/** * Initialize all default tpl tags. */ private function initialize() { $this->tpl = new RainTPL(); try { $version = ApplicationUtils::checkUpdate(shaarli_version, $GLOBALS['config']['UPDATECHECK_FILENAME'], $GLOBALS['config']['UPDATECHECK_INTERVAL'], $GLOBALS['config']['ENABLE_UPDATECHECK'], isLoggedIn(), $GLOBALS['config']['UPDATECHECK_BRANCH']); $this->tpl->assign('newVersion', escape($version)); $this->tpl->assign('versionError', ''); } catch (Exception $exc) { logm($GLOBALS['config']['LOG_FILE'], $_SERVER['REMOTE_ADDR'], $exc->getMessage()); $this->tpl->assign('newVersion', ''); $this->tpl->assign('versionError', escape($exc->getMessage())); } $this->tpl->assign('feedurl', escape(index_url($_SERVER))); $searchcrits = ''; // Search criteria if (!empty($_GET['searchtags'])) { $searchcrits .= '&searchtags=' . urlencode($_GET['searchtags']); } if (!empty($_GET['searchterm'])) { $searchcrits .= '&searchterm=' . urlencode($_GET['searchterm']); } $this->tpl->assign('searchcrits', $searchcrits); $this->tpl->assign('source', index_url($_SERVER)); $this->tpl->assign('version', shaarli_version); $this->tpl->assign('scripturl', index_url($_SERVER)); $this->tpl->assign('pagetitle', 'Shaarli'); $this->tpl->assign('privateonly', !empty($_SESSION['privateonly'])); // Show only private links? if (!empty($GLOBALS['title'])) { $this->tpl->assign('pagetitle', $GLOBALS['title']); } if (!empty($GLOBALS['titleLink'])) { $this->tpl->assign('titleLink', $GLOBALS['titleLink']); } if (!empty($GLOBALS['pagetitle'])) { $this->tpl->assign('pagetitle', $GLOBALS['pagetitle']); } $this->tpl->assign('shaarlititle', empty($GLOBALS['title']) ? 'Shaarli' : $GLOBALS['title']); if (!empty($GLOBALS['plugin_errors'])) { $this->tpl->assign('plugin_errors', $GLOBALS['plugin_errors']); } }
function install() { // On free.fr host, make sure the /sessions directory exists, otherwise login will not work. if (endsWith($_SERVER['HTTP_HOST'], '.free.fr') && !is_dir($_SERVER['DOCUMENT_ROOT'] . '/sessions')) { mkdir($_SERVER['DOCUMENT_ROOT'] . '/sessions', 0705); } // This part makes sure sessions works correctly. // (Because on some hosts, session.save_path may not be set correctly, // or we may not have write access to it.) if (isset($_GET['test_session']) && (!isset($_SESSION) || !isset($_SESSION['session_tested']) || $_SESSION['session_tested'] != 'Working')) { // Step 2: Check if data in session is correct. echo '<pre>Sessions do not seem to work correctly on your server.<br>'; echo 'Make sure the variable session.save_path is set correctly in your php config, and that you have write access to it.<br>'; echo 'It currently points to ' . session_save_path() . '<br>'; echo 'Check that the hostname used to access Shaarli contains a dot. On some browsers, accessing your server via a hostname like \'localhost\' or any custom hostname without a dot causes cookie storage to fail. We recommend accessing your server via it\'s IP address or Fully Qualified Domain Name.<br>'; echo '<br><a href="?">Click to try again.</a></pre>'; die; } if (!isset($_SESSION['session_tested'])) { // Step 1 : Try to store data in session and reload page. $_SESSION['session_tested'] = 'Working'; // Try to set a variable in session. header('Location: ' . index_url($_SERVER) . '?test_session'); // Redirect to check stored data. } if (isset($_GET['test_session'])) { // Step 3: Sessions are OK. Remove test parameter from URL. header('Location: ' . index_url($_SERVER)); } if (!empty($_POST['setlogin']) && !empty($_POST['setpassword'])) { $tz = 'UTC'; if (!empty($_POST['continent']) && !empty($_POST['city']) && isTimeZoneValid($_POST['continent'], $_POST['city'])) { $tz = $_POST['continent'] . '/' . $_POST['city']; } $GLOBALS['timezone'] = $tz; // Everything is ok, let's create config file. $GLOBALS['login'] = $_POST['setlogin']; $GLOBALS['salt'] = sha1(uniqid('', true) . '_' . mt_rand()); // Salt renders rainbow-tables attacks useless. $GLOBALS['hash'] = sha1($_POST['setpassword'] . $GLOBALS['login'] . $GLOBALS['salt']); $GLOBALS['title'] = empty($_POST['title']) ? 'Shared links on ' . escape(index_url($_SERVER)) : $_POST['title']; $GLOBALS['config']['ENABLE_UPDATECHECK'] = !empty($_POST['updateCheck']); try { writeConfig($GLOBALS, isLoggedIn()); } catch (Exception $e) { error_log('ERROR while writing config file after installation.' . PHP_EOL . $e->getMessage()); // TODO: do not handle exceptions/errors in JS. echo '<script>alert("' . $e->getMessage() . '");document.location=\'?\';</script>'; exit; } echo '<script>alert("Shaarli is now configured. Please enter your login/password and start shaaring your links!");document.location=\'?do=login\';</script>'; exit; } // Display config form: list($timezone_form, $timezone_js) = generateTimeZoneForm(); $timezone_html = ''; if ($timezone_form != '') { $timezone_html = '<tr><td><b>Timezone:</b></td><td>' . $timezone_form . '</td></tr>'; } $PAGE = new PageBuilder(); $PAGE->assign('timezone_html', $timezone_html); $PAGE->assign('timezone_js', $timezone_js); $PAGE->renderPage('install'); exit; }
function index_site($url, $reindex, $maxlevel, $soption, $url_inc, $url_not_inc, $can_leave_domain) { global $mysql_table_prefix, $command_line, $mainurl, $tmp_urls, $domain_arr, $all_keywords; if (!isset($all_keywords)) { $result = mysql_query("select keyword_ID, keyword from " . $mysql_table_prefix . "keywords"); echo mysql_error(); while ($row = mysql_fetch_array($result)) { $all_keywords[addslashes($row[1])] = $row[0]; } } $compurl = parse_url($url); if ($compurl['path'] == '') { $url = $url . "/"; } $t = microtime(); $a = getenv("REMOTE_ADDR"); $sessid = md5($t . $a); $urlparts = parse_url($url); $domain = $urlparts['host']; if (isset($urlparts['port'])) { $port = (int) $urlparts['port']; } else { $port = 80; } $result = mysql_query("select site_id from " . $mysql_table_prefix . "sites where url='{$url}'"); echo mysql_error(); $row = mysql_fetch_row($result); $site_id = $row[0]; if ($site_id != "" && $reindex == 1) { mysql_query("insert into " . $mysql_table_prefix . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')"); echo mysql_error(); $result = mysql_query("select url, level from " . $mysql_table_prefix . "links where site_id = {$site_id}"); while ($row = mysql_fetch_array($result)) { $site_link = $row['url']; $link_level = $row['level']; if ($site_link != $url) { mysql_query("insert into " . $mysql_table_prefix . "temp (link, level, id) values ('{$site_link}', {$link_level}, '{$sessid}')"); } } $qry = "update " . $mysql_table_prefix . "sites set indexdate=now(), spider_depth = {$maxlevel}, required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain={$can_leave_domain} where site_id={$site_id}"; mysql_query($qry); echo mysql_error(); } else { if ($site_id == '') { mysql_query("insert into " . $mysql_table_prefix . "sites (url, indexdate, spider_depth, required, disallowed, can_leave_domain) " . "values ('{$url}', now(), {$maxlevel}, '{$url_inc}', '{$url_not_inc}', {$can_leave_domain})"); echo mysql_error(); $result = mysql_query("select site_ID from " . $mysql_table_prefix . "sites where url='{$url}'"); $row = mysql_fetch_row($result); $site_id = $row[0]; } else { mysql_query("update " . $mysql_table_prefix . "sites set indexdate=now(), spider_depth = {$maxlevel}, required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain={$can_leave_domain} where site_id={$site_id}"); echo mysql_error(); } } $result = mysql_query("select site_id, temp_id, level, count, num from " . $mysql_table_prefix . "pending where site_id='{$site_id}'"); echo mysql_error(); $row = mysql_fetch_row($result); $pending = $row[0]; $level = 0; $domain_arr = get_domains(); if ($pending == '') { mysql_query("insert into " . $mysql_table_prefix . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')"); echo mysql_error(); } else { if ($pending != '') { printStandardReport('continueSuspended', $command_line); mysql_query("select temp_id, level, count from " . $mysql_table_prefix . "pending where site_id='{$site_id}'"); echo mysql_error(); $sessid = $row[1]; $level = $row[2]; $pend_count = $row[3] + 1; $num = $row[4]; $pending = 1; $tmp_urls = get_temp_urls($sessid); } } if ($reindex != 1) { mysql_query("insert into " . $mysql_table_prefix . "pending (site_id, temp_id, level, count) values ('{$site_id}', '{$sessid}', '0', '0')"); echo mysql_error(); } $time = time(); $omit = check_robot_txt($url); printHeader($omit, $url, $command_line); $mainurl = $url; $num = 0; while ($level <= $maxlevel && $soption == 'level' || $soption == 'full') { if ($pending == 1) { $count = $pend_count; $pending = 0; } else { $count = 0; } $links = array(); $result = mysql_query("select distinct link from " . $mysql_table_prefix . "temp where level={$level} && id='{$sessid}' order by link"); echo mysql_error(); $rows = mysql_num_rows($result); if ($rows == 0) { break; } $i = 0; while ($row = mysql_fetch_array($result)) { $links[] = $row['link']; } reset($links); while ($count < count($links)) { $num++; $thislink = $links[$count]; $urlparts = parse_url($thislink); reset($omit); $forbidden = 0; foreach ($omit as $omiturl) { $omiturl = trim($omiturl); $omiturl_parts = parse_url($omiturl); if ($omiturl_parts['scheme'] == '') { $check_omit = $urlparts['host'] . $omiturl; } else { $check_omit = $omiturl; } if (strpos($thislink, $check_omit)) { printRobotsReport($num, $thislink, $command_line); check_for_removal($thislink); $forbidden = 1; break; } } if (!check_include($thislink, $url_inc, $url_not_inc)) { printUrlStringReport($num, $thislink, $command_line); check_for_removal($thislink); $forbidden = 1; } if ($forbidden == 0) { printRetrieving($num, $thislink, $command_line); $query = "select md5sum, indexdate from " . $mysql_table_prefix . "links where url='{$thislink}'"; $result = mysql_query($query); echo mysql_error(); $rows = mysql_num_rows($result); if ($rows == 0) { index_url($thislink, $level + 1, $site_id, '', $domain, '', $sessid, $can_leave_domain, $reindex); mysql_query("update " . $mysql_table_prefix . "pending set level = {$level}, count={$count}, num={$num} where site_id={$site_id}"); echo mysql_error(); } else { if ($rows != 0 && $reindex == 1) { $row = mysql_fetch_array($result); $md5sum = $row['md5sum']; $indexdate = $row['indexdate']; index_url($thislink, $level + 1, $site_id, $md5sum, $domain, $indexdate, $sessid, $can_leave_domain, $reindex); mysql_query("update " . $mysql_table_prefix . "pending set level = {$level}, count={$count}, num={$num} where site_id={$site_id}"); echo mysql_error(); } else { printStandardReport('inDatabase', $command_line); } } } $count++; } $level++; } mysql_query("delete from " . $mysql_table_prefix . "temp where id = '{$sessid}'"); echo mysql_error(); mysql_query("delete from " . $mysql_table_prefix . "pending where site_id = '{$site_id}'"); echo mysql_error(); printStandardReport('completed', $command_line); }
/** * If on the main page, remove "index.php" from the URL resource */ public function testRemoveIndex() { $this->assertEquals('http://host.tld/', index_url(array('HTTPS' => 'Off', 'SERVER_NAME' => 'host.tld', 'SERVER_PORT' => '80', 'SCRIPT_NAME' => '/index.php'))); $this->assertEquals('http://host.tld/admin/', index_url(array('HTTPS' => 'Off', 'SERVER_NAME' => 'host.tld', 'SERVER_PORT' => '80', 'SCRIPT_NAME' => '/admin/index.php'))); }
function index_site($url, $reindex, $maxlevel, $soption, $url_inc, $url_not_inc, $can_leave, $use_robot, $use_nofollow, $cl, $all, $use_pref) { global $db_con, $mysql_table_prefix, $command_line, $mainurl, $tmp_urls, $domain_arr, $all_keywords, $smp, $follow_sitemap; global $link_check, $smap_dir, $index_media, $clear, $create_sitemap, $tmp_dir, $domaincb; global $max_links, $realnum, $debug, $no_log, $dba_act, $add_auth, $interrupt, $index_media, $thumb_folder; if (!$can_leave) { $can_leave = $domaincb; } $can_leave_domain = $can_leave; $starttime = getmicrotime(); // start time to index this site $black = '0'; // will become counter for hits of blacklist $site_id = ''; $skip = ''; $smp = '0'; $omit = array(); $url = $db_con->real_escape_string(stripslashes($url)); if (strstr($interrupt, "-")) { // if indexer should not be interrupted periodically $interrupt = '999999'; // never } $int_count = $interrupt; // $int_count will be decreased by each indexed link until $int_count = 1 printStandardReport('starting', $command_line, $no_log); if (!isset($all_keywords)) { mysqltest(); $sql_query = "SELECT keyword_ID, keyword from " . $mysql_table_prefix . "keywords"; $result = $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } while ($row = $result->fetch_array(MYSQLI_NUM)) { $all_keywords[addslashes($row[1])] = $row[0]; } if ($clear == 1) { clean_resource($result, '06'); } } $url = convert_url($url); $compurl = parse_addr($url); if ($compurl['path'] == '') { $url = $url . "/"; } $t = microtime(); $a = getenv("REMOTE_ADDR"); $sessid = md5($t . $a); if ($url != '/') { // ignore dummies $urlparts = parse_addr($url); $domain = $urlparts['host']; if (isset($urlparts['port'])) { $port = (int) $urlparts['port']; } else { $port = 80; } if (strpos($url, "?")) { $url_bas = substr($url, 0, strpos($url, "?")); } else { $url_bas = $url; } mysqltest(); $sql_query = "SELECT * from " . $mysql_table_prefix . "sites where url like '{$url_bas}%'"; $result = $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } $row = $result->fetch_array(MYSQLI_NUM); $site_id = $row[0]; $authent = $row[2]; if ($add_auth && $authent) { // for sites with authentication we need to verify the value $url_status = url_status($url, $site_id, $sessid); $url_parts = parse_all_url($url); if ($url_status['state'] == 'ok' && $url_status['content'] == 'text') { if ($url_status['relocate']) { // if relocated, print message and redirect to new URL printRedirected($url_status['relocate'], $url_status['path'], $cl); if (strstr($url_status['path'], "//")) { // if redirected to absolute URL, use this for further usage $url = $url_status['path']; } else { $relo_url = str_replace($url_parts['query'], "", $url); // url without query $relo_url = substr($url, 0, strrpos($relo_url, "/") + 1); // url without file name if (strpos($url_status['path'], "./") === 0) { // if redirected relativ to same folder depth $url_status['path'] = str_replace("./", "", $url_status['path']); $url = "" . $relo_url . "" . $url_status['path'] . ""; } if (strpos($url_status['path'], "../") === 0) { // if redirected relativ and one folder up $url_status['path'] = str_replace("./", "", $url_status['path']); $relo_url = substr($url, 0, strpos($url_parts['path'])); // url without file name $relo_url = substr($url, 0, strrpos($relo_url, "/") + 1); // url without last folder $url = "" . $relo_url . "" . $url_status['path'] . ""; } } } // read file $contents = array(); $file = ''; $file = file_get_contents($url); if ($file === FALSE) { // we know another way to get the content $get_charset = ''; $contents = getFileContents($url, $get_charset); $file = $contents['file']; } // parse header only preg_match("@<head[^>]*>(.*?)<\\/head>@si", $file, $regs); $headdata = $regs[1]; // fetch the tag value preg_match("/<meta +name *=[\"']?Sphider-plus[\"']? *content=[\"'](.*?)[\"']/i", $headdata, $res); if (isset($res)) { if ($authent != $res[1]) { // invalid value in authentication tag $skip = '1'; printHeader($omit, $url, $command_line); printStandardReport('Skipped_03', $command_line, $no_log); } } else { // no authentication tag found in header $skip = '1'; printHeader($omit, $url, $command_line); printStandardReport('Skipped_02', $command_line, $no_log); } } else { $skip = '1'; printHeader($omit, $url, $command_line); printStandardReport('statError', $command_line, $no_log); } } if (!$skip) { if ($site_id != "" && $reindex == 1) { mysqltest(); $sql_query = "INSERT into " . $mysql_table_prefix . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')"; $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } $sql_query = "SELECT url, level from " . $mysql_table_prefix . "links where site_id = {$site_id}"; $result = $db_con->query($sql_query); while ($row = $result->fetch_array(MYSQLI_ASSOC)) { $site_link = $row['url']; $link_level = $row['level']; if ($site_link != $url) { $sql_query = "INSERT into " . $mysql_table_prefix . "temp (link, level, id) values ('{$site_link}', '{$link_level}', '{$sessid}')"; $db_con->query($sql_query); } } $sql_query = "UPDATE " . $mysql_table_prefix . "sites set indexdate=now(), spider_depth ='{$maxlevel}', required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain='{$can_leave}', use_prefcharset='{$use_pref}' where site_id='{$site_id}'"; mysqltest(); $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } } else { if ($site_id == '') { mysqltest(); $sql_query = "INSERT into " . $mysql_table_prefix . "sites (url, indexdate, spider_depth, required, disallowed, can_leave_domain, use_prefcharset) " . "values ('{$url}', now(), '{$maxlevel}', '{$url_inc}', '{$url_not_inc}', '{$can_leave_domain}', '{$use_pref}')"; $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } $sql_query = "SELECT site_ID from " . $mysql_table_prefix . "sites where url='{$url}'"; $result = $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } $row = $result->fetch_array(MYSQLI_NUM); $site_id = $row[0]; if ($clear == 1) { clean_resource($result, '09'); } } else { mysqltest(); $sql_query = "UPDATE " . $mysql_table_prefix . "sites set indexdate=now(), spider_depth ='{$maxlevel}', required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain='{$can_leave_domain}', use_prefcharset='{$use_pref}' where site_id='{$site_id}'"; $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } } } $pending = array(); mysqltest(); $sql_query = "SELECT site_id, temp_id, level, count, num from " . $mysql_table_prefix . "pending where site_id='{$site_id}'"; $result = $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } $row = $result->fetch_array(MYSQLI_NUM); $pending = $row[0]; $level = '0'; $count = '0'; if ($clear == 1) { clean_resource($result, '10'); } $domain_arr = get_domains(); if ($pending == '') { mysqltest(); $sql_query = "INSERT into " . $mysql_table_prefix . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')"; $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } } else { if ($pending != '') { printStandardReport('continueSuspended', $command_line, $no_log); mysqltest(); $pend_count = '0'; //$result = $db_con->query("SELECT temp_id, level, count from ".$mysql_table_prefix."pending where site_id='$site_id'"); $sql_query = "SELECT * from " . $mysql_table_prefix . "pending where site_id='{$site_id}'"; $result = $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } $row = $result->fetch_array(MYSQLI_NUM); if ($row) { $sessid = $row[1]; $level = $row[2]; $pend_count = $row[3] + 1; $num = $row[4]; $pending = 1; $tmp_urls = get_temp_urls($sessid); if ($clear == 1) { clean_resource($result, '11'); } } } } if ($pending != 1) { mysqltest(); $sql_query = "INSERT into " . $mysql_table_prefix . "pending (site_id, temp_id, level, count) values ('{$site_id}', '{$sessid}', '0', '0')"; $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } } $time = time(); $robots = "robots.txt"; // standardname of robots file if ($use_robot == '1') { $omit = check_robot_txt($url, $robots); } printHeader($omit, $url, $command_line); if ($link_check == 1) { printStandardReport('start_link_check', $command_line, $no_log); } if ($link_check == 0 && $reindex == 1) { printStandardReport('start_reindex', $command_line, $no_log); } if ($link_check == 0 && $reindex == 0) { printStandardReport('starting', $command_line, $no_log); } $mainurl = $url; $realnum = $num; $num = 0; while ($level <= $maxlevel && $soption == 'level' || $soption == 'full') { if ($pending == 1) { $count = $pend_count; $pending = 0; } else { $count = 0; } $links = array(); mysqltest(); $sql_query = "SELECT distinct link from " . $mysql_table_prefix . "temp where level={$level} && id='{$sessid}' order by link"; $result = $db_con->query($sql_query); $rows = $result->num_rows; if ($rows == 0) { break; } while ($row = $result->fetch_array(MYSQLI_ASSOC)) { $links[] = $row['link']; } // now loop through all available links(pages) while ($count < count($links)) { $num++; $realnum++; if ($realnum > $max_links) { // if max. links per page reached mysqltest(); $sql_query = "DELETE from " . $mysql_table_prefix . "temp where id = '{$sessid}'"; $db_con->query($sql_query); $sql_query = "DELETE from " . $mysql_table_prefix . "pending where site_id = '{$site_id}'"; $db_con->query($sql_query); printMaxLinks($max_links, $cl); printStandardReport('completed', $command_line, $no_log); return; } $thislink = $db_con->real_escape_string(stripslashes($links[$count])); $urlparts = parse_addr($thislink); $forbidden = 0; if (is_array($omit)) { // if valid robots.txt was found reset($omit); foreach ($omit as $omiturl) { $omiturl = trim($omiturl); $omiturl_parts = array(); $omiturl_parts = parse_addr($omiturl); if (@$omiturl_parts['scheme'] == '') { $check_omit = $urlparts['host'] . $omiturl; } else { $check_omit = $omiturl; } if (strpos($thislink, $check_omit)) { printRobotsReport($num, $thislink, $command_line); $realnum--; check_for_removal($thislink); $forbidden = 1; break; } } } if (!check_include($thislink, $url_inc, $url_not_inc)) { $realnum--; printUrlStringReport($num, $thislink, $command_line); //printUrlStringReport($realnum, $thislink, $command_line); check_for_removal($thislink); $forbidden = 1; } if ($forbidden == 0) { printRetrieving($num, stripslashes(rawurldecode($thislink)), $command_line); //printRetrieving($realnum, $thislink, $command_line); mysqltest(); $sql_query = "SELECT md5sum, indexdate from " . $mysql_table_prefix . "links where url='{$thislink}'"; $result = $db_con->query($sql_query); $rows = $result->num_rows; if ($rows == 0) { $url_status = index_url($thislink, $level + 1, $site_id, '', $domain, '', $sessid, $can_leave_domain, $reindex, $use_nofollow, $cl, $use_robot, $use_pref, $url_inc, $url_not_inc, $num); // check for touching the blacklist and its count against limit if ($url_status['black'] == "1") { $black++; if ($black > 20) { // limit until aborting the indexation of this site $url_status['aborted'] = "1"; $url_status['state'] = "<br /><br />Indexation aborted for this site, as it met too often the blacklist."; } } else { $black = 0; // reset counter, as should count only on continuous hits } // check for emergency exit if ($url_status['aborted'] == "1") { // delete all links from the temp table, which might be left for this site mysqltest(); $sql_query = "DELETE from " . $mysql_table_prefix . "temp where id = '{$sessid}'"; $db_con->query($sql_query); $sql_query = "DELETE from " . $mysql_table_prefix . "pending where site_id = '{$site_id}'"; $db_con->query($sql_query); $sql_query = "UPDATE " . $mysql_table_prefix . "sites set indexdate=now() where url = '{$url}'"; $db_con->query($sql_query); // end all loops $forbidden = '1'; $omit = ''; $reindex = ''; $count = '9999999999'; $pending = array(); if (!stristr($url_status['state'], "NOHOST") && !stristr($url_status['state'], "black")) { // NOHOST warning will be printed separately printWarning($url_status['state'], $command_line, $no_log); } } if (stristr($url_status['state'], "NOHOST")) { // delete all links from the temp table, which might be left for this site, etc mysqltest(); $sql_query = "DELETE from " . $mysql_table_prefix . "temp where id = '{$sessid}'"; $db_con->query($sql_query); $sql_query = "DELETE from " . $mysql_table_prefix . "pending where site_id = '{$site_id}'"; $db_con->query($sql_query); $sql_query = "UPDATE " . $mysql_table_prefix . "sites set indexdate=now() where url = '{$url}'"; $db_con->query($sql_query); // end all loops $forbidden = '1'; $omit = ''; $reindex = ''; $count = '9999999999'; $pending = array(); printWarning($url_status['state'], $command_line, $no_log); return; } // check for UFO file or invalid suffix (by redirected URL) if (stristr($url_status['state'], "ufo")) { //printWarning($url_status['state'],$command_line, $no_log); } if ($url_status['state'] != "ok") { printWarning($url_status['state'], $command_line, $no_log); } mysqltest(); $sql_query = "UPDATE " . $mysql_table_prefix . "pending set level ='{$level}', count='{$count}', num='{$realnum}' where site_id='{$site_id}'"; $db_con->query($sql_query); } else { if ($rows != 0 && $reindex == 1) { $row = $result->fetch_array(MYSQLI_ASSOC); $md5sum = $row['md5sum']; $indexdate = $row['indexdate']; if ($link_check == 1 && $reindex == 1) { link_check($thislink, $level + 1, $sessid, $can_leave_domain, $reindex, $site_id); } else { $url_status = index_url($thislink, $level + 1, $site_id, $md5sum, $domain, $indexdate, $sessid, $can_leave_domain, $reindex, $use_nofollow, $cl, $use_robot, $use_pref, $url_inc, $url_not_inc, $num); // check for emergency exit if ($url_status['aborted']) { // delete all links from the temp table, which might be left for this site mysqltest(); $sql_query = "DELETE from " . $mysql_table_prefix . "temp where id = '{$sessid}'"; $db_con->query($sql_query); // end all loops $forbidden = '1'; $omit = ''; $reindex = ''; $count = '9999999999'; $pending = array(); printWarning($url_status['state'], $command_line, $no_log); } } } else { printStandardReport('inDatabase', $command_line, $no_log); $realnum--; //$num--; } } if ($rows != 0) { mysqltest(); $sql_query = "UPDATE " . $mysql_table_prefix . "pending set level ='{$level}', count='{$count}', num='{$realnum}' where site_id='{$site_id}'"; $db_con->query($sql_query); } if ($clear == 1) { clean_resource($result, '13'); } } // check for interrupt counter if ($int_count == '1') { // interrupt the index procedure until interactive resume $sql_query = "UPDATE " . $mysql_table_prefix . "pending set level ='{$level}', count='{$count}', num='{$realnum}' where site_id='{$site_id}'"; $db_con->query($sql_query); printInterrupt($interrupt, $url, $cl); die; } $count++; $int_count--; } $level++; } } mysqltest(); $sql_query = "DELETE from " . $mysql_table_prefix . "temp where id = '{$sessid}'"; $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } $sql_query = "DELETE from " . $mysql_table_prefix . "pending where site_id = '{$site_id}'"; $db_con->query($sql_query); if ($debug && $db_con->errno) { $err_row = __LINE__ - 2; printf("<p><span class='red'> MySQL failure: %s \n<br /></span></p>", $db_con->error); if (__FUNCTION__) { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} in function(): " . __FUNCTION__ . " <br /></span></p>"); } else { printf("<p><span class='red'> Found in script: " . __FILE__ . " row: {$err_row} <br /></span></p>"); } printf("<p><span class='red'> Script execution aborted. <br /></span>"); printf("<p><strong>Invalid query string, which caused the SQL error:</strong></p>"); echo "<p> {$sql_query} </p>"; exit; } if ($create_sitemap == 1) { create_sitemap($site_id, $url); } printStandardReport('completed', $command_line, $no_log); $stats = get_Stats(); printDatabase($stats, $cl); } if ($index_media) { // delete all thumbnails in .../admin/tmp/thumbs/ folder clear_folder("." . $thumb_folder); } }
/** * Returns the absolute URL of the current script, with the query * * If the resource is "index.php", then it is removed (for better-looking URLs) * * @param array $server the $_SERVER array * * @return string the absolute URL of the current script, with the query */ function page_url($server) { if (!empty($server['QUERY_STRING'])) { return index_url($server) . '?' . $server['QUERY_STRING']; } return index_url($server); }
function index_site($url, $reindex, $maxlevel, $soption, $url_inc, $url_not_inc, $can_leave_domain, $use_robot) { global $command_line, $mainurl, $tmp_urls, $domain_arr, $all_keywords, $smp, $realnum; printStandardReport('starting', $command_line); $smp = '0'; if (!isset($all_keywords)) { $result = mysql_query("select keyword_ID, keyword from " . TABLE_PREFIX . "keywords"); if (DEBUG > '0') { echo mysql_error(); } while ($row = mysql_fetch_array($result)) { $all_keywords[addslashes($row[1])] = $row[0]; } clean_resource($result); } $compurl = parse_url($url); if (isset($compurl['path']) && $compurl['path'] == '') { $url = $url . "/"; } $t = microtime(); $a = getenv("REMOTE_ADDR"); $sessid = md5($t . $a); if ($url != '/') { // ignore dummies $urlparts = parse_url($url); $domain = $urlparts['host']; if (isset($urlparts['port'])) { $port = (int) $urlparts['port']; } else { $port = 80; } $result = mysql_query("select site_id from " . TABLE_PREFIX . "sites where url='{$url}'"); if (DEBUG > '0') { echo mysql_error(); } $row = mysql_fetch_row($result); $site_id = $row[0]; clean_resource($result); if ($site_id != "" && $reindex == 1) { mysql_query("insert into " . TABLE_PREFIX . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')"); if (DEBUG > '0') { echo mysql_error(); } $result = mysql_query("select url, level from " . TABLE_PREFIX . "links where site_id = {$site_id}"); while ($row = mysql_fetch_array($result)) { $site_link = $row['url']; $link_level = $row['level']; if ($site_link != $url) { mysql_query("insert into " . TABLE_PREFIX . "temp (link, level, id) values ('{$site_link}', {$link_level}, '{$sessid}')"); } } clean_resource($result); $qry = "update " . TABLE_PREFIX . "sites set indexdate=now(), spider_depth = {$maxlevel}, required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain={$can_leave_domain} where site_id={$site_id}"; mysql_query($qry); if (DEBUG > '0') { echo mysql_error(); } } else { if ($site_id == '') { mysql_query("insert into " . TABLE_PREFIX . "sites (url, indexdate, spider_depth, required, disallowed, can_leave_domain) " . "values ('{$url}', now(), {$maxlevel}, '{$url_inc}', '{$url_not_inc}', {$can_leave_domain})"); if (DEBUG > '0') { echo mysql_error(); } $result = mysql_query("select site_ID from " . TABLE_PREFIX . "sites where url='{$url}'"); $row = mysql_fetch_row($result); $site_id = $row[0]; clean_resource($result); } else { mysql_query("update " . TABLE_PREFIX . "sites set indexdate=now(), spider_depth = {$maxlevel}, required = '{$url_inc}'," . "disallowed = '{$url_not_inc}', can_leave_domain={$can_leave_domain} where site_id={$site_id}"); if (DEBUG > '0') { echo mysql_error(); } } } $result = mysql_query("select site_id, temp_id, level, count, num from " . TABLE_PREFIX . "pending where site_id='{$site_id}'"); if (DEBUG > '0') { echo mysql_error(); } $row = mysql_fetch_row($result); $pending = $row[0]; $level = 0; clean_resource($result); $domain_arr = get_domains(); if ($pending == '') { mysql_query("insert into " . TABLE_PREFIX . "temp (link, level, id) values ('{$url}', 0, '{$sessid}')"); if (DEBUG > '0') { echo mysql_error(); } } else { if ($pending != '') { printStandardReport('continueSuspended', $command_line); $result = mysql_query("select temp_id, level, count from " . TABLE_PREFIX . "pending where site_id='{$site_id}'"); if (DEBUG > '0') { echo mysql_error(); } $row = mysql_fetch_row($result); $sessid = $row[1]; $level = $row[2]; $pend_count = $row[3] + 1; $num = $row[4]; $pending = 1; $tmp_urls = get_temp_urls($sessid); clean_resource($result); } } if ($reindex != 1) { mysql_query("insert into " . TABLE_PREFIX . "pending (site_id, temp_id, level, count) values ('{$site_id}', '{$sessid}', '0', '0')"); if (DEBUG > '0') { echo mysql_error(); } } $time = time(); $robots = "robots.txt"; // standardname of file if ($use_robot != '1') { $robots = "no_robots.txt"; // Sphider never will find this file and ignore the contents of robots.txt } $omit = check_robot_txt($url, $robots); printHeader($omit, $url, $command_line); if (Configure::read('link_check') == 1) { printStandardReport('start_link_check', $command_line); } if (Configure::read('link_check') == 0 && $reindex == 1) { printStandardReport('start_reindex', $command_line); } if (Configure::read('link_check') == 0 && $reindex == 0) { printStandardReport('starting', $command_line); } $mainurl = $url; $realnum = 0; while ($level <= $maxlevel && $soption == 'level' || $soption == 'full') { if ($pending == 1) { $count = $pend_count; $pending = 0; } else { $count = 0; } $links = array(); $result = mysql_query("select distinct link from " . TABLE_PREFIX . "temp where level={$level} && id='{$sessid}' order by link"); if (DEBUG > '0') { echo mysql_error(); } $rows = mysql_num_rows($result); if ($rows == 0) { break; } $i = 0; while ($row = mysql_fetch_array($result)) { $links[] = $row['link']; } clean_resource($result); reset($links); $num = 0; while ($count < count($links)) { $num++; $realnum++; if ($realnum > Configure::read('max_links') + 1) { // if max. links per page reached mysql_query("delete from " . TABLE_PREFIX . "temp"); if (DEBUG > '0') { echo mysql_error(); } mysql_query("delete from " . TABLE_PREFIX . "pending"); if (DEBUG > '0') { echo mysql_error(); } printMaxLinks(Configure::read('max_links')); printStandardReport('completed', $command_line); return; } $thislink = $links[$count]; $urlparts = parse_url($thislink); reset($omit); $forbidden = 0; foreach ($omit as $omiturl) { $omiturl = trim($omiturl); $omiturl_parts = parse_url($omiturl); if ($omiturl_parts['scheme'] == '') { $check_omit = $urlparts['host'] . $omiturl; } else { $check_omit = $omiturl; } if (strpos($thislink, $check_omit)) { printRobotsReport($num, $thislink, $command_line); $realnum--; check_for_removal($thislink); $forbidden = 1; break; } } if (!check_include($thislink, $url_inc, $url_not_inc)) { printUrlStringReport($num, $thislink, $command_line); check_for_removal($thislink); $forbidden = 1; } if ($forbidden == 0) { printRetrieving($num, $thislink, $command_line); $query = "select md5sum, indexdate from " . TABLE_PREFIX . "links where url='{$thislink}'"; $result = mysql_query($query); if (DEBUG > '0') { echo mysql_error(); } $rows = mysql_num_rows($result); if ($rows == 0) { index_url($thislink, $level + 1, $site_id, '', $domain, '', $sessid, $can_leave_domain, $reindex); mysql_query("update " . TABLE_PREFIX . "pending set level = {$level}, count={$count}, num={$num} where site_id={$site_id}"); if (DEBUG > '0') { echo mysql_error(); } } else { if ($rows != 0 && $reindex == 1) { $row = mysql_fetch_array($result); $md5sum = $row['md5sum']; $indexdate = $row['indexdate']; if (Configure::read('link_check') == 1 && $reindex == 1) { link_check($thislink, $level + 1, $sessid, $can_leave_domain, $reindex); } else { index_url($thislink, $level + 1, $site_id, $md5sum, $domain, $indexdate, $sessid, $can_leave_domain, $reindex); } mysql_query("update " . TABLE_PREFIX . "pending set level = {$level}, count={$count}, num={$num} where site_id={$site_id}"); if (DEBUG > '0') { echo mysql_error(); } } else { printStandardReport('inDatabase', $command_line); $realnum--; } } clean_resource($result); } $count++; } $level++; } mysql_query("delete from " . TABLE_PREFIX . "temp where id = '{$sessid}'"); if (DEBUG > '0') { echo mysql_error(); } mysql_query("delete from " . TABLE_PREFIX . "pending where site_id = '{$site_id}'"); if (DEBUG > '0') { echo mysql_error(); } create_sitemap($site_id, $url); printStandardReport('completed', $command_line); $stats = get_Stats(); $stats_sites = $stats['sites']; $stats_links = $stats['links']; $stats_categories = $stats['categories']; $stats_keywords = $stats['keywords']; printDatabase($stats_sites, $stats_links, $stats_categories, $stats_keywords); } }
public function actionEdit() { global $sourceFolder, $ICONS; //require_once("$sourceFolder/diff.lib.php"); require_once $sourceFolder . "/upload.lib.php"; if (isset($_GET['deldraft'])) { $dno = escape($_GET['dno']); $query = "DELETE FROM `article_draft` WHERE `page_modulecomponentid`='" . $this->moduleComponentId . "' AND `draft_number`=" . $dno; $result = mysql_query($query) or die(mysql_error()); } global $ICONS; $header = <<<HEADER \t\t<fieldset><legend><a name='topquicklinks'>Quicklinks</a></legend> \t\t<table class='iconspanel'> \t\t<tr> \t\t<td><a href='#editor'><div>{$ICONS['Edit Page']['large']}<br/>Edit Page</div></a></td> \t\t<td><a href='#files'><div>{$ICONS['Uploaded Files']['large']}<br/>Manage Uploaded Files</div></a></td> \t\t<td><a href='#drafts'><div>{$ICONS['Drafts']['large']}<br/>Saved Drafts</div></a></td> \t\t<td><a href='#revisions'><div>{$ICONS['Page Revisions']['large']}<br/>Page Revisions</div></a></td> \t\t<td><a href='#comments'><div>{$ICONS['Page Comments']['large']}<br/>Page Comments</div></a></td> \t\t</tr> \t\t</table> \t \t\t</fieldset><br/><br/> HEADER; submitFileUploadForm($this->moduleComponentId, "article", $this->userId, UPLOAD_SIZE_LIMIT); if (isset($_GET['delComment']) && $this->userId == 1) { mysql_query("DELETE FROM `article_comments` WHERE `comment_id` = '" . escape($_GET['delComment']) . "'"); if (mysql_affected_rows()) { displayinfo("Comment deleted!"); } else { displayerror("Error in deleting comment"); } } if (isset($_GET['preview']) && isset($_POST['CKEditor1'])) { return "<div id=\"preview\" class=\"warning\"><a name=\"preview\">Preview</a></div>" . $this->actionView(stripslashes($_POST[CKEditor1])) . $this->getCkBody(stripslashes($_POST[CKEditor1])); } if (isset($_GET['version'])) { $revision = $this->getRevision($_GET['version']); return "<div id=\"preview\" class=\"warning\"><a name=\"preview\">Previewing Revision Number " . $_GET['version'] . "</a></div>" . $this->actionView($revision) . $this->getCkBody($revision); } if (isset($_GET['dversion'])) { $draft = $this->getDraft($_GET['dversion']); displayinfo("Viewing Draft number " . $_GET['dversion']); return $header . $this->getCkBody($draft); } if (isset($_POST['CKEditor1'])) { /*Save the diff :-*/ $query = "SELECT article_content FROM article_content WHERE page_modulecomponentid='" . $this->moduleComponentId . "'"; $result = mysql_query($query); $row = mysql_fetch_assoc($result); $diff = mysql_escape_string($this->diff($_POST['CKEditor1'], $row['article_content'])); $query = "SELECT MAX(article_revision) AS MAX FROM `article_contentbak` WHERE page_modulecomponentid ='" . $this->moduleComponentId . "'"; $result = mysql_query($query); if (!$result) { displayerror(mysql_error() . "article.lib L:44"); return; } if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $revId = $row['MAX'] + 1; } else { $revId = 1; } $query = "INSERT INTO `article_contentbak` (`page_modulecomponentid` ,`article_revision` ,`article_diff`,`user_id`)\nVALUES ('{$this->moduleComponentId}', '{$revId}','{$diff}','{$this->userId}')"; $result = mysql_query($query); if (!$result) { displayerror(mysql_error() . "article.lib L:44"); return; } /*Save the diff end.*/ $query = "UPDATE `article_content` SET `article_content` = '" . escape($_POST["CKEditor1"]) . "' WHERE `page_modulecomponentid` ='{$this->moduleComponentId}' "; $result = mysql_query($query); if (mysql_affected_rows() < 0) { displayerror("Unable to update the article content"); } else { /* Index the page by sphider */ $page = replaceAction(selfURI(), "edit", "view"); global $sourceFolder, $moduleFolder; require_once "{$sourceFolder}/{$moduleFolder}/search/admin/spider.php"; index_url($page, 0, 0, '', 0, 0, 1); } /* Update the choice of editor*/ if (isset($_POST['editor'])) { $editor = escape($_POST['editor']); $query = "UPDATE `article_content` SET `default_editor` = '" . $editor . "' WHERE `page_modulecomponentid` ='{$this->moduleComponentId}' "; $result = mysql_query($query); if (mysql_affected_rows() < 0) { displayerror("Unable to update the article Editor"); } } return $this->actionView(); } $fulleditpage = $this->getCkBody(); $commentsedit = "<fieldset><legend><a name='comments'>{$ICONS['Page Comments']['small']}Comments</a></legend>"; if ($this->isCommentsEnabled()) { $comments = mysql_query("SELECT `comment_id`,`user`,`timestamp`,`comment` FROM `article_comments` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' ORDER BY `timestamp`"); if (mysql_num_rows($comments) == 0) { $commentsedit .= "No comments have been posted !"; } while ($row = mysql_fetch_array($comments)) { $commentsedit .= $this->renderComment($row['comment_id'], $row['user'], $row['timestamp'], $row['comment'], 1); } } else { $commentsedit .= "Comments are disabled for this page! You can allow comments from <a href='./+settings'>pagesettings</a>."; } $commentsedit .= "</fieldset>"; $top = "<a href='#topquicklinks'>Top</a>"; $fulleditpage .= $commentsedit . $top; return $header . $fulleditpage; }
/** * Initialize all default tpl tags. */ private function initialize() { $this->tpl = new RainTPL(); $this->tpl->assign('newversion', escape(checkUpdate())); $this->tpl->assign('feedurl', escape(index_url($_SERVER))); $searchcrits = ''; // Search criteria if (!empty($_GET['searchtags'])) { $searchcrits .= '&searchtags=' . urlencode($_GET['searchtags']); } elseif (!empty($_GET['searchterm'])) { $searchcrits .= '&searchterm=' . urlencode($_GET['searchterm']); } $this->tpl->assign('searchcrits', $searchcrits); $this->tpl->assign('source', index_url($_SERVER)); $this->tpl->assign('version', shaarli_version); $this->tpl->assign('scripturl', index_url($_SERVER)); $this->tpl->assign('pagetitle', 'Shaarli'); $this->tpl->assign('privateonly', !empty($_SESSION['privateonly'])); // Show only private links? if (!empty($GLOBALS['title'])) { $this->tpl->assign('pagetitle', $GLOBALS['title']); } if (!empty($GLOBALS['titleLink'])) { $this->tpl->assign('titleLink', $GLOBALS['titleLink']); } if (!empty($GLOBALS['pagetitle'])) { $this->tpl->assign('pagetitle', $GLOBALS['pagetitle']); } $this->tpl->assign('shaarlititle', empty($GLOBALS['title']) ? 'Shaarli' : $GLOBALS['title']); if (!empty($GLOBALS['plugins']['errors'])) { $this->tpl->assign('plugin_errors', $GLOBALS['plugins']['errors']); } }
/** * Build data for feed templates. * * @return array Formatted data for feeds templates. */ public function buildData() { // Optionally filter the results: $linksToDisplay = $this->linkDB->filterSearch($this->userInput); $nblinksToDisplay = $this->getNbLinks(count($linksToDisplay)); // Can't use array_keys() because $link is a LinkDB instance and not a real array. $keys = array(); foreach ($linksToDisplay as $key => $value) { $keys[] = $key; } $pageaddr = escape(index_url($this->serverInfo)); $linkDisplayed = array(); for ($i = 0; $i < $nblinksToDisplay && $i < count($keys); $i++) { $linkDisplayed[$keys[$i]] = $this->buildItem($linksToDisplay[$keys[$i]], $pageaddr); } $data['language'] = $this->getTypeLanguage(); $data['pubsubhub_url'] = $this->pubsubhubUrl; $data['last_update'] = $this->getLatestDateFormatted(); $data['show_dates'] = !$this->hideDates || $this->isLoggedIn; // Remove leading slash from REQUEST_URI. $data['self_link'] = $pageaddr . escape(ltrim($this->serverInfo['REQUEST_URI'], '/')); $data['index_url'] = $pageaddr; $data['usepermalinks'] = $this->usePermalinks === true; $data['links'] = $linkDisplayed; return $data; }