|
King of Portal
Join Date: Sep 2005
Posts: 439
Rep Power: 4 
|
Filename: create_reply.php
Purpose: Adds form data from reply.php into database and edits thread index.
<html>
<head>
<title>
Reply Successful
</title>
</head>
<body bgcolor="#000031" link="##91DAFF" vlink="##91DAFF">
<table height="100%" width="100%" border="0" cellpadding="0">
<td width="115" align="left" valign="top">
<font color="##91DAFF" face="verdana" size="1">
JRForum<br>
<br>
</font>
<img src="skull.gif">
</td>
<td width="1" bgcolor="#FFFFFF"align="left" valign="top">
</td>
<td background="jr.gif" align="left" valign="top">
<font color="#FFFFFF" face="verdana" size="1">
<?php
require('date.inc');
$timestamp = get_time();
archive_message();
function archive_message()
{
global $timestamp;
$main_thread = $_POST['thread'];
$alias = stripslashes($_POST['formalias']);
$imageurl = stripslashes($_POST['formimageurl']);
$email = stripslashes($_POST['formemail']);
$subject = stripslashes($_POST['formsubject']);
$message = stripslashes($_POST['formmessage']);
$signature = stripslashes($_POST['formsignature']);
$replace = array(" ", "\t", "\n", "\r", "\0", "\x0B");
if(is_int(strpos(strtolower(str_replace($replace, '', $alias)), 'script')) || is_int(strpos(strtolower(str_replace($replace, '', $imageurl)), 'script')) || is_int(strpos(strtolower(str_replace($replace, '', $email)), 'script')) || is_int(strpos(strtolower(str_replace($replace, '', $subject)), 'script')) || is_int(strpos(strtolower(str_replace($replace, '', $message)), 'script')) || is_int(strpos(strtolower(str_replace($replace, '', $signature)), 'script')))
{
die('The input fields cannot contain the literal word <em><strong>script</strong></em> or any of its variants. Please press <strong>BACK</strong> in your browser window and revise the inputs. To include the word <em><strong>script</strong></em> in your post, you must use the HTML equivalent entities. In other words, replace the word <em><strong>script</strong></em> with the following:<br><br>All lowercase letters (script):<br><font color="#F8BF24">script</font><br><br>All uppercase letters (SCRIPT):<br><font color="#F8BF24">SCRIPT</font><br><br>First letter capitalized (Script):<br><font color="#F8BF24">Script</font>');
}
$end_tag = 'EOINPUT';
$threadcontents = $alias . $end_tag;
$threadcontents .= $imageurl . $end_tag;
$threadcontents .= $email . $end_tag;
$threadcontents .= $signature . $end_tag;
$threadcontents = htmlentities($threadcontents, ENT_QUOTES);
setcookie('jrforum', $threadcontents, time() + 60 * 60 * 24 * 30);
$filename = $main_thread . '.txt';
$threadcontents = $timestamp . $end_tag;
$threadcontents .= $alias . $end_tag;
$threadcontents .= $imageurl . $end_tag;
$threadcontents .= $email . $end_tag;
$threadcontents .= $subject . $end_tag;
$threadcontents .= nl2br($message) . $end_tag;
$threadcontents .= $signature . $end_tag;
$threadcontents = htmlentities($threadcontents, ENT_QUOTES);
if(!$handle = fopen($filename, 'a'))
{
echo "Cannot open file ($filename)";
exit();
}
if(fwrite($handle, $threadcontents) === FALSE)
{
echo "Cannot write to file ($filename)";
exit();
}
echo "Success, wrote ($threadcontents) to file ($filename)";
fclose($handle);
$filename = 'threads.txt';
if(!$handle = fopen($filename, 'r'))
{
echo "Cannot open file ($filename)";
exit();
}
$contents = fread($handle, filesize($filename));
fclose($handle);
$end_tag = 'EOINPUT';
$thread_contents = explode($end_tag, $contents);
unset($thread_contents[count($thread_contents) - 1]);
for($i = 0; $i < count($thread_contents); $i += 6)
{
if($thread_contents[$i] === $main_thread)
{
$thread_contents[$i + 3] = htmlentities(intval($thread_contents[$i + 3]) + 1, ENT_QUOTES);
$thread_contents[$i + 4] = htmlentities($timestamp, ENT_QUOTES);
$thread_contents[$i + 5] = htmlentities($alias, ENT_QUOTES);
}
}
$threadcontents = implode($end_tag, $thread_contents) . $end_tag;
$filename = 'threads.txt';
if(!$handle = fopen($filename, 'w'))
{
echo "Cannot open file ($filename)";
exit();
}
if(fwrite($handle, $threadcontents) === FALSE)
{
echo "Cannot write to file ($filename)";
exit();
}
echo "Success, wrote ($threadcontents) to file ($filename)";
fclose($handle);
echo '<br><br>Your reply was successful please <a href="display.php?thread=';
echo $main_thread;
echo '">click here</a> to continue.';
}
?>
</font>
</td>
</table>
</body>
</html>
__________________
Lo, there do I see my father. 'Lo, there do I see My mother, and my sisters, and my brothers. 'Lo, there do I see The line of my people... Back to the beginning. 'Lo, they do call to me. They bid me take my place among them. In the halls of Valhalla... Where the brave... May live... ...forever.. GrimBB | Mimesis
|