if (isGET('login')) {
if (checkBot() && check('password') && login(cleanMagic($_POST['password']))) {
session_regenerate_id(true);
home();
} else {
$out['title'] = $lang['login'];
$out['content'] .= '<form action="./auth.php?login" method="post">
<p>' . password('password') . '</p>
<p>' . submitSafe($lang['confirm']) . '</p>
</form>';
}
} else {
if (isGET('logout') && isAdmin()) {
$_SESSION['role'] = '';
home();
} else {
if (isGET('test') && isAdmin()) {
$out['title'] = $lang['login'];
$out['content'] .= '<form action="./auth.php?test" method="post">
<p>' . password('password') . '</p>
<p>' . submitAdmin($lang['confirm']) . '</p>
</form>';
if (check('password')) {
$out['content'] .= box(hide(cleanMagic($_POST['password'])));
}
} else {
home();
}
}
}
require './templates/page.php';
<?php
$out = array();
require 'header.php';
if (isGET('draft') && isAdmin() && isValidEntry('drafts', GET('draft'))) {
$draft = GET('draft');
if (check('title') && check('content') && check('id')) {
$post = newEntry(cleanMagic($_POST['id']));
$postEntry['title'] = clean(cleanMagic($_POST['title']));
$postEntry['content'] = cleanMagic($_POST['content']);
$postEntry['locked'] = $_POST['locked'] === 'yes';
$addedTags = $_POST['tags'] ? $_POST['tags'] : array();
$postEntry['tags'] = $addedTags;
saveEntry('posts', $post, $postEntry);
foreach ($addedTags as $tag) {
$tagEntry = readEntry('tags', $tag);
$tagEntry['posts'][$post] = $post;
saveEntry('tags', $tag, $tagEntry);
}
deleteEntry('drafts', $draft);
redirect('view.php?post=' . $post);
} else {
$draftEntry = readEntry('drafts', $draft);
$tagOptions = array();
foreach (listEntry('tags') as $tag) {
$tagEntry = readEntry('tags', $tag);
$tagOptions[$tag] = $tagEntry['name'];
}
$out['title'] = $lang['publishPost'] . ': ' . $draftEntry['title'];
$out['content'] .= '<form action="./publish.php?draft=' . $draft . '" method="post">
<p>' . text('title', $draftEntry['title']) . '</p>
foreach ($tags as $tag) {
$tagEntry = readEntry('tags', $tag);
$tagName = $tagEntry['name'];
$cats .= "<category term=\"{$tagName}\"/>";
}
return '
<entry>
<title>' . $title . '</title>
<link href="' . $url . '"/>
<id>' . $url . '</id>
<updated>' . $date . '</updated>
' . $cats . '
<content type="html">' . str_replace('<', '<', str_replace('&', '&', str_replace('<br />', '<br>', $content))) . '</content>
</entry>';
}
if (isGET('comments')) {
$out['title'] = $lang['comments'];
$out['type'] = 'comments';
$items = listEntry('comments');
rsort($items);
$items = array_slice($items, 0, 100);
if ($items) {
foreach ($items as $item) {
$itemData = readEntry('comments', $item);
$parentData = readEntry('posts', $itemData['post']);
$title = clean($itemData['commenter'] . $lang['commented'] . $parentData['title']);
$url = $out['baseURL'] . 'view.php?post=' . $itemData['post'] . '/pages/' . pageOf($item, $parentData['comments']) . '#' . $item;
$out['content'] .= getFeedEntry($title, $url, toDate($item, 'c'), content($itemData['content']));
}
}
} else {
$link = './view.php?post=' . $commentEntry['post'] . '/pages/' . $pageOf . '#' . $comment;
$out['content'] .= '<div class="comment">
<div class="title"><a href="' . $link . '">' . $title . manageComment($comment) . '</a></div>
<div class="date">' . toDate($comment) . '</div>
<div class="content">' . content($commentEntry['content']) . '</div>
</div>';
}
$out['content'] .= '</div>';
}
$out['content'] .= paging($page, $pages, './index.php?comments=all');
} else {
if (isGET('404')) {
$out['title'] = 'HTTP 404';
$out['content'] .= '<p>' . $lang['notFound'] . '</p>';
} else {
$is_posts = isGET('posts');
$out['title'] = $lang['posts'];
$out['titleHtml'] = '';
$posts = listEntry('posts');
if ($is_posts) {
sort($posts);
} else {
rsort($posts);
}
$pages = pages($posts);
$page = page($pages);
if ($posts) {
$first = true;
foreach (pageItems($posts, $page) as $post) {
$postEntry = readEntry('posts', $post);
if (!$is_posts && !$first) {
function isGETPOST($key)
{
return isPOST($key) && isGET($key);
}
home();
} else {
if (isGET('comment') && (isAdmin() || isAuthor(GET('comment')))) {
$comment = GET('comment');
$commentEntry = readEntry('comments', $comment);
deleteEntry('comments', $comment);
$postEntry = readEntry('posts', $commentEntry['post']);
unset($postEntry['comments'][$comment]);
saveEntry('posts', $commentEntry['post'], $postEntry);
redirect('view.php?post=' . $commentEntry['post'] . '#comments');
} else {
if (isGET('link') && isAdmin()) {
deleteEntry('links', GET('link'));
home();
} else {
if (isGET('tag') && isAdmin()) {
$tag = GET('tag');
$tagEntry = readEntry('tags', $tag);
deleteEntry('tags', $tag);
foreach ($tagEntry['posts'] as $post) {
$postEntry = readEntry('posts', $post);
$postEntry['tags'] = array_diff($postEntry['tags'], array($tag));
saveEntry('posts', $post, $postEntry);
}
home();
} else {
home();
}
}
}
}
$linkEntry = readEntry('links', $link);
if (check('name') && check('url')) {
$linkEntry['name'] = clean(cleanMagic($_POST['name']));
$linkEntry['url'] = clean(cleanMagic($_POST['url']));
saveEntry('links', $link, $linkEntry);
home();
} else {
$out['title'] = $lang['editLink'] . ': ' . $linkEntry['name'];
$out['content'] .= '<form action="./edit.php?link=' . $link . '" method="post">
<p>' . text('name', $linkEntry['name']) . '</p>
<p>' . text('url', $linkEntry['url']) . '</p>
<p>' . submitAdmin($lang['confirm']) . '</p>
</form>';
}
} else {
if (isGET('tag') && isAdmin() && isValidEntry('tags', GET('tag'))) {
$tagEntry = readEntry('tags', GET('tag'));
if (check('name')) {
$tagEntry['name'] = clean(cleanMagic($_POST['name']));
saveEntry('tags', GET('tag'), $tagEntry);
home();
} else {
$out['title'] = $lang['editTag'] . ': ' . $tagEntry['name'];
$out['content'] .= '<form action="./edit.php?tag=' . GET('tag') . '" method="post">
<p>' . text('name', $tagEntry['name']) . '</p>
<p>' . submitAdmin($lang['confirm']) . '</p>
</form>';
}
} else {
home();
}
function page($pages)
{
return isGET('pages') && GET('pages') >= 1 && GET('pages') <= $pages ? (int) GET('pages') : 1;
}
}
break;
//Think this is not used anyway
//Think this is not used anyway
case 'ipaddress':
if (isGET()) {
$rval = array("ip" => $_SERVER['SERVER_ADDR']);
jsonOut(json_encode($rval));
} else {
badReq('GET only');
}
break;
//TODO implement post to set identity
//TODO implement post to set identity
case 'identify':
if (isGET()) {
$sysinfo = loadJSON('/system/sysinfo', array("name" => "Not Named", "location" => "Not Set"));
jsonOut(json_encode($sysinfo));
} else {
badReq('GET only');
}
break;
case 'reset':
if (isPOST()) {
array_map('unlink', glob("../data/appdata/*.json"));
array_map('unlink', glob("../data/messages/*.json"));
array_map('unlink', glob("../data/*.json"));
jsonOut(json_encode(array("cool" => "beans")));
} else {
badReq('POST only');
}
</div>';
} else {
if (isGET('tag') && isValidEntry('tags', GET('tag'))) {
$tagEntry = readEntry('tags', GET('tag'));
$out['title'] = $tagEntry['name'];
$out['titleHtml'] .= '<h1>' . $out['title'] . manageTag(GET('tag')) . '</h1>';
$out['content'] .= '';
if ($tagEntry['posts']) {
foreach ($tagEntry['posts'] as $post) {
$postEntry = readEntry('posts', $post);
$title = $postEntry['title'];
$out['content'] .= '<p><a href="./view.php?post=' . $post . '">' . $title . '</a>' . managePost($post) . ' — ' . toDate($post) . '</p>';
}
}
} else {
if (isGET('archive') && strlen(GET('archive')) === 7) {
$archivedPosts = array();
foreach (listEntry('posts') as $post) {
if (GET('archive') === substr($post, 0, 7)) {
$archivedPosts[] = $post;
}
}
if (!$archivedPosts) {
redirect('index.php?404');
} else {
$out['title'] = date('M Y', strtotime(GET('archive')));
$out['content'] .= '';
foreach ($archivedPosts as $post) {
$postEntry = readEntry('posts', $post);
$title = $postEntry['title'];
$out['content'] .= '<p><a href="./view.php?post=' . $post . '">' . $title . '</a>' . managePost($post) . ' — ' . toDate($post) . '</p>';