root/chat.php

Revision 313, 17.0 kB (checked in by Nafania, 2 years ago)
мелки фиксы. решены следующие тикеты: http://svn.tbdevsz.ru/ticket/5 http://svn.tbdevsz.ru/ticket/17 http://svn.tbdevsz.ru/ticket/22

Line
1	<?php</span>
2	<span class="code-lang">$root_path = './';
3
4	/* trick */
5	$chat_last_msg = ( isset($_REQUEST['chat_last_msg']) ? (int) $_REQUEST['chat_last_msg'] : 0 );
6	$action = ( isset($_REQUEST['action']) ? $_REQUEST['action'] : '' );</span>
7	<span class="code-lang">
8	if ( $chat_last_msg && $action != 'add' ) {
9	$chat_last_msg_stored = @file_get_contents($root_path . 'cache/chat_last_msg');
10	if ( $chat_last_msg == $chat_last_msg_stored ) {
11	exit('ok');
12	}
13
14	}
15	/* */
16
17	require ($root_path . 'include/config.php');</span>
18	<span class="code-keyword">require ($root_path . 'include/bbcode/bbcode.lib.php');
19	require ($root_path . 'include/functions_post.php');
20
21	$userdata = session_pagestart($user_ip, true);
22	init_userprefs($userdata);
23	loggedinorreturn();
24	check_ban(BAN_CHAT);
25
26	$chat_last_msg = request_var('chat_last_msg', 0);
27	$action = request_var('action', '');
28	$data = array();
29	$user_is_mod = ( $userdata['class'] >= UC_MODERATOR );</span>
30	<span class="code-lang">
31	function parse_chat_comm ( &$msg_data ) {
32	global $userdata, $theme, $db, $seo, $lang, $root_path, $cache;
33	global $action;
34	static $bb_code;
35
36	if ( !isset($bb_code) ) {
37	$bb_code = new bbcode();
38	}
39
40	$msg = $msg_data['message'];
41	$msg_data['className'] = 'row1';
42
43	if ( strpos($msg, '/') === 0 ) {
44	$textParts = explode(' ', $msg);
45	if ( !isset($textParts[0]) ) {
46	return false;
47	}
48	//it's a command
49	$is_owner = false;
50	if ( $msg_data['uid'] == $userdata['uid'] ) {
51	$is_owner = true;
52	}
53
54	switch( $textParts[0] ) {
55	case '/private':
56	$to_username = ( !empty($textParts[1]) ? $textParts[1] : '' );
57	unset($textParts[0], $textParts[1]);
58
59	if ( $is_owner \|\| $action == 'view_logs' ) {
60	if ( !$to_username ) {
61	$msg = '[i]' . $lang['invalid_receiver_name'] . '[/i] ';
62	}
63	else {
64	$msg = '[i]' . $lang['private_message_for'] . ' ' . $to_username . ':[/i] ';
65	}
66	}
67	elseif ( $to_username == $userdata['name'] ) {
68	$msg = '[i]' . $lang['private_message_from'] . ' ' . $msg_data['username'] . ':[/i] ';
69	}
70	else {
71	return false;
72	}
73	$msg_data['message'] = implode(' ', $textParts);
74	$msg .= $msg_data['message'];
75	$bb_code->parse($msg);
76	$msg_data['message'] = $bb_code->get_html();
77	$msg_data['message'] = censor_text($msg_data['message']);
78	$msg_data['className'] .= ' private';
79	return;
80	break;
81
82	case '/delete':
83	$msg_id = (int) ( !empty($textParts[1]) ? $textParts[1] : '' );
84	if ( !$msg_id ) {
85	return false;
86	}
87
88	$msg_data['message'] = '/delete ' . $msg_id;
89	return;
90	break;
91
92	case '/search':
93	unset($textParts[0]);
94	$search_str = implode(' ', $textParts);
95	if ( !$search_str \|\| utf_strlen($search_str) < 3 ) {
96	return false;
97	}
98
99	unset($textParts[0]);
100	$search_str = implode(' ', $textParts);
101
102	$sql = 'SELECT fid, name, category
103	FROM ' . TORRENTS_TABLE . '
104	WHERE banned = 0
105	AND hidden = 0
106	AND moderated = 1
107	AND name LIKE \'%' . $search_str . '%\'
108	ORDER BY ctime DESC';
109	$result = $db->sql_query_limit($sql, 10);
110
111	if ( $row = $db->sql_fetchrow($result) ) {
112	$found_str = '';
113
114	do {
115	// www.phpBB-SEO.com SEO TOOLKIT BEGIN
116	$seo->set_torrent_url($row['fid'], $row['name'], $row['category']);
117	// www.phpBB-SEO.com SEO TOOLKIT END
118
119	$found_str .= ( $found_str ? ', ' : '' ) . '<a href="'. append_sid($root_path . 'details.php?id=' . $row['fid']) . '" target="_blank">' . censor_text($row['name']) . '</a>';
120	}
121	while( $row = $db->sql_fetchrow($result) );
122
123	$msg_data['message'] = sprintf($lang['search_results'], $search_str) . ': ' . $found_str;
124	}
125	else {
126	$msg_data['message'] = sprintf($lang['search_results'], $search_str) . ': ' . $lang['nothing_found'];
127	}
128
129	return;
130
131	break;
132
133	case '/wakeup':
134	$to_username = ( !empty($textParts[1]) ? $textParts[1] : '' );
135	if ( !$to_username ) {
136	return false;
137	}
138
139	if ( $to_username == $userdata['name'] ) {
140	$msg_data['message'] = 'WAKEUP!!! <script type="text/javascript">window.focus();alert(\'WAKEUP!!!\');</script>';
141	}
142	else {
143	$msg_data['message'] = 'WAKEUP ' . $to_username . '!!!';
144	}
145
146	return;
147	break;
148
149	case '/kick':
150	$to_username = ( !empty($textParts[1]) ? $textParts[1] : '' );
151	if ( !$to_username ) {
152	return false;
153	}
154
155	if ( $to_username == $userdata['name'] ) {
156	$msg_data['message'] = '<span style="color:red">' . $lang['you_have_been_kicked'] . '</span>';
157	$msg_data['message'] .= '<script type="text/javascript">$(location).attr(\'href\',\'' . append_sid($root_path . 'index.php') . '\');</script>';
158
159	$sql = 'DELETE FROM ' . CHAT_MESSAGES_TABLE . ' WHERE chat_msg_id = ' . $msg_data['chat_msg_id'];
160	$db->sql_query($sql);
161
162	session_end($userdata['session_id'], $userdata['uid']);
163
164	}
165	else {
166	$msg_data['message'] = '<span style="color:red">' . sprintf($lang['user_kicked'], $to_username) . '</span>';
167	}
168
169	return;
170	break;
171
172	case '/ban':
173	$to_username = ( !empty($textParts[1]) ? $textParts[1] : '' );
174	$ban_time = ( !empty($textParts[2]) ? (int) $textParts[2] : 0 );
175
176	$sql = 'SELECT uid, user_bans FROM ' . USERS_TABLE . ' WHERE name = \'' . $db->sql_escape($to_username) . '\'';
177	$result = $db->sql_query($sql);
178	if ( $row = $db->sql_fetchrow($result) ) {
179	set_ban(BAN_CHAT, $ban_time, false, $row['uid'], $row['user_bans']);
180	}
181
182	if ( $to_username == $userdata['name'] ) {
183	$msg_data['message'] = '<span style="color:red">' . $lang['you_have_been_kicked'] . '</span>';
184	$msg_data['message'] .= '<script type="text/javascript">$(location).attr(\'href\',\'' . append_sid($root_path . 'index.php') . '\');</script>';
185
186	session_end($userdata['session_id'], $userdata['uid']);
187	}
188	else {
189	$msg = ( $ban_time ? sprintf($lang['user_banned_until'], $to_username, create_date(time() + $ban_time * 60, 'Y-m-d H:i:s')) : sprintf($lang['user_banned'], $to_username) );
190	$msg_data['message'] = '<span style="color:red">' . $msg . '</span>';
191	}
192
193	$sql = 'DELETE FROM ' . CHAT_MESSAGES_TABLE . ' WHERE chat_msg_id = ' . $msg_data['chat_msg_id'];
194	$db->sql_query($sql);
195
196	return;
197	break;
198
199	case '/banlist':
200	if ( $msg_data['uid'] == $userdata['uid'] ) {
201	$banlist = '';
202
203	$sql = 'SELECT u.uid, u.name, u.class
204	FROM ' . BANLIST_TABLE . ' b, ' . USERS_TABLE . ' u
205	WHERE b.ban_type = ' . BAN_CHAT . '
206	AND u.uid = b.ban_userid';
207	$result = $db->sql_query($sql);
208
209	while ( $row = $db->sql_fetchrow($result) ) {
210	// www.phpBB-SEO.com SEO TOOLKIT START
211	$seo->set_user_url($row['name'], $row['uid']);
212	// www.phpBB-SEO.com SEO TOOLKIT END
213
214	$user_link = '<a href="' . append_sid($root_path . 'userdetails.php?id=' . $row['uid']) . '" target="_blank">' . get_user_class_color($row['class'], $row['name']) . '</a>';
215	$user_link .= ' <a href="javascript:;" onclick="unban(' . $row['uid'] . ');$(this).prev(\'a\').remove();$(this).remove();">[' . $lang['torrent_action_unban'] . ']</a>';
216
217	$banlist .= ' ' . $user_link;
218	}
219
220	$msg_data['message'] = '<span style="color:red">' . $lang['banned_users_in_chat'] . ': </span>';
221	$msg_data['message'] .= ( $banlist ? $banlist : $lang['no'] );
222	}
223	else {
224	return false;
225	}
226
227	return;
228	break;
229
230	default:
231	$bb_code->parse($msg);
232	$msg = $bb_code->get_html();
233	$msg = censor_text($msg);
234	$msg_data['message'] = $msg;
235
236	return;
237	break;
238
239	}
240
241	return false;
242	}
243	else {
244	if ( stripos(substr($msg, 0, 20 + utf_strlen($userdata['name'])), $userdata['name'] ) !== false ) {
245	$msg_data['className'] = 'row3';
246	}
247	else {
248	$msg_data['className'] = 'row1';
249	}
250
251	$bb_code->parse($msg);
252	$msg = $bb_code->get_html();
253	$msg = censor_text($msg);
254	$msg_data['message'] = $msg;
255	return;
256	}
257	}
258
259	if ( $user_is_mod ) {
260	$sql = 'DELETE FROM ' . CHAT_MESSAGES_TABLE . ' WHERE chat_msg_added < ' . ( time() - 30 * 24 * 60 * 60 );
261	$db->sql_query($sql);
262	}
263
264	if ( $action ) {
265	switch($action) {
266	case 'delete_msg':
267	$msg_id = request_var('msg_id', 0);
268
269	if ( $user_is_mod ) {
270	$time = time();
271
272	$sql = 'DELETE FROM ' . CHAT_MESSAGES_TABLE . ' WHERE chat_msg_id = ' . $msg_id;
273	$db->sql_query($sql);
274
275	$sql = 'INSERT INTO ' . CHAT_MESSAGES_TABLE . ' ' . $db->sql_build_array('INSERT', array(
276	'chat_uid' => $userdata['uid'],
277	'chat_msg' => '/delete ' . $msg_id,
278	'chat_msg_added' => $time,
279	));
280	$db->sql_query($sql);
281	$chat_last_msg = $db->sql_nextid();
282
283	set_config('chat_last_msg', $chat_last_msg, true);
284	@file_put_contents($root_path . 'cache/chat_last_msg', $chat_last_msg);
285
286	$data = 'ok';
287	}
288	else {
289	$data = 'denied';
290	}
291
292	break;
293
294	case 'unban':
295	if ( !$user_is_mod ) {
296	$data = 'denied';
297	}
298	else {
299	$uid = request_var('uid', 0);
300
301	$sql = 'SELECT user_bans FROM ' . USERS_TABLE . ' WHERE uid = ' . $uid;
302	$result = $db->sql_query($sql);
303	$row = $db->sql_fetchrow($result);
304
305	set_ban(BAN_CHAT, 0, true, $uid, $row['user_bans']);
306
307	$data = 'ok';
308	}
309	break;
310
311	case 'view_logs':
312	$time = request_var('time', '');
313
314	if ( !$user_is_mod ) {
315	$data = 'denied';
316	}
317	else {
318	if ( ( $date = strtotime($time) ) !== false ) {
319	$day = date('d', $date);
320	$month = date('m', $date);
321	$year = date('Y', $date);
322	$hours = date('H', $date);
323	$minutes = date('i', $date);
324
325	$time = mktime($hours, $minutes, 0, $month, $day, $year);
326	}
327	elseif ( $time ) {
328	$time = (int) $time;
329	}
330	else {
331	$time = time() - 24 * 60 * 60;
332	}
333
334	$sql = 'SELECT name AS username, chat_msg AS message, chat_msg_added AS added, u.uid, chat_msg_id, u.class, u.donor, u.name_append, u.enabled, u.warneduntil, u.parked
335	FROM ' . CHAT_MESSAGES_TABLE . ' c, ' . USERS_TABLE . ' u
336	WHERE c.chat_uid = u.uid AND c.chat_msg_added > ' . $time . ' AND chat_msg NOT LIKE \'/delete%\'
337	ORDER BY chat_msg_added';
338	$result = $db->sql_query_limit($sql, 10);
339	$i = 0;
340
341	if ( $row = $db->sql_fetchrow($result) ) {
342	do {
343
344	$row['unixtime'] = $row['added'];
345	$row['added'] = create_date($row['added'], '\|Y-m-d H:i:s\|');
346
347	// www.phpBB-SEO.com SEO TOOLKIT START
348	$seo->set_user_url($row['username'], $row['uid']);
349	// www.phpBB-SEO.com SEO TOOLKIT END
350	$user_link = parse_username($row);
351
352	$row['user_link'] = $user_link;
353
354	if ( $user_is_mod ) {
355	$row['mod_opts'] = '<a href="javascript:;" onclick="delete_message('. $row['chat_msg_id'] . ');"><img src="'. $root_path .'pic/delete.png" /></a>';
356	}
357	else {
358	$row['mod_opts'] = '';
359	}
360
361	unset($row['class'], $row['parked'], $row['warneduntil'], $row['enabled'], $row['donor']);
362
363	$data[$i] = $row;
364
365	if ( parse_chat_comm($data[$i]) === false ) {
366	unset($data[$i]);
367	}
368
369	++$i;
370	}
371	while ( $row = $db->sql_fetchrow($result) );
372
373	$data = array_merge($data);
374	}
375	else {
376	$data[0]['unixtime'] = 0;
377	$data[0]['added'] = create_date(time(), 'H:i:s');
378	$data[0]['chat_msg_id'] = 0;
379
380	$_userdata = $userdata;
381	unset($_userdata['user_reputation_level']);
382
383	// www.phpBB-SEO.com SEO TOOLKIT START
384	$seo->set_user_url($userdata['name'], $userdata['uid']);
385	// www.phpBB-SEO.com SEO TOOLKIT END
386	$user_link = parse_username($_userdata, false);
387
388	$data[0]['user_link'] = $user_link;
389	$data[0]['username'] = $userdata['name'];
390	$data[0]['uid'] = $userdata['uid'];
391	$data[0]['mod_opts'] = '';
392
393	$data[0]['message'] = '<a href="javascript:;" onclick="$(\'#daddy-shoutbox-list\').attr(\'innerHTML\', \'\');lastMsgId = 0;refresh();">' . $lang['return_to_chat'] . '</a>';
394	}
395
396	sleep(1);
397	}
398	break;
399
400	case 'add':
401	$message = request_var('message', '');
402	$time = time();
403	if ( utf_strlen($message) < 3 ) {
404	break;
405	}
406
407	$textParts = explode(' ', $message);
408	$mod_commands = array('/kick', '/ban', '/banlist', '/delete');
409	if ( !empty($textParts[0]) && in_array($textParts[0], $mod_commands) && !$user_is_mod ) {
410	$data = 'denied';
411	break;
412	}
413
414	$sql = 'INSERT INTO ' . CHAT_MESSAGES_TABLE . ' ' . $db->sql_build_array('INSERT', array(
415	'chat_uid' => $userdata['uid'],
416	'chat_msg' => $message,
417	'chat_msg_added' => $time,
418	));
419	$db->sql_query($sql);
420	$chat_msg_id = $db->sql_nextid();
421
422	$chat_last_msg += 1;
423
424	set_config('chat_last_msg', $chat_msg_id, true);
425	@file_put_contents($root_path . 'cache/chat_last_msg', $chat_msg_id);
426
427	//break;
428
429	case 'view':
430
431	if ( $chat_last_msg && $chat_last_msg == $config['chat_last_msg'] ) {
432	break;
433	}
434
435	$sql = 'SELECT name AS username, chat_msg AS message, chat_msg_added AS added, u.uid, chat_msg_id, u.class, u.donor, u.name_append, u.enabled, u.warneduntil, u.parked
436	FROM ' . CHAT_MESSAGES_TABLE . ' c, ' . USERS_TABLE . ' u
437	WHERE c.chat_uid = u.uid ' . ( $chat_last_msg ? 'AND c.chat_msg_id > ' . $chat_last_msg : ' ORDER BY chat_msg_added DESC LIMIT 10');
438	$result = $db->sql_query($sql);
439	$i = 0;
440
441	while ( $row = $db->sql_fetchrow($result) ) {
442
443	$row['unixtime'] = $row['added'];
444	$row['added'] = create_date($row['added'], 'H:i:s');
445
446	$user_link = parse_username($row);
447
448	$row['user_link'] = $user_link;
449
450	if ( $user_is_mod ) {
451	$row['mod_opts'] = '<a href="javascript:;" onclick="delete_message('. $row['chat_msg_id'] . ');"><img src="'. $root_path .'pic/delete.png" /></a>';
452	}
453	else {
454	$row['mod_opts'] = '';
455	}
456
457	unset($row['class'], $row['parked'], $row['warneduntil'], $row['enabled'], $row['donor'], $row['unixtime']);
458
459	$data[$i] = $row;
460
461	if ( parse_chat_comm($data[$i]) === false ) {
462	unset($data[$i]);
463	}
464
465	++$i;
466	}
467
468	$data = array_merge($data);
469
470	if ( !$chat_last_msg ) {
471	$data = array_reverse($data);
472	}
473	break;
474
475	case 'get_online_users':
476	$_userdata = $userdata;
477	unset($_userdata['user_reputation_level']);
478
479	$row['clean_username'] = str_replace("'", "\'", $_userdata['name']);
480	$row['username'] = parse_username($_userdata, false);
481	$row['u_userdetails'] = append_sid($root_path . 'userdetails.php?id=' . $_userdata['uid']);
482
483	$data[$_userdata['uid']] = $row;
484
485
486	$sql = 'SELECT u.name, u.uid, u.class, u.donor, u.name_append, u.enabled, u.warneduntil, u.parked
487	FROM ' . USERS_TABLE . ' u, ' . SESSIONS_TABLE . ' s
488	WHERE u.uid = s.session_user_id
489	AND s.session_page LIKE \'%chat.php%\'
490	AND s.session_time > ' . ( time() - 2 * 60 ) . '
491	AND s.session_logged_in = 1
492	ORDER BY u.class DESC, u.name';
493	$result = $db->sql_query($sql);
494
495	while ( $row = $db->sql_fetchrow($result) ) {
496	$row['clean_username'] = str_replace("'", "\'", $row['name']);
497	$row['username'] = parse_username($row, false);
498	$row['u_userdetails'] = append_sid($root_path . 'userdetails.php?id=' . $row['uid']);
499
500	$data[$row['uid']] = $row;
501	}
502	break;
503
504	case 'show_user_menu':
505	$username = request_var('username', '');
506	$uid = request_var('uid', 0);
507
508	// www.phpBB-SEO.com SEO TOOLKIT START
509	$seo->set_user_url($username, $uid);
510	// www.phpBB-SEO.com SEO TOOLKIT END
511
512	$data['menu'] = '<ul class="user_menu">';
513
514	$user_link = append_sid($root_path . 'userdetails.php?id=' . $uid);
515
516	$data['menu'] .= '<li><a href="' . $user_link . '" target="_blank">' . $lang['show_profile'] . '</a></li>';
517
518	if ( $username <> $userdata['name'] ) {
519	$data['menu'] .= '<li><a href="javascript:;" onclick="$(\'#message\').attr(\'value\', \'/private ' . $username . ' \');$(\'#message\').focus();">' . $lang['send_pm'] . '</a></li>';
520	}
521
522	if ( $user_is_mod ) {
523
524	if ( $username <> $userdata['name'] ) {
525	$data['menu'] .= '<li><a href="javascript:;" onclick="$(\'#message\').attr(\'value\', \'/kick ' . $username . '\');$(\'#message\').focus();">' . $lang['kick_user'] . '</a></li>';
526	$data['menu'] .= '<li><a href="javascript:;" onclick="$(\'#message\').attr(\'value\', \'/ban ' . $username . '\');$(\'#message\').focus();">' . $lang['ban_user'] . '</a></li>';
527	}
528
529	if ( $username == $userdata['name'] ) {
530	$data['menu'] .= '<li><a href="javascript:;" onclick="$(\'#message\').attr(\'value\', \'/banlist\');$(\'#message\').focus();">' . $lang['ban_list'] . '</a></li>';
531	$data['menu'] .= '<li><a href="javascript:;" onclick="view_logs(0);">' . $lang['view_logs'] . '</a></li>';
532	}
533	}
534
535	if ( $username == $userdata['name'] ) {
536	$data['menu'] .= '<li><a href="javascript:;" onclick="$(\'#message\').attr(\'value\', \'/search \');$(\'#message\').focus();">' . $lang['search_torrents'] . '</a></li>';
537	}
538
539	$data['menu'] .= '</ul>';
540	$data['clean_username'] = str_replace("'", "\'", $username);
541
542
543	break;
544
545
546	}
547
548	echo ( !empty($data) ? json_encode($data) : 'ok' );
549
550	gc();
551
552	}
553	else {
554	generate_smilies('inline');
555
556	stdhead($lang['chat']);
557	$template->set_filenames(array(
558	'body' => 'chat_body.html'
559	));
560	stdfoot();
561	}
562	?>

Note: See TracBrowser for help on using the browser.

root/chat.php

Download in other formats: