ILYAS415 Posted January 2, 2008 Share Posted January 2, 2008 Okay Hi. I have a problem with a chat script. Basically when someone enters a string and somewhere in the string the use a # character, then there actualy name there using doesn't appear only the message they were typing in appears. Example:- normally when someone types something in it comes out like this... Person's name - Message blablabla When they use a hash it comes out like this:- - Message here blablabla The hash does not appear in the string though. Heres the coding for the script im using... <?php /* author: chris at linuxuser.at licence: GPLv2 */ require_once "includes/db_connect.php"; include_once "includes/functions.php"; include_once "includes/smile.php"; logincheck(); $username= $_SESSION['username']; $fetch= mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'")); $fn = "chat.txt"; $maxlines = 18; $nick_length = 10; /* Set this to a minimum wait time between posts (in sec) */ $waittime_sec = 0; /* spam keywords */ $spam[] = "nigger"; $spam[] = "cum"; $spam[] = "dick"; $spam[] = "EAT coon"; $spam[] = "bitch"; $spam[] = "fuck"; $spam[] = "whore"; $spam[] = "sex"; $spam[] = "slut"; $spam[] = "cock"; $spam[] = "bastard"; $spam[] = "motherfucker"; $spam[] = "hoe"; $spam[] = "tits"; $spam[] = "boobs"; $spam[] = "breasts"; $spam[] = "penis"; $spam[] = "arse"; /* IP's to block */ $blockip[] = "72.60.167.89"; /* spam, if message IS exactly that string */ $espam[] = "ajax"; /* Get Message & Nick from the Request and Escape them */ $msg = $_REQUEST["m"]; $msg = htmlspecialchars(stripslashes($msg)); $msg = str_replace("#", "", $msg); $msg = stripslashes($msg); $n = $_REQUEST["n"]; $n = htmlspecialchars(stripslashes($n)); $n= str_replace("#", "", $n); $n= stripslashes($n); if (strlen($n) >= $nick_length) { $n = substr($n, 0, $nick_length); } else { for ($i=strlen($n); $i<$nick_length; $i++) $n .= " "; } if ($waittime_sec > 0) { $lastvisit = $_COOKIE["lachatlv"]; setcookie("lachatlv", time()); if ($lastvisit != "") { $diff = time() - $lastvisit; if ($diff < 5) { die(); } } } if ($msg != "") { if (strlen($msg) <= "2") { die(); } if (strlen($msg) >= "3") { /* Smilies are ok */ if (strtoupper($msg) == $msg) { die(); } } if (strlen($msg) > 150) { die(); } if (strlen($msg) > 15) { if (substr_count($msg, substr($msg, 6, ) > 1) { die(); } } foreach ($blockip as $a) { if ($_SERVER["REMOTE_ADDR"] == $a) { die(); } } $mystring = strtoupper($msg); foreach ($spam as $a) { if (strpos($mystring, strtoupper($a)) === false) { /* Everything Ok Here */ } else { die(); } } foreach ($espam as $a) { if (strtoupper($msg) == strtoupper($a)) { die(); } } $handle = fopen ($fn, 'r'); $chattext = fread($handle, filesize($fn)); fclose($handle); $arr1 = explode("\n", $chattext); if (count($arr1) > $maxlines) { /* Pruning */ $arr1 = array_reverse($arr1); for ($i=0; $i<$maxlines; $i++) { $arr2[$i] = $arr1[$i]; } $arr2 = array_reverse($arr2); } else { $arr2 = $arr1; } $chattext = implode("\n", $arr2); if (substr_count($chattext, $msg) > 2) { die(); } $msg="<font color=orange>".ucfirst($msg)."</font>"; if ($fetch->userlevel == "0"){ $n="<font color=lightblue>".ucfirst($n)."</font>"; }elseif ($fetch->userlevel == "0.5"){ $n="<font color=#f8ff6a>".ucfirst($n)."</font>"; }elseif ($fetch->userlevel == "1"){ $n="<font color=#71f8ff>".ucfirst($n)."</font>"; }elseif ($fetch->userlevel == "2"){ $n="<font color=#ff6464>".ucfirst($n)."</font>"; }elseif ($fetch->userlevel == "3"){ $n="<font color=#7cff5b>".ucfirst($n)."</font>"; } $out = $chattext . $n . " - " . $msg . "<br>"; $out = str_replace("\'", "'", $out); $out = str_replace("\\\"", "\"", $out); $out= chat($out); $handle = fopen ($fn, 'w'); fwrite ($handle, $out); fclose($handle); $timenow= time() + (60 * 5); mysql_query("UPDATE users SET chatonline='$timenow' WHERE username='$username'"); } ?> Thanks, im in a rush because i have to go work now. Thanks, i tried to keep it as simple as possible. Quote Link to comment https://forums.phpfreaks.com/topic/84136-need-help-with-chat-script/ Share on other sites More sharing options...
lemmin Posted January 2, 2008 Share Posted January 2, 2008 I think the problem might be coming from this part: /* Get Message & Nick from the Request and Escape them */ $msg = $_REQUEST["m"]; $msg = htmlspecialchars(stripslashes($msg)); $msg = str_replace("#", "", $msg); $msg = stripslashes($msg); $n = $_REQUEST["n"]; $n = htmlspecialchars(stripslashes($n)); $n= str_replace("#", "", $n); $n= stripslashes($n); Try commenting out this: $msg = htmlspecialchars(stripslashes($msg)); $msg = str_replace("#", "", $msg); $msg = stripslashes($msg); And this: $n = htmlspecialchars(stripslashes($n)); $n= str_replace("#", "", $n); $n= stripslashes($n); And see if you still have the same problem. If not, you might consider using regular expressions to make your own escaping functions. Quote Link to comment https://forums.phpfreaks.com/topic/84136-need-help-with-chat-script/#findComment-428290 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.