lineage2/l2j_mobius
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed probable community board post bypass exploit.

Browse Source
This commit is contained in:
MobiusDevelopment 2021-09-22 01:59:50 +00:00
parent 114f0d8727
commit f613b98386
67 changed files with 2885 additions and 1129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

156
L2J_Mobius_1.0_Ertheia/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_1.0_Ertheia/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_1.0_Ertheia/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_2.5_Underground/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_2.5_Underground/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_2.5_Underground/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_3.0_Helios/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_3.0_Helios/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_3.0_Helios/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_4.0_GrandCrusade/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_4.0_GrandCrusade/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_4.0_GrandCrusade/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_5.0_Salvation/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_5.0_Salvation/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_5.0_Salvation/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_5.5_EtinasFate/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_5.5_EtinasFate/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_5.5_EtinasFate/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_6.0_Fafurion/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_6.0_Fafurion/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_6.0_Fafurion/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_7.0_PreludeOfWar/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_7.0_PreludeOfWar/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_7.0_PreludeOfWar/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_8.2_Homunculus/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_8.2_Homunculus/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_8.2_Homunculus/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_9.2_ReturnOfTheQueenAnt/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_9.2_ReturnOfTheQueenAnt/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_9.2_ReturnOfTheQueenAnt/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

214
L2J_Mobius_C4_ScionsOfDestiny/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -19,8 +19,9 @@ package org.l2jmobius.gameserver.communitybbs.BB;
import java.sql.Connection; import java.sql.Connection;
import java.sql.PreparedStatement; import java.sql.PreparedStatement;
import java.sql.ResultSet; import java.sql.ResultSet;
import java.util.ArrayList; import java.util.Collection;
import java.util.List; import java.util.concurrent.ConcurrentHashMap;
import java.util.logging.Level;
import java.util.logging.Logger; import java.util.logging.Logger;
import org.l2jmobius.commons.database.DatabaseFactory; import org.l2jmobius.commons.database.DatabaseFactory;
@ -33,18 +34,100 @@ public class Post
{ {
private static final Logger LOGGER = Logger.getLogger(Post.class.getName()); private static final Logger LOGGER = Logger.getLogger(Post.class.getName());
public class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final List<CPost> _post; private final Collection<CPost> _post;
/** /**
* @param postOwner * @param postOwner
@ -56,43 +139,42 @@ public class Post
*/ */
public Post(String postOwner, int postOwnerId, long date, int tid, int postForumId, String txt) public Post(String postOwner, int postOwnerId, long date, int tid, int postForumId, String txt)
{ {
_post = new ArrayList<>(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
public void insertindb(CPost cp) private void insertindb(CPost cp)
{ {
try (Connection con = DatabaseFactory.getConnection()) try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
final PreparedStatement statement = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"); ps.setInt(1, cp.getPostId());
statement.setInt(1, cp.postId); ps.setString(2, cp.getPostOwner());
statement.setString(2, cp.postOwner); ps.setInt(3, cp.getPostOwnerId());
statement.setInt(3, cp.postOwnerId); ps.setLong(4, cp.getPostDate());
statement.setLong(4, cp.postDate); ps.setInt(5, cp.getPostTopicId());
statement.setInt(5, cp.postTopicId); ps.setInt(6, cp.getPostForumId());
statement.setInt(6, cp.postForumId); ps.setString(7, cp.getPostText());
statement.setString(7, cp.postTxt); ps.execute();
statement.execute();
statement.close();
} }
catch (Exception e) catch (Exception e)
{ {
LOGGER.warning("Error while saving new Post to db " + e); LOGGER.log(Level.WARNING, "Error while saving new Post to db " + e.getMessage(), e);
} }
} }
public Post(Topic t) public Post(Topic t)
{ {
_post = new ArrayList<>(); _post = ConcurrentHashMap.newKeySet();
load(t); load(t);
} }
@ -112,65 +194,63 @@ public class Post
public void deleteMe(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection()) try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("DELETE FROM posts WHERE post_forum_id=? AND post_topic_id=?"))
{ {
final PreparedStatement statement = con.prepareStatement("DELETE FROM posts WHERE post_forum_id=? AND post_topic_id=?"); ps.setInt(1, t.getForumID());
statement.setInt(1, t.getForumID()); ps.setInt(2, t.getID());
statement.setInt(2, t.getID()); ps.execute();
statement.execute();
statement.close();
} }
catch (Exception e) catch (Exception e)
{ {
LOGGER.warning("Error while deleting post: " + e.getMessage()); LOGGER.log(Level.WARNING, "Error while deleting post: " + e.getMessage(), e);
} }
} }
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection()) try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("SELECT * FROM posts WHERE post_forum_id=? AND post_topic_id=? ORDER BY post_id ASC"))
{ {
final PreparedStatement statement = con.prepareStatement("SELECT * FROM posts WHERE post_forum_id=? AND post_topic_id=? ORDER BY post_id ASC"); ps.setInt(1, t.getForumID());
statement.setInt(1, t.getForumID()); ps.setInt(2, t.getID());
statement.setInt(2, t.getID()); try (ResultSet rs = ps.executeQuery())
final ResultSet result = statement.executeQuery();
while (result.next())
{ {
final CPost cp = new CPost(); while (rs.next())
cp.postId = result.getInt("post_id"); {
cp.postOwner = result.getString("post_owner_name"); final CPost cp = new CPost();
cp.postOwnerId = result.getInt("post_ownerid"); cp.setPostId(rs.getInt("post_id"));
cp.postDate = result.getLong("post_date"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postTopicId = result.getInt("post_topic_id"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postForumId = result.getInt("post_forum_id"); cp.setPostDate(rs.getLong("post_date"));
cp.postTxt = result.getString("post_txt"); cp.setPostTopicId(rs.getInt("post_topic_id"));
_post.add(cp); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.setPostText(rs.getString("post_txt"));
_post.add(cp);
}
} }
result.close();
statement.close();
} }
catch (Exception e) catch (Exception e)
{ {
LOGGER.warning("Data error on Post " + t.getForumID() + "/" + t.getID() + " : " + e); LOGGER.log(Level.WARNING, "Data error on Post " + t.getForumID() + "/" + t.getID() + " : " + e.getMessage(), e);
} }
} }
public void updateText(int i) public void updateText(int i)
{ {
try (Connection con = DatabaseFactory.getConnection()) try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
final PreparedStatement statement = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"); ps.setString(1, cp.getPostText());
statement.setString(1, cp.postTxt); ps.setInt(2, cp.getPostId());
statement.setInt(2, cp.postId); ps.setInt(3, cp.getPostTopicId());
statement.setInt(3, cp.postTopicId); ps.setInt(4, cp.getPostForumId());
statement.setInt(4, cp.postForumId); ps.execute();
statement.execute();
statement.close();
} }
catch (Exception e) catch (Exception e)
{ {
LOGGER.warning("Error while saving new Post to db " + e); LOGGER.log(Level.WARNING, "Error while saving new Post to db " + e.getMessage(), e);
} }
} }
} }

8
L2J_Mobius_C4_ScionsOfDestiny/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -119,7 +119,7 @@ public class PostBBSManager extends BaseBBSManager
return; return;
} }
post.getCPost(idp).postTxt = ar4; post.getCPost(idp).setPostText(ar4);
post.updateText(idp); post.updateText(idp);
parseCmd("_bbsposts;read;" + forum.getID() + ";" + topic.getID(), player); parseCmd("_bbsposts;read;" + forum.getID() + ";" + topic.getID(), player);
} }
@ -191,7 +191,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -199,11 +199,11 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getPostByTopic(topic); final Post p = getPostByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
mes = mes.replace("\n", "<br1>"); mes = mes.replace("\n", "<br1>");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
separateAndSend(html, player); separateAndSend(html, player);
} }

214
L2J_Mobius_C6_Interlude/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -19,8 +19,9 @@ package org.l2jmobius.gameserver.communitybbs.BB;
import java.sql.Connection; import java.sql.Connection;
import java.sql.PreparedStatement; import java.sql.PreparedStatement;
import java.sql.ResultSet; import java.sql.ResultSet;
import java.util.ArrayList; import java.util.Collection;
import java.util.List; import java.util.concurrent.ConcurrentHashMap;
import java.util.logging.Level;
import java.util.logging.Logger; import java.util.logging.Logger;
import org.l2jmobius.commons.database.DatabaseFactory; import org.l2jmobius.commons.database.DatabaseFactory;
@ -33,18 +34,100 @@ public class Post
{ {
private static final Logger LOGGER = Logger.getLogger(Post.class.getName()); private static final Logger LOGGER = Logger.getLogger(Post.class.getName());
public class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final List<CPost> _post; private final Collection<CPost> _post;
/** /**
* @param postOwner * @param postOwner
@ -56,43 +139,42 @@ public class Post
*/ */
public Post(String postOwner, int postOwnerId, long date, int tid, int postForumId, String txt) public Post(String postOwner, int postOwnerId, long date, int tid, int postForumId, String txt)
{ {
_post = new ArrayList<>(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
public void insertindb(CPost cp) private void insertindb(CPost cp)
{ {
try (Connection con = DatabaseFactory.getConnection()) try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
final PreparedStatement statement = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"); ps.setInt(1, cp.getPostId());
statement.setInt(1, cp.postId); ps.setString(2, cp.getPostOwner());
statement.setString(2, cp.postOwner); ps.setInt(3, cp.getPostOwnerId());
statement.setInt(3, cp.postOwnerId); ps.setLong(4, cp.getPostDate());
statement.setLong(4, cp.postDate); ps.setInt(5, cp.getPostTopicId());
statement.setInt(5, cp.postTopicId); ps.setInt(6, cp.getPostForumId());
statement.setInt(6, cp.postForumId); ps.setString(7, cp.getPostText());
statement.setString(7, cp.postTxt); ps.execute();
statement.execute();
statement.close();
} }
catch (Exception e) catch (Exception e)
{ {
LOGGER.warning("Error while saving new Post to db " + e); LOGGER.log(Level.WARNING, "Error while saving new Post to db " + e.getMessage(), e);
} }
} }
public Post(Topic t) public Post(Topic t)
{ {
_post = new ArrayList<>(); _post = ConcurrentHashMap.newKeySet();
load(t); load(t);
} }
@ -112,65 +194,63 @@ public class Post
public void deleteMe(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection()) try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("DELETE FROM posts WHERE post_forum_id=? AND post_topic_id=?"))
{ {
final PreparedStatement statement = con.prepareStatement("DELETE FROM posts WHERE post_forum_id=? AND post_topic_id=?"); ps.setInt(1, t.getForumID());
statement.setInt(1, t.getForumID()); ps.setInt(2, t.getID());
statement.setInt(2, t.getID()); ps.execute();
statement.execute();
statement.close();
} }
catch (Exception e) catch (Exception e)
{ {
LOGGER.warning("Error while deleting post: " + e.getMessage()); LOGGER.log(Level.WARNING, "Error while deleting post: " + e.getMessage(), e);
} }
} }
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection()) try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("SELECT * FROM posts WHERE post_forum_id=? AND post_topic_id=? ORDER BY post_id ASC"))
{ {
final PreparedStatement statement = con.prepareStatement("SELECT * FROM posts WHERE post_forum_id=? AND post_topic_id=? ORDER BY post_id ASC"); ps.setInt(1, t.getForumID());
statement.setInt(1, t.getForumID()); ps.setInt(2, t.getID());
statement.setInt(2, t.getID()); try (ResultSet rs = ps.executeQuery())
final ResultSet result = statement.executeQuery();
while (result.next())
{ {
final CPost cp = new CPost(); while (rs.next())
cp.postId = result.getInt("post_id"); {
cp.postOwner = result.getString("post_owner_name"); final CPost cp = new CPost();
cp.postOwnerId = result.getInt("post_ownerid"); cp.setPostId(rs.getInt("post_id"));
cp.postDate = result.getLong("post_date"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postTopicId = result.getInt("post_topic_id"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postForumId = result.getInt("post_forum_id"); cp.setPostDate(rs.getLong("post_date"));
cp.postTxt = result.getString("post_txt"); cp.setPostTopicId(rs.getInt("post_topic_id"));
_post.add(cp); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.setPostText(rs.getString("post_txt"));
_post.add(cp);
}
} }
result.close();
statement.close();
} }
catch (Exception e) catch (Exception e)
{ {
LOGGER.warning("Data error on Post " + t.getForumID() + "/" + t.getID() + " : " + e); LOGGER.log(Level.WARNING, "Data error on Post " + t.getForumID() + "/" + t.getID() + " : " + e.getMessage(), e);
} }
} }
public void updateText(int i) public void updateText(int i)
{ {
try (Connection con = DatabaseFactory.getConnection()) try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
final PreparedStatement statement = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"); ps.setString(1, cp.getPostText());
statement.setString(1, cp.postTxt); ps.setInt(2, cp.getPostId());
statement.setInt(2, cp.postId); ps.setInt(3, cp.getPostTopicId());
statement.setInt(3, cp.postTopicId); ps.setInt(4, cp.getPostForumId());
statement.setInt(4, cp.postForumId); ps.execute();
statement.execute();
statement.close();
} }
catch (Exception e) catch (Exception e)
{ {
LOGGER.warning("Error while saving new Post to db " + e); LOGGER.log(Level.WARNING, "Error while saving new Post to db " + e.getMessage(), e);
} }
} }
} }

8
L2J_Mobius_C6_Interlude/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -119,7 +119,7 @@ public class PostBBSManager extends BaseBBSManager
return; return;
} }
post.getCPost(idp).postTxt = ar4; post.getCPost(idp).setPostText(ar4);
post.updateText(idp); post.updateText(idp);
parseCmd("_bbsposts;read;" + forum.getID() + ";" + topic.getID(), player); parseCmd("_bbsposts;read;" + forum.getID() + ";" + topic.getID(), player);
} }
@ -191,7 +191,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -199,11 +199,11 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getPostByTopic(topic); final Post p = getPostByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
mes = mes.replace("\n", "<br1>"); mes = mes.replace("\n", "<br1>");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
separateAndSend(html, player); separateAndSend(html, player);
} }

156
L2J_Mobius_CT_2.4_Epilogue/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_CT_2.4_Epilogue/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_CT_2.4_Epilogue/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_CT_2.6_HighFive/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_CT_2.6_HighFive/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_CT_2.6_HighFive/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_Classic_2.0_Saviors/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_Classic_2.0_Saviors/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_Classic_2.0_Saviors/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_Classic_2.1_Zaken/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_Classic_2.1_Zaken/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_Classic_2.1_Zaken/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_Classic_2.2_Antharas/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_Classic_2.2_Antharas/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_Classic_2.2_Antharas/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_Classic_2.3_SevenSigns/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_Classic_2.3_SevenSigns/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_Classic_2.3_SevenSigns/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_Classic_2.4_SecretOfEmpire/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_Classic_2.4_SecretOfEmpire/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_Classic_2.4_SecretOfEmpire/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_Classic_3.0_TheKamael/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_Classic_3.0_TheKamael/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_Classic_3.0_TheKamael/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_Classic_Interlude/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_Classic_Interlude/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_Classic_Interlude/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_Essence_4.2_DwellingOfSpirits/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_Essence_4.2_DwellingOfSpirits/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_Essence_4.2_DwellingOfSpirits/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);

156
L2J_Mobius_Essence_5.2_FrostLord/java/org/l2jmobius/gameserver/communitybbs/BB/Post.java
View File

@ -36,13 +36,95 @@ public class Post
public static class CPost public static class CPost
{ {
public int postId; private int _postId;
public String postOwner; private String _postOwner;
public int postOwnerId; private int _postOwnerId;
public long postDate; private long _postDate;
public int postTopicId; private int _postTopicId;
public int postForumId; private int _postForumId;
public String postTxt; private String _postText;
public void setPostId(int postId)
{
_postId = postId;
}
public int getPostId()
{
return _postId;
}
public void setPostOwner(String postOwner)
{
_postOwner = postOwner;
}
public String getPostOwner()
{
return _postOwner;
}
public void setPostOwnerId(int postOwnerId)
{
_postOwnerId = postOwnerId;
}
public int getPostOwnerId()
{
return _postOwnerId;
}
public void setPostDate(long postDate)
{
_postDate = postDate;
}
public long getPostDate()
{
return _postDate;
}
public void setPostTopicId(int postTopicId)
{
_postTopicId = postTopicId;
}
public int getPostTopicId()
{
return _postTopicId;
}
public void setPostForumId(int postForumId)
{
_postForumId = postForumId;
}
public int getPostForumId()
{
return _postForumId;
}
public void setPostText(String postText)
{
_postText = postText;
}
public String getPostText()
{
if (_postText == null)
{
return "";
}
// Bypass exploit check.
final String text = _postText.toLowerCase();
if (text.contains("action") && text.contains("bypass"))
{
return "";
}
return _postText;
}
} }
private final Collection<CPost> _post; private final Collection<CPost> _post;
@ -59,13 +141,13 @@ public class Post
{ {
_post = ConcurrentHashMap.newKeySet(); _post = ConcurrentHashMap.newKeySet();
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = 0; cp.setPostId(0);
cp.postOwner = postOwner; cp.setPostOwner(postOwner);
cp.postOwnerId = postOwnerId; cp.setPostOwnerId(postOwnerId);
cp.postDate = date; cp.setPostDate(date);
cp.postTopicId = tid; cp.setPostTopicId(tid);
cp.postForumId = postForumId; cp.setPostForumId(postForumId);
cp.postTxt = txt; cp.setPostText(txt);
_post.add(cp); _post.add(cp);
insertindb(cp); insertindb(cp);
} }
@ -75,13 +157,13 @@ public class Post
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)")) PreparedStatement ps = con.prepareStatement("INSERT INTO posts (post_id,post_owner_name,post_ownerid,post_date,post_topic_id,post_forum_id,post_txt) values (?,?,?,?,?,?,?)"))
{ {
ps.setInt(1, cp.postId); ps.setInt(1, cp.getPostId());
ps.setString(2, cp.postOwner); ps.setString(2, cp.getPostOwner());
ps.setInt(3, cp.postOwnerId); ps.setInt(3, cp.getPostOwnerId());
ps.setLong(4, cp.postDate); ps.setLong(4, cp.getPostDate());
ps.setInt(5, cp.postTopicId); ps.setInt(5, cp.getPostTopicId());
ps.setInt(6, cp.postForumId); ps.setInt(6, cp.getPostForumId());
ps.setString(7, cp.postTxt); ps.setString(7, cp.getPostText());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)
@ -109,7 +191,7 @@ public class Post
return null; return null;
} }
public void deleteme(Topic t) public void deleteMe(Topic t)
{ {
PostBBSManager.getInstance().delPostByTopic(t); PostBBSManager.getInstance().delPostByTopic(t);
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -125,9 +207,6 @@ public class Post
} }
} }
/**
* @param t
*/
private void load(Topic t) private void load(Topic t)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
@ -140,13 +219,13 @@ public class Post
while (rs.next()) while (rs.next())
{ {
final CPost cp = new CPost(); final CPost cp = new CPost();
cp.postId = rs.getInt("post_id"); cp.setPostId(rs.getInt("post_id"));
cp.postOwner = rs.getString("post_owner_name"); cp.setPostOwner(rs.getString("post_owner_name"));
cp.postOwnerId = rs.getInt("post_ownerid"); cp.setPostOwnerId(rs.getInt("post_ownerid"));
cp.postDate = rs.getLong("post_date"); cp.setPostDate(rs.getLong("post_date"));
cp.postTopicId = rs.getInt("post_topic_id"); cp.setPostTopicId(rs.getInt("post_topic_id"));
cp.postForumId = rs.getInt("post_forum_id"); cp.setPostForumId(rs.getInt("post_forum_id"));
cp.postTxt = rs.getString("post_txt"); cp.setPostText(rs.getString("post_txt"));
_post.add(cp); _post.add(cp);
} }
} }
@ -157,19 +236,16 @@ public class Post
} }
} }
/** public void updateText(int i)
* @param i
*/
public void updatetxt(int i)
{ {
try (Connection con = DatabaseFactory.getConnection(); try (Connection con = DatabaseFactory.getConnection();
PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?")) PreparedStatement ps = con.prepareStatement("UPDATE posts SET post_txt=? WHERE post_id=? AND post_topic_id=? AND post_forum_id=?"))
{ {
final CPost cp = getCPost(i); final CPost cp = getCPost(i);
ps.setString(1, cp.postTxt); ps.setString(1, cp.getPostText());
ps.setInt(2, cp.postId); ps.setInt(2, cp.getPostId());
ps.setInt(3, cp.postTopicId); ps.setInt(3, cp.getPostTopicId());
ps.setInt(4, cp.postForumId); ps.setInt(4, cp.getPostForumId());
ps.execute(); ps.execute();
} }
catch (Exception e) catch (Exception e)

10
L2J_Mobius_Essence_5.2_FrostLord/java/org/l2jmobius/gameserver/communitybbs/Manager/PostBBSManager.java
View File

@ -120,7 +120,7 @@ public class PostBBSManager extends BaseBBSManager
{ {
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">" + forum.getName() + " Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0><tr><td width=610><img src=\"sek.cbui355\" width=\"610\" height=\"1\"><br1><img src=\"sek.cbui355\" width=\"610\" height=\"1\"></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=20></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&$413;</td><td FIXWIDTH=540>" + topic.getName() + "</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29 valign=top>&$427;</td><td align=center FIXWIDTH=540><MultiEdit var =\"Content\" width=535 height=313></td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr></table><table fixwidth=610 border=0 cellspacing=0 cellpadding=0><tr><td><img src=\"l2ui.mini_logo\" width=5 height=10></td></tr><tr><td><img src=\"l2ui.mini_logo\" width=5 height=1></td><td align=center FIXWIDTH=60 height=29>&nbsp;</td><td align=center FIXWIDTH=70><button value=\"&$140;\" action=\"Write Post " + forum.getID() + ";" + topic.getID() + ";0 _ Content Content Content\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td><td align=center FIXWIDTH=70><button value = \"&$141;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"> </td><td align=center FIXWIDTH=400>&nbsp;</td><td><img src=\"l2ui.mini_logo\" width=5 height=1></td></tr></table></center></body></html>";
send1001(html, player); send1001(html, player);
send1002(player, p.getCPost(0).postTxt, topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate()))); send1002(player, p.getCPost(0).getPostText(), topic.getName(), DateFormat.getInstance().format(new Date(topic.getDate())));
} }
private void showMemoPost(Topic topic, PlayerInstance player, Forum forum) private void showMemoPost(Topic topic, PlayerInstance player, Forum forum)
@ -128,10 +128,10 @@ public class PostBBSManager extends BaseBBSManager
final Post p = getGPosttByTopic(topic); final Post p = getGPosttByTopic(topic);
final Locale locale = Locale.getDefault(); final Locale locale = Locale.getDefault();
final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale); final DateFormat dateFormat = DateFormat.getDateInstance(DateFormat.FULL, locale);
String mes = p.getCPost(0).postTxt.replace(">", "&gt;"); String mes = p.getCPost(0).getPostText().replace(">", "&gt;");
mes = mes.replace("<", "&lt;"); mes = mes.replace("<", "&lt;");
final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).postDate) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>"; final String html = "<html><body><br><br><table border=0 width=610><tr><td width=10></td><td width=600 align=left><a action=\"bypass _bbshome\">HOME</a>&nbsp;>&nbsp;<a action=\"bypass _bbsmemo\">Memo Form</a></td></tr></table><img src=\"L2UI.squareblank\" width=\"1\" height=\"10\"><center><table border=0 cellspacing=0 cellpadding=0 bgcolor=333333><tr><td height=10></td></tr><tr><td fixWIDTH=55 align=right valign=top>&$413; : &nbsp;</td><td fixWIDTH=380 valign=top>" + topic.getName() + "</td><td fixwidth=5></td><td fixwidth=50></td><td fixWIDTH=120></td></tr><tr><td height=10></td></tr><tr><td align=right><font color=\"AAAAAA\" >&$417; : &nbsp;</font></td><td><font color=\"AAAAAA\">" + topic.getOwnerName() + "</font></td><td></td><td><font color=\"AAAAAA\">&$418; :</font></td><td><font color=\"AAAAAA\">" + dateFormat.format(p.getCPost(0).getPostDate()) + "</font></td></tr><tr><td height=10></td></tr></table><br><table border=0 cellspacing=0 cellpadding=0><tr><td fixwidth=5></td><td FIXWIDTH=600 align=left>" + mes + "</td><td fixqqwidth=5></td></tr></table><br><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><img src=\"L2UI.squaregray\" width=\"610\" height=\"1\"><img src=\"L2UI.squareblank\" width=\"1\" height=\"5\"><table border=0 cellspacing=0 cellpadding=0 FIXWIDTH=610><tr><td width=50><button value=\"&$422;\" action=\"bypass _bbsmemo\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\"></td><td width=560 align=right><table border=0 cellspacing=0><tr><td FIXWIDTH=300></td><td><button value = \"&$424;\" action=\"bypass _bbsposts;edit;" + forum.getID() + ";" + topic.getID() + ";0\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$425;\" action=\"bypass _bbstopics;del;" + forum.getID() + ";" + topic.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;<td><button value = \"&$421;\" action=\"bypass _bbstopics;crea;" + forum.getID() + "\" back=\"l2ui_ch3.smallbutton2_down\" width=65 height=20 fore=\"l2ui_ch3.smallbutton2\" ></td>&nbsp;</tr></table></td></tr></table><br><br><br></center></body></html>";
CommunityBoardHandler.separateAndSend(html, player); CommunityBoardHandler.separateAndSend(html, player);
} }
@ -165,8 +165,8 @@ public class PostBBSManager extends BaseBBSManager
} }
else else
{ {
p.getCPost(idp).postTxt = ar4; p.getCPost(idp).setPostText(ar4);
p.updatetxt(idp); p.updateText(idp);
parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player); parsecmd("_bbsposts;read;" + f.getID() + ";" + t.getID(), player);
} }
} }

4
L2J_Mobius_Essence_5.2_FrostLord/java/org/l2jmobius/gameserver/communitybbs/Manager/TopicBBSManager.java
View File

@ -115,7 +115,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);
@ -178,7 +178,7 @@ public class TopicBBSManager extends BaseBBSManager
final Post p = PostBBSManager.getInstance().getGPosttByTopic(t); final Post p = PostBBSManager.getInstance().getGPosttByTopic(t);
if (p != null) if (p != null)
{ {
p.deleteme(t); p.deleteMe(t);
} }
t.deleteme(f); t.deleteme(f);
parsecmd("_bbsmemo", player); parsecmd("_bbsmemo", player);