Beispiel #1
0
    } elseif ($year != 0) {
        $parts .= "&year={$year}";
    } elseif ($dir_topic === 'all') {
        $tp = '';
    }
    $url = COM_buildURL($script . $tp . $parts);
    return '<link rel="canonical" href="' . $url . '"' . XHTML . '>' . LB;
}
// MAIN
$display = '';
if (isset($_POST['topic']) && isset($_POST['year']) && isset($_POST['month'])) {
    $dir_topic = $_POST['topic'];
    $year = $_POST['year'];
    $month = $_POST['month'];
} else {
    COM_setArgNames(array('topic', 'year', 'month'));
    $dir_topic = COM_getArgument('topic');
    $year = COM_getArgument('year');
    $month = COM_getArgument('month');
}
$dir_topic = COM_applyFilter($dir_topic);
if (empty($dir_topic)) {
    $dir_topic = 'all';
}
// Topic stuff already set in lib-common but need to double check if URL_Write is_a enabled
//Set topic for rest of site
if ($dir_topic === 'all') {
    $topic = '';
} else {
    $topic = $dir_topic;
}
Beispiel #2
0
    $loginreq = new Template($_CONF['path_layout'] . 'submit');
    $loginreq->set_file('loginreq', 'submitloginrequired.thtml');
    $loginreq->set_var('xhtml', XHTML);
    $loginreq->set_var('layout_url', $_CONF['layout_url']);
    $loginreq->set_var('login_message', $LANG_LOGIN[2]);
    $loginreq->set_var('lang_login', $LANG_LOGIN[3]);
    $loginreq->set_var('lang_newuser', $LANG_LOGIN[4]);
    $loginreq->parse('errormsg', 'loginreq');
    $display .= $loginreq->finish($loginreq->get_var('errormsg'));
    $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
    $display .= CLASSIFIEDS_siteFooter(true);
    echo $display;
    exit;
}
// Retrieve and sanitize input variables.  Typically _GET, but may be _POSTed.
COM_setArgNames(array('mode', 'id', 'page', 'query'));
// Get any message ID
if (isset($_REQUEST['msg'])) {
    $msg = COM_applyFilter($_REQUEST['msg']);
} else {
    $msg = '';
}
if (isset($_REQUEST['mode'])) {
    $mode = COM_applyFilter($_REQUEST['mode']);
} else {
    $mode = COM_getArgument('mode');
}
if (isset($_REQUEST['id'])) {
    $id = COM_sanitizeID($_REQUEST['id']);
} else {
    $id = COM_applyFilter(COM_getArgument('id'));
Beispiel #3
0
/**
* Returns the site header
*
* This loads the proper templates, does variable substitution and returns the
* HTML for the site header with or without blocks depending on the value of $what
*
* Programming Note:
*
* The two functions COM_siteHeader and COM_siteFooter provide the framework for
* page display in Geeklog.  COM_siteHeader controls the display of the Header
* and left blocks and COM_siteFooter controls the dsiplay of the right blocks
* and the footer.  You use them like a sandwich.  Thus the following code will
* display a Geeklog page with both right and left blocks displayed.
*
* <code>
* <?php
* require_once 'lib-common.php';
* // Change to COM_siteHeader('none') to not display left blocks
* $display .= COM_siteHeader();
* $display .= "Here is your html for display";
* // Change to COM_siteFooter() to not display right blocks
* $display .= COM_siteFooter(true);
* echo $display;
* ? >
* </code>
*
* Note that the default for the header is to display the left blocks and the
* default of the footer is to not display the right blocks.
*
* This sandwich produces code like this (greatly simplified)
* <code>
* // COM_siteHeader
* <table><tr><td colspan="3">Header</td></tr>
* <tr><td>Left Blocks</td><td>
*
* // Your HTML goes here
* Here is your html for display
*
* // COM_siteFooter
* </td><td>Right Blocks</td></tr>
* <tr><td colspan="3">Footer</td></table>
* </code>
*
* @param    string  $what       If 'none' then no left blocks are returned, if 'menu' (default) then right blocks are returned
* @param    string  $pagetitle  optional content for the page's <title>
* @param    string  $headercode optional code to go into the page's <head>
* @return   string              Formatted HTML containing the site header
* @see function COM_siteFooter
*
*/
function COM_siteHeader($what = 'menu', $pagetitle = '', $headercode = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG_BUTTONS, $LANG_DIRECTION, $_IMAGE_TYPE, $topic, $_COM_VERBOSE, $_SCRIPTS;
    // If the theme implemented this for us then call their version instead.
    $function = $_CONF['theme'] . '_siteHeader';
    if (function_exists($function)) {
        return $function($what, $pagetitle, $headercode);
    }
    // If we reach here then either we have the default theme OR
    // the current theme only needs the default variable substitutions
    switch ($_CONF['doctype']) {
        case 'html401transitional':
            $doctype = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">';
            break;
        case 'html401strict':
            $doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">';
            break;
        case 'xhtml10transitional':
            $doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';
            break;
        case 'xhtml10strict':
            $doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">';
            break;
        default:
            // fallback: HTML 4.01 Transitional w/o system identifier
            $doctype = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">';
            break;
    }
    // send out the charset header
    header('Content-Type: text/html; charset=' . COM_getCharset());
    if (!empty($_CONF['frame_options'])) {
        header('X-FRAME-OPTIONS: ' . $_CONF['frame_options']);
    }
    $header = COM_newTemplate($_CONF['path_layout']);
    $header->set_file(array('header' => 'header.thtml', 'menuitem' => 'menuitem.thtml', 'menuitem_last' => 'menuitem_last.thtml', 'menuitem_none' => 'menuitem_none.thtml', 'leftblocks' => 'leftblocks.thtml', 'rightblocks' => 'rightblocks.thtml'));
    $header->postprocess_fn = 'PLG_replaceTags';
    $header->set_var('doctype', $doctype);
    if (XHTML == '') {
        $header->set_var('xmlns', '');
    } else {
        $header->set_var('xmlns', ' xmlns="http://www.w3.org/1999/xhtml"');
    }
    // get topic if not on home page
    if (!isset($_GET['topic'])) {
        if (isset($_GET['story'])) {
            $sid = COM_applyFilter($_GET['story']);
        } elseif (isset($_GET['sid'])) {
            $sid = COM_applyFilter($_GET['sid']);
        } elseif (isset($_POST['story'])) {
            $sid = COM_applyFilter($_POST['story']);
        }
        if (empty($sid) && $_CONF['url_rewrite'] && strpos($_SERVER['PHP_SELF'], 'article.php') !== false) {
            COM_setArgNames(array('story', 'mode'));
            $sid = COM_applyFilter(COM_getArgument('story'));
        }
        if (!empty($sid)) {
            $topic = DB_getItem($_TABLES['stories'], 'tid', "sid='{$sid}'");
        }
    } else {
        $topic = COM_applyFilter($_GET['topic']);
    }
    $feed_url = array();
    if ($_CONF['backend'] == 1) {
        $baseurl = SYND_getFeedUrl();
        $sql = 'SELECT format, filename, title, language FROM ' . $_TABLES['syndication'] . " WHERE (header_tid = 'all')";
        if (!empty($topic)) {
            $sql .= " OR (header_tid = '" . addslashes($topic) . "')";
        }
        $result = DB_query($sql);
        $numRows = DB_numRows($result);
        for ($i = 0; $i < $numRows; $i++) {
            $A = DB_fetchArray($result);
            if (!empty($A['filename'])) {
                $format_type = SYND_getMimeType($A['format']);
                $format_name = SYND_getFeedType($A['format']);
                $feed_title = $format_name . ' Feed: ' . $A['title'];
                $feed_url[] = '<link rel="alternate" type="' . $format_type . '" hreflang="' . $A['language'] . '" href="' . $baseurl . $A['filename'] . '" title="' . htmlspecialchars($feed_title) . '"' . XHTML . '>';
            }
        }
    }
    $header->set_var('feed_url', implode(LB, $feed_url));
    // for backward compatibility only - use {feed_url} instead
    $feed = SYND_getDefaultFeedUrl();
    $header->set_var('rdf_file', $feed);
    $header->set_var('rss_url', $feed);
    $relLinks = array();
    if (COM_onFrontpage()) {
        $relLinks['canonical'] = '<link rel="canonical" href="' . $_CONF['site_url'] . '/"' . XHTML . '>';
    } else {
        $relLinks['home'] = '<link rel="home" href="' . $_CONF['site_url'] . '/" title="' . $LANG01[90] . '"' . XHTML . '>';
    }
    $loggedInUser = !COM_isAnonUser();
    if ($loggedInUser || $_CONF['loginrequired'] == 0 && $_CONF['searchloginrequired'] == 0) {
        if (substr($_SERVER['PHP_SELF'], -strlen('/search.php')) != '/search.php' || isset($_GET['mode'])) {
            $relLinks['search'] = '<link rel="search" href="' . $_CONF['site_url'] . '/search.php" title="' . $LANG01[75] . '"' . XHTML . '>';
        }
    }
    if ($loggedInUser || $_CONF['loginrequired'] == 0 && $_CONF['directoryloginrequired'] == 0) {
        if (strpos($_SERVER['PHP_SELF'], '/article.php') !== false) {
            $relLinks['contents'] = '<link rel="contents" href="' . $_CONF['site_url'] . '/directory.php" title="' . $LANG01[117] . '"' . XHTML . '>';
        }
    }
    if (!$_CONF['disable_webservices']) {
        $relLinks['service'] = '<link rel="service" ' . 'type="application/atomsvc+xml" ' . 'href="' . $_CONF['site_url'] . '/webservices/atom/?introspection" ' . 'title="' . $LANG01[130] . '"' . XHTML . '>';
    }
    // TBD: add a plugin API and a lib-custom.php function
    $header->set_var('rel_links', implode(LB, $relLinks));
    $pagetitle_siteslogan = false;
    if (empty($pagetitle)) {
        if (empty($topic)) {
            $pagetitle = $_CONF['site_slogan'];
            $pagetitle_siteslogan = true;
        } else {
            $pagetitle = stripslashes(DB_getItem($_TABLES['topics'], 'topic', "tid = '{$topic}'"));
        }
    }
    if (!empty($pagetitle)) {
        $header->set_var('page_site_splitter', ' - ');
    } else {
        $header->set_var('page_site_splitter', '');
    }
    $header->set_var('page_title', $pagetitle);
    $header->set_var('site_name', $_CONF['site_name']);
    if (COM_onFrontpage() or $pagetitle_siteslogan) {
        $title_and_name = $_CONF['site_name'];
        if (!empty($pagetitle)) {
            $title_and_name .= ' - ' . $pagetitle;
        }
    } else {
        $title_and_name = '';
        if (!empty($pagetitle)) {
            $title_and_name = $pagetitle . ' - ';
        }
        $title_and_name .= $_CONF['site_name'];
    }
    $header->set_var('page_title_and_site_name', $title_and_name);
    COM_setLangIdAndAttribute($header);
    $header->set_var('background_image', $_CONF['layout_url'] . '/images/bg.' . $_IMAGE_TYPE);
    $header->set_var('site_mail', "mailto:{$_CONF['site_mail']}");
    $header->set_var('site_name', $_CONF['site_name']);
    $header->set_var('site_slogan', $_CONF['site_slogan']);
    $msg = rtrim($LANG01[67]) . ' ' . $_CONF['site_name'];
    if (!empty($_USER['username'])) {
        $msg .= ', ' . COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
    }
    $curtime = COM_getUserDateTimeFormat();
    $header->set_var('welcome_msg', $msg);
    $header->set_var('datetime', $curtime[0]);
    $header->set_var('site_logo', $_CONF['layout_url'] . '/images/logo.' . $_IMAGE_TYPE);
    $header->set_var('theme', $_CONF['theme']);
    $header->set_var('charset', COM_getCharset());
    $header->set_var('direction', $LANG_DIRECTION);
    // Now add variables for buttons like e.g. those used by the Yahoo theme
    $header->set_var('button_home', $LANG_BUTTONS[1]);
    $header->set_var('button_contact', $LANG_BUTTONS[2]);
    $header->set_var('button_contribute', $LANG_BUTTONS[3]);
    $header->set_var('button_sitestats', $LANG_BUTTONS[7]);
    $header->set_var('button_personalize', $LANG_BUTTONS[8]);
    $header->set_var('button_search', $LANG_BUTTONS[9]);
    $header->set_var('button_advsearch', $LANG_BUTTONS[10]);
    $header->set_var('button_directory', $LANG_BUTTONS[11]);
    // Get plugin menu options
    $plugin_menu = PLG_getMenuItems();
    if ($_COM_VERBOSE) {
        COM_errorLog('num plugin menu items in header = ' . count($plugin_menu), 1);
    }
    // Now add nested template for menu items
    COM_renderMenu($header, $plugin_menu);
    if (count($plugin_menu) == 0) {
        $header->parse('plg_menu_elements', 'menuitem_none', true);
    } else {
        $count_plugin_menu = count($plugin_menu);
        for ($i = 1; $i <= $count_plugin_menu; $i++) {
            $header->set_var('menuitem_url', current($plugin_menu));
            $header->set_var('menuitem_text', key($plugin_menu));
            if ($i == $count_plugin_menu) {
                $header->parse('plg_menu_elements', 'menuitem_last', true);
            } else {
                $header->parse('plg_menu_elements', 'menuitem', true);
            }
            next($plugin_menu);
        }
    }
    // Call to plugins to set template variables in the header
    PLG_templateSetVars('header', $header);
    if ($_CONF['left_blocks_in_footer'] == 1) {
        $header->set_var('left_blocks', '');
        $header->set_var('geeklog_blocks', '');
    } else {
        $lblocks = '';
        /* Check if an array has been passed that includes the name of a plugin
         * function or custom function
         * This can be used to take control over what blocks are then displayed
         */
        if (is_array($what)) {
            $function = $what[0];
            if (function_exists($function)) {
                $lblocks = $function($what[1], 'left');
            } else {
                $lblocks = COM_showBlocks('left', $topic);
            }
        } else {
            if ($what != 'none') {
                // Now show any blocks -- need to get the topic if not on home page
                $lblocks = COM_showBlocks('left', $topic);
            }
        }
        if (empty($lblocks)) {
            $header->set_var('left_blocks', '');
            $header->set_var('geeklog_blocks', '');
        } else {
            $header->set_var('geeklog_blocks', $lblocks);
            $header->parse('left_blocks', 'leftblocks', true);
            $header->set_var('geeklog_blocks', '');
        }
    }
    if ($_CONF['right_blocks_in_footer'] == 1) {
        $header->set_var('right_blocks', '');
        $header->set_var('geeklog_blocks', '');
    } else {
        $rblocks = '';
        /* Check if an array has been passed that includes the name of a plugin
         * function or custom function
         * This can be used to take control over what blocks are then displayed
         */
        if (is_array($what)) {
            $function = $what[0];
            if (function_exists($function)) {
                $rblocks = $function($what[1], 'right');
            } else {
                $rblocks = COM_showBlocks('right', $topic);
            }
        } else {
            if ($what != 'none') {
                // Now show any blocks -- need to get the topic if not on home page
                $rblocks = COM_showBlocks('right', $topic);
            }
        }
        if (empty($rblocks)) {
            $header->set_var('right_blocks', '');
            $header->set_var('geeklog_blocks', '');
        } else {
            $header->set_var('geeklog_blocks', $rblocks, true);
            $header->parse('right_blocks', 'rightblocks', true);
        }
    }
    // Call any plugin that may want to include extra Meta tags
    // or Javascript functions
    $headercode .= PLG_getHeaderCode();
    // Meta Tags
    // 0 = Disabled, 1 = Enabled, 2 = Enabled but default just for homepage
    if ($_CONF['meta_tags'] > 0) {
        $meta_description = '';
        $meta_keywords = '';
        $no_meta_description = 1;
        $no_meta_keywords = 1;
        //Find out if the meta tag description or keywords already exist in the headercode
        if ($headercode != '') {
            $pattern = '/<meta ([^>]*)name="([^"\'>]*)"([^>]*)/im';
            if (preg_match_all($pattern, $headercode, $matches, PREG_SET_ORDER)) {
                // Loop through all meta tags looking for description and keywords
                for ($i = 0; $i < count($matches) && ($no_meta_description == 1 || $no_meta_keywords == 1); $i++) {
                    $str_matches = strtolower($matches[$i][0]);
                    $pos = strpos($str_matches, 'name=');
                    if (!(is_bool($pos) && !$pos)) {
                        $name = trim(substr($str_matches, $pos + 5), '"');
                        $pos = strpos($name, '"');
                        $name = substr($name, 0, $pos);
                        if (strcasecmp("description", $name) == 0) {
                            $pos = strpos($str_matches, 'content=');
                            if (!(is_bool($pos) && !$pos)) {
                                $no_meta_description = 0;
                            }
                        }
                        if (strcasecmp("keywords", $name) == 0) {
                            $pos = strpos($str_matches, 'content=');
                            if (!(is_bool($pos) && !$pos)) {
                                $no_meta_keywords = 0;
                            }
                        }
                    }
                }
            }
        }
        if (COM_onFrontpage() && $_CONF['meta_tags'] == 2) {
            // Display default meta tags only on home page
            if ($no_meta_description) {
                $meta_description = $_CONF['meta_description'];
            }
            if ($no_meta_keywords) {
                $meta_keywords = $_CONF['meta_keywords'];
            }
        } else {
            if ($_CONF['meta_tags'] == 1) {
                // Display default meta tags anywhere there are no tags
                if ($no_meta_description) {
                    $meta_description = $_CONF['meta_description'];
                }
                if ($no_meta_keywords) {
                    $meta_keywords = $_CONF['meta_keywords'];
                }
            }
        }
        if ($no_meta_description or $no_meta_keywords) {
            $headercode .= COM_createMetaTags($meta_description, $meta_keywords);
        }
    }
    $headercode = $_SCRIPTS->getHeader() . $headercode;
    $header->set_var('plg_headercode', $headercode);
    // The following lines allow users to embed PHP in their templates.  This
    // is almost a contradition to the reasons for using templates but this may
    // prove useful at times ...
    // Don't use PHP in templates if you can live without it!
    $tmp = $header->finish($header->parse('index_header', 'header'));
    $xml_declaration = '';
    if (get_cfg_var('short_open_tag') == '1') {
        if (preg_match('/(<\\?xml[^>]*>)(.*)/s', $tmp, $match)) {
            $xml_declaration = $match[1] . LB;
            $tmp = $match[2];
        }
    }
    ob_start();
    eval('?>' . $tmp);
    $retval = $xml_declaration . ob_get_contents();
    ob_end_clean();
    return $retval;
}
Beispiel #4
0
 case 'printtickets':
     if ($_EV_CONF['enable_rsvp'] && !COM_isAnonUser()) {
         USES_evlist_class_ticket();
         $eid = COM_sanitizeID($_GET['eid'], false);
         $doc = evTicket::PrintTickets($eid, 0, $_USER['uid']);
         echo $doc;
         exit;
     } else {
         $content .= 'Function not available';
     }
     break;
 case 'view':
 default:
     if (empty($eid)) {
         // Default action, view the calendar or event
         COM_setArgNames(array('eid', 'ts', 'range', 'cat'));
         $eid = COM_sanitizeID(COM_getArgument('eid'), false);
     }
     if (!empty($eid)) {
         USES_evlist_class_repeat();
         $Rep = new evRepeat($eid);
         $pagetitle = COM_stripslashes($Rep->Event->title);
         if ($view == 'print') {
             $template = 'event_print';
             $query = '';
         }
         $query = isset($_GET['query']) ? $_GET['query'] : '';
         $content .= $Rep->Detail('', $query, $template);
     } else {
         // Shouldn't be in this file without an event ID to display or edit
         echo COM_refresh(EVLIST_URL . '/index.php');
Beispiel #5
0
    COM_404();
    exit;
}
if (COM_isAnonUser() && $_MG_CONF['loginrequired'] == 1) {
    $display = MG_siteHeader();
    $display .= SEC_loginRequiredForm();
    $display .= COM_siteFooter();
    echo $display;
    exit;
}
require_once $_CONF['path'] . 'plugins/mediagallery/include/init.php';
MG_initAlbums();
/*
* Main Function
*/
COM_setArgNames(array('aid', 'f', 'sort'));
$album_id = COM_applyFilter(COM_getArgument('aid'), true);
$T = new Template(MG_getTemplatePath($album_id));
$T->set_file(array('page' => 'playall_xspf.thtml'));
if ($MG_albums[$album_id]->access == 0) {
    $display .= COM_showMessageText($LANG_MG00['access_denied_msg'], $LANG_ACCESS['accessdenied'], true);
    $display .= MG_siteFooter();
    echo $display;
    exit;
}
$album_title = $MG_albums[$album_id]->title;
$album_desc = $MG_albums[$album_id]->description;
MG_usage('playalbum', $album_title, '', '');
$birdseed = '<a href="' . $_CONF['site_url'] . '/index.php">' . $LANG_MG03['home'] . '</a> ' . ($_MG_CONF['gallery_only'] == 1 ? '' : $_MG_CONF['seperator'] . ' <a href="' . $_MG_CONF['site_url'] . '/index.php">' . $_MG_CONF['menulabel'] . '</a> ') . $MG_albums[$album_id]->getPath(1, 0, 1);
$T->set_var(array('site_url' => $_MG_CONF['site_url'], 'birdseed' => $birdseed, 'pagination' => '<a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $album_id . '&amp;page=1&amp;sort=' . '0' . '">' . $LANG_MG03['return_to_album'] . '</a>', 'album_title' => $album_title, 'album_desc' => $album_desc, 'aid' => $album_id, 'home' => $LANG_MG03['home'], 'return_to_album' => $LANG_MG03['return_to_album']));
/*
Beispiel #6
0
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the             |
// | GNU General Public License for more details.                              |
// |                                                                           |
// | You should have received a copy of the GNU General Public License         |
// | along with this program; if not, write to the Free Software Foundation,   |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.           |
// |                                                                           |
// +---------------------------------------------------------------------------+
require_once '../lib-common.php';
if (!in_array('banner', $_PLUGINS)) {
    echo COM_refresh($_CONF['site_url'] . '/index.php');
    exit;
}
// MAIN
$url = '';
COM_setArgNames(array('what', 'item'));
$what = COM_getArgument('what');
if ($what == 'banner') {
    $item = COM_applyFilter(COM_getArgument('item'));
    if (!empty($item)) {
        // Hack: due to PLG_afterSaveSwitch settings, we may get
        // an attached &msg - strip it off
        $i = explode('&', $item);
        $item = $i[0];
    }
    if (!empty($item)) {
        $url = DB_getItem($_TABLES['banner'], 'url', "bid = '{$item}' AND (publishstart IS NULL OR publishstart < NOW()) and (publishend IS NULL OR publishend > NOW())");
        if (!empty($url)) {
            DB_change($_TABLES['banner'], 'hits', 'hits + 1', 'bid', $item, '', true);
        }
    }
Beispiel #7
0
if (!in_array('paypal', $_PLUGINS)) {
    COM_404();
}
// Ensure sufficient privs and dependencies to read this page
PAYPAL_access_check();
// Import plugin-specific functions
USES_paypal_functions();
// Create a global shopping cart for our use.  This allows the cart to be
// manipulated in an action and then displayed in a view, without necessarily
// having to revisit the database or create a new cart.
USES_paypal_class_cart();
$ppGCart = new ppCart();
// First try to get the SEO-friendly arguments.  A single "action" and "id"
// will probably be the most common anyway.  If that fails, go through all
// the possibilies for actions that might come from submit buttons, etc.
COM_setArgNames(array('action', 'id'));
$action = COM_getArgument('action');
$actionval = '';
if (!empty($action)) {
    $id = COM_sanitizeID(COM_getArgument('id'));
} else {
    $expected = array('updatecart', 'checkout', 'searchcat', 'savebillto', 'saveshipto', 'updatecart', 'emptycart', 'addcartitem', 'addcartitem_x', 'checkoutcart', 'processorder', 'thanks', 'action', 'order', 'view', 'detail', 'printorder', 'orderhist');
    $action = 'view';
    foreach ($expected as $provided) {
        if (isset($_POST[$provided])) {
            $action = $provided;
            $actionval = $_POST[$provided];
            break;
        } elseif (isset($_GET[$provided])) {
            $action = $provided;
            $actionval = $_GET[$provided];
Beispiel #8
0
// +---------------------------------------------------------------------------+
/**
* For really strict webhosts, this file an be used to show images in pages that
* serve the images from outside of the webtree to a place that the webserver
* user can actually write too
*
* @author   Tony Bibbs, tony AT tonybibbs DOT com
*
*/
require_once 'lib-common.php';
require_once $_CONF['path_system'] . 'classes/downloader.class.php';
$downloader = new downloader();
$downloader->setLogFile($_CONF['path_log'] . 'error.log');
$downloader->setLogging(true);
$downloader->setAllowedExtensions(array('gif' => 'image/gif', 'jpg' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'png' => 'image/png', 'png' => 'image/x-png'));
COM_setArgNames(array('mode', 'image'));
$mode = COM_applyFilter(COM_getArgument('mode'));
$image = COM_applyFilter(COM_getArgument('image'));
if (strstr($image, '..')) {
    // Can you believe this, some jackass tried to relative pathing to access
    // files they shouldn't have access to?
    COM_accessLog('Someone tried to illegally access files using getimage.php');
    exit;
}
// Set the path properly
switch ($mode) {
    case 'show':
    case 'articles':
        $downloader->setPath($_CONF['path_images'] . 'articles/');
        break;
    case 'topics':
Beispiel #9
0
    $sid = COM_applyFilter($_POST['story']);
    $mode = COM_applyFilter($_POST['mode']);
    if (isset($_POST['order'])) {
        $order = COM_applyFilter($_POST['order']);
    }
    if (isset($_POST['query'])) {
        $query = $_POST['query'];
    }
    if (isset($_POST['reply'])) {
        $reply = COM_applyFilter($_POST['reply']);
    }
    if (isset($_POST['cpage'])) {
        $page = COM_applyFilter($_POST['cpage'], true);
    }
} else {
    COM_setArgNames(array('story', 'mode'));
    $sid = COM_applyFilter(COM_getArgument('story'));
    $mode = COM_applyFilter(COM_getArgument('mode'));
    if (isset($_GET['order'])) {
        $order = COM_applyFilter($_GET['order']);
    }
    if (isset($_GET['query'])) {
        $query = $_GET['query'];
    }
    if (isset($_GET['reply'])) {
        $reply = COM_applyFilter($_GET['reply']);
    }
    if (isset($_GET['cpage'])) {
        $page = COM_applyFilter($_GET['cpage'], true);
    }
}
Beispiel #10
0
            $urlpart = substr_replace($urlpart, $newlang, -$lang_len);
        }
        $retval = $urlpart . $extra_vars;
    }
    return $retval;
}
// MAIN
$ret_url = '';
if (isset($_SERVER['HTTP_REFERER'])) {
    if (strpos($_SERVER['HTTP_REFERER'], $_CONF['site_url']) !== false) {
        $ret_url = $_SERVER['HTTP_REFERER'];
    }
}
// if not allowed, just ignore and return
if ($_CONF['allow_user_language'] == 1) {
    COM_setArgNames(array('lang'));
    $lang = strtolower(COM_applyFilter(COM_getArgument('lang')));
    $lang = preg_replace('/[^a-z0-9\\-_]/', '', $lang);
    $oldlang = COM_getLanguageId();
    // do we really have a new language to switch to?
    if (!empty($lang) && array_key_exists($lang, $_CONF['language_files'])) {
        // does such a language file exist?
        $langfile = $_CONF['language_files'][$lang];
        if (is_file($_CONF['path_language'] . $langfile . '.php')) {
            // Set the language cookie.
            // Mainly used for anonymous users so the rest of their session
            // will remain in the selected language
            setcookie($_CONF['cookie_language'], $langfile, time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
            // if user is not anonymous, store the preference in the database
            if (!COM_isAnonUser()) {
                DB_query("UPDATE {$_TABLES['users']} SET language = '{$langfile}' WHERE uid = {$_USER['uid']}");
Beispiel #11
0
//public_html/data.php?id=1&m=id&template=yyyy
//public_html/data.php?code=xxxx_en&m=code&template=yyyy
$url_rewrite = false;
$q = false;
$url = $_SERVER["REQUEST_URI"];
if ($_CONF['url_rewrite']) {
    $q = strpos($url, '?');
    if ($q === false) {
        $url_rewrite = true;
    } elseif (substr($url, $q - 4, 4) != '.php') {
        $url_rewrite = true;
    }
}
//
if ($url_rewrite) {
    COM_setArgNames(array('idcode', 'm', 'template', $dummy1));
    $m = COM_applyFilter(COM_getArgument('m'));
    $template = COM_applyFilter(COM_getArgument('template'));
    //code 使用の時
    if ($m === "code") {
        $id = 0;
        $code = COM_applyFilter(COM_getArgument('idcode'));
    } elseif ($m === "id") {
        $id = COM_applyFilter(COM_getArgument('idcode'), true);
        $code = "";
    } else {
        $id = 0;
        $code = "";
    }
} else {
    $m = COM_applyFilter($_GET['m']);
Beispiel #12
0
// 引数
//public_html/page.php?code=xxxx&template=yyyy
$url_rewrite = false;
$q = false;
$url = $_SERVER["REQUEST_URI"];
if ($_CONF['url_rewrite']) {
    $q = strpos($url, '?');
    if ($q === false) {
        $url_rewrite = true;
    } elseif (substr($url, $q - 4, 4) != '.php') {
        $url_rewrite = true;
    }
}
//
if ($url_rewrite) {
    COM_setArgNames(array('code', 'template', 'dummy1', 'dummy2'));
    $code = COM_applyFilter(COM_getArgument('code'));
    $template = COM_applyFilter(COM_getArgument('template'));
} else {
    $code = COM_applyFilter($_GET['code']);
    $template = COM_applyFilter($_GET['template']);
}
$msg = '';
if (isset($_GET['msg'])) {
    $msg = COM_applyFilter($_GET['msg'], true);
}
$display = '';
$information = array();
// 'コメントを追加',
if (isset($_POST['reply']) && $_POST['reply'] == $LANG01[25]) {
    $display .= COM_refresh($_CONF['site_url'] . '/comment.php?sid=' . $_POST['pid'] . '&pid=' . $_POST['pid'] . '&type=' . $_POST['type']);
Beispiel #13
0
/**
* Returns the site footer
*
* This loads the proper templates, does variable substitution and returns the
* HTML for the site footer.
*
* @param   boolean     $rightblock     Whether or not to show blocks on right hand side default is no
* @param   array       $custom         An array defining custom function to be used to format Rightblocks
* @see function COM_siteHeader
* @return   string  Formated HTML containing site footer and optionally right blocks
*
*/
function COM_siteFooter($rightblock = -1, $custom = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG12, $LANG_BUTTONS, $LANG_DIRECTION, $_IMAGE_TYPE, $topic, $_COM_VERBOSE, $_PAGE_TIMER, $theme_what, $theme_pagetitle, $theme_headercode, $theme_layout, $_LOGO, $uiStyles;
    COM_hit();
    if (isset($blockInterface['right'])) {
        $currentURL = COM_getCurrentURL();
        if (strpos($currentURL, $_CONF['site_admin_url']) === 0) {
            if ($blockInterface['right']['location'] == 'right' || $blockInterface['right']['location'] == 'left') {
                $rightblocks = -1;
            }
        }
    }
    $function = $_USER['theme'] . '_siteFooter';
    if (function_exists($function)) {
        return $function($rightblock, $custom);
    }
    $dt = new Date('now', $_USER['tzid']);
    $what = $theme_what;
    $pagetitle = $theme_pagetitle;
    $themecode = $theme_headercode;
    // Grab any content that was cached by the system
    $content = ob_get_contents();
    ob_end_clean();
    $theme = new Template($_CONF['path_layout']);
    $theme->set_file(array('header' => 'header.thtml', 'footer' => 'footer.thtml', 'leftblocks' => 'leftblocks.thtml', 'rightblocks' => 'rightblocks.thtml'));
    $theme->set_var('num_search_results', $_CONF['num_search_results']);
    // get topic if not on home page
    if (!isset($_GET['topic'])) {
        if (isset($_GET['story'])) {
            $sid = COM_applyFilter($_GET['story']);
        } elseif (isset($_GET['sid'])) {
            $sid = COM_applyFilter($_GET['sid']);
        } elseif (isset($_POST['story'])) {
            $sid = COM_applyFilter($_POST['story']);
        }
        if (empty($sid) && $_CONF['url_rewrite'] && strpos($_SERVER['PHP_SELF'], 'article.php') !== false) {
            COM_setArgNames(array('story', 'mode'));
            $sid = COM_applyFilter(COM_getArgument('story'));
        }
        if (!empty($sid)) {
            $topic = DB_getItem($_TABLES['stories'], 'tid', "sid='" . DB_escapeString($sid) . "'");
        }
    } else {
        $topic = COM_applyFilter($_GET['topic']);
    }
    $loggedInUser = !COM_isAnonUser();
    $theme->set_var('site_name', $_CONF['site_name']);
    $theme->set_var('background_image', $_CONF['layout_url'] . '/images/bg.' . $_IMAGE_TYPE);
    $theme->set_var('site_mail', "mailto:{$_CONF['site_mail']}");
    if ($_LOGO['display_site_slogan']) {
        $theme->set_var('site_slogan', $_CONF['site_slogan']);
    }
    $msg = $LANG01[67] . ' ' . $_CONF['site_name'];
    if (!empty($_USER['username']) && !COM_isAnonUser()) {
        $msg .= ', ' . COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
    }
    $curtime = $dt->format($dt->getUserFormat(), true);
    $theme->set_var('welcome_msg', $msg);
    $theme->set_var('datetime', $curtime);
    if ($_LOGO['use_graphic_logo'] == 1 && file_exists($_CONF['path_html'] . '/images/' . $_LOGO['logo_name'])) {
        $L = new Template($_CONF['path_layout']);
        $L->set_file(array('logo' => 'logo-graphic.thtml'));
        $imgInfo = @getimagesize($_CONF['path_html'] . '/images/' . $_LOGO['logo_name']);
        $dimension = $imgInfo[3];
        $L->set_var('site_name', $_CONF['site_name']);
        $site_logo = $_CONF['site_url'] . '/images/' . $_LOGO['logo_name'];
        $L->set_var('site_logo', $site_logo);
        $L->set_var('dimension', $dimension);
        if ($imgInfo[1] != 100) {
            $delta = 100 - $imgInfo[1];
            $newMargin = $delta;
            $L->set_var('delta', 'style="padding-top:' . $newMargin . 'px;"');
        } else {
            $L->set_var('delta', '');
        }
        if ($_LOGO['display_site_slogan']) {
            $L->set_var('site_slogan', $_CONF['site_slogan']);
        }
        $L->parse('output', 'logo');
        $theme->set_var('logo_block', $L->finish($L->get_var('output')));
    } else {
        if ($_LOGO['use_graphic_logo'] == 0) {
            $L = new Template($_CONF['path_layout']);
            $L->set_file(array('logo' => 'logo-text.thtml'));
            $L->set_var('site_name', $_CONF['site_name']);
            if ($_LOGO['display_site_slogan']) {
                $L->set_var('site_slogan', $_CONF['site_slogan']);
            }
            $L->parse('output', 'logo');
            $theme->set_var('logo_block', $L->finish($L->get_var('output')));
        } else {
            $theme->set_var('logo_block', '');
        }
    }
    $theme->set_var('site_logo', $_CONF['layout_url'] . '/images/logo.' . $_IMAGE_TYPE);
    $theme->set_var(array('lang_login' => $LANG01[58], 'lang_myaccount' => $LANG01[48], 'lang_logout' => $LANG01[35], 'lang_newuser' => $LANG12[3]));
    $menu_navigation = displayMenu('navigation');
    $menu_footer = displayMenu('footer');
    $menu_header = displayMenu('header');
    $theme->set_var(array('menu_navigation' => $menu_navigation, 'menu_footer' => $menu_footer, 'menu_header' => $menu_header, 'st_hmenu' => $menu_navigation, 'st_footer_menu' => $menu_footer, 'st_header_menu' => $menu_header));
    $lblocks = '';
    /* Check if an array has been passed that includes the name of a plugin
     * function or custom function
     * This can be used to take control over what blocks are then displayed
     */
    if (is_array($what)) {
        $function = $what[0];
        if (function_exists($function)) {
            $lblocks = $function($what[1], 'left');
        } else {
            $lblocks = COM_showBlocks('left', $topic);
        }
    } else {
        if ($what != 'none') {
            // Now show any blocks -- need to get the topic if not on home page
            $lblocks = COM_showBlocks('left', $topic);
        }
    }
    /* Now build footer */
    if (empty($lblocks)) {
        $theme->set_var('left_blocks', '');
        $theme->set_var('glfusion_blocks', '');
    } else {
        $theme->set_var('glfusion_blocks', $lblocks);
    }
    // Do variable assignments
    $theme->set_var('site_mail', "mailto:{$_CONF['site_mail']}");
    $theme->set_var('site_slogan', $_CONF['site_slogan']);
    $rdf = substr_replace($_CONF['rdf_file'], $_CONF['site_url'], 0, strlen($_CONF['path_html']) - 1) . LB;
    $theme->set_var('rdf_file', $rdf);
    $theme->set_var('rss_url', $rdf);
    $year = date('Y');
    $copyrightyear = $year;
    if (!empty($_CONF['copyrightyear'])) {
        if ($year == $_CONF['copyrightyear']) {
            $copyrightyear = $_CONF['copyrightyear'];
        } else {
            $copyrightyear = $_CONF['copyrightyear'] . " - " . $year;
        }
    }
    $theme->set_var('copyright_notice', $LANG01[93] . ' &copy; ' . $copyrightyear . ' ' . $_CONF['site_name'] . '&nbsp;&nbsp;&bull;&nbsp;&nbsp;' . $LANG01[94]);
    $theme->set_var('copyright_msg', $LANG01[93] . ' &copy; ' . $copyrightyear . ' ' . $_CONF['site_name']);
    $theme->set_var('current_year', $year);
    $theme->set_var('lang_copyright', $LANG01[93]);
    $theme->set_var('trademark_msg', $LANG01[94]);
    $theme->set_var('powered_by', $LANG01[95]);
    $theme->set_var('glfusion_url', 'http://www.glfusion.org/');
    $theme->set_var('glfusion_version', GVERSION);
    $theme->set_var('direction', empty($LANG_DIRECTION) ? 'ltr' : $LANG_DIRECTION);
    /* Check if an array has been passed that includes the name of a plugin
     * function or custom function.
     * This can be used to take control over what blocks are then displayed
     */
    if (is_array($custom)) {
        $function = $custom['0'];
        if (function_exists($function)) {
            $rblocks = $function($custom['1'], 'right');
        }
    } elseif ($rightblock == 1 || $_CONF['show_right_blocks'] == 1) {
        $rblocks = '';
        $rblocks = COM_showBlocks('right', $topic);
        if (empty($rblocks)) {
            $theme->set_var('glfusion_rblocks', '');
            $theme->set_var('right_blocks', '');
            if (empty($lblocks)) {
                // using full_content
                $theme->set_var('centercolumn', $uiStyles['full_content']['content_class']);
            } else {
                // using left_content
                $theme->set_var('centercolumn', $uiStyles['left_content']['content_class']);
                $theme->set_var('footercolumn-l', $uiStyles['left_content']['left_class']);
            }
        } else {
            $theme->set_var('glfusion_rblocks', $rblocks);
            if (empty($lblocks)) {
                // using content_right
                $theme->set_var('centercolumn', $uiStyles['content_right']['content_class']);
                $theme->set_var('footercolumn-r', $uiStyles['content_right']['right_class']);
            } else {
                // using left_content_right
                $theme->set_var('centercolumn', $uiStyles['left_content_right']['content_class']);
                $theme->set_var('footercolumn-l', $uiStyles['left_content_right']['left_class']);
                $theme->set_var('footercolumn-r', $uiStyles['left_content_right']['right_class']);
            }
        }
    } else {
        $theme->set_var('glfusion_rblocks', '');
        $theme->set_var('right_blocks', '');
        if (empty($lblocks)) {
            // using full content
            $theme->set_var('centercolumn', $uiStyles['full_content']['content_class']);
        } else {
            // using left_content
            $theme->set_var('centercolumn', $uiStyles['left_content']['content_class']);
            $theme->set_var('footercolumn-l', $uiStyles['left_content']['left_class']);
        }
    }
    if (!empty($lblocks)) {
        $theme->parse('left_blocks', 'leftblocks', true);
        $theme->set_var('glfusion_blocks', '');
    }
    if (!empty($rblocks)) {
        $theme->parse('right_blocks', 'rightblocks', true);
        $theme->set_var('glfusion_rblocks', '');
    }
    $exectime = $_PAGE_TIMER->stopTimer();
    $exectext = $LANG01[91] . ' ' . $exectime . ' ' . $LANG01[92];
    $theme->set_var('execution_time', $exectime);
    $theme->set_var('execution_textandtime', $exectext);
    $theme->set_var('content', $content);
    // grab header data from outputHandler
    $outputHandle = outputHandler::getInstance();
    $theme->set_var(array('meta-header' => $outputHandle->renderHeader('meta'), 'css-header' => $outputHandle->renderHeader('style'), 'js-header' => $outputHandle->renderHeader('script'), 'raw-header' => $outputHandle->renderHeader('raw')));
    if (SESS_isSet('glfusion.infoblock')) {
        $msgArray = @unserialize(SESS_getVar('glfusion.infoblock'));
        $msgTxt = COM_showMessageText($msgArray['msg'], '', $persist = false, $msgArray['type']);
        $theme->set_var('info_block', $msgTxt);
        SESS_unSet('glfusion.infoblock');
    }
    // Call to plugins to set template variables in the footer
    PLG_templateSetVars('header', $theme);
    PLG_templateSetVars('footer', $theme);
    // Actually parse the template and make variable substitutions
    $theme->parse('index_footer', 'footer');
    $tmp = $theme->finish($theme->parse('index_header', 'header'));
    echo $tmp;
    // send the header.thtml
    $retval = $theme->finish($theme->get_var('index_footer'));
    _js_out();
    _css_out();
    return $retval;
}
Beispiel #14
0
}
// allow_anon_view is set by functions.inc if global login_required is on
if (COM_isAnonUser() && $_EV_CONF['allow_anon_view'] != '1') {
    $content = COM_siteHeader();
    $content .= SEC_loginRequiredForm();
    $content .= COM_siteFooter();
    echo $content;
    exit;
}
USES_evlist_functions();
USES_evlist_views();
//var_dump($_GET);die;
/*
*   MAIN 
*/
COM_setArgNames(array('view', 'range', 'cat'));
if (isset($_GET['view'])) {
    $view = COM_applyFilter($_GET['view']);
} elseif (isset($_POST['view'])) {
    $view = COM_applyFilter($_POST['view']);
} else {
    $view = COM_applyFilter(COM_getArgument('view'));
}
/*if (empty($view)) {
    $view = isset($_EV_CONF['default_view']) ? $_EV_CONF['default_view'] : '';
}*/
if (isset($_GET['range'])) {
    $range = COM_applyFilter($_GET['range'], true);
} elseif (isset($_POST['range'])) {
    $range = COM_applyFilter($_POST['range'], true);
} else {
Beispiel #15
0
/**
* Display a Static Page
*
* @package StaticPages
* @subpackage public_html
*/
/**
* Geeklog common function library
*/
require_once '../lib-common.php';
if (!in_array('staticpages', $_PLUGINS)) {
    COM_handle404();
    exit;
}
// MAIN
COM_setArgNames(array('page', 'disp_mode'));
$page = COM_applyFilter(COM_getArgument('page'));
$display_mode = COM_applyFilter(COM_getArgument('disp_mode'));
$query = '';
if (isset($_REQUEST['query'])) {
    $query = COM_applyfilter($_GET['query']);
}
TOPIC_getTopic('staticpages', $page);
// from comments display refresh:
if (isset($_REQUEST['order'])) {
    $comment_order = COM_applyFilter($_REQUEST['order']);
    $comment_mode = COM_applyFilter($_REQUEST['mode']);
    if (isset($_REQUEST['cpage'])) {
        $comment_page = COM_applyFilter($_REQUEST['cpage']);
    }
    if (strcasecmp($comment_order, 'ASC') != 0 && strcasecmp($comment_order, 'DESC') != 0) {
Beispiel #16
0
// 引数
//public_html/content.php?code=xxxx&template=yyyy
$url_rewrite = false;
$q = false;
$url = $_SERVER["REQUEST_URI"];
if ($_CONF['url_rewrite']) {
    $q = strpos($url, '?');
    if ($q === false) {
        $url_rewrite = true;
    } elseif (substr($url, $q - 4, 4) != '.php') {
        $url_rewrite = true;
    }
}
//
if ($url_rewrite) {
    COM_setArgNames(array('code', 'template'));
    $code = COM_applyFilter(COM_getArgument('code'));
    $template = COM_applyFilter(COM_getArgument('template'));
} else {
    $code = COM_applyFilter($_GET['code']);
    $template = COM_applyFilter($_GET['template']);
}
//ログイン要否チェック
if (COM_isAnonUser()) {
    if ($_CONF['loginrequired'] or $_USERBOX_CONF['loginrequired'] == 3 or $_USERBOX_CONF['loginrequired'] == 2 or $_USERBOX_CONF['loginrequired'] == 1) {
        echo $LANG_USERBOX['loginrequired'];
        exit;
    }
}
$id = 0;
$retval = userbox_profile($id, $template, "yes", "", $code);
Beispiel #17
0
require_once $_CONF['path_system'] . 'lib-trackback.php';
// Note: Error messages are hard-coded in English since there is no way of
// knowing which language the sender of the trackback ping may prefer.
$TRB_ERROR = array('not_enabled' => 'Trackback not enabled.', 'illegal_request' => 'Illegal request.', 'no_access' => 'You do not have access to this entry.');
if (!$_CONF['trackback_enabled']) {
    TRB_sendTrackbackResponse(1, $TRB_ERROR['not_enabled']);
    exit;
}
if (isset($_SERVER['REQUEST_METHOD'])) {
    // Trackbacks are only allowed as POST requests
    if ($_SERVER['REQUEST_METHOD'] != 'POST') {
        header('Allow: POST');
        COM_displayMessageAndAbort(75, '', 405, 'Method Not Allowed');
    }
}
COM_setArgNames(array('id', 'type'));
$id = COM_applyFilter(COM_getArgument('id'));
$type = COM_applyFilter(COM_getArgument('type'));
if (empty($id)) {
    TRB_sendTrackbackResponse(1, $TRB_ERROR['illegal_request']);
    exit;
}
if (empty($type)) {
    $type = 'article';
}
if ($type == 'article') {
    // check if they have access to this story
    $sid = DB_escapeString($id);
    $result = DB_query("SELECT trackbackcode FROM {$_TABLES['stories']} WHERE (sid = '{$sid}') AND (date <= NOW()) AND (draft_flag = 0)" . COM_getPermSql('AND') . COM_getTopicSql('AND'));
    if (DB_numRows($result) == 1) {
        $A = DB_fetchArray($result);
Beispiel #18
0
// | but WITHOUT ANY WARRANTY; without even the implied warranty of            |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the             |
// | GNU General Public License for more details.                              |
// |                                                                           |
// | You should have received a copy of the GNU General Public License         |
// | along with this program; if not, write to the Free Software Foundation,   |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.           |
// |                                                                           |
// +---------------------------------------------------------------------------+
require_once '../lib-common.php';
if (!in_array('tag', $_PLUGINS)) {
    COM_output(COM_refresh($_CONF['site_url'] . '/index.php'));
    exit;
}
// Retrieves request vars
COM_setArgNames(array('tag'));
$tag = COM_getArgument('tag');
/**
* Display
*/
$T = new Template($_CONF['path'] . 'plugins/tag/templates');
$T->set_file('page', 'index.thtml');
$T->set_var('xhtml', XHTML);
// Lang vars
$lang_vars = array('tag_list');
foreach ($lang_vars as $lang_var) {
    $T->set_var('lang_' . $lang_var, TAG_str($lang_var));
}
// Tag cloud
$T->set_var('tag_cloud', TAG_getTagCloud($_TAG_CONF['max_tag_cloud'], false));
// Other tags
Beispiel #19
0
// | You should have received a copy of the GNU General Public License         |
// | along with this program; if not, write to the Free Software Foundation,   |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.           |
// |                                                                           |
// +---------------------------------------------------------------------------+
require_once '../../../lib-common.php';
require_once '../../auth.inc.php';
require_once $_CONF['path'] . 'plugins/downloads/include/functions.php';
if (!SEC_hasRights('downloads.edit')) {
    $display = COM_showMessageText($MESSAGE[29], $MESSAGE[30]);
    $display = DLM_createHTMLDocument($display, array('pagetitle' => $MESSAGE[30]));
    COM_accessLog("User {$_USER['username']} tried to illegally access the downloads temporary file.");
    COM_output($display);
    exit;
}
COM_setArgNames(array('id'));
$lid = addslashes(COM_applyFilter(COM_getArgument('id')));
$result = DB_query("SELECT url, date FROM {$_TABLES['downloadsubmission']} WHERE lid='{$lid}'");
list($url, $date) = DB_fetchArray($result);
$filepath = $_DLM_CONF['path_filestore'] . 'tmp' . date('YmdHis', $date) . DLM_createSafeFileName($url);
if (file_exists($filepath)) {
    header('Content-Disposition: attachment; filename="' . $url . '"');
    header('Content-Type: application/octet-stream');
    header('Content-Description: File Transfer');
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    header('Pragma: public');
    header('Content-Length: ' . filesize($filepath));
    ob_clean();
    flush();
Beispiel #20
0
//public_html/attribute.php?id=1&m=id&value=27&template=yyyy
//public_html/attribute.php?code=xxxx&m=code&value=27&template=yyyy
$url_rewrite = false;
$q = false;
$url = $_SERVER["REQUEST_URI"];
if ($_CONF['url_rewrite']) {
    $q = strpos($url, '?');
    if ($q === false) {
        $url_rewrite = true;
    } elseif (substr($url, $q - 4, 4) != '.php') {
        $url_rewrite = true;
    }
}
//
if ($url_rewrite) {
    COM_setArgNames(array('idcode', 'm', 'value', 'template'));
    $m = COM_applyFilter(COM_getArgument('m'));
    if ($m === "code") {
        $id = 0;
        $code = COM_applyFilter(COM_getArgument('idcode'));
    } else {
        $id = COM_applyFilter(COM_getArgument('idcode'), true);
        $code = 0;
    }
    $value = COM_applyFilter(COM_getArgument('value'));
    $template = COM_applyFilter(COM_getArgument('template'));
} else {
    $id = COM_applyFilter($_GET['id'], true);
    $code = COM_applyFilter($_GET['code']);
    $value = COM_applyFilter($_GET['value']);
    $template = COM_applyFilter($_GET['template']);