function editor_post()
{
if (!jabCanUser("edit")) {
return;
}
global $editor;
$model['editor'] = $editor;
$model['referrer'] = jabRequestParam("referrer");
if (strlen($model['referrer']) == 0) {
$model['referrer'] = "/";
}
$model['file'] = str_replace("..", ".", jabRequestParam("file"));
$model['content'] = jabRequestParam("content");
// Handle no file specified
if (strlen($model['file']) == 0) {
return;
}
// Handle attempt to escape the document root
if (strstr($model['file'], "..")) {
return;
}
// Cancel?
if (jabRequestParam("cancel")) {
return jabRedirect($model['referrer']);
}
$fullpath = jabPathAppend($_SERVER['DOCUMENT_ROOT'], $model['file']);
// Handle file uploads
for ($i = 1; $i <= (isset($editor['maxuploadfiles']) ? $editor['maxuploadfiles'] : 4); $i++) {
if (strlen($_FILES['file' . $i]['name']) == 0) {
continue;
}
$target_path = jabPathAppend(dirname($fullpath), basename($_FILES['file' . $i]['name']));
if (is_file($target_path) && jabRequestParam('overwrite') == "") {
$errors[] = "File " . $_FILES['file' . $i]['name'] . " would be overwriten";
} else {
if (!move_uploaded_file($_FILES['file' . $i]['tmp_name'], $target_path)) {
$errors[] = "Failed to upload " . $_FILES['file' . $i]['name'];
} else {
if (jabRequestParam("addtoarticle") != "") {
$file = $_FILES['file' . $i]['name'];
$ext = strrpos($file, ".") === false ? null : substr($file, strrpos($file, ".") + 1);
if (in_array($ext, explode(";", "png;jpg;jpeg;tif;tiff;gif"))) {
$model['content'] .= "\n\n<center></center>\n\n";
} else {
$model['content'] .= "\n\n[{$file}]({$file})\n\n";
}
}
}
}
}
if (jabRequestParam("delete")) {
if (jabRequestParam("deleteconfirmed") == "yes") {
try {
unlink($fullpath);
return jabRedirect($model['referrer']);
} catch (Exception $ex) {
$model['errors'][] = "Failed to delete {$ex->getMessage()}.";
}
} else {
$model['errors'][] = "Press Delete again to really delete this file";
$model['deleteconfirmed'] = "yes";
}
return jabRenderView("editor_view.php", $model);
}
if (jabRequestParam("save")) {
try {
$fh = @fopen($fullpath, 'w');
fwrite($fh, $model['content']);
fclose($fh);
jabRedirect($model['referrer']);
} catch (Exception $ex) {
$model['errors'][] = "Failed to save file - {$ex->getMessage()}.";
}
}
return jabRenderView("editor_view.php", $model);
}
function jabReRoute($from, $to, $regex = false, $redirect = false)
{
$url = substr($_SERVER['REQUEST_URI'], 1);
if ($regex) {
$newurl = preg_replace($from, $to, $url);
if ($newurl == $from) {
return false;
}
} else {
if ($url != $from) {
return false;
}
$urlnew = $to;
}
$url = "/" . $url;
if ($redirect) {
jabRedirect($urlnew);
} else {
$_SERVER['REQUEST_URI'] = $urlnew;
$_SERVER['REQUEST_URI_CLEAN'] = strtok($urlnew, '?');
}
}
function logout($referrer)
{
jabLogout();
return jabRedirect($referrer);
}
<?php
global $jab;
// Includes
require_once "../jab/jab.php";
jabRequire("auth_single;contact;blog;editor;querystring;recaptcha");
// Check for ?login query string command
if (jabUserName() == null && isset($_REQUEST['login'])) {
$refpage = jabQueryStringRemove($_SERVER['REQUEST_URI'], 'login');
jabRedirect("/account/login?referrer=" . urlencode($refpage));
}
// Check for ?phpinfo query string command
if (isset($_REQUEST['phpinfo'])) {
phpinfo();
die;
}
/*
// Insert your recaptcha keys here
// Configure recapture keys
jabInitRecaptcha(
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
);
*/
// Select the theme
jabSetThemeFolder("theme");
// Setup theme related variables
$jab['siteName'] = "My Jab Site";
$jab['siteCopyright'] = "Copright © " . $jab['siteName'];
// Insert your Google tracked id here
// $jab['googlePageTrackerID']="XX-NNNNNNN-N";
function upgrade()
{
init_blog_db();
jabRedirect(blog_link(""));
}
