli_stmt_execute($stmt);
mysqli_stmt_bind_result($stmt, $value);
mysqli_stmt_fetch($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->set("$C[dbname]-$C[prefix]settings-$setting", $value);
}
return $value;
}
function update_setting($setting, $value){
global $C, $memcached, $mysqli;
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]settings` SET `value`=? WHERE `setting`=?");
mysqli_stmt_bind_param($stmt, 'ss', $value, $setting);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if($C['memcached']) $memcached->set("$C[dbname]-$C[prefix]settings-$setting", $value);
}
// configuration, defaults and internals
function load_fonts(){
global $F;
$F=array(
'Arial' =>" face='Arial,Helvetica,sans-serif'",
'Book Antiqua' =>" face='Book Antiqua,MS Gothic'",
'Comic' =>" face='Comic Sans MS,Papyrus'",
'Comic small' =>" face='Comic Sans MS,Papyrus' size=\"-1\"",
'Courier' =>" face='Courier New,Courier,monospace'",
'Cursive' =>" face='Cursive,Papyrus'",
'Fantasy' =>" face='Fantasy,Futura,Papyrus'",
'Garamond' =>" face='Garamond,Palatino,serif'",
'Georgia' =>" face='Georgia,Times New Roman,Times,serif'",
'Serif' =>" face='MS Serif,New York,serif'",
'System' =>" face='System,Chicago,sans-serif'",
'Times New Roman' =>" face='Times New Roman,Times,serif'",
'Verdana' =>" face='Verdana,Geneva,Arial,Helvetica,sans-serif'",
'Verdana small' =>" face='Verdana,Geneva,Arial,Helvetica,sans-serif' size=\"-1\""
);
}
function load_html(){
global $C, $H, $I;
$H=array(// default HTML
'begin_body' =>"body",
'form' =>"form action=\"$_SERVER[SCRIPT_NAME]\" method=\"post\" style=\"margin:0;padding:0;\"",
'meta_html' =>"<title>$C[chatname]</title><meta name=\"robots\" content=\"noindex,nofollow\"><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"><meta http-equiv=\"Pragma\" content=\"no-cache\"><meta http-equiv=\"Cache-Control\" content=\"no-cache\"><meta http-equiv=\"expires\" content=\"0\">",
'credit' =>"<small><br><br><a target=\"_blank\" href=\"https://github.com/DanWin/le-chat-php\">LE CHAT-PHP - $C[version]</a></small></center>"
);
$H=$H+array(
'backtologin' =>"<$H[form] target=\"_parent\">".hidden('lang', $C['lang']).submit($I['backtologin'], 'class="backbutton"').'</form>',
'backtochat' =>"<$H[form]>".hidden('action', 'view').@hidden('session', $_REQUEST['session']).hidden('lang', $C['lang']).submit($I['backtochat'], 'class="backbutton"').'</form>'
);
}
function check_db(){
global $C, $I, $memcached, $mysqli;
$mysqli=mysqli_connect($C['dbhost'], $C['dbuser'], $C['dbpass'], $C['dbname']);
if(mysqli_connect_errno($mysqli)){
if($_REQUEST['action']=='setup'){
die($I['nodbsetup']);
}else{
die($I['nodb']);
}
}
if($C['memcached']){
$memcached=new Memcached();
$memcached->addServer($C['memcachedhost'], $C['memcachedport']);
}
}
function load_lang(){
global $C, $I, $L;
$L=array(
'de' =>'Deutsch',
'en' =>'English'
);
if(isSet($_REQUEST['lang']) && array_key_exists($_REQUEST['lang'], $L)){
$C['lang']=$_REQUEST['lang'];
setcookie('language', $C['lang']);
}elseif(isSet($_COOKIE['language']) && array_key_exists($_COOKIE['language'], $L)){
$C['lang']=$_COOKIE['language'];
}
include('lang_en.php'); //always include English
if($C['lang']!=='en') include("lang_$C[lang].php"); //replace with translation if available
}
function load_config(){
global $C;
$C=array(
'version' =>'1.11.1', // Script version
'dbversion' =>10, // Database version
'colbg' =>'000000', // Background colour
'coltxt' =>'FFFFFF', // Default text colour
'chatname' =>'My Chat', // Chat Name
'keeplimit' =>3, // Amount of messages to keep in the database (multiplied with max messages displayed) - increase if you have many private messages
'defaultrefresh'=>30, // Seconds to refresh the messages
'msgencrypted' =>false, // Store messages encrypted in the database to prevent other database users from reading them - true/false - visit the setup page after editing!
'encryptkey' =>'MY_KEY', // Encryption key for messages
'maxname' =>20, // Longest number of chatacters for a name
'minpass' =>5, // Shortest number of chatacters for a password
'dbhost' =>'p:localhost', // Database host
'dbuser' =>'www-data', // Database user
'dbpass' =>'YOUR_DB_PASS', // Database password
'dbname' =>'public_chat', // Database
'prefix' =>'', // Prefix - Set this to a unique value for every chat, if you have more than 1 chats on the same database or domain
'memcached' =>false, // Enable/disable memcached caching true/false - needs php5-memcached and a memcached server.
'memcachedhost' =>'localhost', // Memcached server
'memcachedport' =>'11211', // Memcached server
'captchachars' =>'0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', // Characters used for captcha generation
'dismemcaptcha' =>false, // Disable captcha for members? true/false
'embed' =>true, // Default for displaying embedded imgs or turning them into links true/false
'imgembed' =>true, // Allow image embedding in chat using [img] tag? true/false
'suguests' =>false, // Adds option to add applicants. They will have a reserved nick protected with a password, but don't count as member true/false
'timestamps' =>true, // Display timestamps in front of the messages by default true/false
'incognito' =>true, // Allow mods and admins to be invisable true/false
'forceredirect' =>false, // Force redirect script or only use when no cookies available? true/false
'memkick' =>true, // Let a member kick guests if no mod is present
'sendmail' =>false, // Send mail on new message - only activate on low traffic chat or your inbox will fill up very fast!
'mailsender' =>'www-data <www-data@localhost>', // Send mail using this e-Mail address
'mailreceiver' =>'Webmaster <webmaster@localhost>', // Send mail to this e-Mail address
'redirect' =>"$_SERVER[SCRIPT_NAME]?action=redirect&url=", // Redirect script default: "$_SERVER[SCRIPT_NAME]?action=redirect&url="
'lang' =>'en', // Default language
'trackip' =>true // Display IP-Address in session overview - true/false
);
$C=$C+array(
'cookiename' =>"$C[prefix]chat_session" // Cookie name storing the session information
);
}
?>
Reference in New Issue View Git Blame Copy Permalink