• From: Cork, Ireland
  • Registered: 2007-01-18
  • Posts: 92

Topic: BB Spam Fighter 1.0.0

##
##
##        Mod title:  BB Spam Fighter
##
##      Mod version:  1.0.0
##   Works on PunBB:  1.2.14
##     Release date:  2007-04-22
##           Author:  naitkris (naitkris@gmail.com)
##
##      Description:  Based on the Forbidden word spam blocker mod by Daniel
##                    Vijge (vijge@dse.nl). This mod adds extra options for
##                    administrators in controlling spam.
##
##                    As with the Forbidden word spam blocker mod, this mod
##                    restricts posting of certain words and phrases, but
##                    improves this by:
##                    - Performing a spam check only on posts by users in
##                      certain groups, as well as:
##                       - If the user has less than # posts
##                       - If the user is registered for less than # days
##                    - Restrict the max # of URLs posted in a message for these
##                      users
##                    - Restrict the max # of characters in a message for these
##                      users
##
##                    If the message is detected as spam, a warning is then
##                    displayed telling the user the word or phrase to remove,
##                    to reduce the # of URLs, and/or to reduce the # of
##                    characters in the message.
##
##   Affected files:  post.php
##                    edit.php
##                    lang/[Lang]/post.php
##
##       Affects DB:  Yes
##
##            Notes:  1) To configure the mod, go to the Administration section
##                       and click on 'BB Spam Fighter'.
##                    2) Under Options heading, choose the groups to apply the
##                       mod to.
##                    3) Enter values (optional) for users within this group.
##                    4) Under Forbidden words heading, add spam words and/or
##                       phrases.
##                    4) Be careful what words and/or phrases you block. For
##                       example, if you block 'foo', users can't post message
##                       containing 'foobar'.
##                    5) Spam words and/or phrases that should be blocked are
##                       cached in cache_spamwords.php in the cache folder.
##                       However this file is only created each time the Add
##                       button is clicked. When you upgrade PunBB to a newer
##                       version for example, all cache files are deleted,
##                       including cache_spamwords.php. Clicking on Add will
##                       regenerate the cache file even if no word or phrase is
##                       entered.
##
##       DISCLAIMER:  Please note that "mods" are not officially supported by
##                    PunBB. Installation of this modification is done at your
##                    own risk. Backup your forum database and any and all
##                    applicable files before proceeding.
##
##

Download here

2 Reply by naitkris (edited by naitkris 2007-04-22 21:52)

  • From: Cork, Ireland
  • Registered: 2007-01-18
  • Posts: 92

Re: BB Spam Fighter 1.0.0

Based off Daniel Vijge's Forbidden word spam blocker 1.0.1 mod but a lot of extra options added, as his mod, while very good, was quite basic as it blocked spam words for every user and could not be customised in the Admin area except for adding or removing words.

Many thanks to Daniel's mod for providing the base for this as I was using his originally to prevent spam on my forum but came across problems as spammers posted many URLs, long posts, etc  which this mod aims to address a little.

Let me know what you think.

EDIT - screenshots:

Administration area:
http://www.sparu.com/other/PunBB/Mods/bb_spam_fighter_screenshot_1.png

Errors that poster sees:
http://www.sparu.com/other/PunBB/Mods/bb_spam_fighter_screenshot_2.png

  • From: Cork, Ireland
  • Registered: 2007-01-18
  • Posts: 92

Re: BB Spam Fighter 1.0.0

no comments?

  • From: WonderLand
  • Registered: 2006-10-06
  • Posts: 259

Re: BB Spam Fighter 1.0.0

No comments from me smile.
Just installed it successfully, it's all clear. It will have effects for sure smile.

Is there a way to prevent bot registering in forums at the first place? To stop the cause before curing the effects.

If you do what you've always done, you'll get what you've always gotten.

Papillon's Website

  • Registered: 2007-04-19
  • Posts: 84

Re: BB Spam Fighter 1.0.0

Haven't installed it yet (have no spam ATM), but it appears to be everything I would need. The blocking of multiple urls from new users is a good one, as most of the spam I've seen is the link list type for search engines.

  • sirena
  • sirena
  • Senior Member
  • Offline
  • Registered: 2006-04-06
  • Posts: 473

Re: BB Spam Fighter 1.0.0

What are the words that work best against the most common forms of forum spam people are getting? Is it the usual pharm stuff?

  • From: WonderLand
  • Registered: 2006-10-06
  • Posts: 259

Re: BB Spam Fighter 1.0.0

sirena wrote:

What are the words that work best against the most common forms of forum spam people are getting? Is it the usual pharm stuff?

I wanted to ask the same question, but I thought that maybe they got a spam fighter in here as well, so these phrases won't make it to be posted.
Most of the spam I had before was about many urls, so at this first stage I limited the url number per post.

If you do what you've always done, you'll get what you've always gotten.

Papillon's Website

8 Reply by Papillon (edited by Papillon 2007-04-30 20:28)

  • From: WonderLand
  • Registered: 2006-10-06
  • Posts: 259

Re: BB Spam Fighter 1.0.0

++ Just noticed. Something went wrong with posting. When I click on post a reply, I get a blank page. ++

Edit: I uninstalled everything, and then installed the mod back, and I get the same problem again with posting.
Does that have anything to do with me pasting what's in "step 11" at the end of lang/[Lang]/post.php ?

Edit: 3rd try! Not working sad

If you do what you've always done, you'll get what you've always gotten.

Papillon's Website

9 Reply by naitkris (edited by naitkris 2007-05-03 11:39)

  • From: Cork, Ireland
  • Registered: 2007-01-18
  • Posts: 92

Re: BB Spam Fighter 1.0.0

Papillon wrote:

Is there a way to prevent bot registering in forums at the first place? To stop the cause before curing the effects.

there is CAPTCHA etc that can be used for that but these kind of registration checks (while good at stopping a lot of spam) are now less spammer proof than before and also, more importantly, are not accessibilty friendly and even user friendly.

no implementation is 100% effective and spammers learn how to defeat the checks over time.

i do have a small idea (not a perfect solution but a step in the right direction) for this though thanks to your suggestion smile i may add it to a future release - whenever i get the time and depending on how simple or complicated i make it.

Papillon wrote:
sirena wrote:

What are the words that work best against the most common forms of forum spam people are getting? Is it the usual pharm stuff?

I wanted to ask the same question, but I thought that maybe they got a spam fighter in here as well, so these phrases won't make it to be posted.
Most of the spam I had before was about many urls, so at this first stage I limited the url number per post.

well i have found that multiple URLs is one of the most common forms of bulletin board spam hence this feature but with regards to spam words, i can publish a list here (mine is over 100 words), however if i publish a list of words, spammers could change their words they use from the list if they see it. every forum can get different kinds of spam as well too, so a spam word for one forum may be an ok word for another.

an example of this is a forum to do with financial information allowing a financial word or phrase while a forum to do with gaming would classify this word as spam (at least for guests and users with few posts).

my list was made due to my forum receiving a lot of spam in the last weeks and now i haven't had any for many days.

Papillon wrote:

++ Just noticed. Something went wrong with posting. When I click on post a reply, I get a blank page. ++

Edit: I uninstalled everything, and then installed the mod back, and I get the same problem again with posting.
Does that have anything to do with me pasting what's in "step 11" at the end of lang/[Lang]/post.php ?

Edit: 3rd try! Not working sad

that could be my fault in the readme, apologies if that is so.

For step 11, if you pasted the code at the end of lang/[Lang]/post.php then remove the last ,

like below:

'Remove spam word'    => 'This is a protection against spam bots. Delete the word %s from your post.',
'Remove spam phrase'    => 'This is a protection against spam bots. Delete the phrase %s from your post.',
'Remove URL amount'    => 'This is a protection against spam bots. Reduce the number of URLs in your post to %s.',
'Remove char amount'    => 'This is a protection against spam bots. Reduce the number of characters in your post to %s.'

);

should work then

  • From: Cork, Ireland
  • Registered: 2007-01-18
  • Posts: 92

Re: BB Spam Fighter 1.0.0

btw, here are a few useful tips to stop spam bots which find your forum via Google or another search engine is to:
- Disallow register.php, login.php, post.php (if you allow guest posting) etc in your robots.txt
- Check your logs for keywords that look like they are coming from spammers and either remove these keywords or put the pages in robots.txt disallow.

i have found the following in my logs for search phrases and they all clearly are to do with only registering or posting on a forum (therefore very likely a spammer / spam bot):
- "register rickard passwords can be between 4 and 16 characters"
- "topic review intitle post a reply -confirmation -code"
- "message intitle post a reply -confirmation -code 7"

  • From: WonderLand
  • Registered: 2006-10-06
  • Posts: 259

Re: BB Spam Fighter 1.0.0

I tried to install the whole thing back again, and removed that coma in step 11, and posting is still having a bug.
How come post.php had some tremendous changes, while english/post.php had just that little? Maybe there is a contradiction between the two?

PS: Those last tips of yours kind of sound like Chinese to me smile. (Unless there will be some readme file and detailed instructions, I am not sure I can make it!)

If you do what you've always done, you'll get what you've always gotten.

Papillon's Website

  • From: Cork, Ireland
  • Registered: 2007-01-18
  • Posts: 92

Re: BB Spam Fighter 1.0.0

can you post all the changed files here so i can take a look at the problem?

13 Reply by Papillon (edited by Papillon 2007-05-01 19:53)

  • From: WonderLand
  • Registered: 2006-10-06
  • Posts: 259

Re: BB Spam Fighter 1.0.0

Eh, just as said in the readme file.

Post.php
Edit.php
lang/english/post.php

Oops, or you actually mean the content?

If you do what you've always done, you'll get what you've always gotten.

Papillon's Website

14 Reply by naitkris (edited by naitkris 2007-05-01 20:51)

  • From: Cork, Ireland
  • Registered: 2007-01-18
  • Posts: 92

Re: BB Spam Fighter 1.0.0

yes the content, you can put each code within "code" BBCode tags.

  • From: WonderLand
  • Registered: 2006-10-06
  • Posts: 259

Re: BB Spam Fighter 1.0.0

Sure. Although this is too long.

Edit.php:

 <?php
/***********************************************************************

  Copyright (C) 2002-2005  Rickard Andersson (rickard@punbb.org)

  This file is part of PunBB.

  PunBB is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.

  PunBB is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  MA  02111-1307  USA

************************************************************************/


define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';


if ($pun_user['g_read_board'] == '0')
    message($lang_common['No view']);


$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($id < 1)
    message($lang_common['Bad request']);

// Fetch some info about the post, the topic and the forum
$result = $db->query('SELECT f.id AS fid, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.id AS tid, t.subject, t.posted, t.closed, p.poster, p.poster_id, p.message, p.hide_smilies FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
if (!$db->num_rows($result))
    message($lang_common['Bad request']);

$cur_post = $db->fetch_assoc($result);

// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = ($cur_post['moderators'] != '') ? unserialize($cur_post['moderators']) : array();
$is_admmod = ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_id'] == PUN_MOD && array_key_exists($pun_user['username'], $mods_array))) ? true : false;

// Determine whether this post is the "topic post" or not
$result = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$cur_post['tid'].' ORDER BY posted LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
$topic_post_id = $db->result($result);

$can_edit_subject = ($id == $topic_post_id && (($pun_user['g_edit_subjects_interval'] == '0' || (time() - $cur_post['posted']) < $pun_user['g_edit_subjects_interval']) || $is_admmod)) ? true : false;

// Do we have permission to edit this post?
if (($pun_user['g_edit_posts'] == '0' ||
    $cur_post['poster_id'] != $pun_user['id'] ||
    $cur_post['closed'] == '1') &&
    !$is_admmod)
    message($lang_common['No permission']);

// Load the post.php/edit.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php';

// Start with a clean slate
$errors = array();


if (isset($_POST['form_sent']))
{
    if ($is_admmod)
        confirm_referrer('edit.php');

    // If it is a topic it must contain a subject
    if ($can_edit_subject)
    {
        $subject = pun_trim($_POST['req_subject']);

        if ($subject == '')
            $errors[] = $lang_post['No subject'];
        else if (pun_strlen($subject) > 70)
            $errors[] = $lang_post['Too long subject'];
        else if ($pun_config['p_subject_all_caps'] == '0' && strtoupper($subject) == $subject && $pun_user['g_id'] > PUN_MOD)
            $subject = ucwords(strtolower($subject));
    }

    // Clean up message from POST
    $message = pun_linebreaks(pun_trim($_POST['req_message']));

    if ($message == '')
        $errors[] = $lang_post['No message'];
    else if (strlen($message) > 65535)
        $errors[] = $lang_post['Too long message'];
    else if ($pun_config['p_message_all_caps'] == '0' && strtoupper($message) == $message && $pun_user['g_id'] > PUN_MOD)
        $message = ucwords(strtolower($message));
// BB Spam Fighter
   if ($pun_user['g_check_spam'] == 1) {
      $timeSinceUserRegistration = time() - $pun_user['registered'];
      $daysSinceUserRegistration = floor($timeSinceUserRegistration / 86400);     
      if ((($pun_user['g_check_spam_nr_posts'] == "") && ($pun_user['g_check_spam_days_reg'] == ""))
          || (($pun_user['g_check_spam_nr_posts'] > $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] == ""))
          || (($pun_user['g_check_spam_nr_posts'] == "") && ($pun_user['g_check_spam_days_reg'] > $daysSinceUserRegistration))
          || (($pun_user['g_check_spam_nr_posts'] > $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] > $daysSinceUserRegistration))
          || (($pun_user['g_check_spam_nr_posts'] < $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] > $daysSinceUserRegistration))
          || (($pun_user['g_check_spam_nr_posts'] > $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] < $daysSinceUserRegistration))
          || (($pun_user['g_check_spam_nr_posts'] > $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] == $daysSinceUserRegistration))
          || (($pun_user['g_check_spam_nr_posts'] == $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] > $daysSinceUserRegistration))) {
         $subjectAndMessage = $subject." ".$message;
         $pun_spamwords = array();
         @include('cache/cache_spamwords.php');
         foreach ($pun_spamwords as $word) {
            if(substr_count(strtolower($subjectAndMessage), strtolower($word))) {
               if (!strstr($word, " ")) {
                  $errors[] = sprintf($lang_post['Remove spam word'], $word);
               }
               else {
                  $errors[] = sprintf($lang_post['Remove spam phrase'], $word);
               }
            }
         }
         $userURLLimit = $pun_user['g_check_spam_url_limit'];
         if ($userURLLimit != "") {
            preg_match_all("%(http://|https://|\swww)%", $subjectAndMessage, $matches);
            if(count($matches[0]) > $userURLLimit) {
               $errors[] = sprintf($lang_post['Remove URL amount'], $userURLLimit);
            }
         }
         $userCharLimit = $pun_user['g_check_spam_char_limit'];
         if ($userCharLimit != "") {
            if (strlen($message) > $userCharLimit) {
               $errors[] = sprintf($lang_post['Remove char amount'], $userCharLimit);
            }
         }
      }
   }

    // Validate BBCode syntax
    if ($pun_config['p_message_bbcode'] == '1' && strpos($message, '[') !== false && strpos($message, ']') !== false)
    {
        require PUN_ROOT.'include/parser.php';
        $message = preparse_bbcode($message, $errors);
    }


    $hide_smilies = isset($_POST['hide_smilies']) ? intval($_POST['hide_smilies']) : 0;
    if ($hide_smilies != '1') $hide_smilies = '0';

    // Did everything go according to plan?
    if (empty($errors) && !isset($_POST['preview']))
    {
        $edited_sql = (!isset($_POST['silent']) || !$is_admmod) ? $edited_sql = ', edited='.time().', edited_by=\''.$db->escape($pun_user['username']).'\'' : '';

        require PUN_ROOT.'include/search_idx.php';

        if ($can_edit_subject)
        {
            // Update the topic and any redirect topics
            $db->query('UPDATE '.$db->prefix.'topics SET subject=\''.$db->escape($subject).'\' WHERE id='.$cur_post['tid'].' OR moved_to='.$cur_post['tid']) or error('Unable to update topic', __FILE__, __LINE__, $db->error());

            // We changed the subject, so we need to take that into account when we update the search words
            update_search_index('edit', $id, $message, $subject);
        }
        else
            update_search_index('edit', $id, $message);

        // Update the post
        $db->query('UPDATE '.$db->prefix.'posts SET message=\''.$db->escape($message).'\', hide_smilies=\''.$hide_smilies.'\''.$edited_sql.' WHERE id='.$id) or error('Unable to update post', __FILE__, __LINE__, $db->error());

        redirect('viewtopic.php?pid='.$id.'#p'.$id, $lang_post['Edit redirect']);
    }
}



$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_post['Edit post'];
$required_fields = array('req_subject' => $lang_common['Subject'], 'req_message' => $lang_common['Message']);
$focus_element = array('edit', 'req_message');
require PUN_ROOT.'header.php';

$cur_index = 1;

?>
<div class="linkst">
    <div class="inbox">
        <ul><li><a href="index.php"><?php echo $lang_common['Index'] ?></a></li><li> » <a href="viewforum.php?id=<?php echo $cur_post['fid'] ?>"><?php echo pun_htmlspecialchars($cur_post['forum_name']) ?></a></li><li> » <?php echo pun_htmlspecialchars($cur_post['subject']) ?></li></ul>
    </div>
</div>

<?php

// If there are errors, we display them
if (!empty($errors))
{

?>
<div id="posterror" class="block">
    <h2><span><?php echo $lang_post['Post errors'] ?></span></h2>
    <div class="box">
        <div class="inbox"
            <p><?php echo $lang_post['Post errors info'] ?></p>
            <ul>
<?php

    while (list(, $cur_error) = each($errors))
        echo "\t\t\t\t".'<li><strong>'.$cur_error.'</strong></li>'."\n";
?>
            </ul>
        </div>
    </div>
</div>

<?php

}
else if (isset($_POST['preview']))
{
    require_once PUN_ROOT.'include/parser.php';
    $preview_message = parse_message($message, $hide_smilies);

?>
<div id="postpreview" class="blockpost">
    <h2><span><?php echo $lang_post['Post preview'] ?></span></h2>
    <div class="box">
        <div class="inbox">
            <div class="postright">
                <div class="postmsg">
                    <?php echo $preview_message."\n" ?>
                </div>
            </div>
        </div>
    </div>
</div>

<?php

}

?>
<div class="blockform">
    <h2><?php echo $lang_post['Edit post'] ?></h2>
    <div class="box">
        <form id="edit" method="post" action="edit.php?id=<?php echo $id ?>&action=edit" onsubmit="return process_form(this)">
            <div class="inform">
                <fieldset>
                    <legend><?php echo $lang_post['Edit post legend'] ?></legend>
                    <input type="hidden" name="form_sent" value="1" />
                    <div class="infldset txtarea">
<?php if ($can_edit_subject): ?>                        <label><?php echo $lang_common['Subject'] ?><br />
                        <input class="longinput" type="text" name="req_subject" size="80" maxlength="70" tabindex="<?php echo $cur_index++ ?>" value="<?php echo pun_htmlspecialchars(isset($_POST['req_subject']) ? $_POST['req_subject'] : $cur_post['subject']) ?>" /><br /></label>
<?php endif; ?>                        <label for="req_message"><?php echo $lang_common['Message'] ?></label>
                        <textarea name="req_message" id="req_message" rows="20" cols="95" tabindex="<?php echo $cur_index++ ?>"><?php echo pun_htmlspecialchars(isset($_POST['req_message']) ? $message : $cur_post['message']) ?></textarea>
<?php /* punToolBar */
if (file_exists(PUN_ROOT.'cache/cache_puntoolbar.php')) {
    include PUN_ROOT.'cache/cache_puntoolbar.php';
} else {
    require_once PUN_ROOT.'include/cache_puntoolbar.php';
    generate_ptb_cache();
    require PUN_ROOT.'cache/cache_puntoolbar.php';
}
?>
                        <ul class="bblinks">
                            <li><a href="help.php#bbcode" onclick="window.open(this.href); return false;"><?php echo $lang_common['BBCode'] ?></a>: <?php echo ($pun_config['p_message_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
                            <li><a href="help.php#img" onclick="window.open(this.href); return false;"><?php echo $lang_common['img tag'] ?></a>: <?php echo ($pun_config['p_message_img_tag'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
                            <li><a href="help.php#smilies" onclick="window.open(this.href); return false;"><?php echo $lang_common['Smilies'] ?></a>: <?php echo ($pun_config['o_smilies'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
                        </ul>
                    </div>
                </fieldset>
<?php

$checkboxes = array();
if ($pun_config['o_smilies'] == '1')
{
    if (isset($_POST['hide_smilies']) || $cur_post['hide_smilies'] == '1')
        $checkboxes[] = '<label><input type="checkbox" name="hide_smilies" value="1" checked="checked" tabindex="'.($cur_index++).'" /> '.$lang_post['Hide smilies'];
    else
        $checkboxes[] = '<label><input type="checkbox" name="hide_smilies" value="1" tabindex="'.($cur_index++).'" /> '.$lang_post['Hide smilies'];
}

if ($is_admmod)
{
    if ((isset($_POST['form_sent']) && isset($_POST['silent'])) || !isset($_POST['form_sent']))
        $checkboxes[] = '<label><input type="checkbox" name="silent" value="1" tabindex="'.($cur_index++).'" checked="checked" /> '.$lang_post['Silent edit'];
    else
        $checkboxes[] = '<label><input type="checkbox" name="silent" value="1" tabindex="'.($cur_index++).'" /> '.$lang_post['Silent edit'];
}

if (!empty($checkboxes))
{

?>
            </div>
            <div class="inform">
                <fieldset>
                    <legend><?php echo $lang_common['Options'] ?></legend>
                    <div class="infldset">
                        <div class="rbox">
                            <?php echo implode('</label>'."\n\t\t\t\t\t\t\t", $checkboxes).'</label>'."\n" ?>
                        </div>
                    </div>
                </fieldset>
<?php

    }

?>
            </div>
            <p><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="<?php echo $cur_index++ ?>" accesskey="s" /><input type="submit" name="preview" value="<?php echo $lang_post['Preview'] ?>" tabindex="<?php echo $cur_index++ ?>" accesskey="p" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
        </form>
    </div>
</div>
<?php

require PUN_ROOT.'footer.php';

Post.php:

<?php
/***********************************************************************

  Copyright (C) 2002-2005  Rickard Andersson (rickard@punbb.org)

  This file is part of PunBB.

  PunBB is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.

  PunBB is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  MA  02111-1307  USA

************************************************************************/


define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';


if ($pun_user['g_read_board'] == '0')
    message($lang_common['No view']);


$tid = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
if ($tid < 1 && $fid < 1 || $tid > 0 && $fid > 0)
    message($lang_common['Bad request']);

// Fetch some info about the topic and/or the forum
if ($tid)
    $result = $db->query('SELECT f.id, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics, t.subject, t.closed FROM '.$db->prefix.'topics AS t INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$tid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
else
    $result = $db->query('SELECT f.id, f.forum_name, f.moderators, f.redirect_url, fp.post_replies, fp.post_topics FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$fid) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());

if (!$db->num_rows($result))
    message($lang_common['Bad request']);

$cur_posting = $db->fetch_assoc($result);

// Is someone trying to post into a redirect forum?
if ($cur_posting['redirect_url'] != '')
    message($lang_common['Bad request']);

// Sort out who the moderators are and if we are currently a moderator (or an admin)
$mods_array = ($cur_posting['moderators'] != '') ? unserialize($cur_posting['moderators']) : array();
$is_admmod = ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_id'] == PUN_MOD && array_key_exists($pun_user['username'], $mods_array))) ? true : false;

// Do we have permission to post?
if ((($tid && (($cur_posting['post_replies'] == '' && $pun_user['g_post_replies'] == '0') || $cur_posting['post_replies'] == '0')) ||
    ($fid && (($cur_posting['post_topics'] == '' && $pun_user['g_post_topics'] == '0') || $cur_posting['post_topics'] == '0')) ||
    (isset($cur_posting['closed']) && $cur_posting['closed'] == '1')) &&
    !$is_admmod)
    message($lang_common['No permission']);

// Load the post.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php';

// Start with a clean slate
$errors = array();


// Did someone just hit "Submit" or "Preview"?
if (isset($_POST['form_sent']))
{
    // Make sure form_user is correct
    if (($pun_user['is_guest'] && $_POST['form_user'] != 'Guest') || (!$pun_user['is_guest'] && $_POST['form_user'] != $pun_user['username']))
        message($lang_common['Bad request']);

    // Flood protection
    if (!$pun_user['is_guest'] && !isset($_POST['preview']) && $pun_user['last_post'] != '' && (time() - $pun_user['last_post']) < $pun_user['g_post_flood'])
        $errors[] = $lang_post['Flood start'].' '.$pun_user['g_post_flood'].' '.$lang_post['flood end'];

    // If it's a new topic
    if ($fid)
    {
        $subject = pun_trim($_POST['req_subject']);

        if ($subject == '')
            $errors[] = $lang_post['No subject'];
        else if (pun_strlen($subject) > 70)
            $errors[] = $lang_post['Too long subject'];
        else if ($pun_config['p_subject_all_caps'] == '0' && strtoupper($subject) == $subject && $pun_user['g_id'] > PUN_MOD)
            $subject = ucwords(strtolower($subject));
    }

    // If the user is logged in we get the username and e-mail from $pun_user
    if (!$pun_user['is_guest'])
    {
        $username = $pun_user['username'];
        $email = $pun_user['email'];
    }
    // Otherwise it should be in $_POST
    else
    {
        $username = trim($_POST['req_username']);
        $email = strtolower(trim(($pun_config['p_force_guest_email'] == '1') ? $_POST['req_email'] : $_POST['email']));

        // Load the register.php/profile.php language files
        require PUN_ROOT.'lang/'.$pun_user['language'].'/prof_reg.php';
        require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php';

        // It's a guest, so we have to validate the username
        if (strlen($username) < 2)
            $errors[] = $lang_prof_reg['Username too short'];
        else if (!strcasecmp($username, 'Guest') || !strcasecmp($username, $lang_common['Guest']))
            $errors[] = $lang_prof_reg['Username guest'];
        else if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $username))
            $errors[] = $lang_prof_reg['Username IP'];

        if ((strpos($username, '[') !== false || strpos($username, ']') !== false) && strpos($username, '\'') !== false && strpos($username, '"') !== false)
            $errors[] = $lang_prof_reg['Username reserved chars'];
        if (preg_match('#\[b\]|\[/b\]|\[u\]|\[/u\]|\[i\]|\[/i\]|\[color|\[/color\]|\[quote\]|\[quote=|\[/quote\]|\[code\]|\[/code\]|\[img\]|\[/img\]|\[url|\[/url\]|\[email|\[/email\]#i', $username))
            $errors[] = $lang_prof_reg['Username BBCode'];

        // Check username for any censored words
        $temp = censor_words($username);
        if ($temp != $username)
            $errors[] = $lang_register['Username censor'];

        // Check that the username (or a too similar username) is not already registered
        $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE username=\''.$db->escape($username).'\' OR username=\''.$db->escape(preg_replace('/[^\w]/', '', $username)).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
        if ($db->num_rows($result))
        {
            $busy = $db->result($result);
            $errors[] = $lang_register['Username dupe 1'].' '.pun_htmlspecialchars($busy).'. '.$lang_register['Username dupe 2'];
        }

        if ($pun_config['p_force_guest_email'] == '1' || $email != '')
        {
            require PUN_ROOT.'include/email.php';
            if (!is_valid_email($email))
                $errors[] = $lang_common['Invalid e-mail'];
        }
    }

    // Clean up message from POST
    $message = pun_linebreaks(pun_trim($_POST['req_message']));

    if ($message == '')
        $errors[] = $lang_post['No message'];
    else if (strlen($message) > 65535)
        $errors[] = $lang_post['Too long message'];
    else if ($pun_config['p_message_all_caps'] == '0' && strtoupper($message) == $message && $pun_user['g_id'] > PUN_MOD)
        $message = ucwords(strtolower($message));
// BB Spam Fighter
   if ($pun_user['g_check_spam'] == 1) {
      $timeSinceUserRegistration = time() - $pun_user['registered'];
      $daysSinceUserRegistration = floor($timeSinceUserRegistration / 86400);     
      if ((($pun_user['g_check_spam_nr_posts'] == "") && ($pun_user['g_check_spam_days_reg'] == ""))
          || (($pun_user['g_check_spam_nr_posts'] > $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] == ""))
          || (($pun_user['g_check_spam_nr_posts'] == "") && ($pun_user['g_check_spam_days_reg'] > $daysSinceUserRegistration))
          || (($pun_user['g_check_spam_nr_posts'] > $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] > $daysSinceUserRegistration))
          || (($pun_user['g_check_spam_nr_posts'] < $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] > $daysSinceUserRegistration))
          || (($pun_user['g_check_spam_nr_posts'] > $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] < $daysSinceUserRegistration))
          || (($pun_user['g_check_spam_nr_posts'] > $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] == $daysSinceUserRegistration))
          || (($pun_user['g_check_spam_nr_posts'] == $pun_user['num_posts']) && ($pun_user['g_check_spam_days_reg'] > $daysSinceUserRegistration))) {
         $subjectAndMessage = $subject." ".$message;
         $pun_spamwords = array();
         @include('cache/cache_spamwords.php');
         foreach ($pun_spamwords as $word) {
            if(substr_count(strtolower($subjectAndMessage), strtolower($word))) {
               if (!strstr($word, " ")) {
                  $errors[] = sprintf($lang_post['Remove spam word'], $word);
               }
               else {
                  $errors[] = sprintf($lang_post['Remove spam phrase'], $word);
               }
            }
         }
         $userURLLimit = $pun_user['g_check_spam_url_limit'];
         if ($userURLLimit != "") {
            preg_match_all("%(http://|https://|\swww)%", $subjectAndMessage, $matches);
            if(count($matches[0]) > $userURLLimit) {
               $errors[] = sprintf($lang_post['Remove URL amount'], $userURLLimit);
            }
         }
         $userCharLimit = $pun_user['g_check_spam_char_limit'];
         if ($userCharLimit != "") {
            if (strlen($message) > $userCharLimit) {
               $errors[] = sprintf($lang_post['Remove char amount'], $userCharLimit);
            }
         }
      }
   }


    // Validate BBCode syntax
    if ($pun_config['p_message_bbcode'] == '1' && strpos($message, '[') !== false && strpos($message, ']') !== false)
    {
        require PUN_ROOT.'include/parser.php';
        $message = preparse_bbcode($message, $errors);
    }


    require PUN_ROOT.'include/search_idx.php';

    $hide_smilies = isset($_POST['hide_smilies']) ? 1 : 0;
    $subscribe = isset($_POST['subscribe']) ? 1 : 0;

    $now = time();

    // Did everything go according to plan?
    if (empty($errors) && !isset($_POST['preview']))
    {
        // If it's a reply
        if ($tid)
        {
            if (!$pun_user['is_guest'])
            {
                // Insert the new post
                $db->query('INSERT INTO '.$db->prefix.'posts (poster, poster_id, poster_ip, message, hide_smilies, posted, topic_id) VALUES(\''.$db->escape($username).'\', '.$pun_user['id'].', \''.get_remote_address().'\', \''.$db->escape($message).'\', \''.$hide_smilies.'\', '.$now.', '.$tid.')') or error('Unable to create post', __FILE__, __LINE__, $db->error());
                $new_pid = $db->insert_id();

                // To subscribe or not to subscribe, that ...
                if ($pun_config['o_subscriptions'] == '1' && $subscribe)
                {
                    $result = $db->query('SELECT 1 FROM '.$db->prefix.'subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$tid) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
                    if (!$db->num_rows($result))
                        $db->query('INSERT INTO '.$db->prefix.'subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$tid.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());
                }
            }
            else
            {
                // It's a guest. Insert the new post
                $email_sql = ($pun_config['p_force_guest_email'] == '1' || $email != '') ? '\''.$email.'\'' : 'NULL';
                $db->query('INSERT INTO '.$db->prefix.'posts (poster, poster_ip, poster_email, message, hide_smilies, posted, topic_id) VALUES(\''.$db->escape($username).'\', \''.get_remote_address().'\', '.$email_sql.', \''.$db->escape($message).'\', \''.$hide_smilies.'\', '.$now.', '.$tid.')') or error('Unable to create post', __FILE__, __LINE__, $db->error());
                $new_pid = $db->insert_id();
            }

            // Count number of replies in the topic
            $result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'posts WHERE topic_id='.$tid) or error('Unable to fetch post count for topic', __FILE__, __LINE__, $db->error());
            $num_replies = $db->result($result, 0) - 1;

            // Update topic
            $db->query('UPDATE '.$db->prefix.'topics SET num_replies='.$num_replies.', last_post='.$now.', last_post_id='.$new_pid.', last_poster=\''.$db->escape($username).'\' WHERE id='.$tid) or error('Unable to update topic', __FILE__, __LINE__, $db->error());

            update_search_index('post', $new_pid, $message);

            update_forum($cur_posting['id']);

            // Should we send out notifications?
            if ($pun_config['o_subscriptions'] == '1')
            {
                // Get the post time for the previous post in this topic
                $result = $db->query('SELECT posted FROM '.$db->prefix.'posts WHERE topic_id='.$tid.' ORDER BY id DESC LIMIT 1, 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
                $previous_post_time = $db->result($result);

                // Get any subscribed users that should be notified (banned users are excluded)
                $result = $db->query('SELECT u.id, u.email, u.notify_with_post, u.language FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'subscriptions AS s ON u.id=s.user_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id='.$cur_posting['id'].' AND fp.group_id=u.group_id) LEFT JOIN '.$db->prefix.'online AS o ON u.id=o.user_id LEFT JOIN '.$db->prefix.'bans AS b ON u.username=b.username WHERE b.username IS NULL AND COALESCE(o.logged, u.last_visit)>'.$previous_post_time.' AND (fp.read_forum IS NULL OR fp.read_forum=1) AND s.topic_id='.$tid.' AND u.id!='.intval($pun_user['id'])) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
                if ($db->num_rows($result))
                {
                    require_once PUN_ROOT.'include/email.php';

                    $notification_emails = array();

                    // Loop through subscribed users and send e-mails
                    while ($cur_subscriber = $db->fetch_assoc($result))
                    {
                        // Is the subscription e-mail for $cur_subscriber['language'] cached or not?
                        if (!isset($notification_emails[$cur_subscriber['language']]))
                        {
                            if (file_exists(PUN_ROOT.'lang/'.$cur_subscriber['language'].'/mail_templates/new_reply.tpl'))
                            {
                                // Load the "new reply" template
                                $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$cur_subscriber['language'].'/mail_templates/new_reply.tpl'));

                                // Load the "new reply full" template (with post included)
                                $mail_tpl_full = trim(file_get_contents(PUN_ROOT.'lang/'.$cur_subscriber['language'].'/mail_templates/new_reply_full.tpl'));

                                // The first row contains the subject (it also starts with "Subject:")
                                $first_crlf = strpos($mail_tpl, "\n");
                                $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
                                $mail_message = trim(substr($mail_tpl, $first_crlf));

                                $first_crlf = strpos($mail_tpl_full, "\n");
                                $mail_subject_full = trim(substr($mail_tpl_full, 8, $first_crlf-8));
                                $mail_message_full = trim(substr($mail_tpl_full, $first_crlf));

                                $mail_subject = str_replace('<topic_subject>', '\''.$cur_posting['subject'].'\'', $mail_subject);
                                $mail_message = str_replace('<topic_subject>', '\''.$cur_posting['subject'].'\'', $mail_message);
                                $mail_message = str_replace('<replier>', $username, $mail_message);
                                $mail_message = str_replace('<post_url>', $pun_config['o_base_url'].'/viewtopic.php?pid='.$new_pid.'#p'.$new_pid, $mail_message);
                                $mail_message = str_replace('<unsubscribe_url>', $pun_config['o_base_url'].'/misc.php?unsubscribe='.$tid, $mail_message);
                                $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message);

                                $mail_subject_full = str_replace('<topic_subject>', '\''.$cur_posting['subject'].'\'', $mail_subject_full);
                                $mail_message_full = str_replace('<topic_subject>', '\''.$cur_posting['subject'].'\'', $mail_message_full);
                                $mail_message_full = str_replace('<replier>', $username, $mail_message_full);
                                $mail_message_full = str_replace('<message>', $message, $mail_message_full);
                                $mail_message_full = str_replace('<post_url>', $pun_config['o_base_url'].'/viewtopic.php?pid='.$new_pid.'#p'.$new_pid, $mail_message_full);
                                $mail_message_full = str_replace('<unsubscribe_url>', $pun_config['o_base_url'].'/misc.php?unsubscribe='.$tid, $mail_message_full);
                                $mail_message_full = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message_full);

                                $notification_emails[$cur_subscriber['language']][0] = $mail_subject;
                                $notification_emails[$cur_subscriber['language']][1] = $mail_message;
                                $notification_emails[$cur_subscriber['language']][2] = $mail_subject_full;
                                $notification_emails[$cur_subscriber['language']][3] = $mail_message_full;

                                $mail_subject = $mail_message = $mail_subject_full = $mail_message_full = null;
                            }
                        }

                        // We have to double check here because the templates could be missing
                        if (isset($notification_emails[$cur_subscriber['language']]))
                        {
                            if ($cur_subscriber['notify_with_post'] == '0')
                                pun_mail($cur_subscriber['email'], $notification_emails[$cur_subscriber['language']][0], $notification_emails[$cur_subscriber['language']][1]);
                            else
                                pun_mail($cur_subscriber['email'], $notification_emails[$cur_subscriber['language']][2], $notification_emails[$cur_subscriber['language']][3]);
                        }
                    }
                }
            }
        }
        // If it's a new topic
        else if ($fid)
        {
            // Create the topic
            $db->query('INSERT INTO '.$db->prefix.'topics (poster, subject, posted, last_post, last_poster, forum_id) VALUES(\''.$db->escape($username).'\', \''.$db->escape($subject).'\', '.$now.', '.$now.', \''.$db->escape($username).'\', '.$fid.')') or error('Unable to create topic', __FILE__, __LINE__, $db->error());
            $new_tid = $db->insert_id();

            if (!$pun_user['is_guest'])
            {
                // To subscribe or not to subscribe, that ...
                if ($pun_config['o_subscriptions'] == '1' && (isset($_POST['subscribe']) && $_POST['subscribe'] == '1'))
                    $db->query('INSERT INTO '.$db->prefix.'subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$new_tid.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());

                // Create the post ("topic post")
                $db->query('INSERT INTO '.$db->prefix.'posts (poster, poster_id, poster_ip, message, hide_smilies, posted, topic_id) VALUES(\''.$db->escape($username).'\', '.$pun_user['id'].', \''.get_remote_address().'\', \''.$db->escape($message).'\', \''.$hide_smilies.'\', '.$now.', '.$new_tid.')') or error('Unable to create post', __FILE__, __LINE__, $db->error());
            }
            else
            {
                // Create the post ("topic post")
                $email_sql = ($pun_config['p_force_guest_email'] == '1' || $email != '') ? '\''.$email.'\'' : 'NULL';
                $db->query('INSERT INTO '.$db->prefix.'posts (poster, poster_ip, poster_email, message, hide_smilies, posted, topic_id) VALUES(\''.$db->escape($username).'\', \''.get_remote_address().'\', '.$email_sql.', \''.$db->escape($message).'\', \''.$hide_smilies.'\', '.$now.', '.$new_tid.')') or error('Unable to create post', __FILE__, __LINE__, $db->error());
            }
            $new_pid = $db->insert_id();

            // Update the topic with last_post_id
            $db->query('UPDATE '.$db->prefix.'topics SET last_post_id='.$new_pid.' WHERE id='.$new_tid) or error('Unable to update topic', __FILE__, __LINE__, $db->error());

            update_search_index('post', $new_pid, $message, $subject);

            update_forum($fid);
        }

        // If the posting user is logged in, increment his/her post count
        if (!$pun_user['is_guest'])
        {
            $low_prio = ($db_type == 'mysql') ? 'LOW_PRIORITY ' : '';
            $db->query('UPDATE '.$low_prio.$db->prefix.'users SET num_posts=num_posts+1, last_post='.$now.' WHERE id='.$pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
        }

        redirect('viewtopic.php?pid='.$new_pid.'#p'.$new_pid, $lang_post['Post redirect']);
    }
}


// If a topic id was specified in the url (it's a reply).
if ($tid)
{
    $action = $lang_post['Post a reply'];
    $form = '<form id="post" method="post" action="post.php?action=post&tid='.$tid.'" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">';

    // If a quote-id was specified in the url.
    if (isset($_GET['qid']))
    {
        $qid = intval($_GET['qid']);
        if ($qid < 1)
            message($lang_common['Bad request']);

        $result = $db->query('SELECT poster, message FROM '.$db->prefix.'posts WHERE id='.$qid.' AND topic_id='.$tid) or error('Unable to fetch quote info', __FILE__, __LINE__, $db->error());
        if (!$db->num_rows($result))
            message($lang_common['Bad request']);

        list($q_poster, $q_message) = $db->fetch_row($result);

        $q_message = str_replace('[img]', '[url]', $q_message);
        $q_message = str_replace('[/img]', '[/url]', $q_message);
        $q_message = pun_htmlspecialchars($q_message);

        if ($pun_config['p_message_bbcode'] == '1')
        {
            // If username contains a square bracket, we add "" or '' around it (so we know when it starts and ends)
            if (strpos($q_poster, '[') !== false || strpos($q_poster, ']') !== false)
            {
                if (strpos($q_poster, '\'') !== false)
                    $q_poster = '"'.$q_poster.'"';
                else
                    $q_poster = '\''.$q_poster.'\'';
            }
            else
            {
                // Get the characters at the start and end of $q_poster
                $ends = substr($q_poster, 0, 1).substr($q_poster, -1, 1);

                // Deal with quoting "Username" or 'Username' (becomes '"Username"' or "'Username'")
                if ($ends == '\'\'')
                    $q_poster = '"'.$q_poster.'"';
                else if ($ends == '""')
                    $q_poster = '\''.$q_poster.'\'';
            }

            $quote = '[quote='.$q_poster.']'.$q_message.'[/quote]
'."\n";
        }
        else
            $quote = '> '.$q_poster.' '.$lang_common['wrote'].':'."\n\n".'> '.$q_message."\n";
    }

    $forum_name = '<a href="viewforum.php?id='.$cur_posting['id'].'">'.pun_htmlspecialchars($cur_posting['forum_name']).'</a>';
}
// If a forum_id was specified in the url (new topic).
else if ($fid)
{
    $action = $lang_post['Post new topic'];
    $form = '<form id="post" method="post" action="post.php?action=post&fid='.$fid.'" onsubmit="return process_form(this)">';

    $forum_name = pun_htmlspecialchars($cur_posting['forum_name']);
}
else
    message($lang_common['Bad request']);


$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$action;
$required_fields = array('req_email' => $lang_common['E-mail'], 'req_subject' => $lang_common['Subject'], 'req_message' => $lang_common['Message']);
$focus_element = array('post');

if (!$pun_user['is_guest'])
    $focus_element[] = ($fid) ? 'req_subject' : 'req_message';
else
{
    $required_fields['req_username'] = $lang_post['Guest name'];
    $focus_element[] = 'req_username';
}

require PUN_ROOT.'header.php';

?>
<div class="linkst">
    <div class="inbox">
        <ul><li><a href="index.php"><?php echo $lang_common['Index'] ?></a></li><li> » <?php echo $forum_name ?><?php if (isset($cur_posting['subject'])) echo '</li><li> » '.pun_htmlspecialchars($cur_posting['subject']) ?></li></ul>
    </div>
</div>

<?php

// If there are errors, we display them
if (!empty($errors))
{

?>
<div id="posterror" class="block">
    <h2><span><?php echo $lang_post['Post errors'] ?></span></h2>
    <div class="box">
        <div class="inbox">
            <p><?php echo $lang_post['Post errors info'] ?></p>
            <ul>
<?php

    while (list(, $cur_error) = each($errors))
        echo "\t\t\t\t".'<li><strong>'.$cur_error.'</strong></li>'."\n";
?>
            </ul>
        </div>
    </div>
</div>

<?php

}
else if (isset($_POST['preview']))
{
    require_once PUN_ROOT.'include/parser.php';
    $preview_message = parse_message($message, $hide_smilies);

?>
<div id="postpreview" class="blockpost">
    <h2><span><?php echo $lang_post['Post preview'] ?></span></h2>
    <div class="box">
        <div class="inbox">
            <div class="postright">
                <div class="postmsg">
                    <?php echo $preview_message."\n" ?>
                </div>
            </div>
        </div>
    </div>
</div>

<?php

}


$cur_index = 1;

?>
<div class="blockform">
    <h2><span><?php echo $action ?></span></h2>
    <div class="box">
        <?php echo $form."\n" ?>
            <div class="inform">
                <fieldset>
                    <legend><?php echo $lang_common['Write message legend'] ?></legend>
                    <div class="infldset txtarea">
                        <input type="hidden" name="form_sent" value="1" />
                        <input type="hidden" name="form_user" value="<?php echo (!$pun_user['is_guest']) ? pun_htmlspecialchars($pun_user['username']) : 'Guest'; ?>" />
<?php

if ($pun_user['is_guest'])
{
    $email_label = ($pun_config['p_force_guest_email'] == '1') ? '<strong>'.$lang_common['E-mail'].'</strong>' : $lang_common['E-mail'];
    $email_form_name = ($pun_config['p_force_guest_email'] == '1') ? 'req_email' : 'email';

?>                        <label class="conl"><strong><?php echo $lang_post['Guest name'] ?></strong><br /><input type="text" name="req_username" value="<?php if (isset($_POST['req_username'])) echo pun_htmlspecialchars($username); ?>" size="25" maxlength="25" tabindex="<?php echo $cur_index++ ?>" /><br /></label>
                        <label class="conl"><?php echo $email_label ?><br /><input type="text" name="<?php echo $email_form_name ?>" value="<?php if (isset($_POST[$email_form_name])) echo pun_htmlspecialchars($email); ?>" size="50" maxlength="50" tabindex="<?php echo $cur_index++ ?>" /><br /></label>
                        <div class="clearer"></div>
<?php

}

if ($fid): ?>
                        <label><strong><?php echo $lang_common['Subject'] ?></strong><br /><input class="longinput" type="text" name="req_subject" value="<?php if (isset($_POST['req_subject'])) echo pun_htmlspecialchars($subject); ?>" size="80" maxlength="70" tabindex="<?php echo $cur_index++ ?>" /><br /></label>
<?php endif; ?>                        <label for="req_message"><strong><?php echo $lang_common['Message'] ?></strong></label>
                        <textarea name="req_message" id="req_message" rows="20" cols="95" tabindex="<?php echo $cur_index++ ?>"><?php echo isset($_POST['req_message']) ? pun_htmlspecialchars($message) : (isset($quote) ? $quote : ''); ?></textarea>
<?php /* punToolBar */
if (file_exists(PUN_ROOT.'cache/cache_puntoolbar.php')) {
    include PUN_ROOT.'cache/cache_puntoolbar.php';
} else {
    require_once PUN_ROOT.'include/cache_puntoolbar.php';
    generate_ptb_cache();
    require PUN_ROOT.'cache/cache_puntoolbar.php';
}
?>
                        <ul class="bblinks">
                            <li><a href="help.php#bbcode" onclick="window.open(this.href); return false;"><?php echo $lang_common['BBCode'] ?></a>: <?php echo ($pun_config['p_message_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
                            <li><a href="help.php#img" onclick="window.open(this.href); return false;"><?php echo $lang_common['img tag'] ?></a>: <?php echo ($pun_config['p_message_img_tag'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
                            <li><a href="help.php#smilies" onclick="window.open(this.href); return false;"><?php echo $lang_common['Smilies'] ?></a>: <?php echo ($pun_config['o_smilies'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></li>
                        </ul>
                    </div>
                </fieldset>
<?php

$checkboxes = array();
if (!$pun_user['is_guest'])
{
    if ($pun_config['o_smilies'] == '1')
        $checkboxes[] = '<label><input type="checkbox" name="hide_smilies" value="1" tabindex="'.($cur_index++).'"'.(isset($_POST['hide_smilies']) ? ' checked="checked"' : '').' />'.$lang_post['Hide smilies'];

    if ($pun_config['o_subscriptions'] == '1')
        $checkboxes[] = '<label><input type="checkbox" name="subscribe" value="1" tabindex="'.($cur_index++).'"'.(isset($_POST['subscribe']) ? ' checked="checked"' : '').' />'.$lang_post['Subscribe'];
}
else if ($pun_config['o_smilies'] == '1')
    $checkboxes[] = '<label><input type="checkbox" name="hide_smilies" value="1" tabindex="'.($cur_index++).'"'.(isset($_POST['hide_smilies']) ? ' checked="checked"' : '').' />'.$lang_post['Hide smilies'];

if (!empty($checkboxes))
{

?>
            </div>
            <div class="inform">
                <fieldset>
                    <legend><?php echo $lang_common['Options'] ?></legend>
                    <div class="infldset">
                        <div class="rbox">
                            <?php echo implode('<br /></label>'."\n\t\t\t\t", $checkboxes).'<br /></label>'."\n" ?>
                        </div>
                    </div>
                </fieldset>
<?php

}

?>
            </div>
            <p><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="<?php echo $cur_index++ ?>" accesskey="s" /><input type="submit" name="preview" value="<?php echo $lang_post['Preview'] ?>" tabindex="<?php echo $cur_index++ ?>" accesskey="p" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
        </form>
    </div>
</div>

<?php

// Check to see if the topic review is to be displayed.
if ($tid && $pun_config['o_topic_review'] != '0')
{
    require_once PUN_ROOT.'include/parser.php';

    $result = $db->query('SELECT poster, message, hide_smilies, posted FROM '.$db->prefix.'posts WHERE topic_id='.$tid.' ORDER BY id DESC LIMIT '.$pun_config['o_topic_review']) or error('Unable to fetch topic review', __FILE__, __LINE__, $db->error());

?>

<div id="postreview" class="blockpost">
    <h2><span><?php echo $lang_post['Topic review'] ?></span></h2>
<?php

    //Set background switching on
    $bg_switch = true;
    $post_count = 0;

    while ($cur_post = $db->fetch_assoc($result))
    {
        // Switch the background color for every message.
        $bg_switch = ($bg_switch) ? $bg_switch = false : $bg_switch = true;
        $vtbg = ($bg_switch) ? ' roweven' : ' rowodd';
        $post_count++;

        $cur_post['message'] = parse_message($cur_post['message'], $cur_post['hide_smilies']);

?>
    <div class="box<?php echo $vtbg ?>">
        <div class="inbox">
            <div class="postleft">
                <dl>
                    <dt><strong><?php echo pun_htmlspecialchars($cur_post['poster']) ?></strong></dt>
                    <dd><?php echo format_time($cur_post['posted']) ?></dd>
                </dl>
            </div>
            <div class="postright">
                <div class="postmsg">
                    <?php echo $cur_post['message'] ?>
                </div>
            </div>
            <div class="clearer"></div>
        </div>
    </div>
<?php

    }

?>
</div>
<?php

}

require PUN_ROOT.'footer.php';

lang/Post.php:

<?php

// Language definitions used in post.php and edit.php
$lang_post = array(

// Post validation stuff (many are similiar to those in edit.php)
'No subject'            =>    'Topics must contain a subject.',
'Too long subject'        =>    'Subjects cannot be longer than 70 characters.',
'No message'            =>    'You must enter a message.',
'Too long message'        =>    'Posts cannot be longer that 65535 characters (64 KB).',

// Posting
'Post errors'            =>    'Post errors',
'Post errors info'        =>    'The following errors need to be corrected before the message can be posted:',
'Post preview'            =>    'Post preview',
'Guest name'            =>    'Name',    // For guests (instead of Username)
'Post redirect'            =>    'Post entered. Redirecting …',
'Post a reply'            =>    'Post a reply',
'Post new topic'        =>    'Post new topic',
'Hide smilies'            =>    'Never show smilies as icons for this post',
'Subscribe'                =>    'Subscribe to this topic',
'Topic review'            =>    'Topic review (newest first)',
'Flood start'            =>    'At least',
'flood end'                =>    'seconds have to pass between posts. Please wait a little while and try posting again.',
'Preview'                =>    'Preview',    // submit button to preview message

// Edit post
'Edit post legend'        =>    'Edit the post and submit changes',
'Silent edit'            =>    'Silent edit (don\'t display "Edited by ..." in topic view)',
'Edit post'                =>    'Edit post',
'Edit redirect'            =>    'Post updated. Redirecting …'

'Remove spam word'    => 'This is a protection against spam bots. Delete the word %s from your post.',
'Remove spam phrase'    => 'This is a protection against spam bots. Delete the phrase %s from your post.',
'Remove URL amount'    => 'This is a protection against spam bots. Reduce the number of URLs in your post to %s.',
'Remove char amount'    => 'This is a protection against spam bots. Reduce the number of characters in your post to %s.'

);
If you do what you've always done, you'll get what you've always gotten.

Papillon's Website

  • From: Cork, Ireland
  • Registered: 2007-01-18
  • Posts: 92

Re: BB Spam Fighter 1.0.0

haven't checked the first 2 files but straight away:

, missing after

'Edit redirect'            =>    'Post updated. Redirecting …'

should have said to add in a , there to that if adding at the end.

if that doesn't do it i will look at the other 2 files but as there is only 1 change in both (and the same change) it can't be much wrong.

  • From: WonderLand
  • Registered: 2006-10-06
  • Posts: 259

Re: BB Spam Fighter 1.0.0

Thanks a lot naitkris for your time smile. This works finally! A little comma did all this to me! Unbelievable!
I am not a programmer, and this is like just my 3rd installed mod. I stick to the readme files all the time, so when there is a little thing missing, I mess up!

If you do what you've always done, you'll get what you've always gotten.

Papillon's Website

18 Reply by qie

  • qie
  • Senior Member
  • Offline
  • Registered: 2006-08-26
  • Posts: 185

Re: BB Spam Fighter 1.0.0

perfect spam fighter~

石家庄电脑维修

qie's Website

19 Reply by naitkris (edited by naitkris 2007-06-20 20:40)

  • From: Cork, Ireland
  • Registered: 2007-01-18
  • Posts: 92

Re: BB Spam Fighter 1.0.0

thanks for that qie - Daniel Vijge is to be thanked for the base for this mod. i am going to update it when i get back to my home in a number of weeks i hope (no regular computer access for the moment were i am).

planed additions are:
- Checking usernames (that of guests, maybe also regular users when registering) for forbidden words
- Option for minimum number of characters in posts (i.e. to stop users posting very short replies - forum spamming to increase post count etc)
- Checking of email addresses (like URLs at the moment) in posts

Plus some other minor improvements. If there is anything else that would be good to add please say so and i will try and add it when the time comes.