/** ETC */ function getURLForFilter($value) { $value = POD::escapeString($value); $value = str_replace('http://', '', $value); $lastSlashPos = lastIndexOf($value, '/'); if ($lastSlashPos > -1) { $value = substr($value, 0, $lastSlashPos); } return $value; }
function getTrashCommentsWithPagingForOwner($blogid, $category, $name, $ip, $search, $page, $count) { global $database; $sql = "SELECT c.*, e.title, c2.name AS parentName \n\t\tFROM {$database['prefix']}Comments c \n\t\tLEFT JOIN {$database['prefix']}Entries e ON c.blogid = e.blogid AND c.entry = e.id AND e.draft = 0 \n\t\tLEFT JOIN {$database['prefix']}Comments c2 ON c.parent = c2.id AND c.blogid = c2.blogid \n\t\tWHERE c.blogid = {$blogid} AND c.isfiltered > 0"; $postfix = ''; if ($category > 0) { $categories = POD::queryColumn("SELECT id FROM {$database['prefix']}Categories WHERE parent = {$category}"); array_push($categories, $category); $sql .= ' AND e.category IN (' . implode(', ', $categories) . ')'; $postfix .= '&category=' . rawurlencode($category); } else { $sql .= ' AND (e.category >= 0 OR c.entry = 0)'; } if (!empty($name)) { $sql .= ' AND c.name = \'' . POD::escapeString($name) . '\''; $postfix .= '&name=' . rawurlencode($name); } if (!empty($ip)) { $sql .= ' AND c.ip = \'' . POD::escapeString($ip) . '\''; $postfix .= '&ip=' . rawurlencode($ip); } if (!empty($search)) { $search = escapeSearchString($search); $sql .= " AND (c.name LIKE '%{$search}%' OR c.homepage LIKE '%{$search}%' OR c.comment LIKE '%{$search}%')"; $postfix .= '&search=' . rawurlencode($search); } $sql .= ' ORDER BY c.written DESC'; list($comments, $paging) = Paging::fetch($sql, $page, $count); if (strlen($postfix) > 0) { $paging['postfix'] .= $postfix . '&withSearch=on'; } return array($comments, $paging); }
function getEntriesByKeyword($blogid, $keyword) { global $database; $keyword = POD::escapeString($keyword); $visibility = doesHaveOwnership() ? '' : 'AND visibility > 1'; return POD::queryAll("SELECT id, userid, title, category, comments, published \n\t\t\tFROM {$database['prefix']}Entries \n\t\t\tWHERE blogid = {$blogid} \n\t\t\t\tAND draft = 0 {$visibility} \n\t\t\t\tAND category >= 0 \n\t\t\t\tAND (title LIKE '%{$keyword}%' OR content LIKE '%{$keyword}%')\n\t\t\tORDER BY published DESC"); }
public static function write($id, $data) { if (is_null(self::$context)) { self::initialize(); } if (strlen($id) < 32) { return false; } $userid = Acl::getIdentity('textcube'); if (empty($userid)) { $userid = Acl::getIdentity('openid') ? SESSION_OPENID_USERID : ''; } if (empty($userid)) { $userid = 'null'; } $data = POD::escapeString($data); $server = POD::escapeString($_SERVER['HTTP_HOST']); $request = POD::escapeString(substr($_SERVER['REQUEST_URI'], 0, 255)); $referer = isset($_SERVER['HTTP_REFERER']) ? POD::escapeString(substr($_SERVER['HTTP_REFERER'], 0, 255)) : ''; $timer = Timer::getMicroTime() - self::$sessionMicrotime; $current = Timestamp::getUNIXtime(); $result = self::query('count', "UPDATE " . self::$context->getProperty('database.prefix') . "Sessions\n\t\t\t\tSET userid = {$userid}, privilege = '{$data}', server = '{$server}', request = '{$request}', referer = '{$referer}', timer = {$timer}, updated = IF(updated,{$current},1)\n\t\t\t\tWHERE id = '{$id}' AND address = '{$_SERVER['REMOTE_ADDR']}'"); if ($result && $result == 1) { @POD::commit(); return true; } return false; }
function removeServiceSetting($name, $pruneSimilarEntries = false) { global $database; clearServiceSettingCache(); if ($pruneSimilarEntries) { return POD::execute("DELETE FROM {$database['prefix']}ServiceSettings WHERE name like '" . POD::escapeString($name) . "'"); } else { return POD::execute("DELETE FROM {$database['prefix']}ServiceSettings WHERE name = '" . POD::escapeString($name) . "'"); } }
function suggestLocatives($blogid, $filter) { global $database; $locatives = array(); $result = POD::queryAll('SELECT DISTINCT location, COUNT(*) cnt FROM ' . $database['prefix'] . 'Entries WHERE blogid = ' . $blogid . ' AND location LIKE "' . POD::escapeString($filter) . '%" GROUP BY location ORDER BY cnt DESC LIMIT 10'); if ($result) { foreach ($result as $locative) { $locatives[] = $locative[0]; } } return $locatives; }
function getKeywordsWithPaging($blogid, $search, $page, $count) { $ctx = Model_Context::getInstance(); $aux = ''; if ($search !== true && $search) { $search = POD::escapeString($search); $aux = "AND (title LIKE '%{$search}%' OR content LIKE '%{$search}%')"; } $visibility = doesHaveOwnership() ? '' : 'AND visibility > 0'; $sql = "SELECT * \n\t\tFROM " . $ctx->getProperty('database.prefix') . "Entries \n\t\tWHERE blogid = {$blogid} \n\t\t\tAND draft = 0 {$visibility} \n\t\t\tAND category = -1 {$aux} \n\t\tORDER BY published DESC"; return Paging::fetch($sql, $page, $count, $ctx->getProperty('uri.folder') . "/" . $ctx->getProperty('suri.value')); }
function EAS_Call($type, $name, $title, $url, $content) { global $hostURL, $blogURL, $database; $blogstr = $hostURL . $blogURL; $rpc = new XMLRPC(); $rpc->url = 'http://antispam.eolin.com/RPC/index.php'; if ($rpc->call('checkSpam', $blogstr, $type, $name, $title, $url, $content, $_SERVER['REMOTE_ADDR']) == false) { // call fail // Do Local spam check with "Thief-cat algorithm" $count = 0; $tableName = $database['prefix'] . 'RemoteResponses'; if ($type == 2) { $sql = 'SELECT COUNT(id) as cc FROM ' . $database['prefix'] . 'RemoteResponses WHERE'; $sql .= ' url = \'' . POD::escapeString($url) . '\''; $sql .= ' AND isfiltered > 0'; if ($row = POD::queryRow($sql)) { $count += @$row[0]; } } else { // Comment Case $tableName = $database['prefix'] . 'Comments'; $sql = 'SELECT COUNT(id) as cc FROM ' . $database['prefix'] . 'Comments WHERE'; $sql .= ' comment = \'' . POD::escapeString($content) . '\''; $sql .= ' AND homepage = \'' . POD::escapeString($url) . '\''; $sql .= ' AND name = \'' . POD::escapeString($name) . '\''; $sql .= ' AND isfiltered > 0'; if ($row = POD::queryRow($sql)) { $count += @$row[0]; } } // Check IP $sql = 'SELECT COUNT(id) as cc FROM ' . $tableName . ' WHERE'; $sql .= ' ip = \'' . POD::escapeString($_SERVER['REMOTE_ADDR']) . '\''; $sql .= ' AND isfiltered > 0'; if ($row = POD::queryRow($sql)) { $count += @$row[0]; } if ($count >= 10) { return false; } return true; } if (!is_null($rpc->fault)) { // EAS has some problem return true; } if ($rpc->result['result'] == true) { return false; // it's spam } return true; }
function setSkinSettingForMigration($blogid, $name, $value, $mig = null) { $pool = DBModel::getInstance(); $name = POD::escapeString($name); $value = POD::escapeString($value); if ($mig === null) { $pool->reset("SkinSettingsMig"); } else { $pool->reset("SkinSettings"); } $pool->setAttribute("blogid", $blogid); $pool->setAttribute("name", $name, true); $pool->setAttribute("value", $value, true); return $pool->replace(); }
function login($loginid, $password, $expires = null) { $ctx = Model_Context::getInstance(); $loginid = POD::escapeString($loginid); $blogid = getBlogId(); $userid = Auth::authenticate($blogid, $loginid, $password); if ($userid === false) { return false; } if (empty($_POST['save'])) { setcookie('TSSESSION_LOGINID', '', time() - 31536000, $ctx->getProperty('service.path') . '/', $ctx->getProperty('service.domain')); } else { setcookie('TSSESSION_LOGINID', $loginid, time() + 31536000, $ctx->getProperty('service.path') . '/', $ctx->getProperty('service.domain')); } if (in_array("group.writers", Acl::getCurrentPrivilege())) { Session::authorize($blogid, $userid, $expires); } return true; }
function __commit() { global $database; if (false == $this->usable) { return $this->usable; } if (false == is_array($this->configVal)) { return false; } $element = ''; foreach ($this->configVal as $key => $value) { $element .= "<field name=\"{$key}\" type=\"text\" ><![CDATA[{$value}]]></field>"; } $xml = '<?xml version="1.0" encoding="utf-8"?><config>' . $element . '</config>'; $xml = POD::escapeString($xml); if (defined('__TISTORY__')) { expireGlobalDressing($this->blogid); DataCache::expireData('SkinCache', $this->blogid); globalCacheExpire($this->blogid); } return POD::query("REPLACE INTO {$database['prefix']}Plugins (blogid, name, settings) VALUES({$this->blogid},'{$this->pluginName}', '{$xml}')"); }
function modifyTagsWithEntryId($blogid, $entry, $taglist) { global $database; if (empty($taglist)) { $taglist = array(); } $tmptaglist = array_filter($taglist, 'Tag_removeEmptyTagHelper'); $taglist = array(); foreach ($tmptaglist as $tag) { $tag = POD::escapeString(trim($tag)); array_push($taglist, $tag); } // step 1. Get deleted Tag $tmpoldtaglist = POD::queryColumn("SELECT name FROM {$database['prefix']}Tags\n\t\t\tLEFT JOIN {$database['prefix']}TagRelations ON tag = id \n\t\t\tWHERE blogid = {$blogid} AND entry = {$entry}"); if ($tmpoldtaglist === null) { $tmpoldtaglist = array(); } $oldtaglist = array(); foreach ($tmpoldtaglist as $tag) { $tag = POD::escapeString(Utils_Unicode::lessenAsEncoding(trim($tag), 255)); array_push($oldtaglist, $tag); } $deletedTagList = array_diff($oldtaglist, $taglist); $insertedTagList = array_diff($taglist, $oldtaglist); // step 2. Insert Tag if (count($insertedTagList) > 0) { foreach ($insertedTagList as $tg) { if (!Tag::doesExist($tg)) { @POD::execute("INSERT INTO {$database['prefix']}Tags (id, name) VALUES (" . (Tag::_getMaxId() + 1) . ",'" . $tg . "')"); } } // $tagliststr = '(\'' . implode('\') , (\'', $insertedTagList) . '\')'; // POD::execute("INSERT IGNORE INTO {$database['prefix']}Tags (name) VALUES $tagliststr "); // step 3. Insert Relation $tagliststr = '\'' . implode('\' , \'', $insertedTagList) . '\''; /* POD::execute("INSERT INTO {$database['prefix']}TagRelations (SELECT $blogid, t.id, $entry FROM {$database['prefix']}Tags as t WHERE name in ( $tagliststr ) AND t.id NOT IN ( SELECT tag FROM {$database['prefix']}TagRelations WHERE (tag = t.id) AND (entry = $entry) AND (blogid = $blogid) ) )"); */ // For MySQL 3, Simple Query Version $tagIDs = POD::queryColumn("SELECT id FROM {$database['prefix']}Tags WHERE name in ( {$tagliststr} )"); $tagrelations = array(); foreach ($tagIDs as $tagid) { array_push($tagrelations, " ({$blogid}, {$tagid}, {$entry}) "); } foreach ($tagrelations as $tr) { @POD::execute("INSERT INTO {$database['prefix']}TagRelations VALUES {$tr}"); } //$tagRelationStr = implode(', ', $tagrelations); //POD::execute("INSERT IGNORE INTO {$database['prefix']}TagRelations VALUES $tagRelationStr"); } // step 4. Delete Tag if (count($deletedTagList) > 0) { // small step, get tag id list $tagliststr = '\'' . implode('\' , \'', $deletedTagList) . '\''; $t1list = POD::queryColumn("SELECT id FROM {$database['prefix']}Tags WHERE name in ( {$tagliststr} )"); if (is_null($t1list)) { return; } // What? // Flushing pageCache foreach ($t1list as $tagids) { CacheControl::flushTag($tagids); } // Make string $t1liststr = implode(', ', $t1list); $taglist = POD::queryColumn("SELECT tag FROM {$database['prefix']}TagRelations\n\t\t\t\t\t\tWHERE blogid = {$blogid} AND entry = {$entry} AND tag in ( {$t1liststr} )"); if (is_null($taglist)) { return; } // What? // now delete tag $tagliststr = implode(', ', $taglist); // step 5. Delete Relation POD::execute("DELETE FROM {$database['prefix']}TagRelations WHERE blogid = {$blogid} AND entry = {$entry} AND tag in ( {$tagliststr} )"); // step 6. Delete Tag $nottargets = POD::queryColumn("SELECT DISTINCT tag FROM {$database['prefix']}TagRelations WHERE tag in ( {$tagliststr} )"); if (count($nottargets) > 0) { $nottargetstr = implode(', ', $nottargets); POD::execute("DELETE FROM {$database['prefix']}Tags WHERE id IN ( {$tagliststr} ) AND id NOT IN ( {$nottargetstr} )"); } else { POD::execute("DELETE FROM {$database['prefix']}Tags WHERE id IN ( {$tagliststr} )"); } } }
static function add($email, $name) { global $database, $service, $user, $blog; if (empty($email)) { return 1; } if (!preg_match('/^[^@]+@([-a-zA-Z0-9]+\\.)+[-a-zA-Z0-9]+$/', $email)) { return 2; } if (strcmp($email, Utils_Unicode::lessenAsEncoding($email, 64)) != 0) { return 11; } $loginid = POD::escapeString(Utils_Unicode::lessenAsEncoding($email, 64)); $name = POD::escapeString(Utils_Unicode::lessenAsEncoding($name, 32)); $password = User::__generatePassword(); $authtoken = md5(User::__generatePassword()); if (POD::queryExistence("SELECT * FROM {$database['prefix']}Users WHERE loginid = '{$loginid}'")) { return 9; // User already exists. } if (POD::queryCell("SELECT COUNT(*) FROM {$database['prefix']}Users WHERE name = '{$name}'")) { $name = $name . '.' . time(); } $result = POD::query("INSERT INTO {$database['prefix']}Users (userid, loginid, password, name, created, lastlogin, host) VALUES (" . (User::__getMaxUserId() + 1) . ", '{$loginid}', '" . md5($password) . "', '{$name}', UNIX_TIMESTAMP(), 0, " . getUserId() . ")"); if (empty($result)) { return 11; } $result = POD::query("INSERT INTO {$database['prefix']}UserSettings (userid, name, value) VALUES ('" . User::getUserIdByEmail($loginid) . "', 'AuthToken', '{$authtoken}')"); if (empty($result)) { return 11; } return true; }
function sendInvitationMail($blogid, $userid, $name, $comment, $senderName, $senderEmail) { $ctx = Model_Context::getInstance(); $pool = DBModel::getInstance(); if (empty($blogid)) { $pool->reset('BlogSettings'); $blogid = $pool->getCell('max(blogid)'); // If no blogid, get the latest created blogid. } $email = User::getEmail($userid); $pool->reset('Users'); $pool->setQualifier('userid', 'eq', $userid); $password = getCell('password'); $authtoken = getAuthToken($userid); $blogName = getBlogName($blogid); if (empty($email)) { return 1; } if (!preg_match('/^[^@]+@([-a-zA-Z0-9]+\\.)+[-a-zA-Z0-9]+$/', $email)) { return 2; } if (empty($name)) { $name = User::getName($userid); } if (strcmp($email, Utils_Unicode::lessenAsEncoding($email, 64)) != 0) { return 11; } //$loginid = POD::escapeString(Utils_Unicode::lessenAsEncoding($email, 64)); $name = POD::escapeString(Utils_Unicode::lessenAsEncoding($name, 32)); //$headers = 'From: ' . encodeMail($senderName) . '<' . $senderEmail . ">\n" . 'X-Mailer: ' . TEXTCUBE_NAME . "\n" . "MIME-Version: 1.0\nContent-Type: text/html; charset=utf-8\n"; if (empty($name)) { $subject = _textf('귀하를 %1님이 초대합니다', $senderName); } else { $subject = _textf('%1님을 %2님이 초대합니다', $name, $senderName); } $message = file_get_contents(ROOT . "/resources/style/letter/letter.html"); $message = str_replace('[##_title_##]', _text('초대장'), $message); $message = str_replace('[##_content_##]', $comment, $message); $message = str_replace('[##_images_##]', $ctx->getProperty('uri.service') . "/resources/style/letter", $message); $message = str_replace('[##_link_##]', getInvitationLink(getBlogURL($blogName), $email, $password, $authtoken), $message); $message = str_replace('[##_go_blog_##]', getBlogURL($blogName), $message); $message = str_replace('[##_link_title_##]', _text('블로그 바로가기'), $message); if (empty($name)) { $message = str_replace('[##_to_##]', '', $message); } else { $message = str_replace('[##_to_##]', _text('받는 사람') . ': ' . $name, $message); } $message = str_replace('[##_sender_##]', _text('보내는 사람') . ': ' . $senderName, $message); $ret = sendEmail($senderName, $senderEmail, $name, $email, $subject, $message); if ($ret !== true) { return array(14, $ret[1]); } return true; }
function getId($name) { global $database; if (empty($name)) { return null; } return POD::queryCell("SELECT id FROM {$database['prefix']}LinkCategories WHERE blogid = " . getBlogId() . " AND name = '" . POD::escapeString($name) . "'"); }
function addBlog($blogid, $userid, $identify) { $context = Model_Context::getInstance(); $pool = DBModel::getInstance(); if (empty($userid)) { $userid = 1; // If no userid, choose the service administrator. } else { $pool->reset('Users'); $pool->setQualirifer('userid', 'eq', $userid); if (!$pool->doesExist('userid')) { return 3; } // 3: No user exists with specific userid } if (!empty($blogid)) { // If blogid, $pool->reset('BlogSettings'); $pool->setQualirifer('blogid', 'eq', $blogid); if (!$pool->doesExist('blogid')) { return 2; } // 2: No blog exists with specific blogid // Thus, blog and user exists. Now combine both. $pool->reset('Privileges'); $pool->setAttribute('blogid', $blogid); $pool->setAttribute('userid', $userid); $pool->setAttribute('acl', 0); $pool->setAttribute('created', Timestamp::getUNIXtime()); $pool->setAttribute('lastlogin', 0); $result = $pool->insert(); return $result; } else { // If no blogid, create a new blog. if (!preg_match('/^[a-zA-Z0-9]+$/', $identify)) { return 4; } // Wrong Blog name $identify = POD::escapeString(Utils_Unicode::lessenAsEncoding($identify, 32)); $blogName = $identify; $pool->reset('ReservedWords'); $pool->setQualifier('word', 'eq', $blogName, true); $result = $pool->getCount(); if ($result && $result > 0) { return 60; // Reserved blog name. } $pool->reset('BlogSettings'); $pool->setQualifier('name', 'eq', 'name', true); $pool->setQualifier('value', 'eq', $blogName, true); $result = $pool->getCount('value'); if ($result && $result > 0) { return 61; // Same blogname is already exists. } $pool->reset('BlogSettings'); $blogid = $pool->getCell('max(blogid)') + 1; $basicInformation = array('name' => $identify, 'defaultDomain' => 0, 'title' => '', 'description' => '', 'logo' => '', 'logoLabel' => '', 'logoWidth' => 0, 'logoHeight' => 0, 'useFeedViewOnCategory' => 1, 'useSloganOnPost' => 1, 'useSloganOnCategory' => 1, 'useSloganOnTag' => 1, 'entriesOnPage' => 10, 'entriesOnList' => 10, 'entriesOnRSS' => 10, 'commentsOnRSS' => 10, 'publishWholeOnRSS' => 1, 'publishEolinSyncOnRSS' => 1, 'allowWriteOnGuestbook' => 1, 'allowWriteDblCommentOnGuestbook' => 1, 'acceptComments' => 1, 'acceptTrackbacks' => 1, 'visibility' => 2, 'created' => Timestamp::getUNIXtime(), 'language' => $context->getProperty('service.language'), 'blogLanguage' => $context->getProperty('service.language'), 'timezone' => $context->getProperty('service.timezone')); $isFalse = false; foreach ($basicInformation as $fieldname => $fieldvalue) { if (Setting::setBlogSettingDefault($fieldname, $fieldvalue, $blogid) === false) { $isFalse = true; } } if ($isFalse == true) { $pool->reset('BlogSettings'); $pool->setQualifier('blogid', 'eq', $blogid); $pool->delete(); return 12; } $pool->reset('SkinSettings'); $pool->setAttribute('blogid', $blogid); $pool->setAttribute('name', 'skin', true); $pool->setAttribute('value', $context->getProperty('service.skin'), true); if (!$pool->insert()) { deleteBlog($blogid); return 13; } $pool->reset('FeedSettings'); $pool->setAttribute('blogid', $blogid); if (!$pool->insert()) { deleteBlog($blogid); return 62; } $pool->reset('FeedGroups'); $pool->setAttribute('blogid', $blogid); $pool->setAttribute('id', 0); if (!$pool->insert()) { deleteBlog($blogid); return 62; } Setting::setBlogSettingGlobal('defaultEditor', 'modern', $blogid); Setting::setBlogSettingGlobal('defaultFormatter', 'ttml', $blogid); //Combine user and blog. $pool->reset('Privileges'); $pool->setAttribute('blogid', $blogid); $pool->setAttribute('userid', $userid); $pool->setAttribute('acl', 16); $pool->setAttribute('created', Timestamp::getUNIXtime()); $pool->setAttribute('lastlogin', 0); if ($pool->insert()) { setDefaultPost($blogid, $userid); return true; } else { return 65; } } //return true; // unreachable code }
function flushAuthor($authorId = null) { global $database; if (empty($authorId)) { $authorId = ''; } else { $authorId = POD::escapeString($authorId) . '\\_'; } $cache = pageCache::getInstance(); $pageLists = POD::queryColumn("SELECT name\n\t\t\tFROM {$database['prefix']}PageCacheLog\n\t\t\tWHERE blogid = " . getBlogId() . "\n\t\t\tAND (name like 'authorList\\_" . $authorId . "%')"); CacheControl::purgeItems($pageLists); unset($cache); return true; }
trashCommentInOwner($blogid, $comment['id']); } } } POD::free($result); } if ($result = POD::query("SELECT id, url, site, subject, excerpt FROM {$database['prefix']}RemoteResponses WHERE blogid = {$blogid}")) { while ($trackback = POD::fetch($result)) { setProgress($item++ / $items * 100, _t('걸린 글 데이터를 교정하고 있습니다.')); $correction = ''; if (!Utils_Unicode::validate($trackback['url'])) { $correction .= ' url = \'' . POD::escapeString(Utils_Unicode::correct($trackback['url'], '?')) . '\''; } if (!Utils_Unicode::validate($trackback['site'])) { $correction .= ' site = \'' . POD::escapeString(Utils_Unicode::correct($trackback['site'], '?')) . '\''; } if (!Utils_Unicode::validate($trackback['subject'])) { $correction .= ' subject = \'' . POD::escapeString(Utils_Unicode::correct($trackback['subject'], '?')) . '\''; } if (!Utils_Unicode::validate($trackback['excerpt'])) { $correction .= ' excerpt = \'' . POD::escapeString(Utils_Unicode::correct($trackback['excerpt'], '?')) . '\''; } if (strlen($correction) > 0) { POD::query("UPDATE {$database['prefix']}RemoteResponses SET {$correction} WHERE blogid = {$blogid} AND id = {$trackback['id']}"); $corrected++; } } POD::free($result); } setProgress(100, _t('완료되었습니다.') . "({$corrected})"); finish();
function getEntryIdBySlogan($blogid, $slogan) { global $database; $result = POD::queryCell("SELECT id\n\t\tFROM {$database['prefix']}Entries \n\t\tWHERE blogid = {$blogid} \n\t\t\tAND slogan = '" . POD::escapeString($slogan) . "'"); if (!$result) { return false; } else { return $result; } }
function saveFeedItem($feedId, $item) { global $database; $item = fireEvent('SaveFeedItem', $item); $item['permalink'] = POD::escapeString(Utils_Unicode::lessenAsEncoding(Utils_Unicode::correct($item['permalink']))); $item['author'] = POD::escapeString(Utils_Unicode::lessenAsEncoding(Utils_Unicode::correct($item['author']))); $item['title'] = POD::escapeString(Utils_Unicode::lessenAsEncoding(Utils_Unicode::correct($item['title']))); $item['description'] = POD::escapeString(Utils_Unicode::lessenAsEncoding(Utils_Unicode::correct($item['description']), 65535)); $tagString = POD::escapeString(Utils_Unicode::lessenAsEncoding(Utils_Unicode::correct(implode(', ', $item['tags'])))); $enclosureString = POD::escapeString(Utils_Unicode::lessenAsEncoding(Utils_Unicode::correct(implode('|', $item['enclosures'])))); if ($item['written'] > gmmktime() + 86400) { return false; } $deadLine = 0; $feedlife = POD::queryCell("SELECT feedlife FROM {$database['prefix']}FeedSettings"); if ($feedlife > 0) { $deadLine = gmmktime() - $feedlife * 86400; } if ($id = POD::queryCell("SELECT id FROM {$database['prefix']}FeedItems WHERE permalink='{$item['permalink']}'") && $item['written'] != 0) { $result = POD::query("UPDATE {$database['prefix']}FeedItems SET author = '{$item['author']}', title = '{$item['title']}', description = '{$item['description']}', tags = '{$tagString}', enclosure = '{$enclosureString}', written = {$item['written']} WHERE id = {$id}"); /* TODO : 읽은글이 읽지않은 글로 표시되는 문제 원인이 찾아질때 까지 막아둠 if (POD::num_rows($result) > 0) POD::query("DELETE FROM {$database['prefix']}FeedReads WHERE item = $id"); */ } else { if ($id != null) { return false; } else { if ($item['written'] == 0) { $item['written'] = gmmktime(); } if ($item['written'] > $deadLine) { $id = POD::queryCell("SELECT max(id) FROM {$database['prefix']}FeedItems"); if (!$id) { $id = 0; } $id++; POD::query("INSERT INTO {$database['prefix']}FeedItems VALUES({$id}, {$feedId}, '{$item['author']}', '{$item['permalink']}', '{$item['title']}', '{$item['description']}', '{$tagString}', '{$enclosureString}', {$item['written']})"); } } } return true; }
static function updateVisitorStatistics($blogid) { global $database, $blogURL; if (!fireEvent('UpdatingVisitorStatistics', true)) { return; } if (doesHaveOwnership()) { return; } $id = session_id(); if (POD::queryCount("SELECT blogid FROM {$database['prefix']}SessionVisits WHERE id = '{$id}' AND address = '{$_SERVER['REMOTE_ADDR']}' AND blogid = {$blogid}") > 0) { return; } if (POD::queryCount("INSERT INTO {$database['prefix']}SessionVisits values('{$id}', '{$_SERVER['REMOTE_ADDR']}', {$blogid})") > 0) { if (POD::queryCount("UPDATE {$database['prefix']}BlogStatistics SET visits = visits + 1 WHERE blogid = {$blogid}") < 1) { POD::execute("INSERT into {$database['prefix']}BlogStatistics values({$blogid}, 1)"); } $period = Timestamp::getDate(); if (POD::queryCount("UPDATE {$database['prefix']}DailyStatistics SET visits = visits + 1 WHERE blogid = {$blogid} AND datemark = {$period}") < 1) { POD::execute("INSERT INTO {$database['prefix']}DailyStatistics VALUES ({$blogid}, {$period}, 1)"); } if (!empty($_SERVER['HTTP_REFERER'])) { $referer = parse_url($_SERVER['HTTP_REFERER']); if (!empty($referer['host']) && ($referer['host'] != $_SERVER['HTTP_HOST'] || strncmp($referer['path'], $blogURL, strlen($blogURL)) != 0)) { if (Filter::isFiltered('ip', $_SERVER['REMOTE_ADDR']) || Filter::isFiltered('url', $_SERVER['HTTP_REFERER'])) { return; } if (!fireEvent('AddingRefererLog', true, array('host' => $referer['host'], 'url' => $_SERVER['HTTP_REFERER']))) { return; } $host = POD::escapeString(Utils_Unicode::lessenAsEncoding($referer['host'], 64)); $url = POD::escapeString(Utils_Unicode::lessenAsEncoding($_SERVER['HTTP_REFERER'], 255)); POD::query("INSERT INTO {$database['prefix']}RefererLogs values({$blogid}, '{$host}', '{$url}', UNIX_TIMESTAMP())"); // POD::query("DELETE FROM {$database['prefix']}RefererLogs WHERE referred < UNIX_TIMESTAMP() - 604800"); // Moved to trashVan if (!POD::queryCount("UPDATE {$database['prefix']}RefererStatistics SET count = count + 1 WHERE blogid = {$blogid} AND host = '{$host}' LIMIT 1")) { POD::execute("INSERT into {$database['prefix']}RefererStatistics values({$blogid}, '{$host}', 1)"); } } } } }
function receiveNotifiedComment($post) { if (empty($post['mode']) || $post['mode'] != 'fb') { return 1; } global $database; CacheControl::flushCommentNotifyRSS(); $post = fireEvent('ReceiveNotifiedComment', $post); if ($post === false) { return 7; } $blogid = getBlogId(); $title = POD::escapeString(UTF8::lessenAsEncoding($post['s_home_title'], 255)); $name = POD::escapeString(UTF8::lessenAsEncoding($post['s_name'], 255)); $entryId = POD::escapeString($post['s_no']); $homepage = POD::escapeString(UTF8::lessenAsEncoding($post['url'], 255)); $entryurl = POD::escapeString($post['s_url']); $entrytitle = POD::escapeString($post['s_post_title']); $parent_id = $post['r1_no']; $parent_name = POD::escapeString(UTF8::lessenAsEncoding($post['r1_name'], 80)); $parent_parent = $post['r1_rno']; $parent_homepage = POD::escapeString(UTF8::lessenAsEncoding($post['r1_homepage'], 80)); $parent_written = $post['r1_regdate']; $parent_comment = POD::escapeString($post['r1_body']); $parent_url = POD::escapeString(UTF8::lessenAsEncoding($post['r1_url'], 255)); $child_id = $post['r2_no']; $child_name = POD::escapeString(UTF8::lessenAsEncoding($post['r2_name'], 80)); $child_parent = $post['r2_rno']; $child_homepage = POD::escapeString(UTF8::lessenAsEncoding($post['r2_homepage'], 80)); $child_written = $post['r2_regdate']; $child_comment = POD::escapeString($post['r2_body']); $child_url = POD::escapeString(UTF8::lessenAsEncoding($post['r2_url'], 255)); $siteid = POD::queryCell("SELECT id FROM {$database['prefix']}CommentsNotifiedSiteInfo WHERE url = '{$homepage}'"); if (empty($siteid)) { $insertId = getCommentsNotifiedSiteInfoMaxId() + 1; if (POD::execute("INSERT INTO {$database['prefix']}CommentsNotifiedSiteInfo\n\t\t\t( id, title, name, url, modified)\n\t\t\tVALUES ({$insertId}, '{$title}', '{$name}', '{$homepage}', UNIX_TIMESTAMP());")) { $siteid = $insertId; } else { return 2; } } $parentId = POD::queryCell("SELECT id\n\t\tFROM {$database['prefix']}CommentsNotified\n\t\tWHERE entry = {$entryId}\n\t\t\tAND siteid = {$siteid}\n\t\t\tAND blogid = {$blogid}\n\t\t\tAND remoteid = {$parent_id}"); if (empty($parentId)) { $insertId = getCommentsNotifiedMaxId() + 1; $sql = "INSERT INTO {$database['prefix']}CommentsNotified\n\t\t\t( blogid , replier , id , entry , parent , name , password , homepage , secret , comment , ip , written, modified , siteid , isnew , url , remoteid ,entrytitle , entryurl )\n\t\t\tVALUES (\n\t\t\t\t{$blogid}, NULL , {$insertId}, " . $entryId . ", " . (empty($parent_parent) ? 'null' : $parent_parent) . ", '" . $parent_name . "', '', '" . $parent_homepage . "', '', '" . $parent_comment . "', '', " . $parent_written . ",UNIX_TIMESTAMP(), " . $siteid . ", 1, '" . $parent_url . "'," . $parent_id . ", '" . $entrytitle . "', '" . $entryurl . "'\n)"; if (!POD::execute($sql)) { return 3; } $parentId = $insertId; } if (POD::queryCell("SELECT count(*) FROM {$database['prefix']}CommentsNotified WHERE siteid={$siteid} AND remoteid={$child_id}") > 0) { return 4; } $insertId = getCommentsNotifiedMaxId() + 1; $sql = "INSERT INTO {$database['prefix']}CommentsNotified\n\t\t( blogid , replier , id , entry , parent , name , password , homepage , secret , comment , ip , written, modified , siteid , isnew , url , remoteid ,entrytitle , entryurl )\n\t\tVALUES (\n\t\t\t{$blogid}, NULL , {$insertId}, " . $entryId . ", {$parentId}, '{$child_name}', '', '{$child_homepage}', '', '{$child_comment}', '', {$child_written}, UNIX_TIMESTAMP(), {$siteid}, 1, '{$child_url}', {$child_id}, '{$entrytitle}', '{$entryurl}')"; if (!POD::execute($sql)) { return 5; } $sql = "UPDATE {$database['prefix']}CommentsNotified SET modified = UNIX_TIMESTAMP() WHERE blogid = {$blogid} AND id = {$parentId}"; if (!POD::execute($sql)) { return 6; } return 0; }
function getTagFrequency($tag, $max, $min) { global $database; $blogid = getBlogId(); if (is_array($tag) && array_key_exists('cnt', $tag)) { $count = $tag['cnt']; } else { if (!is_array($tag)) { $tag = array('name' => $tag); } if (doesHaveOwnership()) { $count = POD::queryCell("SELECT count(*) FROM {$database['prefix']}Tags t\n\t\t\t\tINNER JOIN {$database['prefix']}TagRelations r ON r.tag = t.id AND r.blogid = {$blogid}\n\t\t\t\tWHERE t.name = '" . POD::escapeString($tag['name']) . "'"); } else { $count = POD::queryCell("SELECT count(*) FROM {$database['prefix']}Tags t\n\t\t\t\tINNER JOIN {$database['prefix']}TagRelations r ON r.tag = t.id AND r.blogid = {$blogid} \n\t\t\t\tINNER JOIN {$database['prefix']}Entries e ON e.blogid = r.blogid AND e.id = r.entry AND e.visibility > 0 \n\t\t\t\tWHERE t.name = '" . POD::escapeString($tag['name']) . "'"); } } $dist = $max / 3; if ($count == $min) { return 5; } else { if ($count == $max) { return 1; } else { if ($count >= $min + $dist * 2) { return 2; } else { if ($count >= $min + $dist) { return 3; } else { return 4; } } } } }
function GoogleMap_Cache() { $ctx = Model_Context::getInstance(); $dbPrefix = $ctx->getProperty('database.prefix'); $blogId = $ctx->getProperty('blog.id'); $IV = array('POST' => array('original_path' => array('string', 'default' => ''), 'path' => array('string', 'default' => ''), 'lat' => array('number', 'default' => null), 'lng' => array('number', 'default' => null))); Validator::validate($IV); if (empty($_POST['path']) || empty($_POST['original_path'])) { echo 'error: empty path'; return; } $original_path_e = POD::escapeString($_POST['original_path']); $path_e = POD::escapeString($_POST['path']); $row = POD::queryRow("SELECT * FROM {$dbPrefix}GMapLocations WHERE blogid = {$blogId} AND original_address = '{$original_path_e}'"); if ($row == null || empty($row)) { if (POD::execute("INSERT INTO {$dbPrefix}GMapLocations VALUES ({$blogId}, '{$original_path_e}', '{$path_e}', {$_POST['lng']}, {$_POST['lat']}, " . time() . ")")) { echo 'ok'; } else { echo 'error: cache failed'; } } else { echo 'duplicate'; } }
function checkStep($step, $check = true) { global $root, $path; $error = 0; if ($step == 1) { if ($check) { return true; } } else { if ($step == 2) { if ($check) { if (!empty($_POST['mode'])) { switch ($_POST['mode']) { case 'install': case 'setup': case 'uninstall': return true; } } } ?> <input type="hidden" name="step" value="2" /> <input id="setupMode" type="hidden" name="mode" value="" /> <div id="inner"> <h2><span class="step"><?php echo _f('%1단계', 2); ?> </span> : <?php echo _t('작업 유형을 선택해 주십시오.'); ?> </h2> <div style="text-align:center"> <div style="width:100%; padding:40px 0px 40px 0px"> <div style="margin:20px;"><input type="button" value="<?php echo _t('새로운 텍스트큐브를 설정합니다'); ?> " style="width:100%; height:40px; font-size:14px" onclick="next('install');return false;" /></div> <div style="margin:20px;"><input type="button" value="<?php echo _t('텍스트큐브를 다시 설정합니다'); ?> " style="width:100%; height:40px; font-size:14px" onclick="next('setup');return false;" /></div> <div style="margin:20px;"><input type="button" value="<?php echo _t('텍스트큐브 테이블을 삭제합니다'); ?> " style="width:100%; height:40px; font-size:14px" onclick="next('uninstall');return false;" /></div> </div> </div> </div> <?php } else { if ($step == 3) { if ($check) { switch ($_POST['mode']) { case 'install': case 'setup': if (!empty($_POST['dbServer']) && !empty($_POST['dbName']) && !empty($_POST['dbUser']) && isset($_POST['dbPassword']) && isset($_POST['dbPrefix'])) { $dbTemp = array('server' => $_POST['dbServer'], 'username' => $_POST['dbUser'], 'password' => $_POST['dbPassword'], 'port' => $_POST['dbPort']); if (!empty($_POST['dbName'])) { $dbTemp['database'] = $_POST['dbName']; } global $dbms; $dbms = $_POST['dbms']; if (!POD::bind($dbTemp)) { $error = 1; } else { if (!empty($_POST['dbPrefix']) && !preg_match('/^[a-zA-Z0-9_]+$/', $_POST['dbPrefix'])) { $error = 3; } else { return true; } } } break; case 'uninstall': if (!empty($_POST['dbServer']) && !empty($_POST['dbName']) && !empty($_POST['dbUser']) && isset($_POST['dbPassword']) && !empty($_POST['dbPort'])) { $dbTemp = array('server' => $_POST['dbServer'], 'username' => $_POST['dbUser'], 'password' => $_POST['dbPassword'], 'port' => $_POST['dbPort']); if (!empty($_POST['dbName'])) { $dbTemp['database'] = $_POST['dbName']; } global $dbms; $dbms = $_POST['dbms']; if (!POD::bind($dbTemp)) { $error = 1; } else { return true; } } break; } } ?> <input type="hidden" name="step" value="3" /> <input type="hidden" name="mode" value="<?php echo $_POST['mode']; ?> " /> <script type="text/javascript"> //<![CDATA[ function suggestDefaultPort(db) { switch(db) { case 'MySQLi': default: port = 3306; break; case 'Cubrid': port = 30000; break; case 'PostgreSQL': port = 5432; break; default: port = ''; break; } document.getElementById('dbPort').value = port; document.getElementById('dbms'+db).checked = checked; return true; } //]]> </script> <div id="inner"> <h2><span class="step"><?php echo _f('%1단계', 3); ?> </span> : <?php echo _t('작업 정보를 입력해 주십시오.'); ?> </h2> <div id="userinput"> <table class="inputs"> <tr> <th><?php echo _t('데이터베이스 관리 시스템'); ?> :</th> <td> <?php $dbmsSupport = array(); if (function_exists('mysqli_connect')) { array_push($dbmsSupport, 'MySQLi'); } if (function_exists('pg_connect')) { array_push($dbmsSupport, 'PostgreSQL'); } if (class_exists('SQLite3')) { array_push($dbmsSupport, 'SQLite3'); } if (function_exists('cubrid_connect')) { array_push($dbmsSupport, 'Cubrid'); } foreach ($dbmsSupport as $dbms) { ?> <input type="radio" id="dbms<?php echo $dbms; ?> " name="dbms" value="<?php echo $dbms; ?> " <?php echo isset($_POST['dbms']) && $_POST['dbms'] == $dbms || !isset($_POST['dbms']) && $dbms == $dbmsSupport[0] ? 'checked' : ''; ?> onclick="suggestDefaultPort('<?php echo $dbms; ?> ');return false;" /> <?php echo $dbms; } ?> </td> </tr> <tr> <th><?php echo _t('데이터베이스 서버'); ?> :</th> <td> <input type="text" name="dbServer" value="<?php echo isset($_POST['dbServer']) ? $_POST['dbServer'] : 'localhost'; ?> " class="input<?php echo $check && (empty($_POST['dbServer']) || $error == 1) ? ' input_error' : ''; ?> " /> </td> </tr> <tr> <th><?php echo _t('데이터베이스 포트'); ?> :</th> <td> <input type="text" id="dbPort" name="dbPort" value="<?php echo isset($_POST['dbPort']) ? $_POST['dbPort'] : '3306'; ?> " class="input<?php echo $check && (empty($_POST['dbPort']) || $error == 1) ? ' input_error' : ''; ?> " /> </td> </tr> <tr> <th><?php echo _t('데이터베이스 이름'); ?> :</th> <td> <input type="text" name="dbName" value="<?php echo isset($_POST['dbName']) ? $_POST['dbName'] : NULL; ?> " class="input<?php echo $check && (empty($_POST['dbName']) || $error == 2) ? ' input_error' : ''; ?> " /> </td> </tr> <tr> <th><?php echo _t('데이터베이스 사용자명'); ?> :</th> <td> <input type="text" name="dbUser" value="<?php echo isset($_POST['dbUser']) ? $_POST['dbUser'] : ''; ?> " class="input<?php echo $check && (empty($_POST['dbUser']) || $error) ? ' input_error' : ''; ?> " /> </td> </tr> <tr> <th><?php echo _t('데이터베이스 암호'); ?> :</th> <td> <input type="password" name="dbPassword" value="<?php echo isset($_POST['dbPassword']) ? htmlspecialchars($_POST['dbPassword']) : ''; ?> " class="input<?php echo $check && $error == 1 ? ' input_error' : ''; ?> " /> </td> </tr> <?php switch ($_POST['mode']) { case 'install': case 'setup': ?> <tr> <th><?php echo _t('테이블 식별자'); ?> :</th> <td> <input type="text" name="dbPrefix" value="<?php echo isset($_POST['dbPrefix']) ? $_POST['dbPrefix'] : 'tc_'; ?> " class="input <?php echo $check && $error == 3 ? ' input_error' : ''; ?> " /> </td> </tr> <?php break; case 'uninstall': break; } ?> </table> </div> <div id="content"> <ol> <li><?php echo _t('데이터베이스가 해당 호스트에 먼저 생성되어 있어야 합니다.'); ?> </li> <li><?php echo _t('테이블식별자는 텍스트큐브가 사용하는 테이블이름 앞에 붙는 문자열입니다. 데이터 베이스내에 다른 어플리케이션이 사용하는 테이블이 있을 경우 구별하기 위해 사용합니다'); ?> <?php echo _t('테이블식별자를 입력하지 않을 경우 자동으로 tc_ 를 사용합니다.'); ?> </li> </ol> </div> <div id="warning"><?php if ($error == 1) { echo _t('데이터베이스 서버에 연결할 수 없습니다. 정보를 다시 입력해 주십시오.'); } else { if ($error == 2) { echo _t('데이터베이스를 사용할 수가 없습니다. 정보를 다시 입력해 주십시오.'); } else { if ($error == 3) { echo _t('테이블 식별자가 올바르지 않습니다. 다시 입력해 주십시오.'); } else { if ($error == 6) { echo _t('데이터베이스에 연결할 수 없습니다.'); } else { if ($error == 7) { echo _t('데이터베이스에 접근할 수 없습니다.'); } else { if ($error == 8) { echo _t('새로운 테이블 식별자가 올바르지 않습니다. 다시 입력해 주십시오.'); } else { if ($check) { echo _t('표시된 정보가 부족합니다.'); } else { echo ' '; } } } } } } } ?> </div> <div id="navigation"> <a href="#" onclick="window.history.back()" title="<?php echo _t('이전'); ?> "><img src="./resources/style/setup/image/icon_prev.gif" width="74" height="24" alt="<?php echo _t('이전'); ?> " /></a> <a href="#" onclick="next(); return false;" title="<?php echo _t('다음'); ?> "><img src="./resources/style/setup/image/icon_next.gif" width="74" height="24" alt="<?php echo _t('다음'); ?> " /></a> </div> </div> <?php } else { if ($step == 4 || $step == 33) { if ($check) { if ($_POST['mode'] == 'uninstall') { if (empty($_POST['target'])) { checkStep(2, false); return false; } else { checkStep(205, false); return false; } } if (!empty($_POST['checked']) && $_POST['checked'] == 'yes') { return true; } } if ($_POST['mode'] == 'uninstall') { return checkStep(204, false); } ?> <input type="hidden" name="step" value="4" /> <input type="hidden" name="mode" value="<?php echo $_POST['mode']; ?> " /> <input type="hidden" name="dbms" value="<?php echo isset($_POST['dbms']) ? $_POST['dbms'] : ''; ?> " /> <input type="hidden" name="dbServer" value="<?php echo isset($_POST['dbServer']) ? $_POST['dbServer'] : ''; ?> " /> <input type="hidden" name="dbName" value="<?php echo isset($_POST['dbName']) ? $_POST['dbName'] : ''; ?> " /> <input type="hidden" name="dbPort" value="<?php echo isset($_POST['dbPort']) ? $_POST['dbPort'] : ''; ?> " /> <input type="hidden" name="dbUser" value="<?php echo isset($_POST['dbUser']) ? $_POST['dbUser'] : ''; ?> " /> <input type="hidden" name="dbPassword" value="<?php echo isset($_POST['dbPassword']) ? htmlspecialchars($_POST['dbPassword']) : ''; ?> " /> <input type="hidden" name="dbPrefix" value="<?php echo isset($_POST['dbPrefix']) ? $_POST['dbPrefix'] : ''; ?> " /> <input type="hidden" name="disableRewrite" value="<?php echo isset($_POST['disableRewrite']) ? $_POST['disableRewrite'] : ''; ?> " /> <div id="inner"> <h2><span class="step"><?php echo _f('%1단계', 4); ?> </span> : <?php echo _t('설치 요구 사항을 확인하고 있습니다.'); ?> </h2> <div id="content-box"> <h3><?php echo _t('환경'); ?> </h3> <ul> <li><?php echo _t('하드웨어'); ?> : <?php echo @exec('uname -mp'); ?> </li> <li><?php echo _t('운영체제'); ?> : <?php echo @exec('uname -sir'); ?> </li> <li><?php echo _t('웹서버'); ?> : <?php echo $_SERVER['SERVER_SOFTWARE']; ?> <?php echo isset($_SERVER['SERVER_SIGNATURE']) ? $_SERVER['SERVER_SIGNATURE'] : '(no signature)'; ?> </li> <li><?php echo _t('PHP 버전'); ?> : <?php echo phpversion(); ?> </li> <li><?php echo _t('데이터베이스 종류'); ?> : <?php echo POD::dbms(); ?> </li> <li><?php echo _f('%1 버전', POD::dbms()); ?> : <?php echo POD::version(); ?> </li> </ul> <h3>PHP</h3> <ul> <?php $functions = "\naddslashes\narray_flip\narray_key_exists\narray_pop\narray_push\narray_shift\narray_slice\nbase64_encode\nceil\ncheckdate\nclosedir\ncopy\ncount\ndechex\ndir\nexplode\nfclose\nfeof\nfgets\nfile_exists\nfile_get_contents\nfilesize\nfopen\nfputs\nfread\nfsockopen\nfunction_exists\nfwrite\nget_magic_quotes_gpc\ngetimagesize\ngmdate\ngmmktime\ngmstrftime\nheader\nhtml_entity_decode\nhtmlspecialchars\nimplode\nini_set\nintval\nis_dir\nis_file\nis_null\nis_numeric\nis_writable\nksort\nltrim\nmax\nmd5\nmicrotime\nmin\nmkdir\nmktime\nmove_uploaded_file\nnl2br\nnumber_format\nob_end_clean\nob_get_contents\nob_start\nopendir\nord\nparse_url\npreg_match\npreg_replace\nrand\nrawurlencode\nreaddir\nrmdir\nrtrim\nsession_cache_expire\nsession_destroy\nsession_id\nsession_name\nsession_set_cookie_params\nsession_set_save_handler\nsession_start\nsetcookie\nsizeof\nsprintf\nstr_replace\nstrftime\nstripslashes\nstrlen\nstrncasecmp\nstrncmp\nstrpos\nstrrev\nstrtolower\nstrval\nsubstr\nsubstr_count\nsubstr_replace\ntime\ntrim\nunlink\nurlencode\nxml_get_error_code\nxml_parse\nxml_parser_create\nxml_parser_free\nxml_parser_set_option\nxml_set_character_data_handler\nxml_set_default_handler\nxml_set_element_handler\nxml_set_object\n"; $required = array(); foreach (explode("\n", str_replace("\r", '', trim($functions))) as $function) { if (!function_exists($function)) { array_push($required, $function); } } if (version_compare(PHP_VERSION, '5.4.0') === -1 && (!isset($service['forceinstall']) || $service['forceinstall'] == false)) { $error = 4; ?> <span style="color:red"><?php echo _f('PHP 버전이 낮습니다. 설치를 위해서는 최소한 %1 이상의 버전이 필요합니다.', '5.4.0'); ?> </span> <?php } else { if (count($required) == 0) { ?> <li>OK</li> <?php } else { $error = 4; ?> <span style="color:red"><?php echo _t('함수가 설치되어야 합니다.'); ?> </span> <?php foreach ($required as $function) { ?> <li style="color:red"><?php echo $function; ?> </li> <?php } } } ?> </ul> <h3><?php echo POD::dbms(); ?> </h3> <ul> <?php if (POD::charset() == 'utf8') { echo '<li>Character Set: OK</li>'; } else { echo '<li style="color:navy">Character Set: ', _t('UTF8 미지원 (경고: 한글 지원이 불완전할 수 있습니다.)'), '</li>'; } if (POD::query("CREATE TABLE {$_POST['dbPrefix']}Setup (a INT NOT NULL)")) { POD::query("DROP TABLE {$_POST['dbPrefix']}Setup"); echo '<li>', _t('테이블 생성 권한'), ': OK</li>'; } else { $error = 6; echo '<li style="color:red">', _t('테이블 생성 권한'), ': ', _t('없음'), '</li>'; } ?> </ul> <?php $tables = array(); if ($result = POD::tableList()) { foreach ($result as $table) { if (strncmp($table, $_POST['dbPrefix'], strlen($_POST['dbPrefix']))) { continue; } switch (strtolower(substr($table, strlen($_POST['dbPrefix'])))) { case 'attachments': case 'blogsettings': case 'blogstatistics': case 'categories': case 'comments': case 'commentsnotified': case 'commentsnotifiedqueue': case 'commentsnotifiedsiteinfo': case 'dailystatistics': case 'entries': case 'entriesarchive': case 'feedgrouprelations': case 'feedgroups': case 'feeditems': case 'feedreads': case 'feedsettings': case 'feedstarred': case 'feeds': case 'filters': case 'linkcategories': case 'links': case 'openidusers': case 'pagecachelog': case 'plugins': case 'refererlogs': case 'refererstatistics': case 'reservedwords': case 'servicesetting': case 'sessionvisits': case 'sessions': case 'skinsettings': case 'tagrelations': case 'tags': case 'teamblog': case 'trackbacklogs': case 'trackbacks': case 'usersettings': case 'users': case 'xmlrpcpingsettings': $tables[count($tables)] = $table; break; } } } switch ($_POST['mode']) { case 'install': echo '<h3>', _t('새 데이터베이스 테이블'), '</h3>'; if (count($tables) == 0) { echo '<ul><li>OK</li></ul>'; } else { $error = 7; echo '<ul style="color:red">', _t('테이블이 이미 존재합니다.'); foreach ($tables as $table) { echo '<li>', $table, '</li>'; } echo '</ul>'; } break; case 'setup': echo '<h3>', _t('데이터베이스 테이블 확인'), '</h3>'; if (count($tables) < 40 && count($tables) > 35 || count($tables) == 35 && !in_array('Filters', $tables)) { echo '<ul><li>OK</li></ul>'; } else { $error = 7; echo '<ul style="color:red">', _t('테이블이 존재하지 않습니다.'); foreach ($tables as $table) { echo '<li>', $table, '</li>'; } echo '</ul>'; } } ?> <h3><?php echo _t('파일 시스템 권한'); ?> </h3> <ul> <?php $commands = array(); $filename = $root . '/.htaccess'; if (file_exists($filename)) { if (is_writable($filename)) { if (filesize($filename)) { echo '<li style="color:navy">', _f('설정 파일: OK (경고: "%1" 파일을 덮어 쓰게 됩니다.)', $filename), '</li>'; } else { echo '<li>', _t('웹 설정 파일'), ': OK</li>'; } } else { $error = 8; echo '<li style="color:red">', _t('웹 설정 파일'), ': ', _f('"%1"에 접근할 수 없습니다. 퍼미션을 %2(으)로 수정해 주십시오.', $filename, '0666'), '</li>'; array_push($commands, 'chmod 0666 ' . $filename); } } else { if (is_writable($root)) { echo '<li>', _t('웹 설정 파일'), ': OK</li>'; } else { $error = 9; echo '<li style="color:red">', _t('웹 설정 파일'), ': ', _f('"%1"에 %2 파일을 생성할 수 없습니다. "%1"의 퍼미션을 %3(으)로 수정해 주십시오.', $root, '.htaccess', '0777'), '</li>'; array_push($commands, 'chmod 0777 ' . $root); } } $filename = $root . '/config.php'; if (file_exists($filename)) { if (is_writable($filename)) { if (filesize($filename)) { echo '<li style="color:navy">', _f('설정 파일: OK (경고: "%1" 파일을 덮어 쓰게 됩니다.)', $filename), '</li>'; } else { echo '<li>', _t('설정 파일'), ': OK</li>'; } } else { $error = 10; echo '<li style="color:red">', _t('설정 파일'), ': ', _f('"%1"에 접근할 수 없습니다. 퍼미션을 %2(으)로 수정해 주십시오.', $filename, '0666'), '</li>'; array_push($commands, 'chmod 0666 ' . $filename); } } else { if (is_writable($root)) { echo '<li>', _t('설정 파일'), ': OK</li>'; } else { $error = 11; echo '<li style="color:red">', _t('설정 파일'), ': ', _f('"%1"에 %2 파일을 생성할 수 없습니다. "%1"의 퍼미션을 %3(으)로 수정해 주십시오.', $root, 'config.php', '0777'), '</li>'; array_push($commands, 'chmod 0777 ' . $root); } } $filename = $root . '/user'; if (file_exists($filename)) { if (is_dir($filename) && is_writable($filename)) { echo '<li>', _t('사용자 데이터 디렉토리'), ': OK</li>'; } else { $error = 12; echo '<li style="color:red">', _t('사용자 데이터 디렉토리'), ': ', _f('"%1"에 접근할 수 없습니다. 퍼미션을 %2(으)로 수정해 주십시오.', $filename, '0777'), '</li>'; array_push($commands, 'chmod 0777 ' . $filename); } } else { if (mkdir($filename)) { @chmod($filename, 0777); echo '<li>', _t('사용자 데이터 디렉토리'), ': OK</li>'; } else { $error = 13; echo '<li style="color:red">', _t('사용자 데이터 디렉토리'), ': ', _f('"%1"에 %2 디렉토리를 생성할 수 없습니다. "%1"의 퍼미션을 %3(으)로 수정해 주십시오.', $root, 'user', '0777'), '</li>'; array_push($commands, 'chmod 0777 ' . $root); } } $filename = $root . '/user/attach'; if (file_exists($filename)) { if (is_dir($filename) && is_writable($filename)) { echo '<li>', _t('첨부 디렉토리'), ': OK</li>'; } else { $error = 12; echo '<li style="color:red">', _t('첨부 디렉토리'), ': ', _f('"%1"에 접근할 수 없습니다. 퍼미션을 %2(으)로 수정해 주십시오.', $filename, '0777'), '</li>'; array_push($commands, 'chmod 0777 ' . $filename); } } else { if (mkdir($filename)) { @chmod($filename, 0777); echo '<li>', _t('첨부 디렉토리'), ': OK</li>'; } else { $error = 13; echo '<li style="color:red">', _t('첨부 디렉토리'), ': ', _f('"%1"에 %2 디렉토리를 생성할 수 없습니다. "%1"의 퍼미션을 %3(으)로 수정해 주십시오.', $root, 'attach', '0777'), '</li>'; array_push($commands, 'chmod 0777 ' . $root); } } $filename = $root . '/user/cache'; if (is_dir($filename)) { if (is_writable($filename)) { echo '<li>', _t('캐시 디렉토리'), ': OK</li>'; } else { $error = 12; echo '<li style="color:red">', _t('캐시 디렉토리'), ': ', _f('"%1"에 접근할 수 없습니다. 퍼미션을 %2(으)로 수정해 주십시오.', $filename, '0777'), '</li>'; array_push($commands, 'chmod 0777 ' . $filename); } } else { if (mkdir($filename)) { @chmod($filename, 0777); echo '<li>', _t('캐시 디렉토리'), ': OK</li>'; } else { $error = 13; echo '<li style="color:red">', _t('캐시 디렉토리'), ': ', _f('"%1"에 %2 디렉토리를 생성할 수 없습니다. "%1"의 퍼미션을 %3(으)로 수정해 주십시오.', $root, 'cache', '0777'), '</li>'; array_push($commands, 'chmod 0777 ' . $root); } } /* $filename = $root . '/remote'; if (is_dir($filename)) { if (is_writable($filename)) echo '<li>', _t('원격 설치 디렉토리'), ': OK</li>'; else { $error = 12; echo '<li style="color:red">', _t('원격 설치 디렉토리'), ': ', _f('"%1"에 접근할 수 없습니다. 퍼미션을 %2(으)로 수정해 주십시오.', $filename, '0777'), '</li>'; } } else if (mkdir($filename)) { @chmod($filename, 0777); echo '<li>', _t('원격 설치 디렉토리'), ': OK</li>'; } else { $error = 13; echo '<li style="color:red">', _t('원격 설치 디렉토리'), ': ', _f('"%1"에 %2 디렉토리를 생성할 수 없습니다. "%1"의 퍼미션을 %3(으)로 수정해 주십시오.', $root, 'cache', '0777'), '</li>'; }*/ $filename = $root . '/user/skin/blog/customize'; if (is_dir($filename)) { if (is_writable($filename)) { echo '<li>', _t('스킨 디렉토리'), ': OK</li>'; } else { $error = 14; echo '<li style="color:red">', _t('스킨 디렉토리'), ': ', _f('"%1"에 접근할 수 없습니다. 퍼미션을 %2(으)로 수정해 주십시오.', $filename, '0777'), '</li>'; array_push($commands, 'chmod 0777 ' . $filename); } } else { if (mkdir($filename)) { @chmod($filename, 0777); echo '<li>', _t('스킨 디렉토리'), ': OK</li>'; } else { $error = 15; echo '<li style="color:red">', _t('스킨 디렉토리'), ': ', _f('"%1"에 %2 디렉토리를 생성할 수 없습니다. "%1"의 퍼미션을 %3(으)로 수정해 주십시오.', "{$root}/user/skin/blog", 'customize', '0777'), '</li>'; array_push($commands, 'chmod 0777 ' . "{$root}/user/skin/blog"); } } ?> </ul> <?php if (!empty($commands)) { echo '<span class="instruction">' . _t("퍼미션 수정은 FTP 프로그램을 사용하시거나 다음의 명령을 터미널에 붙여 넣으시면 됩니다.") . "</span>"; echo '<ul class="instruction">'; $commands = array_unique($commands); foreach ($commands as $command) { echo "<li>" . $command . "</li>"; } echo '</ul>'; } if ($step == 33) { $error = 16; if (checkIIS()) { ?> <h3><?php echo _t('IIS Rewrite Module'); ?> </h3> <ul style="color:red"> <li><?php echo _t('현재 IIS에서의 설치는 실험적으로만 지원하고 있으며 별도의 Rewrite 모듈을 사용해야 합니다.') . ' ' . _t('만약 이 페이지를 보고 계시다면 Apache mod_rewrite와 호환되지 않는 Rewrite 모듈을 사용 중이거나 아예 모듈이 없는 경우입니다.'); ?> </li> <li><?php echo _t('IIS 7.0을 사용하시는 경우 공식 URL Rewrite Module을 사용하려면 <a href="http://www.iis.net/extensions/URLRewrite">이곳에서 다운로드</a>받아 설치하시고, 계속 진행·설치 후 생성되는 <b>.htaccess</b> 파일 내용을 그대로 import해주시면 됩니다.'); ?> </li> <li><?php echo _t('IIS 6.0 이전 버전을 사용하시는 경우 Rewrite 모듈을 설치하려면, 오픈스소 무료 모듈을 제공하고 있는 <a href="http://www.codeplex.com/IIRF" target="_blank">Ionics Isapi Rewrite Filter 홈페이지</a>를 방문하여 설치하신 후, 계속 진행·설치 후 생성되는 <b>.htaccess</b> 파일의 내용을 위 모듈의 설정파일(<b>IsapiRewrite4.ini</b>)에 복사하시기 바랍니다.'); ?> </li> </ul> <p> <input type="radio" name="rewriteIIS" value="IISRewrite" id="rewriteIIS_Option1"><label for="rewriteIIS_Option1"><?php echo _t('IIS 7.0용 공식 URL Rewrite 모듈을 사용합니다.'); ?> </label><br /> <input type="radio" name="rewriteIIS" value="ISAPI" id="rewriteIIS_Option2"><label for="rewriteIIS_Option2"><?php echo _t('IIS 6.0 및 그 이전 버전을 위한 오픈소스 Rewrite 모듈을 사용합니다.'); ?> </label> </p> <?php $error = 0; } else { ?> <h3><?php echo _t('Apache Rewrite Engine'); ?> </h3> <ul style="color:red"> <li><?php echo _t('Rewrite를 사용할 수 없습니다.'); ?> <br /><span style="color:black"><?php echo _t('다음 항목을 확인하십시오.'); ?> </span></li> <input type="checkbox" id="disableRewrite" name="disableRewrite" /> <label for="disableRewrite"><?php echo _t('rewrite 모듈을 사용하지 않습니다.') . ' ' . _t('만약 rewrite 모듈 설정을 올바르게 했는데도 모듈 사용 여부의 검사에 문제가 있는 경우 rewrite 모듈을 사용하지 않음을 선택하시고 이 부분을 건너 뛰시기 바랍니다.') . ' ' . _t('지금 설정하지 않아도 설치 이후에 관리 패널의 서비스설정-서버 에서 rewrite 관련 설정을 할 수 있습니다.'); ?> </label> <ol style="color:blue"> <li><?php echo _t('웹서버 설정에 <b>mod_rewrite</b>의 로딩이 포함되어야 합니다.'); ?> <br /> <samp><?php echo _t('예: LoadModule <b>rewrite_module</b> modules/<b>mod_rewrite</b>.so'); ?> </samp> </li> <li><?php echo _t('웹서버 설정의 이 디렉토리에 대한 <em>Options</em> 항목에 <b>FollowSymLinks</b>가 포함되거나 <b>All</b>이어야 합니다.'); ?> <samp><br /><?php echo _t('예: Options <b>FollowSymLinks</b>'); ?> </samp> <samp><br /><?php echo _t('예: Options <b>All</b>'); ?> </samp> </li> <li><?php echo _t('웹서버 설정의 이 디렉토리에 대한 <em>AllowOverride</em> 항목에 <b>FileInfo</b>가 포함되거나 <b>All</b>이어야 합니다.'); ?> <samp><br /><?php echo _t('예: AllowOverride <b>FileInfo</b>'); ?> </samp> <samp><br /><?php echo _t('예: AllowOverride <b>All</b>'); ?> </samp> </li> <li><b><?php echo _t('위 2와 3의 문제는 아래 내용을 웹서버 설정에 포함시켜 해결할 수 있습니다.'); ?> </b> <samp style="color:black"><br /> <Directory "<?php echo $root; ?> "><br /> Options FollowSymLinks<br /> AllowOverride FileInfo<br /> </Directory> </samp> </li> </ul> </ul> <?php } } ?> </div> <div id="navigation"> <a href="#" onclick="window.history.back()" title="<?php echo _t('이전'); ?> "><img src="./resources/style/setup/image/icon_prev.gif" width="74" height="24" alt="<?php echo _t('이전'); ?> " /></a> <a href="#" onclick="next(); return false;" title="<?php echo _t('다음'); ?> "><img src="./resources/style/setup/image/icon_next.gif" width="74" height="24" alt="<?php echo _t('다음'); ?> " /></a> </div> </div> <input type="hidden" name="checked" value="<?php echo $error > 0 ? 'no' : 'yes'; ?> " /> <?php } else { if ($step == 5) { if ($check) { if (!empty($_POST['domain']) && !empty($_POST['type'])) { return true; } } // mod_rewrite routine. if (empty($_POST['disableRewrite']) && empty($_POST['rewriteIIS'])) { $filename = $root . '/.htaccess'; $fp = fopen($filename, 'w+'); if (!$fp) { checkStep($step - 1, false); return false; } fwrite($fp, "RewriteEngine On\nRewriteBase {$path}/\nRewriteRule ^testrewrite\$ setup.php [L]"); fclose($fp); @chmod($filename, 0666); if (testMyself('blog' . substr($_SERVER['HTTP_HOST'], strpos($_SERVER['HTTP_HOST'], '.')), $path . '/testrewrite?test=now', $_SERVER['SERVER_PORT'])) { $rewrite = 3; } else { if (testMyself('blog.' . $_SERVER['HTTP_HOST'], $path . '/testrewrite?test=now', $_SERVER['SERVER_PORT'])) { $rewrite = 2; } else { if (testMyself($_SERVER['HTTP_HOST'], $path . '/testrewrite?test=now', $_SERVER['SERVER_PORT'])) { $rewrite = 1; } else { $rewrite = 0; @unlink($filename); checkStep(33, false); return false; } } } @unlink($filename); } else { if (!empty($_POST['rewriteIIS'])) { switch ($_POST['rewriteIIS']) { case 'ISAPI': $rewrite = -1; break; case 'IISRewrite': default: $rewrite = -2; } } else { $rewrite = 0; } } $domain = $rewrite == 3 ? substr($_SERVER['HTTP_HOST'], strpos($_SERVER['HTTP_HOST'], '.') + 1) : $_SERVER['HTTP_HOST']; $blogProtocol = isset($_SERVER['HTTPS']) ? 'https' : 'http'; $blogDefaultPort = isset($_SERVER['HTTPS']) ? 443 : 80; ?> <input type="hidden" name="step" value="<?php echo $step; ?> " /> <input type="hidden" name="mode" value="<?php echo $_POST['mode']; ?> " /> <input type="hidden" name="dbms" value="<?php echo isset($_POST['dbms']) ? $_POST['dbms'] : ''; ?> " /> <input type="hidden" name="dbServer" value="<?php echo isset($_POST['dbServer']) ? $_POST['dbServer'] : ''; ?> " /> <input type="hidden" name="dbPort" value="<?php echo isset($_POST['dbPort']) ? $_POST['dbPort'] : ''; ?> " /> <input type="hidden" name="dbName" value="<?php echo isset($_POST['dbName']) ? $_POST['dbName'] : ''; ?> " /> <input type="hidden" name="dbUser" value="<?php echo isset($_POST['dbUser']) ? $_POST['dbUser'] : ''; ?> " /> <input type="hidden" name="dbPassword" value="<?php echo isset($_POST['dbPassword']) ? htmlspecialchars($_POST['dbPassword']) : ''; ?> " /> <input type="hidden" name="dbPrefix" value="<?php echo isset($_POST['dbPrefix']) ? $_POST['dbPrefix'] : ''; ?> " /> <input type="hidden" name="checked" value="<?php echo isset($_POST['checked']) ? $_POST['checked'] : ''; ?> " /> <input type="hidden" name="domain" value="<?php echo $domain; ?> " /> <input type="hidden" name="disableRewrite" value="<?php echo isset($_POST['disableRewrite']) ? $_POST['disableRewrite'] : ''; ?> " /> <input type="hidden" name="rewriteMode" value="<?php echo $rewrite <= -1 ? $_POST['rewriteIIS'] : 'mod_rewrite'; ?> " /> <div id="inner"> <h2><span class="step"><?php echo _f('%1단계', $step); ?> </span> : <?php echo _t('사용 가능한 운영 방법은 다음과 같습니다. 선택하여 주십시오.'); ?> </h2> <div id="userinput"> <table class="inputs"> <?php if ($rewrite != 0) { ?> <tr> <th width="120"><strong><?php echo _t('다중 사용자'); ?> : </strong></th> <td> <?php if ($rewrite >= 2) { ?> <label for="type1"><input type="radio" id="type1" name="type" value="domain" checked="checked" onclick="show('typeDomain');" /> <?php echo _t('도메인네임(DNS)으로 블로그 식별'); ?> </label> <br /> <?php } ?> <label for="type2"><input type="radio" id="type2" name="type" value="path"<?php echo $rewrite == 1 || $rewrite == -1 ? ' checked="checked"' : ''; ?> onclick="show('typePath');" /> <?php echo _t('하위 경로(Path)로 블로그 식별'); ?> </label></td> </tr> <?php } ?> <tr> <th style="padding-top:10px"><strong><?php echo _t('단일 사용자'); ?> : </strong></th> <td style="padding-top:10px"> <label for="type3"><input type="radio" id="type3" name="type" value="single" onclick="show('typeSingle');" <?php echo empty($_POST['disableRewrite']) ? '' : 'checked="checked"'; ?> /><?php echo _t('단일 블로그'); ?> </label></td> </tr> <tr> <th style="padding-top:20px"><?php echo _t('블로그 주소 예시'); ?> </th> <td style="padding-top:20px; height:100px"> <ul id="typeDomain"<?php echo $rewrite >= 2 ? '' : ' style="display:none"'; ?> > <li><?php echo $blogProtocol; ?> ://<b>blog1</b>.<?php echo $domain; echo $_SERVER['SERVER_PORT'] == $blogDefaultPort ? '' : ":{$_SERVER['SERVER_PORT']}"; echo $path; ?> /</li> <li><?php echo $blogProtocol; ?> ://<b>blog2</b>.<?php echo $domain; echo $_SERVER['SERVER_PORT'] == $blogDefaultPort ? '' : ":{$_SERVER['SERVER_PORT']}"; echo $path; ?> /</li> </ul> <ul id="typePath"<?php echo $rewrite == 1 ? '' : ' style="display:none"'; ?> > <li><?php echo $blogProtocol; ?> ://<?php echo $domain; echo $_SERVER['SERVER_PORT'] == $blogDefaultPort ? '' : ":{$_SERVER['SERVER_PORT']}"; echo $path; ?> /<b>blog1</b></li> <li><?php echo $blogProtocol; ?> ://<?php echo $domain; echo $_SERVER['SERVER_PORT'] == $blogDefaultPort ? '' : ":{$_SERVER['SERVER_PORT']}"; echo $path; ?> /<b>blog2</b></li> </ul> <ul id="typeSingle" <?php echo empty($_POST['disableRewrite']) ? 'style="display:none"' : ''; ?> > <li><?php echo $blogProtocol; ?> ://<?php echo $domain; echo $_SERVER['SERVER_PORT'] == $blogDefaultPort ? '' : ":{$_SERVER['SERVER_PORT']}"; echo $path; ?> /<?php echo empty($_POST['disableRewrite']) ? '' : 'blog/'; ?> </li> </ul> </td> </tr> </table> </div> <div id="navigation"> <a href="#" onclick="window.history.back()" title="<?php echo _t('이전'); ?> "><img src="./resources/style/setup/image/icon_prev.gif" width="74" height="24" alt="<?php echo _t('이전'); ?> " /></a> <a href="#" onclick="next(); return false;" title="<?php echo _t('다음'); ?> "><img src="./resources/style/setup/image/icon_next.gif" width="74" height="24" alt="<?php echo _t('다음'); ?> " /></a> </div> </div> <?php } else { if ($step == 6) { if ($check) { if (!empty($_POST['email']) && !empty($_POST['password']) && !empty($_POST['password2']) && ($_POST['type'] == 'single' || !empty($_POST['blog'])) && isset($_POST['name'])) { if (!preg_match('/^[^@]+@([-a-zA-Z0-9]+\\.)+[-a-zA-Z0-9]+$/', $_POST['email'])) { $error = 51; } else { if ($_POST['password'] != $_POST['password2']) { $error = 52; } else { if ($_POST['type'] != 'single' && !preg_match('/^[a-zA-Z0-9]+$/', $_POST['blog'])) { $error = 53; } else { if (strlen($_POST['password']) < 6 || strlen($_POST['password2']) < 6) { $error = 54; } else { return true; } } } } } } else { @POD::query('SET CHARACTER SET utf8'); if ($result = @POD::query("SELECT loginid, password, name FROM {$_POST['dbPrefix']}Users WHERE userid = 1")) { @(list($_POST['email'], $_POST['password'], $_POST['name']) = POD::fetch($result, 'row')); $_POST['password2'] = $_POST['password']; POD::free($result); } if ($result = @POD::queryCell("SELECT value FROM {$_POST['dbPrefix']}BlogSettings\n\t\t\t\t\t\tWHERE blogid = 1\n\t\t\t\t\t\t\tAND name = 'name'")) { $_POST['blog'] = $result; } } ?> <input type="hidden" name="step" value="<?php echo $step; ?> " /> <input type="hidden" name="mode" value="<?php echo $_POST['mode']; ?> " /> <input type="hidden" name="dbms" value="<?php echo isset($_POST['dbms']) ? $_POST['dbms'] : ''; ?> " /> <input type="hidden" name="dbServer" value="<?php echo isset($_POST['dbServer']) ? $_POST['dbServer'] : ''; ?> " /> <input type="hidden" name="dbPort" value="<?php echo isset($_POST['dbPort']) ? $_POST['dbPort'] : ''; ?> " /> <input type="hidden" name="dbName" value="<?php echo isset($_POST['dbName']) ? $_POST['dbName'] : ''; ?> " /> <input type="hidden" name="dbUser" value="<?php echo isset($_POST['dbUser']) ? $_POST['dbUser'] : ''; ?> " /> <input type="hidden" name="dbPassword" value="<?php echo isset($_POST['dbPassword']) ? htmlspecialchars($_POST['dbPassword']) : ''; ?> " /> <input type="hidden" name="dbPrefix" value="<?php echo isset($_POST['dbPrefix']) ? $_POST['dbPrefix'] : ''; ?> " /> <input type="hidden" name="checked" value="<?php echo isset($_POST['checked']) ? $_POST['checked'] : ''; ?> " /> <input type="hidden" name="domain" value="<?php echo isset($_POST['domain']) ? $_POST['domain'] : ''; ?> " /> <input type="hidden" name="disableRewrite" value="<?php echo isset($_POST['disableRewrite']) ? $_POST['disableRewrite'] : ''; ?> " /> <input type="hidden" name="rewriteMode" value="<?php echo isset($_POST['rewriteMode']) ? $_POST['rewriteMode'] : ''; ?> " /> <input type="hidden" name="type" value="<?php echo isset($_POST['type']) ? $_POST['type'] : ''; ?> " /> <div id="inner"> <h2><span class="step"><?php echo _f('%1단계', $step); ?> </span> : <?php echo _t('관리자 정보 입력'); ?> </h2> <div id="userinput"> <table class="inputs"> <tr> <th style="width:100px"><?php echo _t('이메일'); ?> : </th> <td> <input type="text" id="email" name="email" value="<?php echo isset($_POST['email']) ? htmlspecialchars($_POST['email']) : ''; ?> " class="input_email"<?php echo $check && (empty($_POST['email']) || $error == 51) ? ' style="border-color:red"' : ''; ?> /> </td> </tr> <tr> <th><?php echo _t('비밀번호'); ?> : </th> <td> <input type="password" name="password" value="<?php echo isset($_POST['password']) ? htmlspecialchars($_POST['password']) : ''; ?> " class="input_password"<?php echo $check && empty($_POST['password']) ? ' style="border-color:red"' : ''; ?> /><br /> <em class="password"><?php echo _t('비밀번호는 최소 6자 이상이어야 합니다.'); ?> </em> </td> </tr> <tr> <th><?php echo _t('비밀번호 확인'); ?> : </th> <td> <input type="password" name="password2" value="<?php echo isset($_POST['password2']) ? htmlspecialchars($_POST['password2']) : ''; ?> " class="input_password"<?php echo $check && empty($_POST['password2']) ? ' style="border-color:red"' : ''; ?> /> </td> </tr> <tr> <th><?php echo _t('블로그 식별자'); ?> : </th> <td> <input type="text" name="blog" value="<?php echo isset($_POST['blog']) ? htmlspecialchars($_POST['blog']) : ''; ?> " class="input_password"<?php echo $check && (empty($_POST['blog']) || $error == 53) ? ' style="border-color:red"' : ''; ?> /> </td> </tr> <tr> <th><?php echo _t('필명'); ?> : </th> <td> <input type="text" name="name" value="<?php echo isset($_POST['name']) ? htmlspecialchars($_POST['name']) : ''; ?> " class="input_password" /> </td> </tr> </table> <div id="warning"><?php if ($error == 51) { echo _t('이메일이 올바르지 않습니다.'); } else { if ($error == 52) { echo _t('비밀번호가 일치하지 않습니다.'); } else { if ($error == 53) { echo _t('블로그 식별자가 올바르지 않습니다.'); } else { if ($error == 54) { echo _t('비밀번호는 최소 6자 이상이어야 합니다.'); } else { if ($check) { echo _t('표시된 정보가 부족합니다.'); } else { echo ' '; } } } } } ?> </div> </div> <div id="navigation"> <a href="#" onclick="window.history.back()" title="<?php echo _t('이전'); ?> "><img src="./resources/style/setup/image/icon_prev.gif" width="74" height="24" alt="<?php echo _t('이전'); ?> " /></a> <a href="#" onclick="next(); return false;" title="<?php echo _t('다음'); ?> "><img src="./resources/style/setup/image/icon_next.gif" width="74" height="24" alt="<?php echo _t('다음'); ?> " /></a> </div> </div> <script type="text/javascript"> //<![CDATA[ document.getElementById('email').focus(); //]]> </script> <?php } else { if ($step == 7) { if ($check) { return true; } ?> <input type="hidden" name="step" value="<?php echo $step; ?> " /> <input type="hidden" name="mode" value="<?php echo $_POST['mode']; ?> " /> <input type="hidden" name="dbms" value="<?php echo isset($_POST['dbms']) ? $_POST['dbms'] : ''; ?> " /> <input type="hidden" name="dbServer" value="<?php echo isset($_POST['dbServer']) ? $_POST['dbServer'] : ''; ?> " /> <input type="hidden" name="dbPort" value="<?php echo isset($_POST['dbPort']) ? $_POST['dbPort'] : ''; ?> " /> <input type="hidden" name="dbName" value="<?php echo isset($_POST['dbName']) ? $_POST['dbName'] : ''; ?> " /> <input type="hidden" name="dbUser" value="<?php echo isset($_POST['dbUser']) ? $_POST['dbUser'] : ''; ?> " /> <input type="hidden" name="dbPassword" value="<?php echo isset($_POST['dbPassword']) ? htmlspecialchars($_POST['dbPassword']) : ''; ?> " /> <input type="hidden" name="dbPrefix" value="<?php echo isset($_POST['dbPrefix']) ? $_POST['dbPrefix'] : ''; ?> " /> <input type="hidden" name="checked" value="<?php echo isset($_POST['checked']) ? $_POST['checked'] : ''; ?> " /> <input type="hidden" name="domain" value="<?php echo isset($_POST['domain']) ? $_POST['domain'] : ''; ?> " /> <input type="hidden" name="disableRewrite" value="<?php echo isset($_POST['disableRewrite']) ? $_POST['disableRewrite'] : false; ?> " /> <input type="hidden" name="rewriteMode" value="<?php echo isset($_POST['rewriteMode']) ? $_POST['rewriteMode'] : ''; ?> " /> <input type="hidden" name="type" value="<?php echo isset($_POST['type']) ? $_POST['type'] : ''; ?> " /> <input type="hidden" name="blog" value="<?php echo isset($_POST['blog']) ? $_POST['blog'] : ''; ?> " /> <div id="inner"> <h2><span class="step"><?php echo _f('%1단계', $step); ?> </span> : <?php echo _t('데이터베이스를 준비하고 있습니다. 잠시만 기다려 주십시오.'); ?> </h2> <div id="content-box" style="text-align:center"> <p></p> </div> </div><!-- inner --> </form> </div><!-- container --> <?php function fail($msg) { flush(); if ($_POST['mode'] == 'install') { } exit; } $loginid = POD::escapeString($_POST['email']); $password = md5($_POST['password']); $name = POD::escapeString($_POST['name']); $blog = POD::escapeString($_POST['blog']); $baseLanguage = POD::escapeString($_POST['Lang']); $baseTimezone = POD::escapeString(substr(_t('default:Asia/Seoul'), 8)); if (POD::dbms() == 'MySQLi') { $charset = 'DEFAULT CHARSET=utf8'; // if (!@POD::query('SET CHARACTER SET utf8')) // $charset = 'TYPE=MyISAM'; // @POD::query('SET SESSION collation_connection = \'utf8_general_ci\''); } else { $charset = ''; } if ($_POST['mode'] == 'install') { $schema = ''; // Compatibility layer load if (file_exists(ROOT . '/resources/setup/compatibility.' . POD::dbms() . '.sql')) { $schema = file_get_contents(ROOT . '/resources/setup/compatibility.' . POD::dbms() . '.sql'); $query = explode(';', trim($schema)); foreach ($query as $sub) { @POD::query($sub); } $schema = ''; $query = array(); } // Loading create schema from sql file. (DBMS specific) if (POD::dbms() == 'MySQLi') { $dbSelector = 'MySQL'; } else { $dbSelector = POD::dbms(); } $schema .= file_get_contents(ROOT . '/resources/setup/initialize.' . $dbSelector . '.sql'); $schema = str_replace('[##_dbPrefix_##]', $_POST['dbPrefix'], $schema); $schema = str_replace('[##_charset_##]', $charset, $schema); $schema .= "\nINSERT INTO {$_POST['dbPrefix']}Users VALUES (1, '{$loginid}', '{$password}', '{$name}', " . Timestamp::getUNIXtime() . ", 0, 0);\nINSERT INTO {$_POST['dbPrefix']}Privileges VALUES (1, 1, 16, " . Timestamp::getUNIXtime() . ", 0);\nINSERT INTO {$_POST['dbPrefix']}ServiceSettings VALUES ('newlineStyle', '1.1');\nINSERT INTO {$_POST['dbPrefix']}ServiceSettings VALUES ('useNewPluginSetting', 1);\nINSERT INTO {$_POST['dbPrefix']}BlogSettings VALUES (1, 'name', '{$blog}');\nINSERT INTO {$_POST['dbPrefix']}BlogSettings VALUES (1, 'language', '{$baseLanguage}');\nINSERT INTO {$_POST['dbPrefix']}BlogSettings VALUES (1, 'blogLanguage', '{$baseLanguage}');\nINSERT INTO {$_POST['dbPrefix']}BlogSettings VALUES (1, 'timezone', '{$baseTimezone}');\nINSERT INTO {$_POST['dbPrefix']}BlogSettings VALUES (1, 'defaultEditor', 'tinyMCE');\nINSERT INTO {$_POST['dbPrefix']}BlogSettings VALUES (1, 'defaultFormatter', 'ttml');\nINSERT INTO {$_POST['dbPrefix']}BlogSettings VALUES (1, 'acceptTrackbacks', 1);\nINSERT INTO {$_POST['dbPrefix']}BlogSettings VALUES (1, 'acceptComments', 1);\nINSERT INTO {$_POST['dbPrefix']}Plugins VALUES (1, 'CL_OpenID', null);\nINSERT INTO {$_POST['dbPrefix']}SkinSettings VALUES (1,'skin','periwinkle');\nINSERT INTO {$_POST['dbPrefix']}FeedSettings (blogid) values(1);\nINSERT INTO {$_POST['dbPrefix']}FeedGroups (blogid) values(1);\nINSERT INTO {$_POST['dbPrefix']}Entries (blogid, userid, id, category, visibility, location, title, slogan, contentformatter, contenteditor, starred, acceptcomment, accepttrackback, created, published, modified, content) VALUES (1, 1, 1, 0, 2, '/', '" . POD::escapeString(_t('환영합니다')) . "', 'welcome', 'ttml', 'tinyMCE', 0, 1, 1, " . Timestamp::getUNIXtime() . ", " . Timestamp::getUNIXtime() . "," . Timestamp::getUNIXtime() . ",'" . POD::escapeString(getDefaultPostContent()) . "')"; $query = explode(';', trim($schema)); foreach ($query as $sub) { if (!empty($sub) && !POD::query($sub, false)) { $tables = getTables('2.0', $_POST['dbPrefix']); foreach ($tables as $table) { if (POD::dbms() == 'Cubrid') { @POD::query("DROP " . $table); } else { @POD::query("DROP TABLE " . $table); } } /* @POD::query( "DROP TABLE {$_POST['dbPrefix']}Attachments, {$_POST['dbPrefix']}BlogSettings, {$_POST['dbPrefix']}BlogStatistics, {$_POST['dbPrefix']}Categories, {$_POST['dbPrefix']}Comments, {$_POST['dbPrefix']}CommentsNotified, {$_POST['dbPrefix']}CommentsNotifiedQueue, {$_POST['dbPrefix']}CommentsNotifiedSiteInfo, {$_POST['dbPrefix']}ContentFilters, {$_POST['dbPrefix']}DailyStatistics, {$_POST['dbPrefix']}Entries, {$_POST['dbPrefix']}EntriesArchive, {$_POST['dbPrefix']}FeedGroupRelations, {$_POST['dbPrefix']}FeedGroups, {$_POST['dbPrefix']}FeedItems, {$_POST['dbPrefix']}FeedReads, {$_POST['dbPrefix']}FeedSettings, {$_POST['dbPrefix']}FeedStarred, {$_POST['dbPrefix']}Feeds, {$_POST['dbPrefix']}Filters, {$_POST['dbPrefix']}Links, {$_POST['dbPrefix']}LinkCategories, {$_POST['dbPrefix']}OpenIDUsers, {$_POST['dbPrefix']}PageCacheLog, {$_POST['dbPrefix']}Plugins, {$_POST['dbPrefix']}Privileges, {$_POST['dbPrefix']}RefererLogs, {$_POST['dbPrefix']}RefererStatistics, {$_POST['dbPrefix']}RemoteResponseLogs, {$_POST['dbPrefix']}RemoteResponses, {$_POST['dbPrefix']}ReservedWords, {$_POST['dbPrefix']}ServiceSettings, {$_POST['dbPrefix']}SessionVisits, {$_POST['dbPrefix']}Sessions, {$_POST['dbPrefix']}SkinSettings, {$_POST['dbPrefix']}TagRelations, {$_POST['dbPrefix']}Tags, {$_POST['dbPrefix']}UserSettings, {$_POST['dbPrefix']}Users, {$_POST['dbPrefix']}XMLRPCPingSettings" );*/ echo '<script type="text/javascript">//<![CDATA[' . CRLF . 'alert("', _t('테이블을 생성하지 못했습니다.'), '")//]]></script>'; $error = 1; break; } } } else { $ctx = Model_Context::getInstance(); $ctx->setProperty('database.prefix', $_POST['dbPrefix']); $pool = DBModel::getInstance(); $pool->reset('Users'); $pool->setAttribute('loginid', $loginid, true); $pool->setAttribute('name', $name, true); $pool->setQualifier('userid', 'equals', 1); $pool->update(); $pool->reset('Users'); $pool->setAttribute('password', $password, true); $pool->setQualifier('userid', 'equals', 1); $pool->setQualifier('password', 'not', $password2, true); $pool->update(); $pool->reset('BlogSettings'); $pool->setAttribute('value', $_POST['blog'], true); $pool->setQualifier('blogid', 'equals', 1); $pool->setQualifier('name', 'equals', 'name', true); $pool->update(); $pool->reset('BlogSettings'); $pool->setAttribute('value', $baseLanguage, true); $pool->setQualifier('blogid', 'equals', 1); $pool->setQualifier('name', 'equals', 'language', true); $pool->update(); $pool->reset('BlogSettings'); $pool->setAttribute('value', $baseTimezone, true); $pool->setQualifier('blogid', 'equals', 1); $pool->setQualifier('name', 'equals', 'timezone', true); $pool->update(); $pool->reset('BlogSettings'); $pool->setAttribute('value', Timestamp::getUNIXtime()); $pool->setQualifier('blogid', 'equals', 1); $pool->setQualifier('name', 'equals', 'created', true); $pool->update(); } if (!$error) { POD::unbind(); echo '<script type="text/javascript">//<![CDATA[' . CRLF . 'next() //]]></script>'; } ?> </body> </html> <?php } else { if ($step == 8) { if ($check) { return true; } $useSSL = Utils_Misc::isSecureProtocol() ? 'true' : 'false'; $filename = $root . '/config.php'; $fp = fopen($filename, 'w+'); // For first entry addition $database = array('server' => $_POST['dbServer'], 'database' => $_POST['dbName'], 'username' => $_POST['dbUser'], 'port' => $_POST['dbPort'], 'password' => $_POST['dbPassword'], 'prefix' => $_POST['dbPrefix']); if ($fp) { fwrite($fp, "<?php\nini_set('display_errors', 'off');\n\$database['server'] = '{$_POST['dbServer']}';\n\$database['dbms'] = '{$_POST['dbms']}';\n\$database['database'] = '{$_POST['dbName']}';\n\$database['port'] = '{$_POST['dbPort']}';\n\$database['username'] = '******'dbUser']}';\n\$database['password'] = '******'dbPassword']}';\n\$database['prefix'] = '{$_POST['dbPrefix']}';\n\$service['type'] = '{$_POST['type']}';\n\$service['domain'] = '{$_POST['domain']}';\n\$service['path'] = '{$path}';\n\$service['skin'] = 'periwinkle';\n\$service['favicon_daily_traffic'] = 10; // 10MB\n\$service['useSSL'] = {$useSSL}; // Force SSL protocol (via https)\n//\$serviceURL = 'http://{$_POST['domain']}{$path}' ; // for path of Skin, plugin and etc.\n//\$service['reader'] = true; // Use Textcube reader. You can set it to false if you do not use Textcube reader, and want to decrease DB load.\n//\$service['debugmode'] = true; // uncomment for debugging, e.g. displaying DB Query or Session info\n//\$service['pagecache'] = false; // uncomment if you want to disable page cache feature.\n//\$service['codecache'] = true; // uncomment if you want to enable code cache feature.\n//\$service['debug_session_dump'] = true; // session info debuging.\n//\$service['debug_rewrite_module'] = true; // rewrite handling module debuging.\n//\$service['session_cookie_path'] = \$service['path']; // for avoiding spoiling other textcube's session id sharing root.\n//\$service['allowBlogVisibilitySetting'] = true; // Allow service users to change blog visibility.\n//\$service['externalresources'] = false; // Loads resources from external storage.\n//\$service['resourcepath'] = 'http://example.com/resource';\t// Specify the full URI of external resource.\n//\$service['autologinTimeout'] = 1209600;\t// Automatic login timeout (sec.)\n//\$service['favicon_daily_traffic'] = 10; // Set favicon traffic limitation. default is 10MB.\n//\$service['skincache'] = true; // Use skin pre-fetching. Textcube will parse static elements (blog name, title…) only when you change skin. Reduces CPU loads.\n//\$service['cookie_prefix'] = ''; // Service cookie prefix. Default cookie prefix is Textcube_[VERSION_NUMBER].\n//\$database['port'] = 3639; // Database port number\n//\$database['dbms'] = 'MySQLi'; // DBMS. (MySQL, MySQLi, PostgreSQL, Cubrid.)\n//\$service['memcached'] = true; // Using memcache to handle session and cache\n//\$memcached['server'] = 'localhost'; // Where memcache server is.\n//\$service['requirelogin'] = false; // Force log-in process to every blogs. (for private blog service)\n//\$service['jqueryURL'] = '';\t\t// Add URL if you want to use external jquery via CDN. e.g.) Microsoft's CDN: http://ajax.aspnetcdn.com/ajax/jQuery/\n//\$service['lodashURL'] = '';\t\t// Add URL if you want to use external lo-dash via CDN. e.g.) CDNJS' CDN: https://cdnjs.cloudflare.com/ajax/libs/lodash.js/2.4.1/\n?>"); fclose($fp); @chmod($filename, 0666); } if (!isset($_POST['disableRewrite']) || !$_POST['disableRewrite']) { $filename = $root . '/.htaccess'; $fp = fopen($filename, 'w+'); switch ($_POST['rewriteMode']) { case 'ISAPI': // Users must copy these rules to IsapiRewrite4.ini $htaccessContent = <<<EOF RewriteRule ^{$path}/(thumbnail)/([0-9]+/.+)\$ {$path}/cache/\$1/\$2 [L,U] RewriteRule ^{$path}/attach/([0-9]+/.+)\$ {$path}/user/attach/\$1 [L,U] RewriteCond %{REQUEST_FILENAME} -f RewriteRule ^{$path}/user+/+(cache)+/+(.+[^/]).(cache|xml|txt|log)\$ - [NC,F,L,U] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^{$path}/([^?]+[^/])\$ {$path}/\$1/ [L,U] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{QUERY_STRING} ^\$ RewriteRule ^{$path}/(.*)\$ {$path}/rewrite.php [L,U] RewriteRule ^{$path}/(.*)\$ {$path}/rewrite.php?%{QUERY_STRING} [L,U] EOF; break; case 'IISRewrite': // Users must import these rules into URL Rewrite module. $htaccessContent = <<<EOF RewriteRule ^{$path}/(thumbnail)/([0-9]+/.+)\$ {$path}/cache/\$1/\$2 [L] RewriteRule ^{$path}/attach/([0-9]+/.+)\$ {$path}/user/attach/\$1 [L] RewriteCond %{REQUEST_FILENAME} -f RewriteRule ^{$path}/user+/+(cache)+/+(.+[^/]).(cache|xml|txt|log)\$ - [NC,F,L] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^{$path}/([^?]+[^/])\$ {$path}/\$1/ [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^{$path}/(.*)\$ {$path}/rewrite.php [L,QSA] EOF; break; case 'mod_rewrite': default: $htaccessContent = <<<EOF #<IfModule mod_url.c> #CheckURL Off #</IfModule> #SetEnv PRELOAD_CONFIG 1 RewriteEngine On RewriteBase {$path}/ RewriteRule ^(thumbnail)/([0-9]+/.+)\$ cache/\$1/\$2 [L] RewriteRule ^attach/([0-9]+/.+)\$ user/attach/\$1 [L] RewriteCond %{REQUEST_FILENAME} -f RewriteRule ^user+/+(cache)+/+(.+[^/]).(cache|xml|txt|log)\$ - [NC,F,L] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^(.+[^/])\$ \$1/ [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)\$ rewrite.php [L,QSA] EOF; } if ($fp) { fwrite($fp, $htaccessContent); fclose($fp); @chmod($filename, 0666); } } $blogProtocol = isset($_SERVER['HTTPS']) ? 'https' : 'http'; $blogDefaultPort = isset($_SERVER['HTTPS']) ? 443 : 80; switch ($_POST['type']) { case 'domain': $blogURL = "{$blogProtocol}://{$_POST['blog']}.{$_POST['domain']}" . ($_SERVER['SERVER_PORT'] != $blogDefaultPort ? ":{$_SERVER['SERVER_PORT']}" : '') . "{$path}" . (empty($_POST['disableRewrite']) ? '' : '/index.php?'); break; case 'path': $blogURL = "{$blogProtocol}://{$_POST['domain']}" . ($_SERVER['SERVER_PORT'] != $blogDefaultPort ? ":{$_SERVER['SERVER_PORT']}" : '') . "{$path}" . (empty($_POST['disableRewrite']) ? '' : '/index.php?') . "/{$_POST['blog']}"; break; case 'single': $blogURL = "{$blogProtocol}://{$_POST['domain']}" . ($_SERVER['SERVER_PORT'] != $blogDefaultPort ? ":{$_SERVER['SERVER_PORT']}" : '') . "{$path}" . (empty($_POST['disableRewrite']) ? '' : '/index.php?'); break; } ?> <div id="inner"> <h2><span class="step"><?php echo _t('설치완료'); ?> </span> : <?php echo _t('텍스트큐브가 성공적으로 설치되었습니다.'); ?> </h2> <div id="content-box"> <p> </p> <ul> <li><?php echo _t('텍스트큐브 주소'); ?> <br /> <a href="<?php echo $blogURL . '/'; ?> "><?php echo $blogURL . '/'; ?> </a><br /> <br /> </li> <li><?php echo _t('텍스트큐브 관리 툴 주소'); ?> <br /> <a href="<?php echo $blogURL . '/'; ?> owner"><?php echo $blogURL . '/'; ?> owner</a></li> </ul> <p> <?php if (checkIIS()) { echo _t('새로 IIS용 Rewrite 모듈을 설치하셨다면 <b>.htaccess 내용을 모듈 설정에 적용</b>해주십시오.<br />'); } ?> <?php echo '<li style="color:red">', _t('보안 관련 안내'), ': ', '<br /><span class="instruction">', _t('보안을 위하여 설치때 필요했던 권한 중 일부를 제거해주세요. FTP 프로그램으로 권한을 수정하시거나 다음의 명령을 터미널에 붙여 넣으시면 됩니다'), '<br />', 'chmod 0755 ' . $root, '</span></li>'; ?> <?php echo _t('텍스트큐브 관리 툴로 로그인 하신 후 필요사항을 수정해 주십시오.'); ?> <br /> <?php echo _t('텍스트큐브를 이용해 주셔서 감사합니다.'); ?> </p> </div> </div> <?php } else { if ($step == 204) { ?> <input type="hidden" name="step" value="4" /> <input type="hidden" name="mode" value="<?php echo $_POST['mode']; ?> " /> <input type="hidden" name="dbms" value="<?php echo isset($_POST['dbms']) ? $_POST['dbms'] : ''; ?> " /> <input type="hidden" name="dbServer" value="<?php echo isset($_POST['dbServer']) ? $_POST['dbServer'] : ''; ?> " /> <input type="hidden" name="dbPort" value="<?php echo isset($_POST['dbPort']) ? $_POST['dbPort'] : ''; ?> " /> <input type="hidden" name="dbName" value="<?php echo isset($_POST['dbName']) ? $_POST['dbName'] : ''; ?> " /> <input type="hidden" name="dbUser" value="<?php echo isset($_POST['dbUser']) ? $_POST['dbUser'] : ''; ?> " /> <input type="hidden" name="dbPassword" value="<?php echo isset($_POST['dbPassword']) ? htmlspecialchars($_POST['dbPassword']) : ''; ?> " /> <div id="inner"> <h2><span class="step"><?php echo _f('%1단계', 4); ?> </span> : <?php echo _t('삭제하고자 하는 테이블을 선택하여 주십시오.'); ?> </h2> <div id="userinput"> <table id="info"> <tr> <th><?php echo _t('식별자'); ?> </th> <th><?php echo _t('버전'); ?> </th> <th><?php echo _t('테이블'); ?> </th> <th></th> </tr> <?php $tables = array(); $ckeckedString = 'checked '; if ($result = POD::tableList()) { foreach ($result as $table) { //$table = $table[0]; $entriesMatched = preg_match('/Entries$/', $table); if ($entriesMatched && checkTables('2.0', $prefix = substr($table, 0, strlen($table) - 7))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>2.0</th> <td><?php echo implode(', ', getTables('2.0', $prefix)); ?> </td> <th><input type="radio" name="target" value="2.0_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } else { if ($entriesMatched && checkTables('1.9', $prefix = substr($table, 0, strlen($table) - 7))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>1.9</th> <td><?php echo implode(', ', getTables('1.9', $prefix)); ?> </td> <th><input type="radio" name="target" value="1.9_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } else { if ($entriesMatched && checkTables('1.8', $prefix = substr($table, 0, strlen($table) - 7))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>1.8</th> <td><?php echo implode(', ', getTables('1.8', $prefix)); ?> </td> <th><input type="radio" name="target" value="1.8_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } else { if ($entriesMatched && checkTables('1.7', $prefix = substr($table, 0, strlen($table) - 7))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>1.7</th> <td><?php echo implode(', ', getTables('1.7', $prefix)); ?> </td> <th><input type="radio" name="target" value="1.7_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } else { if ($entriesMatched && checkTables('1.6', $prefix = substr($table, 0, strlen($table) - 7))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>1.6</th> <td><?php echo implode(', ', getTables('1.6', $prefix)); ?> </td> <th><input type="radio" name="target" value="1.6_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } else { if ($entriesMatched && checkTables('1.5', $prefix = substr($table, 0, strlen($table) - 7))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>1.5</th> <td><?php echo implode(', ', getTables('1.5', $prefix)); ?> </td> <th><input type="radio" name="target" value="1.5_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } else { if ($entriesMatched && checkTables('1.1', $prefix = substr($table, 0, strlen($table) - 7))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>1.1</th> <td><?php echo implode(', ', getTables('1.1', $prefix)); ?> </td> <th><input type="radio" name="target" value="1.1_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } else { if ($entriesMatched && checkTables('1.0.2', $prefix = substr($table, 0, strlen($table) - 7))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>1.0.2</th> <td><?php echo implode(', ', getTables('1.0.2', $prefix)); ?> </td> <th><input type="radio" name="target" value="1.0.2_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } else { if ($entriesMatched && checkTables('1.0.0', $prefix = substr($table, 0, strlen($table) - 7))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>1.0.0</th> <td><?php echo implode(', ', getTables('1.0.0', $prefix)); ?> </td> <th><input type="radio" name="target" value="1.0.0_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } else { if ($entriesMatched && checkTables('1.0.b2', $prefix = substr($table, 0, strlen($table) - 7))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>1.0 Beta 2</th> <td><?php echo implode(', ', getTables('1.0.b2', $prefix)); ?> </td> <th><input type="radio" name="target" value="1.0.b2_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } else { if (preg_match('/^t3_(.*)_10ofmg$/', $table) && checkTables('0.97', $prefix = substr($table, 3, strlen($table) - 10))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>0.97 (Classic)</th> <td><?php echo implode(', ', getTables('0.97', $prefix)); ?> </td> <th><input type="radio" name="target" value="0.97_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } else { if (preg_match('/^t3_(.*)_ct1$/', $table) && checkTables('0.96', $prefix = substr($table, 3, strlen($table) - 7))) { ?> <tr> <th><?php echo $prefix; ?> </th> <th>0.96x</th> <td><?php echo implode(', ', getTables('0.96', $prefix)); ?> </td> <th><input type="radio" name="target" value="0.96_<?php echo $prefix; ?> " <?php echo $ckeckedString; ?> /></th> </tr> <?php $ckeckedString = ''; } } } } } } } } } } } } } } ?> </table> </div> <div id="navigation"> <a href="#" onclick="window.history.back()" title="<?php echo _t('이전'); ?> "><img src="./resources/style/setup/image/icon_prev.gif" width="74" height="24" alt="<?php echo _t('이전'); ?> " /></a> <a href="#" onclick="if (confirm('<?php echo _t('삭제하시겠습니까?'); ?> ') && confirm('<?php echo _t('정말 삭제하시겠습니까?'); ?> ')) next(); return false;" title="<?php echo _t('다음'); ?> "><img src="./resources/style/setup/image/icon_next.gif" width="74" height="24" alt="<?php echo _t('다음'); ?> " /></a> </div> </div> <?php } else { if ($step == 205) { ?> <input type="hidden" name="step" value="1" /> <div id="inner"> <h2><span class="step"><?php echo _f('%1단계', 5); ?> </span> : <?php echo _t('선택된 테이블을 삭제하고 있습니다.'); ?> </h2> <div id="userinput"> <table id="info"> <tr> <th><?php echo _t('식별자'); ?> </th> <th><?php echo _t('버전'); ?> </th> <th><?php echo _t('테이블'); ?> </th> </tr> <?php list($version, $prefix) = explode('_', $_POST['target'], 2); $result = false; if (checkTables($version, $prefix)) { ?> <tr> <th><?php echo $prefix; ?> </th> <th><?php echo $version; ?> </th> <td><?php echo implode(', ', getTables($version, $prefix)); ?> </td> </tr> <?php $result = @POD::query('DROP TABLE ' . implode(', ', getTables($version, $prefix))); } ?> </table> <p><?php echo $result ? _t('삭제하였습니다.') : '<span style="color:red">' . _t('삭제하지 못했습니다.') . '</span>'; ?> </p> </div> <div id="navigation"> <a href="#" onclick="window.history.back()" title="<?php echo _t('이전'); ?> "><img src="./resources/style/setup/image/icon_prev.gif" width="74" height="24" alt="<?php echo _t('이전'); ?> " /></a> <a href="#" onclick="next(); return false;" title="<?php echo _t('다음'); ?> "><img src="./resources/style/setup/image/icon_next.gif" width="74" height="24" alt="<?php echo _t('다음'); ?> " /></a> </div> </div> <?php } } } } } } } } } } }
exit; } $plugintables = array(); foreach ($plugintablesraw as $dbname) { $origname = $dbname; $dbname = $database['prefix'] . substr($dbname, 9); if (!doesExistTable($dbname)) { Respond::ResultPage(1); exit; } if (in_array($dbname, $definedTables)) { Respond::ResultPage(1); exit; } array_push($plugintables, $dbname); $query = "delete from {$database['prefix']}ServiceSettings WHERE name = '{$origname}' AND value = '" . POD::escapeString($_REQUEST['name']) . "'"; POD::execute($query); } $result = true; foreach ($plugintables as $dbname) { $query = "DROP TABLE {$dbname}"; $result = POD::execute($query) && $result; } deactivatePlugin($pluginname); if ($result == false) { Respond::ResultPage(1); exit; } } else { // type 2, table $dbname = $_REQUEST['name'];
protected function getQualifierModel($name, $condition, $value = null, $escape = false, $autoquote = true) { //OR, setQualifier(string(name_condition_value), $escape = null) - Descriptive mode (NOT implemented) if (is_null($condition)) { $qualifiers = $relations = null; } else { switch (strtolower($condition)) { case 'equals': case 'eq': $relations = '='; break; case 'not': case 'neq': $relations = '<>'; break; case 'bigger': case 'b': case '>': $relations = '>'; break; case 'smaller': case 's': case '<': $relations = '<'; break; case 'bigger or same': case 'beq': case '>=': $relations = '>='; break; case 'smaller or same': case 'seq': case '<=': $relations = '<='; break; case 'hasoneof': case 'hasanyof': case 'hasnoneof': $relations = strtolower($condition); break; case 'like': default: $relations = 'LIKE'; } if (in_array($name, array('blogid', 'userid'))) { // Legacy support for plugins (with string-type blogid) $qualifiers = intval($value); } else { if (in_array(strtolower($condition), array('hasoneof', 'hasanyof', 'hasnoneof'))) { if ($escape !== false) { $escapedCandidates = array(); if (is_array($value)) { foreach ($value as $c) { array_push($escapedCandidates, '\'' . POD::escapeString($c) . '\''); } } else { array_push($escapedCandidates, $value); } $value = $escapedCandidates; } $qualifiers = $value; } else { $qualifiers = $escape === false && (!is_string($value) || in_array($value, $this->_reservedFunctions) || $autoquote == false) ? $value : ($escape ? '\'' . POD::escapeString($relations == 'LIKE' ? '%' . $value . '%' : $value) . '\'' : "'" . $value . "'"); } } } return array($qualifiers, $relations); }
function removeBlogSettingGlobal($name, $blogid = null) { global $database; global $__gCacheBlogSettings; // share blog.service.php global $gCacheStorage; if (is_null($blogid)) { $blogid = getBlogId(); } if (!is_numeric($blogid)) { return null; } if (!array_key_exists($blogid, $__gCacheBlogSettings)) { // force loading Setting::getBlogSettingsGlobal($blogid); } if ($__gCacheBlogSettings[$blogid] === false) { return null; } $escape_name = POD::escapeString($name); if (array_key_exists($name, $__gCacheBlogSettings[$blogid])) { // overwrite value $gCacheStorage->purge(); unset($__gCacheBlogSettings[$blogid][$name]); $query = DBModel::getInstance(); $query->reset('BlogSettings'); $query->setQualifier('blogid', 'equals', $blogid); $query->setQualifier('name', 'equals', $name); return $query->delete(); } // already not exist return true; }
function DEFNENSIO_FILTER($type, $name, $title, $url, $content, $openid = false) { global $hostURL, $blogURL, $database, $configVal, $defensio_conf; //if ( doesHaveOwnership() ) return true; // owner DEFENSIO_Init(); $defensio_meta = array(); $comment = array(); $comment['referrer'] = $_SERVER['HTTP_REFERER']; $comment['user-ip'] = preg_replace('/[^0-9., ]/', '', $_SERVER['REMOTE_ADDR']); $comment['user-ip'] = '168.126.63.1'; $comment['owner-url'] = $defensio_conf['blog']; $comment['comment_type'] = $type == 2 ? 'trackback' : 'comment'; $comment['comment-author'] = $name; $comment['article-date'] = strftime("%Y/%m/%d", time()); // $comment['permalink'] = $comment_perma_link; // Make sure it we don't send an SQL escaped string to the server $comment['comment-content'] = defensio_unescape_string($content); $comment['comment-author-url'] = $url; //$comment['comment-author-email'] = $email; // optional field $next_id = $type == 2 ? getTrackBacksNextId() : getCommentsNextId(); $comment_TYPE = $type == 2 ? 'T' : 'C'; // to using openid if ($openid) { $comment['openid'] = Acl::getIdentity('openid'); $comment['user-logged-in'] = 'true'; } // to testing // $comment['test-force'] = 'spam,x.xxxx'; // | 'ham,x.xxxx' ( 0 ~ 1) if ($r = defensio_post('audit-comment', $comment)) { $ar = Spyc::YAMLLoad($r); if (isset($ar['defensio-result'])) { if ($ar['defensio-result']['status'] == DF_SUCCESS) { // Set metadata about the comment $defensio_meta['spaminess'] = $ar['defensio-result']['spaminess']; $defensio_meta['signature'] = $ar['defensio-result']['signature']; error_log(print_r($ar, true)); if ($ar['defensio-result']['spam']) { $defensio_meta['spam'] = true; defensio_save_meta_data($comment_TYPE, $next_id, $defensio_meta); return false; } else { // not spam $defensio_meta['spaminess'] = 0; // if do you want check with Thief-cat algorithm, comment out the following two lines. if (!$defensio_conf['force_with_tca']) { defensio_save_meta_data($comment_TYPE, $next_id, $defensio_meta); return true; } } } } /* else { // Succesful http request, but Defensio failed. } */ } /* else { // Unsuccesful POST to the server. Defensio might be down. } */ //defensio_save_meta_data($comment_TYPE, $next_id, $defensio_meta); // there is problem in defensio. /////////////////////// // call fail // Do Local spam check with "Thief-cat algorithm" $count = 0; $tableName = $database['prefix'] . 'Trackbacks'; if ($type == 2) { $sql = 'SELECT COUNT(id) as cc FROM ' . $database['prefix'] . 'Trackbacks WHERE'; $sql .= ' url = \'' . POD::escapeString($url) . '\''; $sql .= ' AND isFiltered > 0'; if ($row = POD::queryRow($sql)) { $count += @$row[0]; } } else { // Comment Case $tableName = $database['prefix'] . 'Comments'; $sql = 'SELECT COUNT(id) as cc FROM ' . $database['prefix'] . 'Comments WHERE'; $sql .= ' comment = \'' . POD::escapeString($content) . '\''; $sql .= ' AND homepage = \'' . POD::escapeString($url) . '\''; $sql .= ' AND name = \'' . POD::escapeString($name) . '\''; $sql .= ' AND isFiltered > 0'; if ($row = POD::queryRow($sql)) { $count += @$row[0]; } } // Check IP $sql = 'SELECT COUNT(id) as cc FROM ' . $tableName . ' WHERE'; $sql .= ' ip = \'' . POD::escapeString($_SERVER['REMOTE_ADDR']) . '\''; $sql .= ' AND isFiltered > 0'; if ($row = POD::queryRow($sql)) { $count += @$row[0]; } $is_spam = $count >= 10 ? 1 : 0; if (isset($defensio_meta['spaminess']) and isset($defensio_meta['signature']) && $is_spam) { defensio_submit_spam($defensio_meta['signature']); } $defensio_meta['spam'] = $defensio_meta['spaminess'] = $is_spam; defensio_save_meta_data($comment_TYPE, $next_id, $defensio_meta); return !$is_spam; }
function authenticate($blogid, $loginid, $password, $blogapi = false) { global $database; $session = array(); Acl::clearAcl(); $loginid = POD::escapeString($loginid); $blogApiPassword = Setting::getBlogSettingGlobal("blogApiPassword", ""); if (strlen($password) == 32 && preg_match('/[0-9a-f]{32}/i', $password)) { // Raw login. ( with/without auth token) $userid = User::getUserIdByEmail($loginid); if (!empty($userid) && !is_null($userid)) { $query = DBModel::getInstance(); $query->reset('UserSettings'); $query->setQualifier('userid', 'equals', intval($userid)); $query->setQualifier('name', 'equals', 'AuthToken', true); $authtoken = $query->getCell('value'); if (!empty($authtoken) && $authtoken === $password) { // If user requested auth token, use it to confirm. $session['userid'] = $userid; } else { // login with md5 hash $secret = 'password = \'' . md5($password) . '\''; } } else { return false; } } else { if ($blogapi && !empty($blogApiPassword)) { // BlogAPI login $password = POD::escapeString($password); $secret = '(password = \'' . md5($password) . '\' OR \'' . $password . '\' = \'' . $blogApiPassword . '\')'; } else { // Normal login $secret = 'password = \'' . md5($password) . '\''; } } if (empty($session)) { $session = POD::queryRow("SELECT userid, loginid, name FROM {$database['prefix']}Users WHERE loginid = '{$loginid}' AND {$secret}"); } if (empty($session)) { /* You should compare return value with '=== false' which checks with variable types*/ return false; } $userid = $session['userid']; Acl::authorize('textcube', $userid); POD::execute("UPDATE {$database['prefix']}Users SET lastlogin = "******" WHERE loginid = '{$loginid}'"); // POD::execute("DELETE FROM {$database['prefix']}UserSettings WHERE userid = '$userid' AND name = 'AuthToken' LIMIT 1"); return $userid; }