include_once "essential.php"; include_once 'user_info_functions.php'; // find out about the writer user_read_info($writer, TRUE); // if the secret word matches, authenticate the user if ($secretword && $secretword == $_SERVER['USERINFO_ARRAY']['secretword']) { $message_parsed['Subject'] = str_replace($_SERVER['USERINFO_ARRAY']['removefromtitles'], '', $message_parsed['Subject']); $post_params['action'] = 'Update Journaling Plan'; $post_params['writer'] = $writer; $post_params['private'] = $private; $post_params['nolinebreaks'] = $nolinebreaks; $post_params['nofeed'] = $nofeed; $post_params['markdown'] = $markdown; $post_params['newplan'] = $message_parsed['Data'] . "<!--TITLE {$message_parsed['Subject']}--><!--nolinebreaks-->"; //."<!--email post\n".serialize($message_parsed)."-->"; $post_params['sid'] = user_get_fingerprint($_SERVER['USER'], $_SERVER['USERINFO_ARRAY']['userpass']); $post_params['mailpost'] = 1; $request_url = "http://planwatch.org/scripts/plan_update.php"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $request_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_params); $status = curl_exec($ch); curl_close($ch); if ($status == 'posted') { mail("*****@*****.**", "post success {$writer}", "success"); mail("{$from}", "Entry Posted " . date("F jS g:i:a T") . "!", "Hi {$_SERVER['USERINFO_ARRAY']['realname']},\n\nI just posted your email to your plan. Here's a copy for you to keep, just in case. If you didn't want this posted, view your plan here to delete it:\n\nhttp://planwatch.org/view\n\nThanks,\nPlanwatch Posting Bot\n\n\n{$message}", "From: post_status@planwatch.org"); } else { mail("*****@*****.**", "post fail {$writer}", "fail"); mail("{$from}", "Entry Post Failed " . date("F jS g:i:a T") . "!", "Hi {$_SERVER['USERINFO_ARRAY']['realname']},\n\nSomething went wrong with your post. Sorry, but josh has been notified. You can go here to post via the web:\n\nhttp://planwatch.org/write\n\nSorry,\nPlanwatch Posting Bot\n\n\n{$message}", "From: post_status@planwatch.org");
function login($user, $pass, $remember = 0, $prevpage = '/', $newuser = FALSE) { // only go further if the user exists and has given us a valid password if (file_exists("{$_SERVER['PWUSERS_DIR']}/{$user}/userinfo.dat") && user_is_valid($user, $pass)) { parse_str(user_read_info($user)); // sets the expiry of the cookie to 3 hours from now, or 5 years if ($remember) { $time = time() + 86400 * 365 * 5; } else { $time = 0; } $cookie_name = $_SERVER['AUTH_COOKIE']; $cookie_data = user_get_fingerprint($user, $pass); $cookie_host = $_SERVER['HTTP_HOST']; if (substr_count($cookie_host, '.') < 2) { $cookie_host = ".{$cookie_host}"; } $cookie_host = str_replace('www', '', $cookie_host); setcookie($cookie_name, $cookie_data, $time, $_SERVER['WEB_ROOT'] . "/", $cookie_host); setcookie('remember', "remember={$remember}", time() + 86400 * 365 * 5, $_SERVER['WEB_ROOT'] . "/", $cookie_host); if ($prevpage === FALSE) { $prevpage = '/'; } Header("Location: http://{$_SERVER['HTTP_HOST']}{$_SERVER['WEB_ROOT']}/scripts/cookie-test.php?fingerprint_v4={$cookie_data}&newuser={$newuser}&redirect_page={$prevpage}"); } else { redirect("/failed"); /* echo "<div class='alert'><h1>Login failed for $user.</h1> Double check the username and password you provided, and try again. If you keep getting this message and you shouldn't, email <a href='mailto:help@planwatch.org'>help@planwatch.org</a></div> <form action='/scripts/form_shim.php' method='post' name='loginForm'> user <input id='login_username' type='text' name='user' size='10' /> pass <input id='login_userpass' type='password' name='pass' size='6' /> <input type='checkbox' name='remember' id='remember' value='1' /> <label for='remember'>remember me</label> <input type='hidden' name='action' value='login'/> <input type='submit' name='action' value='login' onclick='document.forms.loginForm.submit();' /> <input type='hidden' name='prevpage' value=''/> </form>"*/ } }
function get_recent($params) { global $xmlrpcerruser; global $SYSTEM; $blogid = $params->getParam(0); $username = $params->getParam(1); $password = $params->getParam(2); $numposts = $params->getParam(3); $uid = $username->scalarval(); $pwd = $password->scalarval(); $usr = NewUser($uid); # Again, let's just skip the permissions check since this information is # public anyway. user_verify_fingerprint(user_get_fingerprint($username->scalarval(), $password->scalarval())); if (user_is_valid($username->scalarval(), $password->scalarval())) { $plan_array = array_merge($plan_array, files_list($plan_dir, "plan{$limiter}*.txt{$private}")); rsort($plan_array); $arr = array(); for ($i = 0; $i < $numposts->scalarval(); $i++) { } $arr[] = entry_to_struct($plan_array[$i]); $ret = new xmlrpcresp(new xmlrpcval($arr, 'array')); } else { $ret = new xmlrpcresp(0, $xmlrpcerruser + 3, "Invalid login"); } return $ret; }