public function set($value, &$node)
{
$result = array();
foreach (preg_split('/[\\r\\n]+/', $value) as $line) {
if (count($parts = preg_split('/\\s+/', $line, 2, PREG_SPLIT_NO_EMPTY))) {
$link = array();
if ($tmp = array_shift($parts)) {
$link['href'] = $tmp;
}
if ($tmp = array_shift($parts)) {
$link['name'] = $tmp;
}
if (!empty($link['href'])) {
$link['host'] = url::host($link['href']);
}
try {
$head = http::head($link['href']);
if (200 == ($link['status'] = $head['_status'])) {
if (!empty($head['Content-Type'])) {
$link['type'] = $head['Content-Type'];
}
if (!empty($head['Content-Length'])) {
$link['size'] = intval($head['Content-Length']);
$link['sizefm'] = mcms::filesize($link['size']);
}
}
} catch (Exception $e) {
}
$result[] = $link;
}
}
if (empty($result)) {
unset($node->{$this->value});
} else {
$node->{$this->value} = $result;
}
}
/**
* Affichage page 503
*
*/
public function serve503()
{
$this->okt->page->module = '503';
$this->okt->page->action = '503';
http::head(503);
header('Retry-After: 3600');
echo $this->okt->tpl->render('503');
exit;
}
/**
* Обновление конкретного модуля.
*/
public static function updateModule($name)
{
$db = self::getAllModules();
if (!array_key_exists($name, $db)) {
throw new RuntimeException(t('Нет информации о модуле %name.', array('%name' => $name)));
}
if (empty($db[$name]['url'])) {
Logger::log("no url for module {$name}, not updated.");
return false;
}
$head = http::head($url = $db[$name]['url']);
if (200 != $head['_status']) {
Logger::log('updateModule: file not found: ' . $url);
return false;
}
$tmp = http::fetch($url);
foreach (array('sha1' => 'sha1_file') as $k => $func) {
if (!empty($db[$name][$k]) and $db[$name][$k] != $func($tmp)) {
Logger::log($k . ' hash mismatch for ' . $url);
return false;
}
}
$existed = is_dir($path = os::path('lib', 'modules', $name));
zip::unzipToFolder($tmp, $path);
if ($existed) {
Logger::log($name . ': updated from v' . $db[$name]['version.local'] . ' to v' . $db[$name]['version'] . '.');
} else {
Logger::log($name . ': installed v' . $db[$name]['version'] . '.');
}
return true;
}
/**
Receives a trackback and insert it as a comment of given post.
@param post_id <b>integer</b> Post ID
*/
public function receive($post_id)
{
header('Content-Type: text/xml; charset=UTF-8');
if (empty($_POST)) {
http::head(405, 'Method Not Allowed');
echo '<?xml version="1.0" encoding="utf-8"?>' . "\n" . "<response>\n" . " <error>1</error>\n" . " <message>POST request needed</message>\n" . "</response>";
return;
}
$post_id = (int) $post_id;
$title = !empty($_POST['title']) ? $_POST['title'] : '';
$excerpt = !empty($_POST['excerpt']) ? $_POST['excerpt'] : '';
$url = !empty($_POST['url']) ? $_POST['url'] : '';
$blog_name = !empty($_POST['blog_name']) ? $_POST['blog_name'] : '';
$charset = '';
$comment = '';
$err = false;
$msg = '';
if ($this->core->blog === null) {
$err = true;
$msg = 'No blog.';
} elseif ($url == '') {
$err = true;
$msg = 'URL parameter is required.';
} elseif ($blog_name == '') {
$err = true;
$msg = 'Blog name is required.';
}
if (!$err) {
$post = $this->core->blog->getPosts(array('post_id' => $post_id, 'post_type' => ''));
if ($post->isEmpty()) {
$err = true;
$msg = 'No such post.';
} elseif (!$post->trackbacksActive()) {
$err = true;
$msg = 'Trackbacks are not allowed for this post or weblog.';
}
$url = trim(html::clean($url));
if ($this->pingAlreadyDone($post->post_id, $url)) {
$err = true;
$msg = 'The trackback has already been registered';
}
}
if (!$err) {
$charset = self::getCharsetFromRequest();
if (!$charset) {
$charset = self::detectCharset($title . ' ' . $excerpt . ' ' . $blog_name);
}
if (strtolower($charset) != 'utf-8') {
$title = iconv($charset, 'UTF-8', $title);
$excerpt = iconv($charset, 'UTF-8', $excerpt);
$blog_name = iconv($charset, 'UTF-8', $blog_name);
}
$title = trim(html::clean($title));
$title = html::decodeEntities($title);
$title = html::escapeHTML($title);
$title = text::cutString($title, 60);
$excerpt = trim(html::clean($excerpt));
$excerpt = html::decodeEntities($excerpt);
$excerpt = preg_replace('/\\s+/ms', ' ', $excerpt);
$excerpt = text::cutString($excerpt, 252);
$excerpt = html::escapeHTML($excerpt) . '...';
$blog_name = trim(html::clean($blog_name));
$blog_name = html::decodeEntities($blog_name);
$blog_name = html::escapeHTML($blog_name);
$blog_name = text::cutString($blog_name, 60);
try {
$this->addBacklink($post_id, $url, $blog_name, $title, $excerpt, $comment);
} catch (Exception $e) {
$err = 1;
$msg = 'Something went wrong : ' . $e->getMessage();
}
}
$resp = '<?xml version="1.0" encoding="utf-8"?>' . "\n" . "<response>\n" . ' <error>' . (int) $err . "</error>\n";
if ($msg) {
$resp .= ' <message>' . $msg . "</message>\n";
}
if (!empty($_POST['__debug'])) {
$resp .= " <debug>\n" . ' <title>' . $title . "</title>\n" . ' <excerpt>' . $excerpt . "</excerpt>\n" . ' <url>' . $url . "</url>\n" . ' <blog_name>' . $blog_name . "</blog_name>\n" . ' <charset>' . $charset . "</charset>\n" . ' <comment>' . $comment . "</comment>\n" . " </debug>\n";
}
echo $resp . "</response>";
}
public static function post($args)
{
if ($args == '') {
# No entry was specified.
self::p404();
} else {
$_ctx =& $GLOBALS['_ctx'];
$core =& $GLOBALS['core'];
$core->blog->withoutPassword(false);
$params = new ArrayObject();
$params['post_url'] = $args;
$_ctx->posts = $core->blog->getPosts($params);
$_ctx->comment_preview = new ArrayObject();
$_ctx->comment_preview['content'] = '';
$_ctx->comment_preview['rawcontent'] = '';
$_ctx->comment_preview['name'] = '';
$_ctx->comment_preview['mail'] = '';
$_ctx->comment_preview['site'] = '';
$_ctx->comment_preview['preview'] = false;
$_ctx->comment_preview['remember'] = false;
$core->blog->withoutPassword(true);
if ($_ctx->posts->isEmpty()) {
# The specified entry does not exist.
self::p404();
} else {
$post_id = $_ctx->posts->post_id;
$post_password = $_ctx->posts->post_password;
# Password protected entry
if ($post_password != '' && !$_ctx->preview) {
# Get passwords cookie
if (isset($_COOKIE['dc_passwd'])) {
$pwd_cookie = unserialize($_COOKIE['dc_passwd']);
} else {
$pwd_cookie = array();
}
# Check for match
if (!empty($_POST['password']) && $_POST['password'] == $post_password || isset($pwd_cookie[$post_id]) && $pwd_cookie[$post_id] == $post_password) {
$pwd_cookie[$post_id] = $post_password;
setcookie('dc_passwd', serialize($pwd_cookie), 0, '/');
} else {
self::serveDocument('password-form.html', 'text/html', false);
return;
}
}
$post_comment = isset($_POST['c_name']) && isset($_POST['c_mail']) && isset($_POST['c_site']) && isset($_POST['c_content']) && $_ctx->posts->commentsActive();
# Posting a comment
if ($post_comment) {
# Spam trap
if (!empty($_POST['f_mail'])) {
http::head(412, 'Precondition Failed');
header('Content-Type: text/plain');
echo "So Long, and Thanks For All the Fish";
# Exits immediately the application to preserve the server.
exit;
}
$name = $_POST['c_name'];
$mail = $_POST['c_mail'];
$site = $_POST['c_site'];
$content = $_POST['c_content'];
$preview = !empty($_POST['preview']);
if ($content != '') {
if ($core->blog->settings->wiki_comments) {
$core->initWikiComment();
} else {
$core->initWikiSimpleComment();
}
$content = $core->wikiTransform($content);
$content = $core->HTMLfilter($content);
}
$_ctx->comment_preview['content'] = $content;
$_ctx->comment_preview['rawcontent'] = $_POST['c_content'];
$_ctx->comment_preview['name'] = $name;
$_ctx->comment_preview['mail'] = $mail;
$_ctx->comment_preview['site'] = $site;
if ($preview) {
# --BEHAVIOR-- publicBeforeCommentPreview
$core->callBehavior('publicBeforeCommentPreview', $_ctx->comment_preview);
$_ctx->comment_preview['preview'] = true;
} else {
# Post the comment
$cur = $core->con->openCursor($core->prefix . 'comment');
$cur->comment_author = $name;
$cur->comment_site = html::clean($site);
$cur->comment_email = html::clean($mail);
$cur->comment_content = $content;
$cur->post_id = $_ctx->posts->post_id;
$cur->comment_status = $core->blog->settings->comments_pub ? 1 : -1;
$cur->comment_ip = http::realIP();
$redir = $_ctx->posts->getURL();
$redir .= strpos($redir, '?') !== false ? '&' : '?';
try {
if (!text::isEmail($cur->comment_email)) {
throw new Exception(__('You must provide a valid email address.'));
}
# --BEHAVIOR-- publicBeforeCommentCreate
$core->callBehavior('publicBeforeCommentCreate', $cur);
if ($cur->post_id) {
$comment_id = $core->blog->addComment($cur);
# --BEHAVIOR-- publicAfterCommentCreate
$core->callBehavior('publicAfterCommentCreate', $cur, $comment_id);
}
if ($cur->comment_status == 1) {
$redir_arg = 'pub=1';
} else {
$redir_arg = 'pub=0';
}
header('Location: ' . $redir . $redir_arg);
} catch (Exception $e) {
$_ctx->form_error = $e->getMessage();
$_ctx->form_error;
}
}
}
# The entry
self::serveDocument('post.html');
}
}
}
echo "\t\t\t<link href=\"" . htmlentities($url) . "\" rel=\"alternate\" type=\"text/html\" title=\"" . $titre . "\" />\n";
echo "\t\t\t<summary type=\"html\">" . str_replace(array("\r\n", "\r", "\n"), " ", $desc) . "</summary>\n";
echo "\t\t\t<content type=\"html\"><![CDATA[" . $item . "]]></content>\n";
echo "\t\t</entry>\n";
}
}
if ($_GET['type'] == "rss") {
echo "\t\t</channel>\n";
echo "\t</rss>";
} elseif ($_GET['type'] == "atom") {
echo "\t</feed>";
}
/* On termine le cache */
finCache();
} else {
http::head(301);
http::redirect(BP_PLANET_URL . "/feed.php?type=rss");
}
$root_url = BP_PLANET_URL;
$analytics = $blog_settings->get('planet_analytics');
if (!empty($analytics)) {
$analyzed_url = $root_url . '/feed/' . $_GET['type'];
if (!empty($tags)) {
$analyzed_url .= '/tags/' . implode(',', $tags);
}
if (!empty($users)) {
$analyzed_url .= '/users/' . implode(',', $users);
}
if (!empty($period)) {
$analyzed_url .= '/period/' . $period;
}
/**
Receives a trackback and insert it as a comment of given post.
@param post_id <b>integer</b> Post ID
*/
public function receive($post_id)
{
header('Content-Type: text/xml; charset=UTF-8');
if (empty($_POST)) {
http::head(405, 'Method Not Allowed');
echo '<?xml version="1.0" encoding="utf-8"?>' . "\n" . "<response>\n" . " <error>1</error>\n" . " <message>POST request needed</message>\n" . "</response>";
return;
}
$post_id = (int) $post_id;
$title = !empty($_POST['title']) ? $_POST['title'] : '';
$excerpt = !empty($_POST['excerpt']) ? $_POST['excerpt'] : '';
$url = !empty($_POST['url']) ? $_POST['url'] : '';
$blog_name = !empty($_POST['blog_name']) ? $_POST['blog_name'] : '';
$charset = '';
$comment = '';
$err = false;
$msg = '';
if ($this->core->blog === null) {
$err = true;
$msg = 'No blog.';
} elseif ($url == '') {
$err = true;
$msg = 'URL parameter is required.';
} elseif ($blog_name == '') {
$err = true;
$msg = 'Blog name is required.';
}
if (!$err) {
$post = $this->core->blog->getPosts(array('post_id' => $post_id, 'post_type' => ''));
if ($post->isEmpty()) {
$err = true;
$msg = 'No such post.';
} elseif (!$post->trackbacksActive()) {
$err = true;
$msg = 'Trackbacks are not allowed for this post or weblog.';
}
}
if (!$err) {
$charset = self::getCharsetFromRequest();
if (!$charset) {
$charset = mb_detect_encoding($title . ' ' . $excerpt . ' ' . $blog_name, 'UTF-8,ISO-8859-1,ISO-8859-2,ISO-8859-3,' . 'ISO-8859-4,ISO-8859-5,ISO-8859-6,ISO-8859-7,ISO-8859-8,' . 'ISO-8859-9,ISO-8859-10,ISO-8859-13,ISO-8859-14,ISO-8859-15');
}
if (strtolower($charset) != 'utf-8') {
$title = iconv($charset, 'UTF-8', $title);
$excerpt = iconv($charset, 'UTF-8', $excerpt);
$blog_name = iconv($charset, 'UTF-8', $blog_name);
}
$title = trim(html::clean($title));
$title = html::decodeEntities($title);
$title = html::escapeHTML($title);
$title = text::cutString($title, 60);
$excerpt = trim(html::clean($excerpt));
$excerpt = html::decodeEntities($excerpt);
$excerpt = preg_replace('/\\s+/ms', ' ', $excerpt);
$excerpt = text::cutString($excerpt, 252);
$excerpt = html::escapeHTML($excerpt) . '...';
$blog_name = trim(html::clean($blog_name));
$blog_name = html::decodeEntities($blog_name);
$blog_name = html::escapeHTML($blog_name);
$blog_name = text::cutString($blog_name, 60);
$url = trim(html::clean($url));
if (!$blog_name) {
$blog_name = 'Anonymous blog';
}
$comment = "<!-- TB -->\n" . '<p><strong>' . ($title ? $title : $blog_name) . "</strong></p>\n" . '<p>' . $excerpt . '</p>';
$cur = $this->core->con->openCursor($this->core->prefix . 'comment');
$cur->comment_author = (string) $blog_name;
$cur->comment_site = (string) $url;
$cur->comment_content = (string) $comment;
$cur->post_id = $post_id;
$cur->comment_trackback = 1;
$cur->comment_status = $this->core->blog->settings->trackbacks_pub ? 1 : -1;
$cur->comment_ip = http::realIP();
try {
# --BEHAVIOR-- publicBeforeTrackbackCreate
$this->core->callBehavior('publicBeforeTrackbackCreate', $cur);
if ($cur->post_id) {
$comment_id = $this->core->blog->addComment($cur);
# --BEHAVIOR-- publicAfterTrackbackCreate
$this->core->callBehavior('publicAfterTrackbackCreate', $cur, $comment_id);
}
} catch (Exception $e) {
$err = 1;
$msg = 'Something went wrong : ' . $e->getMessage();
}
}
$debug_trace = " <debug>\n" . ' <title>' . $title . "</title>\n" . ' <excerpt>' . $excerpt . "</excerpt>\n" . ' <url>' . $url . "</url>\n" . ' <blog_name>' . $blog_name . "</blog_name>\n" . ' <charset>' . $charset . "</charset>\n" . ' <comment>' . $comment . "</comment>\n" . " </debug>\n";
$resp = '<?xml version="1.0" encoding="utf-8"?>' . "\n" . "<response>\n" . ' <error>' . (int) $err . "</error>\n";
if ($msg) {
$resp .= ' <message>' . $msg . "</message>\n";
}
if (!empty($_POST['__debug'])) {
$resp .= $debug_trace;
}
echo $resp . "</response>";
}
http::head(404, 'Not Found');
exit;
}
$allow_types = array('png', 'jpg', 'jpeg', 'gif', 'css', 'js', 'swf');
$pf = path::clean($_GET['pf']);
$paths = array_reverse(explode(PATH_SEPARATOR, DC_PLUGINS_ROOT));
# Adding admin/res folder here to load some stuff
$paths[] = dirname(__FILE__) . '/swf';
foreach ($paths as $m) {
$PF = path::real($m . '/' . $pf);
if ($PF !== false) {
break;
}
}
unset($paths);
if ($PF === false || !is_file($PF) || !is_readable($PF)) {
header('Content-Type: text/plain');
http::head(404, 'Not Found');
exit;
}
if (!in_array(files::getExtension($PF), $allow_types)) {
header('Content-Type: text/plain');
http::head(404, 'Not Found');
exit;
}
http::$cache_max_age = 7200;
http::cache(array_merge(array($PF), get_included_files()));
header('Content-Type: ' . files::getMimeType($PF));
header('Content-Length: ' . filesize($PF));
readfile($PF);
exit;
/**
* Добавление файлов с удалённого сервера (обработка).
*/
public static function on_post_remote(Context $ctx)
{
$files = array();
foreach ($ctx->post('files') as $url) {
if (!empty($url)) {
$head = http::head(str_replace(' ', '+', $url));
if ($head['_status'] == 200) {
$file = array('type' => $head['Content-Type'], 'size' => $head['Content-Length'], 'remove' => true, 'url' => $url);
if (!$ctx->post('symlink')) {
$file['tmp_name'] = http::fetch($url);
}
$tmp = parse_url($url);
$file['name'] = basename($tmp['path']);
if ('application/octet-stream' == $file['type'] and !empty($file['tmp_name'])) {
$file['type'] = os::getFileType($file['tmp_name'], $file['name']);
}
$files[] = $file;
}
}
}
return self::add_files($ctx, $files);
}
public static function pages($args)
{
if ($args == '') {
# No page was specified.
self::p404();
} else {
$_ctx =& $GLOBALS['_ctx'];
$core =& $GLOBALS['core'];
$core->blog->withoutPassword(false);
$params = new ArrayObject(array('post_type' => 'page', 'post_url' => $args));
$core->callBehavior('publicPagesBeforeGetPosts', $params, $args);
$_ctx->posts = $core->blog->getPosts($params);
$_ctx->comment_preview = new ArrayObject();
$_ctx->comment_preview['content'] = '';
$_ctx->comment_preview['rawcontent'] = '';
$_ctx->comment_preview['name'] = '';
$_ctx->comment_preview['mail'] = '';
$_ctx->comment_preview['site'] = '';
$_ctx->comment_preview['preview'] = false;
$_ctx->comment_preview['remember'] = false;
$core->blog->withoutPassword(true);
if ($_ctx->posts->isEmpty()) {
# The specified page does not exist.
self::p404();
} else {
$post_id = $_ctx->posts->post_id;
$post_password = $_ctx->posts->post_password;
# Password protected entry
if ($post_password != '' && !$_ctx->preview) {
# Get passwords cookie
if (isset($_COOKIE['dc_passwd'])) {
$pwd_cookie = json_decode($_COOKIE['dc_passwd']);
if ($pwd_cookie === NULL) {
$pwd_cookie = array();
} else {
$pwd_cookie = (array) $pwd_cookie;
}
} else {
$pwd_cookie = array();
}
# Check for match
# Note: We must prefix post_id key with '#'' in pwd_cookie array in order to avoid integer conversion
# because MyArray["12345"] is treated as MyArray[12345]
if (!empty($_POST['password']) && $_POST['password'] == $post_password || isset($pwd_cookie['#' . $post_id]) && $pwd_cookie['#' . $post_id] == $post_password) {
$pwd_cookie['#' . $post_id] = $post_password;
setcookie('dc_passwd', json_encode($pwd_cookie), 0, '/');
} else {
self::serveDocument('password-form.html', 'text/html', false);
return;
}
}
$post_comment = isset($_POST['c_name']) && isset($_POST['c_mail']) && isset($_POST['c_site']) && isset($_POST['c_content']) && $_ctx->posts->commentsActive();
# Posting a comment
if ($post_comment) {
# Spam trap
if (!empty($_POST['f_mail'])) {
http::head(412, 'Precondition Failed');
header('Content-Type: text/plain');
echo "So Long, and Thanks For All the Fish";
# Exits immediately the application to preserve the server.
exit;
}
$name = $_POST['c_name'];
$mail = $_POST['c_mail'];
$site = $_POST['c_site'];
$content = $_POST['c_content'];
$preview = !empty($_POST['preview']);
if ($content != '') {
# --BEHAVIOR-- publicBeforeCommentTransform
$buffer = $core->callBehavior('publicBeforeCommentTransform', $content);
if ($buffer != '') {
$content = $buffer;
} else {
if ($core->blog->settings->system->wiki_comments) {
$core->initWikiComment();
} else {
$core->initWikiSimpleComment();
}
$content = $core->wikiTransform($content);
}
$content = $core->HTMLfilter($content);
}
$_ctx->comment_preview['content'] = $content;
$_ctx->comment_preview['rawcontent'] = $_POST['c_content'];
$_ctx->comment_preview['name'] = $name;
$_ctx->comment_preview['mail'] = $mail;
$_ctx->comment_preview['site'] = $site;
if ($preview) {
# --BEHAVIOR-- publicBeforeCommentPreview
$core->callBehavior('publicBeforeCommentPreview', $_ctx->comment_preview);
$_ctx->comment_preview['preview'] = true;
} else {
# Post the comment
$cur = $core->con->openCursor($core->prefix . 'comment');
$cur->comment_author = $name;
$cur->comment_site = html::clean($site);
$cur->comment_email = html::clean($mail);
$cur->comment_content = $content;
$cur->post_id = $_ctx->posts->post_id;
$cur->comment_status = $core->blog->settings->system->comments_pub ? 1 : -1;
$cur->comment_ip = http::realIP();
$redir = $_ctx->posts->getURL();
$redir .= $core->blog->settings->system->url_scan == 'query_string' ? '&' : '?';
try {
if (!text::isEmail($cur->comment_email)) {
throw new Exception(__('You must provide a valid email address.'));
}
# --BEHAVIOR-- publicBeforeCommentCreate
$core->callBehavior('publicBeforeCommentCreate', $cur);
if ($cur->post_id) {
$comment_id = $core->blog->addComment($cur);
# --BEHAVIOR-- publicAfterCommentCreate
$core->callBehavior('publicAfterCommentCreate', $cur, $comment_id);
}
if ($cur->comment_status == 1) {
$redir_arg = 'pub=1';
} else {
$redir_arg = 'pub=0';
}
header('Location: ' . $redir . $redir_arg);
} catch (Exception $e) {
$_ctx->form_error = $e->getMessage();
$_ctx->form_error;
}
}
}
# The entry
if ($_ctx->posts->trackbacksActive()) {
header('X-Pingback: ' . $core->blog->url . $core->url->getURLFor("xmlrpc", $core->blog->id));
}
$tplset = $core->themes->moduleInfo($core->blog->settings->system->theme, 'tplset');
if (!empty($tplset) && is_dir(dirname(__FILE__) . '/default-templates/' . $tplset)) {
$core->tpl->setPath($core->tpl->getPath(), dirname(__FILE__) . '/default-templates/' . $tplset);
} else {
$core->tpl->setPath($core->tpl->getPath(), dirname(__FILE__) . '/default-templates/' . DC_DEFAULT_TPLSET);
}
self::serveDocument('page.html');
}
}
}
<?php
# -- BEGIN LICENSE BLOCK ----------------------------------
#
# This file is part of Dotclear 2.
#
# Copyright (c) 2003-2009 Olivier Meunier and contributors
# Licensed under the GPL version 2.0 license.
# See LICENSE file or
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
#
# -- END LICENSE BLOCK ------------------------------------
require dirname(__FILE__) . '/../inc/prepend.php';
if (isset($_SERVER['PATH_INFO'])) {
$blog_id = trim($_SERVER['PATH_INFO']);
$blog_id = preg_replace('#^/#', '', $blog_id);
} elseif (!empty($_GET['b'])) {
$blog_id = $_GET['b'];
}
if (empty($blog_id)) {
header('Content-Type: text/plain');
http::head(412);
echo 'No blog ID given';
exit;
}
# Loading plugins
$core->plugins->loadModules(DC_PLUGINS_ROOT);
# Start XML-RPC server
$server = new dcXmlRpc($core, $blog_id);
$server->serve();