} elseif ($year != 0) { $parts .= "&year={$year}"; } elseif ($dir_topic === 'all') { $tp = ''; } $url = COM_buildURL($script . $tp . $parts); return '<link rel="canonical" href="' . $url . '"' . XHTML . '>' . LB; } // MAIN $display = ''; if (isset($_POST['topic']) && isset($_POST['year']) && isset($_POST['month'])) { $dir_topic = $_POST['topic']; $year = $_POST['year']; $month = $_POST['month']; } else { COM_setArgNames(array('topic', 'year', 'month')); $dir_topic = COM_getArgument('topic'); $year = COM_getArgument('year'); $month = COM_getArgument('month'); } $dir_topic = COM_applyFilter($dir_topic); if (empty($dir_topic)) { $dir_topic = 'all'; } // Topic stuff already set in lib-common but need to double check if URL_Write is_a enabled //Set topic for rest of site if ($dir_topic === 'all') { $topic = ''; } else { $topic = $dir_topic; }
$loginreq = new Template($_CONF['path_layout'] . 'submit'); $loginreq->set_file('loginreq', 'submitloginrequired.thtml'); $loginreq->set_var('xhtml', XHTML); $loginreq->set_var('layout_url', $_CONF['layout_url']); $loginreq->set_var('login_message', $LANG_LOGIN[2]); $loginreq->set_var('lang_login', $LANG_LOGIN[3]); $loginreq->set_var('lang_newuser', $LANG_LOGIN[4]); $loginreq->parse('errormsg', 'loginreq'); $display .= $loginreq->finish($loginreq->get_var('errormsg')); $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $display .= CLASSIFIEDS_siteFooter(true); echo $display; exit; } // Retrieve and sanitize input variables. Typically _GET, but may be _POSTed. COM_setArgNames(array('mode', 'id', 'page', 'query')); // Get any message ID if (isset($_REQUEST['msg'])) { $msg = COM_applyFilter($_REQUEST['msg']); } else { $msg = ''; } if (isset($_REQUEST['mode'])) { $mode = COM_applyFilter($_REQUEST['mode']); } else { $mode = COM_getArgument('mode'); } if (isset($_REQUEST['id'])) { $id = COM_sanitizeID($_REQUEST['id']); } else { $id = COM_applyFilter(COM_getArgument('id'));
/** * Returns the site header * * This loads the proper templates, does variable substitution and returns the * HTML for the site header with or without blocks depending on the value of $what * * Programming Note: * * The two functions COM_siteHeader and COM_siteFooter provide the framework for * page display in Geeklog. COM_siteHeader controls the display of the Header * and left blocks and COM_siteFooter controls the dsiplay of the right blocks * and the footer. You use them like a sandwich. Thus the following code will * display a Geeklog page with both right and left blocks displayed. * * <code> * <?php * require_once 'lib-common.php'; * // Change to COM_siteHeader('none') to not display left blocks * $display .= COM_siteHeader(); * $display .= "Here is your html for display"; * // Change to COM_siteFooter() to not display right blocks * $display .= COM_siteFooter(true); * echo $display; * ? > * </code> * * Note that the default for the header is to display the left blocks and the * default of the footer is to not display the right blocks. * * This sandwich produces code like this (greatly simplified) * <code> * // COM_siteHeader * <table><tr><td colspan="3">Header</td></tr> * <tr><td>Left Blocks</td><td> * * // Your HTML goes here * Here is your html for display * * // COM_siteFooter * </td><td>Right Blocks</td></tr> * <tr><td colspan="3">Footer</td></table> * </code> * * @param string $what If 'none' then no left blocks are returned, if 'menu' (default) then right blocks are returned * @param string $pagetitle optional content for the page's <title> * @param string $headercode optional code to go into the page's <head> * @return string Formatted HTML containing the site header * @see function COM_siteFooter * */ function COM_siteHeader($what = 'menu', $pagetitle = '', $headercode = '') { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG_BUTTONS, $LANG_DIRECTION, $_IMAGE_TYPE, $topic, $_COM_VERBOSE, $_SCRIPTS; // If the theme implemented this for us then call their version instead. $function = $_CONF['theme'] . '_siteHeader'; if (function_exists($function)) { return $function($what, $pagetitle, $headercode); } // If we reach here then either we have the default theme OR // the current theme only needs the default variable substitutions switch ($_CONF['doctype']) { case 'html401transitional': $doctype = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">'; break; case 'html401strict': $doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">'; break; case 'xhtml10transitional': $doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'; break; case 'xhtml10strict': $doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">'; break; default: // fallback: HTML 4.01 Transitional w/o system identifier $doctype = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">'; break; } // send out the charset header header('Content-Type: text/html; charset=' . COM_getCharset()); if (!empty($_CONF['frame_options'])) { header('X-FRAME-OPTIONS: ' . $_CONF['frame_options']); } $header = COM_newTemplate($_CONF['path_layout']); $header->set_file(array('header' => 'header.thtml', 'menuitem' => 'menuitem.thtml', 'menuitem_last' => 'menuitem_last.thtml', 'menuitem_none' => 'menuitem_none.thtml', 'leftblocks' => 'leftblocks.thtml', 'rightblocks' => 'rightblocks.thtml')); $header->postprocess_fn = 'PLG_replaceTags'; $header->set_var('doctype', $doctype); if (XHTML == '') { $header->set_var('xmlns', ''); } else { $header->set_var('xmlns', ' xmlns="http://www.w3.org/1999/xhtml"'); } // get topic if not on home page if (!isset($_GET['topic'])) { if (isset($_GET['story'])) { $sid = COM_applyFilter($_GET['story']); } elseif (isset($_GET['sid'])) { $sid = COM_applyFilter($_GET['sid']); } elseif (isset($_POST['story'])) { $sid = COM_applyFilter($_POST['story']); } if (empty($sid) && $_CONF['url_rewrite'] && strpos($_SERVER['PHP_SELF'], 'article.php') !== false) { COM_setArgNames(array('story', 'mode')); $sid = COM_applyFilter(COM_getArgument('story')); } if (!empty($sid)) { $topic = DB_getItem($_TABLES['stories'], 'tid', "sid='{$sid}'"); } } else { $topic = COM_applyFilter($_GET['topic']); } $feed_url = array(); if ($_CONF['backend'] == 1) { $baseurl = SYND_getFeedUrl(); $sql = 'SELECT format, filename, title, language FROM ' . $_TABLES['syndication'] . " WHERE (header_tid = 'all')"; if (!empty($topic)) { $sql .= " OR (header_tid = '" . addslashes($topic) . "')"; } $result = DB_query($sql); $numRows = DB_numRows($result); for ($i = 0; $i < $numRows; $i++) { $A = DB_fetchArray($result); if (!empty($A['filename'])) { $format_type = SYND_getMimeType($A['format']); $format_name = SYND_getFeedType($A['format']); $feed_title = $format_name . ' Feed: ' . $A['title']; $feed_url[] = '<link rel="alternate" type="' . $format_type . '" hreflang="' . $A['language'] . '" href="' . $baseurl . $A['filename'] . '" title="' . htmlspecialchars($feed_title) . '"' . XHTML . '>'; } } } $header->set_var('feed_url', implode(LB, $feed_url)); // for backward compatibility only - use {feed_url} instead $feed = SYND_getDefaultFeedUrl(); $header->set_var('rdf_file', $feed); $header->set_var('rss_url', $feed); $relLinks = array(); if (COM_onFrontpage()) { $relLinks['canonical'] = '<link rel="canonical" href="' . $_CONF['site_url'] . '/"' . XHTML . '>'; } else { $relLinks['home'] = '<link rel="home" href="' . $_CONF['site_url'] . '/" title="' . $LANG01[90] . '"' . XHTML . '>'; } $loggedInUser = !COM_isAnonUser(); if ($loggedInUser || $_CONF['loginrequired'] == 0 && $_CONF['searchloginrequired'] == 0) { if (substr($_SERVER['PHP_SELF'], -strlen('/search.php')) != '/search.php' || isset($_GET['mode'])) { $relLinks['search'] = '<link rel="search" href="' . $_CONF['site_url'] . '/search.php" title="' . $LANG01[75] . '"' . XHTML . '>'; } } if ($loggedInUser || $_CONF['loginrequired'] == 0 && $_CONF['directoryloginrequired'] == 0) { if (strpos($_SERVER['PHP_SELF'], '/article.php') !== false) { $relLinks['contents'] = '<link rel="contents" href="' . $_CONF['site_url'] . '/directory.php" title="' . $LANG01[117] . '"' . XHTML . '>'; } } if (!$_CONF['disable_webservices']) { $relLinks['service'] = '<link rel="service" ' . 'type="application/atomsvc+xml" ' . 'href="' . $_CONF['site_url'] . '/webservices/atom/?introspection" ' . 'title="' . $LANG01[130] . '"' . XHTML . '>'; } // TBD: add a plugin API and a lib-custom.php function $header->set_var('rel_links', implode(LB, $relLinks)); $pagetitle_siteslogan = false; if (empty($pagetitle)) { if (empty($topic)) { $pagetitle = $_CONF['site_slogan']; $pagetitle_siteslogan = true; } else { $pagetitle = stripslashes(DB_getItem($_TABLES['topics'], 'topic', "tid = '{$topic}'")); } } if (!empty($pagetitle)) { $header->set_var('page_site_splitter', ' - '); } else { $header->set_var('page_site_splitter', ''); } $header->set_var('page_title', $pagetitle); $header->set_var('site_name', $_CONF['site_name']); if (COM_onFrontpage() or $pagetitle_siteslogan) { $title_and_name = $_CONF['site_name']; if (!empty($pagetitle)) { $title_and_name .= ' - ' . $pagetitle; } } else { $title_and_name = ''; if (!empty($pagetitle)) { $title_and_name = $pagetitle . ' - '; } $title_and_name .= $_CONF['site_name']; } $header->set_var('page_title_and_site_name', $title_and_name); COM_setLangIdAndAttribute($header); $header->set_var('background_image', $_CONF['layout_url'] . '/images/bg.' . $_IMAGE_TYPE); $header->set_var('site_mail', "mailto:{$_CONF['site_mail']}"); $header->set_var('site_name', $_CONF['site_name']); $header->set_var('site_slogan', $_CONF['site_slogan']); $msg = rtrim($LANG01[67]) . ' ' . $_CONF['site_name']; if (!empty($_USER['username'])) { $msg .= ', ' . COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']); } $curtime = COM_getUserDateTimeFormat(); $header->set_var('welcome_msg', $msg); $header->set_var('datetime', $curtime[0]); $header->set_var('site_logo', $_CONF['layout_url'] . '/images/logo.' . $_IMAGE_TYPE); $header->set_var('theme', $_CONF['theme']); $header->set_var('charset', COM_getCharset()); $header->set_var('direction', $LANG_DIRECTION); // Now add variables for buttons like e.g. those used by the Yahoo theme $header->set_var('button_home', $LANG_BUTTONS[1]); $header->set_var('button_contact', $LANG_BUTTONS[2]); $header->set_var('button_contribute', $LANG_BUTTONS[3]); $header->set_var('button_sitestats', $LANG_BUTTONS[7]); $header->set_var('button_personalize', $LANG_BUTTONS[8]); $header->set_var('button_search', $LANG_BUTTONS[9]); $header->set_var('button_advsearch', $LANG_BUTTONS[10]); $header->set_var('button_directory', $LANG_BUTTONS[11]); // Get plugin menu options $plugin_menu = PLG_getMenuItems(); if ($_COM_VERBOSE) { COM_errorLog('num plugin menu items in header = ' . count($plugin_menu), 1); } // Now add nested template for menu items COM_renderMenu($header, $plugin_menu); if (count($plugin_menu) == 0) { $header->parse('plg_menu_elements', 'menuitem_none', true); } else { $count_plugin_menu = count($plugin_menu); for ($i = 1; $i <= $count_plugin_menu; $i++) { $header->set_var('menuitem_url', current($plugin_menu)); $header->set_var('menuitem_text', key($plugin_menu)); if ($i == $count_plugin_menu) { $header->parse('plg_menu_elements', 'menuitem_last', true); } else { $header->parse('plg_menu_elements', 'menuitem', true); } next($plugin_menu); } } // Call to plugins to set template variables in the header PLG_templateSetVars('header', $header); if ($_CONF['left_blocks_in_footer'] == 1) { $header->set_var('left_blocks', ''); $header->set_var('geeklog_blocks', ''); } else { $lblocks = ''; /* Check if an array has been passed that includes the name of a plugin * function or custom function * This can be used to take control over what blocks are then displayed */ if (is_array($what)) { $function = $what[0]; if (function_exists($function)) { $lblocks = $function($what[1], 'left'); } else { $lblocks = COM_showBlocks('left', $topic); } } else { if ($what != 'none') { // Now show any blocks -- need to get the topic if not on home page $lblocks = COM_showBlocks('left', $topic); } } if (empty($lblocks)) { $header->set_var('left_blocks', ''); $header->set_var('geeklog_blocks', ''); } else { $header->set_var('geeklog_blocks', $lblocks); $header->parse('left_blocks', 'leftblocks', true); $header->set_var('geeklog_blocks', ''); } } if ($_CONF['right_blocks_in_footer'] == 1) { $header->set_var('right_blocks', ''); $header->set_var('geeklog_blocks', ''); } else { $rblocks = ''; /* Check if an array has been passed that includes the name of a plugin * function or custom function * This can be used to take control over what blocks are then displayed */ if (is_array($what)) { $function = $what[0]; if (function_exists($function)) { $rblocks = $function($what[1], 'right'); } else { $rblocks = COM_showBlocks('right', $topic); } } else { if ($what != 'none') { // Now show any blocks -- need to get the topic if not on home page $rblocks = COM_showBlocks('right', $topic); } } if (empty($rblocks)) { $header->set_var('right_blocks', ''); $header->set_var('geeklog_blocks', ''); } else { $header->set_var('geeklog_blocks', $rblocks, true); $header->parse('right_blocks', 'rightblocks', true); } } // Call any plugin that may want to include extra Meta tags // or Javascript functions $headercode .= PLG_getHeaderCode(); // Meta Tags // 0 = Disabled, 1 = Enabled, 2 = Enabled but default just for homepage if ($_CONF['meta_tags'] > 0) { $meta_description = ''; $meta_keywords = ''; $no_meta_description = 1; $no_meta_keywords = 1; //Find out if the meta tag description or keywords already exist in the headercode if ($headercode != '') { $pattern = '/<meta ([^>]*)name="([^"\'>]*)"([^>]*)/im'; if (preg_match_all($pattern, $headercode, $matches, PREG_SET_ORDER)) { // Loop through all meta tags looking for description and keywords for ($i = 0; $i < count($matches) && ($no_meta_description == 1 || $no_meta_keywords == 1); $i++) { $str_matches = strtolower($matches[$i][0]); $pos = strpos($str_matches, 'name='); if (!(is_bool($pos) && !$pos)) { $name = trim(substr($str_matches, $pos + 5), '"'); $pos = strpos($name, '"'); $name = substr($name, 0, $pos); if (strcasecmp("description", $name) == 0) { $pos = strpos($str_matches, 'content='); if (!(is_bool($pos) && !$pos)) { $no_meta_description = 0; } } if (strcasecmp("keywords", $name) == 0) { $pos = strpos($str_matches, 'content='); if (!(is_bool($pos) && !$pos)) { $no_meta_keywords = 0; } } } } } } if (COM_onFrontpage() && $_CONF['meta_tags'] == 2) { // Display default meta tags only on home page if ($no_meta_description) { $meta_description = $_CONF['meta_description']; } if ($no_meta_keywords) { $meta_keywords = $_CONF['meta_keywords']; } } else { if ($_CONF['meta_tags'] == 1) { // Display default meta tags anywhere there are no tags if ($no_meta_description) { $meta_description = $_CONF['meta_description']; } if ($no_meta_keywords) { $meta_keywords = $_CONF['meta_keywords']; } } } if ($no_meta_description or $no_meta_keywords) { $headercode .= COM_createMetaTags($meta_description, $meta_keywords); } } $headercode = $_SCRIPTS->getHeader() . $headercode; $header->set_var('plg_headercode', $headercode); // The following lines allow users to embed PHP in their templates. This // is almost a contradition to the reasons for using templates but this may // prove useful at times ... // Don't use PHP in templates if you can live without it! $tmp = $header->finish($header->parse('index_header', 'header')); $xml_declaration = ''; if (get_cfg_var('short_open_tag') == '1') { if (preg_match('/(<\\?xml[^>]*>)(.*)/s', $tmp, $match)) { $xml_declaration = $match[1] . LB; $tmp = $match[2]; } } ob_start(); eval('?>' . $tmp); $retval = $xml_declaration . ob_get_contents(); ob_end_clean(); return $retval; }
case 'printtickets': if ($_EV_CONF['enable_rsvp'] && !COM_isAnonUser()) { USES_evlist_class_ticket(); $eid = COM_sanitizeID($_GET['eid'], false); $doc = evTicket::PrintTickets($eid, 0, $_USER['uid']); echo $doc; exit; } else { $content .= 'Function not available'; } break; case 'view': default: if (empty($eid)) { // Default action, view the calendar or event COM_setArgNames(array('eid', 'ts', 'range', 'cat')); $eid = COM_sanitizeID(COM_getArgument('eid'), false); } if (!empty($eid)) { USES_evlist_class_repeat(); $Rep = new evRepeat($eid); $pagetitle = COM_stripslashes($Rep->Event->title); if ($view == 'print') { $template = 'event_print'; $query = ''; } $query = isset($_GET['query']) ? $_GET['query'] : ''; $content .= $Rep->Detail('', $query, $template); } else { // Shouldn't be in this file without an event ID to display or edit echo COM_refresh(EVLIST_URL . '/index.php');
COM_404(); exit; } if (COM_isAnonUser() && $_MG_CONF['loginrequired'] == 1) { $display = MG_siteHeader(); $display .= SEC_loginRequiredForm(); $display .= COM_siteFooter(); echo $display; exit; } require_once $_CONF['path'] . 'plugins/mediagallery/include/init.php'; MG_initAlbums(); /* * Main Function */ COM_setArgNames(array('aid', 'f', 'sort')); $album_id = COM_applyFilter(COM_getArgument('aid'), true); $T = new Template(MG_getTemplatePath($album_id)); $T->set_file(array('page' => 'playall_xspf.thtml')); if ($MG_albums[$album_id]->access == 0) { $display .= COM_showMessageText($LANG_MG00['access_denied_msg'], $LANG_ACCESS['accessdenied'], true); $display .= MG_siteFooter(); echo $display; exit; } $album_title = $MG_albums[$album_id]->title; $album_desc = $MG_albums[$album_id]->description; MG_usage('playalbum', $album_title, '', ''); $birdseed = '<a href="' . $_CONF['site_url'] . '/index.php">' . $LANG_MG03['home'] . '</a> ' . ($_MG_CONF['gallery_only'] == 1 ? '' : $_MG_CONF['seperator'] . ' <a href="' . $_MG_CONF['site_url'] . '/index.php">' . $_MG_CONF['menulabel'] . '</a> ') . $MG_albums[$album_id]->getPath(1, 0, 1); $T->set_var(array('site_url' => $_MG_CONF['site_url'], 'birdseed' => $birdseed, 'pagination' => '<a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $album_id . '&page=1&sort=' . '0' . '">' . $LANG_MG03['return_to_album'] . '</a>', 'album_title' => $album_title, 'album_desc' => $album_desc, 'aid' => $album_id, 'home' => $LANG_MG03['home'], 'return_to_album' => $LANG_MG03['return_to_album'])); /*
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | // | GNU General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +---------------------------------------------------------------------------+ require_once '../lib-common.php'; if (!in_array('banner', $_PLUGINS)) { echo COM_refresh($_CONF['site_url'] . '/index.php'); exit; } // MAIN $url = ''; COM_setArgNames(array('what', 'item')); $what = COM_getArgument('what'); if ($what == 'banner') { $item = COM_applyFilter(COM_getArgument('item')); if (!empty($item)) { // Hack: due to PLG_afterSaveSwitch settings, we may get // an attached &msg - strip it off $i = explode('&', $item); $item = $i[0]; } if (!empty($item)) { $url = DB_getItem($_TABLES['banner'], 'url', "bid = '{$item}' AND (publishstart IS NULL OR publishstart < NOW()) and (publishend IS NULL OR publishend > NOW())"); if (!empty($url)) { DB_change($_TABLES['banner'], 'hits', 'hits + 1', 'bid', $item, '', true); } }
if (!in_array('paypal', $_PLUGINS)) { COM_404(); } // Ensure sufficient privs and dependencies to read this page PAYPAL_access_check(); // Import plugin-specific functions USES_paypal_functions(); // Create a global shopping cart for our use. This allows the cart to be // manipulated in an action and then displayed in a view, without necessarily // having to revisit the database or create a new cart. USES_paypal_class_cart(); $ppGCart = new ppCart(); // First try to get the SEO-friendly arguments. A single "action" and "id" // will probably be the most common anyway. If that fails, go through all // the possibilies for actions that might come from submit buttons, etc. COM_setArgNames(array('action', 'id')); $action = COM_getArgument('action'); $actionval = ''; if (!empty($action)) { $id = COM_sanitizeID(COM_getArgument('id')); } else { $expected = array('updatecart', 'checkout', 'searchcat', 'savebillto', 'saveshipto', 'updatecart', 'emptycart', 'addcartitem', 'addcartitem_x', 'checkoutcart', 'processorder', 'thanks', 'action', 'order', 'view', 'detail', 'printorder', 'orderhist'); $action = 'view'; foreach ($expected as $provided) { if (isset($_POST[$provided])) { $action = $provided; $actionval = $_POST[$provided]; break; } elseif (isset($_GET[$provided])) { $action = $provided; $actionval = $_GET[$provided];
// +---------------------------------------------------------------------------+ /** * For really strict webhosts, this file an be used to show images in pages that * serve the images from outside of the webtree to a place that the webserver * user can actually write too * * @author Tony Bibbs, tony AT tonybibbs DOT com * */ require_once 'lib-common.php'; require_once $_CONF['path_system'] . 'classes/downloader.class.php'; $downloader = new downloader(); $downloader->setLogFile($_CONF['path_log'] . 'error.log'); $downloader->setLogging(true); $downloader->setAllowedExtensions(array('gif' => 'image/gif', 'jpg' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'png' => 'image/png', 'png' => 'image/x-png')); COM_setArgNames(array('mode', 'image')); $mode = COM_applyFilter(COM_getArgument('mode')); $image = COM_applyFilter(COM_getArgument('image')); if (strstr($image, '..')) { // Can you believe this, some jackass tried to relative pathing to access // files they shouldn't have access to? COM_accessLog('Someone tried to illegally access files using getimage.php'); exit; } // Set the path properly switch ($mode) { case 'show': case 'articles': $downloader->setPath($_CONF['path_images'] . 'articles/'); break; case 'topics':
$sid = COM_applyFilter($_POST['story']); $mode = COM_applyFilter($_POST['mode']); if (isset($_POST['order'])) { $order = COM_applyFilter($_POST['order']); } if (isset($_POST['query'])) { $query = $_POST['query']; } if (isset($_POST['reply'])) { $reply = COM_applyFilter($_POST['reply']); } if (isset($_POST['cpage'])) { $page = COM_applyFilter($_POST['cpage'], true); } } else { COM_setArgNames(array('story', 'mode')); $sid = COM_applyFilter(COM_getArgument('story')); $mode = COM_applyFilter(COM_getArgument('mode')); if (isset($_GET['order'])) { $order = COM_applyFilter($_GET['order']); } if (isset($_GET['query'])) { $query = $_GET['query']; } if (isset($_GET['reply'])) { $reply = COM_applyFilter($_GET['reply']); } if (isset($_GET['cpage'])) { $page = COM_applyFilter($_GET['cpage'], true); } }
$urlpart = substr_replace($urlpart, $newlang, -$lang_len); } $retval = $urlpart . $extra_vars; } return $retval; } // MAIN $ret_url = ''; if (isset($_SERVER['HTTP_REFERER'])) { if (strpos($_SERVER['HTTP_REFERER'], $_CONF['site_url']) !== false) { $ret_url = $_SERVER['HTTP_REFERER']; } } // if not allowed, just ignore and return if ($_CONF['allow_user_language'] == 1) { COM_setArgNames(array('lang')); $lang = strtolower(COM_applyFilter(COM_getArgument('lang'))); $lang = preg_replace('/[^a-z0-9\\-_]/', '', $lang); $oldlang = COM_getLanguageId(); // do we really have a new language to switch to? if (!empty($lang) && array_key_exists($lang, $_CONF['language_files'])) { // does such a language file exist? $langfile = $_CONF['language_files'][$lang]; if (is_file($_CONF['path_language'] . $langfile . '.php')) { // Set the language cookie. // Mainly used for anonymous users so the rest of their session // will remain in the selected language setcookie($_CONF['cookie_language'], $langfile, time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']); // if user is not anonymous, store the preference in the database if (!COM_isAnonUser()) { DB_query("UPDATE {$_TABLES['users']} SET language = '{$langfile}' WHERE uid = {$_USER['uid']}");
//public_html/data.php?id=1&m=id&template=yyyy //public_html/data.php?code=xxxx_en&m=code&template=yyyy $url_rewrite = false; $q = false; $url = $_SERVER["REQUEST_URI"]; if ($_CONF['url_rewrite']) { $q = strpos($url, '?'); if ($q === false) { $url_rewrite = true; } elseif (substr($url, $q - 4, 4) != '.php') { $url_rewrite = true; } } // if ($url_rewrite) { COM_setArgNames(array('idcode', 'm', 'template', $dummy1)); $m = COM_applyFilter(COM_getArgument('m')); $template = COM_applyFilter(COM_getArgument('template')); //code 使用の時 if ($m === "code") { $id = 0; $code = COM_applyFilter(COM_getArgument('idcode')); } elseif ($m === "id") { $id = COM_applyFilter(COM_getArgument('idcode'), true); $code = ""; } else { $id = 0; $code = ""; } } else { $m = COM_applyFilter($_GET['m']);
// 引数 //public_html/page.php?code=xxxx&template=yyyy $url_rewrite = false; $q = false; $url = $_SERVER["REQUEST_URI"]; if ($_CONF['url_rewrite']) { $q = strpos($url, '?'); if ($q === false) { $url_rewrite = true; } elseif (substr($url, $q - 4, 4) != '.php') { $url_rewrite = true; } } // if ($url_rewrite) { COM_setArgNames(array('code', 'template', 'dummy1', 'dummy2')); $code = COM_applyFilter(COM_getArgument('code')); $template = COM_applyFilter(COM_getArgument('template')); } else { $code = COM_applyFilter($_GET['code']); $template = COM_applyFilter($_GET['template']); } $msg = ''; if (isset($_GET['msg'])) { $msg = COM_applyFilter($_GET['msg'], true); } $display = ''; $information = array(); // 'コメントを追加', if (isset($_POST['reply']) && $_POST['reply'] == $LANG01[25]) { $display .= COM_refresh($_CONF['site_url'] . '/comment.php?sid=' . $_POST['pid'] . '&pid=' . $_POST['pid'] . '&type=' . $_POST['type']);
/** * Returns the site footer * * This loads the proper templates, does variable substitution and returns the * HTML for the site footer. * * @param boolean $rightblock Whether or not to show blocks on right hand side default is no * @param array $custom An array defining custom function to be used to format Rightblocks * @see function COM_siteHeader * @return string Formated HTML containing site footer and optionally right blocks * */ function COM_siteFooter($rightblock = -1, $custom = '') { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG12, $LANG_BUTTONS, $LANG_DIRECTION, $_IMAGE_TYPE, $topic, $_COM_VERBOSE, $_PAGE_TIMER, $theme_what, $theme_pagetitle, $theme_headercode, $theme_layout, $_LOGO, $uiStyles; COM_hit(); if (isset($blockInterface['right'])) { $currentURL = COM_getCurrentURL(); if (strpos($currentURL, $_CONF['site_admin_url']) === 0) { if ($blockInterface['right']['location'] == 'right' || $blockInterface['right']['location'] == 'left') { $rightblocks = -1; } } } $function = $_USER['theme'] . '_siteFooter'; if (function_exists($function)) { return $function($rightblock, $custom); } $dt = new Date('now', $_USER['tzid']); $what = $theme_what; $pagetitle = $theme_pagetitle; $themecode = $theme_headercode; // Grab any content that was cached by the system $content = ob_get_contents(); ob_end_clean(); $theme = new Template($_CONF['path_layout']); $theme->set_file(array('header' => 'header.thtml', 'footer' => 'footer.thtml', 'leftblocks' => 'leftblocks.thtml', 'rightblocks' => 'rightblocks.thtml')); $theme->set_var('num_search_results', $_CONF['num_search_results']); // get topic if not on home page if (!isset($_GET['topic'])) { if (isset($_GET['story'])) { $sid = COM_applyFilter($_GET['story']); } elseif (isset($_GET['sid'])) { $sid = COM_applyFilter($_GET['sid']); } elseif (isset($_POST['story'])) { $sid = COM_applyFilter($_POST['story']); } if (empty($sid) && $_CONF['url_rewrite'] && strpos($_SERVER['PHP_SELF'], 'article.php') !== false) { COM_setArgNames(array('story', 'mode')); $sid = COM_applyFilter(COM_getArgument('story')); } if (!empty($sid)) { $topic = DB_getItem($_TABLES['stories'], 'tid', "sid='" . DB_escapeString($sid) . "'"); } } else { $topic = COM_applyFilter($_GET['topic']); } $loggedInUser = !COM_isAnonUser(); $theme->set_var('site_name', $_CONF['site_name']); $theme->set_var('background_image', $_CONF['layout_url'] . '/images/bg.' . $_IMAGE_TYPE); $theme->set_var('site_mail', "mailto:{$_CONF['site_mail']}"); if ($_LOGO['display_site_slogan']) { $theme->set_var('site_slogan', $_CONF['site_slogan']); } $msg = $LANG01[67] . ' ' . $_CONF['site_name']; if (!empty($_USER['username']) && !COM_isAnonUser()) { $msg .= ', ' . COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']); } $curtime = $dt->format($dt->getUserFormat(), true); $theme->set_var('welcome_msg', $msg); $theme->set_var('datetime', $curtime); if ($_LOGO['use_graphic_logo'] == 1 && file_exists($_CONF['path_html'] . '/images/' . $_LOGO['logo_name'])) { $L = new Template($_CONF['path_layout']); $L->set_file(array('logo' => 'logo-graphic.thtml')); $imgInfo = @getimagesize($_CONF['path_html'] . '/images/' . $_LOGO['logo_name']); $dimension = $imgInfo[3]; $L->set_var('site_name', $_CONF['site_name']); $site_logo = $_CONF['site_url'] . '/images/' . $_LOGO['logo_name']; $L->set_var('site_logo', $site_logo); $L->set_var('dimension', $dimension); if ($imgInfo[1] != 100) { $delta = 100 - $imgInfo[1]; $newMargin = $delta; $L->set_var('delta', 'style="padding-top:' . $newMargin . 'px;"'); } else { $L->set_var('delta', ''); } if ($_LOGO['display_site_slogan']) { $L->set_var('site_slogan', $_CONF['site_slogan']); } $L->parse('output', 'logo'); $theme->set_var('logo_block', $L->finish($L->get_var('output'))); } else { if ($_LOGO['use_graphic_logo'] == 0) { $L = new Template($_CONF['path_layout']); $L->set_file(array('logo' => 'logo-text.thtml')); $L->set_var('site_name', $_CONF['site_name']); if ($_LOGO['display_site_slogan']) { $L->set_var('site_slogan', $_CONF['site_slogan']); } $L->parse('output', 'logo'); $theme->set_var('logo_block', $L->finish($L->get_var('output'))); } else { $theme->set_var('logo_block', ''); } } $theme->set_var('site_logo', $_CONF['layout_url'] . '/images/logo.' . $_IMAGE_TYPE); $theme->set_var(array('lang_login' => $LANG01[58], 'lang_myaccount' => $LANG01[48], 'lang_logout' => $LANG01[35], 'lang_newuser' => $LANG12[3])); $menu_navigation = displayMenu('navigation'); $menu_footer = displayMenu('footer'); $menu_header = displayMenu('header'); $theme->set_var(array('menu_navigation' => $menu_navigation, 'menu_footer' => $menu_footer, 'menu_header' => $menu_header, 'st_hmenu' => $menu_navigation, 'st_footer_menu' => $menu_footer, 'st_header_menu' => $menu_header)); $lblocks = ''; /* Check if an array has been passed that includes the name of a plugin * function or custom function * This can be used to take control over what blocks are then displayed */ if (is_array($what)) { $function = $what[0]; if (function_exists($function)) { $lblocks = $function($what[1], 'left'); } else { $lblocks = COM_showBlocks('left', $topic); } } else { if ($what != 'none') { // Now show any blocks -- need to get the topic if not on home page $lblocks = COM_showBlocks('left', $topic); } } /* Now build footer */ if (empty($lblocks)) { $theme->set_var('left_blocks', ''); $theme->set_var('glfusion_blocks', ''); } else { $theme->set_var('glfusion_blocks', $lblocks); } // Do variable assignments $theme->set_var('site_mail', "mailto:{$_CONF['site_mail']}"); $theme->set_var('site_slogan', $_CONF['site_slogan']); $rdf = substr_replace($_CONF['rdf_file'], $_CONF['site_url'], 0, strlen($_CONF['path_html']) - 1) . LB; $theme->set_var('rdf_file', $rdf); $theme->set_var('rss_url', $rdf); $year = date('Y'); $copyrightyear = $year; if (!empty($_CONF['copyrightyear'])) { if ($year == $_CONF['copyrightyear']) { $copyrightyear = $_CONF['copyrightyear']; } else { $copyrightyear = $_CONF['copyrightyear'] . " - " . $year; } } $theme->set_var('copyright_notice', $LANG01[93] . ' © ' . $copyrightyear . ' ' . $_CONF['site_name'] . ' • ' . $LANG01[94]); $theme->set_var('copyright_msg', $LANG01[93] . ' © ' . $copyrightyear . ' ' . $_CONF['site_name']); $theme->set_var('current_year', $year); $theme->set_var('lang_copyright', $LANG01[93]); $theme->set_var('trademark_msg', $LANG01[94]); $theme->set_var('powered_by', $LANG01[95]); $theme->set_var('glfusion_url', 'http://www.glfusion.org/'); $theme->set_var('glfusion_version', GVERSION); $theme->set_var('direction', empty($LANG_DIRECTION) ? 'ltr' : $LANG_DIRECTION); /* Check if an array has been passed that includes the name of a plugin * function or custom function. * This can be used to take control over what blocks are then displayed */ if (is_array($custom)) { $function = $custom['0']; if (function_exists($function)) { $rblocks = $function($custom['1'], 'right'); } } elseif ($rightblock == 1 || $_CONF['show_right_blocks'] == 1) { $rblocks = ''; $rblocks = COM_showBlocks('right', $topic); if (empty($rblocks)) { $theme->set_var('glfusion_rblocks', ''); $theme->set_var('right_blocks', ''); if (empty($lblocks)) { // using full_content $theme->set_var('centercolumn', $uiStyles['full_content']['content_class']); } else { // using left_content $theme->set_var('centercolumn', $uiStyles['left_content']['content_class']); $theme->set_var('footercolumn-l', $uiStyles['left_content']['left_class']); } } else { $theme->set_var('glfusion_rblocks', $rblocks); if (empty($lblocks)) { // using content_right $theme->set_var('centercolumn', $uiStyles['content_right']['content_class']); $theme->set_var('footercolumn-r', $uiStyles['content_right']['right_class']); } else { // using left_content_right $theme->set_var('centercolumn', $uiStyles['left_content_right']['content_class']); $theme->set_var('footercolumn-l', $uiStyles['left_content_right']['left_class']); $theme->set_var('footercolumn-r', $uiStyles['left_content_right']['right_class']); } } } else { $theme->set_var('glfusion_rblocks', ''); $theme->set_var('right_blocks', ''); if (empty($lblocks)) { // using full content $theme->set_var('centercolumn', $uiStyles['full_content']['content_class']); } else { // using left_content $theme->set_var('centercolumn', $uiStyles['left_content']['content_class']); $theme->set_var('footercolumn-l', $uiStyles['left_content']['left_class']); } } if (!empty($lblocks)) { $theme->parse('left_blocks', 'leftblocks', true); $theme->set_var('glfusion_blocks', ''); } if (!empty($rblocks)) { $theme->parse('right_blocks', 'rightblocks', true); $theme->set_var('glfusion_rblocks', ''); } $exectime = $_PAGE_TIMER->stopTimer(); $exectext = $LANG01[91] . ' ' . $exectime . ' ' . $LANG01[92]; $theme->set_var('execution_time', $exectime); $theme->set_var('execution_textandtime', $exectext); $theme->set_var('content', $content); // grab header data from outputHandler $outputHandle = outputHandler::getInstance(); $theme->set_var(array('meta-header' => $outputHandle->renderHeader('meta'), 'css-header' => $outputHandle->renderHeader('style'), 'js-header' => $outputHandle->renderHeader('script'), 'raw-header' => $outputHandle->renderHeader('raw'))); if (SESS_isSet('glfusion.infoblock')) { $msgArray = @unserialize(SESS_getVar('glfusion.infoblock')); $msgTxt = COM_showMessageText($msgArray['msg'], '', $persist = false, $msgArray['type']); $theme->set_var('info_block', $msgTxt); SESS_unSet('glfusion.infoblock'); } // Call to plugins to set template variables in the footer PLG_templateSetVars('header', $theme); PLG_templateSetVars('footer', $theme); // Actually parse the template and make variable substitutions $theme->parse('index_footer', 'footer'); $tmp = $theme->finish($theme->parse('index_header', 'header')); echo $tmp; // send the header.thtml $retval = $theme->finish($theme->get_var('index_footer')); _js_out(); _css_out(); return $retval; }
} // allow_anon_view is set by functions.inc if global login_required is on if (COM_isAnonUser() && $_EV_CONF['allow_anon_view'] != '1') { $content = COM_siteHeader(); $content .= SEC_loginRequiredForm(); $content .= COM_siteFooter(); echo $content; exit; } USES_evlist_functions(); USES_evlist_views(); //var_dump($_GET);die; /* * MAIN */ COM_setArgNames(array('view', 'range', 'cat')); if (isset($_GET['view'])) { $view = COM_applyFilter($_GET['view']); } elseif (isset($_POST['view'])) { $view = COM_applyFilter($_POST['view']); } else { $view = COM_applyFilter(COM_getArgument('view')); } /*if (empty($view)) { $view = isset($_EV_CONF['default_view']) ? $_EV_CONF['default_view'] : ''; }*/ if (isset($_GET['range'])) { $range = COM_applyFilter($_GET['range'], true); } elseif (isset($_POST['range'])) { $range = COM_applyFilter($_POST['range'], true); } else {
/** * Display a Static Page * * @package StaticPages * @subpackage public_html */ /** * Geeklog common function library */ require_once '../lib-common.php'; if (!in_array('staticpages', $_PLUGINS)) { COM_handle404(); exit; } // MAIN COM_setArgNames(array('page', 'disp_mode')); $page = COM_applyFilter(COM_getArgument('page')); $display_mode = COM_applyFilter(COM_getArgument('disp_mode')); $query = ''; if (isset($_REQUEST['query'])) { $query = COM_applyfilter($_GET['query']); } TOPIC_getTopic('staticpages', $page); // from comments display refresh: if (isset($_REQUEST['order'])) { $comment_order = COM_applyFilter($_REQUEST['order']); $comment_mode = COM_applyFilter($_REQUEST['mode']); if (isset($_REQUEST['cpage'])) { $comment_page = COM_applyFilter($_REQUEST['cpage']); } if (strcasecmp($comment_order, 'ASC') != 0 && strcasecmp($comment_order, 'DESC') != 0) {
// 引数 //public_html/content.php?code=xxxx&template=yyyy $url_rewrite = false; $q = false; $url = $_SERVER["REQUEST_URI"]; if ($_CONF['url_rewrite']) { $q = strpos($url, '?'); if ($q === false) { $url_rewrite = true; } elseif (substr($url, $q - 4, 4) != '.php') { $url_rewrite = true; } } // if ($url_rewrite) { COM_setArgNames(array('code', 'template')); $code = COM_applyFilter(COM_getArgument('code')); $template = COM_applyFilter(COM_getArgument('template')); } else { $code = COM_applyFilter($_GET['code']); $template = COM_applyFilter($_GET['template']); } //ログイン要否チェック if (COM_isAnonUser()) { if ($_CONF['loginrequired'] or $_USERBOX_CONF['loginrequired'] == 3 or $_USERBOX_CONF['loginrequired'] == 2 or $_USERBOX_CONF['loginrequired'] == 1) { echo $LANG_USERBOX['loginrequired']; exit; } } $id = 0; $retval = userbox_profile($id, $template, "yes", "", $code);
require_once $_CONF['path_system'] . 'lib-trackback.php'; // Note: Error messages are hard-coded in English since there is no way of // knowing which language the sender of the trackback ping may prefer. $TRB_ERROR = array('not_enabled' => 'Trackback not enabled.', 'illegal_request' => 'Illegal request.', 'no_access' => 'You do not have access to this entry.'); if (!$_CONF['trackback_enabled']) { TRB_sendTrackbackResponse(1, $TRB_ERROR['not_enabled']); exit; } if (isset($_SERVER['REQUEST_METHOD'])) { // Trackbacks are only allowed as POST requests if ($_SERVER['REQUEST_METHOD'] != 'POST') { header('Allow: POST'); COM_displayMessageAndAbort(75, '', 405, 'Method Not Allowed'); } } COM_setArgNames(array('id', 'type')); $id = COM_applyFilter(COM_getArgument('id')); $type = COM_applyFilter(COM_getArgument('type')); if (empty($id)) { TRB_sendTrackbackResponse(1, $TRB_ERROR['illegal_request']); exit; } if (empty($type)) { $type = 'article'; } if ($type == 'article') { // check if they have access to this story $sid = DB_escapeString($id); $result = DB_query("SELECT trackbackcode FROM {$_TABLES['stories']} WHERE (sid = '{$sid}') AND (date <= NOW()) AND (draft_flag = 0)" . COM_getPermSql('AND') . COM_getTopicSql('AND')); if (DB_numRows($result) == 1) { $A = DB_fetchArray($result);
// | but WITHOUT ANY WARRANTY; without even the implied warranty of | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | // | GNU General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +---------------------------------------------------------------------------+ require_once '../lib-common.php'; if (!in_array('tag', $_PLUGINS)) { COM_output(COM_refresh($_CONF['site_url'] . '/index.php')); exit; } // Retrieves request vars COM_setArgNames(array('tag')); $tag = COM_getArgument('tag'); /** * Display */ $T = new Template($_CONF['path'] . 'plugins/tag/templates'); $T->set_file('page', 'index.thtml'); $T->set_var('xhtml', XHTML); // Lang vars $lang_vars = array('tag_list'); foreach ($lang_vars as $lang_var) { $T->set_var('lang_' . $lang_var, TAG_str($lang_var)); } // Tag cloud $T->set_var('tag_cloud', TAG_getTagCloud($_TAG_CONF['max_tag_cloud'], false)); // Other tags
// | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +---------------------------------------------------------------------------+ require_once '../../../lib-common.php'; require_once '../../auth.inc.php'; require_once $_CONF['path'] . 'plugins/downloads/include/functions.php'; if (!SEC_hasRights('downloads.edit')) { $display = COM_showMessageText($MESSAGE[29], $MESSAGE[30]); $display = DLM_createHTMLDocument($display, array('pagetitle' => $MESSAGE[30])); COM_accessLog("User {$_USER['username']} tried to illegally access the downloads temporary file."); COM_output($display); exit; } COM_setArgNames(array('id')); $lid = addslashes(COM_applyFilter(COM_getArgument('id'))); $result = DB_query("SELECT url, date FROM {$_TABLES['downloadsubmission']} WHERE lid='{$lid}'"); list($url, $date) = DB_fetchArray($result); $filepath = $_DLM_CONF['path_filestore'] . 'tmp' . date('YmdHis', $date) . DLM_createSafeFileName($url); if (file_exists($filepath)) { header('Content-Disposition: attachment; filename="' . $url . '"'); header('Content-Type: application/octet-stream'); header('Content-Description: File Transfer'); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($filepath)); ob_clean(); flush();
//public_html/attribute.php?id=1&m=id&value=27&template=yyyy //public_html/attribute.php?code=xxxx&m=code&value=27&template=yyyy $url_rewrite = false; $q = false; $url = $_SERVER["REQUEST_URI"]; if ($_CONF['url_rewrite']) { $q = strpos($url, '?'); if ($q === false) { $url_rewrite = true; } elseif (substr($url, $q - 4, 4) != '.php') { $url_rewrite = true; } } // if ($url_rewrite) { COM_setArgNames(array('idcode', 'm', 'value', 'template')); $m = COM_applyFilter(COM_getArgument('m')); if ($m === "code") { $id = 0; $code = COM_applyFilter(COM_getArgument('idcode')); } else { $id = COM_applyFilter(COM_getArgument('idcode'), true); $code = 0; } $value = COM_applyFilter(COM_getArgument('value')); $template = COM_applyFilter(COM_getArgument('template')); } else { $id = COM_applyFilter($_GET['id'], true); $code = COM_applyFilter($_GET['code']); $value = COM_applyFilter($_GET['value']); $template = COM_applyFilter($_GET['template']);