function contact_post() { jabRequire("captcha"); global $jab; global $contact; // Retrieve model values $model['contact'] = $contact; $model['name'] = jabRequestParam('Name'); $model['email'] = jabRequestParam('Email'); $model['message'] = jabRequestParam('Message'); if (strlen($model['name']) == 0) { $model['errors'][] = "Name is missing"; } if (!jabIsValidEmail($model['email'])) { $model['errors'][] = "Invalid email address"; } if (strlen($model['message']) == 0) { $model['errors'][] = "You haven't entered a message"; } // Check recapture OK $error = jabCheckCaptcha(); if ($error !== true) { $model['errors'][] = $error; } if (sizeof($model['errors']) > 0) { return jabRenderView("contact_view_form.php", $model); } $model['to'] = $contact['emailTo']; $model['from'] = "\"" . $model['name'] . "\" <" . $model['email'] . ">"; $model['subject'] = $contact['emailSubject']; if (!jabRenderMail("contact_email.php", $model)) { $model['send_error'] = true; jabRenderView("contact_view_form.php", $model); } else { jabRenderView("contact_view_success.php", null); } }
function editor_post() { if (!jabCanUser("edit")) { return; } global $editor; $model['editor'] = $editor; $model['referrer'] = jabRequestParam("referrer"); if (strlen($model['referrer']) == 0) { $model['referrer'] = "/"; } $model['file'] = str_replace("..", ".", jabRequestParam("file")); $model['content'] = jabRequestParam("content"); // Handle no file specified if (strlen($model['file']) == 0) { return; } // Handle attempt to escape the document root if (strstr($model['file'], "..")) { return; } // Cancel? if (jabRequestParam("cancel")) { return jabRedirect($model['referrer']); } $fullpath = jabPathAppend($_SERVER['DOCUMENT_ROOT'], $model['file']); // Handle file uploads for ($i = 1; $i <= (isset($editor['maxuploadfiles']) ? $editor['maxuploadfiles'] : 4); $i++) { if (strlen($_FILES['file' . $i]['name']) == 0) { continue; } $target_path = jabPathAppend(dirname($fullpath), basename($_FILES['file' . $i]['name'])); if (is_file($target_path) && jabRequestParam('overwrite') == "") { $errors[] = "File " . $_FILES['file' . $i]['name'] . " would be overwriten"; } else { if (!move_uploaded_file($_FILES['file' . $i]['tmp_name'], $target_path)) { $errors[] = "Failed to upload " . $_FILES['file' . $i]['name']; } else { if (jabRequestParam("addtoarticle") != "") { $file = $_FILES['file' . $i]['name']; $ext = strrpos($file, ".") === false ? null : substr($file, strrpos($file, ".") + 1); if (in_array($ext, explode(";", "png;jpg;jpeg;tif;tiff;gif"))) { $model['content'] .= "\n\n<center>![{$file}]({$file})</center>\n\n"; } else { $model['content'] .= "\n\n[{$file}]({$file})\n\n"; } } } } } if (jabRequestParam("delete")) { if (jabRequestParam("deleteconfirmed") == "yes") { try { unlink($fullpath); return jabRedirect($model['referrer']); } catch (Exception $ex) { $model['errors'][] = "Failed to delete {$ex->getMessage()}."; } } else { $model['errors'][] = "Press Delete again to really delete this file"; $model['deleteconfirmed'] = "yes"; } return jabRenderView("editor_view.php", $model); } if (jabRequestParam("save")) { try { $fh = @fopen($fullpath, 'w'); fwrite($fh, $model['content']); fclose($fh); jabRedirect($model['referrer']); } catch (Exception $ex) { $model['errors'][] = "Failed to save file - {$ex->getMessage()}."; } } return jabRenderView("editor_view.php", $model); }
function InitFromForm(&$errors) { $this->Name = jabRequestParam("Name"); $this->Email = jabRequestParam("Email"); $this->Website = jabRequestParam("Website"); $this->Content = jabRequestParam("Content"); $this->ByAuthor = false; global $blog; if (jabCanUser("author")) { $this->ByAuthor = true; $this->Name = $blog['managingEditor']; $this->Email = $blog['notifyEmailFrom']; if (isset($blog['authorSite'])) { $this->Website = $blog['authorSite']; } else { $this->Website = "http://" . $_SERVER['HTTP_HOST']; } } if (strlen($this->Name) == 0) { $errors[] = "Please enter your name"; } if (strlen($this->Email) != 0 && !jabIsValidEmail($this->Email)) { $errors[] = "Email address is not valid"; } if (strlen($this->Content) == 0) { $errors[] = "No article content"; } return sizeof($errors) == 0; }
function login_get() { $model['referrer'] = jabRequestParam('referrer'); return jabRenderView("view_login.php", $model); }
function import_post() { jabCanUser("author", true); blog_import($_FILES['importFile']['tmp_name'], jabRequestParam("dropoldcontent") != ""); // Render import upload view jabRedirect(blog_link("")); }