May Update #1

Author: bluethrust

_functions.php

@@ -48,9 +48,9 @@ function filterText($strText) {
 	return $temp;
 }
 
-function getPreciseTime($intTime, $timeFormat="") {
+function getPreciseTime($intTime, $timeFormat="", $bypassTimeDiff=false) {
 
-	$timeDiff = time() - $intTime;
+	$timeDiff = (!$bypassTimeDiff) ? time() - $intTime : 99999;
 
 	if($timeDiff < 3) {
 		$dispLastDate = "just now";
@@ -114,8 +114,8 @@ function parseBBCode($strText) {
 
 	foreach($arrBBCodes as $bbCode) {
 
-		$strText = str_replace($bbCode['bbOpenTag'],$bbCode['htmlOpenTag'],$strText);
-		$strText = str_replace($bbCode['bbCloseTag'],$bbCode['htmlCloseTag'],$strText);
+		$strText = str_ireplace($bbCode['bbOpenTag'],$bbCode['htmlOpenTag'],$strText);
+		$strText = str_ireplace($bbCode['bbCloseTag'],$bbCode['htmlCloseTag'],$strText);
 
 	}
 
@@ -127,23 +127,26 @@ function parseBBCode($strText) {
 	foreach($arrEmoticonCodes as $key => $value) {
 
 		$imgURL = "<img src='".$MAIN_ROOT."images/emoticons/".$arrEmoticonImg[$key]."' width='15' height='15'>";
-		$strText = str_replace($value, $imgURL, $strText);
+		$strText = str_ireplace($value, $imgURL, $strText);
 
 	}
 
 
 	// Complex Codes, ex. Links, colors...
 
-	$strText = preg_replace("/\[url\](.*)\[\/url\]/", "<a href='$1' target='_blank'>$1</a>", $strText); // Links no Titles
-	$strText = preg_replace("/\[url=(.*)\](.*)\[\/url\]/", "<a href='$1' target='_blank'>$2</a>", $strText); // Links with Titles
-	$strText = preg_replace("/\[color=(.*)\](.*)\[\/color\]/", "<span style='color: $1'>$2</span>", $strText); // Text Color
+	$strText = preg_replace("/\[url](.*?)\[\/url]/i", "<a href='$1' target='_blank'>$1</a>", $strText); // Links no Titles
+	$strText = preg_replace("/\[url=(.*?)\](.*?)\[\/url\]/i", "<a href='$1' target='_blank'>$2</a>", $strText); // Links with Titles
+
+	
 
+	$strText = preg_replace("/\[color=(.*)\](.*)\[\/color\]/i", "<span style='color: $1'>$2</span>", $strText); // Text Color
+
 	$strText = str_replace("[/youtube]", "[/youtube]\n", $strText);
-	$strText = preg_replace("/\[youtube\](http|https)(\:\/\/www\.youtube\.com\/watch\?v\=)(.*)\[\/youtube\]/", "<iframe class='youtubeEmbed' src='http://www.youtube.com/embed/$3?wmode=opaque' frameborder='0' allowfullscreen></iframe>", $strText);
-	$strText = preg_replace("/\[\youtube\](http|https)(\:\/\/youtu\.be\/)(.*)\[\/youtube\]/", "<iframe class='youtubeEmbed' src='http://www.youtube.com/embed/$3?wmode=opaque' frameborder='0' allowfullscreen></iframe>", $strText);
+	$strText = preg_replace("/\[youtube\](http|https)(\:\/\/www\.youtube\.com\/watch\?v\=)(.*)\[\/youtube\]/i", "<iframe class='youtubeEmbed' src='http://www.youtube.com/embed/$3?wmode=opaque' frameborder='0' allowfullscreen></iframe>", $strText);
+	$strText = preg_replace("/\[\youtube\](http|https)(\:\/\/youtu\.be\/)(.*)\[\/youtube\]/i", "<iframe class='youtubeEmbed' src='http://www.youtube.com/embed/$3?wmode=opaque' frameborder='0' allowfullscreen></iframe>", $strText);
 
 	$strText = str_replace("[/twitch]", "[/twitch]\n", $strText);
-	$strText = preg_replace("/\[twitch\](http|https)(\:\/\/www\.twitch\.tv\/)(.*)\[\/twitch\]/", "<object class='youtubeEmbed' type='application/x-shockwave-flash' id='live_embed_player_flash' data='http://www.twitch.tv/widgets/live_embed_player.swf?channel=$3' bgcolor='#000000'><param name='allowFullScreen' value='true' /><param name='wmode' value='opaque' /><param name='allowScriptAccess' value='always' /><param name='allowNetworking' value='all' /><param name='movie' value='http://www.twitch.tv/widgets/live_embed_player.swf' /><param name='flashvars' value='hostname=www.twitch.tv&channel=$3&auto_play=false&start_volume=25' /></object>", $strText);
+	$strText = preg_replace("/\[twitch\](http|https)(\:\/\/www\.twitch\.tv\/)(.*)\[\/twitch\]/i", "<object class='youtubeEmbed' type='application/x-shockwave-flash' id='live_embed_player_flash' data='http://www.twitch.tv/widgets/live_embed_player.swf?channel=$3' bgcolor='#000000'><param name='allowFullScreen' value='true' /><param name='wmode' value='opaque' /><param name='allowScriptAccess' value='always' /><param name='allowNetworking' value='all' /><param name='movie' value='http://www.twitch.tv/widgets/live_embed_player.swf' /><param name='flashvars' value='hostname=www.twitch.tv&channel=$3&auto_play=false&start_volume=25' /></object>", $strText);
 
 	$strText = autolink($strText);
 
@@ -162,6 +165,78 @@ function autoLinkImage($strText) {
 }
 
 
+function __autoload($class_name) {
+	global $prevFolder;
+	include_once($prevFolder."classes/".$class_name.".php");
+}
+
 
+//======================== START OF FUNCTION ==========================//
+// FUNCTION: bbcode_to_html                                            //
+//=====================================================================//
+function bbcode_to_html($bbtext){
+  $bbtags = array(
+    '[heading1]' => '<h1>','[/heading1]' => '</h1>',
+    '[heading2]' => '<h2>','[/heading2]' => '</h2>',
+    '[heading3]' => '<h3>','[/heading3]' => '</h3>',
+    '[h1]' => '<h1>','[/h1]' => '</h1>',
+    '[h2]' => '<h2>','[/h2]' => '</h2>',
+    '[h3]' => '<h3>','[/h3]' => '</h3>',
+
+    '[paragraph]' => '<p>','[/paragraph]' => '</p>',
+    '[para]' => '<p>','[/para]' => '</p>',
+    '[p]' => '<p>','[/p]' => '</p>',
+    '[left]' => '<p style="text-align:left;">','[/left]' => '</p>',
+    '[right]' => '<p style="text-align:right;">','[/right]' => '</p>',
+    '[center]' => '<p style="text-align:center;">','[/center]' => '</p>',
+    '[justify]' => '<p style="text-align:justify;">','[/justify]' => '</p>',
+
+    '[bold]' => '<span style="font-weight:bold;">','[/bold]' => '</span>',
+    '[italic]' => '<span style="font-weight:bold;">','[/italic]' => '</span>',
+    '[underline]' => '<span style="text-decoration:underline;">','[/underline]' => '</span>',
+    '[b]' => '<span style="font-weight:bold;">','[/b]' => '</span>',
+    '[i]' => '<span style="font-weight:bold;">','[/i]' => '</span>',
+    '[u]' => '<span style="text-decoration:underline;">','[/u]' => '</span>',
+    '[break]' => '<br>',
+    '[br]' => '<br>',
+    '[newline]' => '<br>',
+    '[nl]' => '<br>',
+    
+    '[unordered_list]' => '<ul>','[/unordered_list]' => '</ul>',
+    '[list]' => '<ul>','[/list]' => '</ul>',
+    '[ul]' => '<ul>','[/ul]' => '</ul>',
+
+    '[ordered_list]' => '<ol>','[/ordered_list]' => '</ol>',
+    '[ol]' => '<ol>','[/ol]' => '</ol>',
+    '[list_item]' => '<li>','[/list_item]' => '</li>',
+    '[li]' => '<li>','[/li]' => '</li>',
+    
+    '[*]' => '<li>','[/*]' => '</li>',
+    '[code]' => '<code>','[/code]' => '</code>',
+    '[preformatted]' => '<pre>','[/preformatted]' => '</pre>',
+    '[pre]' => '<pre>','[/pre]' => '</pre>',     
+  );
+
+  $bbtext = str_ireplace(array_keys($bbtags), array_values($bbtags), $bbtext);
+
+  $bbextended = array(
+    "/\[url](.*?)\[\/url]/i" => "<a href=\"http://$1\" title=\"$1\">$1</a>",
+    "/\[url=(.*?)\](.*?)\[\/url\]/i" => "<a href=\"$1\" title=\"$1\">$2</a>",
+    "/\[email=(.*?)\](.*?)\[\/email\]/i" => "<a href=\"mailto:$1\">$2</a>",
+    "/\[mail=(.*?)\](.*?)\[\/mail\]/i" => "<a href=\"mailto:$1\">$2</a>",
+    "/\[img\]([^[]*)\[\/img\]/i" => "<img src=\"$1\" alt=\" \" />",
+    "/\[image\]([^[]*)\[\/image\]/i" => "<img src=\"$1\" alt=\" \" />",
+    "/\[image_left\]([^[]*)\[\/image_left\]/i" => "<img src=\"$1\" alt=\" \" class=\"img_left\" />",
+    "/\[image_right\]([^[]*)\[\/image_right\]/i" => "<img src=\"$1\" alt=\" \" class=\"img_right\" />",
+  );
+
+  foreach($bbextended as $match=>$replacement){
+    $bbtext = preg_replace($match, $replacement, $bbtext);
+  }
+  return $bbtext;
+}
+//=====================================================================//
+//  FUNCTION: bbcode_to_html                                           //
+//========================= END OF FUNCTION ===========================//
 
 ?>

_setup.php

@@ -16,45 +16,42 @@
 // This setup page should not be changed.  Edit _config.php to configure your website.
 
 ini_set('display_errors', 0);
+ini_set('session.use_only_cookies', 1);
+ini_set('session.gc_maxlifetime', 60*60*24*3);
 
 if(get_magic_quotes_gpc() == 1) {
 	foreach($_GET as $key=>$value) { $_GET[$key] = stripslashes($value); }
 	foreach($_POST as $key=>$value) { $_POST[$key] = stripslashes($value); }
 }
 
 
-if(isset($_COOKIE['btSessionID']) && $_COOKIE['btSessionID'] != "") {
-	session_id($_COOKIE['btSessionID']);
+if(isset($_COOKIE['btUsername']) && isset($_COOKIE['btPassword'])) {
 	session_start();
-	ini_set('session.use_only_cookies', 1);
+	$_SESSION['btUsername'] = $_COOKIE['btUsername'];
+	$_SESSION['btPassword'] = $_COOKIE['btPassword'];
 }
 else {
 	session_start();
-	ini_set('session.use_only_cookies', 1);
-	if(isset($_SESSION['btRememberMe']) && $_SESSION['btRememberMe'] == 1 && (!isset($_COOKIE['btSessionID']) || $_COOKIE['btSessionID'] == "")) {
-		$cookieExpTime = time()+((60*60*24)*3);
-		setcookie("btSessionID", session_id(), $cookieExpTime);
-	}
+}
+
+if(!isset($_SESSION['csrfKey'])) {
+	$_SESSION['csrfKey'] = md5(uniqid());
 }
 
 include($prevFolder."_config.php");
 $PAGE_NAME = "";
-
-include_once($prevFolder."classes/btmysql.php");
-include_once($prevFolder."classes/basic.php");
 include_once($prevFolder."_functions.php");
-include_once($prevFolder."classes/ipban.php");
-
 
 $mysqli = new btmysql($dbhost, $dbuser, $dbpass, $dbname);
 
+
 $mysqli->set_tablePrefix($dbprefix);
 $mysqli->set_testingMode(true);
 
 $logObj = new Basic($mysqli, "logs", "log_id");
 
 // Get Clan Info
-$webInfoObj = new Basic($mysqli, "websiteinfo", "websiteinfo_id");
+$webInfoObj = new WebsiteInfo($mysqli);
 
 $webInfoObj->select(1);
 
@@ -80,31 +77,17 @@
 	ini_set('error_reporting', E_ALL);
 }
 else {
-	ini_set('error_reporting', E_ALL & ~E_NOTICE & ~E_WARNING && ~E_STRICT);
+	ini_set('error_reporting', E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT);
 	ini_set('display_errors', 1);
 }
 
 
 // Check for Ban
-/*
-$ipbanObj = new Basic($mysqli, "ipban", "ipaddress");
-
-if($ipbanObj->select($IP_ADDRESS, false)) {
-	$ipbanInfo = $ipbanObj->get_info();
-
-	if(time() < $ipbanInfo['exptime'] OR $ipbanInfo['exptime'] == 0) {
-		die("<script type='text/javascript'>window.location = '".$MAIN_ROOT."banned.php';</script>");
-	}
-	else {
-		$ipbanObj->delete();
-	}
-
-}
-*/
 
 $ipbanObj = new IPBan($mysqli);
 if($ipbanObj->isBanned($IP_ADDRESS)) {
 	die("<script type='text/javascript'>window.location = '".$MAIN_ROOT."banned.php';</script>");
 }
 
+$hooksObj = new btHooks();
 ?>

classes/basic.php

@@ -54,10 +54,8 @@ public function select($intIDNum, $numericIDOnly = true) {
 			$checkID = is_numeric($intIDNum);
 		}
 
-		
 
 		if($checkID) {
-
 			$result = $this->MySQL->query("SELECT * FROM ".$this->strTableName." WHERE ".$this->strTableKey." = '$intIDNum'");
 			if($result->num_rows > 0) {
 				$this->arrObjInfo = $result->fetch_assoc();
@@ -71,6 +69,85 @@ public function select($intIDNum, $numericIDOnly = true) {
 	}
 
 
+/*
+	 * Get multi rows, returns an array of get_info_filtered, 
+	 * 
+	 * Format filterArgs array as array[columnName] = value
+	 * 
+	 */
+	
+	public function get_entries($filterArgs=array(), $orderBy="", $blnNotFiltered=true, $filterComparators=array()) {
+		
+		$returnVal = false;
+		$returnArr = array();
+		$arrSelect = array();
+		$selectBackID = "";
+		
+		if($this->intTableKeyValue != "") {
+			$selectBackID = $this->intTableKeyValue;
+		}
+		
+		$setSQL = "";
+		if(count($filterArgs) > 0) {
+			
+			$arrSQL = array();
+			foreach($filterArgs as $columnName => $value) {
+				
+			$setComparator = isset($filterComparators[$columnName]) ? $filterComparators[$columnName] : "=";
+				
+				$arrSQL[] = $columnName." ".$setComparator." ?";
+				
+			}
+			
+			$setSQL = implode(" AND ", $arrSQL);
+			
+			if($setSQL != "") {
+				$setSQL = " WHERE ".$setSQL;	
+			}
+		}
+		
+		if($orderBy != "") {
+			$orderBy = "ORDER BY ".$orderBy;
+		}
+		
+		$query = "SELECT ".$this->strTableKey." FROM ".$this->strTableName.$setSQL." ".$orderBy;
+		$stmt = $this->MySQL->prepare($query);
+		$returnID = "";
+
+		if($stmt) {
+
+			if(count($filterArgs) > 0) {
+				$this->MySQL->bindParams($stmt, $filterArgs);
+			}
+			
+			$stmt->execute();
+			$stmt->bind_result($result);
+			
+			while($stmt->fetch()) {
+				
+				$arrSelect[] = $result;	
+				
+			}
+			
+			$stmt->close();
+
+		}
+
+		foreach($arrSelect as $selectKey) {
+			$this->select($selectKey);
+			$returnArr[] = $blnNotFiltered ? $this->get_info_filtered() : $this->get_info();
+		}
+		
+		
+		if($selectBackID != "") {
+			$this->select($selectBackID);
+		}
+		
+		return $returnArr;
+		
+	}
+	
+	
 	/*
 	
 	-Easy way to send an INSERT statement-
@@ -116,7 +193,6 @@ public function addNew($arrColumns, $arrValues) {
 
 			$stmt = $this->MySQL->bindParams($stmt, $arrValues);
 
-			
 		}
 
 

classes/basicsort.php

@@ -343,7 +343,7 @@ function findBeforeAfter() {
 			$addTo = 1;
 
 
-			if($this->arrObjInfo['sortnum'] == $intHighestOrderNum AND $intHighestOrderNum != 1) {
+			if($this->arrObjInfo['sortnum'] == $intHighestOrderNum && $intHighestOrderNum != 1) {
 				$strBeforeAfter = "after";
 				$addTo = -1;
 			}