1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
<?php
/***************************************************************************
*
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
*
***************************************************************************/
//
// This function will prepare a posted message for
// entry into the database.
//
function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid = 0)
{
global $board_config;
//
// Clean up the message
//
$message = trim($message);
if($html_on)
{
$start = -1;
$end = 0;
for($h = 0; $h < strlen($message); $h++)
{
$start = strpos($message, "<", $h);
if($start > -1)
{
$end = strpos($message, ">", $start);
if($end)
{
$length = $end - $start + 1;
$tagallowed = 0;
for($i = 0; $i < sizeof($board_config['allow_html_tags']); $i++)
{
$match_tag = trim($board_config['allow_html_tags'][$i]);
list($match_tag_split) = explode(" ", $match_tag);
if( preg_match("/^((\/$match_tag_split$)|($match_tag))[ \=]+/i", substr($message, $start + 1, $length - 2) . " ") )
{
$tagallowed = 1;
}
}
if($length && !$tagallowed)
{
$message = str_replace(substr($message, $start, $length), "", $message);
}
}
$start = -1;
}
}
}
if($bbcode_on)
{
$message = bbencode_first_pass($message, $bbcode_uid);
}
$message = addslashes($message);
return($message);
}
?>
|
