$myPdo->exec('USE ' . $dbname); $myPdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { echo $e->getMessage(); } $action = MiscUtils::getParam('action', NULL); try { switch ($action) { case 'visitors': visitors($myPdo); break; case 'followUp': followUp($myPdo); break; case 'processing': processing($myPdo); break; case 'statAdvanced': statAdvanced($myPdo); break; case 'statBasic': statBasic($myPdo); break; case 'home': home($myPdo); break; case 'statistics': statistics($myPdo); break; case 'performanceAttitude': performanceAttitude($myPdo);
$req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&{$key}={$value}"; } $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $mode = $paymod_data['MODULE_PAYMENT_PAYPAL_TESTMODE']; //MODULE_PAYMENT_PAYPAL_TESTMODE; if ($mode == 'test') { $fp = fsockopen('www.sandbox.paypal.com', 80, $errno, $errstr, 30); } else { $fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30); } if (!$fp) { // HTTP ERROR die("Error"); } else { fputs($fp, $header . $req); while (!feof($fp)) { $res = fgets($fp, 1024); if (strcmp($res, "VERIFIED") == 0) { processing($_POST['payment_status'], $_POST); } else { if (strcmp($res, "INVALID") == 0) { } } } fclose($fp); }
function center() { // fatal session produced on failed login, and will display error message. if (isset($_SESSION[_SITE . 'fatal'])) { echo $_SESSION[_SITE . 'fatal']; unset($_SESSION[_SITE . 'fatal']); } else { global $categorySEF, $subcatSEF, $articleSEF; switch (true) { case isset($_GET['category']): $action = $categorySEF; break; case isset($_GET['action']): $action = $categorySEF == '404' ? $categorySEF : clean(cleanXSS($_GET['action'])); break; } switch (true) { case isset($_POST['search_query']): search(); return; break; case isset($_POST['comment']): comment('comment_posted'); return; break; case isset($_POST['contactform']): contact(); return; break; case isset($_POST['Loginform']): administration(); return; break; case isset($_POST['submit_text']): processing(); return; break; } if (_ADMIN) { switch ($action) { case 'administration': administration(); return; break; case 'snews_settings': settings(); return; break; case 'snews_categories': admin_categories(); return; break; case 'admin_category': form_categories(); return; break; case 'admin_subcategory': form_categories('sub'); return; break; case 'groupings': admin_groupings(); return; break; case 'admin_groupings': form_groupings(); return; break; case 'snews_articles': admin_articles('article_view'); return; break; case 'extra_contents': admin_articles('extra_view'); return; break; case 'snews_pages': admin_articles('page_view'); return; break; case 'admin_article': form_articles(''); return; break; case 'article_new': form_articles('article_new'); return; break; case 'extra_new': form_articles('extra_new'); return; break; case 'page_new': form_articles('page_new'); return; break; case 'editcomment': edit_comment(); return; break; case 'snews_files': files(); return; break; case 'process': processing(); return; break; case 'logout': session_destroy(); echo '<meta http-equiv="refresh" content="2; url=' . _SITE . '">'; echo '<h2>' . l('log_out') . '</h2>'; return; break; } } switch ($action) { case 'archive': archive(); break; case 'sitemap': sitemap(); break; case 'contact': contact(); break; case 'login': login(); break; case '404': echo l('error_404'); break; default: articles(); break; } } }
function center($article_limit) { if (isset($_GET['category'])) { $id = $_GET['category']; } if (isset($_GET['articleid'])) { $articleid = $_GET['articleid']; } if (isset($_POST['submit_text'])) { processing(); $processed = True; } if (isset($_POST['contactform'])) { contact(); $processed = True; } if (isset($_GET['category'])) { $action = $_GET['category']; } else { if (isset($_GET['action'])) { $action = $_GET['action']; } } if (isset($processed) and $processed == True) { unset($action); } switch ($action) { case "archives": archives(); break; case "contact": contact(); break; case "rss": rss(); break; case "login": login(); break; case "categories": if (isset($_SESSION['Logged_In'])) { view_categories(); } break; case "editcategory": if (isset($_SESSION['Logged_In'])) { edit_category(); } break; case "new": if (isset($_SESSION['Logged_In'])) { new_article(); } break; case "unpublished": if (isset($_SESSION['Logged_In'])) { unpublished_articles(); } break; case "simpleedit": if (isset($_SESSION['Logged_In'])) { edit_article(simple); } break; case "advancededit": if (isset($_SESSION['Logged_In'])) { edit_article(advanced); } break; case "editcomment": if (isset($_SESSION['Logged_In'])) { edit_comment(); } break; case "images": if (isset($_SESSION['Logged_In'])) { images(); } break; case "process": if (isset($_SESSION['Logged_In']) and $display_further != "NO") { processing(); } break; case "logout": session_start(); $_SESSION = array(); session_destroy(); echo "<META HTTP-EQUIV='refresh' content='1; URL=" . $_SERVER['PHP_SELF'] . "'>"; echo "<h2>" . l('log_out') . "</h2>"; break; default: if (isset($_POST['search'])) { search(); } else { if (isset($_POST['comment'])) { comment("comment_posted"); } else { if ($processed == False) { $article = get_id('article'); $category = get_id('category'); if ($article != "") { $query = "SELECT * FROM " . s('prefix') . "articles WHERE seftitle = '{$article}'"; $shorten = 99990000; } else { if (isset($category)) { $query_catname = "SELECT * FROM " . s('prefix') . "categories"; $result_catname = mysql_query($query_catname); while ($r_catname = mysql_fetch_array($result_catname)) { if (isset($num_cat)) { $num_cat++; } if ($r_catname['seftitle'] == $category) { $use_cat_id = $r_catname['id']; } } if ($category == "") { $use_cat_id = 0; $category = 0; } if (s('display_new_on_home') == True) { if ($use_cat_id != 0) { $query = "SELECT * FROM " . s('prefix') . "articles WHERE position = 1 AND published = 1 AND category = {$use_cat_id} ORDER BY date DESC LIMIT {$article_limit}"; } else { $query = "SELECT * FROM " . s('prefix') . "articles WHERE position = 1 AND published = 1 ORDER BY date DESC LIMIT {$article_limit}"; } } else { $query = "SELECT * FROM " . s('prefix') . "articles WHERE position = 1 AND published = 1 AND category = {$use_cat_id} ORDER BY date DESC LIMIT {$article_limit}"; } if (isset($r['textlimit'])) { $shorten = $r['textlimit']; } if (isset($shorten) == 0) { $shorten = 9999000; } } } $result = mysql_query($query); while ($r = mysql_fetch_array($result)) { if ($article == "") { $shorten = $r['textlimit']; if ($shorten == 0) { $shorten = 99990000; } } $comments_num = 0; $comment_query = "SELECT * FROM " . s('prefix') . "comments WHERE articleid = {$r['id']}"; $comment_result = mysql_query($comment_query); while ($comment_r = mysql_fetch_array($comment_result)) { $comments_num++; } $date = date(s('date_format'), strtotime($r['date'])); $fp_date_format = date(s('fp_date_format'), strtotime($r['date'])); $position = $r['position']; if ($category == "0") { $category = s('home'); } if ($r['displaytitle'] == "YES" and $article == "") { echo "<h2><a href='" . s('website') . find_cat_sef($r['category']) . "/" . $r['seftitle'] . "/'>" . $r['title'] . "</a></h2>"; } else { if ($r['displaytitle'] == "YES") { echo "<h2>" . $r['title'] . "</h2>"; } } if ($r['image'] != "") { ?> <div class="image"> <img src="<?php echo s('website') . s('image_folder'); ?> /<?php echo $r['image']; ?> " alt="<?php echo $r['title']; ?> " /> </div><?php } // PHP files inclusion routine $fulltext = $r['text']; $findme = "[include]"; $pos = strpos($fulltext, $findme); $findme = "[/include]"; $pos2 = strpos($fulltext, $findme); $file = substr($fulltext, $pos + 9, $pos2 - 9); if ($pos2 > 0) { $text = str_replace("[include]", "|&|", $fulltext); $text = str_replace("[/include]", "|&|", $text); $text = explode("|&|", $text); $num = count($text); for ($i = 0;; $i++) { if ($i == $num) { break; } if (strpos($text[$i], '.php') === false and strpos($text[$i], '.txt') === false and strpos($text[$i], '.inc') === false) { echo substr(stripslashes($text[$i]), 0, $shorten); } else { include $text[$i]; } } } else { echo substr(stripslashes($fulltext), 0, $shorten); } if (isset($numrows)) { $numrows++; } if ($article == "" and strlen($r['text']) > $shorten) { echo "...</p>"; } $commentable = $r['commentable']; if ($r['position'] != 3 and $r['position'] != 4 or isset($_SESSION['Username'])) { if ($article == "") { if ($r['displayinfo'] == "YES") { echo "<p class='" . s('date_class') . "'>"; if (strlen($r['text']) > $shorten) { echo "<img src='" . s('website') . "images/more.gif' alt='' /> <a href='" . s('website') . $category . "/" . $r['seftitle'] . "/'>" . l('read_more') . "</a> "; } if ($commentable == "YES" or $commentable == "FREEZ") { echo "<img src='" . s('website') . "images/comment.gif' alt='' /> <a href='" . s('website') . $category . "/" . $r['seftitle'] . "/'>" . l('comments') . "(" . $comments_num . ")</a> "; } echo "<img src='" . s('website') . "images/timeicon.gif' alt='' /> " . $fp_date_format . "</p>"; } } else { echo "<p class='" . s('date_class') . "'>"; if (isset($_SESSION['Logged_In'])) { echo l('edit_article') . " [ <a href='" . s('website') . "index.php?action=simpleedit&id={$r['id']}'>" . l('simple') . "</a> <img src='" . s('website') . "images/arrow.gif' alt='|' /> <a href='" . s('website') . "index.php?action=advancededit&id={$r['id']}'>" . l('advanced') . " </a> ] <img src='" . s('website') . "images/arrow.gif' alt='|' /> <a href='" . s('website') . "index.php?action=process&task=delete&id={$r['id']}'" . if_javascript_on(" onclick='return confirm(\"" . l('warning_delete') . "\");'", 'return') . ">" . l('delete_article') . "</a> <img src='" . s('website') . "images/arrow.gif' alt='|' /> "; if ($r['commentable'] == "FREEZ") { echo "<a href='" . s('website') . "index.php?action=process&task=unfreezecomments&id={$r['id']}'>" . l('unfreeze_comments') . "</a> <img src='" . s('website') . "images/arrow.gif' alt='|' /> "; } else { if ($r['commentable'] != "NO") { echo "<a href='" . s('website') . "index.php?action=process&task=freezecomments&id={$r['id']}'>" . l('freeze_comments') . "</a> <img src='" . s('website') . "images/arrow.gif' alt='|' /> "; } } } if ($category != s('home')) { $category = $category . "/"; } echo "<a href='" . s('website'); if ($category != s('home')) { echo $category . "'>"; } else { echo "'>"; } echo l('back') . "</a> <img src='" . s('website') . "images/timeicon.gif' alt='' /> " . $date . "</p>"; } } } } } } if ($article != "" and $commentable == "YES") { comment("unfreezed"); } else { if ($article != "" and $commentable == "FREEZ") { comment("freezed"); } } } }