$useFCK = file_exists(PGV_ROOT . 'modules/FCKeditor/fckeditor.php');
if ($useFCK) {
require PGV_ROOT . 'modules/FCKeditor/fckeditor.php';
}
if (!PGV_USER_ID) {
print_simple_header("");
print $pgv_lang["access_denied"];
print_simple_footer();
exit;
}
$action = safe_GET('action', array('compose', 'save', 'delete'), 'compose');
$news_id = safe_GET('news_id');
$username = safe_REQUEST($_REQUEST, 'username');
$date = safe_POST('date', PGV_REGEX_UNSAFE);
$title = safe_POST('title', PGV_REGEX_UNSAFE);
$text = safe_POST('text', PGV_REGEX_UNSAFE);
print_simple_header($pgv_lang["edit_news"]);
if (empty($username)) {
$username = $GEDCOM;
}
if ($action == "compose") {
print '<span class="subheaders">' . $pgv_lang["edit_news"] . '</span>';
?>
<script language="JavaScript" type="text/javascript">
function checkForm(frm) {
if (frm.title.value=="") {
alert('<?php
print $pgv_lang["enter_title"];
?>
');
document.messageform.title.focus();
}
}
if ($error == "" && empty($_FILES["mediafile"]["name"]) && !empty($_FILES["thumbnail"]["name"])) {
// Copy user-supplied thumbnail file into the main destination directory
$whichFile1 = $realThumbFolderName . $mediaFile;
$whichFile2 = $realFolderName . $mediaFile;
if (!copy(filename_decode($whichFile1), filename_decode($whichFile2))) {
// the file cannot be copied
$error .= $pgv_lang["upload_error"] . "<br />" . print_text('copy_error', 0, 1) . "<br />";
} else {
@chmod(filename_decode($whichFile2), PGV_PERM_FILE);
AddToLog("Media file {$folderName}{$mediaFile} copied from {$thumbFolderName}{$mediaFile}");
}
}
if ($error == "" && !empty($_FILES["mediafile"]["name"]) && empty($_FILES["thumbnail"]["name"])) {
if (safe_POST('genthumb', 'yes', 'no') == 'yes') {
// Generate thumbnail from main image
$parts = pathinfo_utf($mediaFile);
if (!empty($parts["extension"])) {
$ext = strtolower($parts["extension"]);
if (isImageTypeSupported($ext)) {
$thumbnail = $thumbFolderName . $mediaFile;
$okThumb = generate_thumbnail($folderName . $mediaFile, $thumbnail, "OVERWRITE");
if (!$okThumb) {
$error .= print_text("thumbgen_error", 0, 1);
} else {
print_text("thumb_genned");
print "<br />";
AddToLog("Media thumbnail {$thumbnail} generated");
}
}
function addNewFact($fact)
{
global $tagSOUR, $ADVANCED_PLAC_FACTS;
$FACT = safe_POST($fact, PGV_REGEX_UNSAFE);
$DATE = safe_POST("{$fact}_DATE", PGV_REGEX_UNSAFE);
$PLAC = safe_POST("{$fact}_PLAC", PGV_REGEX_UNSAFE);
if ($DATE || $PLAC || $FACT && $FACT != 'Y') {
if ($FACT && $FACT != 'Y') {
$gedrec = "1 {$fact} {$FACT}\n";
} else {
$gedrec = "1 {$fact}\n";
}
if ($DATE) {
$DATE = check_input_date($DATE);
$gedrec .= "2 DATE {$DATE}\n";
}
if ($PLAC) {
$gedrec .= "2 PLAC {$PLAC}\n";
if (preg_match_all('/(' . PGV_REGEX_TAG . ')/', $ADVANCED_PLAC_FACTS, $match)) {
foreach ($match[1] as $tag) {
$TAG = safe_POST("{$fact}_{$tag}", PGV_REGEX_UNSAFE);
if ($TAG) {
$gedrec .= "3 {$tag} {$TAG}\n";
}
}
}
$LATI = safe_POST("{$fact}_LATI", PGV_REGEX_UNSAFE);
$LONG = safe_POST("{$fact}_LONG", PGV_REGEX_UNSAFE);
if ($LATI || $LONG) {
$gedrec .= "3 MAP\n4 LATI {$LATI}\n4 LONG {$LONG}\n";
}
}
if (safe_POST_bool("SOUR_{$fact}")) {
return updateSOUR($gedrec, 2);
} else {
return $gedrec;
}
} elseif ($FACT == 'Y') {
if (safe_POST_bool("SOUR_{$fact}")) {
return updateSOUR("1 {$fact} Y\n", 2);
} else {
return "1 {$fact} Y\n";
}
} else {
return '';
}
}
// Default values
if (isset($GEDCOM) && array_key_exists($GEDCOM, $all_geds)) {
$default_ged = $GEDCOM;
} else {
$tmp = array_keys($all_geds);
$default_ged = $tmp[0];
// First gedcom in directory
}
$ged = safe_POST('ged', array_keys($all_geds), $default_ged);
$err_level = safe_POST('err_level', '[0-3]', $critical);
// Higher numbers are more picky.
$openinnew = safe_POST('openinnew', '[01]', '0');
// Open links in same/new tab/window
$context_lines = safe_POST('context_lines', '[0-5]', '2');
// Lines of context to display
$showall = safe_POST('showall', '[01]', '0');
// Show details of records with no problems
echo '<form method="post" name="gedcheck" action="gedcheck.php">';
echo '<table class="list_table ', $TEXT_DIRECTION, '">';
echo '<tr><td class="list_label">', $pgv_lang['gedcom_file'], '</td>';
echo '<td class="optionbox"><select name="ged">';
foreach ($all_geds as $key => $value) {
echo '<option value="', htmlspecialchars($key), '"', $key == $ged ? ' selected="selected"' : '', '>', htmlspecialchars($key), '</option>';
}
echo '</select></td></tr>';
echo '<tr><td class="list_label">', $pgv_lang['level'], '</td>';
echo '<td class="optionbox"><select name="err_level">';
for ($i = 0; $i < count($levels); $i++) {
echo '<option value="', $i, '"', $i == $err_level ? ' selected="selected"' : '', '>', $levels[$i], '</option>';
}
echo '</select></td></tr>';
include_once PHPGEDVIEW_PKG_PATH . 'BitGEDCOM.php';
$gGedcom = new BitGEDCOM();
// leave manual config until we can move it to bitweaver table
require "config.php";
require_once './includes/functions/functions_edit.php';
require_once './includes/functions/functions_import.php';
if (file_exists($factsfile[$LANGUAGE])) {
require $factsfile[$LANGUAGE];
}
$ged = $GEDCOM;
$gid1 = safe_POST_xref('gid1');
$gid2 = safe_POST_xref('gid2');
$action = safe_POST('action', PGV_REGEX_ALPHA, 'choose');
$ged2 = safe_POST('ged2', PGV_REGEX_NOSCRIPT, $GEDCOM);
$keep1 = safe_POST('keep1', PGV_REGEX_UNSAFE);
$keep2 = safe_POST('keep2', PGV_REGEX_UNSAFE);
if (empty($keep1)) {
$keep1 = array();
}
if (empty($keep2)) {
$keep2 = array();
}
print_header($pgv_lang["merge_records"]);
if ($ENABLE_AUTOCOMPLETE) {
require './js/autocomplete.js.htm';
}
//-- make sure they have accept access privileges
if (!PGV_USER_CAN_ACCEPT) {
print "<span class=\"error\">" . $pgv_lang["access_denied"] . "</span>";
print_footer();
exit;
function safe_POST_xref($var, $default = null)
{
return safe_POST($var, PGV_REGEX_XREF, $default);
}
$ALL_THEME_DIRS[] = $themedir;
}
// Extract form variables
$form_action = safe_POST('form_action');
$form_username = safe_POST('form_username', PGV_REGEX_USERNAME);
$form_firstname = safe_POST('form_firstname');
$form_lastname = safe_POST('form_lastname');
$form_pass1 = safe_POST('form_pass1', PGV_REGEX_PASSWORD);
$form_pass2 = safe_POST('form_pass2', PGV_REGEX_PASSWORD);
$form_email = safe_POST('form_email', PGV_REGEX_EMAIL, '*****@*****.**');
$form_rootid = safe_POST('form_rootid', PGV_REGEX_XREF, PGV_USER_ROOT_ID);
$form_theme = safe_POST('form_theme', $ALL_THEME_DIRS, $THEME_DIR);
$form_language = safe_POST('form_language', array_keys($pgv_language), $LANGUAGE);
$form_contact_method = safe_POST('form_contact_method', $ALL_CONTACT_METHODS, $CONTACT_METHOD);
$form_default_tab = safe_POST('form_default_tab', array_keys($ALL_DEFAULT_TABS), $GEDCOM_DEFAULT_TAB);
$form_visible_online = safe_POST('form_visible_online', 'Y', 'N');
// Respond to form action
if ($form_action == 'update') {
if ($form_username != PGV_USER_NAME && get_user_id($form_username)) {
print_header($pgv_lang['user_admin']);
echo '<span class="error">', $pgv_lang['duplicate_username'], '</span><br />';
} else {
$alphabet = getAlphabet() . '_-. ';
$i = 1;
$pass = true;
while (strlen($form_username) > $i) {
if (stristr($alphabet, $form_username[$i]) === false) {
$pass = false;
break;
}
$i++;
function init()
{
// Cannot edit with a "remember me" login.
if ($_SESSION["cookie_login"]) {
header('Location: ' . encode_url("login.php?type=simple&url=" . urlencode("edit_interface.php?" . decode_url($QUERY_STRING)), false));
exit;
}
// Coming soon ???
$this->has_familysearch = file_exists('modules/FamilySearch/familySearchWrapper.php');
if ($this->has_familysearch) {
require_once 'modules/FamilySearch/familySearchWrapper.php';
}
// The PID can come from a URL or a form
$this->pid = safe_REQUEST($_REQUEST, 'pid', PGV_REGEX_XREF);
$this->person = Person::getInstance($this->pid);
$this->server_list = get_server_list();
$this->gedcom_list = get_all_gedcoms();
unset($this->gedcom_list[PGV_GED_ID]);
// Other input values come from the form
$this->form_txtPID = safe_POST('txtPID', PGV_REGEX_XREF);
$this->form_cbRelationship = safe_POST('cbRelationship');
$this->form_location = safe_POST('location');
$this->form_txtURL = safe_POST('txtURL', PGV_REGEX_URL);
$this->form_txtTitle = safe_POST('txtTitle', '[^<>"%{};]+');
$this->form_txtGID = safe_POST('txtGID', $this->gedcom_list);
$this->form_txtUsername = safe_POST('txtUsername', PGV_REGEX_USERNAME);
$this->form_txtPassword = safe_POST('txtPassword', PGV_REGEX_PASSWORD);
$this->form_cbExistingServers = safe_POST('cbExistingServers', array_keys($this->server_list));
$this->form_txtCB_Title = safe_POST('txtCB_Title', '[^<>"%{};]+');
$this->form_txtCB_GID = safe_POST('txtCB_GID', $this->gedcom_list);
$this->form_txtFS_URL = safe_POST('txtFS_URL', PGV_REGEX_URL);
$this->form_txtFS_Title = safe_POST('txtFS_Title', '[^<>"%{};]+');
$this->form_txtFS_GID = safe_POST('txtFS_GID', $this->gedcom_list);
$this->form_txtFS_Username = safe_POST('txtFS_Username', PGV_REGEX_USERNAME);
$this->form_txtFS_Password = safe_POST('txtFS_Password', PGV_REGEX_PASSWORD);
if (is_null($this->form_location)) {
if ($this->server_list) {
$this->form_location = 'existing';
} else {
$this->form_location = 'remote';
}
}
}
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* @package PhpGedView
* @subpackage Charts
* @version $Id: addremotelink.php 6879 2010-01-30 11:35:46Z fisharebest $
*/
define('PGV_SCRIPT_NAME', 'addremotelink.php');
require './config.php';
require PGV_ROOT . 'includes/controllers/remotelink_ctrl.php';
$controller = new RemoteLinkController();
$controller->init();
print_simple_header($pgv_lang['title_remote_link']);
$pid = safe_REQUEST($_REQUEST, 'pid', PGV_REGEX_XREF);
$action = safe_POST('action', array('addlink'));
//-- only allow gedcom admins to create remote links
if (!$controller->canAccess()) {
echo '<span class="error">', $pgv_lang['access_denied'], '<br />';
if (!PGV_USER_GEDCOM_ADMIN) {
echo $pgv_lang['user_cannot_edit'];
} else {
if (!$ALLOW_EDIT_GEDCOM) {
echo $pgv_lang['gedcom_editing_disabled'];
} else {
echo $pgv_lang['privacy_prevented_editing'];
if ($pid) {
echo '<br />', $pgv_lang['privacy_not_granted'], ' ', $pid;
}
}
}
$v_new_user_privacy_username = safe_POST('v_new_user_privacy_username', get_all_users());
$v_new_user_privacy_access_ID = safe_POST('v_new_user_privacy_access_ID', PGV_REGEX_XREF);
$v_new_user_privacy_access_option = safe_POST('v_new_user_privacy_access_option', $PRIVACY_CONSTANTS);
$v_user_privacy_del = safe_POST('v_user_privacy_del', '1');
$v_user_privacy = safe_POST('v_user_privacy');
$v_new_global_facts_abbr = safe_POST('v_new_global_facts_abbr', array_keys($factarray));
$v_new_global_facts_choice = safe_POST('v_new_global_facts_choice', array('show', 'details'));
$v_new_global_facts_access_option = safe_POST('v_new_global_facts_access_option', $PRIVACY_CONSTANTS);
$v_global_facts_del = safe_POST('v_global_facts_del', '1');
$v_global_facts = safe_POST('v_global_facts');
$v_new_person_facts_access_ID = safe_POST('v_new_person_facts_access_ID', PGV_REGEX_XREF);
$v_new_person_facts_abbr = safe_POST('v_new_person_facts_abbr', array_keys($factarray));
$v_new_person_facts_choice = safe_POST('v_new_person_facts_choice', array('show', 'details'));
$v_new_person_facts_access_option = safe_POST('v_new_person_facts_access_option', $PRIVACY_CONSTANTS);
$v_person_facts_del = safe_POST('v_person_facts_del', '1');
$v_person_facts = safe_POST('v_person_facts');
// These values may not be present in privacy files created by old versions of PGV
if (!isset($PRIVACY_BY_YEAR)) {
$PRIVACY_BY_YEAR = false;
}
if (!isset($MAX_ALIVE_AGE)) {
$MAX_ALIVE_AGE = 120;
}
/**
* print yes/no select option
*
* @param string $checkVar
*/
function write_yes_no($checkVar)
{
global $pgv_lang;
}
if (PGV_DEBUG) {
echo "<pre>{$gedrec}</pre>";
}
$xref = append_gedrec($gedrec, $update_CHAN);
$link = "individual.php?pid={$xref}&show_changes=yes";
if ($xref) {
echo "<br /><br />", $pgv_lang["update_successful"];
} else {
exit;
}
$spouserec = $gedrec;
$success = true;
if ($famid == "new") {
$famrec = "0 @new@ FAM\n";
$SEX = safe_POST('SEX', '[MF]', 'U');
if ($SEX == "M") {
$famtag = "HUSB";
}
if ($SEX == "F") {
$famtag = "WIFE";
}
if ($famtag == "HUSB") {
$famrec .= "1 HUSB @{$xref}@\n";
$famrec .= "1 WIFE @{$pid}@\n";
} else {
$famrec .= "1 WIFE @{$xref}@\n";
$famrec .= "1 HUSB @{$pid}@\n";
}
if (preg_match_all('/([A-Z0-9_]+)/', $QUICK_REQUIRED_FAMFACTS, $matches)) {
foreach ($matches[1] as $match) {
