function blocks_related_block($row) { global $sid, $story; list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, 'Relatedblock::', "{$row['title']}::", ACCESS_READ)) { return; } if ($story['topic']) { $row['content'] = '<font class="pn-normal">'; $column =& $pntable['stories_column']; $sql = "SELECT {$column['sid']} as sid, {$column['title']} as title FROM {$pntable['stories']} WHERE {$column['topic']}=" . pnVarPrepForStore($story['topic']) . " ORDER BY {$column['counter']} DESC"; $result = $dbconn->SelectLimit($sql, 1); $mrow = $result->GetRowAssoc(false); $result->MoveNext(); $column =& $pntable['related_column']; $result = $dbconn->Execute("SELECT {$column['name']} as name, {$column['url']} as url FROM {$pntable['related']} WHERE {$column['tid']}=" . pnVarPrepForStore($story['topic']) . ""); while (!$result->EOF) { $lrow = $result->GetRowAssoc(false); $result->MoveNext(); $row['content'] .= "<strong><big>·</big></strong> <a href=\"{$lrow['url']}\" target=\"_blank\">" . pnVarPrepForDisplay($lrow['name']) . "</a><br>\n"; } $row['content'] .= "<strong><big>·</big></strong> <a href=\"advtopics.php?topic={$story['topic']}\">" . _MOREABOUT . " " . pnVarPrepForDisplay($story['topicname']) . "</a><br>\n" . "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=Search&file=index&action=search&overview=1&active_stories=1&stories_author={$story['aid']}\">" . _NEWSBY . " " . pnVarPrepForDisplay($story['aid']) . "</a><br>\n" . '</font><br><hr noshade width="95%" size="1"><b>' . _MOSTREAD . " " . pnVarPrepForDisplay($story['topicname']) . ":</b><br>\n" . "<center><a href=\"advarticle.php?sid={$mrow['sid']}\">" . pnVarPrepForDisplay($mrow['title']) . "</a></center><br><br>\n" . '<div align="right">' . "<a href=\"print.php?sid={$mrow['sid']}\"><img src=\"images/global/print.gif\" border=\"0\" alt=\"" . _PRINTER . "\"></a> " . "<a class=\"pn-normal\" href=\"modules.php?op=modload&name=Recommend_Us&file=index&req=FriendSend&sid={$sid}\"><img src=\"images/global/friend.gif\" border=\"0\" Alt=\"" . _FRIEND . "\"></a>\n" . '</div>'; return themesideblock($row); } }
function blocks_search_block($row) { if (!pnSecAuthAction(0, 'Searchblock::', "{$row['title']}::", ACCESS_READ)) { return; } $vars = getVarsFrom_search_Content($row); $content = "<form method=\"post\" action=\"modules.php\">" . "<input type=\"hidden\" name=\"op\" value=\"modload\">" . "<input type=\"hidden\" name=\"name\" value=\"Search\">" . "<input type=\"hidden\" name=\"file\" value=\"index\">" . "<input type=\"hidden\" name=\"action\" value=\"search\">" . "<input type=\"hidden\" name=\"overview\" value=\"1\">"; $content .= "<br><center><input type=\"text\" name=\"q\" size=\"14\">"; if (isset($vars[_SEARCH_DISPLAY_BTN])) { $content .= ' <input type="submit" value="' . _SEARCH . '">'; } $content .= '</center>'; // list of vars that don't need to be saved $avdsearch_reserved_vars = array(_SEARCH_DISPLAY_BTN, 'authid', 'bid', 'title', 'position', 'language', 'refresh'); foreach ($vars as $key => $value) { if (in_array($key, $avdsearch_reserved_vars)) { continue; } if (is_array($value)) { foreach ($value as $val) { $content .= "<input type=\"hidden\" name=\"{$key}\" value=\"{$val}\">\n"; } } else { $content .= "<input type=\"hidden\" name=\"{$key}\" value=\"{$value}\">\n"; } } $content .= "</form>"; if (empty($row['title'])) { $row['title'] = _SEARCH; } $row['content'] = $content; return themesideblock($row); }
function blocks_html_block($row) { if (!pnSecAuthAction(0, 'HTMLblock::', "{$row['title']}::", ACCESS_OVERVIEW)) { return; } return themesideblock($row); }
function blocks_ephem_block($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $currentlang = pnUserGetLang(); if (!pnSecAuthAction(0, 'Ephemeridsblock::', "{$row['title']}::", ACCESS_READ)) { return; } if (pnConfigGetVar('multilingual') == 1) { $column =& $pntable['ephem_column']; $querylang = "AND ({$column['elanguage']}='" . pnVarPrepForStore($currentlang) . "' OR {$column['elanguage']}='')"; } else { $querylang = ""; } $today = getdate(); $eday = $today['mday']; $emonth = $today['mon']; $column =& $pntable['ephem_column']; $result = $dbconn->Execute("SELECT {$column['yid']}, {$column['content']}\n FROM {$pntable['ephem']}\n WHERE {$column['did']}='" . pnVarPrepForStore($eday) . "' AND {$column['mid']}='" . pnVarPrepForStore($emonth) . "' {$querylang}"); $boxstuff = '<span class="pn-normal"><b>' . _ONEDAY . '</b></span><br />'; while (list($yid, $content) = $result->fields) { $result->MoveNext(); $boxstuff .= '<br /><br />'; $boxstuff .= '<b>' . pnVarPrepForDisplay($yid) . '</b><br />' . pnVarPrepHTMLDisplay(nl2br($content)) . ''; } if (empty($row['title'])) { $row['title'] = _EPHEMERIDS; } $row['content'] = $boxstuff; return themesideblock($row); }
function blocks_login_block($row) { global $HTTP_SERVER_VARS; if (empty($row['title'])) { $row['title'] = 'Login'; } if (!pnSecAuthAction(0, 'Loginblock::', "{$row['title']}::", ACCESS_READ)) { return; } // code taken pnGetBaseURI to fix issue with IIS not passing request_uri // markwest // Start of with REQUEST_URI if (isset($HTTP_SERVER_VARS['REQUEST_URI'])) { $path = $HTTP_SERVER_VARS['REQUEST_URI']; } else { $path = getenv('REQUEST_URI'); } if (empty($path) || substr($path, -1, 1) == '/') { // REQUEST_URI was empty or pointed to a path // Try looking at PATH_INFO $path = getenv('PATH_INFO'); if (empty($path)) { // No luck there either // Try SCRIPT_NAME if (isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) { $path = $HTTP_SERVER_VARS['SCRIPT_NAME']; } else { $path = getenv('SCRIPT_NAME'); } } } if (!pnUserLoggedIn()) { // prettified a little with a table for inputs and button to avoid bugs like #493456 (Andy Varganov) $boxstuff = '<form action="user.php" method="post">'; $boxstuff .= '<table border="0" width="100%" cellspacing="0" cellpadding="1"><tr><td>'; $boxstuff .= '<span class="pn-normal"> ' . _BLOCKNICKNAME . '</span></td></tr><tr><td>'; $boxstuff .= '<input type="text" name="uname" size="14" maxlength="25"></td></tr><tr><td>'; $boxstuff .= '<span class="pn-normal"> ' . _BLOCKPASSWORD . '</span></td></tr><tr><td>'; $boxstuff .= '<input type="password" name="pass" size="14" maxlength="20"></td></tr><tr><td>'; if (pnConfigGetVar('seclevel') != 'High') { $boxstuff .= '<input type="checkbox" value="1" name="rememberme" />'; $boxstuff .= '<span class="pn-normal"> ' . _REMEMBERME . '</span></td></tr><tr><td>'; } $boxstuff .= '<br>'; $boxstuff .= '<input type="hidden" name="module" value="NS-User" />'; $boxstuff .= '<input type="hidden" name="op" value="login" />'; $boxstuff .= '<input type="hidden" name="url" value="' . pnVarPrepForDisplay($path) . '" />'; $boxstuff .= '<input type="submit" value="' . _LOGIN . '" /></td></tr><tr><td>'; $boxstuff .= '<br /><span class="pn-normal">' . _ASREGISTERED . '</span></td></tr><tr><td></table></form>'; if (empty($row['title'])) { $row['title'] = _LOGIN; } $row['content'] = $boxstuff; return themesideblock($row); } }
function blocks_topic_block($row) { //global $topic, $catid; list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $currentlang = pnUserGetLang(); if (!pnSecAuthAction(0, 'Topicblock::', "{$row['title']}::", ACCESS_READ)) { return; } $language = pnConfigGetVar('language'); $topic = ""; $catid = ""; if (pnConfigGetVar('multilingual') == 1) { $column =& $pntable['stories_column']; $querylang = "AND ({$column['alanguage']}='{$currentlang}' OR {$column['alanguage']}='')"; /* the OR is needed to display stories who are posted to ALL languages */ } else { $querylang = ''; } $column =& $pntable['topics_column']; $result = $dbconn->Execute("SELECT {$column['topicid']} AS topicid, {$column['topicname']} as topicname FROM {$pntable['topics']} ORDER BY topicname"); if ($result->EOF) { return; } else { $boxstuff = '<span class="pn-normal">'; if ($topic == "") { $boxstuff .= "<strong><big>·</big></strong> <b><a href=\"modules.php?op=modload&name=Topics&file=index\">" . _ALL_TOPICS . "</a></b><br>"; } else { $boxstuff .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name=News&file=index&catid={$catid}\">" . _ALL_TOPICS . "</a><br>"; } while (!$result->EOF) { $srow = $result->GetRowAssoc(false); $result->MoveNext(); if (pnSecAuthAction(0, 'Topics::Topic', "{$srow['topicname']}::{$srow['topicid']}", ACCESS_READ)) { $column =& $pntable['stories_column']; $result2 = $dbconn->Execute("SELECT {$column['time']} AS unixtime FROM {$pntable['stories']} WHERE {$column['topic']}={$srow['topicid']} {$querylang} ORDER BY {$column['time']} DESC"); if (!$result2->EOF) { $story = $result2->GetRowAssoc(false); $story['unixtime'] = $result2->UnixTimeStamp($story['unixtime']); $sdate = ml_ftime(_DATEBRIEF, $story['unixtime']); if ($topic == $srow['topicid']) { $boxstuff .= "<strong><big>·</big></strong> <span class=\"pn-title\"><b>{$srow['topicname']}</b></span> <span class=\"pn-sub\">({$sdate})</span><br>"; } else { $boxstuff .= "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=index&catid={$catid}&topic={$srow['topicid']}\">{$srow['topicname']}</a> <span class=\"pn-sub\">({$sdate})</span><br>"; } } } } } $boxstuff .= '</span>'; if (empty($row['title'])) { $row['title'] = _TOPICS; } $row['content'] = $boxstuff; return themesideblock($row); }
function blocks_php_block($row) { if (!pnSecAuthAction(0, 'PHPblock::', "{$row['title']}::", ACCESS_READ)) { return; } ob_start(); print eval($row['content']); $row['content'] = ob_get_contents(); ob_end_clean(); return themesideblock($row); }
function blocks_rss_display($row) { $args = pnBlockVarsFromContent($row['content']); if (!empty($args['headlines'])) { $row['content'] = $args['headlines']; } else { $row['content'] = ''; } // Ugly ugly $row['content'] = preg_replace('/_RSSREADMORE/', _RSSREADMORE, $row['content']); return themesideblock($row); }
function blocks_category_block($row) { global $topic, $catid; list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, 'Categoryblock::', "{$row['title']}::", ACCESS_READ)) { return; } if (pnConfigGetVar('multilingual') == 1) { $column =& $pntable['stories_column']; $querylang = "AND ({$column['alanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$column['alanguage']}='')"; /* the OR is needed to display stories who are posted to ALL languages */ } else { $querylang = ''; } $column =& $pntable['stories_cat_column']; $result = $dbconn->Execute("SELECT {$column['catid']} as catid, {$column['title']} as title FROM {$pntable['stories_cat']} ORDER BY {$column['title']}"); if ($result->EOF) { return; } else { $boxstuff = '<span class="pn-normal">'; if ($catid == "") { // $boxstuff .= '<strong><big>·</big></strong> <b>'._ALL_CATEGORIES.'</b><br />'; $boxstuff .= ""; } else { $boxstuff .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name=News&file=index&topic={$topic}\">" . _ALL_CATEGORIES . "</a><br />"; } for (; !$result->EOF; $result->MoveNext()) { $srow = $result->GetRowAssoc(false); if (pnSecAuthAction(0, 'Stories::Category', "{$srow['title']}::{$srow['catid']}", ACCESS_READ)) { $column =& $pntable['stories_column']; $result2 = $dbconn->Execute("SELECT {$column['time']} AS unixtime\n FROM {$pntable['stories']}\n WHERE {$column['catid']}=" . pnVarPrepForStore($srow['catid']) . " {$querylang}\n ORDER BY {$column['time']} DESC"); if (!$result2->EOF) { $story = $result2->GetRowAssoc(false); $story['unixtime'] = $result2->UnixTimeStamp($story['unixtime']); $sdate = ml_ftime(_DATEBRIEF, $story['unixtime']); if ($catid == $srow['catid']) { $boxstuff .= "<strong><big>·</big></strong> <span class=\"pn-title\"><b>" . pnVarPrepForDisplay($srow['title']) . "</b></span> <span class=\"pn-sub\">(" . pnVarPrepForDisplay($sdate) . ")</span><br />"; } else { $boxstuff .= "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=index&catid={$srow['catid']}&topic={$topic}\">" . pnVarPrepForDisplay($srow['title']) . "</a> <span class=\"pn-sub\">(" . pnVarPrepForDisplay($sdate) . ")</span><br />"; } } } } } $boxstuff .= '</span>'; if (empty($row['title'])) { $row['title'] = _CATEGORIES; } $row['content'] = $boxstuff; return themesideblock($row); }
function blocks_weblinks_display($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, 'Weblinksblock::', "{$row['title']}::", ACCESS_READ)) { return; } $url = explode('|', $row['url']); if (!$url[0]) { $row['content'] = 'You forgot to set the module name!'; return themesideblock($row); } if (!$url[1]) { $url[1] = 10; } $links_col =& $pntable['links_links_column']; $linksok = 0; $linkcount = 0; $result = $dbconn->Execute("SELECT {$links_col['cat_id']}, {$links_col['title']} FROM {$pntable['links_links']} ORDER BY {$links_col['date']} DESC"); while (list($cid, $title) = $result->fields) { $result->MoveNext(); $linkcount++; if (pnSecAuthAction(0, "Web Links::Category", "{$title}::{$cid}", ACCESS_READ)) { $linksok++; } if ($linksok == $url[1]) { break; } } $oldurl = $url[1]; $url[1] = $linkcount; $row['content'] = '<span class="pn-normal">'; $links_col =& $pntable['links_links_column']; $cats_col =& $pntable['links_categories_column']; $sql = "SELECT {$links_col['lid']} as lid, {$links_col['cat_id']} as catid, {$links_col['title']} as title, {$links_col['description']} as description, {$links_col['hits']} as hits, IF({$links_col['cat_id']}, CONCAT('/', {$cats_col['title']}), {$cats_col['title']}) AS cattitle\n FROM {$pntable['links_links']}\n LEFT JOIN {$pntable['links_categories']}\n ON {$cats_col['cat_id']}={$links_col['cat_id']}\n ORDER BY {$links_col['date']} DESC"; $result = $dbconn->SelectLimit($sql, $url[1]); while (!$result->EOF) { $lrow = $result->GetRowAssoc(false); if (pnSecAuthAction(0, "Web Links::Category", "{$lrow['cattitle']}::{$lrow['catid']}", ACCESS_READ)) { $lrow['title'] = pnVarPrepForDisplay($lrow['title']); $lrow['description'] = pnVarPrepHTMLDisplay($lrow['description']); $lrow['cattitle'] = pnVarPrepForDisplay($lrow['cattitle']); $row['content'] .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name={$url['0']}&file=index&req=visit&lid={$lrow['lid']}\" target=\"_blank\" title=\"{$lrow['cattitle']}:\n{$lrow['description']}\" class=\"pn-sub\">{$lrow['title']}</a><br>\n"; $result->MoveNext(); } } //$row['content'] .= "<div align=\"right\"><font class=\"pn-sub\"><a href=\"modules.php?op=modload&name=Web_Links&file=index&req=NewLinks&newlinkshowdays=10\">"._READMORE."</a></font></div>"; $row['content'] .= '</span>'; return themesideblock($row); }
function blocks_banner_block($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, "Bannersblock::", "{$row['title']}::", ACCESS_READ)) { return; } $url = explode('|', $row['url']); // to have some start variables if (!$url[0]) { $url[0] = "3"; } // get the banner through the new banner api and assign type $row['content'] = "<br><center>" . pnBannerDisplay($url[0]) . "</center>"; return themesideblock($row); }
function blocks_user_block($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, 'Userblock::', "{$row['title']}::", ACCESS_READ)) { return; } if (pnUserLoggedIn() && pnUserGetVar('ublockon') == 1) { $column =& $pntable['users_column']; $uid = pnUserGetVar('uid'); $getblock = $dbconn->Execute("SELECT {$column['ublock']} FROM {$pntable['users']} WHERE {$column['uid']}=" . pnVarPrepForStore($uid) . ""); list($ublock) = $getblock->fields; $username = pnUserGetVar('name'); $row['title'] = _MENUFOR . " " . pnVarPrepForDisplay($username) . ""; $row['content'] = $ublock; return themesideblock($row); } }
function blocks_big_block($row) { $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, 'Bigblock::', "{$row['title']}::", ACCESS_READ)) { return; } $today = getdate(); $day = $today["mday"]; if ($day < 10) { $day = "0{$day}"; } $month = $today["mon"]; if ($month < 10) { $month = "0{$month}"; } $year = $today["year"]; $tdate = "{$year}-{$month}-{$day}"; $column =& $pntable['stories_column']; $articles = getArticles("{$column['time']} LIKE '%{$tdate}%'\n AND {$column['ihome']} = 0\n AND {$column['counter']} > 0", "{$column['counter']} DESC", "1"); if (empty($articles)) { return; } else { $info = genArticleInfo($articles[0]); if (pnSecAuthAction(0, 'Stories::Story', "{$info['aid']}:{$info['cattitle']}:{$info['sid']}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$info['topicname']}::{$info['tid']}", ACCESS_READ)) { $links = genArticleLinks($articles[0]); $preformat = genArticlePreformat($info, $links); $content = '<span class="pn-normal">' . _BIGSTORY . '</span><br /><br />'; $content .= $preformat['title']; } else { return; } } if (empty($row['title'])) { $row['title'] = _TODAYBIG; } if (empty($content)) { return; } $row['content'] = $content; return themesideblock($row); }
function blocks_button_display($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, 'Buttonblock::', "{$row['title']}::", ACCESS_READ)) { return; } $buttons = array(); $column =& $pntable['blocks_buttons_column']; $result = $dbconn->Execute("SELECT {$column['title']} as title, {$column['url']} as url, {$column['images']} as images\n FROM {$pntable['blocks_buttons']}\n WHERE {$column['bid']}={$row['bid']}"); while (!$result->EOF) { $brow = $result->getRowAssoc(false); $result->MoveNext(); $buttons[] = $brow; } srand(time()); shuffle($buttons); shuffle($buttons); $row['content'] = '<span style="text-align:center">'; $content = 0; foreach ($buttons as $v) { $img = explode('|', $v['images']); if (count($img) > 1) { $x = rand(0, count($img) - 1); $img = $img[$x]; } else { $img = $img[0]; } $v['title'] = pnVarPrepForDisplay($v['title']); if (!pnSecAuthAction(0, 'Buttonblock::', "{$row['title']}:{$row['url']}:{$img}", ACCESS_READ)) { continue; } $imgsize = @getimagesize($img); $row['content'] .= "<a href=\"{$v['url']}\" target=\"_blank\" title=\"{$v['title']}\"><img src=\"{$img}\"\n alt=\"{$v['title']}\" border=\"0\" {$imgsize['3']} /></a><br />\n"; $content = 1; } $row['content'] .= '</span>'; if ($content == 1) { return themesideblock($row); } }
function blocks_finclude_block($row) { if (!pnSecAuthAction(0, "fincludeblock::", "{$row['title']}::", ACCESS_READ)) { return; } $url = explode('|', $row['url']); $file = $url[0]; $type = $url[1]; if (!file_exists($file)) { $row['content'] = "File: " . $file . " does not exist."; return themesideblock($row); } $lines = file($file); foreach ($lines as $line_num => $line) { if ($type == 1) { $row['content'] .= $line; } if ($type == 0) { $row['content'] .= $line . "<br/>"; } } return themesideblock($row); }
/** * display block */ function template_firstblock_display($blockinfo) { // Security check if (!pnSecAuthAction(0, 'Template:Firstblock:', "{$blockinfo['title']}::", ACCESS_READ)) { return; } // Get variables from content block $vars = pnBlockVarsFromContent($blockinfo['content']); // Defaults if (empty($vars['numitems'])) { $vars['numitems'] = 5; } // Database information pnModDBInfoLoad('Template'); list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $templatetable = $pntable['template']; $templatecolumn =& $pntable['template_column']; // Query $sql = "SELECT {$templatecolumn['tid']},\n {$templatecolumn['name']}\n FROM {$templatetable}\n ORDER by {$templatecolumn['name']}"; $result = $dbconn->SelectLimit($sql, $vars['numitems']); if ($dbconn->ErrorNo() != 0) { return; } if ($result->EOF) { return; } // Create output object $output = new pnHTML(); // Display each item, permissions permitting for (; !$result->EOF; $result->MoveNext()) { list($tid, $name) = $result->fields; if (pnSecAuthAction(0, 'Template::', "{$name}::{$tid}", ACCESS_OVERVIEW)) { if (pnSecAuthAction(0, 'Template::', "{$name}::{$tid}", ACCESS_READ)) { $output->URL(pnModURL('Template', 'user', 'viewdetail', array('tid' => $tid)), $name); } else { $output->Text($name); } $output->Linebreak(); } } // Populate block info and pass to theme $blockinfo['content'] = $output->GetOutput(); return themesideblock($blockinfo); }
function blocks_thelang_block($row) { $currentlang = pnUserGetLang(); if (!pnSecAuthAction(0, 'Languageblock::', "{$row['title']}::", ACCESS_OVERVIEW)) { return; } if (!pnConfigGetVar('multilingual')) { return; } $currentURL = $_SERVER['REQUEST_URI']; if ($currentURL === "") { $currentURL = "index.php"; } $pattern = '/\\?newlang=.../'; $currentURL = preg_replace($pattern, '', $currentURL); $pattern = '/\\&newlang=.../'; $currentURL = pnVarPrepForDisplay(preg_replace($pattern, '', $currentURL)); $append = "&"; if (strpos($currentURL, '?') === false) { $append = "?"; } $lang = languagelist(); $handle = opendir('language'); while ($f = readdir($handle)) { if (is_dir("language/{$f}") && !empty($lang[$f])) { $langlist[$f] = $lang[$f]; $sel_lang[$f] = ''; } } asort($langlist); $content = '<center><font class="pn-normal">' . _SELECTGUILANG . '</font><br><br>'; if (pnConfigGetVar('useflags')) { $i = 1; foreach ($langlist as $k => $v) { if ($i > 3) { $content .= "<br>\n"; $i = 1; } $imgsize = @getimagesize("images/flags/flag-{$k}.png"); $content .= "<a href=\"{$currentURL}" . $append . "newlang={$k}\"><img src=\"images/flags/flag-{$k}.png\" border=\"0\" alt=\"{$lang[$k]}\" hspace=\"3\" vspace=\"3\" {$imgsize['3']}></a>"; $i++; } $content .= '</center>'; } else { $content .= '<form method="post" action="index.php"><select class="pn-text" name="newlanguage" onChange="top.location.href=this.options[this.selectedIndex].value">'; $sel_lang[$currentlang] = ' selected'; foreach ($langlist as $k => $v) { $content .= "<option value=\"{$currentURL}" . $append . "newlang={$k}\"{$sel_lang[$k]}>{$v}</option>\n"; } $content .= '</select></form></center>'; } if (empty($row['title'])) { $row['title'] = _SELECTLANGUAGE; } $row['content'] = $content; return themesideblock($row); }
/** * display block */ function postcalendar_calendarblock_display($blockinfo) { // You supposed to be here? if (!pnSecAuthAction(0, 'PostCalendar:calendarblock:', "{$blockinfo['title']}::", ACCESS_OVERVIEW)) { return false; } // find out what view we're using $template_view = pnVarCleanFromInput('tplview'); if (!isset($template_view)) { $template_view = 'default'; } // find out what template we're using $template_name = _SETTING_TEMPLATE; if (!isset($template_name) || empty($template_name)) { $template_name = 'default'; } // What is today's correct date $Date =& postcalendar_getDate(); // Get variables from content block $vars = unserialize($blockinfo['content']); $showcalendar = $vars['pcbshowcalendar']; $showevents = $vars['pcbeventoverview']; $eventslimit = $vars['pcbeventslimit']; $nextevents = $vars['pcbnextevents']; $pcbshowsslinks = $vars['pcbshowsslinks']; $pcbeventsrange = $vars['pcbeventsrange']; // Let's setup the info to build this sucka! $the_year = substr($Date, 0, 4); $the_month = substr($Date, 4, 2); $the_day = substr($Date, 6, 2); $uid = pnUserGetVar('uid'); $cacheid1 = $cacheid2 = $cacheid3 = ''; $theme = pnUserGetTheme(); pnThemeLoad($theme); global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5; global $textcolor1, $textcolor2; // 20021125 - rraymond :: we have to do this to make it work with envolution $pcModInfo = pnModGetInfo(pnModGetIDFromName(__POSTCALENDAR__)); $pcDir = pnVarPrepForOS($pcModInfo['directory']); require_once "modules/{$pcDir}/pnincludes/Smarty/Config_File.class.php"; unset($pcModInfo); // set up Smarty $tpl =& new pcSmarty(); // setup the Smarty cache id $templates_cached = true; if ($showcalendar) { $cacheid1 = md5($Date . 'M' . $template_view . $template_name . $showcalendar . $showevents . $nextevents . $uid . $theme); if (!$tpl->is_cached($template_name . '/views/calendarblock/month_view.html', $cacheid1)) { $templates_cached = false; } } if ($showevents) { $cacheid2 = md5($Date . 'T' . $template_view . $template_name . $showcalendar . $showevents . $nextevents . $uid . $theme); if (!$tpl->is_cached($template_name . '/views/calendarblock/todays_events.html', $cacheid2)) { $templates_cached = false; } } if ($nextevents) { $cacheid3 = md5($Date . 'U' . $template_view . $template_name . $showcalendar . $showevents . $nextevents . $uid . $theme); if (!$tpl->is_cached($template_name . '/views/calendarblock/upcoming_events.html', $cacheid3)) { $templates_cached = false; } } // start the output container $output = pnModAPIFunc(__POSTCALENDAR__, 'user', 'pageSetup'); // if one of the templates is not cached, we need to run the following if (!$templates_cached) { // set up the next and previous months to move to $prev_month = Date_Calc::beginOfPrevMonth(1, $the_month, $the_year, '%Y%m%d'); $next_month = Date_Calc::beginOfNextMonth(1, $the_month, $the_year, '%Y%m%d'); $last_day = Date_Calc::daysInMonth($the_month, $the_year); $pc_prev = pnModURL(__POSTCALENDAR__, 'user', 'view', array('tplview' => $template_view, 'viewtype' => 'month', 'Date' => $prev_month)); $pc_next = pnModURL(__POSTCALENDAR__, 'user', 'view', array('tplview' => $template_view, 'viewtype' => 'month', 'Date' => $next_month)); $pc_month_name = pnModAPIFunc(__POSTCALENDAR__, 'user', 'getmonthname', array('Date' => mktime(0, 0, 0, $the_month, $the_day, $the_year))); $month_link_url = pnModURL(__POSTCALENDAR__, 'user', 'view', array('tplview' => $template_view, 'viewtype' => 'month', 'Date' => date('Ymd', mktime(0, 0, 0, $the_month, 1, $the_year)))); $month_link_text = $pc_month_name . ' ' . $the_year; //******************************************************************* // Here we get the events for the current month view //******************************************************************* $day_of_week = 1; $pc_month_names = array(_CALJAN, _CALFEB, _CALMAR, _CALAPR, _CALMAY, _CALJUN, _CALJUL, _CALAUG, _CALSEP, _CALOCT, _CALNOV, _CALDEC); $pc_short_day_names = array(_CALSUNDAYSHORT, _CALMONDAYSHORT, _CALTUESDAYSHORT, _CALWEDNESDAYSHORT, _CALTHURSDAYSHORT, _CALFRIDAYSHORT, _CALSATURDAYSHORT); $pc_long_day_names = array(_CALSUNDAY, _CALMONDAY, _CALTUESDAY, _CALWEDNESDAY, _CALTHURSDAY, _CALFRIDAY, _CALSATURDAY); switch (_SETTING_FIRST_DAY_WEEK) { case _IS_MONDAY: $pc_array_pos = 1; $first_day = date('w', mktime(0, 0, 0, $the_month, 0, $the_year)); $end_dow = date('w', mktime(0, 0, 0, $the_month, $last_day, $the_year)); if ($end_dow != 0) { $the_last_day = $last_day + (7 - $end_dow); } else { $the_last_day = $last_day; } break; case _IS_SATURDAY: $pc_array_pos = 6; $first_day = date('w', mktime(0, 0, 0, $the_month, 2, $the_year)); $end_dow = date('w', mktime(0, 0, 0, $the_month, $last_day, $the_year)); if ($end_dow == 6) { $the_last_day = $last_day + 6; } elseif ($end_dow != 5) { $the_last_day = $last_day + (5 - $end_dow); } else { $the_last_day = $last_day; } break; case _IS_SUNDAY: default: $pc_array_pos = 0; $first_day = date('w', mktime(0, 0, 0, $the_month, 1, $the_year)); $end_dow = date('w', mktime(0, 0, 0, $the_month, $last_day, $the_year)); if ($end_dow != 6) { $the_last_day = $last_day + (6 - $end_dow); } else { $the_last_day = $last_day; } break; } $month_view_start = date('Y-m-d', mktime(0, 0, 0, $the_month, 1, $the_year)); $month_view_end = date('Y-m-t', mktime(0, 0, 0, $the_month, 1, $the_year)); $today_date = postcalendar_today('%Y-%m-%d'); $starting_date = date('m/d/Y', mktime(0, 0, 0, $the_month, 1 - $first_day, $the_year)); $ending_date = date('m/t/Y', mktime(0, 0, 0, $the_month + $pcbeventsrange, 1, $the_year)); $eventsByDate =& pnModAPIFunc(__POSTCALENDAR__, 'user', 'pcGetEvents', array('start' => $starting_date, 'end' => $ending_date)); $calendarView = Date_Calc::getCalendarMonth($the_month, $the_year, '%Y-%m-%d'); $sdaynames = array(); $numDays = count($pc_short_day_names); for ($i = 0; $i < $numDays; $i++) { if ($pc_array_pos >= $numDays) { $pc_array_pos = 0; } array_push($sdaynames, $pc_short_day_names[$pc_array_pos]); $pc_array_pos++; } $daynames = array(); $numDays = count($pc_long_day_names); for ($i = 0; $i < $numDays; $i++) { if ($pc_array_pos >= $numDays) { $pc_array_pos = 0; } array_push($daynames, $pc_long_day_names[$pc_array_pos]); $pc_array_pos++; } $dates = array(); while ($starting_date <= $ending_date) { array_push($dates, $starting_date); list($m, $d, $y) = explode('/', $starting_date); $starting_date = Date_Calc::nextDay($d, $m, $y, '%m/%d/%Y'); } $categories =& pnModAPIFunc(__POSTCALENDAR__, 'user', 'getCategories'); if (isset($calendarView)) { $tpl->assign_by_ref('CAL_FORMAT', $calendarView); } $tpl->assign_by_ref('A_MONTH_NAMES', $pc_month_names); $tpl->assign_by_ref('A_LONG_DAY_NAMES', $pc_long_day_names); $tpl->assign_by_ref('A_SHORT_DAY_NAMES', $pc_short_day_names); $tpl->assign_by_ref('S_LONG_DAY_NAMES', $daynames); $tpl->assign_by_ref('S_SHORT_DAY_NAMES', $sdaynames); $tpl->assign_by_ref('A_EVENTS', $eventsByDate); $tpl->assign_by_ref('A_CATEGORY', $categories); $tpl->assign_by_ref('PREV_MONTH_URL', $pc_prev); $tpl->assign_by_ref('NEXT_MONTH_URL', $pc_next); $tpl->assign_by_ref('MONTH_START_DATE', $month_view_start); $tpl->assign_by_ref('MONTH_END_DATE', $month_view_end); $tpl->assign_by_ref('TODAY_DATE', $today_date); $tpl->assign_by_ref('DATE', $Date); $tpl->assign_by_ref('DISPLAY_LIMIT', $eventslimit); $tpl->assign('TODAYS_EVENTS_TITLE', _PC_TODAYS_EVENTS); $tpl->assign('UPCOMING_EVENTS_TITLE', _PC_UPCOMING_EVENTS); $tpl->assign('NO_EVENTS', _PC_BLOCK_NO_EVENTS); } if ($showcalendar) { // we need to create a unique ID for caching purposes $output .= $tpl->fetch($template_name . '/views/calendarblock/month_view.html', $cacheid1); } if ($showevents) { if ($showcalendar) { $tpl->assign('SHOW_TITLE', 1); } else { $tpl->assign('SHOW_TITLE', 0); } // we need to create a unique ID for caching purposes $output .= $tpl->fetch($template_name . '/views/calendarblock/todays_events.html', $cacheid2); } if ($nextevents) { if ($showcalendar || $showevents) { $tpl->assign('SHOW_TITLE', 1); } else { $tpl->assign('SHOW_TITLE', 0); } // we need to create a unique ID for caching purposes $output .= $tpl->fetch($template_name . '/views/calendarblock/upcoming_events.html', $cacheid3); } if ($pcbshowsslinks) { $output .= '<br /><br />'; $submit_event_url = pnModURL(__POSTCALENDAR__, 'user', 'submit'); $search_event_url = pnModURL(__POSTCALENDAR__, 'user', 'search'); $output .= '<center>'; if (PC_ACCESS_ADD) { $output .= '[ <a href="' . $submit_event_url . '">' . _PC_SUBMIT_EVENT . '</a> ] '; } $output .= '[ <a href="' . $search_event_url . '">' . _PC_SEARCH_EVENT . '</a> ]'; $output .= '</center>'; } // Populate block info and pass to theme $blockinfo['content'] = $output; return themesideblock($blockinfo); }
function blocks_menu_block($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); // Generic check if (!pnSecAuthAction(0, 'Menublock::', "{$row['title']}::", ACCESS_READ)) { return; } // Break out options from our content field $vars = pnBlockVarsFromContent($row['content']); // Display style // style = 1 - simple list // style = 2 - drop-down list // Title $block['title'] = $row['title']; // Styling if (empty($vars['style'])) { $vars['style'] = 1; } $block['content'] = startMenuStyle($vars['style']); $content = 0; // nkame: must start with some blank line, otherwise we're not able to // chose the first option in case of a drop-down menu. // a better solution would be to detect where we are, and adjust the selected // option in the list, and only add a blank line in case of no recognition. if ($vars['style'] == 2) { $block['content'] .= addMenuStyledUrl($vars['style'], "", "", ""); } // Content if (!empty($vars['content'])) { $contentlines = explode("LINESPLIT", $vars['content']); foreach ($contentlines as $contentline) { list($url, $title, $comment) = explode('|', $contentline); if (pnSecAuthAction(0, "Menublock::", "{$row['title']}:{$title}:", ACCESS_READ)) { $block['content'] .= addMenuStyledUrl($vars['style'], pnVarPrepForDisplay($title), $url, pnVarPrepForDisplay($comment)); $content = 1; } } } // Modules if (!empty($vars['displaymodules'])) { $mods = pnModGetUserMods(); // Separate from current content, if any if ($content == 1) { $block['content'] .= addMenuStyledUrl($vars['style'], "", "", ""); } foreach ($mods as $mod) { // jgm - need to work back ML into modules table somehow // if (file_exists("modules/$mod/modname.php")) { // include "modules/$mod/modname.php"; // } else { if (pnSecAuthAction(0, "{$mod['name']}::", "::", ACCESS_OVERVIEW)) { switch ($mod['type']) { case 1: $block['content'] .= addMenuStyledUrl($vars['style'], pnVarPrepForDisplay($mod['displayname']), "modules.php?op=modload&name=" . pnVarPrepForDisplay($mod['directory']) . "&file=index", pnVarPrepForDisplay($mod['description'])); $content = 1; break; case 2: $block['content'] .= addMenuStyledUrl($vars['style'], pnVarPrepForDisplay($mod['displayname']), pnModURL($mod['name'], 'user', 'main'), pnVarPrepForDisplay($mod['description'])); $content = 1; break; } } } } // Waiting content if (!empty($vars['displaywaiting'])) { // Separate from current content, if any if ($content == 1) { $block['content'] .= addMenuStyledUrl($vars['style'], "", "", ""); } $header = 0; if (pnSecAuthAction(0, "Stories::Story", "::", ACCESS_ADD)) { $result = $dbconn->Execute("SELECT count(1) FROM {$pntable['queue']}\n WHERE {$pntable['queue_column']['arcd']}=0"); if ($dbconn->ErrorNo() == 0) { list($qnum) = $result->fields; $result->Close(); if ($qnum) { if ($header == 0) { $block['content'] .= addMenuStyledUrl($vars['style'], "<strong>" . _WAITINGCONT . "</strong>", "", ""); $header = 1; } $block['content'] .= addMenuStyledUrl($vars['style'], _SUBMISSIONS . ": {$qnum}", "admin.php?module=NS-AddStory&op=submissions", ""); $content = 1; } } } if (pnSecAuthAction(0, "Reviews::", "::", ACCESS_ADD)) { $result = $dbconn->Execute("SELECT count(1) FROM {$pntable['reviews_add']}"); if ($dbconn->ErrorNo() == 0) { list($rnum) = $result->fields; $result->Close(); if ($rnum) { if ($header == 0) { $block['content'] .= addMenuStyledUrl($vars['style'], "<strong>" . _WAITINGCONT . "</strong>", "", ""); $header = 1; } $block['content'] .= addMenuStyledUrl($vars['style'], _WREVIEWS . ": {$rnum}", "admin.php?module=Reviews&op=main", ""); $content = 1; } } } if (pnSecAuthAction(0, "Web Links::Link", "::", ACCESS_ADD)) { $result = $dbconn->Execute("SELECT count(1) FROM {$pntable['links_newlink']}"); if ($dbconn->ErrorNo() == 0) { list($lnum) = $result->fields; $result->Close(); if ($lnum) { if ($header == 0) { $block['content'] .= addMenuStyledUrl($vars['style'], "<strong>" . _WAITINGCONT . "</strong>", "", ""); $header = 1; } $block['content'] .= addMenuStyledUrl($vars['style'], _WLINKS . ": {$lnum}", "admin.php?module=Web_Links&op=main", ""); $content = 1; } } } if (pnSecAuthAction(0, "Downloads::Item", "::", ACCESS_ADD)) { $result = $dbconn->Execute("SELECT count(1) FROM {$pntable['downloads_newdownload']}"); if ($dbconn->ErrorNo() == 0) { list($dnum) = $result->fields; $result->Close(); if ($dnum) { if ($header == 0) { $block['content'] .= addMenuStyledUrl($vars['style'], "<strong>" . _WAITINGCONT . "</strong>", "", ""); $header = 1; } $block['content'] .= addMenuStyledUrl($vars['style'], _WDOWNLOADS . ": {$dnum}", "admin.php?module=Downloads&op=main", ""); $content = 1; } } } if (pnSecAuthAction(0, "FAQ::", "::", ACCESS_ADD)) { $faqcolumn =& $pntable['faqanswer_column']; $result = $dbconn->Execute("SELECT count(1) FROM {$pntable['faqanswer']} WHERE {$faqcolumn['answer']}=''"); if ($dbconn->ErrorNo() == 0) { list($fnum) = $result->fields; $result->Close(); if ($fnum) { if ($header == 0) { $block['content'] .= addMenuStyledUrl($vars['style'], "<strong>" . _WAITINGCONT . "</strong>", "", ""); $header = 1; } $block['content'] .= addMenuStyledUrl($vars['style'], _FQUESTIONS . ": {$fnum}", "admin.php?module=FAQ&op=FaqCatUnanswered", ""); $content = 1; } } } } // Styling $block['content'] .= endMenuStyle($vars['style']); if ($content) { $row['title'] = $block['title']; $row['content'] = $block['content']; return themesideblock($row); } }
/** * show a block * * @param string $modname module name * @param string $block name of the block * @param array $blockinfo information parameters * @return mixed blockinfo array or null */ function pnBlockShow($modname = null, $block = null, $blockinfo = array()) { if (empty($modname) || empty($block)) { return null; } global $blocks_modules; pnBlockLoad($modname, $block); $displayfunc = "{$modname}_{$block}block_display"; if (function_exists($displayfunc)) { // New-style blocks return $displayfunc($blockinfo); } else { $modid = pnModGetIDFromName($modname); if (isset($blocks_modules[0][$block]['func_display'])) { return $blocks_modules[0][$block]['func_display']($blockinfo); // support old style blocks within modules } else { if (isset($blocks_modules[$modid][$block]['func_display'])) { return $blocks_modules[$modid][$block]['func_display']($blockinfo); // Old-style blocks } else { if (pnSecAuthAction(0, '.*', '.*', ACCESS_ADMIN)) { $blockinfo['title'] = pnVarPrepForDisplay(_UNKNOWNBLOCKTYPE) . " {$block}!"; $blockinfo['content'] = pnVarPrepForDisplay(_UNKNOWNBLOCKHINT); return themesideblock($blockinfo); } } } } }
function blocks_stories_block($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $currentlang = pnUserGetLang(); if (!pnSecAuthAction(0, 'Storiesblock::', "{$row['title']}::", ACCESS_READ)) { return; } // Break out options from our content field $vars = pnBlockVarsFromContent($row['content']); // Defaults if (!isset($vars['storiestype'])) { $vars['storiestype'] = 2; } if (!isset($vars['topic'])) { $vars['topic'] = -1; } if (!isset($vars['category'])) { $vars['category'] = -1; } if (!isset($vars['limit'])) { $vars['limit'] = 10; } $row['content'] = ""; $query_started = false; // Base query $storiescolumn = $pntable['stories_column']; $storiescatcolumn = $pntable['stories_cat_column']; $topicscolumn = $pntable['topics_column']; $query = "SELECT {$storiescolumn['aid']} AS \"aid\",\n {$storiescolumn['catid']} AS \"cid\",\n {$storiescatcolumn['title']} AS \"cattitle\",\n {$storiescolumn['sid']} AS \"sid\",\n {$topicscolumn['topicid']} AS \"tid\",\n {$storiescolumn['time']} AS \"time\",\n {$storiescolumn['title']} AS \"title\",\n {$topicscolumn['topicname']} AS \"topicname\"\n\t\t\tFROM \t{$pntable['stories']}"; // Assume mysql start $query .= " LEFT JOIN {$pntable['stories_cat']} ON {$storiescolumn['catid']} = {$storiescatcolumn['catid']}\n\t\t\t\tLEFT JOIN {$pntable['topics']} ON {$storiescolumn['topic']} = {$topicscolumn['topicid']}"; // Assume mysql end // $query .= " WHERE"; $wherearray = array(); // check language if (pnConfigGetVar('multilingual') == 1) { // $query_started = true; // $query .= " ($storiescolumn[alanguage]='" . pnUserGetLang() . "' OR $storiescolumn[alanguage]='')"; $wherearray[] = " ({$storiescolumn['alanguage']}='" . pnUserGetLang() . "' OR {$storiescolumn['alanguage']}='')"; } // Qualifier for front-page/not front-page news // storiestype = 3 - front-page news // storiestype = 1 - not front-page news // storiestype = 2 - all news if ($vars['storiestype'] == '1') { // where clause already started? // if ($query_started == true) { // $query .= " AND"; // } // $query_started = true; // $query .= " $storiescolumn[ihome]=1"; $wherearray[] = " {$storiescolumn['ihome']}=1"; } if ($vars['storiestype'] == '3') { // where clause already started? // if ($query_started == true) { // $query .= " AND"; // } // $query_started = true; // $query .= " $storiescolumn[ihome]=0"; $wherearray[] = " {$storiescolumn['ihome']}=0"; } // Qualifier for particular topic // topic = -1 - all topics? if ($vars['topic'] != -1) { // where clause already started? // if ($query_started == true) { // $query .= " AND"; // } // $query_started = true; // $query .= " $storiescolumn[topic]=" . pnVarPrepForStore($vars['topic']); $wherearray[] = " {$storiescolumn['topic']}=" . pnVarPrepForStore($vars['topic']); } // Qualifier for particular category // category = -1 - all categories if ($vars['category'] != -1) { // where clause already started? // if ($query_started = true) { // $query .= " AND"; // } // $query .= " $storiescolumn[cid]=" . pnVarPrepForStore($vars['category']); $wherearray[] = " {$storiescolumn['cid']}=" . pnVarPrepForStore($vars['category']); } if ($wherearray) { $query .= " WHERE " . implode(" AND ", $wherearray); } // Qualifier for how many stories $query .= " ORDER BY {$storiescolumn['time']} DESC"; // we can't use a limit query since permissions might take effect... //$result = $dbconn->SelectLimit($query, pnVarPrepForStore($vars['limit'])); $result = $dbconn->Execute($query); // Error checking -- jn if ($dbconn->ErrorNo() != 0) { return false; } $shown_results = 0; $postmax = $vars['limit']; while ((list($aid, $cid, $cattitle, $sid, $tid, $time, $title, $topicname) = $result->FetchRow()) && $shown_results < $postmax) { $time = $result->UnixTimeStamp($time); if (!isset($aid)) { $aid = ''; } if ($catid == 0) { // Default category $cattitle = "" . _ARTICLES . ""; } if (pnSecAuthAction(0, 'Stories::Story', "{$aid}:{$cattitle}:{$sid}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$topicname}::{$tid}", ACCESS_READ)) { $row['content'] .= "<strong><big>·</big></strong> <font class=\"pn-sub\"><a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=article&sid=" . pnVarPrepForDisplay($sid) . "\">" . pnVarPrepForDisplay($title) . "</a>\n (" . ml_ftime(_DATEBRIEF, $time) . ")</font><br>\n"; $shown_results++; } // removed uncessary MoveNext; FetchRow() from above moves the record set pointer - markwest // Credit rembert http://forums.postnuke.com/index.php?name=PNphpBB2&file=viewtopic&t=14182 // $result->MoveNext(); } if (!empty($row['content'])) { return themesideblock($row); } }
function advheadlines2($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $past = time() - $row['refresh']; if ($row['unix_update'] < $past && $row['url']) { // if(true) { // remove comment for testing purposes // read proxy settings from database $column =& $pntable['headlines_column']; $result = $dbconn->Execute("SELECT {$column['options']} as options, {$column['maxrows']} as maxrows FROM {$pntable['headlines']} WHERE {$column['rssurl']}='{$row['url']}'"); $setting = $result->GetRowAssoc(false); $result->MoveNext(); // Check if the 'P'roxy parameter is set in the options for this url. $use_proxy = stristr($setting['options'], "P") != false; // connect to the rss host $fp = rss_connect($row, $use_proxy); if ($fp) { $rdf = ""; // skip header improves regexp performance (TRICKY CODE!) while (!feof($fp) && fgets($fp, 128) != "\r\n") { } // start reading after the header while (!feof($fp)) { // read fixed blocks of data $rdf[] .= fgets($fp, 128); } // nicely close the connection fputs($fp, "Connection: close\r\n\r\n"); fclose($fp); // for timing purposes $starttime = getmicrotime(); // 'parse' the rdf file $html = parse_rdf2html($rdf, $setting['maxrows'], $setting['options']); // build the contents of the display block $row['hdr_comment'] = "\n<!-- RSS Block start -->\n"; $row['content'] = $html; $time = getmicrotime() - $starttime; $row['ftr_comment'] .= "<-- RSS2 Block end (age: {$age} of {$row['refresh']})[{$stat}] -- runtime: {$time} -->\n\n"; // update block in db $sql_content = addslashes($row['content']); $column =& $pntable['blocks_column']; $sql = "UPDATE {$pntable['blocks']} SET {$column['content']}='{$sql_content}',{$column['last_update']}=NOW() WHERE {$column['bid']}={$row['bid']}"; $result = $dbconn->Execute($sql); if ($dbconn->ErrorNo() != 0) { $row['title'] .= ' *'; $row['content'] .= "<!--\n\n\n" . $dbconn->ErrorMsg() . "\n\n\n{$sql}\n\n\n-->"; exit(0); } } else { // no connection could be established! $content = addslashes('<font class=\\"pn-normal">' . _RSSPROBLEM . '</font>'); $next_try = time() + 600; $column =& $pntable['blocks_column']; $result = $dbconn->Execute("UPDATE {$pntable['blocks']} SET {$column['content']}='{$content}',{$column['last_update']}=FROM_UNIXTIME({$next_try}) WHERE {$column['bid']}={$bid}"); $row['title'] = "{$row['title']} !"; $row['content'] = "{$row['content']}\n\n\n<!--\n\n\n\n\n\n\n" . ml_ftime(_DATETIMELONG, $row['unix_update']) . "\n\n\n\n\n-->\n\n\n\n"; } } else { $row['title'] = $row['title'] . " +"; // chached version indicator } return themesideblock($row); }
/** * show a block * @param the module name * @param the name of the block * @param block information parameters */ function pnBlockShow($modname, $block, $blockinfo = array()) { global $blocks_modules; pnBlockLoad($modname, $block); $displayfunc = "{$modname}_{$block}block_display"; if (function_exists($displayfunc)) { // New-style blocks return $displayfunc($blockinfo); } else { // Old-style blocks if (isset($blocks_modules[$block]['func_display'])) { return $blocks_modules[$block]['func_display']($blockinfo); } else { $blockinfo['title'] = "Block Type {$block} Not Found"; $blockinfo['content'] = "The block type {$block} doesn't seem to exist. Please check corresponding blocks-directory."; return themesideblock($blockinfo); } } }
/** * display block */ function admin_messages_messagesblock_display($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!isset($row['title'])) { $row['title'] = ''; } if (!pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::", ACCESS_READ)) { return; } $messagestable = $pntable['message']; $messagescolumn =& $pntable['message_column']; if (pnConfigGetVar('multilingual') == 1) { $currentlang = pnUserGetLang(); $querylang = "AND ({$messagescolumn['mlanguage']}='{$currentlang}' OR {$messagescolumn['mlanguage']}='')"; } else { $querylang = ''; } $sql = "SELECT {$messagescolumn['mid']},\n {$messagescolumn['title']},\n {$messagescolumn['content']},\n {$messagescolumn['date']},\n {$messagescolumn['view']}\n FROM {$messagestable}\n WHERE {$messagescolumn['active']} = 1 \n AND ( {$messagescolumn['expire']} > unix_timestamp(now())\n OR {$messagescolumn['expire']} = 0)\n {$querylang}\n ORDER by {$messagescolumn['mid']} DESC"; $result = $dbconn->Execute($sql); if ($dbconn->ErrorNo() != 0) { return; } $output = new pnHTML(); while (list($mid, $title, $content, $date, $view) = $result->fields) { $result->MoveNext(); $show = 0; if (pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::{$mid}", ACCESS_READ)) { switch ($view) { case 1: // Message for everyone $show = 1; break; case 2: // Message for users if (pnUserLoggedIn()) { $show = 1; } break; case 3: // Messages for non-users if (!pnUserLoggedIn()) { $show = 1; } break; case 4: // Messages for administrators of any description if (pnSecAuthAction(0, '::', '::', ACCESS_ADMIN)) { $show = 1; } break; } } if ($show) { list($title, $content) = pnModCallHooks('item', 'transform', '', array($title, $content)); $output->TableStart('', '', 0); $output->SetInputMode(_PNH_VERBATIMINPUT); $output->SetOutputMode(_PNH_RETURNOUTPUT); $ttitle = $output->Linebreak(); $ttitle .= $output->Text($title); $ttitle .= $output->Linebreak(2); $output->SetOutputMode(_PNH_KEEPOUTPUT); $output->TableAddRow(array("<font class=\"pn-title\">" . pnVarPrepHTMLDisplay($ttitle) . "</font>"), 'center'); $output->TableAddRow(array("<font class=\"pn-normal\">" . pnVarPrepHTMLDisplay($content) . "</font>"), 'left'); $output->SetInputMode(_PNH_PARSEINPUT); $output->TableEnd(); } } if ($output->output != "") { // Don't want a title $row['title'] = ''; $row['content'] = $output->GetOutput(); return themesideblock($row); } }
/** * poll functions */ function pollMain($pollID, $row) { if (!pnSecAuthAction(0, 'Pollblock::', "{$row['title']}::", ACCESS_READ)) { return; } list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); // if pollID isn't set use the latest pollID. Skooter if (!isset($pollID) || empty($pollID) || !is_numeric($pollID) || $pollID == 0) { $pollID = pollLatest(); } //could be a bug if pollID '1' is deleted. Skooter //if(!isset($pollID)) { // $pollID = 1; //} if (!isset($url)) { $url = sprintf("modules.php?op=modload&name=NS-Polls&file=index&req=results&pollID=%d", $pollID); } $boxContent = "<form action=\"modules.php?op=modload&name=NS-Polls&file=index\" method=\"post\">"; $boxContent .= "<input type=\"hidden\" name=\"pollID\" value=\"" . $pollID . "\" />"; $boxContent .= "<input type=\"hidden\" name=\"forwarder\" value=\"" . $url . "\" />"; $column =& $pntable['poll_desc_column']; $result = $dbconn->Execute("SELECT {$column['polltitle']}, {$column['voters']}\n FROM {$pntable['poll_desc']}\n WHERE {$column['pollid']}=" . (int) pnVarPrepForStore($pollID)); if ($result->EOF) { return; } list($pollTitle, $voters) = $result->fields; $result->Close(); if (!pnSecAuthAction(0, 'Polls::', "{$row['title']}::{$pollID}", ACCESS_OVERVIEW)) { return; } $boxContent .= "<font class=\"pn-normal\"><b>" . pnVarPrepForDisplay(stripslashes($pollTitle)) . "</b></font><br><br>\n"; $column =& $pntable['poll_data_column']; $result = $dbconn->Execute("SELECT {$column['voteid']}, {$column['optiontext']} FROM {$pntable['poll_data']} WHERE ({$column['pollid']}=" . (int) pnVarPrepForStore($pollID) . " AND {$column['optiontext']} NOT LIKE \"\") ORDER BY {$column['voteid']}"); $boxContent .= "<table border=\"0\" cellspacing=0 cellpadding=0>"; while (list($voteid, $optionText) = $result->fields) { if (pnSecAuthAction(0, 'Polls::', "{$row['title']}::{$pollID}", ACCESS_COMMENT)) { $boxContent .= "<tr><td valign=baseline><input type=\"radio\" name=\"voteID\" value=\"{$voteid}\" class=\"r-button\" /></td><td> <span class=\"pn-normal\">" . pnVarPrepForDisplay(stripslashes($optionText)) . "</span></td></tr>\n"; } else { $boxContent .= "<tr><td valign=top>·</td><td> <span class=\"pn-normal\">" . pnVarPrepForDisplay(stripslashes($optionText)) . "</span></td></tr>\n"; } $result->MoveNext(); } $boxContent .= "</table>\n"; if (pnSecAuthAction(0, 'Polls::', "{$row['title']}::{$pollID}", ACCESS_COMMENT)) { $boxContent .= "<br /><p style=\"text-align:center\"><span class=\"pn-normal\"><input class=\"pn-button\" type=\"submit\" value=\"" . _VOTE . "\" /></span><br />"; } $commentoptions = pnUserGetCommentOptions(); $column =& $pntable['poll_data_column']; $result = $dbconn->Execute("SELECT SUM({$column['optioncount']}) AS sum\n FROM {$pntable['poll_data']}\n WHERE {$column['pollid']}=" . (int) pnVarPrepForStore($pollID)); list($sum) = $result->fields; $boxContent .= '<p style="text-align:center"><span class="pn-normal">[ '; if (pnSecAuthAction(0, 'Polls::', "{$row['title']}::{$pollID}", ACCESS_READ)) { $boxContent .= "<a class=\"pn-normal\" href=\"modules.php?op=modload&name=NS-Polls&file=index&req=results&pollID={$pollID}&{$commentoptions}\"><b>" . _RESULTS . "</b></a> | "; } $boxContent .= '<a class="pn-normal" href="modules.php?op=modload&name=NS-Polls&file=index"><b>' . _POLLS . '</b></a> ]</span></p><br />'; if (pnConfigGetVar('pollcomm')) { $column =& $pntable['pollcomments_column']; $comres = $dbconn->Execute("SELECT COUNT(*) FROM {$pntable['pollcomments']} WHERE {$column['pollid']}=" . (int) pnVarPrepForStore($pollID) . ""); list($numcom) = $comres->fields; $boxContent .= "<p style=\"text-align:center\"><span class=\"pn-normal\">" . _NUMVOTES . ": <b>{$sum}</b><br>" . _PCOMMENTS . " <b>{$numcom}</b></span></p>\n\n"; } else { $boxContent .= "<p style=\"text-align:center\"><span class=\"pn-normal\">" . _NUMVOTES . ": <b>{$sum}</b></span></p>\n\n"; } $boxContent .= "</form>\n\n"; if (empty($row['title'])) { $row['title'] = _POLL; } if (empty($row['position'])) { $row['position'] = "c"; } $row['content'] = $boxContent; return themesideblock($row); }
function mediashare_randomblock_display($blockinfo) { // Security check if (!SecurityUtil::checkPermission('mediashare:randomblock:', "{$blockinfo['title']}::{$blockinfo['bid']}", ACCESS_READ)) { return; } $dom = ZLanguage::getModuleDomain('mediashare'); // Get variables from content block $vars = pnBlockVarsFromContent($blockinfo['content']); $sessionVarName = 'mediashare_block_' . $blockinfo['bid']; $sessionVars = SessionUtil::getVar($sessionVarName); if ($sessionVars == '' || $sessionVars == null) { $sessionVars = array(); } if (isset($sessionVars['oldContent']) && isset($sessionVars['lastUpdate'])) { $past = time() - $sessionVars['lastUpdate']; if ($past < $vars['cacheTime']) { // No need to refresh - move old content into real content $blockinfo['content'] = $sessionVars['oldContent']; return themesideblock($blockinfo); } } if ($vars['type'] == 'album') { $randomInfo = pnModAPIFunc('mediashare', 'user', 'getRandomMediaItem', array('albumId' => $vars['albumId'], 'mode' => 'album')); } else { if ($vars['type'] == 'latest') { $randomInfo = pnModAPIFunc('mediashare', 'user', 'getRandomMediaItem', array('latest' => true, 'mode' => 'latest')); } else { $randomInfo = pnModAPIFunc('mediashare', 'user', 'getRandomMediaItem'); } } if ($randomInfo === false) { return false; } $mediaId = $randomInfo['mediaId']; $albumId = $randomInfo['albumId']; if (empty($mediaId)) { return; } // Get image info $mediaInfo = pnModAPIFunc('mediashare', 'user', 'getMediaItem', array('mediaId' => $mediaId)); // Get album info $albumInfo = pnModAPIFunc('mediashare', 'user', 'getAlbum', array('albumId' => $albumId)); $originalURL = pnModAPIFunc('mediashare', 'user', 'getMediaUrl', array('mediaItem' => $mediaInfo, 'src' => 'originalRef')); $previewURL = pnModAPIFunc('mediashare', 'user', 'getMediaUrl', array('mediaItem' => $mediaInfo, 'src' => 'previewRef')); $thumbnailURL = pnModAPIFunc('mediashare', 'user', 'getMediaUrl', array('mediaItem' => $mediaInfo, 'src' => 'thumbnailRef')); $albumURL = pnModUrl('mediashare', 'user', 'view', array('aid' => $albumId, 'mid' => $mediaId)); // Create the final HTML by substituting various macros into the user specified HTML code $substitutes = array('originalURL' => $originalURL, 'previewURL' => $previewURL, 'thumbnailURL' => $thumbnailURL, 'albumURL' => $albumURL, 'title' => $mediaInfo['title'], 'owner' => __('Unknown', $dom), 'albumTitle' => $albumInfo['title']); $html = $vars['html']; foreach ($substitutes as $key => $value) { $pattern = '${' . $key . '}'; $html = str_replace($pattern, $value, $html); } $blockinfo['content'] = $html; $sessionVars['oldContent'] = $html; $sessionVars['lastUpdate'] = time(); SessionUtil::setVar($sessionVarName, $sessionVars); // ... and return encapsulated in a theme block return themesideblock($blockinfo); }
function blocks_past_block($row) { $catid = pnVarCleanFromInput('catid'); list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $oldnum = pnConfigGetVar('perpage'); if (!pnSecAuthAction(0, 'Pastblock::', "{$row['title']}::", ACCESS_READ)) { return; } if (pnUserLoggedIn()) { $storyhome = pnUserGetVar('storynum'); } else { $storyhome = pnConfigGetVar('storyhome'); } // Break out options from our content field $vars = pnBlockVarsFromContent($row['content']); // Defaults if (empty($storynum)) { $storynum = 10; } if (empty($vars['limit'])) { $vars['limit'] = 10; } $storynum = $vars['limit']; $column =& $pntable['stories_column']; if (!isset($catid) || $catid == '') { $articles = getArticles("{$column['ihome']}=0", "{$column['time']} DESC", $storynum, $storyhome); } else { $articles = getArticles("{$column['catid']}={$catid}", "{$column['time']} DESC", $storynum, $storyhome); } $time2 = ""; setlocale(LC_TIME, pnConfigGetVar('locale')); $boxstuff = "<table width=\"100%\" cellpadding=\"1\" cellspacing=\"0\" border=\"0\" class=\"pn-normal\">\n"; $vari = 0; $see = 0; foreach ($articles as $article) { $info = genArticleInfo($article); $links = genArticleLinks($info); $preformat = genArticlePreformat($info, $links); // a little bit tricky to remove the bold property from link description // (2001-11-15, hdonner) $preformat['title'] = str_replace("pn-title", "pn-normal", $preformat['title']); if (!pnSecAuthAction(0, 'Stories::Story', "{$info['aid']}:{$info['cattitle']}:{$info['sid']}", ACCESS_READ) || !pnSecAuthAction(0, 'Topics::Topic', "{$info['topicname']}::{$info['tid']}", ACCESS_READ)) { continue; } $see = 1; ereg("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $info['time'], $datetime2); $datetime2 = ml_ftime("" . _DATESTRING2 . "", mktime($datetime2[4], $datetime2[5], $datetime2[6], $datetime2[2], $datetime2[3], $datetime2[1])); $datetime2 = ucfirst($datetime2); if ($time2 == $datetime2) { $boxstuff .= "<tr><td valign=\"top\"><big><strong>·</strong></big></td>" . "<td valign=\"top\" width=\"100%\"><span class=\"pn-normal\">" . $preformat['title'] . " ({$info['comments']})</span></td></tr>\n"; } else { $boxstuff .= "<tr><td colspan=\"2\"><b>{$datetime2}</b></td></tr>\n" . "<tr><td valign=\"top\"><big><strong>·</strong></big></td>" . "<td valign=\"top\" width=\"100%\"><span class=\"pn-normal\">{$preformat['title']} ({$info['comments']})</span></td></tr>\n"; $time2 = $datetime2; } $vari++; if ($vari == $vars['limit']) { $usernum = pnUserGetVar('storynum'); if (!empty($usernum)) { $storynum = $usernum; } else { $storynum = pnConfigGetVar('storyhome'); } $min = $oldnum + $storynum; $boxstuff .= "<tr><td> </td><td valign=\"top\"><a class=\"pn-normal\""; if (!isset($catid)) { $boxstuff .= "href=\"modules.php?op=modload&name=Search&file=index&action=search&overview=1&active_stories=1\"><b>" . _OLDERARTICLES . "</b></a></td></tr>\n"; } else { $boxstuff .= "href=\"modules.php?op=modload&name=Search&file=index&action=search&overview=1&active_stories=1&stories_cat[0]={$catid}\"><b>" . _OLDERARTICLES . "</b></a></td></tr>\n"; } } } $boxstuff .= "</table>"; if ($see == 1) { if (empty($row['title'])) { $row['title'] = _PASTARTICLES; } $row['content'] = $boxstuff; return themesideblock($row); } }
function blocks_online_block($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, 'Onlineblock::', "{$row['title']}::", ACCESS_READ)) { return; } $sessioninfocolumn =& $pntable['session_info_column']; $sessioninfotable = $pntable['session_info']; $sessioninfocolumn =& $pntable['session_info_column']; $sessioninfotable = $pntable['session_info']; $activetime = time() - pnConfigGetVar('secinactivemins') * 60; $query = "SELECT count( 1 )\n FROM {$sessioninfotable}\n WHERE {$sessioninfocolumn['lastused']} > {$activetime} AND {$sessioninfocolumn['uid']} >0\n\t\t GROUP BY {$sessioninfocolumn['uid']}\n\t\t "; $result = $dbconn->Execute($query); $numusers = $result->RecordCount(); $result->Close(); $query2 = "SELECT count( 1 )\n FROM {$sessioninfotable}\n WHERE {$sessioninfocolumn['lastused']} > {$activetime} AND {$sessioninfocolumn['uid']} = '0'\n\t\t\t GROUP BY {$sessioninfocolumn['ipaddr']}\n\t\t\t "; $result2 = $dbconn->Execute($query2); $numguests = $result2->RecordCount(); $result2->Close(); // Pluralise if ($numguests == 1) { $guests = _GUEST; } else { $guests = _GUESTS; } if ($numusers == 1) { $users = _MEMBER; } else { $users = _MEMBERS; } $content = "<span class=\"pn-normal\">" . _CURRENTLY . " " . pnVarPrepForDisplay($numguests) . " " . pnVarPrepForDisplay($guests) . " " . _AND . " " . pnVarPrepForDisplay($numusers) . " " . pnVarPrepForDisplay($users) . " " . _ONLINE . "<br />\n"; if (pnUserLoggedIn()) { $content .= '<br />' . _YOUARELOGGED . ' <b>' . pnUserGetVar('uname') . '</b>.<br />'; if (pnModAvailable('Messages')) { // display private messages only when module is active $column =& $pntable['priv_msgs_column']; $result2 = $dbconn->Execute("SELECT count(*) FROM {$pntable['priv_msgs']} WHERE {$column['to_userid']}=" . pnUserGetVar('uid')); list($numrow) = $result2->fields; // get unread messages $result3 = $dbconn->Execute("SELECT count(*) FROM {$pntable['priv_msgs']} WHERE {$column['to_userid']}=" . pnUserGetVar('uid') . " AND {$column['read_msg']}='0'"); list($unreadrow) = $result3->fields; if ($numrow == 0) { $content .= '<br /></span>'; } else { $content .= "<br />" . _YOUHAVE . " (<a class=\"pn-normal\" href=\"modules.php?op=modload&name=Messages&file=index\" title=\"" . _PRIVATEMSGS . "\">" . pnVarPrepForDisplay($numrow) . "</a>|<a class=\"pn-normal\" href=\"modules.php?op=modload&name=Messages&file=index\" title=\"" . _PRIVATEMSGNEW . "\">" . pnVarPrepForDisplay($unreadrow) . "</a>) "; if ($numrow == 1) { $content .= _PRIVATEMSG; } elseif ($numrow > 1) { $content .= _PRIVATEMSGS; } $content .= "</span><br />"; } } } else { $content .= '<br />' . _YOUAREANON . '</span><br />'; } if (empty($row['title'])) { $row['title'] = _WHOSONLINE; } $row['content'] = $content; return themesideblock($row); }
function blocks_fxp_display($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, 'fxpblock::', "{$row['title']}::", ACCESS_READ)) { return; } $blocktable = $pntable['blocks']; $blockscolumn =& $pntable['blocks_column']; $fxp_port = 5011; $past = time() - $row['refresh']; if ($row['unix_update'] < $past) { // if (true) { $fp = fsockopen('www.oanda.com', $fxp_port, $errno, $errstr, 5); if (!$fp) { if (!isset($bid)) { $bid = ''; } $content = addslashes(_FXPPROBLEM); $next_try = time() + 600; $result = mysql_query("UPDATE {$blocktable} SET {$blockscolumn['content']}='{$content}',{$blockscolumn['last_update']}=FROM_UNIXTIME({$next_try}) WHERE {$blockscolumn['bid']}=" . pnVarPrepForStore($bid) . ""); $row['title'] = "{$row['title']} *"; $row['content'] = "{$row['content']}\n\n\n<!--\n\n\n\n\n\n\n" . ml_ftime(_DATESTRING, $row['unix_update']) . "\n\n\n\n\n-->\n\n\n\n"; return themesideblock($row); } // get an array of currencies $request = "fxp/1.1\r\n" . "Query: currencies\r\n" . "\r\n"; fputs($fp, $request); if (trim(fgets($fp, 128)) == "fxp/1.1 200 ok") { while (trim(fgets($fp, 128))) { // nothing here but us chickens... } // ok, here we go... while ($response = trim(fgets($fp, 128))) { $fxp[] = $response; } } foreach ($fxp as $v) { $iso = substr($v, 0, 3); $desc = substr($v, 4); $currencies[$iso] = $desc; } asort($currencies); // get quotes $rates = explode("\n", trim($row['url'])); usort($rates, 'blocks_fxp_sort'); foreach ($rates as $v) { $temp = explode('|', $v); $request = "fxp/1.1\r\n" . "Query: quote\r\n" . "Quotecurrency: {$temp['1']}\r\n" . "Basecurrency: {$temp['0']}\r\n" . "\r\n"; fputs($fp, $request); if (trim(fgets($fp, 128)) == "fxp/1.1 200 ok") { while (trim(fgets($fp, 128))) { // nothing here but us chickens... } // ok, here we go... if (!isset($cur_cur)) { $cur_cur = ''; } while ($response = trim(fgets($fp, 128))) { if ($cur_cur != $temp[1]) { $quotes[] = '<b>' . $currencies[$temp[1]] . ':</b><br>'; $cur_cur = $temp[1]; } $quotes[] = '<font class="pn-sub"> ' . $currencies[$temp[0]] . ": {$response}</font><br>"; } } else { $content = addslashes(_FXPPROBLEM2); $next_try = time() + 600; if (!isset($bid)) { $bid = ''; } $result = mysql_query("UPDATE {$blocktable} SET {$blockscolumn['content']}='" . pnVarPrepForStore($content) . "',{$blockscolumn['last_update']}=FROM_UNIXTIME({$next_try}) WHERE {$blockscolumn['bid']}=" . pnVarPrepForStore($bid) . ""); $row['title'] = "{$row['title']} *"; $row['content'] = "{$row['content']}\n\n\n<!--\n\n\n\n\n\n\n" . ml_ftime(_DATESTRING, $row['unix_update']) . "\n\n\n\n\n-->\n\n\n\n"; return themesideblock($row); } } fclose($fp); $row['content'] = implode("\n", $quotes); $sql_content = addslashes($row['content']); $sql = "UPDATE {$blocktable} SET {$blockscolumn['content']}='" . pnVarPrepForStore($sql_content) . "',{$blockscolumn['last_update']}=NOW() WHERE {$blockscolumn['bid']}=" . pnVarPrepForStore($row['bid']) . ""; if (!mysql_query($sql)) { $row['title'] .= ' *'; $row['content'] .= "<!--\n\n\n" . mysql_error() . "\n\n\n{$sql}\n\n\n-->"; } } return themesideblock($row); }