Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/alumni/inc/ drwxrwxrwx |
Viewing file: inc_bbcode.php (11.76 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php /******************************************************************************** - MemHT Portal - Copyright (C) 2007-2008 by Miltenovik Manojlo http://www.memht.com This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your opinion) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, see <http://www.gnu.org/licenses/> (GPLv2) or write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA02110-1301, USA. ********************************************************************************/ if (stristr(htmlentities($_SERVER['PHP_SELF']), 'inc_bbcode.php')) { die("<table style='padding: 2px; border: 1px solid #999; background-color: #EEE; font-family: Verdana; font-size: 10px;' align='center'><tr><td><b>Error:</b> This file cannot be opened directly!</td></tr></table>"); } //BBCode - Forum - News - Articles - Guides function bb2html($string,$smiles=1) { if (memRunHooks('BBCode',array(&$string))) { $patterns = array( '`\[b\](.+?)\[/b\]`is', '`\[i\](.+?)\[/i\]`is', '`\[u\](.+?)\[/u\]`is', '`\[strike\](.+?)\[/strike\]`is', '`\[color=#([0-9a-zA-Z]{3,6})\](.+?)\[/color\]`is', '`\[email\](.+?)\[/email\]`is', //'`\[img\](.+?)\[/img\]`is', '`\[url=([a-z0-9]+://)([\w\-]+\.([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*?)?)\](.*?)\[/url\]`si', '`\[url\]([a-z0-9]+?://){1}([\w\-]+\.([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*)?)\[/url\]`si', '`\[url\]((www|ftp)\.([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*?)?)\[/url\]`si', '`\[flash=([0-9]+),([0-9]+)\](.+?)\[/flash\]`is', '`\[youtube=([0-9]+),([0-9]+)\](.+?)\[/youtube\]`is', '`\[quote\](.+?)\[/quote\]`is', '`\[size=([0-9]+)\](.+?)\[/size\]`is', '`\[left\](.+?)\[/left\]`is', '`\[center\](.+?)\[/center\]`is', '`\[right\](.+?)\[/right\]`is', '`\[embed=([0-9]+),([0-9]+)\](.+?)\[/embed\]`is' ); $replaces = array( '<b>\\1</b>', '<i>\\1</i>', '<u>\\1</u>', '<strike>\\1</strike>', '<span style="color:#\1;">\2</span>', '<a href="mailto:\1">\1</a>', //'<img src="\1" alt="" style="border:0px;" />', '<a href="\1\2" target="_blank">\6</a>', '<a href="\1\2" target="_blank">\1\2</a>', '<a href="http://\1" target="_blank">\1</a>', '<object width="\1" height="\2"><param name="movie" value="\3" /><embed src="\3" width="\1" height="\2"></embed></object>', '<object width="\1" height="\2"><param name="movie" value="\3"></param><param name="wmode" value="transparent"></param><embed src="\3" type="application/x-shockwave-flash" wmode="transparent" width="\1" height="\2"></embed></object>', '<div style="padding:4px;"><table width="100%" align="center" cellspacing="0" cellpadding="0" class="quote_box"><tr><td class="quote_title"><b>quote</b></td></tr><tr><td class="quote_body"><div width="100%" style="overflow:auto; max-width:400px; width:expression(document.body.clientWidth > 400? \'400px\': \'auto\' );">\1</div></td></tr></table></div>', '<span style="font-size:\1px">\2</span>', '<div align="left">\1</div>', '<div align="center">\1</div>', '<div align="right">\1</div>', '<embed src="\3" width="\1" height="\2"></embed>' ); //=========================================== //IMG //=========================================== $max_width = 400; $max_height = 400; preg_match_all("`\[img\](.+?)\[/img\]`is",$string,$outstr,PREG_SET_ORDER); foreach($outstr as $image) { $info = @getimagesize($image[1]); if($info[0]>$max_width OR $info[1]>$max_height) { $string = str_replace($image[0],'<a href="'.$image[1].'" target="_blank" title="Click here to view the original image"><div class="small"><img src="images/view.gif" border="0" alt="View"> Image resized (<i>Original file: '.$info[0].'x'.$info[1].'</i>)</div><img src="'.$image[1].'" border="0" width="'.$max_width.'" alt="Thumb"></a>', $string); } else { $string = str_replace($image[0],'<img src="'.$image[1].'" border="0" alt="Image">',$string); } } //=========================================== //CODE //=========================================== //Extract [code]...[/code] preg_match_all('`\[code\](.+?)\[/code\]`is',$string,$outstr,PREG_PATTERN_ORDER); $numcodes = count($outstr[0]); $string_cleaned = $string; for ($a=0;$a<=$numcodes;$a++) { $string_cleaned = preg_replace('`\[code\](.+?)\[/code\]`is','___CODE_'.$a.'___',$string_cleaned,1); } //Convert BBCode $string_cleaned = nl2br(preg_replace($patterns,$replaces,$string_cleaned)); $string_cleaned = urlToLink($string_cleaned); //Break long links //$string_cleaned = preg_replace('#\<a(.+?)\>(.+?)\</a\>#ise',"'<a'.stripslashes('\$1').'>'.stripslashes(breakLongLinks('\$2')).'</a>'",$string_cleaned); //Restore [code]...[/code] $string = $string_cleaned; for ($a=0;$a<$numcodes;$a++) { $outstr[1][$a] = str_replace("'","'",$outstr[1][$a]); $string = preg_replace('#(___CODE_)('.$a.')(___)#ise',"'<div style=\"padding:4px;\"><table width=\"100%\" align=\"center\" cellspacing=\"0\" cellpadding=\"0\" class=\"code_box\"><tr><td class=\"code_title\"><b>code</b></td></tr><tr><td class=\"code_body\"><div width=\"100%\" style=\"overflow:auto; max-width:500px; width:expression(document.body.clientWidth > 400? \'400px\': \'auto\' );\">'.highlightcode(\$outstr[1][$a]).'</div></td></tr></table></div>'",$string,1); } memRunHooks('BBCodeEnd',array(&$string)); } return ($smiles==1) ? bb2smile($string) : $string ; } function minibb2html($string,$smiles=1) { if (memRunHooks('BBCodeMini',array(&$string))) { $patterns = array( '`\[b\](.+?)\[/b\]`is', '`\[i\](.+?)\[/i\]`is', '`\[u\](.+?)\[/u\]`is', '`\[strike\](.+?)\[/strike\]`is', '`\[color=#([0-9a-zA-Z]{6})\](.+?)\[/color\]`is', '`\[email\](.+?)\[/email\]`is', '`\[url=([a-z0-9]+://)([\w\-]+\.([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*?)?)\](.*?)\[/url\]`si', '`\[url\]([a-z0-9]+?://){1}([\w\-]+\.([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*)?)\[/url\]`si', '`\[url\]((www|ftp)\.([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*?)?)\[/url\]`si', '`\[size=([0-9]+)\](.+?)\[/size\]`is' ); $replaces = array( '<b>\\1</b>', '<i>\\1</i>', '<u>\\1</u>', '<strike>\\1</strike>', '<span style="color:#\1;">\2</span>', '<a href="mailto:\1">\1</a>', '<a href="\1\2" target="_blank">\6</a>', '<a href="\1\2" target="_blank">\1\2</a>', '<a href="http://\1" target="_blank">\1</a>', '<span style="font-size:\1px">\2</span>' ); //Convert BBCode $string = nl2br(preg_replace($patterns,$replaces,$string)); $string = urlToLink($string); memRunHooks('BBCodeMiniEnd',array(&$string)); } return ($smiles==1) ? bb2smile($string) : $string ; } //BBSmiles - Forum function bb2smile($string) { global $dblink; $result = $dblink->get_list("SELECT * FROM memht_smiles"); foreach ($result as $row) { $title = outCode($row['title']); $img = outCode($row['img']); $code = outCode($row['code']); $string = str_replace($code, "<img src='images/smiles/$img' border='0' title='$title' alt='Smile'>", $string); } return $string; } function smileBox($form,$element,$columns=0,$totnum=16) { global $dblink; //Columns argument deprecated $sbcontent = "<div class='box' align='center'>"; $result = $dblink->get_list("SELECT * FROM memht_smiles LIMIT $totnum"); foreach ($result as $row) { $sbtitle = outCode($row['title']); $sbimg = outCode($row['img']); $sbcode = outCode($row['code']); $sbcontent .= "<img src='images/smiles/$sbimg' border='0' title='$sbtitle' alt='$sbtitle' style='margin: 1px; cursor:pointer;' onclick=\"addSmile('$sbcode','$form','$element');\">\n"; } $sbcontent .= "<div align='center'><a href='javascript:void(0);' onClick=\"openPopup('inc/popwin/smiles.php?form=$form&element=$element','300','400');\" title='"._SHOWALL_."'>"._SHOWALL_."</a></div>\n"; $sbcontent .= "</div>\n"; echo $sbcontent; } function bbcodeToolbar($form,$element,$style="public") { $content = ""; switch ($style) { case "mini": $content .= "<img src='images/bbcode/start.gif' alt='Start'>"; $content .= "<img src='images/bbcode/bold.gif' title='"._BOLD_."' alt='B' onclick=\"addBBCode('b','$form','$element');\">"; $content .= "<img src='images/bbcode/italic.gif' title='"._ITALIC_."' alt='I' onclick=\"addBBCode('i','$form','$element');\">"; $content .= "<img src='images/bbcode/underline.gif' title='"._UNDERLINED_."' alt='U' onclick=\"addBBCode('u','$form','$element');\">"; $content .= "<img src='images/bbcode/color.gif' title='"._FONTCOLOR_."' alt='F' onclick=\"addBBCodeColor('color','$form','$element')\">"; $content .= "<img src='images/bbcode/spacer.gif' alt='S'>"; $content .= "<img src='images/bbcode/url.gif' title='"._URL_."' alt='U' onclick=\"addBBCodeUrl('url','$form','$element');\">"; $content .= "<img src='images/bbcode/email_link.gif' title='"._EMAIL_."' alt='E' onclick=\"addBBCode('email','$form','$element');\">"; $content .= "<img src='images/bbcode/end.gif' alt='E'>"; break; case "public": $content .= "<img src='images/bbcode/start.gif' alt='S'>"; $content .= "<img src='images/bbcode/bold.gif' title='"._BOLD_."' alt='B' onclick=\"addBBCode('b','$form','$element');\">"; $content .= "<img src='images/bbcode/italic.gif' title='"._ITALIC_."' alt='I' onclick=\"addBBCode('i','$form','$element');\">"; $content .= "<img src='images/bbcode/underline.gif' title='"._UNDERLINED_."' alt='U' onclick=\"addBBCode('u','$form','$element');\">"; $content .= "<img src='images/bbcode/color.gif' title='"._FONTCOLOR_."' alt='F' onclick=\"addBBCodeColor('color','$form','$element')\">"; $content .= "<img src='images/bbcode/spacer.gif' alt='S'>"; $content .= "<img src='images/bbcode/left.gif' title='"._LEFT_."' alt='L' onclick=\"addBBCode('left','$form','$element');\">"; $content .= "<img src='images/bbcode/center.gif' title='"._CENTER_."' alt='C' onclick=\"addBBCode('center','$form','$element');\">"; $content .= "<img src='images/bbcode/right.gif' title='"._RIGHT_."' alt='R' onclick=\"addBBCode('right','$form','$element');\">"; $content .= "<img src='images/bbcode/spacer.gif' alt='S'>"; $content .= "<img src='images/bbcode/img.gif' title='"._IMAGE_."' alt='I' onclick=\"addBBCode('img','$form','$element');\">"; $content .= "<img src='images/bbcode/flash.gif' title='"._FLASH_."' alt='F' onclick=\"addBBCodeFlash('flash','$form','$element');\">"; $content .= "<img src='images/bbcode/youtube.gif' title='YouTube' alt='Y' onclick=\"addBBCodeYouTube('youtube','$form','$element');\">"; $content .= "<img src='images/bbcode/spacer.gif' alt='S'>"; $content .= "<img src='images/bbcode/url.gif' title='"._URL_."' alt='U' onclick=\"addBBCodeUrl('url','$form','$element');\">"; $content .= "<img src='images/bbcode/email_link.gif' title='"._EMAIL_."' alt='E' onclick=\"addBBCode('email','$form','$element');\">"; $content .= "<img src='images/bbcode/spacer.gif' alt='S'>"; $content .= "<img src='images/bbcode/quote.gif' title='"._QUOTE_."' alt='Q' onclick=\"addBBCode('quote','$form','$element');\">"; $content .= "<img src='images/bbcode/code.gif' title='"._CODE_."' alt='C' onclick=\"addBBCode('code','$form','$element');\">"; $content .= "<img src='images/bbcode/end.gif' alt='E'>"; break; } echo $content; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.006 ]-- |