CHATT

1. <?php
2. session_start();
3.  
4.  
5.  
6.  
7.  
8.  
9.  
10. include '../adminlist.php'; //include AFTER session is started (session_start();)
11. include '../chatfunctions.php'; //include AFTER including adminlist.php
12.  
13. include ('../steamauth/userInfo.php');
14. if(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest')
15. {
16. $today = date("H:i:s | d.m.Y");
17. if ($_POST['massage'] == '') {
18. die('<script>alert("Error! The message can\'t be empty!")</script>');
19. }
20. if (strlen($_POST['massage']) < 3) {
21. die('<script>alert("Error! Very short message min. 3 characters")</script>');
22. }
23. if (strlen($_POST['massage']) > 300) {
24. die('<script>alert("Error! Very long message, max. 300 characters!")</script>');
25. }
26. //die('<script>alert("'.isbanned($steamprofile['steamid']).'")</script>');
27. if (isbanned($steamprofile['steamid']))
28. {
29. die('<script>alert("Error! You are banned from using the chat.")</script>');
30. }
31. if (ismuted($steamprofile['steamid']))
32. {
33. die('<script>alert("Error! You are muted from chat by an admin. The punishment lasts 24hrs.")</script>');
34. }
35. if(!isset($_SESSION['steamid'])) {
36. echo '<script>alert("Error! Only logged in users can write in chat!")</script>';
37. }
38. else {
39. $massage=htmlspecialchars($_POST['massage']); //no xss sir
40.  
41. //filtre noi, ca alea vechi erau de praf.
42. $cuvintedecacat=array(
43. 'nigger',
44. 'fuck',
45. 'shit',
46. 'faggot',
47. 'jew',
48. 'hitler',
49. 'bestpot',
50. 'csgobestpot',
51. 'csgobestpot.com',
52. 'csgoskinwin.com',
53. 'csjackpot.pl',
54. );
55.  
56. foreach($cuvintedecacat as $cuvant)
57. {
58. if(preg_match('#'.$cuvant.'#i', $massage)) {
59. echo '<script>alert("Our system thinks that you may have used an innapropriate word or phrase in the chat and it was censored. If you are using innapropriate language or you are spamming you will get banned.")</script>';
60. }
61.  
62. }
63.  
64. $massage=str_ireplace($cuvintedecacat, '****', $massage); //ireplace=case insensitive
65. //
66.  
67. $file = 'chat.txt';
68. $adminss = array(
69. '76561198174419958',
70. );
71. foreach($adminss as $culoarez){
72. if($culoarez == $steamprofile['steamid']) {
73. $steamprofile['personaname']= '<font color=#337ab7><b>'.htmlspecialchars($steamprofile['personaname']).'</b></font>';
74. $massage = '<font color="#337ab7"> <i>'.$massage.'</i></font>';}
75. }
76. //if ($steamprofile['steamid'] == '76561198126259709') {
77. // $massage = '<font color="#EA7526"><i>'.$massage.'</i></font>';
78. //}
79.  
80. // The new man, which must be added to the file
81. $personoriginal = '<div class="chat-msg">
82. <div class="caht-ava"><img src="'.$steamprofile['avatarmedium'].'" width="30px"></div>
83. <div class="caht-name"><a href="'.$steamprofile['profileurl'].'" target="_blank">'.$steamprofile['personaname'].'</a></div>
84. <div class="caht-dateid">'.$today.'</div>
85. <div class="msg-text">'.$massage.'</div>
86. </div>';
87.  
88. $person = '<div class="chat-msg"><div class="caht-name"><img class="caht-ava" src="'.$steamprofile['avatarmedium'].'" width="20px"><a href="prredirect.php?id='.$steamprofile['steamid'].'&amp;name='.base64_encode($steamprofile['personaname']).'" target="_blank" title="'.$today.'">'.$steamprofile['personaname'].'</a>: '.$massage.'</div></div>';
89. // Write the contents of a file,
90. // Using the flag FILE_APPEND flag to append content to the file
91. // Flag LOCK_EX to prevent the recording of the file someone else at this time
92. file_put_contents($file, $person.file_get_contents($file), LOCK_EX);
93. }
94. exit;
95. }