function makemedia($mediatype, $url, $width, $height)
{
global $template, $lnc, $config;
$mediatype = strtolower($mediatype);
$id = rand(1000, 99999);
$typedesc = array('wmp' => 'Windows Media Player', 'swf' => 'Flash Player', 'real' => 'Real Player', 'flv' => 'Flash Video Player');
$mediapic = array('wmp' => 'wmp.gif', 'swf' => 'swf.gif', 'real' => 'real.gif', 'flv' => 'swf.gif');
$url = $mediatype == 'flv' ? urlconvert($url, $config['blogurl'] . '/') : $url;
$str = "<div class=\"quote mediabox\"><div class=\"quote-title\"><img src=\"{$template['images']}/{$mediapic[$mediatype]}\" alt=\"\"/>{$typedesc[$mediatype]}{$lnc[268]}</div><div class=\"quote-content\"><a href=\"javascript: playmedia('player{$id}', '{$mediatype}', '{$url}', '{$width}', '{$height}');\">{$lnc[269]}</a><div id='player{$id}' style='display:none;'></div></div></div>";
return $str;
}
}
session_cache_limiter("private, must-revalidate");
session_start();
if ($securitycode == '' || strtolower($securitycode) != strtolower($_SESSION['code'])) {
catcherror($lnc[165]);
}
}
$sitename = safe_convert(trimplus($sitename));
$siteurl = safe_convert(trimplus($siteurl));
$sitelogo = safe_convert(trimplus($sitelogo));
$siteintro = safe_convert(trimplus($siteintro));
if (!$sitename || !$siteurl) {
catcherror($lnc[179]);
}
$siteurl = urlconvert($siteurl);
$sitelogo = urlconvert($sitelogo);
$siteid = time() . rand(0, 10);
if (preg_search($sitename, $forbidden['banword']) || preg_search($siteintro, $forbidden['banword']) || preg_search($siteurl, $forbidden['banword']) || preg_search($sitename, $forbidden['suspect']) || preg_search($siteintro, $forbidden['suspect']) || preg_search($siteurl, $forbidden['suspect'])) {
catcherror($lnc[214]);
}
$addline = "<?PHP exit();?><|>{$siteid}<|>{$sitename}<|>{$siteurl}<|>{$sitelogo}<|>{$siteintro}<|>\n";
$filename = "data/cache_applylinks.php";
$oldcontent = @readfromfile($filename);
$content = $addline . $oldcontent;
if (!writetofile($filename, $content)) {
catcherror($lnc[7] . $filename);
} else {
catchsuccess($lnc[180], "{$lnc[163]}|index.php");
}
}
if ($job == 'ajaxverify') {
if ($job == 'save') {
acceptrequest('newlinkname,newlinkurl,newlinklogo,newlinkdesc,newlinkgptoid,newisdisplay,linkid,tomodify,alsodel');
if ($newlinkname == '' || $newlinkurl == '' || $newlinkgptoid == '') {
$cancel = $lna[241];
}
if ($tomodify == '1' && $linkid == '') {
$cancel = $lna[241];
}
catcherror($cancel);
$newlinkname = safe_convert(stripslashes($newlinkname));
$newlinkurl = safe_convert(stripslashes($newlinkurl));
$newlinklogo = safe_convert(stripslashes($newlinklogo));
$newlinkdesc = safe_convert(stripslashes($newlinkdesc));
if ($mbcon['anticorrupturl'] == 1) {
$newlinkurl = urlconvert($newlinkurl);
$newlinklogo = urlconvert($newlinklogo);
}
if ($tomodify) {
$blog->query("UPDATE `{$db_prefix}links` SET `linkname`='{$newlinkname}', `linkurl`='{$newlinkurl}', `linklogo`='{$newlinklogo}', `linkdesc`='{$newlinkdesc}', `linkgptoid`='{$newlinkgptoid}', `isdisplay`='{$newisdisplay}' WHERE `linkid`='{$linkid}'");
$return_display = 'detail';
} else {
$new_link_id = $maxrecord['maxlinkid'] + 1;
$blog->query("INSERT INTO `{$db_prefix}links` VALUES ({$new_link_id}, '{$newlinkname}', '{$newlinkurl}', '{$newlinklogo}', '{$newlinkdesc}', '{$newlinkgptoid}', {$new_link_id}, '{$newisdisplay}', '', '')");
$blog->query("UPDATE `{$db_prefix}maxrec` SET `maxlinkid`='{$new_link_id}'");
$return_display = 'add';
}
if (!empty($alsodel)) {
$filename = "data/cache_applylinks.php";
if (file_exists($filename)) {
$wlink = @file($filename);
for ($i = 0; $i < count($wlink); $i++) {
session_start();
if ($v_security == '' || strtolower($v_security) != strtolower($_SESSION['code'])) {
$cancel = $lnc[165];
} else {
//Delete current session
session_destroy();
}
}
$v_repurl = safe_convert(trimplus($v_repurl));
$v_repemail = safe_convert(trimplus($v_repemail));
$v_reppsw = trimplus($v_reppsw);
if ($v_reppsw != '') {
$v_reppsw = md5($v_reppsw);
}
if ($mbcon['anticorrupturl'] == 1) {
$v_repurl = urlconvert($v_repurl);
}
if ($stat_property == 1 || $originblog['property'] == 2) {
$reproperty = 1;
} else {
$reproperty = 0;
}
if ($logstat == 1) {
$replier = $userdetail['username'];
$replierid = $userdetail['userid'];
} else {
$v_password = md5($v_password);
$v_replier_checker = mystrtolower($v_replier);
$userchecker = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$v_replier_checker}'");
if (mystrtolower($userchecker['username']) == $v_replier_checker && $v_password == $userchecker['userpsw']) {
$replier = $userchecker['username'];
