webdevised
11-11-2006, 12:29 AM
i need help editing this code so that it will strip some html and javascript codes.
Process code
<?
$reload = false; // ini var
if (me('id') == $_GET["id"]){
echo "<br><br><br><center><span class=\"topic-gray\">##pages.comments.send:error1##</span></center>";
$reload = true;
reload("3", "?L=users.profile&id={$_GET["id"]}");
}
elseif (me('id') == '') {
echo "<br><br><br><center><span class=\"topic-gray\">##pages.comments.send:error2##</span></center>";
$reload = true;
reload("3", "?L=users.profile&id={$_GET["id"]}");
}
else{
if (isset($_POST["submit"])) {
$msg = $_POST["message"];
$strippedmsg = substr($msg, 0,300);
mysql_query("INSERT INTO `match_comments` (`from`,`to`,`comment`,`date`) VALUES
('".me('id')."','{$_GET["id"]}','{$strippedmsg}','".date("U")."')") or die(mysql_error());
echo "<br><br><br><center><span class=\"topic-gray\">##pages.comments.send:comment##</span> <span class=\"topic-green\">##pages.comments.send:sent##</span></center>";
$user = mysql_fetch_array(mysql_query("SELECT * FROM `match_users` WHERE `id`='{$_GET["id"]}'"));
{
$headers = "From: NoReply@\r\n" .
'X-Mailer: PHP/' . phpversion() . "\r\n" .
"MIME-Version: 1.0\r\n" .
"Content-Type: text/html; charset=utf-8\r\n" .
"Content-Transfer-Encoding: 8bit\r\n\r\n";
$email = $user["email"];
$suname = me('username');
$subject = "$suname posted a new comment about you on YOURSITENAME";
$message = "<p>You have been sent a new message from someone.";
mail($email,$subject,$message,$headers);
} // Email mod
$reload = true;
reload("1", "?L=users.profile&id={$_GET["id"]}");
}
if (!$reload) {
$handle = fopen("theme/".gen('theme')."/templates/pages/comments_send.tpl", "r");
$template = fread($handle, 1024*1024);
$template = str_replace("{{message}}", "", $template);
$template = str_replace("{{smilestable}}", smilestable("msgfrm", "message", 2), $template);
echo $template;
}
}
Textarea page
<style type="text/css">
<!--
.maintable {
border: 1px solid #000000;
}
body,td,th {
color: #999999;
font-family: Arial, Helvetica, sans-serif;
font-size: 10px;
}
body {
background-color: #E8F2BE;
}
.topic-gray {
font-family: Arial, Helvetica, sans-serif;
font-size: 12px;
font-weight: bolder;
color: #666666;
}
.topic-green {
font-family: Arial, Helvetica, sans-serif;
font-size: 12px;
font-weight: bold;
color: #B9DC3A;
}
.copyright {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
}
.friendsbox {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
border: 1px solid #999999;
}
.minihead-gray {
color: #666666;
}
.minihead-green {
color: #B9DC3A;
}
.loginfields {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
border: 1px solid #666666;
}
a:link {
color: #0066FF;
text-decoration: none;
}
a:visited {
text-decoration: none;
color: #0066FF;
}
a:hover {
text-decoration: underline;
color: #0066FF;
}
a:active {
text-decoration: none;
color: #0066FF;
}
-->
</style>
<SCRIPT LANGUAGE="JavaScript">
// function parameters are: field - the string field, count - the field for remaining characters number and max - the maximum number of characters
function CountLeft(field, count, max) {
// if the length of the string in the input field is greater than the max value, trim it
if (field.value.length > max)
field.value = field.value.substring(0, max);
else
// calculate the remaining characters
count.value = max - field.value.length;
}
</script>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr bgcolor="#999999">
<td colspan="2"><img src="images/spacer.gif" width="1" height="1"></td>
</tr>
<tr bgcolor="#F7F7F7">
<td style="padding-left:5px;"><p><span class="topic-gray">##pages.messages.send:sendnew## </span> <span class="topic-green">##templates.tables.comments:comment##</span></p></td>
<td align="right" style="padding-left:5px;">
</td>
</tr>
<tr bgcolor="#999999">
<td colspan="2"><img src="images/spacer.gif" width="1" height="1"></td>
</tr>
</table>
<br>
<table width="100%" border="0" cellspacing="3" cellpadding="0"><form method="post" enctype="multipart/form-data" name="msgfrm">
<tr>
<td valign="top" class="minihezxad-gray"><p>##templates.pages.messages_send:message##:</p>
<p>{{smilestable}}</p></td>
<td width="26%">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/bold.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/italic.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/underline.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/center.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/email.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/image.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/url.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<br>##pages.comments:note##
<textarea name="message" cols="80" rows="15" id="message" onkeydown="CountLeft(this.form.message,this.form.left,300);" onkeyup="CountLeft(this.form.text,this.form.left,50);"></textarea>
##pages.comments:counter##
<input readonly type="text" name="left" size=3 maxlength=3 value="300">
</font>
caracteres<br></td>
</tr>
<tr>
<td> </td>
<td><input name="submit" type="submit" id="submit3" value="##templates.pages.messages_send:submit##"></td>
</tr></form>
</table>
Process code
<?
$reload = false; // ini var
if (me('id') == $_GET["id"]){
echo "<br><br><br><center><span class=\"topic-gray\">##pages.comments.send:error1##</span></center>";
$reload = true;
reload("3", "?L=users.profile&id={$_GET["id"]}");
}
elseif (me('id') == '') {
echo "<br><br><br><center><span class=\"topic-gray\">##pages.comments.send:error2##</span></center>";
$reload = true;
reload("3", "?L=users.profile&id={$_GET["id"]}");
}
else{
if (isset($_POST["submit"])) {
$msg = $_POST["message"];
$strippedmsg = substr($msg, 0,300);
mysql_query("INSERT INTO `match_comments` (`from`,`to`,`comment`,`date`) VALUES
('".me('id')."','{$_GET["id"]}','{$strippedmsg}','".date("U")."')") or die(mysql_error());
echo "<br><br><br><center><span class=\"topic-gray\">##pages.comments.send:comment##</span> <span class=\"topic-green\">##pages.comments.send:sent##</span></center>";
$user = mysql_fetch_array(mysql_query("SELECT * FROM `match_users` WHERE `id`='{$_GET["id"]}'"));
{
$headers = "From: NoReply@\r\n" .
'X-Mailer: PHP/' . phpversion() . "\r\n" .
"MIME-Version: 1.0\r\n" .
"Content-Type: text/html; charset=utf-8\r\n" .
"Content-Transfer-Encoding: 8bit\r\n\r\n";
$email = $user["email"];
$suname = me('username');
$subject = "$suname posted a new comment about you on YOURSITENAME";
$message = "<p>You have been sent a new message from someone.";
mail($email,$subject,$message,$headers);
} // Email mod
$reload = true;
reload("1", "?L=users.profile&id={$_GET["id"]}");
}
if (!$reload) {
$handle = fopen("theme/".gen('theme')."/templates/pages/comments_send.tpl", "r");
$template = fread($handle, 1024*1024);
$template = str_replace("{{message}}", "", $template);
$template = str_replace("{{smilestable}}", smilestable("msgfrm", "message", 2), $template);
echo $template;
}
}
Textarea page
<style type="text/css">
<!--
.maintable {
border: 1px solid #000000;
}
body,td,th {
color: #999999;
font-family: Arial, Helvetica, sans-serif;
font-size: 10px;
}
body {
background-color: #E8F2BE;
}
.topic-gray {
font-family: Arial, Helvetica, sans-serif;
font-size: 12px;
font-weight: bolder;
color: #666666;
}
.topic-green {
font-family: Arial, Helvetica, sans-serif;
font-size: 12px;
font-weight: bold;
color: #B9DC3A;
}
.copyright {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
}
.friendsbox {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
border: 1px solid #999999;
}
.minihead-gray {
color: #666666;
}
.minihead-green {
color: #B9DC3A;
}
.loginfields {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
border: 1px solid #666666;
}
a:link {
color: #0066FF;
text-decoration: none;
}
a:visited {
text-decoration: none;
color: #0066FF;
}
a:hover {
text-decoration: underline;
color: #0066FF;
}
a:active {
text-decoration: none;
color: #0066FF;
}
-->
</style>
<SCRIPT LANGUAGE="JavaScript">
// function parameters are: field - the string field, count - the field for remaining characters number and max - the maximum number of characters
function CountLeft(field, count, max) {
// if the length of the string in the input field is greater than the max value, trim it
if (field.value.length > max)
field.value = field.value.substring(0, max);
else
// calculate the remaining characters
count.value = max - field.value.length;
}
</script>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr bgcolor="#999999">
<td colspan="2"><img src="images/spacer.gif" width="1" height="1"></td>
</tr>
<tr bgcolor="#F7F7F7">
<td style="padding-left:5px;"><p><span class="topic-gray">##pages.messages.send:sendnew## </span> <span class="topic-green">##templates.tables.comments:comment##</span></p></td>
<td align="right" style="padding-left:5px;">
</td>
</tr>
<tr bgcolor="#999999">
<td colspan="2"><img src="images/spacer.gif" width="1" height="1"></td>
</tr>
</table>
<br>
<table width="100%" border="0" cellspacing="3" cellpadding="0"><form method="post" enctype="multipart/form-data" name="msgfrm">
<tr>
<td valign="top" class="minihezxad-gray"><p>##templates.pages.messages_send:message##:</p>
<p>{{smilestable}}</p></td>
<td width="26%">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/bold.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/italic.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/underline.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/center.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/email.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/image.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<input type="image" border="0" style="border: 0px none #FFFFFF;" src="images/richtext/url.gif" value="off" onClick="if (this.value!='on') { message.value=message.value+''; this.value='on'; message.focus(); } else { message.value=message.value+''; this.value='off'; message.focus(); } return false; ">
<br>##pages.comments:note##
<textarea name="message" cols="80" rows="15" id="message" onkeydown="CountLeft(this.form.message,this.form.left,300);" onkeyup="CountLeft(this.form.text,this.form.left,50);"></textarea>
##pages.comments:counter##
<input readonly type="text" name="left" size=3 maxlength=3 value="300">
</font>
caracteres<br></td>
</tr>
<tr>
<td> </td>
<td><input name="submit" type="submit" id="submit3" value="##templates.pages.messages_send:submit##"></td>
</tr></form>
</table>