~\n~ig; $message =~ s~
~\n~g; $message =~ s/ \ \ \ /\t/ig; if (!$nestedquotes) { $message =~ s~\n{0,1}\[quote([^\]]*)\](.*?)\[/quote\]\n{0,1}~\n~isg; $message =~ s~\n*\[/*quote([^\]]*)\]\n*~~ig; } $mname ||= $musername || $post_txt{'470'}; $quotestart = int($quotemsg / $maxmessagedisplay) * $maxmessagedisplay; $message = qq~[quote author=$mname link=$threadid/$quotestart#$quotemsg date=$mdate\]$message\[/quote\]\n~; $msubject =~ s/\bre:\s+//ig; if ($mns eq "NS") { $nscheck = "checked"; } } else { ($msubject, $mname, $memail, $mdate, $musername, $micon, $mattach, $mip, $mmessage, $mns) = split(/\|/, $messages[0]); $msubject =~ s/\bre:\s+//ig; } $sub = "Re: $msubject"; $settofield = "message"; } $submittxt = "$post_txt{'105'}"; $destination = "post2"; $icon = "xx"; $is_preview = 0; $post = "post"; $prevmain = ""; $preview = "preview"; $yytitle = "$t_title"; &Postpage; if ($pollthread != 2) { &doshowthread; } &template; exit; } sub Postpage { my $extra; my ($filetype_info, $filesize_info, $extensions); $extensions = join(" ", @ext); $filetype_info = $checkext == 1 ? qq~$fatxt{'2'} $extensions~ : qq~$fatxt{'2'} $fatxt{'4'}~; $filesize_info = $limit != 0 ? qq~$fatxt{'3'} $limit KB~ : qq~$fatxt{'3'} $fatxt{'5'}~; if ($is_preview) { $post_txt{'507'} = $post_txt{'771'}; } $normalquot = $post_txt{'599'}; $simpelquot = $post_txt{'601'}; $simpelcode = $post_txt{'602'}; $edittext = $post_txt{'603'}; if (!$fontsizemax) { $fontsizemax = 72; } if (!$fontsizemin) { $fontsizemin = 6; } $message =~ s~<\/~\<\;/~isg; &ToChars($message); &ToChars($sub); # this defines what the top area of the post box will look like: option 1 ) IM area # option 2) all other post areas if ($post eq "imsend") { if (!$INFO{'to'}) { $INFO{'to'} = $FORM{'to'}; } if ($INFO{'to'}) { $settofield = "message"; } else { $settofield = "to"; } $idinfo = "$INFO{'id'}"; $extra = qq~
$mbname »
$cat »
$boardname »
( $threadlink )
~;
}
#this is the end of the upper area of the post page.
$yymain .= qq~
~;
# if this is an IM from the admin or to groups declare where it goes.
if ($INFO{'adminim'} || $INFO{'action'} eq "imgroups") {
$yymain .= qq~
~;
unless ($pollthread == 2) {
if ($currentboard ne $annboard && $post ne "imsend" && (($iamadmin || $iamgmod || $iammod) && $sessionvalid == 1)) {
$yymain .= qq~
~;
}
if ($action eq "modify" || $action eq "modify2") {
$displayname = qq~$mename~;
} else {
$displayname = ${$uid.$username}{'realname'};
}
require "$templatesdir/$usedisplay/Display.template";
$yymain .= qq~
~;
}
}
sub Preview {
&clear_temp;
my $error = $_[0];
&ToHTML($e);
# allows the following HTML-tags in error messages: $error =~ s/<br( \/)>/
/ig; $error =~ s/<(\/?)b>/<$1b>/ig; $poll_question = $FORM{'question'}; $maxpq ||= 60; $maxpo ||= 50; $maxpc ||= 0; $numpolloptions ||= 8; $vote_limit ||= 0; for (my $i = 1; $i <= $numpolloptions; $i++) { $options[$i] = $FORM{"option$i"}; $options[$i] =~ s/&/&/g; $options[$i] =~ s/"/"/g; $options[$i] =~ s/<//g; &FromChars($options[$i]); $convertstr = $options[$i]; $convertcut = $maxpo; &CountChars; $options[$i] = $convertstr; $options[$i] =~ s/"/"/g; $options[$i] =~ s//>/g; &ToChars($options[$i]); } $guest_vote = $FORM{'guest_vote'}; $hide_results = $FORM{'hide_results'}; $multi_choice = $FORM{'multi_choice'}; $poll_comment = $FORM{'poll_comment'}; $vote_limit = $FORM{'vote_limit'}; $pollthread = $FORM{'pollthread'} || 0; $poll_question =~ s/&/&/g; $poll_question =~ s/"/"/g; $poll_question =~ s/<//g; &FromChars($poll_question); $convertstr = $poll_question; $convertcut = $maxpq; &CountChars; $poll_question = $convertstr; $poll_question =~ s/"/"/g; $poll_question =~ s//>/g; &ToChars($poll_question); $name = $FORM{'name'}; $email = $FORM{'email'}; $sub = $FORM{'subject'}; $FORM{'message'} =~ s~\r~~g; $mess = $FORM{'message'}; $message = $FORM{'message'}; $icon = $FORM{'icon'}; $ns = $FORM{'ns'}; $threadid = $FORM{'threadid'}; $notify = $FORM{'notify'}; $postid = $FORM{'postid'}; if (!$sub && $pollthread != 2) { $error = $post_txt{'77'}; } $sub =~ s/[\r\n]//g; my $testsub = $sub; $testsub =~ s/\ //g; $testsub =~ s/ //g; $sub =~ s/&/&/g; $sub =~ s/"/"/g; $sub =~ s/<//g; &FromChars($sub); $convertstr = $sub; $convertcut = 50; &CountChars; $sub = $convertstr; $sub =~ s/"/"/g; $sub =~ s//>/g; my $testmessage = $mess; $testmessage =~ s/[\r\n\ ]//g; $testmessage =~ s/\ //g; $testmessage =~ s~\[table\].*?\[tr\].*?\[td\]~~g; $testmessage =~ s~\[/td\].*?\[/tr\].*?\[/table\]~~g; $testmessage =~ s/\[.*?\]//g; if ($testmessage eq "" && $mess ne "" && $pollthread != 2) { fatal_error("$maintxt{'2'} $testmessage"); } $message =~ s/\cM//g; $message =~ s~\[([^\]]{0,30})\n([^\]]{0,30})\]~\[$1$2\]~g; $message =~ s~\[/([^\]]{0,30})\n([^\]]{0,30})\]~\[/$1$2\]~g; # $message =~ s~(\w+://[^<>\s\n\"\]\[]+)\n([^<>\s\n\"\]\[]+)~$1$2~g; &FromChars($message); &ToHTML($message); $message =~ s/\t/ \ \ \ /g; $message =~ s/\n/
/g; $message =~ s/([\000-\x09\x0b\x0c\x0e-\x1f\x7f])/\x0d/g; &CheckIcon; if ($icon eq "xx") { $ic1 = " selected=\"selected\" "; } elsif ($icon eq "thumbup") { $ic2 = " selected=\"selected\" "; } elsif ($icon eq "thumbdown") { $ic3 = " selected=\"selected\" "; } elsif ($icon eq "exclamation") { $ic4 = " selected=\"selected\" "; } elsif ($icon eq "question") { $ic5 = " selected=\"selected\" "; } elsif ($icon eq "lamp") { $ic6 = " selected=\"selected\" "; } elsif ($icon eq "smiley") { $ic7 = " selected=\"selected\" "; } elsif ($icon eq "angry") { $ic8 = " selected=\"selected\" "; } elsif ($icon eq "cheesy") { $ic9 = " selected=\"selected\" "; } elsif ($icon eq "grin") { $ic10 = " selected=\"selected\" "; } elsif ($icon eq "sad") { $ic11 = " selected=\"selected\" "; } elsif ($icon eq "wink") { $ic12 = " selected=\"selected\" "; } $name_field = $realname eq '' ? qq~
|
$csubject
|
~; $message = $mess; &FromChars($message); &ToHTML($message); if ($error) { $csubject = $error; } $yytitle = "$post_txt{'507'} - $csubject"; $settofield = "message"; $postthread = 2; &MessageTotals("load", $threadid); &Postpage; &template; exit; } sub Post2 { if ($iamguest && $enable_guestposting == 0) { &fatal_error($post_txt{'165'}); } my ($email, $ns, $notify, @memberlist, $i, $realname, $membername, $testname, @reserve, @reservecfg, $matchword, $matchcase, $matchuser, $matchname, $namecheck, $reserved, $reservecheck, @messages, $mnum, $msub, $mname, $memail, $mdate, $musername, $micon, $mstate, $pageindex, $tempname); &BoardTotals("load", $currentboard); # If poster is a Guest then evaluate the legality of name and email if (!${$uid.$username}{'email'}) { $FORM{'name'} =~ s/\A\s+//; $FORM{'name'} =~ s/\s+\Z//; &Preview($post_txt{'75'}) unless ($FORM{'name'} ne '' && $FORM{'name'} ne '_' && $FORM{'name'} ne ' '); &Preview($post_txt{'568'}) if (length($FORM{'name'}) > 25); &Preview("$post_txt{'76'}") if ($FORM{'email'} eq ''); &Preview("$post_txt{'240'} $post_txt{'69'} $post_txt{'241'}") if ($FORM{'email'} !~ /[\w\-\.\+]+\@[\w\-\.\+]+\.(\w{2,4}$)/); &Preview("$post_txt{'500'}") if (($FORM{'email'} =~ /(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)|(\.$)/) || ($FORM{'email'} !~ /^.+@\[?(\w|[-.])+\.[a-zA-Z]{2,4}|[0-9]{1,4}\]?$/)); } # Get the form values $name = $FORM{'name'}; $email = $FORM{'email'}; $subject = $FORM{'subject'}; $message = $FORM{'message'}; $icon = $FORM{'icon'}; $ns = $FORM{'ns'}; $ann = $FORM{'ann'}; $threadid = $FORM{'threadid'}; $pollthread = $FORM{'pollthread'} || 0; if ($threadid =~ /\D/) { &fatal_error($post_txt{'337'}); } $notify = $FORM{'notify'}; $thestatus = $FORM{'topicstatus'}; $thestatus =~ s/\, //g; # Permission checks for posting. if (!$threadid) { # Check for ability to post new threads unless (&AccessCheck($currentboard, 1) eq "granted" || $pollthread) { &fatal_error("$post_txt{'803'}"); } } else { # Check for ability to reply to threads unless (&AccessCheck($currentboard, 2) eq "granted") { &fatal_error("$post_txt{'804'}"); } } if ($pollthread) { # Check for ability to post polls unless (&AccessCheck($currentboard, 3) eq "granted") { &fatal_error("$post_txt{'805'}"); } } if ($FORM{'file'}) { # Check for ability to post attachments unless (&AccessCheck($currentboard, 4) eq "granted") { &fatal_error("$post_txt{'806'}"); } } # End Permission Checks if ($name && $email) { &ToHTML($name); $email =~ s/\|//g; &ToHTML($email); $tempname = $name; $name =~ s/\_/ /g; } &Preview($post_txt{'75'}) unless ($username || $name); &Preview($post_txt{'76'}) unless (${$uid.$username}{'email'} || $email); if ($pollthread != 2) { # If user is NOT adding a Poll to an existing thread &Preview unless ($subject && $subject !~ m~\A[\s_.,]+\Z~); &Preview($post_txt{'78'}) unless ($message); # Check Message Length Precisely $mess_len = $message; $mess_len =~ s/[\r\n]//g; if (length($mess_len) > $MaxMessLen) { &Preview($post_txt{'536'} . " " . (length($mess_len) - $MaxMessLen) . " " . $post_txt{'537'}); } if ($FORM{'preview'}) { &Preview; } &spam_protection; my $testsub = $subject; $testsub =~ s/[\r\n\ ]//g; $testsub =~ s/\ //g; $testsub =~ s/ //g; if ($testsub eq "" && $pollthread != 2) { fatal_error("$maintxt{'2'} $testsub"); } my $testmessage = $message; $testmessage =~ s/[\r\n\ ]//g; $testmessage =~ s/\ //g; $testmessage =~ s~\[table\].*?\[tr\].*?\[td\]~~g; $testmessage =~ s~\[/td\].*?\[/tr\].*?\[/table\]~~g; $testmessage =~ s/\[.*?\]//g; if ($testmessage eq "" && $message ne "" && $pollthread != 2) { fatal_error("$maintxt{'2'} $testmessage"); } $subject =~ s/&/&/g; $subject =~ s/"/"/g; $subject =~ s/<//g; &FromChars($subject); $convertstr = $subject; $convertcut = 50; &CountChars; $subject = $convertstr; $subject =~ s/"/"/g; $subject =~ s//>/g; $subject =~ s/[\r\n]//g; $doadsubject = $subject; $message =~ s/\cM//g; $message =~ s~\[([^\]]{0,30})\n([^\]]{0,30})\]~\[$1$2\]~g; $message =~ s~\[/([^\]]{0,30})\n([^\]]{0,30})\]~\[/$1$2\]~g; $message =~ s~(\w+://[^<>\s\n\"\]\[]+)\n([^<>\s\n\"\]\[]+)~$1\n$2~g; &FromChars($message); &ToHTML($message); $message =~ s~\t~ \ \ \ ~g; $message =~ s~\n~
~g; $message =~ s/([\000-\x09\x0b\x0c\x0e-\x1f\x7f])/\x0d/g; &CheckIcon; if (-e ("$datadir/.txt")) { unlink("$datadir/.txt"); } } # end if if (!$iamguest) { # If not guest, get name and email. $name = ${$uid.$username}{'realname'}; $email = ${$uid.$username}{'email'}; } else { # If user is Guest, then make sure the chosen name # is not reserved or used by a member. fopen(FILE, "$memberdir/memberlist.txt") || &fatal_error("206 $post_txt{'106'}: $post_txt{'23'} $memberlist.txt", 1); @memberlist =
~g; $poll_comment =~ s~\r~~g; push @poll_data, qq~$FORM{"question"}|0|$username|$name|$email|$date|$guest_vote|$hide_results|$multi_choice|||$poll_comment|$vote_limit\n~; for ($i = 1; $i <= $numpolloptions; $i++) { if ($FORM{"option$i"}) { $FORM{"option$i"} =~ s/\ / /g; $testspaces = $FORM{"option$i"}; $testspaces =~ s/[\r\n\ ]//g; $testspaces =~ s/\ //g; $testspaces =~ s~\[table\].*?\[tr\].*?\[td\]~~g; $testspaces =~ s~\[/td\].*?\[/tr\].*?\[/table\]~~g; $testspaces =~ s/\[.*?\]//g; if (length($testspaces) == 0 && length($FORM{"option$i"}) > 0) { fatal_error("$maintxt{'2'} $testmessage"); } $FORM{"option$i"} =~ s/&/&/g; $FORM{"option$i"} =~ s/"/"/g; $FORM{"option$i"} =~ s/<//g; &FromChars($FORM{"option$i"}); $convertstr = $FORM{"option$i"}; $convertcut = $maxpo; &CountChars; $FORM{"option$i"} = $convertstr; $FORM{"option$i"} =~ s/"/"/g; $FORM{"option$i"} =~ s//>/g; if ($cliped) { &Preview("$post_polltxt{'7'} $i $post_polltxt{'34a'} $maxpo $post_polltxt{'34b'} $post_polltxt{'36'}"); } &ToHTML($FORM{"option$i"}); $numcount++; push @poll_data, qq~0|$FORM{"option$i"}\n~; } } unless ($FORM{"question"}) { &Preview("$post_polltxt{'37'}"); } if ($numcount < 2) { &Preview("$post_polltxt{'38'}"); } } } ################# # Multiple FA, Norfolklights.com ##################; my $query = new CGI; my @filelist = (); for ($y=1;$y<=$globalimagecount;++$y) { $file = $query->param("file$y"); if ($file ne "") { $OS = $^O; # operating system name if ($OS =~ /darwin/i) { $isUNIX = 1; } elsif ($OS =~ /win/i) { $isWIN = 1; } else { $isUNIX = 1; } $mylimit = 1024 * $limit; $mydirlimit = 1024 * $dirlimit; $fixfile = $file; $fixfile =~ s/.+\\([^\\]+)$|.+\/([^\/]+)$/$1/; $fixfile =~ s/[\(\)\$#%+,\/:?"<>'\*\;|@^!]//g; # edit in between [ ] to include characters you dont want #to allow in filenames (dont put a . there or you wont be able to get any file extensions). $fixfile =~ s/ /_/g; # replaces spaces in filenames with a "_" character. $fixfile =~ s/&//g; # replaces ampersands with nothing. $fixfile =~ s/\+//g; # replaces + with nothing $fixfile =~ s~[^/\\0-9A-Za-z#%+\,\-\ \.\:@^_]~~g; # Remove all inappropriate characters. # replace . with _ in the filename except for the extension $fixname = $fixfile; $fixname =~ s/(\S+)(\.\S+\Z)/$1/gi; $fixext = $2; $fixext =~ s/(pl|cgi|php)/_$1/gi; $fixname =~ s/\./\_/g; $fixfile = qq~$fixname$fixext~; if ($overwrite == 2 && (-e "$uploaddir/$fixfile")) { &fatal_error("$fatxt{'8'}"); } if (!$overwrite) { $fixfile = check_existence($uploaddir, $fixfile); } if ($checkext == 0) { $match = 1; } else { foreach $ext (@ext) { chomp($ext); if (grep /$ext$/i, $fixfile) { $match = 1; last; } } } if ($match) { if ($allowattach == 1 && (($allowguestattach == 0 && $username ne 'Guest') || $allowguestattach == 1)) { $upload_okay = 1; } } else { &Preview("
$fatxt{'20'} @ext ($fixfile)") } if ($mydirlimit > 0) { &dirstats; } $filesize = $ENV{'CONTENT_LENGTH'} - $postsize; $filesizekb = int($filesize / 1024); if ($filesize > $mylimit && $mylimit != 0) { $filesizediff = $filesizekb - $limit; if ($filesizediff == 1) { $sizevar = "kilobyte"; } else { $sizevar = "kilobytes"; } &Preview("
$fatxt{'21'} $filesizediff $sizevar $fatxt{'21b'}") } elsif ($filesize > $spaceleft && $mydirlimit != 0) { $filesizediff = $filesizekb - $kbspaceleft; if ($filesizediff == 1) { $sizevar = "kilobyte"; } else { $sizevar = "kilobytes"; } &Preview("
$fatxt{'22'} $filesizediff $sizevar $fatxt{'22b'}"); } if ($upload_okay == 1) { # create a new file on the server using the formatted ( new instance ) filename $upload_filehandle = $query->upload("file$y"); open UPLOADFILE, ">$uploaddir/$fixfile"; binmode UPLOADFILE; while ( <$upload_filehandle> ) { print UPLOADFILE; } close UPLOADFILE; } # check if file has actually been uploaded, by checking the file has a size if (-s "$uploaddir/$fixfile") { $upload_ok = 1; } else { # delete every file that has been uploaded foreach (@filelist) { unlink("$uploaddir/$_"); } &fatal_error("$fatxt{'59'} $uploaddir/$fixfile"); } if ($fixfile =~ /(jpg|gif|png|jpeg)$/i) { $okatt = 1; if ($fixfile =~ /(gif)$/i) { fopen(ATTFILE, "$uploaddir/$fixfile"); read(ATTFILE, $header, 10); ($giftest, undef, undef, undef, undef, undef) = unpack("a3a3C4", $header); fclose(ATTFILE); if ($giftest ne "GIF") { $okatt = 0; } } fopen(ATTFILE, "$uploaddir/$fixfile"); while ( read(ATTFILE, $buffer, 1024) ) { if ($buffer =~ /\; truncate FILE, 0; seek FILE, 0, 0; print FILE qq~$newthreadid|$subject|$name|$email|$date|0|$username|$icon|$mstate\n~; print FILE @buffer; fclose(FILE); fopen(FILE, ">$datadir/$newthreadid.txt") || &write_error("$post_txt{'23'} $newthreadid.txt", 1); print FILE qq~$subject|$name|$email|$date|$username|$icon|0|$user_ip|$message|$ns|||$fixfile\n~; fclose(FILE); $mreplies = 0; if ($file) { fopen(AMP, ">>$vardir/attachments.txt") || &write_error("209 $txt{'106'}: $txt{'23'} $vardir/attachments.txt"); print AMP qq~$newthreadid|$mreplies|$subject|$name|$currentboard|$filesizekb|$date|$fixfile\n~; fclose(AMP); } if ($pollthread) { # Save Poll data for new thread fopen(POLL, ">$datadir/$newthreadid.poll"); print POLL @poll_data; fclose(POLL); } ## write the ctb file for the new thread ${$newthreadid}{'board'} = $currentboard; ${$newthreadid}{'replies'} = 0; ${$newthreadid}{'views'} = 0; ${$newthreadid}{'lastposter'} = $iamguest ? qq~Guest-$name~ : $username; ${$newthreadid}{'lastpostdate'} = "$newthreadid"; ${$newthreadid}{'threadstatus'} = "$mstate"; &MessageTotals("update", $newthreadid); if (-e "$boardsdir/$currentboard.mail") { &NewNotify($newthreadid, $subject); } } else { # This is an old thread. Save it. # first load the current ctb info on this existing thread. &MessageTotals("load", $threadid); # Check if thread has moved. And do necessary access check if ("${$threadid}{'board'}" ne "$currentboard") { unless (&AccessCheck(${$threadid}{'board'}, 2) eq "granted") { &fatal_error("$post_txt{'804'}"); } # Thread has moved, but we can still post # the current board is now the new board. $currentboard = ${$threadid}{'board'}; } if ($pollthread) { # Save new Poll data fopen(POLL, ">$datadir/$threadid.poll"); print POLL @poll_data; fclose(POLL); $yySetLocation = qq~$scripturl?num=$threadid~; &redirectexit; } else { # or save new reply data ($mnum, $msub, $mname, $memail, $mdate, $mreplies, $musername, $micon, $mstate) = split(/\|/, $yyThreadLine); $mreplies = ${$threadid}{'replies'}; if ($mstate =~ /l/i) { &fatal_error($post_txt{'90'}); } $mstate = "0$thestatus"; if ($currentboard eq $annboard && $mstate !~ /a/i) { $mstate = "0a"; } $mreplies++; fopen(BOARDFILE, "+<$boardsdir/$currentboard.txt", 1) || &write_error("211 $post_txt{'106'}: $post_txt{'23'} $currentboard.txt", 1); seek BOARDFILE, 0, 0; my @buffer =
| ~; $showall = qq~$post_cutts{'3'}~; unless (@messages <= $cutamount) { $showall .= qq~ $post_cutts{'3a'} $post_cutts{'4'} $post_cutts{'5'} ~; } if ($INFO{'showall'} ne '' || $cutamount eq "all") { $origcutamount = $cutamount; $cutamount = 'all'; $showall = qq~$post_cutts{'3'} $post_cutts{'3a'} $post_cutts{'4'} $post_cutts{'6'} ~; } $yymain .= qq~ $post_txt{'468'} - $post_cutts{'2'} $cutamount $showall | |
| $post_txt{'279'}: $displaynamelink | $post_txt{'280'}: $tempdate |
|
$message
| |