Mình nhâkp cả tá ký tự vô rồi. Nhưng nó vẫn báo lỗi. Ae xem giúp.
Không tạo được bài viết diễn đàn.
6 bài đăng
27.05.2017 / 11:08
Bài đăng: 966
Member
27.05.2017 / 11:13
Bài đăng: 2643
Trùm!
Vẫn là A N H
Cái này do code thôi. post file say.php xem nào
27.05.2017 / 11:20
Bài đăng: 966
Member
27.05.2017 / 11:21
Bài đăng: 966
Member
PHP
<?php /** * @package JohnCMS * @link http://johncms.com * @copyright Copyright (C) 2008-2011 JohnCMS Community * @license LICENSE.txt (see attached file) * @version VERSION.txt (see attached file) * @author http://johncms.com/about */ defined('_IN_JOHNCMS') or die('Error: restricted access'); /* ----------------------------------------------------------------- Закрываем доступ для определенных ситуаций ----------------------------------------------------------------- */ if (!$id || !$user_id || isset($ban['1']) || isset($ban['11']) || (!core::$user_rights && $set['mod_forum'] == 3)) { require('../incfiles/head.php'); echo functions::display_error($lng['access_forbidden']); require('../incfiles/end.php'); exit; } /* ----------------------------------------------------------------- Вспомогательная Функция обработки ссылок форума ----------------------------------------------------------------- */ function forum_link($m) { global $set; if (!isset($m[3])) { return '[url=' . $m[1] . ']' . $m[2] . '[/url]'; } else { $p = parse_url($m[3]); if ('http://' . $p['host'] . (isset($p['path']) ? $p['path'] : '') . '?id=' == $set['homeurl'] . '/forum/index.php?id=') { $thid = abs(intval(preg_replace('/(.*?)id=/si', '', $m[3]))); $req = mysql_query("SELECT `text` FROM `forum` WHERE `id`= '$thid' AND `type` = 't' AND `close` != '1'"); if (mysql_num_rows($req) > 0) { $res = mysql_fetch_array($req); $name = strtr($res['text'], array( '"' => '', '&' => '', '<' => '', '>' => '', ''' => '', '[' => '', ']' => '' )); if (mb_strlen($name) > 40) $name = mb_substr($name, 0, 40) . '...'; return '[url=' . $m[3] . ']' . $name . '[/url]'; } else { return $m[3]; } } else return $m[3]; } } // Проверка на флуд $flood = functions::antiflood(); if ($flood) { require('../incfiles/head.php'); echo functions::display_error($lng['error_flood'] . ' ' . $flood . $lng['sec'], '<a href="index.php?id=' . $id . '&start=' . $start . '">' . $lng['back'] . '</a>'); require('../incfiles/end.php'); exit; } $headmod = 'forum,' . $id . ',1'; if ($parser->knownbrowser) { if ($parser->browsername) { $agn1 = $parser->browsername; }else{ $agn1 = $parser->fullname; } }else{ $agn1 = strtok($agn, ' '); } $type = mysql_query("SELECT * FROM `forum` WHERE `id` = '$id'"); $type1 = mysql_fetch_assoc($type); switch ($type1['type']) { case 't': /* ----------------------------------------------------------------- Добавление простого сообщения ----------------------------------------------------------------- */ if (($type1['edit'] == 1 || $type1['close'] == 1) && $rights < 7) { // Проверка, закрыта ли тема require('../incfiles/head.php'); echo functions::display_error($lng_forum['error_topic_closed'], '<a href="/forum/' . $id . '/'.$type1['seo'].'.html">' . $lng['back'] . '</a>'); require('../incfiles/end.php'); exit; } $msg = isset($_POST['msg']) ? functions::checkin(trim($_POST['msg'])) : ''; $tagtv = isset($_POST['msg']) ? functions::checkin(trim($_POST['msg'])) : ''; if (isset($_POST['msgtrans'])) $msg = functions::trans($msg); //Обрабатываем ссылки $msg = preg_replace_callback('~\\[url=(http://.+?)\\](.+?)\\[/url\\]|(http://(www.)?[0-9a-zA-Z\.-]+\.[0-9a-zA-Z]{2,6}[0-9a-zA-Z/\?\.\~&_=/%-:#]*)~', 'forum_link', $msg); $msg = functions::Auto_Link_IMG($msg); if (isset($_POST['submit']) && !empty($_POST['msg']) && isset($_POST['token']) && isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token'] ) { // Проверяем на минимальную длину if (mb_strlen($msg) < 4) { require('../incfiles/head.php'); echo functions::display_error($lng['error_message_short'], '<a href="index.php?id=' . $id . '">' . $lng['back'] . '</a>'); require('../incfiles/end.php'); exit; } // Проверяем, не повторяется ли сообщение? $req = mysql_query("SELECT * FROM `forum` WHERE `user_id` = '$user_id' AND `type` = 'm' ORDER BY `time` DESC"); if (mysql_num_rows($req) > 0) { $res = mysql_fetch_array($req); if ($msg == $res['text']) { require('../incfiles/head.php'); echo functions::display_error($lng['error_message_exists'], '<a href="index.php?id=' . $id . '&start=' . $start . '">' . $lng['back'] . '</a>'); require('../incfiles/end.php'); exit; } } // Удаляем фильтр, если он был if (isset($_SESSION['fsort_id']) && $_SESSION['fsort_id'] == $id) { unset($_SESSION['fsort_id']); unset($_SESSION['fsort_users']); } unset($_SESSION['token']); // Добавляем сообщение в базу mysql_query("INSERT INTO `forum` SET `refid` = '$id', `type` = 'm' , `time` = '" . time() . "', `user_id` = '$user_id', `from` = '$login', `ip` = '" . core::$ip . "', `ip_via_proxy` = '" . core::$ip_via_proxy . "', `soft` = '" . mysql_real_escape_string($agn1) . "', `text` = '" . mysql_real_escape_string($msg) . "', `edit` = '', `curators` = '' "); $fadd = mysql_insert_id(); // Обновляем время топика mysql_query("UPDATE `forum` SET `time` = '" . time() . "' WHERE `id` = '$id' "); // Обновляем статистику юзера mysql_query("UPDATE `users` SET `postforum`='" . ($datauser['postforum'] + 1) . "', `VND`='" . ($datauser['VND'] + 5) . "', `lastpost` = '" . time() . "' WHERE `id` = '$user_id' "); ////mod thong bao trich dan $tong=mysql_result(mysql_query("select count(*) from forum where refid = '{$th}' and type='m' order by time desc"),0); $topic=mysql_fetch_array(mysql_query("select * from forum where refid='{$th}' and type='m' order by time asc limit 1")); $sotrang=ceil($tong/$kmess); mysql_query("INSERT INTO `thongbao` SET `id_from`='".$user_id."', `id_to` = '".$type1['user_id']."', `hanhdong`='0', `id_forum`='".$th."', `text` = '".$sotrang."|".$fadd."', `type`='f', `time` = '" . time() . "' "); /////ket thuc thong bao trich dan // Вычисляем, на какую страницу попадает добавляемый пост $page = $set_forum['upfp'] ? 1 : ceil(mysql_result(mysql_query("SELECT COUNT(*) FROM `forum` WHERE `type` = 'm' AND `refid` = '$id'" . ($rights >= 7 ? '' : " AND `close` != '1'")), 0) / $kmess); if (isset($_POST['addfiles'])) { header("Location: index.php?id=$fadd&act=addfile"); } else { header('Location: /forum/'.$id.'/'.$type1['seo'].'_p'.$page.'.html#post'.$fadd.''); } exit; } else { require('../incfiles/head.php'); if ($datauser['postforum'] == 0) { if (!isset($_GET['yes'])) { $lng_faq = core::load_lng('faq'); echo '<p>' . $lng_faq['forum_rules_text'] . '</p>' . '<p><a href="index.php?act=say&id=' . $id . '&yes">' . $lng_forum['agree'] . '</a> | ' . '<a href="/forum/'.$id.'/'.$type1['seo'].'.html">' . $lng_forum['not_agree'] . '</a></p>'; require('../incfiles/end.php'); exit; } } $msg_pre = functions::checkout($msg, 1, 1); if ($set_user['smileys']) { $msg_pre = functions::smileys($msg_pre, $datauser['rights'] ? 1 : 0); } $msg_pre = preg_replace('#\[c\](.*?)\[/c\]#si', '<div class="quote">\1</div>', $msg_pre); echo '<div class="phdr"><b>' . $lng_forum['topic'] . ':</b> ' . $type1['text'] . '</div>'; if ($msg && !isset($_POST['submit'])) { echo '<div class="list1">' . functions::display_user($datauser, array('iphide' => 1, 'header' => '<span class="gray">(' . functions::display_date(time()) . ')</span>', 'body' => $msg_pre)) . '</div>'; } echo '<form name="form" action="index.php?act=say&id=' . $id . '&start=' . $start . '" method="post"><div class="gmenu">' . '<p><h3>' . $lng_forum['post'] . '</h3>'; echo '</p><p>' . bbcode::auto_bb('form', 'msg'); echo '<textarea rows="' . $set_user['field_h'] . '" name="msg">' . (empty($_POST['msg']) ? '' : functions::checkout($msg)) . '</textarea></p>' . '<p><input type="checkbox" name="addfiles" value="1" ' . (isset($_POST['addfiles']) ? 'checked="checked" ' : '') . '/> ' . $lng_forum['add_file']; if ($set_user['translit']) { echo '<br /><input type="checkbox" name="msgtrans" value="1" ' . (isset($_POST['msgtrans']) ? 'checked="checked" ' : '') . '/> ' . $lng['translit']; } $token = mt_rand(1000, 100000); $_SESSION['token'] = $token; echo '</p><p>' . '<input type="submit" name="submit" value="' . $lng['sent'] . '" style="width: 107px; cursor: pointer"/> ' . ($set_forum['preview'] ? '<input type="submit" value="' . $lng['preview'] . '" style="width: 107px; cursor: pointer"/>' : '') . '<input type="hidden" name="token" value="' . $token . '"/>' . '</p></div></form>'; } echo '<div class="phdr"><a href="../pages/faq.php?act=trans">' . $lng['translit'] . '</a> | ' . '<a href="../pages/faq.php?act=smileys">' . $lng['smileys'] . '</a></div>' . '<p><a href="/forum/' . $id . '/'.$type1['seo'].'_start' . $start . '.html">' . $lng['back'] . '</a></p>'; break; case 'm': /* ----------------------------------------------------------------- Добавление сообщения с цитированием поста ----------------------------------------------------------------- */ $th = $type1['refid']; $th2 = mysql_query("SELECT * FROM `forum` WHERE `id` = '$th'"); $th1 = mysql_fetch_array($th2); if (($th1['edit'] == 1 || $th1['close'] == 1) && $rights < 7) { require('../incfiles/head.php'); echo functions::display_error($lng_forum['error_topic_closed'], '<a href="/forum/' . $th1['id'] . '/'.$th1['seo'].'.html">' . $lng['back'] . '</a>'); require('../incfiles/end.php'); exit; } if ($type1['user_id'] == $user_id) { require('../incfiles/head.php'); echo functions::display_error('Нельзя отвечать на свое же сообщение', '<a href="/forum/' . $th1['id'] . '/'.$th1['seo'].'.html">' . $lng['back'] . '</a>'); require('../incfiles/end.php'); exit; } $shift = (core::$system_set['timeshift'] + core::$user_set['timeshift']) * 3600; $vr = date("d.m.Y / H:i", $type1['time'] + $shift); $msg = isset($_POST['msg']) ? functions::checkin(trim($_POST['msg'])) : ''; $tagtv = isset($_POST['msg']) ? functions::checkin(trim($_POST['msg'])) : ''; $txt = isset($_POST['txt']) ? intval($_POST['txt']) : FALSE; if (isset($_POST['msgtrans'])) { $msg = functions::trans($msg); } if (!empty($_POST['citata'])) { // Если была цитата, форматируем ее и обрабатываем $citata = isset($_POST['citata']) ? trim($_POST['citata']) : ''; $citata = bbcode::notags($citata); $citata = preg_replace('#\[c\](.*?)\[/c\]#si', '', $citata); $citata = mb_substr($citata, 0, 200); $tp = date("d.m.Y H:i", $type1['time']); $msg = '[c][url=' . $home . '/forum/index.php?act=post&id=' . $type1['id'] . ']#[/url] ' . $type1['from'] . ' ([time]' . $tp . "[/time])\n" . $citata . '[/c]' . $msg; } elseif (isset($_POST['txt'])) { // Если был ответ, обрабатываем реплику switch ($txt) { case 2: $repl = $type1['from'] . ', ' . $lng_forum['reply_1'] . ', '; break; case 3: $repl = $type1['from'] . ', ' . $lng_forum['reply_2'] . ' ([url=' . $set['homeurl'] . '/forum/post-' . $type1['id'] . '.html]' . $vr . '[/url]) ' . $lng_forum['reply_3'] . ', '; break; case 4: $repl = $type1['from'] . ', ' . $lng_forum['reply_4'] . ' '; break; default : $repl = $type1['from'] . ', '; } $msg = $repl . ' ' . $msg; } //Обрабатываем ссылки $msg = preg_replace_callback('~\\[url=(http://.+?)\\](.+?)\\[/url\\]|(http://(www.)?[0-9a-zA-Z\.-]+\.[0-9a-zA-Z]{2,6}[0-9a-zA-Z/\?\.\~&_=/%-:#]*)~', 'forum_link', $msg); if (isset($_POST['submit']) && isset($_POST['token']) && isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token'] ) { if (empty($_POST['msg'])) { require('../incfiles/head.php'); echo functions::display_error($lng['error_empty_message'], '<a href="index.php?act=say&id=' . $th . (isset($_GET['cyt']) ? '&cyt' : '') . '">' . $lng['repeat'] . '</a>'); require('../incfiles/end.php'); exit; } // Проверяем на минимальную длину if (mb_strlen($msg) < 4) { require('../incfiles/head.php'); echo functions::display_error($lng['error_message_short'], '<a href="/forum/' . $id . '/'.$type1['seo'].'.html">' . $lng['back'] . '</a>'); require('../incfiles/end.php'); exit; } // Проверяем, не повторяется ли сообщение? $req = mysql_query("SELECT * FROM `forum` WHERE `user_id` = '$user_id' AND `type` = 'm' ORDER BY `time` DESC LIMIT 1"); if (mysql_num_rows($req) > 0) { $res = mysql_fetch_array($req); if ($msg == $res['text']) { require('../incfiles/head.php'); echo functions::display_error($lng['error_message_exists'], '<a href="/forum/' . $th . '/'.$th1['seo'].'_start' . $start . '.html">' . $lng['back'] . '</a>'); require('../incfiles/end.php'); exit; } } // Удаляем фильтр, если он был if (isset($_SESSION['fsort_id']) && $_SESSION['fsort_id'] == $th) { unset($_SESSION['fsort_id']); unset($_SESSION['fsort_users']); } unset($_SESSION['token']); // Добавляем сообщение в базу mysql_query("INSERT INTO `forum` SET `refid` = '$th', `type` = 'm', `time` = '" . time() . "', `user_id` = '$user_id', `from` = '$login', `ip` = '" . core::$ip . "', `ip_via_proxy` = '" . core::$ip_via_proxy . "', `soft` = '" . mysql_real_escape_string($agn1) . "', `text` = '" . mysql_real_escape_string($msg) . "', `edit` = '', `curators` = '' "); ///mod tag thanh vien if(preg_match('#@([\w\d]{2,})#si',$tagtv)){ preg_match_all('#@([\w\d]{2,})#si',$tagtv,$arr); foreach($arr[1] as $tag){ $db=mysql_fetch_array(mysql_query("select * from users where name='{$tag}'")); if(mysql_num_rows(mysql_query("select * from users where name='{$tag}'"))==0 || $db['id']==$user_id){ } else { $sobai=mysql_result(mysql_query("select count(*) from forum where refid = '{$th}' and type='m' order by time desc"),0); $sopage=ceil($sobai/$kmess); mysql_query("INSERT INTO `thongbao` SET `id_from`='".$user_id."', `id_to` = '".$db['id']."', `hanhdong`='2', `id_forum`='".$th."', `text` = '".$sopage."|', `type`='f', `time` = '" . time() . "' "); } } } ///ket thuc mod tag thanh vien $fadd = mysql_insert_id(); // Обновляем время топика mysql_query("UPDATE `forum` SET `time` = '" . time() . "' WHERE `id` = '$th' "); // Обновляем статистику юзера mysql_query("UPDATE `users` SET `postforum`='" . ($datauser['postforum'] + 1) . "', `VND`='" . ($datauser['VND'] + 5) . "', `lastpost` = '" . time() . "' WHERE `id` = '$user_id' "); // Вычисляем, на какую страницу попадает добавляемый пост $page = $set_forum['upfp'] ? 1 : ceil(mysql_result(mysql_query("SELECT COUNT(*) FROM `forum` WHERE `type` = 'm' AND `refid` = '$th'" . ($rights >= 7 ? '' : " AND `close` != '1'")), 0) / $kmess); if (isset($_POST['addfiles'])) { header("Location: index.php?id=$fadd&act=addfile"); } else { header('Location: /forum/'.$th.'/'.$th1['seo'].'_p'.$page.'.html#post'.$fadd.''); } exit; } else { $textl = $lng['forum']; require('../incfiles/head.php'); $qt = " $type1[text]"; if (($datauser['postforum'] == "" || $datauser['postforum'] == 0)) { if (!isset($_GET['yes'])) { $lng_faq = core::load_lng('faq'); echo '<p>' . $lng_faq['forum_rules_text'] . '</p>'; echo '<p><a href="index.php?act=say&id=' . $id . '&yes&cyt">' . $lng_forum['agree'] . '</a> | <a href="index.php?id=' . $type1['refid'] . '">' . $lng_forum['not_agree'] . '</a></p>'; require('../incfiles/end.php'); exit; } } $msg_pre = functions::checkout($msg, 1, 1); if ($set_user['smileys']) { $msg_pre = functions::smileys($msg_pre, $datauser['rights'] ? 1 : 0); } $msg_pre = preg_replace('#\[c\](.*?)\[/c\]#si', '<div class="quote">\1</div>', $msg_pre); echo '<div class="phdr"><b>' . $lng_forum['topic'] . ':</b> ' . $th1['text'] . '</div>'; $qt = str_replace("<br/>", "\r\n", $qt); $qt = trim(preg_replace('#\[c\](.*?)\[/c\]#si', '', $qt)); $qt = functions::checkout($qt, 0, 2); if (!empty($_POST['msg']) && !isset($_POST['submit'])) { echo '<div class="list1">' . functions::display_user($datauser, array('iphide' => 1, 'header' => '<span class="gray">(' . functions::display_date(time()) . ')</span>', 'body' => $msg_pre)) . '</div>'; } echo '<form name="form" action="index.php?act=say&id=' . $id . '&start=' . $start . (isset($_GET['cyt']) ? '&cyt' : '') . '" method="post"><div class="gmenu">'; if (isset($_GET['cyt'])) { // Форма с цитатой echo '<p><b>' . $type1['from'] . '</b> <span class="gray">(' . $vr . ')</span></p>' . '<p><h3>' . $lng_forum['cytate'] . '</h3>' . '<textarea rows="' . $set_user['field_h'] . '" name="citata">' . (empty($_POST['citata']) ? $qt : functions::checkout($_POST['citata'])) . '</textarea>' . '<br /><small>' . $lng_forum['cytate_help'] . '</small></p>'; } else { // Форма с репликой echo '<p><h3>' . $lng_forum['reference'] . '</h3>' . '<input type="radio" value="0" ' . (!$txt ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>,<br />' . '<input type="radio" value="2" ' . ($txt == 2 ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_1'] . ',<br />' . '<input type="radio" value="3" ' . ($txt == 3 ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_2'] . ' (<a href="index.php?act=post&id=' . $type1['id'] . '">' . $vr . '</a>) ' . $lng_forum['reply_3'] . ',<br />' . '<input type="radio" value="4" ' . ($txt == 4 ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_4'] . '</p>'; } echo '<p><h3>' . $lng_forum['post'] . '</h3>'; echo '</p><p>' . bbcode::auto_bb('form', 'msg'); echo '<textarea rows="' . $set_user['field_h'] . '" name="msg">' . (empty($_POST['msg']) ? '' : functions::checkout($_POST['msg'])) . '</textarea></p>' . '<p><input type="checkbox" name="addfiles" value="1" ' . (isset($_POST['addfiles']) ? 'checked="checked" ' : '') . '/> ' . $lng_forum['add_file']; if ($set_user['translit']) { echo '<br /><input type="checkbox" name="msgtrans" value="1" ' . (isset($_POST['msgtrans']) ? 'checked="checked" ' : '') . '/> ' . $lng['translit']; } $token = mt_rand(1000, 100000); $_SESSION['token'] = $token; echo '</p><p><input type="submit" name="submit" value="' . $lng['sent'] . '" style="width: 107px; cursor: pointer;"/> ' . ($set_forum['preview'] ? '<input type="submit" value="' . $lng['preview'] . '" style="width: 107px; cursor: pointer;"/>' : '') . '<input type="hidden" name="token" value="' . $token . '"/>' . '</p></div></form>'; } echo '<div class="phdr"><a href="../pages/faq.php?act=trans">' . $lng['translit'] . '</a> | ' . '<a href="../pages/faq.php?act=smileys">' . $lng['smileys'] . '</a></div>' . '<p><a href="/forum/' . $type1['refid'] . '/' . $th1['seo'] . '_start' . $start . '.html">' . $lng['back'] . '</a></p>'; break; default: require('../incfiles/head.php'); echo functions::display_error($lng_forum['error_topic_deleted'], '<a href="index.html">' . $lng['to_forum'] . '</a>'); require('../incfiles/end.php'); }
Người dùng đã xem (44)
nhox49,
phuongk,
khanh2002hn,
nhoc49,
mcvp9x,
Yaka99,
Zinesking,
adu2002hn,
quality,
DucVuPro,
SangLT,
Poker,
mellody,
Lount,
monaechi,
kimycelove,
popokeen,
Vnhaha,
locga113z,
Buianhduong,
Hgimmortal,
dingyuan,
minhduc,
VazDN,
MnpNgok,
Hoccode,
VinaDP,
hidden,
b0ysh0ckhn,
minhmon2000,
PMTpro,
Tieu.ka,
Jichan,
hanhphucao,
Blomber,
Bkit9x,
Clown,
phongvan,
Closed,
Gamex9x,
Koollzboy,
tnit2510,
manhhung,
MrKen,