This is what I have
Code: Select all
$name = mysql_real_escape_string(strip_tags($_COOKIE['username']));
$bold = mysql_real_escape_string($_POST['bold']);
$italic = mysql_real_escape_string($_POST['italics']);
$underline = mysql_real_escape_string($_POST['underline']);
$face = mysql_real_escape_string($_POST['face']);
$size = mysql_real_escape_string($_POST['size']);
$color = mysql_real_escape_string($_POST['color']);
$message = mysql_real_escape_string($_POST['message']);
$timeposted = time();
if($bold == "on"){
$b1 = "<B>";
$b2 = "</B>"; } ELSE {
$b1 = "";
$b2 = ""; }
if($italic == "on"){
$i1 = "<I>";
$i2 = "</I>"; } ELSE {
$i1 = "";
$i2 = ""; }
if($underline == "on"){
$u1 = "<U>";
$u2 = "</U>"; } ELSE {
$u1 = "";
$u2 = ""; }
function make_clickable($text)
{
$ret = ' ' . $text;
$ret = preg_replace("#(^|[\n ])([\w]+?://[^ \"\n\r\t<]*)#is", "\\1<a href=\"\\2\" target=\"_blank\">\\2</a>", $ret);
$ret = preg_replace("#(^|[\n ])((www|ftp)\.[^ \"\t\n\r<]*)#is", "\\1<a href=\"http://\\2\" target=\"_blank\">\\2</a>", $ret);
$ret = preg_replace("#(^|[\n ])([a-z0-9&\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>", $ret);
$ret = substr($ret, 1);
return($ret);
}
$message = mysql_real_escape_string($_POST['message']);
$message2 = "<font face=$face size=$size color=$color>$b1$i1$u1$message$u2$i2$b2</font>";
$message3 = make_clickable($message2);
$message4 = htmlentities($message3, ENT_QUOTES);
mysql_query("INSERT INTO chat (name, message, timeposted) VALUES('$name','$message4', '$timeposted')");Code: Select all
$message = stripslashes(html_entity_decode($row['message']));
$message2 = str_replace($smilies, $smiliesimg, $message);
echo $message2;