Beispiel #1
0
     $pack = edit_option($pack, $i, $_REQUEST[$i]);
 }
 // Preview tool
 $preview_hmtl = false;
 if (isset($preview) && $preview == 'preview') {
     $new[NEW_ID] = time();
     $new[NEW_USER] = $member_db[2];
     $new[NEW_TITLE] = $title;
     $new[NEW_SHORT] = $short_story;
     $new[NEW_FULL] = $full_story;
     $new[NEW_AVATAR] = $manual_avatar;
     $new[NEW_CAT] = $nice_category;
     $new[NEW_MF] = $pack;
     $new[NEW_OPT] = $options;
     $preview_hmtl = getpart('addnews_preview', array(lang('Preview active news'), template_replacer_news($new, $template_active)));
     $preview_hmtl .= getpart('addnews_preview', array(lang('Preview full story'), template_replacer_news($new, $template_full)));
     $error_messages = false;
 }
 // ---------------------------------------------------------------------------------------------------- SAVE ---
 if ($error_messages == false && empty($preview_hmtl)) {
     // Make unique time, just for draft/normal: not postponed
     if ($postpone == false) {
         $added_time = time();
         if (file_exists(SERVDIR . '/cdata/newsid.txt')) {
             $added_time = join('', file(SERVDIR . '/cdata/newsid.txt'));
         }
         if (time() <= $added_time) {
             $added_time++;
         } else {
             $added_time = time();
         }
// Flood Protection
//----------------------------------
if ($config_flood_time != 0 and $config_flood_time != "") {
    if (flooder($ip, $id) == true) {
        echo '<div class="blocking_posting_comment">' . str_replace('%1', $config_flood_time, lang('Flood protection activated! You have to wait %1 seconds after your last comment before posting again at this article')) . '</div>';
        return FALSE;
    }
}
//----------------------------------
// Check if the name is protected
//----------------------------------
$user_member = user_search($name);
// In case if enter another name
if ($CNname && $CNpass && $CNname != $name or $name && $_SESS['user'] && $_SESS['user'] != $name) {
    echo proc_tpl('remember');
    echo getpart('forget_me_script');
    $refer = $_SERVER['HTTP_REFERER'];
    echo proc_tpl('wrong_user');
    return FALSE;
}
if ($name && empty($user_member) == false) {
    $is_member = true;
    // Check stored password in cookies
    if ($CNpass and $user_member[UDB_PASS] == $CNpass) {
        $password = true;
    }
    if (!empty($_SESS['user']) && $_SESS['user'] == $name) {
        $is_member = true;
    } elseif (empty($password)) {
        $comments = preg_replace(array("'\"'", "'\\''", "''"), array("&quot;", "&#039;", ""), $comments);
        $name = replace_comment("add", preg_replace("/\n/", "", $name));
Beispiel #3
0
    }
    echo proc_tpl('plugins/list');
    echofooter();
} elseif ($action == 'rewrite') {
    if ($subaction == 'save') {
        $w = fopen(SERVDIR . '/cdata/conf_rw.php', 'w');
        flock($w, LOCK_EX);
        fwrite($w, '<' . "?php\n");
        foreach ($_REQUEST as $i => $v) {
            if (substr($i, 0, 5) == 'conf_') {
                fwrite($w, '$conf_rw_' . substr($i, 5) . ' = "' . str_replace('"', '\\"', $v) . "\";\n");
            }
        }
        flock($w, LOCK_UN);
        fclose($w);
        $saved_ok = getpart('saved_ok');
    }
    // Read data from datatable
    if (file_exists(SERVDIR . '/cdata/conf_rw.php')) {
        include SERVDIR . '/cdata/conf_rw.php';
    }
    // Default values -----------------
    set_default_val_for_rewrite();
    hook('insert_additional_rewrites');
    // Try to update htaccess
    if ($update_htaccess == 'Y') {
        $w = fopen($conf_rw_htaccess, 'w');
        flock($w, LOCK_EX);
        fwrite($w, "RewriteEngine ON\n");
        fwrite($w, "RewriteCond %{REQUEST_FILENAME} !-d\n");
        fwrite($w, "RewriteCond %{REQUEST_FILENAME} !-f\n");
    echo $prev_next_msg;
}
$username = $usermail = false;
$template_form = str_replace("{config_http_script_dir}", $config_http_script_dir, $template_form);
//----------------------------------
// Check if the remember script exists
//----------------------------------
if (!empty($_SESS['user'])) {
    $captcha_enabled = false;
    $member_db = user_search($_SESS['user']);
}
$template_form = str_replace('{username}', isset($member_db[UDB_NAME]) ? $member_db[UDB_NAME] : false, $template_form);
$template_form = str_replace('{usermail}', isset($member_db[UDB_EMAIL]) ? $member_db[UDB_EMAIL] : false, $template_form);
// Remember and Forget for unregistered only
$remember_user = '';
$remember_form = getpart('remember_me');
if ($member_db) {
    $remember_form = getpart('logged_as_member');
    $remember_user = getpart('logger_as_membersp', htmlspecialchars($member_db[UDB_NAME]), htmlspecialchars($member_db[UDB_EMAIL]));
} elseif ($_COOKIE['CNname']) {
    $remember_form = getpart('forget_me');
}
$gduse = function_exists('imagecreatetruecolor') ? 0 : 1;
$captcha_form = $config_use_captcha && $captcha_enabled ? proc_tpl('captcha_comments') : false;
$smilies_form = proc_tpl('remember_js') . insertSmilies('short', false);
$template_form = str_replace("{smilies}", $smilies_form, $template_form);
$template_form = str_replace('{remember_me}', $remember_form, $template_form);
$template_form = hook('comment_template_form', $template_form);
$remember_js = read_tpl('remember') . $remember_user;
echo proc_tpl('comment_form');
return TRUE;
Beispiel #5
0
            if ($rememberme == 'yes') {
                $_SESS['@'] = true;
            } elseif (isset($_SESS['@'])) {
                unset($_SESS['@']);
            }
            add_to_log($username, 'login');
            user_remove_ban($ip);
            // Modify Last Login
            $member_db[UDB_LAST] = time();
            user_update($username, $member_db);
            $is_loged_in = true;
            send_cookie();
        } else {
            $_SESS['user'] = false;
            $bandata = user_addban($ip, time() + 3600);
            $result .= getpart('block_ban', $bandata[1], date('d-m-Y H:i:s', $bandata[2]));
            add_to_log($username, lang('Wrong username/password'));
            $is_loged_in = false;
            send_cookie();
        }
    }
} else {
    // Check existence of user
    $member_db = user_search($_SESS['user']);
    if ($member_db) {
        $is_loged_in = true;
    } else {
        $_SESS['user'] = false;
        $is_loged_in = false;
        send_cookie();
    }
Beispiel #6
0
     $error_messages .= getpart('addnews_err', array(lang("The title can not be blank"), "#GOBACK"));
 }
 if ($short_story == "" and $ifdelete != "yes") {
     $error_messages .= getpart('addnews_err', array(lang("The story can not be blank"), "#GOBACK"));
 }
 // Some replaces
 $use_html = $if_use_html == "yes" || $use_wysiwyg ? 1 : 0;
 $short_story = replace_news("add", $short_story, $use_html);
 $full_story = replace_news("add", $full_story, $use_html);
 $title = stripslashes(preg_replace(array("'\\|'", "'\n'", "''"), array("I", "<br />", ""), $title));
 $avatar = stripslashes(preg_replace(array("'\\|'", "'\n'", "''"), array("I", "<br />", ""), $avatar));
 // Check avatar
 if ($editavatar) {
     $editavatar = check_avatar($editavatar);
     if ($editavatar == false) {
         $error_messages .= getpart('addnews_err', array(lang('Avatar not uploaded'), '#GOBACK'));
     }
 }
 // *************************************************
 // EDIT ONLY IF ALL CORRECT!
 // *************************************************
 if ($error_messages == false) {
     // select news and comment files
     if ($source == "") {
         $news_file = SERVDIR . "/cdata/news.txt";
         $com_file = SERVDIR . "/cdata/comments.txt";
     } elseif ($source == "postponed") {
         $news_file = SERVDIR . "/cdata/postponed_news.txt";
         $com_file = SERVDIR . "/cdata/comments.txt";
     } elseif ($source == "unapproved") {
         $news_file = SERVDIR . "/cdata/unapproved_news.txt";
Beispiel #7
0
function caticon($cats, $cat_icon, $cat)
{
    $cats = trim($cats);
    if (empty($cats)) {
        return false;
    }
    $result = false;
    foreach (spsep($cats) as $cid) {
        if ($cat_icon[$cid]) {
            $result .= getpart('category_icon', array($cat[$cid], $cat_icon[$cid]));
        }
    }
    return $result;
}
function getpart($mbox, $mid, $p, $partno, $charset, $htmlmsg, $plainmsg, $attachments)
{
    // $partno = '1', '2', '2.1', '2.1.3', etc for multipart, 0 if simple
    // DECODE DATA
    if ($p->encoding != 3 || $partno < 2) {
        $data = $partno ? imap_fetchbody($mbox, $mid, $partno, FT_UID) : imap_body($mbox, $mid, FT_UID);
    }
    // simple
    // Any part may be encoded, even plain text messages, so check everything.
    if ($p->encoding == 4) {
        $data = quoted_printable_decode($data);
    } elseif ($p->encoding == 3) {
        $data = base64_decode($data);
    }
    // PARAMETERS
    // get all parameters, like charset, filenames of attachments, etc.
    $params = array();
    if ($p->parameters) {
        foreach ($p->parameters as $x) {
            $params[strtolower($x->attribute)] = $x->value;
        }
    }
    if ($p->dparameters) {
        foreach ($p->dparameters as $x) {
            $params[strtolower($x->attribute)] = $x->value;
        }
    }
    // ATTACHMENT
    // Any part with a filename is an attachment,
    // so an attached text file (type 0) is not mistaken as the message.
    if ($params['filename'] || $params['name']) {
        // filename may be given as 'Filename' or 'Name' or both
        $filename = $params['filename'] ? $params['filename'] : $params['name'];
        // filename may be encoded, so see imap_mime_header_decode()
        $attachments[$filename] = $data;
        // this is a problem if two files have same name
    }
    // TEXT
    if ($p->type == 0 && $data) {
        // Messages may be split in different parts because of inline attachments,
        // so append parts together with blank row.
        if (strtolower($p->subtype) == 'plain') {
            $plainmsg .= trim($data) . "\n\n";
        } else {
            $htmlmsg .= $data . "<br /><br />";
        }
        $charset = $params['charset'];
        // assume all parts are same charset
    } elseif ($p->type == 2 && $data) {
        $plainmsg .= $data . "\n\n";
    }
    // SUBPART RECURSION
    if ($p->parts) {
        foreach ($p->parts as $partno0 => $p2) {
            list($charset, $htmlmsg, $plainmsg, $attachments) = getpart($mbox, $mid, $p2, $partno . '.' . ($partno0 + 1), $charset, $htmlmsg, $plainmsg, $attachments);
        }
        // 1.2, 1.2.1, etc.
    }
    return array($charset, $htmlmsg, $plainmsg, $attachments);
}