<?php
/*
This is the PHP backend file for the AJAX Driven Chat application.
You may use this code in your own projects as long as this copyright is left
in place. All code is provided AS-IS.
This code is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
For the rest of the code visit http://www.DynamicAJAX.com
Copyright 2005 Ryan Smith / 345 Technical / 345 Group.
*/
include("captainsafecore.php");
include("captainsafeconfig.php");
$bcon = connectdb();
//Send some headers to keep the user's browser from caching the response.
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT" );
header("Last-Modified: " . gmdate( "D, d M Y H:i:s" ) . "GMT" );
header("Cache-Control: no-cache, must-revalidate" );
header("Pragma: no-cache" );
header("Content-Type: text/xml; charset=utf-8");
require('database.php');
//Check to see if a message was sent.
if(isset($_POST['message']) && $_POST['message'] != '') {
$text = getspam($_POST['message']);
$text = getsmilies($text);
$text=preg_replace("/\[b\](.*?)\[\/b\]/i","<b>\\1</b>", $text);
$text=preg_replace("/\[i\](.*?)\[\/i\]/i","<i>\\1</i>", $text);
$text=preg_replace("/\[u\](.*?)\[\/u\]/i","<u>\\1</u>", $text);
$text=preg_replace("/\[big\](.*?)\[\/big\]/i","<big>\\1</big>", $text);
$text=preg_replace("/\[small\](.*?)\[\/small\]/i","<small>\\1</small>", $text);
if(substr_count($text,"<a href=")<4){
$text = str_replace("[br/]","<br/>",$text);
}
$text = str_replace("http://", "http:--", $text);
$text = preg_replace("/http:--(.*?) /i", "<a href=\"http:--\\1\">http:--\\1</a> ", $text);
$text = str_replace("http:--", "http://", $text);
$_POST['message'] = $text;
$sql = "INSERT INTO message(chat_id, user_id, user_name, message, post_time) VALUES (" .
db_input($_GET['chat']) . ", 1, '" . db_input($_POST['name']) .
"', '" . db_input($_POST['message']) . "', NOW())";
db_query($sql);
}
//Check to see if a reset request was sent.
if(isset($_POST['action']) && $_POST['action'] == 'reset') {
$sql = "DELETE FROM message WHERE chat_id = " . db_input($_GET['chat']);
db_query($sql);
}
//Create the XML response.
$xml = '<?xml version="1.0" ?><root>';
//Check to ensure the user is in a chat room.
if(!isset($_GET['chat'])) {
$xml .='Your are not currently in a chat session. <a href="">Enter a chat session here</a>';
$xml .= '<message id="0">';
$xml .= '<user>Admin</user>';
$xml .= '<text>Your are not currently in a chat session. <a href="">Enter a chat session here</a></text>';
$xml .= '<time>' . date('h:i') . '</time>';
$xml .= '</message>';
} else {
$last = (isset($_GET['last']) && $_GET['last'] != '') ? $_GET['last'] : 0;
$sql = "SELECT message_id, user_name, message, date_format(post_time, '%h:%i') as post_time" .
" FROM message WHERE chat_id = " . db_input($_GET['chat']) . " AND message_id > " . $last;
$message_query = db_query($sql);
//Loop through each message and create an XML message node for each.
while($message_array = db_fetch_array($message_query)) {
$xml .= '<message id="' . $message_array['message_id'] . '">';
$xml .= '<user>' . htmlspecialchars($message_array['user_name']) . '</user>';
$xml .= '<text>' . htmlspecialchars($message_array['message']) . '</text>';
$xml .= '<time>' . $message_array['post_time'] . '</time>';
$xml .= '</message>';
}
}
$xml .= '</root>';
echo $xml;
?>