+// Main message parser for posting, pm, etc. takes raw message

+// and parses it for attachments, html, bbcode and smilies

+class parse_message

+{

+ var $bbcode_tpl = null;

+

+ function parse(&$message, $html, $bbcode, $uid, $url, $smilies)

+ {

+ global $board_config, $db, $lang;

+

+ $warn_msg = '';

+

+ // Do some general 'cleanup' first before processing message,

+ // e.g. remove excessive newlines(?), smilies(?)

+ $match = array();

+ $replace = array();

+

+ $match[] = '#sid=[a-z0-9]+&?#';

+ $replace[] = '';

+ $match[] = "#([\r\n][\s]+){3,}#";

+ $replace[] = "\n\n";

+

+ $message = preg_replace($match, $replace, $message);

+

+ // Message length check

+ if ( !strlen($message) || ( $board_config['max_post_chars'] && strlen($message) > $board_config['max_post_chars'] ) )

+ {

+ $warn_msg .= ( !strlen($message) ) ? $lang['Too_few_chars'] . '<br />' : $lang['Too_many_chars'] . '<br />';

+ }

+

+ // Smiley check

+ if ( $board_config['max_post_smilies'] && $smilies )

+ {

+ $sql = "SELECT code

+ FROM " . SMILIES_TABLE;

+ $result = $db->sql_query($sql);

+

+ $match = 0;

+ while ( $row = $db->sql_fetchrow($result))

+ {

+ if ( preg_match_all('#('. preg_quote($row['code'], '#') . ')#', $message, $matches) )

+ {

+ $match++;

+ }

+

+ if ( $match > $board_config['max_post_smilies'] )

+ {

+ $warn_msg .= $lang['Too_many_smilies'] . '<br />';

+ break;

+ }

+ }

+ $db->sql_freeresult($result);

+ unset($matches);

+ }

+

+ // Specialchars message here ... ?

+ $message = htmlspecialchars($message, ENT_COMPAT, $lang['ENCODING']);

+

+ if ( $warn_msg )

+ {

+// return $warn_msg;

+ }

+

+ $warn_msg .= $this->html($message, $html);

+ $warn_msg .= $this->bbcode($message, $bbcode, $uid);

+ $warn_msg .= $this->magic_url($message, $url);

+ $warn_msg .= $this->attach($_FILE);

+

+ return $warn_msg;

+ }

+

+ function html(&$message, $html)

+ {

+ global $board_config, $lang;

+

+ if ( $html )

+ {

+ // If $html is true then "allowed_tags" are converted back from entity

+ // form, others remain

+ $allowed_tags = split(',', str_replace(' ', '', $board_config['allow_html_tags']));

+

+ $match = array();

+ $replace = array();

+

+ foreach ( $allowed_tags as $tag )

+ {

+ $match[] = '#&lt;(\/?' . str_replace('*', '.*?', $tag) . ')&gt;#i';

+ $replace[] = '<\1>';

+ }

+

+ $message = preg_replace($match, $replace, $message);

+ }

+

+ return;

+ }

+

+ function bbcode(&$message, $bbcode, $uid)

+ {

+ global $board_config;

+

+ }

+

+ // Replace magic urls of form http://xxx.xxx., www.xxx. and xxx@xxx.xxx.

+ // Cuts down displayed size of link if over 50 chars, turns absolute links

+ // into relative versions when the server/script path matches the link

+ function magic_url(&$message, $url)

+ {

+ global $board_config;

+

+ if ( $url )

+ {

+ $server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://';

+ $server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';

+

+ $match = array();

+ $replace = array();

+

+ // relative urls for this board

+ $match[] = '#' . $server_protocol . trim($board_config['server_name']) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '\1', trim($board_config['script_path'])) . '/([^\t <\n\r\"]+)#i';

+ $replace[] = '<a href="\1" target="_blank">\1</a>';

+

+ // matches a xxxx://aaaaa.bbb.cccc. ...

+ $match[] = '#([\n ])([\w]+?://.*?)([\t\n\r <"\'])#ie';

+ $replace[] = "'\\1<!-- m --><a href=\"\\2\" target=\"_blank\">' . ( ( strlen('\\2') > 55 ) ?substr('\\2', 0, 39) . ' ... ' . substr('\\2', -10) : '\\2' ) . '</a><!-- m -->\\3'";

+

+ // matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing

+ $match[] = '#(^|[\n ])(www\.[\w\-]+\.[\w\-.\~]+(?:/[^\t <\n\r\"]*)?)#ie';

+ $replace[] = "'\\1<!-- m --><a href=\"http://\\2\" target=\"_blank\">' . ( ( strlen('\\2') > 55 ) ?substr('\\2', 0, 39) . ' ... ' . substr('\\2', -10) : '\\2' ) . '</a><!-- m -->'";

+

+ // matches an email@domain type address at the start of a line, or after a space.

+ $match[] = '#(^|[\n ])([a-z0-9\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)#ie';

+ $replace[] = "'\\1<!-- m --><a href=\"mailto:\\2\">' . ( ( strlen('\\2') > 55 ) ?substr('\\2', 0, 39) . ' ... ' . substr('\\2', -10) : '\\2' ) . '</a><!-- m -->'";

+

+ $message = preg_replace($match, $replace, $message);

+ }

+ }

+

+ // Based off of Acyd Burns Mod

+ function attach($file_ary)

+ {

+ global $board_config;

+

+ $allowed_ext = explode(',', $board_config['attach_ext']);

+ }

+}

+

+// Will parse poll info ... probably

+class parse_poll extends parse_message

+{

+ function parse_poll()

+ {

+ global $board_config;

+

+ }

+}

+

+// Parses a given message and updates/maintains

+// the fulltext word indexes NOTE this is not complete

+// nor 'entirely' (!) functional ...

+class fulltext_search

+{

+ function split_words(&$text)

+ {

+ global $phpbb_root_path, $board_config;

+

+ static $drop_char_match = array('^', '$', '&', '(', ')', '<', '>', '`', '\'', '"', '|', ',', '@', '_', '?', '%', '-', '~', '+', '.', '[', ']', '{', '}', ':', '\\', '/', '=', '#', '\'', ';', '!', '*');

+ static $drop_char_replace = array(' ', ' ', ' ', ' ', ' ', ' ', ' ', '', '', ' ', ' ', ' ', ' ', '', ' ', ' ', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ' , ' ', ' ', ' ', ' ', ' ', ' ', ' ');

+ $stopwords_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_stopwords.txt');

+ $synonym_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_synonyms.txt');

+

+ $match = array();

+ // New lines, carriage returns

+ $match[] = "#[\n\r]+#";

+ // HTML and NCRs like &nbsp; etc.

+ $match[] = '#<(.*?)>.*?<\/\1>#'; // BAD!

+ $match[] = '#\b&\#?[a-z0-9]+;\b#';

+ // URL's

+ $match[] = '#\b[\w]+:\/\/[a-z0-9\.\-]+(\/[a-z0-9\?\.%_\-\+=&\/]+)?#';

+ // BBcode

+ $match[] = '#\[img:[a-z0-9]{10,}\].*?\[\/img:[a-z0-9]{10,}\]#';

+ $match[] = '#\[\/?url(=.*?)?\]#';

+ $match[] = '#\[\/?[a-z\*=\+\-]+(\:?[0-9a-z]+)?:[a-z0-9]{10,}(\:[a-z0-9]+)?=?.*?\]#';

+ // Sequences < min_search_chars & < max_search_chars

+ $match[] = '#\b([a-z0-9]{1,' . $board_config['min_search_chars'] . '}|[a-z0-9]{' . $board_config['max_search_chars'] . ',})\b#';

+

+ $text = preg_replace($match, ' ', ' ' . strtolower($text) . ' ');

+

+ // Filter out non-alphabetical chars

+ for($i = 0; $i < count($drop_char_match); $i++)

+ {

+ $text = str_replace($drop_char_match[$i], $drop_char_replace[$i], $text);

+ }

+

+ if ( !empty($stopword_list) )

+ {

+ $text = str_replace($stopword_list, '', $text);

+ }

+

+ if ( !empty($synonym_list) )

+ {

+ for ($j = 0; $j < count($synonym_list); $j++)

+ {

+ list($replace_synonym, $match_synonym) = split(' ', trim(strtolower($synonym_list[$j])));

+ if ( $mode == 'post' || ( $match_synonym != 'not' && $match_synonym != 'and' && $match_synonym != 'or' ) )

+ {

+ $text = preg_replace('#\b' . trim($match_synonym) . '\b#', ' ' . trim($replace_synonym) . ' ', $text);

+ }

+ }

+ }

+

+ echo "<br /><br />\n\n";

+ echo "cleaned_text => " . htmlentities($text);

+ echo "<br /><br />\n\n";

+ preg_match_all('/\b([\w]+)\b/', $text, $split_entries);

+

+ return array_unique($split_entries[1]);

+ }

+

+ function add(&$post_id, &$new_msg, &$new_title, $old_msg = '', $old_title = '')

+ {

+ global $board_config, $db;

+

+ $mtime = explode(' ', microtime());

+ $starttime = $mtime[1] + $mtime[0];

+

+ //

+ // Split old and new post/subject to obtain array of 'words'

+ //

+ $split_text_new = $this->split_words($new_msg);

+ $split_text_old = $this->split_words(addslashes($old_msg));

+ $split_title_new = ( $new_title ) ? $this->split_words($new_title) : array();

+ $split_title_old = ( $old_title ) ? $this->split_words(addslashes($old_title)) : array();

+

+ //

+ // Define new words to be added and old words to be removed

+ //

+ $words = array();

+ $words['add']['text'] = array_diff($split_text_new, $split_text_old);

+ $words['del']['text'] = array_diff($split_text_old, $split_text_new);

+ $words['add']['title'] = array_diff($split_title_new, $split_title_old);

+ $words['del']['title'] = array_diff($split_title_old, $split_title_new);

+

+ //

+ // Get unique words from the above arrays

+ //

+ $unique_add_words = array_unique(array_merge($words['add']['text'], $words['add']['title']));

+

+ //

+ // We now have unique arrays of all words to be added and removed and

+ // individual arrays of added and removed words for text and title. What

+ // we need to do now is add the new words (if they don't already exist)

+ // and then add (or remove) matches between the words and this post

+ //

+ if ( sizeof($unique_add_words) )

+ {

+ $word_id = array();

+ $new_word = array();

+

+ $sql = "SELECT word_id, word_text

+ FROM " . SEARCH_WORD_TABLE . "

+ WHERE word_text IN (" . implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $unique_words)) . ")";

+ $result = $db->sql_query($sql);

+

+ while ( $row = $db->sql_fetchrow($result) )

+ {

+ $word_id[$row['word_text']] = $row['word_id'];

+ }

+ $db->sql_freeresult($result);

+

+ foreach ( $unique_words as $word )

+ {

+ if ( empty($word_id[$word]) )

+ {

+ $new_words[] = $row['word_text'];

+ }

+ }

+ unset($unique_words);

+

+ switch( SQL_LAYER )

+ {

+ case 'postgresql':

+ case 'msaccess':

+ case 'mssql-odbc':

+ case 'oracle':

+ case 'db2':

+ foreach ( $new_words as $word )

+ {

+ $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)

+ VALUES ('" . $word . "')";

+ $db->sql_query($sql);

+ }

+

+ break;

+

+ default:

+ switch( SQL_LAYER )

+ {

+ case 'mysql':

+ case 'mysql4':

+ $value_sql = implode(', ', preg_replace('#^(.*)$#', '(\'\1\')', $new_words));

+ break;

+

+ case mssql:

+ $value_sql = implode(' UNION ALL ', preg_replace('#^(.*)$#', 'SELECT \'\1\'', $new_words));

+ break;

+

+ }

+

+ if ( $value_sql )

+ {

+ $sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text)

+ VALUES $value_sql";

+ $db->sql_query($sql);

+ }

+ }

+ }

+

+ $unique_words = array_unique(array_merge($words['del']['text'], $words['del']['title']));

+

+ $word_id = array();

+ if ( count($unique_words) )

+ {

+ $sql = "SELECT word_id, word_text

+ FROM " . SEARCH_WORD_TABLE . "

+ WHERE word_text IN (" . implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $unique_words)) . ")";

+ $result = $db->sql_query($sql);

+

+ while ( $row = $db->sql_fetchrow($result) )

+ {

+ if ( !empty($words['del']['title']) )

+ {

+ $words['del']['title'][] = $row['word_id'];

+ }

+

+ if ( !empty($words['del']['text']) )

+ {

+ $words['del']['text'][] = $row['word_id'];

+ }

+ }

+ $db->sql_freeresult($result);

+

+ unset($unique_words);

+ }

+

+ foreach ( $words as $sql_type => $word_in_ary )

+ {

+ foreach ( $word_in_ary as $word_in => $word_ary )

+ {

+ $word_sql = ( $sql_type == 'add' ) ? implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $word_ary)) : implode(', ', $word_id);

+ $title_match = ( $word_in == 'title' ) ? 1 : 0;

+

+ if ( $word_sql != '' )

+ {

+ echo "<br />" . $sql = ( $sql_type == 'add' ) ? "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) SELECT $post_id, word_id, $title_match FROM " . SEARCH_WORD_TABLE . " WHERE word_text IN ($word_sql)" : "DELETE FROM " . SEARCH_MATCH_TABLE . " WHERE post_id = $post_id AND title_match = $title_match AND word_id IN ($word_sql)";

+ $db->sql_query($sql);

+ }

+ }

+ }

+

+ unset($words);

+ unset($word_in_ary);

+

+ $mtime = explode(' ', microtime());

+ echo "<br /><br />";

+ echo $mtime[1] + $mtime[0] - $starttime;

+ echo "<br /><br />";

+ print_r($new_words);

+ echo "<br /><br />";

+ print_r($del_words);

+ echo "<br /><br />";

+

+ // Run the cleanup infrequently, once per session cleanup

+ if ( $board_config['session_last_gc'] < time - ( $board_config['session_gc'] / 2 ) )

+ {

+ $this->search_tidy();

+ }

+ }

+

+ //

+ // Tidy up indexes, tag 'common words', remove

+ // words no longer referenced in the match table, etc.

+ //

+ function search_tidy()

+ {

+ global $db;

+

+ // Remove common (> 60% of posts ) words

+ $result = $db->sql_query("SELECT SUM(forum_posts) AS total_posts FROM " . FORUMS_TABLE);

+

+ $row = $db->sql_fetchrow($result);

+

+ if ( $row['total_posts'] >= 100 )

+ {

+ $sql = "SELECT word_id

+ FROM " . SEARCH_MATCH_TABLE . "

+ GROUP BY word_id

+ HAVING COUNT(word_id) > " . floor($row['total_posts'] * 0.6);

+ $result = $db->sql_query($sql);

+

+ $in_sql = '';

+ while ( $row = $db->sql_fetchrow($result) )

+ {

+ $in_sql .= ( ( $in_sql != '' ) ? ', ' : '' ) . $row['word_id'];

+ }

+ $db->sql_freeresult($result);

+

+ if ( $in_sql )

+ {

+ $sql = "UPDATE " . SEARCH_WORD_TABLE . "

+ SET word_common = " . TRUE . "

+ WHERE word_id IN ($in_sql)";

+ $db->sql_query($sql);

+

+ $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . "

+ WHERE word_id IN ($in_sql)";

+ $db->sql_query($sql);

+ }

+ }

+

+ // Remove words with no matches ... this is a potentially nasty query

+ $sql = "SELECT w.word_id

+ FROM ( " . SEARCH_WORD_TABLE . " w

+ LEFT JOIN " . SEARCH_MATCH_TABLE . " m ON w.word_id = m.word_id

+ AND m.word_id IS NULL

+ GROUP BY m.word_id";

+ $result = $db->sql_query($sql);

+

+ if ( $row = $db->sql_fetchrow($result) )

+ {

+ $in_sql = '';

+ while ( $row = $db->sql_fetchrow($result) )

+ {

+ $in_sql .= ( ( $in_sql != '' ) ? ', ' : '' ) . $row['word_id'];

+ }

+ $db->sql_freeresult($result);

+

+ if ( $in_sql )

+ {

+ $sql = "DELETE FROM " . SEARCH_WORD_TABLE . "

+ WHERE word_id IN ($in_sql)";

+ $db->sql_query($sql);

+ }

+ }

+ }

+}

+

+//

+// Fill smiley templates (or just the variables) with smileys

+// Either in a window or inline

+//

+function generate_smilies($mode)

+{

+ global $SID, $auth, $db, $session, $board_config, $template, $theme, $lang;

+ global $user_ip, $starttime;

+ global $phpEx, $phpbb_root_path;

+ global $userdata;

+

+ if ( $mode == 'window' )

+ {

+ $page_title = $lang['Review_topic'] . " - $topic_title";

+ include($phpbb_root_path . 'includes/page_header.'.$phpEx);

+

+ $template->set_filenames(array(

+ 'smiliesbody' => 'posting_smilies.html')

+ );

+ }

+

+ $where_sql = ( $mode == 'inline' ) ? 'WHERE smile_on_posting = 1 ' : '';

+ $sql = "SELECT emoticon, code, smile_url, smile_width, smile_height

+ FROM " . SMILIES_TABLE . "

+ $where_sql

+ ORDER BY smile_order, smile_width, smile_height, smilies_id";

+ $result = $db->sql_query($sql);

+

+ $num_smilies = 0;

+ $smile_array = array();

+ if ( $row = $db->sql_fetchrow($result) )

+ {

+ do

+ {

+ if ( !in_array($row['smile_url'], $smile_array) )

+ {

+ if ( $mode == 'window' || ( $mode == 'inline' && $num_smilies < 20 ) )

+ {

+ $template->assign_block_vars('emoticon', array(

+ 'SMILEY_CODE' => $row['code'],

+ 'SMILEY_IMG' => $board_config['smilies_path'] . '/' . $row['smile_url'],

+ 'SMILEY_WIDTH' => $row['smile_width'],

+ 'SMILEY_HEIGHT' => $row['smile_height'],

+ 'SMILEY_DESC' => $row['emoticon'])

+ );

+ }

+

+ $smile_array[] = $row['smile_url'];

+ $num_smilies++;

+ }

+ }

+ while ( ( $row = $db->sql_fetchrow($result) ) );

+

+ $db->sql_freeresult($result);

+

+ if ( $mode == 'inline' && $num_smilies >= 20 )

+ {

+ $template->assign_vars(array(

+ 'S_SHOW_EMOTICON_LINK' => true,

+ 'L_MORE_SMILIES' => $lang['More_emoticons'],

+ 'U_MORE_SMILIES' => "posting.$phpEx$SID&amp;mode=smilies")

+ );

+ }

+

+ $template->assign_vars(array(

+ 'L_EMOTICONS' => $lang['Emoticons'],

+ 'L_CLOSE_WINDOW' => $lang['Close_window'],

+ 'S_SMILIES_COLSPAN' => $s_colspan)

+ );

+ }

+

+ if ( $mode == 'window' )

+ {

+ $template->display('smiliesbody');

+

+ include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

+ }

+}

+//

+// END NEW CODE

+// ---------------------------------------------

+

+// ---------------------------------------------

+// OLD CODE FROM 2.0.x

+//

+define('BBCODE_UID_LEN', 10);

+

+

+

+

+

+

+

+

+//

+ else if ( $mode != 'delete' && $mode != 'polldelete' )

+ else if ( count($poll_options) > $board_config['max_poll_options'] )

+ if ( $mode == 'newtopic' || $mode == 'reply' )

+ //

+ $sql = "SELECT vote_option_id, vote_result

+ FROM " . VOTE_RESULTS_TABLE . "

+ WHERE vote_id = $poll_id

+ $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . "

+ FROM " . POSTS_TABLE . "

+ FROM " . POSTS_TABLE . "

+ WHERE forum_id = $forum_id";

+ else if ( $post_data['first_post'] )

+ FROM " . POSTS_TABLE . "

+ $forum_update_sql .= ", forum_last_post_id = $post_id" . ( ( $mode == 'newtopic' ) ? ", forum_topics = forum_topics $sign" : "" );

+ else

+ $sql = "UPDATE " . FORUMS_TABLE . " SET

+ $forum_update_sql

+ $sql = "UPDATE " . TOPICS_TABLE . " SET

+ $topic_update_sql

+ SET user_posts = user_posts $sign

+ $sql = "DELETE FROM " . POSTS_TABLE . "

+ $sql = "DELETE FROM " . POSTS_TEXT_TABLE . "

+ $sql = "DELETE FROM " . SEARCH_MATCH_TABLE . "

+ $forum_update_sql = 'forum_posts = forum_posts - 1';

+ $sql = "DELETE FROM " . TOPICS_TABLE . "

+ WHERE topic_id = $topic_id

+ $sql = "DELETE FROM " . VOTE_DESC_TABLE . "

+ $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . "

+ $sql = "DELETE FROM " . VOTE_USERS_TABLE . "

+ else

+ $sql = "SELECT ban_userid

+ $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, f.forum_name

+ FROM " . FORUMS_WATCH_TABLE . " w, " . FORUMS_TABLE . " f, " . USERS_TABLE . " u

+ WHERE w.forum_id = $forum_id

+ AND w.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . " )

+ AND w.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . "

+ AND f.forum_id = w.forum_id

+ 'FORUM_NAME' => $forum_name,

+ $sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, t.topic_title

+ FROM " . TOPICS_WATCH_TABLE . " tw, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u

+ WHERE tw.topic_id = $topic_id

+ AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . " )

+ AND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . "

+ AND t.topic_id = tw.topic_id

+ 'TOPIC_TITLE' => $topic_title,

+ $sql = "SELECT topic_id