if (isGET('login')) { if (checkBot() && check('password') && login(cleanMagic($_POST['password']))) { session_regenerate_id(true); home(); } else { $out['title'] = $lang['login']; $out['content'] .= '<form action="./auth.php?login" method="post"> <p>' . password('password') . '</p> <p>' . submitSafe($lang['confirm']) . '</p> </form>'; } } else { if (isGET('logout') && isAdmin()) { $_SESSION['role'] = ''; home(); } else { if (isGET('test') && isAdmin()) { $out['title'] = $lang['login']; $out['content'] .= '<form action="./auth.php?test" method="post"> <p>' . password('password') . '</p> <p>' . submitAdmin($lang['confirm']) . '</p> </form>'; if (check('password')) { $out['content'] .= box(hide(cleanMagic($_POST['password']))); } } else { home(); } } } require './templates/page.php';
$linkEntry['url'] = clean(cleanMagic($_POST['url'])); saveEntry('links', $link, $linkEntry); home(); } else { $out['title'] = $lang['editLink'] . ': ' . $linkEntry['name']; $out['content'] .= '<form action="./edit.php?link=' . $link . '" method="post"> <p>' . text('name', $linkEntry['name']) . '</p> <p>' . text('url', $linkEntry['url']) . '</p> <p>' . submitAdmin($lang['confirm']) . '</p> </form>'; } } else { if (isGET('tag') && isAdmin() && isValidEntry('tags', GET('tag'))) { $tagEntry = readEntry('tags', GET('tag')); if (check('name')) { $tagEntry['name'] = clean(cleanMagic($_POST['name'])); saveEntry('tags', GET('tag'), $tagEntry); home(); } else { $out['title'] = $lang['editTag'] . ': ' . $tagEntry['name']; $out['content'] .= '<form action="./edit.php?tag=' . GET('tag') . '" method="post"> <p>' . text('name', $tagEntry['name']) . '</p> <p>' . submitAdmin($lang['confirm']) . '</p> </form>'; } } else { home(); } } } }
$postEntry['tags'] = $addedTags; saveEntry('posts', $post, $postEntry); foreach ($addedTags as $tag) { $tagEntry = readEntry('tags', $tag); $tagEntry['posts'][$post] = $post; saveEntry('tags', $tag, $tagEntry); } deleteEntry('drafts', $draft); redirect('view.php?post=' . $post); } else { $draftEntry = readEntry('drafts', $draft); $tagOptions = array(); foreach (listEntry('tags') as $tag) { $tagEntry = readEntry('tags', $tag); $tagOptions[$tag] = $tagEntry['name']; } $out['title'] = $lang['publishPost'] . ': ' . $draftEntry['title']; $out['content'] .= '<form action="./publish.php?draft=' . $draft . '" method="post"> <p>' . text('title', $draftEntry['title']) . '</p> <p>' . text('id', substr($draft, 20)) . '</p> <p>' . textarea('content', clean($draftEntry['content'])) . '</p> <p>' . select('locked', array('yes' => $lang['yes'], 'no' => $lang['no']), $postEntry['locked'] ? 'yes' : 'no') . '</p> <p>' . multiselect('tags', $tagOptions, $postEntry['tags']) . '</p> <p>' . submitAdmin($lang['confirm']) . '</p> </form>'; $out['content'] .= isPOST('content') ? box(cleanMagic($_POST['content'])) : ''; } } else { home(); } require 'templates/page.php';
function checkBot() { global $lang; if (!isPOST('captcha')) { return false; } if (isset($_SESSION['captcha']) && cleanMagic($_POST['captcha']) === $_SESSION['captcha']) { return true; } message($lang['errorBot'] . ' "' . cleanMagic($_POST['captcha']) . '" needed "' . $_SESSION['captcha'] . '"'); return false; }