function bm_save_book() { # create a backup if necessary if (isset($_POST['current-slug'])) { $file = $_POST['current-slug'] . '.xml'; @rename(BMBOOKPATH . $file, BMBACKUPPATH . $file); } # empty titles are not allowed if (empty($_POST['book-title'])) { $_POST['book-title'] = '[No Title]'; } # set initial slug and filename if (!empty($_POST['book-slug'])) { $slug = bm_create_slug($_POST['book-slug']); } else { $slug = bm_create_slug($_POST['book-title']); } $file = BMBOOKPATH . "{$slug}.xml"; # do not overwrite other books if (file_exists($file)) { $count = 1; $file = BMBOOKPATH . "{$slug}-{$count}.xml"; while (file_exists($file)) { $file = BMBOOKPATH . "{$slug}-" . ++$count . '.xml'; } $slug = basename($file, '.xml'); } # create undo target if there's a backup available if (isset($_POST['current-slug'])) { $backup = $slug . ':' . $_POST['current-slug']; } # collect $_POST data $title = safe_slash_html($_POST['book-title']); $timestamp = strtotime($_POST['book-date'] . ' ' . $_POST['book-time']); $date = $timestamp ? date('r', $timestamp) : date('r'); $tags = str_replace(array(' ', ',,'), array('', ','), safe_slash_html($_POST['book-tags'])); $private = isset($_POST['book-private']) ? 'Y' : ''; $content = safe_slash_html($_POST['book-content']); # create xml object $xml = new SimpleXMLExtended('<?xml version="1.0" encoding="UTF-8"?><item></item>'); $obj = $xml->addChild('title'); $obj->addCData($title); $obj = $xml->addChild('date'); $obj->addCData($date); $obj = $xml->addChild('tags'); $obj->addCData($tags); $obj = $xml->addChild('private'); $obj->addCData($private); $obj = $xml->addChild('content'); $obj->addCData($content); # write data to file if (@XMLsave($xml, $file) && bm_update_cache()) { bm_display_message(i18n_r('books_manager/SUCCESS_SAVE'), false, @$backup); } else { bm_display_message(i18n_r('books_manager/SUCCESS_SAVE'), false, @$backup); } }
if (isset($_POST['post-parent'])) { $parent = $_POST['post-parent']; } if (isset($_POST['post-menu'])) { $menu = safe_slash_html($_POST['post-menu']); } if (isset($_POST['post-menu-enable'])) { $menuStatus = "Y"; } else { $menuStatus = ""; } if (isset($_POST['post-private'])) { $private = safe_slash_html($_POST['post-private']); } if (isset($_POST['post-content'])) { $content = safe_slash_html($_POST['post-content']); } if (isset($_POST['post-menu-order'])) { if (is_numeric($_POST['post-menu-order'])) { $menuOrder = $_POST['post-menu-order']; } else { $menuOrder = "0"; } } //check to make sure we dont overwrite any good files upon create if (file_exists($file) && $url != $_POST['existing-url']) { $count = "1"; $file = GSDATAPAGESPATH . $url . "-" . $count . ".xml"; while (file_exists($file)) { $count++; $file = GSDATAPAGESPATH . $url . "-" . $count . ".xml";
function nm_save_post() { # create a backup if necessary if (isset($_POST['current-slug'])) { $file = $_POST['current-slug'] . '.xml'; if (dirname(realpath(NMPOSTPATH . $file)) != realpath(NMPOSTPATH)) { die(''); } // path traversal @nm_rename_file(NMPOSTPATH . $file, NMBACKUPPATH . $file); } # empty titles are not allowed if (empty($_POST['post-title']) || trim($_POST['post-title']) == '') { $_POST['post-title'] = '[No Title]'; } # set initial slug and filename if (!empty($_POST['post-slug'])) { $slug = nm_create_slug($_POST['post-slug']); } else { $slug = nm_create_slug($_POST['post-title']); if ($slug == '') { $slug = 'post'; } } $file = NMPOSTPATH . $slug . '.xml'; # do not overwrite other posts if (file_exists($file)) { $count = 1; $file = NMPOSTPATH . $slug . '-' . $count . '.xml'; while (file_exists($file)) { $file = NMPOSTPATH . $slug . '-' . ++$count . '.xml'; } $slug = basename($file, '.xml'); } # create undo target if there's a backup available if (isset($_POST['current-slug'])) { $backup = $slug . ':' . $_POST['current-slug']; } # collect $_POST data $title = safe_slash_html($_POST['post-title']); $timestamp = strtotime($_POST['post-date'] . ' ' . $_POST['post-time']); $date = $timestamp ? date('r', $timestamp) : date('r'); $tags = nm_lowercase_tags(trim(preg_replace(array('/\\s+/', '/\\s*,\\s*/', '/,+/'), array(' ', ',', ','), safe_slash_html(trim($_POST['post-tags']))), ',')); $private = isset($_POST['post-private']) ? 'Y' : ''; $image = safe_slash_html($_POST['post-image']); $content = safe_slash_html($_POST['post-content']); if (defined('NMSAVEAUTHOR') && NMSAVEAUTHOR) { if (isset($_POST['author'])) { $author = safe_slash_html($_POST['author']); } else { global $USR; $author = $USR ? $USR : ''; } } # create xml object $xml = new SimpleXMLExtended('<?xml version="1.0" encoding="UTF-8"?><item></item>'); $obj = $xml->addChild('title'); $obj->addCData($title); $obj = $xml->addChild('date'); $obj->addCData($date); $obj = $xml->addChild('tags'); $obj->addCData($tags); $obj = $xml->addChild('private'); $obj->addCData($private); $obj = $xml->addChild('image'); $obj->addCData($image); $obj = $xml->addChild('content'); $obj->addCData($content); if (isset($author)) { $obj = $xml->addChild('author'); $obj->addCData($author); } # write data to file if (@XMLsave($xml, $file) && nm_update_cache()) { nm_generate_sitemap(); nm_display_message(i18n_r('news_manager/SUCCESS_SAVE'), false, @$backup); } else { nm_display_message(i18n_r('news_manager/ERROR_SAVE'), true); } }
public function page_save() { if ($this->auth()) { $id = (string) $this->xml->data->slug; $thisfile = GSDATAPAGESPATH . $id . '.xml'; if (file_exists($thisfile)) { $page = getXML($thisfile); $page->content = safe_slash_html($this->xml->data->content); $page->title = safe_slash_html($this->xml->data->title); $page->pubDate = date('r'); $bakfile = GSBACKUPSPATH . "pages/" . $id . ".bak.xml"; copy($thisfile, $bakfile); $status = XMLsave($page, $thisfile); if ($status) { touch($thisfile); $wrapper = array('status' => 'success', 'message' => 'page_save ok', 'response' => $page); } else { $wrapper = array('status' => 'error', 'message' => 'There was an error saving your page'); } return json_encode($wrapper); } else { $error = array('status' => 'error', 'message' => sprintf(i18n_r('API_ERR_NOPAGE'), $id)); return json_encode($error); } } }
/** * Saves a post submitted from the admin panel * * @param $post_data the post data (eg: 'XML_FIELD_NAME => $POSTDATA') * @todo clean up this method... Not happy about it's messiness! * @return bool */ public function savePost($post_data, $auto_import = false) { if ($post_data['slug'] != '') { $slug = $this->blog_create_slug($post_data['slug']); } else { $slug = $this->blog_create_slug($post_data['title']); } $file = BLOGPOSTSFOLDER . "{$slug}.xml"; if ($post_data['current_slug'] == '' || $post_data['current_slug'] != $post_data['slug']) { # delete old post file if ($post_data['current_slug'] != '') { unlink(BLOGPOSTSFOLDER . $post_data['current_slug'] . '.xml'); } # do not overwrite existing files if (file_exists($file) && $auto_import == false) { $count = 0; while (file_exists($file)) { $file = BLOGPOSTSFOLDER . "{$slug}-" . ++$count . '.xml'; $slug .= "-{$count}"; } } } else { unlink(BLOGPOSTSFOLDER . $post_data['current_slug'] . '.xml'); } if ($post_data['date'] != '') { $date = $post_data['date']; } else { $date = date('m/d/Y h:i:s a', time()); } if ($post_data['tags'] != '') { $tags = str_replace(array(' ', ',,'), array('', ','), $post_data['tags']); } else { $tags = ''; } $xml = new SimpleXMLExtended('<?xml version="1.0"?><item></item>'); foreach ($post_data as $key => $value) { if ($key == 'current_slug' || $key == 'time') { } elseif ($key == 'slug') { $node = $xml->addChild($key); $node->addCData($slug); } elseif ($key == 'title') { $title = safe_slash_html($value); $node = $xml->addChild($key); $node->addCData($title); } elseif ($key == 'date') { $node = $xml->addChild($key); $node->addCData($date); } elseif ($key == 'content') { $content = safe_slash_html($value); $node = $xml->addChild($key); $node->addCData($content); } elseif ($key == 'tags') { $node = $xml->addChild($key); $node->addCData($tags); } else { $node = $xml->addChild($key); $node->addCData($value); } } $tags = str_replace(array(' ', ',,'), array('', ','), safe_slash_html($post_data['tags'])); if (!XMLsave($xml, $file)) { return false; } else { $this->createPostsCache(); if (function_exists('i18n_search_index_item')) { i18n_search_index_item($slug, 'en', $post_data['date'], $post_data['date'], $post_data['tags'], $post_data['title'], $post_data['content']); } return true; } }
* You should have received a full copy of the LICENSE AGREEMENT along with * Codefuture Image Hosting Script. If not, see http://codefuture.co.uk/projects/imagehost/license/. * * * ABOUT THIS PAGE ----- * Used For: Admin ADs page * Last edited: 19/12/2012 * *************************************************************************************************************/ if (isset($_POST['changeads'])) { $makeFile = '<?php if(!defined(\'cfih\') or !cfih) exit("Direct access not permitted."); $ads[\'header\'] = \'' . safe_slash_html($_POST['ad1']) . '\'; $ads[\'index\'] = "' . safe_slash_html($_POST['ad2']) . '"; $ads[\'thumb\'] = "' . safe_slash_html($_POST['ad3']) . '"; $ads[\'gallery\'] = "' . safe_slash_html($_POST['ad4']) . '"; $ads[\'footer\'] = "' . safe_slash_html($_POST['ad5']) . '";'; if ($fp = fopen(CFDATAPATH . 'ads.php', 'w+')) { fwrite($fp, $makeFile); fclose($fp); } else { user_feedback('error', 'Error: Saving file', 'admin_ads_saving_file'); } } // page settings $page['id'] = 'ads'; $page['title'] = _T("admin_ad_page_title"); $page['description'] = ''; $page['tipsy'] = true; require CFADMINPATH . 'admin_page_header.php'; ?> <!-- admin settings -->
$data['menuStatus'] = "Y"; } else { $menuStatus = ""; } if (isset($_POST['post-menu-order'])) { $data['menuOrder'] = is_numeric($_POST['post-menu-order']) ? $_POST['post-menu-order'] : "0"; } if (isset($_POST['post-private'])) { $data['private'] = safe_slash_html($_POST['post-private']); } // meta if (isset($_POST['post-metak'])) { $data['meta'] = $metak = safe_slash_html($_POST['post-metak']); } if (isset($_POST['post-metad'])) { $data['metad'] = safe_slash_html($_POST['post-metad']); } //robots if (isset($_POST['post-metar-noindex'])) { $data['metarNoIndex'] = 1; } else { $data['metarNoIndex'] = 0; } if (isset($_POST['post-metar-nofollow'])) { $data['metarNoFollow'] = 1; } else { $data['metarNoFollow'] = 0; } if (isset($_POST['post-metar-noarchive'])) { $data['metarNoArchive'] = 1; } else {
function addComponentItem($xml, $title, $value, $active, $slug = null) { if ($title != null && !empty($title)) { if ($slug == null || _id($slug) == '') { $slug = to7bit($title, 'UTF-8'); $slug = clean_url($slug); } $title = safe_slash_html($title); $value = safe_slash_html($value); $disabled = $active; if (!is_object($xml)) { $xml = new SimpleXMLExtended('<?xml version="1.0" encoding="UTF-8"?><item></item>'); } # create the body of components.xml file $component = $xml->addChild('item'); $c_note = $component->addChild('title'); $c_note->addCData($title); $component->addChild('slug', $slug); $c_note = $component->addChild('value'); $c_note->addCData($value); $c_note = $component->addChild('disabled'); $c_note->addCData($disabled); } // debugLog(var_dump($component->asXML())); return $xml; }
# start creation of top of components.xml file $xml = new SimpleXMLExtended('<?xml version="1.0" encoding="UTF-8"?><channel></channel>'); if (count($ids) != 0) { $ct = 0; $coArray = array(); foreach ($ids as $id) { if ($title[$ct] != null) { if ($slug[$ct] == null) { $slug_tmp = to7bit($title[$ct], 'UTF-8'); $slug[$ct] = clean_url($slug_tmp); $slug_tmp = ''; } $coArray[$ct]['id'] = $ids[$ct]; $coArray[$ct]['slug'] = $slug[$ct]; $coArray[$ct]['title'] = safe_slash_html($title[$ct]); $coArray[$ct]['value'] = safe_slash_html($value[$ct]); } $ct++; } $ids = subval_sort($coArray, 'title'); $count = 0; foreach ($ids as $comp) { # create the body of components.xml file $components = $xml->addChild('item'); $c_note = $components->addChild('title'); $c_note->addCData($comp['title']); $components->addChild('slug', $comp['slug']); $c_note = $components->addChild('value'); $c_note->addCData($comp['value']); $count++; }
public function add($field, $value) { if (isset($field) && isset($value) && isset($this->_entry)) { $cdata = $this->_entry->addChild(htmlentities($field, ENT_QUOTES)); $cdata->addCData(safe_slash_html($value)); } }
/** * Process settings form. Saves to xml file * * @return void */ public function processSettings() { $this->Storage = $_POST['storage']; $this->LoginCss = safe_slash_html($_POST['post-login-container']); $this->Email = $_POST['post-from-email']; $this->WelcomeCss = safe_slash_html($_POST['post-welcome-box']); $this->ProtectedMessage = safe_slash_html($_POST['post-protected-message']); $this->RegisterCss = safe_slash_html($_POST['post-register-box']); $this->DB_Host = $_POST['db_host']; $this->DB_User = $_POST['db_user']; $this->DB_Pass = $_POST['db_pass']; $this->DB_Name = $_POST['db_name']; $this->DB_Table_Name = $_POST['db_table_name']; $this->Errors = $_POST['errors']; # create xml file if (file_exists(FeulFile)) { unlink(FeulFile); } $xml = new SimpleXMLElement('<item></item>'); $xml->addChild('storage', $this->Storage); $xml->addChild('email', $this->Email); $xml->addChild('db_host', $this->DB_Host); $xml->addChild('db_user', $this->DB_User); $xml->addChild('db_pass', $this->DB_Pass); $xml->addChild('db_name', $this->DB_Name); $xml->addChild('db_table_name', $this->DB_Table_Name); $xml->addChild('storage', $this->Storage); $xml->addChild('errors', $this->Errors); $xml->addChild('logincontainer', $this->LoginCss); $xml->addChild('welcomebox', $this->WelcomeCss); $xml->addChild('protectedmessage', $this->ProtectedMessage); $xml->addChild('registerbox', $this->RegisterCss); if (!XMLsave($xml, FeulFile)) { return false; } else { return true; } }
$menuStatus = "Y"; } else { $menuStatus = ""; } if (isset($_POST['post-menu-order'])) { $menuOrder = is_numeric($_POST['post-menu-order']) ? $_POST['post-menu-order'] : "0"; } if (isset($_POST['post-private'])) { $private = safe_slash_html($_POST['post-private']); } // meta if (isset($_POST['post-metak'])) { $meta = $metak = safe_slash_html($_POST['post-metak']); } if (isset($_POST['post-metad'])) { $metad = safe_slash_html($_POST['post-metad']); } //robots if (isset($_POST['post-metar-noindex'])) { $metarNoIndex = 1; } else { $metarNoIndex = 0; } if (isset($_POST['post-metar-nofollow'])) { $metarNoFollow = 1; } else { $metarNoFollow = 0; } if (isset($_POST['post-metar-noarchive'])) { $metarNoArchive = 1; } else {
public function add($field, $value, $unique = true) { if (isset($field) && isset($value) && isset($this->_entry)) { if ($unique) { $this->remove($field); } // allow dups ? $cdata = $this->_entry->addChild(htmlentities($field, ENT_QUOTES)); return $cdata->addCData(safe_slash_html($value)); } }
public function processImSettings() { $category_file = getXML(ITEMDATAFILE); //Page URL if (isset($_POST['page-url'])) { $file_url = $_POST['page-url']; } elseif (isset($category_file->item->pageurl)) { $file_url = $category_file->item->pageurl; } else { $file_url = ITEMSLISTPAGE; } //Item Title if (isset($_POST['item-title'])) { $file_title = $_POST['item-title']; } elseif (isset($category_file->item->title)) { $file_title = $category_file->item->title; } else { $file_title = IMTITLE; } //Details Page if (isset($_POST['detailspage'])) { $file_page_details = $_POST['detailspage']; } elseif (isset($category_file->item->detailspage)) { $file_page_details = $category_file->item->detailspage; } else { $file_page_details = ITEMPAGE; } //Results Page if (isset($_POST['resultspage'])) { $file_results_page = safe_slash_html($_POST['resultspage']); } elseif (isset($category_file->item->resultspage)) { $file_results_page = $category_file->item->resultspage; } else { $file_results_page = ' <style> .m_pic { width:160px; float:left; border:1px solid white; padding:1px;margin-top:0px; } .thatable tr td h2 { margin:5px; font-size:15px; margin-toP:6px; margin-top:0px; padding-top:0px; } .thetable { margin-bottom:30px; } .thetable td h2{ font-size:17px; } </style> <table width="100%" class="thetable"> <tr> <td class="resize_img" width="175" valign="top"> <div><img src="<?php echo $SITEURL; ?>/data/uploads/items/<?php echo $data->image1; ?>" class="m_pic"/></div> </td> <td valign="top"> <h2 style=""><?php echo $data->title; ?> - <span class="title_development"><?php echo $data->category; ?></span> - <a href="<?php echo $url; ?>" style="font-size:13px;">View Details</a></h2> <p style="margin:0px;margin-left:4px;text-align:left;"> </p> <p style="margin:0px;margin-left:4px;text-align:left;"> <?php echo $content; ?>.. <a href="<?php echo $url; ?>">Read more</a> </p> </td> </tr> </table> '; } if (file_exists(ITEMDATAFILE)) { $category_file = getXML(ITEMDATAFILE); } $xml = new SimpleXMLExtended('<?xml version="1.0" encoding="UTF-8"?><channel></channel>'); $item_xml = $xml->addChild('item'); //Set Title Variable And And Write To XML FIle $item_xml->addChild('title', $file_title); //Set Page URL Variable And Write To XML FIle $item_xml->addChild('pageurl', $file_url); //Set Details Page And Write To XML File $item_xml->addChild('detailspage', $file_page_details); //Set Results Page Coding And Write To XML File $note = $item_xml->addChild('resultspage'); $note->addCData($file_results_page); //Add Categories $category = $xml->addChild('categories'); if (file_exists(ITEMDATAFILE)) { foreach ($category_file->categories->category as $the_fed) { $category_uri = $the_fed; if ($category_uri == $_GET['deletecategory']) { } else { $category->addChild('category', $category_uri); } } } if (isset($_POST['new_category']) && $_POST['new_category'] != "") { $category->addChild('category', $_POST['new_category']); } //Save XML File XMLsave($xml, ITEMDATAFILE); }
if (isset($_POST['post-menu-enable'])) { $menuStatus = "Y"; } else { $menuStatus = ""; } if (isset($_POST['post-private'])) { $private = safe_slash_html($_POST['post-private']); } if (isset($_POST['post-content'])) { $content = safe_slash_html($_POST['post-content']); } if (isset($_POST['post-intro'])) { $intro = safe_slash_html($_POST['post-intro']); } if (isset($_POST['post-fotos'])) { $fotos = safe_slash_html($_POST['post-fotos']); } if (isset($_POST['post-menu-order'])) { if (is_numeric($_POST['post-menu-order'])) { $menuOrder = $_POST['post-menu-order']; } else { $menuOrder = "0"; } } //check to make sure we dont overwrite any good files upon create if (file_exists($file) && $url != $_POST['existing-url']) { $count = "1"; $file = CONTENTPATH . $url . "-" . $count . ".xml"; while (file_exists($file)) { $count++; $file = CONTENTPATH . $url . "-" . $count . ".xml";