0ct0pu5/FluxBB_by_Visman
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

rev.76

Browse source 
Removed support for IE 6-8
Fixed security bug
This commit is contained in:
Visman 2017-01-23 15:40:01 +07:00
parent 69fc273c1e
commit d04574ca6a
19 changed files with 193 additions and 222 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
admin_loader.php
View file

@ -19,7 +19,7 @@ if (!$pun_user['is_admmod'])
// The plugin to load should be supplied via GET
$plugin = isset($_GET['plugin']) ? $_GET['plugin'] : '';
if (!preg_match('%^AM?P_(\w*?)\.php$%i', $plugin))
if (!preg_match('%^AM?P_(\w*?)\.php$%iD', $plugin))
message($lang_common['Bad request'], false, '404 Not Found');
// AP_ == Admins only, AMP_ == admins and moderators

2
db_update.php
View file

@ -9,7 +9,7 @@
// The FluxBB version this script updates to
define('UPDATE_TO', '1.5.10');
define('UPDATE_TO_VER_REVISION', 75); // номер сборки - Visman
define('UPDATE_TO_VER_REVISION', 76); // номер сборки - Visman
define('UPDATE_TO_DB_REVISION', 21);
define('UPDATE_TO_SI_REVISION', 2.1);

2
include/common.php
View file

@ -12,7 +12,7 @@ if (!defined('PUN_ROOT'))
// Define the version and database revision that this code was written for
define('FORUM_VERSION', '1.5.10');
define('FORUM_VER_REVISION', 75); // номер сборки - Visman
define('FORUM_VER_REVISION', 76); // номер сборки - Visman
$page_js = array();

2
include/email.php
View file

@ -24,7 +24,7 @@ function is_valid_email($email)
if (strlen($email) > 80)
return false;
return preg_match('%^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|("[^"]+"))@((\[\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\])|(([a-zA-Z\d\-]+\.)+[a-zA-Z]{2,}))$%', $email);
return preg_match('%^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|("[^"]+"))@((\[\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\])|(([a-zA-Z\d\-]+\.)+[a-zA-Z]{2,}))$%D', $email);
}

21
include/functions.php
View file

@ -424,7 +424,10 @@ function check_bans()
// Add a dot or a colon (depending on IPv4/IPv6) at the end of the IP address to prevent banned address
// 192.168.0.5 from matching e.g. 192.168.0.50
$user_ip = get_remote_address();
$user_ip .= (strpos($user_ip, '.') !== false) ? '.' : ':';
$add = strpos($user_ip, '.') !== false ? '.' : ':';
$user_ip .= $add;
$username = utf8_strtolower($pun_user['username']);
$bans_altered = false;
$is_banned = false;
@ -439,7 +442,7 @@ function check_bans()
continue;
}
if ($cur_ban['username'] != '' && utf8_strtolower($pun_user['username']) == utf8_strtolower($cur_ban['username']))
if ($cur_ban['username'] != '' && $username == utf8_strtolower($cur_ban['username']))
$is_banned = true;
if ($cur_ban['ip'] != '')
@ -450,10 +453,7 @@ function check_bans()
for ($i = 0; $i < $num_ips; ++$i)
{
// Add the proper ending to the ban
if (strpos($user_ip, '.') !== false)
$cur_ban_ips[$i] = $cur_ban_ips[$i].'.';
else
$cur_ban_ips[$i] = $cur_ban_ips[$i].':';
$cur_ban_ips[$i] .= $add;
if (substr($user_ip, 0, strlen($cur_ban_ips[$i])) == $cur_ban_ips[$i])
{
@ -499,7 +499,7 @@ function check_username($username, $exclude_id = null)
$errors[] = $lang_prof_reg['Username too short'];
else if (pun_strlen($username) > 25) // This usually doesn't happen since the form element only accepts 25 characters
$errors[] = $lang_prof_reg['Username too long'];
else if (!preg_match('%^\p{L}[\p{L}\p{N}_ ]+$%u', $username)) // строгая проверка имени пользователя - Visman
else if (!preg_match('%^\p{L}[\p{L}\p{N}_ ]+$%uD', $username)) // строгая проверка имени пользователя - Visman
$errors[] = $lang_prof_reg['Username Error'];
else if (!strcasecmp($username, 'Guest') || !utf8_strcasecmp($username, $lang_common['Guest']))
$errors[] = $lang_prof_reg['Username guest'];
@ -1041,7 +1041,7 @@ function paginate($num_pages, $cur_page, $link)
//
function message($message, $no_back_link = false, $http_status = null)
{
global $db, $lang_common, $pun_config, $pun_start, $tpl_main, $pun_user;
global $db, $lang_common, $pun_config, $pun_start, $tpl_main, $pun_user, $page_js;
witt_query(); // MOD Кто в этой теме - Visman
@ -1870,7 +1870,10 @@ function remove_bad_characters($array)
return array_map('remove_bad_characters', $array);
// Strip out any invalid characters
$array = utf8_bad_strip($array);
if (version_compare(PHP_VERSION, '5.4.0', '>='))
$array = htmlspecialchars_decode(htmlspecialchars((string) $array, ENT_SUBSTITUTE, 'UTF-8')); // Visman
else
$array = utf8_bad_strip($array);
// Remove control characters
$array = preg_replace('%[\x00-\x08\x0b-\x0c\x0e-\x1f]%', '', $array);

43
include/parser.php
View file

@ -217,7 +217,7 @@ function preparse_tags($text, &$errors, $is_signature = false)
// Inline tags, we do not allow new lines in these
$tags_inline = array('b', 'i', 'u', 's', 'ins', 'del', 'em', 'color', 'colour', 'h', 'topic', 'post', 'forum', 'user');
// Tags we trim interior space
$tags_trim = array('img', 'imgl', 'imgr');
$tags_trim = array('img', 'imgl', 'imgr', 'url', 'email');
// Tags we remove quotes from the argument
$tags_quotes = array('url', 'email', 'img', 'imgl', 'imgr', 'topic', 'post', 'forum', 'user');
// Tags we limit bbcode in
@ -796,6 +796,7 @@ function do_bbcode($text, $is_signature = false)
if (strpos($text, '[quote') !== false)
{
$text = preg_replace('%\[quote\]\s*%', '</p><div class="quotebox"><blockquote><div><p>', $text);
// $text = preg_replace('%\[quote=(?P<quote>(?:&quot;|&\#039;|"|\'))?((?(quote)[^\r\n]+?|[^\r\n\]]++))(?(quote)(?P=quote))\]\s*%', '</p><div class="quotebox"><cite>$2 '.$lang_common['wrote'].'</cite><blockquote><div><p>', $text);
$text = preg_replace_callback('%\[quote=(&quot;|&\#039;|"|\'|)([^\r\n]*?)\\1\]%s', create_function('$matches', 'global $lang_common; return "</p><div class=\"quotebox\"><cite>".str_replace(array(\'[\', \'\\"\'), array(\'&#91;\', \'"\'), $matches[2])." ".$lang_common[\'wrote\']."</cite><blockquote><div><p>";'), $text);
$text = preg_replace('%\s*\[\/quote\]%S', '</p></div></blockquote></div><p>', $text);
}
@ -804,7 +805,7 @@ function do_bbcode($text, $is_signature = false)
if (strpos($text, '[spoiler') !== false)
{
$text = str_replace('[spoiler]', "</p><div class=\"quotebox\" style=\"padding: 0px;\"><div onclick=\"var e,d,c=this.parentNode,a=c.getElementsByTagName('div')[1],b=this.getElementsByTagName('span')[0];if(a.style.display!=''){while(c.parentNode&&(!d||!e||d==e)){e=d;d=(window.getComputedStyle?getComputedStyle(c, null):c.currentStyle)['backgroundColor'];if(d=='transparent'||d=='rgba(0, 0, 0, 0)')d=e;c=c.parentNode;}a.style.display='';a.style.backgroundColor=d;b.innerHTML='&#9650;';}else{a.style.display='none';b.innerHTML='&#9660;';}\" style=\"font-weight: bold; cursor: pointer; font-size: 0.9em;\"><span style=\"padding: 0 5px;\">&#9660;</span>".$lang_common['Hidden text']."</div><div style=\"padding: 6px; margin: 0; display: none;\"><p>", $text);
$text = preg_replace('%\[spoiler=([^\r\n]*?)\]%s', '</p><div class="quotebox" style="padding: 0px;"><div onclick="var e,d,c=this.parentNode,a=c.getElementsByTagName(\'div\')[1],b=this.getElementsByTagName(\'span\')[0];if(a.style.display!=\'\'){while(c.parentNode&&(!d||!e||d==e)){e=d;d=(window.getComputedStyle?getComputedStyle(c, null):c.currentStyle)[\'backgroundColor\'];if(d==\'transparent\'||d==\'rgba(0, 0, 0, 0)\')d=e;c=c.parentNode;}a.style.display=\'\';a.style.backgroundColor=d;b.innerHTML=\'&#9650;\';}else{a.style.display=\'none\';b.innerHTML=\'&#9660;\';}" style="font-weight: bold; cursor: pointer; font-size: 0.9em;"><span style="padding: 0 5px;">&#9660;</span>$1</div><div style="padding: 6px; margin: 0; display: none;"><p>', $text);
$text = preg_replace('%\[spoiler=(?P<quote>(?:&quot;|&\#039;|"|\'))?((?(quote)[^\r\n]+?|[^\r\n\]]++))(?(quote)(?P=quote))\]%', '</p><div class="quotebox" style="padding: 0px;"><div onclick="var e,d,c=this.parentNode,a=c.getElementsByTagName(\'div\')[1],b=this.getElementsByTagName(\'span\')[0];if(a.style.display!=\'\'){while(c.parentNode&&(!d||!e||d==e)){e=d;d=(window.getComputedStyle?getComputedStyle(c, null):c.currentStyle)[\'backgroundColor\'];if(d==\'transparent\'||d==\'rgba(0, 0, 0, 0)\')d=e;c=c.parentNode;}a.style.display=\'\';a.style.backgroundColor=d;b.innerHTML=\'&#9650;\';}else{a.style.display=\'none\';b.innerHTML=\'&#9660;\';}" style="font-weight: bold; cursor: pointer; font-size: 0.9em;"><span style="padding: 0 5px;">&#9660;</span>$2</div><div style="padding: 6px; margin: 0; display: none;"><p>', $text);
$text = str_replace('[/spoiler]', '</p></div></div><p>', $text);
}
@ -814,22 +815,22 @@ function do_bbcode($text, $is_signature = false)
$replace_callback[] = 'handle_list_tag($matches[2], $matches[1])';
}
$pattern[] = '%\[b\](.*?)\[/b\]%ms';
$pattern[] = '%\[i\](.*?)\[/i\]%ms';
$pattern[] = '%\[u\](.*?)\[/u\]%ms';
$pattern[] = '%\[s\](.*?)\[/s\]%ms';
$pattern[] = '%\[del\](.*?)\[/del\]%ms';
$pattern[] = '%\[ins\](.*?)\[/ins\]%ms';
$pattern[] = '%\[em\](.*?)\[/em\]%ms';
$pattern[] = '%\[colou?r=([a-zA-Z]{3,20}|\#[0-9a-fA-F]{6}|\#[0-9a-fA-F]{3})](.*?)\[/colou?r\]%ms';
$pattern[] = '%\[h\](.*?)\[/h\]%ms';
$pattern[] = '%\[b\](.*?)\[/b\]%s';
$pattern[] = '%\[i\](.*?)\[/i\]%s';
$pattern[] = '%\[u\](.*?)\[/u\]%s';
$pattern[] = '%\[s\](.*?)\[/s\]%s';
$pattern[] = '%\[del\](.*?)\[/del\]%s';
$pattern[] = '%\[ins\](.*?)\[/ins\]%s';
$pattern[] = '%\[em\](.*?)\[/em\]%s';
$pattern[] = '%\[colou?r=([a-zA-Z]{3,20}|\#[0-9a-fA-F]{6}|\#[0-9a-fA-F]{3})](.*?)\[/colou?r\]%s';
$pattern[] = '%\[h\](.*?)\[/h\]%s';
// дополнительные ббкоды - Visman
$pattern[] = '%\[hr\]%';
$pattern[] = '%\[size=([0-9]*)](.*?)\[/size\]%s';
$pattern[] = '%\[right\](.*?)\[/right\]%ms';
$pattern[] = '%\[center\](.*?)\[/center\]%ms';
$pattern[] = '%\[justify\](.*?)\[/justify\]%ms';
$pattern[] = '%\[mono\](.*?)\[/mono\]%ms';
$pattern[] = '%\[size=([1-9]\d{0,2})](.*?)\[/size\]%s';
$pattern[] = '%\[right\](.*?)\[/right\]%s';
$pattern[] = '%\[center\](.*?)\[/center\]%s';
$pattern[] = '%\[justify\](.*?)\[/justify\]%s';
$pattern[] = '%\[mono\](.*?)\[/mono\]%s';
$replace[] = '<strong>$1</strong>';
$replace[] = '<em>$1</em>';
@ -874,11 +875,11 @@ function do_bbcode($text, $is_signature = false)
}
}
$pattern_callback[] = '%\[after=(\d*)\]%';
$pattern_callback[] = '%\[url\]([^\[]*?)\[/url\]%';
$pattern_callback[] = '%\[url=([^\[]+?)\](.*?)\[/url\]%';
$pattern[] = '%\[email\]([^\[]*?)\[/email\]%';
$pattern[] = '%\[email=([^\[]+?)\](.*?)\[/email\]%';
$pattern_callback[] = '%\[after=(\d+)\]%';
$pattern_callback[] = '%\[url\]([^\[\r\n\t]*?)\[/url\]%';
$pattern_callback[] = '%\[url=([^\[\r\n\t]+?)\](.*?)\[/url\]%';
$pattern[] = '%\[email\]([^\[\r\n\t]+?@[^\[\r\n\t]+?)\[/email\]%';
$pattern[] = '%\[email=([^\[\r\n\t]+?@[^\[\r\n\t]+?)\](.*?)\[/email\]%';
$pattern_callback[] = '%\[topic\]([1-9]\d*)\[/topic\]%';
$pattern_callback[] = '%\[topic=([1-9]\d*)\](.*?)\[/topic\]%';
$pattern_callback[] = '%\[post\]([1-9]\d*)\[/post\]%';

2
include/pms_new/common_pmsn.php
View file

@ -167,7 +167,7 @@ function pmsn_user_delete($user, $mflag, $topics = array())
pmsn_user_update($user_up[$i]);
}
function pmsn_get_var($name, $default = NULL)
function pmsn_get_var($name, $default = null)
{
if (isset($_POST[$name]))
return $_POST[$name];

4
include/pms_new/mdl/topic.php
View file

@ -196,7 +196,7 @@ while ($cur_post = $db->fetch_assoc($result))
{
$cur_post['g_id'] = PUN_GUEST;
// мод пола - Visman
$cur_post['gender'] = NULL;
$cur_post['gender'] = null;
}
// мод пола - Visman
@ -205,7 +205,7 @@ while ($cur_post = $db->fetch_assoc($result))
else if ($cur_post['gender'] == 2)
$cur_post['gender'] = 'female';
else
$cur_post['gender'] = NULL;
$cur_post['gender'] = null;
if ($pun_user['id'] != $cur_post['poster_id'])
{

6
include/poll.php
View file

@ -66,7 +66,7 @@ function poll_can_vote($tid, $uid)
}
// получение информации по опросу **********************************************
function poll_info($tid, $uid = NULL)
function poll_info($tid, $uid = null)
{
global $db;
@ -599,7 +599,7 @@ function poll_display($tid, $uid, $info, $top, $prev = false)
if (is_null($info)) return;
$can_vote = ($info['canVote'] && $top[0] != 2 && poll_post('poll_view') == null);
$can_vote = ($info['canVote'] && $top[0] != 2 && poll_post('poll_view') === null);
$can_visi = ((($info['isGuest'] && $pun_config['o_poll_guest'] == '1') || !$info['isGuest']) && $top[2] <= $top[3]);
$fmess = '';
if ($prev)
@ -612,7 +612,7 @@ function poll_display($tid, $uid, $info, $top, $prev = false)
$fmess = $lang_poll['M3'];
else if ($info['isGuest'])
$fmess = $lang_poll['M4'];
else if (poll_post('poll_view') != null)
else if (poll_post('poll_view') !== null)
$fmess = '<a href="javascript:history.go(-1)">'.$lang_common['Go back'].'</a>';
else if (!$can_vote)
$fmess = $lang_poll['M0'];

2
install.php
View file

@ -9,7 +9,7 @@
// The FluxBB version this script installs
define('FORUM_VERSION', '1.5.10');
define('FORUM_VER_REVISION', 75); // номер сборки - Visman
define('FORUM_VER_REVISION', 76); // номер сборки - Visman
define('FORUM_DB_REVISION', 21);
define('FORUM_SI_REVISION', 2.1);

93
js/collapse.js
View file

@ -1,36 +1,23 @@
// collapse.js v2.0.1 Copyright (C) 2014-2015 Visman (mio.visman@yandex.ru)
// collapse.js v2.0.2 Copyright (C) 2014-2016 Visman (mio.visman@yandex.ru)
if (typeof FluxBB === 'undefined' || !FluxBB) {var FluxBB = {};}
FluxBB.collapse = (function (doc) {
'use strict';
var dd;
function get(e) {
return doc.getElementById(e);
}
function getCN(classname, node) {
node = node || doc;
if (node.querySelectorAll)
{
if (node.querySelectorAll) {
return node.querySelectorAll('.' + classname);
}
else if (node.getElementsByClassName)
{
} else if (node.getElementsByClassName) {
return node.getElementsByClassName(classname);
}
else
{
var list = node.all || node.getElementsByTagName('*');
var result = [];
for (var index = 0, elem; elem = list[index++];)
{
if (elem.className && (' ' + elem.className + ' ').indexOf(' ' + classname + ' ') > -1)
{
result[result.length] = elem;
}
}
return result;
}
return [];
}
function setCookie(name, value, expires, path, domain, secure) {
@ -47,46 +34,46 @@ FluxBB.collapse = (function (doc) {
}
function getCookie(name) {
var pattern = "(?:; )?" + FluxBB.vars.collapse_cookieid + name + "=([^;]*);?";
var regexp = new RegExp(pattern);
if (regexp.test(doc.cookie))
return decodeURIComponent(RegExp["$1"]);
return false;
if (!name) return false;
name = (FluxBB.vars.collapse_cookieid + name).replace(/([\.\$\?\*\|\{\}\(\)\[\]\\\/\+\^])/g, '\\$1');
var m = doc.cookie.match(new RegExp('(?:^|; )' + name + '=([^;]*)'));
return m ? decodeURIComponent(m[1]) : false;
}
function getCSS(element, property) {
return (typeof getComputedStyle == "undefined" ? element.currentStyle : getComputedStyle(element, null))[property];
return (typeof getComputedStyle === 'undefined' ? element.currentStyle : getComputedStyle(element, null))[property];
}
return {
init: function () {
var i, tmp, old = true, f = true, saved = [],
brdmain = get('brdmain'),
blocktables = getCN('blocktable', brdmain);
var i, tmp, cur, saved, old = true, f = true,
blocktables = getCN('blocktable', get('brdmain'));
dd = new Date();
dd.setFullYear(dd.getFullYear() + 1);
for (i in blocktables) {
if (blocktables[i].id) {
cur = blocktables[i];
if (cur.id) {
if (f) {
if (getCSS(blocktables[i].getElementsByTagName('h2')[0], 'position') == 'absolute' || getCSS(blocktables[i].getElementsByTagName('thead')[0], 'display') == 'none')
if (getCSS(cur.getElementsByTagName('h2')[0], 'position') == 'absolute' || getCSS(cur.getElementsByTagName('thead')[0], 'display') == 'none')
old = false;
f = false;
}
var id = blocktables[i].id.replace('idx', '');
if (old) { // FluxBB.vars.collapse_old == '1'
var h2 = blocktables[i].getElementsByTagName('h2')[0];
h2.insertAdjacentHTML('afterBegin', '<span class="conr"><img src="' + FluxBB.vars.collapse_folder + 'exp_up.png" onclick="FluxBB.collapse.toggle(' + id + ')" alt="-" id="collapse_img_' + id + '" /></span>');
getCN('box', blocktables[i])[0].setAttribute('id', 'collapse_box_' + id);
var id = cur.id.replace('idx', '');
if (old) {
cur.getElementsByTagName('h2')[0].insertAdjacentHTML('afterBegin', '<span class="conr"><img src="' + FluxBB.vars.collapse_folder + 'exp_up.png" onclick="FluxBB.collapse.toggle(' + id + ')" alt="-" id="collapse_img_' + id + '" /></span>');
getCN('box', cur)[0].setAttribute('id', 'collapse_box_' + id);
} else {
blocktables[i].getElementsByTagName('tbody')[0].setAttribute('id', 'collapse_box_' + id);
var ths = blocktables[i].getElementsByTagName('thead')[0].getElementsByTagName('th'), th = ths[ths.length-1];
cur.getElementsByTagName('tbody')[0].setAttribute('id', 'collapse_box_' + id);
var ths = cur.getElementsByTagName('thead')[0].getElementsByTagName('th'), th = ths[ths.length-1];
th.insertAdjacentHTML('beforeEnd', '<span class="conr"><img src="' + FluxBB.vars.collapse_folder + 'exp_up.png" onclick="FluxBB.collapse.toggle(' + id + ')" alt="-" id="collapse_img_' + id + '" /></span>');
}
}
}
if (tmp = getCookie('collaps')) {
saved = tmp.split(",");
saved = tmp.split(',');
for(i = 0 ; i < saved.length; i++) {
FluxBB.collapse.toggle(saved[i]);
@ -96,38 +83,34 @@ FluxBB.collapse = (function (doc) {
},
toggle: function (id) {
var saved = [], clean = [], i, tmp;
var saved, clean = [], i, tmp;
if (tmp = getCookie('collaps')) {
saved = tmp.split(",");
saved = tmp.split(',');
for(i = 0 ; i < saved.length; i++) {
if (saved[i] != id && saved[i] != "") {
if (saved[i] != id && saved[i] != '') {
clean[clean.length] = saved[i];
}
}
}
if (get('collapse_box_'+id).style.display == "")
{
if (get('collapse_box_'+id).style.display == '') {
clean[clean.length] = id;
get('collapse_box_'+id).style.display = "none";
get('collapse_box_'+id).style.display = 'none';
get('collapse_img_'+id).src = get('collapse_img_'+id).src.replace('up','down');
get('collapse_img_'+id).setAttribute('alt', '+');
}
else
{
get('collapse_box_'+id).style.display = "";
} else {
get('collapse_box_'+id).style.display = '';
get('collapse_img_'+id).src = get('collapse_img_'+id).src.replace('down','up');
get('collapse_img_'+id).setAttribute('alt', '-');
}
if (clean.length == 0) {
setCookie('collaps', null, new Date(0));
} else {
setCookie('collaps', clean.join(","), new Date("January 01, 2020 12:00:00"));
setCookie('collaps', null, new Date(0));
} else {
setCookie('collaps', clean.join(','), dd);
}
}
};
}(document));
}(document));

4
js/media.min.js vendored
View file

File diff suppressed because one or more lines are too long

135
js/post.js
View file

@ -1,4 +1,4 @@
// post.js v2.1.0 Copyright (C) 2014-2015 Visman (mio.visman@yandex.ru)
// post.js v2.1.1 Copyright (C) 2014-2016 Visman (mio.visman@yandex.ru)
if (typeof FluxBB === 'undefined' || !FluxBB) {var FluxBB = {};}
FluxBB.post = (function (doc, win) {
@ -27,16 +27,8 @@ FluxBB.post = (function (doc, win) {
return node.querySelectorAll('.' + classname);
} else if (node.getElementsByClassName) {
return node.getElementsByClassName(classname);
} else {
var list = node.all || node.getElementsByTagName('*');
var result = [];
for (var index = 0, elem; elem = list[index++];) {
if (elem.className && (' ' + elem.className + ' ').indexOf(' ' + classname + ' ') > -1) {
result[result.length] = elem;
}
}
return result;
}
return [];
}
function createElement(elem) {
@ -81,47 +73,26 @@ FluxBB.post = (function (doc, win) {
}
}
function SmileysMapBB() {
var html = "";
function SmileysMapBB() {
var html = '';
for (var i = 0; i < FluxBB.vars.bbSmImg.length; i++) {
html += "<img src=\"img/smilies/" + FluxBB.vars.bbSmImg[i] + "\" alt=\"" + FluxBB.vars.bbSmTxt[i] + "\" onclick=\"return FluxBB.post.insText('', ' " + FluxBB.vars.bbSmTxt[i].replace(/\\/g, '\\\\').replace(/&#039;/g, '\\\'') + " ');\" />"
html += '<img src="img/smilies/' + FluxBB.vars.bbSmImg[i] + '" alt="' + FluxBB.vars.bbSmTxt[i] + '" onclick="return FluxBB.post.insText(\'\', \' ' + FluxBB.vars.bbSmTxt[i].replace(/\\/g, '\\\\').replace(/&#039;/g, '\\\'') + ' \');" />';
}
return html;
}
function ColorMapBB() {
var colors = [
"#000000","#000033","#000066","#000099","#0000cc","#0000ff","#330000","#330033",
"#330066","#330099","#3300cc","#3300ff","#660000","#660033","#660066","#660099",
"#6600cc","#6600ff","#990000","#990033","#990066","#990099","#9900cc","#9900ff",
"#cc0000","#cc0033","#cc0066","#cc0099","#cc00cc","#cc00ff","#ff0000","#ff0033",
"#ff0066","#ff0099","#ff00cc","#ff00ff","#003300","#003333","#003366","#003399",
"#0033cc","#0033ff","#333300","#333333","#333366","#333399","#3333cc","#3333ff",
"#663300","#663333","#663366","#663399","#6633cc","#6633ff","#993300","#993333",
"#993366","#993399","#9933cc","#9933ff","#cc3300","#cc3333","#cc3366","#cc3399",
"#cc33cc","#cc33ff","#ff3300","#ff3333","#ff3366","#ff3399","#ff33cc","#ff33ff",
"#006600","#006633","#006666","#006699","#0066cc","#0066ff","#336600","#336633",
"#336666","#336699","#3366cc","#3366ff","#666600","#666633","#666666","#666699",
"#6666cc","#6666ff","#996600","#996633","#996666","#996699","#9966cc","#9966ff",
"#cc6600","#cc6633","#cc6666","#cc6699","#cc66cc","#cc66ff","#ff6600","#ff6633",
"#ff6666","#ff6699","#ff66cc","#ff66ff","#009900","#009933","#009966","#009999",
"#0099cc","#0099ff","#339900","#339933","#339966","#339999","#3399cc","#3399ff",
"#669900","#669933","#669966","#669999","#6699cc","#6699ff","#999900","#999933",
"#999966","#999999","#9999cc","#9999ff","#cc9900","#cc9933","#cc9966","#cc9999",
"#cc99cc","#cc99ff","#ff9900","#ff9933","#ff9966","#ff9999","#ff99cc","#ff99ff",
"#00cc00","#00cc33","#00cc66","#00cc99","#00cccc","#00ccff","#33cc00","#33cc33",
"#33cc66","#33cc99","#33cccc","#33ccff","#66cc00","#66cc33","#66cc66","#66cc99",
"#66cccc","#66ccff","#99cc00","#99cc33","#99cc66","#99cc99","#99cccc","#99ccff",
"#cccc00","#cccc33","#cccc66","#cccc99","#cccccc","#ccccff","#ffcc00","#ffcc33",
"#ffcc66","#ffcc99","#ffcccc","#ffccff","#00ff00","#00ff33","#00ff66","#00ff99",
"#00ffcc","#00ffff","#33ff00","#33ff33","#33ff66","#33ff99","#33ffcc","#33ffff",
"#66ff00","#66ff33","#66ff66","#66ff99","#66ffcc","#66ffff","#99ff00","#99ff33",
"#99ff66","#99ff99","#99ffcc","#99ffff","#ccff00","#ccff33","#ccff66","#ccff99",
"#ccffcc","#ccffff","#ffff00","#ffff33","#ffff66","#ffff99","#ffffcc","#ffffff"];
var colors = [], a = ['00', '33', '66', '99', 'cc', 'ff'];
for (var x = 0; x < 6; x++) {
for (var y = 0; y < 6; y++) {
for (var z = 0; z < 6; z++) {
colors.push('#' + a[y] + a[x] + a[z]);
}
}
}
var html = '<table class="tbl"><tr>';
for (var i=0; i<colors.length; i++) {
html += "<td style='background-color:" + colors[i] + "' onclick=\"return FluxBB.post.insText('[color=" + colors[i] + "]', '[/color]');\" onfocus=\"FluxBB.post.showMapColor('" + colors[i] + "');\" onmouseover=\"FluxBB.post.showMapColor('" + colors[i] + "');\">"
html += '</td>';
html += '<td style="background-color:' + colors[i] + '" onclick="return FluxBB.post.insText(\'[color=' + colors[i] + ']\', \'[/color]\');" onfocus="FluxBB.post.showMapColor(\'' + colors[i] + '\');" onmouseover="FluxBB.post.showMapColor(\'' + colors[i] + '\');"></td>';
if ((i+1) % 18 == 0) html += '</tr><tr>';
}
html += '<td colspan="9" id="selectedMapColor" height="16"></td>'
@ -137,7 +108,7 @@ FluxBB.post = (function (doc, win) {
fls = true;
textarea = doc.getElementsByName('req_message')[0];
if (typeof(textarea) === 'undefined') return false;
if (typeof textarea === 'undefined') return false;
bbcode = [{i:'b.png', a:'[b]', s:'[b]', e:'[/b]'},
{i:'i.png', a:'[i]', s:'[i]', e:'[/i]'},
@ -199,22 +170,22 @@ FluxBB.post = (function (doc, win) {
if (blockposts[i].id) {
var id = blockposts[i].id.replace('p', '');
var dt = blockposts[i].getElementsByTagName('dt')[0];
if (typeof(dt) !== 'undefined') {
if (typeof dt !== 'undefined') {
var a = dt.innerHTML;
var n = a.replace(/<[^>]+>/g, '');
// Decode html special chars
n = n.replace(/&lt;/g, '<');
n = n.replace(/&gt;/g, '>');
n = n.replace(/&quot;/g, '"');
n = n.replace(/&#039;/g, '\'');
n = n.replace(/&nbsp;/g, ' ');
n = n.replace(/&#160;/g, ' ');
nameusers[id] = n.replace(/&amp;/g, '&');
nameusers[id] = n.replace(/&lt;/g, '<')
.replace(/&gt;/g, '>')
.replace(/&quot;/g, '"')
.replace(/&#039;/g, '\'')
.replace(/&nbsp;/g, ' ')
.replace(/&#160;/g, ' ')
.replace(/&amp;/g, '&');
dt.insertAdjacentHTML('afterBegin', '<strong><a href="#req_message" onclick="return FluxBB.post.insName(' + id + ');">@ </a></strong>');
var quote = getCN('postquote', blockposts[i])[0];
if (typeof(quote) !== 'undefined') {
if (typeof quote !== 'undefined') {
a = quote.getElementsByTagName('a')[0];
p = quote.parentNode;
p.insertAdjacentHTML('beforeEnd', '<li class="postquote"><span id="pq' + id + '"><a href="' + a.href.replace(/&/g, '&amp;') + '" onmousedown="FluxBB.post.getText();" onclick="return FluxBB.post.quote(' + id + ');">' + lang['QQ'] + '</a></span></li>');
@ -224,10 +195,10 @@ FluxBB.post = (function (doc, win) {
}
if (!!FluxBB.vars.bbFlagUp && !FluxBB.vars.bbGuest) {
var all_ul = doc.getElementsByTagName("ul"),
var all_ul = doc.getElementsByTagName('ul'),
i = all_ul.length - 1;
while (i > -1) {
if (all_ul[i].className == "bblinks") {
if (all_ul[i].className == 'bblinks') {
all_ul[i].insertAdjacentHTML('beforeEnd', '<li><span><a href="upfiles.php" onclick="return FluxBB.post.popUp(this.href);"><strong>' + lang['upfiles'] + '</strong></a></span></li>');
i = 0;
}
@ -240,33 +211,31 @@ FluxBB.post = (function (doc, win) {
get('bbcode_color_map').style.display = 'none';
get('bbcode_smileys').style.display = 'none';
textarea.focus();
// IE support
if (doc.selection && doc.selection.createRange) {
sel = doc.selection.createRange();
sel.text = open + sel.text + close;
}
// Moz support
else if (textarea.selectionStart || textarea.selectionStart == '0') {
var startPos = textarea.selectionStart;
var endPos = textarea.selectionEnd;
textarea.value = textarea.value.substring(0, startPos) + open + textarea.value.substring(startPos, endPos) + close + textarea.value.substring(endPos);
if (startPos == endPos && open == '') {
textarea.selectionStart = startPos + close.length;
textarea.selectionEnd = endPos + close.length;
// all and IE9+
if ('selectionStart' in textarea) {
var len = textarea.value.length,
sp = Math.min(textarea.selectionStart, len), // IE bug
ep = Math.min(textarea.selectionEnd, len); // IE bug
textarea.value = textarea.value.substring(0, sp) + open + textarea.value.substring(sp, ep) + close + textarea.value.substring(ep);
if (sp == ep && open == '') {
textarea.selectionStart = sp + close.length;
textarea.selectionEnd = ep + close.length;
} else {
textarea.selectionStart = startPos + open.length;
textarea.selectionEnd = endPos + open.length;
textarea.selectionStart = sp + open.length;
textarea.selectionEnd = ep + open.length;
}
}
// Fallback support for other browsers
else {
textarea.value += open + close;
// IE9-
else if (doc.selection && doc.selection.createRange) {
var sel = doc.selection.createRange();
sel.text = open + sel.text + close;
}
textarea.focus();
return false;
},
insName: function (id) {
insName: function (id) {
return FluxBB.post.insText('', '[b]@' + nameusers[id] + '[/b], ');
},
@ -276,8 +245,8 @@ FluxBB.post = (function (doc, win) {
},
quote: function (id) {
if (typeof(id) !== 'number' || id < 1) return false;
if (quote_text != "") {
if (typeof id !== 'number' || id < 1) return false;
if (quote_text != '') {
return FluxBB.post.insText('', '[quote="' + nameusers[id] + '"]\n' + quote_text + '\n[/quote]\n');
} else if (!FluxBB.vars.bbGuest){
check_apq();
@ -289,8 +258,8 @@ FluxBB.post = (function (doc, win) {
get('pq' + apq_id).innerHTML = '<img src="img/loading.gif" />&#160;<a href="#">' + lang['Loading'] + '</a>';
req.onreadystatechange=function(){orsc(req);};
req.open("POST", 'pjq.php?' + id, true);
req.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
req.open('POST', 'pjq.php?' + id, true);
req.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
req.send('action=' + typepost + '&id=' + id);
}
} else {
@ -304,7 +273,7 @@ FluxBB.post = (function (doc, win) {
w = Math.min(820, screen.width),
t = Math.max((screen.height - h) / 3, 0),
l = (screen.width - w) / 2;
win.open(url, 'gest', "top=" + t + ",left=" + l + ",width=" + w + ",height=" + h + ",resizable=yes,location=no,menubar=no,status=no,scrollbars=yes");
win.open(url, 'gest', 'top=' + t + ',left=' + l + ',width=' + w + ',height=' + h + ',resizable=yes,location=no,menubar=no,status=no,scrollbars=yes');
return false;
},
@ -341,13 +310,13 @@ FluxBB.post = (function (doc, win) {
},
showMapColor : function (color) {
get("selectedMapColor").style.backgroundColor = color;
get("selectedMapColorBox").value = color;
get('selectedMapColor').style.backgroundColor = color;
get('selectedMapColorBox').value = color;
}
};
}(document, window));
if (typeof(jQuery) !== "undefined") {
if (typeof jQuery !== 'undefined') {
(function($){var textarea,staticOffset;var iLastMousePos=0;var iMin=64;var grip;$.fn.TextAreaResizer=function(){return this.each(function(){textarea=$(this).addClass('processed'),staticOffset=null;$(this).wrap('<div class="resizable-textarea"><span></span></div>').parent().append($('<div class="grippie"></div>').bind("mousedown",{el:this},startDrag));var grippie=$('div.grippie',$(this).parent())[0];grippie.style.marginRight=(grippie.offsetWidth-$(this)[0].offsetWidth)+'px'})};function startDrag(e){textarea=$(e.data.el);textarea.blur();iLastMousePos=mousePosition(e).y;staticOffset=textarea.height()-iLastMousePos;if(!window.ActiveXObject){textarea.css('opacity',0.25)}$(document).mousemove(performDrag).mouseup(endDrag);return false}function performDrag(e){var iThisMousePos=mousePosition(e).y;var iMousePos=staticOffset+iThisMousePos;if(iLastMousePos>=(iThisMousePos)){iMousePos-=5}iLastMousePos=iThisMousePos;iMousePos=Math.max(iMin,iMousePos);textarea.height(iMousePos+'px');if(iMousePos<iMin){endDrag(e)}return false}function endDrag(e){$(document).unbind('mousemove',performDrag).unbind('mouseup',endDrag);if(!window.ActiveXObject){textarea.css('opacity',1)}textarea.focus();textarea=null;staticOffset=null;iLastMousePos=0}function mousePosition(e){return{x:e.clientX+document.documentElement.scrollLeft,y:e.clientY+document.documentElement.scrollTop}}})(jQuery);
$(document).ready(function() {$('textarea:not(.processed)').TextAreaResizer();});
}
}

1
login.php
View file

@ -121,6 +121,7 @@ else if ($action == 'out')
exit;
}
unset($errors);
confirm_referrer('login.php');
// Remove user from "users online" list

2
moderate.php
View file

@ -18,7 +18,7 @@ if (isset($_GET['get_host']))
message($lang_common['No permission'], false, '403 Forbidden');
// Is get_host an IP address or a post ID?
if (@preg_match('%^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$%', $_GET['get_host']) || @preg_match('%^((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))$%', $_GET['get_host']))
if (@preg_match('%^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$%D', $_GET['get_host']) || @preg_match('%^((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))$%D', $_GET['get_host']))
$ip = $_GET['get_host'];
else
{

8
plugins/AP_Upload.php
View file

@ -1,7 +1,7 @@
<?php
/**
* Copyright (C) 2011-2015 Visman (mio.visman@yandex.ru)
* Copyright (C) 2011-2016 Visman (mio.visman@yandex.ru)
* Copyright (C) 2007 BN (bnmaster@la-bnbox.info)
* License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
*/
@ -12,7 +12,7 @@ if (!defined('PUN'))
// Tell admin_loader.php that this is indeed a plugin and that it is loaded
define('PUN_PLUGIN_LOADED', 1);
define('PLUGIN_VERSION', '2.0.3');
define('PLUGIN_VERSION', '2.0.4');
define('PLUGIN_URL', pun_htmlspecialchars('admin_loader.php?plugin='.$plugin));
define('PLUGIN_EXTS', 'jpg,jpeg,png,gif,mp3,zip,rar,7z');
define('PLUGIN_NF', 25);
@ -72,7 +72,7 @@ else if (isset($_POST['update']))
{
$g_ext = str_replace(' ', '', $g_up_ext[$cur_group['g_id']]);
$g_ext = preg_replace('%[,]+%u', ',', $g_ext);
if (preg_match('%^[0-9a-zA-Z][0-9a-zA-Z,]*[0-9a-zA-Z]$%u', $g_ext) == 0)
if (preg_match('%^[0-9a-zA-Z][0-9a-zA-Z,]*[0-9a-zA-Z]$%uD', $g_ext) == 0)
$g_ext = PLUGIN_EXTS;
$g_ext = strtolower($g_ext);
}
@ -501,7 +501,7 @@ else
$dir = $mem.$fi[1].'/';
$size_file = file_size(filesize(PUN_ROOT.$file));
$miniature = $dir.'mini_'.$fi[2].'.'.$fi[3];
if (isset($_POST['update_thumb']) && $_POST['update_thumb'] != NULL && $aconf['thumb'] == 1 && array_key_exists(strtolower($fi[3]),$extimageGD))
if (isset($_POST['update_thumb']) && $aconf['thumb'] == 1 && array_key_exists(strtolower($fi[3]),$extimageGD))
img_resize(PUN_ROOT.$file, $dir, 'mini_'.$fi[2], $fi[3], 0, $aconf['thumb_size'], $aconf['thumb_perc']);
?>

2
pmsnew.php
View file

@ -86,7 +86,7 @@ else
}
// проверка модуля
if (!preg_match('%^[a-z]+$%', $pmsn_modul))
if (preg_match('%[^a-z]%', $pmsn_modul))
message($lang_common['Bad request'], false, '404 Not Found');
if (!file_exists(PUN_ROOT.'include/pms_new/mdl/'.$pmsn_modul.'.php'))

14
robots.txt
View file

@ -11,6 +11,20 @@ Disallow: /r
Disallow: /s
Disallow: /u
Disallow: /*pid=
User-agent: Yandex
Disallow: /a
Disallow: /d
Disallow: /c
Disallow: /e
Disallow: /j
Disallow: /l
Disallow: /m
Disallow: /p
Disallow: /r
Disallow: /s
Disallow: /u
Disallow: /*pid=
Crawl-delay: 5
Clean-param: search_hl
Clean-param: csrf_hash

70
upfiles.php
View file

@ -1,7 +1,7 @@
<?php
/**
* Copyright (C) 2011-2013 Visman (mio.visman@yandex.ru)
* Copyright (C) 2011-2016 Visman (mio.visman@yandex.ru)
* License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
*/
@ -436,7 +436,7 @@ if (typeof FluxBB === 'undefined' || !FluxBB) {var FluxBB = {};}
FluxBB.upfile = (function (doc, win) {
'use strict';
var url, src;
var url, src, par, area;
function get(elem) {
return doc.getElementById(elem);
@ -453,12 +453,12 @@ FluxBB.upfile = (function (doc, win) {
function get_us(li) {
url = '';
src = '';
var div = li.getElementsByTagName("div")[1];
var div = li.getElementsByTagName('div')[1];
if (!!div) {
var a = div.getElementsByTagName("a")[0];
var a = div.getElementsByTagName('a')[0];
if (!!a) {
url = a.href;
var img = a.getElementsByTagName("img")[0];
var img = a.getElementsByTagName('img')[0];
if (!!img) src = img.src;
}
}
@ -468,15 +468,15 @@ FluxBB.upfile = (function (doc, win) {
get_us(li);
if (!!url) {
var div = createElement("div");
div.className = "upf-but upf-insert";
div.innerHTML = "<a title=\"<?php echo $lang_up['insert'] ?>\" href=\"#\" onclick=\"return FluxBB.upfile.ins(this);\"><span></span></a>";
var div = createElement('div');
div.className = 'upf-but upf-insert';
div.innerHTML = '<a title="<?php echo $lang_up['insert'] ?>" href="#" onclick="return FluxBB.upfile.ins(this);"><span></span></a>';
li.appendChild(div);
if (is_img(src) && src != url) {
div = createElement("div");
div.className = "upf-but upf-insert-t";
div.innerHTML = "<a title=\"<?php echo $lang_up['insert_thumb'] ?>\" href=\"#\" onclick=\"return FluxBB.upfile.ins(this, 1);\"><span></span></a>";
div = createElement('div');
div.className = 'upf-but upf-insert-t';
div.innerHTML = '<a title="<?php echo $lang_up['insert_thumb'] ?>" href="#" onclick="return FluxBB.upfile.ins(this, 1);"><span></span></a>';
li.appendChild(div);
}
}
@ -484,23 +484,18 @@ FluxBB.upfile = (function (doc, win) {
function insr(s, e, t)
{
var par = win.opener.document,
area = par.getElementsByName("req_message")[0];
if (!area) return;
area.focus();
if (par.selection && par.selection.createRange) { // IE
var sel = par.selection.createRange();
sel.text = s + (!sel.text ? t : sel.text) + e;
sel.select();
} else if ("selectionStart" in area) { // all new
var sp = area.selectionStart,
ep = area.selectionEnd;
if ('selectionStart' in area) { // all new
var len = area.value.length,
sp = Math.min(area.selectionStart, len), // IE bug
ep = Math.min(area.selectionEnd, len); // IE bug
area.value = area.value.substring(0, sp) + s + (sp == ep ? t : area.value.substring(sp, ep)) + e + area.value.substring(ep);
area.selectionStart = ep + e.length + s.length + (sp == ep ? t.length : 0);
area.selectionEnd = area.selectionStart;
} else { // other
area.value += s + t + e;
} else if (par.selection && par.selection.createRange) { // IE
var sel = par.selection.createRange();
sel.text = s + (!sel.text ? t : sel.text) + e;
sel.select();
}
win.focus();
}
@ -519,11 +514,11 @@ FluxBB.upfile = (function (doc, win) {
function orsc(req, ref) {
if (req.readyState == 4)
{
ref.className = "";
ref.className = '';
if (req.status == 200 && req.responseText == "ok") {
if (req.status == 200 && req.responseText == 'ok') {
ref.parentNode.parentNode.parentNode.removeChild(ref.parentNode.parentNode);
if (get("upf-list").getElementsByTagName("li").length == 0) {
if (get('upf-list').getElementsByTagName('li').length == 0) {
win.location.reload(true);
}
}
@ -534,12 +529,12 @@ FluxBB.upfile = (function (doc, win) {
del : function (ref) {
if (ref.className) return !1;
ref.className = "upf-loading";
ref.className = 'upf-loading';
var req = cr_req();
if (req) {
req.onreadystatechange=function(){orsc(req, ref);};
req.open("GET", ref.href + "&ajx=1", true);
req.open('GET', ref.href + '&ajx=1', true);
req.send();
return !1;
@ -553,21 +548,26 @@ FluxBB.upfile = (function (doc, win) {
get_us(ref.parentNode.parentNode);
if (f && is_img(src) && src != url) {
insr("", "[url=" + url + "][img]" + src + "[/img][/url]", "");
insr('', '[url=' + url + '][img]' + src + '[/img][/url]', '');
} else if (is_img(url)) {
insr("", "[img]" + url + "[/img]", "");
insr('', '[img]' + url + '[/img]', '');
} else {
if (f = url.match(/.*\/img\/members\/\d+\/(.+)$/)) f = f[1];
else f = "<?php echo $lang_up['texte'] ?>";
else f = '<?php echo $lang_up['texte'] ?>';
insr("[url=" + url + "]", "[/url]", f);
insr('[url=' + url + ']', '[/url]', f);
}
return !1;
},
run : function () {
if (!win.opener) return;
var li = get("upf-list").getElementsByTagName("li");
par = win.opener.document;
area = par.getElementsByName('req_message')[0];
if (!area) return;
var li = get('upf-list').getElementsByTagName('li');
for (var i in li) {
if (!!li[i].getElementsByTagName) set_button(li[i]);
}
@ -576,7 +576,7 @@ FluxBB.upfile = (function (doc, win) {
init : function () {
if (!doc.addEventListener) {
/in/.test(doc.readyState) ? setTimeout(FluxBB.upfile.init, 100) : FluxBB.upfile.run();
} else doc.addEventListener("DOMContentLoaded", FluxBB.upfile.run(), false);
} else doc.addEventListener('DOMContentLoaded', FluxBB.upfile.run(), false);
}
};
}(document, window));