if (isset($_REQUEST['msg'])) { $msg = COM_applyFilter($_REQUEST['msg']); } else { $msg = ''; } if (isset($_REQUEST['mode'])) { $mode = COM_applyFilter($_REQUEST['mode']); } else { $mode = COM_getArgument('mode'); } if (isset($_REQUEST['id'])) { $id = COM_sanitizeID($_REQUEST['id']); } else { $id = COM_applyFilter(COM_getArgument('id')); } $page = COM_getArgument('page'); // Assume that the 'mode' is also (or only) the desired page to display //if (empty($mode)) $id=''; if (empty($page)) { $page = $mode; } // Set up the basic menu for all users $menu_opt = ''; USES_class_navbar(); $menu = new navbar(); $menu->add_menuitem($LANG_ADVT['mnu_home'], CLASSIFIEDS_makeURL('home')); $menu->add_menuitem($LANG_ADVT['mnu_recent'], CLASSIFIEDS_makeURL('recent')); // Show additional menu options to logged-in users if (!$isAnon) { $menu->add_menuitem($LANG_ADVT['mnu_account'], CLASSIFIEDS_makeURL('account')); $menu->add_menuitem($LANG_ADVT['mnu_myads'], CLASSIFIEDS_makeURL('manage'));
exit; } if (COM_isAnonUser() && $_MG_CONF['loginrequired'] == 1) { $display = MG_siteHeader(); $display .= SEC_loginRequiredForm(); $display .= COM_siteFooter(); echo $display; exit; } require_once $_CONF['path'] . 'plugins/mediagallery/include/init.php'; MG_initAlbums(); /* * Main Function */ COM_setArgNames(array('aid', 'f', 'sort')); $album_id = COM_applyFilter(COM_getArgument('aid'), true); $T = new Template(MG_getTemplatePath($album_id)); $T->set_file(array('page' => 'playall_xspf.thtml')); if ($MG_albums[$album_id]->access == 0) { $display .= COM_showMessageText($LANG_MG00['access_denied_msg'], $LANG_ACCESS['accessdenied'], true); $display .= MG_siteFooter(); echo $display; exit; } $album_title = $MG_albums[$album_id]->title; $album_desc = $MG_albums[$album_id]->description; MG_usage('playalbum', $album_title, '', ''); $birdseed = '<a href="' . $_CONF['site_url'] . '/index.php">' . $LANG_MG03['home'] . '</a> ' . ($_MG_CONF['gallery_only'] == 1 ? '' : $_MG_CONF['seperator'] . ' <a href="' . $_MG_CONF['site_url'] . '/index.php">' . $_MG_CONF['menulabel'] . '</a> ') . $MG_albums[$album_id]->getPath(1, 0, 1); $T->set_var(array('site_url' => $_MG_CONF['site_url'], 'birdseed' => $birdseed, 'pagination' => '<a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $album_id . '&page=1&sort=' . '0' . '">' . $LANG_MG03['return_to_album'] . '</a>', 'album_title' => $album_title, 'album_desc' => $album_desc, 'aid' => $album_id, 'home' => $LANG_MG03['home'], 'return_to_album' => $LANG_MG03['return_to_album'])); /* * Need to handle empty albums a little better
if (SEC_hasRights('filemgmt.user') or $mydownloads_publicpriv == 1) { $p = new Template($_CONF['path'] . 'plugins/filemgmt/templates'); $p->set_file(array('page' => 'filelisting.thtml', 'records' => 'filelisting_record.thtml', 'category' => 'filelisting_category.thtml')); $p->set_var('layout_url', $_CONF['layout_url']); $p->set_var('site_url', $_CONF['site_url']); $p->set_var('site_admin_url', $_CONF['site_admin_url']); $p->set_var('xhtml', XHTML); $p->set_var('target', $CONF_FM['ignore_target'] ? '' : 'target="_blank"'); $myts = new MyTextSanitizer(); $mytree = new XoopsTree($_DB_name, $_FM_TABLES['filemgmt_cat'], "cid", "pid"); $mytree->setGroupAccessFilter($_GROUPS); $display = ''; //@@@@@20090602update urlrewrite ----> //$lid = COM_applyFilter($_GET['id'],true); COM_setArgNames(array('id')); $lid = COM_applyFilter(COM_getArgument('id'), true); //@@@@@20090602update urlrewrite<----- if ($lid == 0) { // Check if the script is being called from the commentbar $lid = str_replace('fileid_', '', $_POST['id']); } $groupsql = filemgmt_buildAccessSql(); $sql = "SELECT COUNT(*) FROM {$_FM_TABLES['filemgmt_filedetail']} a "; $sql .= "LEFT JOIN {$_FM_TABLES['filemgmt_cat']} b ON a.cid=b.cid "; $sql .= "WHERE a.lid='{$lid}' {$groupsql} AND a.status > 0"; list($fileAccessCnt) = DB_fetchArray(DB_query($sql)); if ($fileAccessCnt > 0 and DB_count($_FM_TABLES['filemgmt_filedetail'], "lid", $lid) == 1) { $p->set_var('block_header', COM_startBlock("<b>" . $LANG_FILEMGMT['plugin_name'] . "</b>")); $p->set_var('block_footer', COM_endBlock()); require_once $_CONF['path_system'] . 'lib-comment.php'; $sql = "SELECT d.lid, d.cid, d.title, d.url, d.homepage, d.version, d.size, d.logourl, d.submitter, d.status, d.date, ";
/*if (empty($view)) { $view = isset($_EV_CONF['default_view']) ? $_EV_CONF['default_view'] : ''; }*/ if (isset($_GET['range'])) { $range = COM_applyFilter($_GET['range'], true); } elseif (isset($_POST['range'])) { $range = COM_applyFilter($_POST['range'], true); } else { $range = COM_applyFilter(COM_getArgument('range'), true); } if (isset($_GET['cat'])) { $category = COM_applyFilter($_GET['cat'], true); } elseif (isset($_POST['cat'])) { $category = COM_applyFilter($_POST['cat'], true); } else { $category = COM_applyFilter(COM_getArgument('cat'), true); } if (isset($_GET['cal'])) { $calendar = COM_applyFilter($_GET['cal'], true); } elseif (isset($_POST['cal'])) { $calendar = COM_applyFilter($_POST['cal'], true); } else { $calendar = ''; } //$_REQUEST['event_type'] = $category; // Hack if (!empty($category)) { $catname = DB_getItem($_TABLES['evlist_categories'], 'name', "id = '{$category}'"); } if (!empty($_REQUEST['msg'])) { $msg = COM_applyFilter($_REQUEST['msg'], true); } else {
if ($_EV_CONF['enable_rsvp'] && !COM_isAnonUser()) { USES_evlist_class_ticket(); $eid = COM_sanitizeID($_GET['eid'], false); $doc = evTicket::PrintTickets($eid, 0, $_USER['uid']); echo $doc; exit; } else { $content .= 'Function not available'; } break; case 'view': default: if (empty($eid)) { // Default action, view the calendar or event COM_setArgNames(array('eid', 'ts', 'range', 'cat')); $eid = COM_sanitizeID(COM_getArgument('eid'), false); } if (!empty($eid)) { USES_evlist_class_repeat(); $Rep = new evRepeat($eid); $pagetitle = COM_stripslashes($Rep->Event->title); if ($view == 'print') { $template = 'event_print'; $query = ''; } $query = isset($_GET['query']) ? $_GET['query'] : ''; $content .= $Rep->Detail('', $query, $template); } else { // Shouldn't be in this file without an event ID to display or edit echo COM_refresh(EVLIST_URL . '/index.php'); exit;
* * @package StaticPages * @subpackage public_html */ /** * Geeklog common function library */ require_once '../lib-common.php'; if (!in_array('staticpages', $_PLUGINS)) { COM_handle404(); exit; } // MAIN COM_setArgNames(array('page', 'disp_mode')); $page = COM_applyFilter(COM_getArgument('page')); $display_mode = COM_applyFilter(COM_getArgument('disp_mode')); $query = ''; if (isset($_REQUEST['query'])) { $query = COM_applyfilter($_GET['query']); } TOPIC_getTopic('staticpages', $page); // from comments display refresh: if (isset($_REQUEST['order'])) { $comment_order = COM_applyFilter($_REQUEST['order']); $comment_mode = COM_applyFilter($_REQUEST['mode']); if (isset($_REQUEST['cpage'])) { $comment_page = COM_applyFilter($_REQUEST['cpage']); } if (strcasecmp($comment_order, 'ASC') != 0 && strcasecmp($comment_order, 'DESC') != 0) { $comment_order = ''; }
// | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +---------------------------------------------------------------------------+ require_once '../lib-common.php'; if (!in_array('banner', $_PLUGINS)) { echo COM_refresh($_CONF['site_url'] . '/index.php'); exit; } // MAIN $url = ''; COM_setArgNames(array('what', 'item')); $what = COM_getArgument('what'); if ($what == 'banner') { $item = COM_applyFilter(COM_getArgument('item')); if (!empty($item)) { // Hack: due to PLG_afterSaveSwitch settings, we may get // an attached &msg - strip it off $i = explode('&', $item); $item = $i[0]; } if (!empty($item)) { $url = DB_getItem($_TABLES['banner'], 'url', "bid = '{$item}' AND (publishstart IS NULL OR publishstart < NOW()) and (publishend IS NULL OR publishend > NOW())"); if (!empty($url)) { DB_change($_TABLES['banner'], 'hits', 'hits + 1', 'bid', $item, '', true); } } } if (empty($url)) { $url = $_CONF['site_url'];
exit; } /* Ensure sufficient privs to read this page */ paypal_access_check(); // Import plugin-specific functions USES_paypal_functions(); // Create a global shopping cart for our use. This allows the cart to be // manipulated in an action and then displayed in a view, without necessarily // having to revisit the database or create a new cart. USES_paypal_class_cart(); $ppGCart = new ppCart(); COM_setArgNames(array('id')); if (isset($_GET['id'])) { $id = COM_sanitizeID($_GET['id']); } else { $id = COM_applyFilter(COM_getArgument('id')); } $display = PAYPAL_siteHeader(); $T = new Template(PAYPAL_PI_PATH . '/templates'); $T->set_file('title', 'paypal_title.thtml'); $T->set_var('title', $LANG_PP['main_title']); $display .= $T->parse('', 'title'); if (!empty($msg)) { //msg block $display .= COM_startBlock('', '', 'blockheader-message.thtml'); $display .= $msg; $display .= COM_endBlock('blockfooter-message.thtml'); } $display .= PAYPAL_userMenu($LANG_PP['product_list']); $content = ''; if (!empty($id)) {
if (isset($_POST['order'])) { $order = COM_applyFilter($_POST['order']); } if (isset($_POST['query'])) { $query = $_POST['query']; } if (isset($_POST['reply'])) { $reply = COM_applyFilter($_POST['reply']); } if (isset($_POST['cpage'])) { $page = COM_applyFilter($_POST['cpage'], true); } } else { COM_setArgNames(array('story', 'mode')); $sid = COM_applyFilter(COM_getArgument('story')); $mode = COM_applyFilter(COM_getArgument('mode')); if (isset($_GET['order'])) { $order = COM_applyFilter($_GET['order']); } if (isset($_GET['query'])) { $query = $_GET['query']; } if (isset($_GET['reply'])) { $reply = COM_applyFilter($_GET['reply']); } if (isset($_GET['cpage'])) { $page = COM_applyFilter($_GET['cpage'], true); } } if (empty($sid)) { echo COM_refresh($_CONF['site_url'] . '/index.php');
/** * Handles comment processing * * @param string $mode Mode of comment processing * @param string $type Type of item (article, polls, etc.) * @param string $title Title of item * @param string $sid ID for item to show comments for * @param string $format 'threaded', 'nested', or 'flat' * @return string HTML formated */ function CMT_handleComment($mode = '', $type = '', $title = '', $sid = '', $format = '') { global $_CONF, $_TABLES, $_USER, $LANG03, $LANG_ADMIN, $topic, $_PLUGINS; $commentmode = ''; if (!empty($_REQUEST[CMT_MODE])) { $commentmode = COM_applyFilter($_REQUEST[CMT_MODE]); } if (empty($mode)) { $mode = COM_applyFilter(COM_getArgument(CMT_MODE)); } if (empty($commentmode) && !empty($mode)) { $commentmode = $mode; } if (empty($sid) && !empty($_REQUEST[CMT_SID])) { $sid = COM_applyFilter($_REQUEST[CMT_SID]); } $pid = 0; if (!empty($_REQUEST[CMT_PID])) { $pid = COM_applyFilter($_REQUEST[CMT_PID], true); } if (empty($type) && !empty($_REQUEST[CMT_TYPE])) { $type = COM_applyFilter($_REQUEST[CMT_TYPE]); } if (!empty($_REQUEST['title'])) { $title = $_REQUEST['title']; // apply filters later in CMT_commentForm or CMT_saveComment } if (!empty($_REQUEST[CMT_UID])) { $uid = COM_applyFilter($_REQUEST[CMT_UID]); } else { $uid = 1; if (!empty($_USER['uid'])) { $uid = $_USER['uid']; } } $postmode = $_CONF['postmode']; if (isset($_REQUEST['postmode'])) { $postmode = COM_applyFilter($_REQUEST['postmode']); } $formtype = ''; if (!empty($_REQUEST['formtype'])) { $formtype = COM_applyFilter($_REQUEST['formtype']); } // Get comment id, may not be there...will handle in function $cid = 0; if (isset($_REQUEST[CMT_CID])) { $cid = COM_applyFilter($_REQUEST[CMT_CID], true); } TOPIC_getTopic('comment', $cid); if (empty($format) && isset($_REQUEST['format'])) { $format = COM_applyFilter($_REQUEST['format']); } if (!in_array($format, array('threaded', 'nested', 'flat', 'nocomment'))) { if (COM_isAnonUser()) { $format = $_CONF['comment_mode']; } else { $format = DB_getItem($_TABLES['usercomment'], 'commentmode', "uid = {$_USER['uid']}"); } } $order = ''; if (isset($_REQUEST['order'])) { $order = COM_applyFilter($_REQUEST['order']); } $cpage = 1; if (!empty($_REQUEST['cpage'])) { $cpage = COM_applyFilter($_REQUEST['cpage'], true); if (empty($cpage)) { $cpage = 1; } } $is_comment_page = CMT_isCommentPage(); $retval = ''; if ($_CONF['show_comments_at_replying'] && $is_comment_page && !empty($sid) && !empty($type) && in_array($commentmode, array('', $LANG03[28], $LANG03[34], $LANG03[14], 'edit'))) { if ($commentmode == 'edit') { $cid = 0; if (isset($_REQUEST[CMT_CID])) { $cid = COM_applyFilter($_REQUEST[CMT_CID], true); } if ($cid <= 0) { COM_errorLog("CMT_handleComment(): {$_USER['uid']} from {$_SERVER['REMOTE_ADDR']} tried " . 'to edit a comment with one or more missing/bad values.'); return COM_refresh($_CONF['site_url'] . '/index.php'); } $pid = $cid; } if ($pid > 0 && empty($title)) { $atype = DB_escapeString($type); $title = DB_getItem($_TABLES['comments'], 'title', "(cid = {$pid}) AND (type = '{$atype}')"); } if (empty($title)) { $title = PLG_getItemInfo($type, $sid, 'title'); $title = str_replace('$', '$', $title); // CMT_userComments expects non-htmlspecial chars for title... $title = str_replace('&', '&', $title); $title = str_replace('"', '"', $title); $title = str_replace('<', '<', $title); $title = str_replace('>', '>', $title); } $retval .= CMT_userComments($sid, $title, $type, $order, $format, $pid, $cpage, $pid > 0, false, 0); } switch ($commentmode) { case $LANG03[28]: // Preview Changes (for edit) // Preview Changes (for edit) case $LANG03[34]: // Preview Submission changes (for edit) // Preview Submission changes (for edit) case $LANG03[14]: // Preview $retval .= CMT_commentForm($title, $_POST['comment'], $sid, $pid, $type, $commentmode, $postmode, $format, $order, $cpage); if ($is_comment_page) { $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[14])); } break; case $LANG03[35]: // Submit Changes to Moderation table // Submit Changes to Moderation table case $LANG03[29]: // Submit Changes if (SEC_checkToken()) { $retval .= CMT_handleEditSubmit($commentmode); } else { echo COM_refresh($_CONF['site_url'] . '/index.php'); exit; } break; case $LANG03[11]: // Submit comment $retval .= CMT_handleSubmit($title, $sid, $pid, $type, $postmode, $uid); break; case $LANG_ADMIN['delete']: case 'delete': // Delete comment if (SEC_checkToken()) { $retval .= CMT_handleDelete($sid, $type, $formtype); } else { echo COM_refresh($_CONF['site_url'] . '/index.php'); exit; } break; case 'view': // View comment by $cid $retval .= CMT_handleView($format, $order, $cpage, true); break; case 'display': // View comment by $pid $retval .= CMT_handleView($format, $order, $cpage, false); break; case 'report': if ($is_comment_page) { $cid = 0; if (isset($_GET[CMT_CID])) { $cid = COM_applyFilter($_GET[CMT_CID], true); } $type = ''; if (isset($_GET[CMT_TYPE])) { $type = COM_applyFilter($_GET[CMT_TYPE]); } if ($cid <= 0 || empty($type)) { echo COM_refresh($_CONF['site_url'] . '/index.php'); exit; } $retval .= CMT_reportAbusiveComment($cid, $type); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[27])); } break; case 'sendreport': if (SEC_checkToken()) { $cid = 0; if (isset($_POST[CMT_CID])) { $cid = COM_applyFilter($_POST[CMT_CID], true); } $type = ''; if (isset($_POST[CMT_TYPE])) { $type = COM_applyFilter($_POST[CMT_TYPE]); } if ($cid <= 0 || empty($type)) { echo COM_refresh($_CONF['site_url'] . '/index.php'); exit; } $retval .= CMT_sendReport($cid, $type); } else { echo COM_refresh($_CONF['site_url'] . '/index.php'); exit; } break; case 'editsubmission': if (!SEC_hasRights('comment.moderate')) { echo COM_refresh($_CONF['site_url'] . '/index.php'); exit; } // deliberate fall-through // deliberate fall-through case 'edit': $retval .= CMT_handleEdit($commentmode, $postmode, $format, $order, $cpage); if ($is_comment_page) { $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[1])); } break; case 'unsubscribe': $cid = 0; $key = COM_applyFilter($_GET['key']); if (!empty($key)) { $key = DB_escapeString($key); $cid = DB_getItem($_TABLES['commentnotifications'], 'cid', "deletehash = '{$key}'"); if (!empty($cid)) { $redirecturl = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . '&format=nested&msg=16'; DB_delete($_TABLES['commentnotifications'], 'deletehash', $key, $redirecturl); exit; } } echo COM_refresh($_CONF['site_url'] . '/index.php'); exit; break; case $LANG_ADMIN['cancel']: if ($formtype == 'editsubmission') { echo COM_refresh($_CONF['site_admin_url'] . '/moderation.php'); exit; } else { $retval .= CMT_handleCancel(); // moved to function for readibility } break; default: // New Comment or Reply Comment $abort = false; // Check to make sure comment type exists if ($type != 'article' && !in_array($type, $_PLUGINS)) { $abort = true; } // Check article permissions if (!$abort && $type == 'article' && !empty($sid)) { $dbTitle = DB_getItem($_TABLES['stories'], 'title', "(sid = '{$sid}') AND (draft_flag = 0) AND (date <= NOW()) AND (commentcode = 0)" . COM_getPermSQL('AND')); // if ($dbTitle === null || TOPIC_hasMultiTopicAccess('article', $sid) < 2) { // Make sure have at least read access to topics to post comment if ($dbTitle === null || TOPIC_hasMultiTopicAccess('article', $sid, $topic) < 2) { // Make sure have at least read access to current topic of article to post comment // no permissions, or no story of that title $abort = true; } } if (!$abort && !empty($sid) && !empty($type)) { if ($pid > 0 && empty($title)) { $atype = DB_escapeString($type); $title = DB_getItem($_TABLES['comments'], 'title', "(cid = {$pid}) AND (type = '{$atype}')"); } if (empty($title)) { $title = PLG_getItemInfo($type, $sid, 'title'); // Check title, if for some reason blank assume no access allowed to plugin item (therefore cannot add comment) so return to homepage if (is_array($title) || empty($title) || $title == false) { echo COM_refresh($_CONF['site_url'] . '/index.php'); exit; } $title = str_replace('$', '$', $title); // CMT_commentForm expects non-htmlspecial chars for title... $title = str_replace('&', '&', $title); $title = str_replace('"', '"', $title); $title = str_replace('<', '<', $title); $title = str_replace('>', '>', $title); } $retval .= CMT_commentForm($title, '', $sid, $pid, $type, $commentmode, $postmode, $format, $order, $cpage); } else { if (COMMENT_ON_SAME_PAGE) { // Do nothing and do not show comment form (happens most likely when admin viewing draft article) } else { // For comments not displayed on same page (probably owner pushed the post comment button on a draft article) echo COM_refresh($_CONF['site_url'] . '/index.php'); exit; } } if ($is_comment_page) { $noindex = '<meta name="robots" content="noindex"' . XHTML . '>'; $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[1], 'headercode' => $noindex)); } break; } return $retval; }
* For really strict webhosts, this file an be used to show images in pages that * serve the images from outside of the webtree to a place that the webserver * user can actually write too * * @author Tony Bibbs, tony AT tonybibbs DOT com * */ require_once 'lib-common.php'; require_once $_CONF['path_system'] . 'classes/downloader.class.php'; $downloader = new downloader(); $downloader->setLogFile($_CONF['path_log'] . 'error.log'); $downloader->setLogging(true); $downloader->setAllowedExtensions(array('gif' => 'image/gif', 'jpg' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'png' => 'image/png', 'png' => 'image/x-png')); COM_setArgNames(array('mode', 'image')); $mode = COM_applyFilter(COM_getArgument('mode')); $image = COM_applyFilter(COM_getArgument('image')); if (strstr($image, '..')) { // Can you believe this, some jackass tried to relative pathing to access // files they shouldn't have access to? COM_accessLog('Someone tried to illegally access files using getimage.php'); exit; } // Set the path properly switch ($mode) { case 'show': case 'articles': $downloader->setPath($_CONF['path_images'] . 'articles/'); break; case 'topics': $downloader->setPath($_CONF['path_images'] . 'topics/'); break;
$url_rewrite = true; } elseif (substr($url, $q - 4, 4) != '.php') { $url_rewrite = true; } } // if ($url_rewrite) { COM_setArgNames(array('idcode', 'm', 'template', $dummy1)); $m = COM_applyFilter(COM_getArgument('m')); $template = COM_applyFilter(COM_getArgument('template')); //code 使用の時 if ($m === "code") { $id = 0; $code = COM_applyFilter(COM_getArgument('idcode')); } elseif ($m === "id") { $id = COM_applyFilter(COM_getArgument('idcode'), true); $code = ""; } else { $id = 0; $code = ""; } } else { $m = COM_applyFilter($_GET['m']); $id = COM_applyFilter($_GET['id'], true); $code = COM_applyFilter($_GET['code']); $template = COM_applyFilter($_GET['template']); } //ログイン要否チェック if (COM_isAnonUser()) { if ($_CONF['loginrequired'] or $_DATABOX_CONF['loginrequired'] == 3 or $_DATABOX_CONF['loginrequired'] == 2 or $_DATABOX_CONF['loginrequired'] == 1 and $id > 0 or $_DATABOX_CONF['loginrequired'] == 1 and $code != "") { $display .= DATABOX_siteHeader($pi_name, '', $page_title);
} $retval = $urlpart . $extra_vars; } return $retval; } // MAIN $ret_url = ''; if (isset($_SERVER['HTTP_REFERER'])) { if (strpos($_SERVER['HTTP_REFERER'], $_CONF['site_url']) !== false) { $ret_url = $_SERVER['HTTP_REFERER']; } } // if not allowed, just ignore and return if ($_CONF['allow_user_language'] == 1) { COM_setArgNames(array('lang')); $lang = strtolower(COM_applyFilter(COM_getArgument('lang'))); $lang = preg_replace('/[^a-z0-9\\-_]/', '', $lang); $oldlang = COM_getLanguageId(); // do we really have a new language to switch to? if (!empty($lang) && array_key_exists($lang, $_CONF['language_files'])) { // does such a language file exist? $langfile = $_CONF['language_files'][$lang]; if (is_file($_CONF['path_language'] . $langfile . '.php')) { // Set the language cookie. // Mainly used for anonymous users so the rest of their session // will remain in the selected language setcookie($_CONF['cookie_language'], $langfile, time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']); // if user is not anonymous, store the preference in the database if (!COM_isAnonUser()) { DB_query("UPDATE {$_TABLES['users']} SET language = '{$langfile}' WHERE uid = {$_USER['uid']}"); }
/** * Returns the site footer * * This loads the proper templates, does variable substitution and returns the * HTML for the site footer. * * @param boolean $rightblock Whether or not to show blocks on right hand side default is no * @param array $custom An array defining custom function to be used to format Rightblocks * @see function COM_siteHeader * @return string Formated HTML containing site footer and optionally right blocks * */ function COM_siteFooter($rightblock = -1, $custom = '') { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG12, $LANG_BUTTONS, $LANG_DIRECTION, $_IMAGE_TYPE, $topic, $_COM_VERBOSE, $_PAGE_TIMER, $theme_what, $theme_pagetitle, $theme_headercode, $theme_layout, $_LOGO, $uiStyles; COM_hit(); if (isset($blockInterface['right'])) { $currentURL = COM_getCurrentURL(); if (strpos($currentURL, $_CONF['site_admin_url']) === 0) { if ($blockInterface['right']['location'] == 'right' || $blockInterface['right']['location'] == 'left') { $rightblocks = -1; } } } $function = $_USER['theme'] . '_siteFooter'; if (function_exists($function)) { return $function($rightblock, $custom); } $dt = new Date('now', $_USER['tzid']); $what = $theme_what; $pagetitle = $theme_pagetitle; $themecode = $theme_headercode; // Grab any content that was cached by the system $content = ob_get_contents(); ob_end_clean(); $theme = new Template($_CONF['path_layout']); $theme->set_file(array('header' => 'header.thtml', 'footer' => 'footer.thtml', 'leftblocks' => 'leftblocks.thtml', 'rightblocks' => 'rightblocks.thtml')); $theme->set_var('num_search_results', $_CONF['num_search_results']); // get topic if not on home page if (!isset($_GET['topic'])) { if (isset($_GET['story'])) { $sid = COM_applyFilter($_GET['story']); } elseif (isset($_GET['sid'])) { $sid = COM_applyFilter($_GET['sid']); } elseif (isset($_POST['story'])) { $sid = COM_applyFilter($_POST['story']); } if (empty($sid) && $_CONF['url_rewrite'] && strpos($_SERVER['PHP_SELF'], 'article.php') !== false) { COM_setArgNames(array('story', 'mode')); $sid = COM_applyFilter(COM_getArgument('story')); } if (!empty($sid)) { $topic = DB_getItem($_TABLES['stories'], 'tid', "sid='" . DB_escapeString($sid) . "'"); } } else { $topic = COM_applyFilter($_GET['topic']); } $loggedInUser = !COM_isAnonUser(); $theme->set_var('site_name', $_CONF['site_name']); $theme->set_var('background_image', $_CONF['layout_url'] . '/images/bg.' . $_IMAGE_TYPE); $theme->set_var('site_mail', "mailto:{$_CONF['site_mail']}"); if ($_LOGO['display_site_slogan']) { $theme->set_var('site_slogan', $_CONF['site_slogan']); } $msg = $LANG01[67] . ' ' . $_CONF['site_name']; if (!empty($_USER['username']) && !COM_isAnonUser()) { $msg .= ', ' . COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']); } $curtime = $dt->format($dt->getUserFormat(), true); $theme->set_var('welcome_msg', $msg); $theme->set_var('datetime', $curtime); if ($_LOGO['use_graphic_logo'] == 1 && file_exists($_CONF['path_html'] . '/images/' . $_LOGO['logo_name'])) { $L = new Template($_CONF['path_layout']); $L->set_file(array('logo' => 'logo-graphic.thtml')); $imgInfo = @getimagesize($_CONF['path_html'] . '/images/' . $_LOGO['logo_name']); $dimension = $imgInfo[3]; $L->set_var('site_name', $_CONF['site_name']); $site_logo = $_CONF['site_url'] . '/images/' . $_LOGO['logo_name']; $L->set_var('site_logo', $site_logo); $L->set_var('dimension', $dimension); if ($imgInfo[1] != 100) { $delta = 100 - $imgInfo[1]; $newMargin = $delta; $L->set_var('delta', 'style="padding-top:' . $newMargin . 'px;"'); } else { $L->set_var('delta', ''); } if ($_LOGO['display_site_slogan']) { $L->set_var('site_slogan', $_CONF['site_slogan']); } $L->parse('output', 'logo'); $theme->set_var('logo_block', $L->finish($L->get_var('output'))); } else { if ($_LOGO['use_graphic_logo'] == 0) { $L = new Template($_CONF['path_layout']); $L->set_file(array('logo' => 'logo-text.thtml')); $L->set_var('site_name', $_CONF['site_name']); if ($_LOGO['display_site_slogan']) { $L->set_var('site_slogan', $_CONF['site_slogan']); } $L->parse('output', 'logo'); $theme->set_var('logo_block', $L->finish($L->get_var('output'))); } else { $theme->set_var('logo_block', ''); } } $theme->set_var('site_logo', $_CONF['layout_url'] . '/images/logo.' . $_IMAGE_TYPE); $theme->set_var(array('lang_login' => $LANG01[58], 'lang_myaccount' => $LANG01[48], 'lang_logout' => $LANG01[35], 'lang_newuser' => $LANG12[3])); $menu_navigation = displayMenu('navigation'); $menu_footer = displayMenu('footer'); $menu_header = displayMenu('header'); $theme->set_var(array('menu_navigation' => $menu_navigation, 'menu_footer' => $menu_footer, 'menu_header' => $menu_header, 'st_hmenu' => $menu_navigation, 'st_footer_menu' => $menu_footer, 'st_header_menu' => $menu_header)); $lblocks = ''; /* Check if an array has been passed that includes the name of a plugin * function or custom function * This can be used to take control over what blocks are then displayed */ if (is_array($what)) { $function = $what[0]; if (function_exists($function)) { $lblocks = $function($what[1], 'left'); } else { $lblocks = COM_showBlocks('left', $topic); } } else { if ($what != 'none') { // Now show any blocks -- need to get the topic if not on home page $lblocks = COM_showBlocks('left', $topic); } } /* Now build footer */ if (empty($lblocks)) { $theme->set_var('left_blocks', ''); $theme->set_var('glfusion_blocks', ''); } else { $theme->set_var('glfusion_blocks', $lblocks); } // Do variable assignments $theme->set_var('site_mail', "mailto:{$_CONF['site_mail']}"); $theme->set_var('site_slogan', $_CONF['site_slogan']); $rdf = substr_replace($_CONF['rdf_file'], $_CONF['site_url'], 0, strlen($_CONF['path_html']) - 1) . LB; $theme->set_var('rdf_file', $rdf); $theme->set_var('rss_url', $rdf); $year = date('Y'); $copyrightyear = $year; if (!empty($_CONF['copyrightyear'])) { if ($year == $_CONF['copyrightyear']) { $copyrightyear = $_CONF['copyrightyear']; } else { $copyrightyear = $_CONF['copyrightyear'] . " - " . $year; } } $theme->set_var('copyright_notice', $LANG01[93] . ' © ' . $copyrightyear . ' ' . $_CONF['site_name'] . ' • ' . $LANG01[94]); $theme->set_var('copyright_msg', $LANG01[93] . ' © ' . $copyrightyear . ' ' . $_CONF['site_name']); $theme->set_var('current_year', $year); $theme->set_var('lang_copyright', $LANG01[93]); $theme->set_var('trademark_msg', $LANG01[94]); $theme->set_var('powered_by', $LANG01[95]); $theme->set_var('glfusion_url', 'http://www.glfusion.org/'); $theme->set_var('glfusion_version', GVERSION); $theme->set_var('direction', empty($LANG_DIRECTION) ? 'ltr' : $LANG_DIRECTION); /* Check if an array has been passed that includes the name of a plugin * function or custom function. * This can be used to take control over what blocks are then displayed */ if (is_array($custom)) { $function = $custom['0']; if (function_exists($function)) { $rblocks = $function($custom['1'], 'right'); } } elseif ($rightblock == 1 || $_CONF['show_right_blocks'] == 1) { $rblocks = ''; $rblocks = COM_showBlocks('right', $topic); if (empty($rblocks)) { $theme->set_var('glfusion_rblocks', ''); $theme->set_var('right_blocks', ''); if (empty($lblocks)) { // using full_content $theme->set_var('centercolumn', $uiStyles['full_content']['content_class']); } else { // using left_content $theme->set_var('centercolumn', $uiStyles['left_content']['content_class']); $theme->set_var('footercolumn-l', $uiStyles['left_content']['left_class']); } } else { $theme->set_var('glfusion_rblocks', $rblocks); if (empty($lblocks)) { // using content_right $theme->set_var('centercolumn', $uiStyles['content_right']['content_class']); $theme->set_var('footercolumn-r', $uiStyles['content_right']['right_class']); } else { // using left_content_right $theme->set_var('centercolumn', $uiStyles['left_content_right']['content_class']); $theme->set_var('footercolumn-l', $uiStyles['left_content_right']['left_class']); $theme->set_var('footercolumn-r', $uiStyles['left_content_right']['right_class']); } } } else { $theme->set_var('glfusion_rblocks', ''); $theme->set_var('right_blocks', ''); if (empty($lblocks)) { // using full content $theme->set_var('centercolumn', $uiStyles['full_content']['content_class']); } else { // using left_content $theme->set_var('centercolumn', $uiStyles['left_content']['content_class']); $theme->set_var('footercolumn-l', $uiStyles['left_content']['left_class']); } } if (!empty($lblocks)) { $theme->parse('left_blocks', 'leftblocks', true); $theme->set_var('glfusion_blocks', ''); } if (!empty($rblocks)) { $theme->parse('right_blocks', 'rightblocks', true); $theme->set_var('glfusion_rblocks', ''); } $exectime = $_PAGE_TIMER->stopTimer(); $exectext = $LANG01[91] . ' ' . $exectime . ' ' . $LANG01[92]; $theme->set_var('execution_time', $exectime); $theme->set_var('execution_textandtime', $exectext); $theme->set_var('content', $content); // grab header data from outputHandler $outputHandle = outputHandler::getInstance(); $theme->set_var(array('meta-header' => $outputHandle->renderHeader('meta'), 'css-header' => $outputHandle->renderHeader('style'), 'js-header' => $outputHandle->renderHeader('script'), 'raw-header' => $outputHandle->renderHeader('raw'))); if (SESS_isSet('glfusion.infoblock')) { $msgArray = @unserialize(SESS_getVar('glfusion.infoblock')); $msgTxt = COM_showMessageText($msgArray['msg'], '', $persist = false, $msgArray['type']); $theme->set_var('info_block', $msgTxt); SESS_unSet('glfusion.infoblock'); } // Call to plugins to set template variables in the footer PLG_templateSetVars('header', $theme); PLG_templateSetVars('footer', $theme); // Actually parse the template and make variable substitutions $theme->parse('index_footer', 'footer'); $tmp = $theme->finish($theme->parse('index_header', 'header')); echo $tmp; // send the header.thtml $retval = $theme->finish($theme->get_var('index_footer')); _js_out(); _css_out(); return $retval; }
/** * Returns the site header * * This loads the proper templates, does variable substitution and returns the * HTML for the site header with or without blocks depending on the value of $what * * Programming Note: * * The two functions COM_siteHeader and COM_siteFooter provide the framework for * page display in Geeklog. COM_siteHeader controls the display of the Header * and left blocks and COM_siteFooter controls the dsiplay of the right blocks * and the footer. You use them like a sandwich. Thus the following code will * display a Geeklog page with both right and left blocks displayed. * * <code> * <?php * require_once 'lib-common.php'; * // Change to COM_siteHeader('none') to not display left blocks * $display .= COM_siteHeader(); * $display .= "Here is your html for display"; * // Change to COM_siteFooter() to not display right blocks * $display .= COM_siteFooter(true); * echo $display; * ? > * </code> * * Note that the default for the header is to display the left blocks and the * default of the footer is to not display the right blocks. * * This sandwich produces code like this (greatly simplified) * <code> * // COM_siteHeader * <table><tr><td colspan="3">Header</td></tr> * <tr><td>Left Blocks</td><td> * * // Your HTML goes here * Here is your html for display * * // COM_siteFooter * </td><td>Right Blocks</td></tr> * <tr><td colspan="3">Footer</td></table> * </code> * * @param string $what If 'none' then no left blocks are returned, if 'menu' (default) then right blocks are returned * @param string $pagetitle optional content for the page's <title> * @param string $headercode optional code to go into the page's <head> * @return string Formatted HTML containing the site header * @see function COM_siteFooter * */ function COM_siteHeader($what = 'menu', $pagetitle = '', $headercode = '') { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG_BUTTONS, $LANG_DIRECTION, $_IMAGE_TYPE, $topic, $_COM_VERBOSE, $_SCRIPTS; // If the theme implemented this for us then call their version instead. $function = $_CONF['theme'] . '_siteHeader'; if (function_exists($function)) { return $function($what, $pagetitle, $headercode); } // If we reach here then either we have the default theme OR // the current theme only needs the default variable substitutions switch ($_CONF['doctype']) { case 'html401transitional': $doctype = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">'; break; case 'html401strict': $doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">'; break; case 'xhtml10transitional': $doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'; break; case 'xhtml10strict': $doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">'; break; default: // fallback: HTML 4.01 Transitional w/o system identifier $doctype = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">'; break; } // send out the charset header header('Content-Type: text/html; charset=' . COM_getCharset()); if (!empty($_CONF['frame_options'])) { header('X-FRAME-OPTIONS: ' . $_CONF['frame_options']); } $header = COM_newTemplate($_CONF['path_layout']); $header->set_file(array('header' => 'header.thtml', 'menuitem' => 'menuitem.thtml', 'menuitem_last' => 'menuitem_last.thtml', 'menuitem_none' => 'menuitem_none.thtml', 'leftblocks' => 'leftblocks.thtml', 'rightblocks' => 'rightblocks.thtml')); $header->postprocess_fn = 'PLG_replaceTags'; $header->set_var('doctype', $doctype); if (XHTML == '') { $header->set_var('xmlns', ''); } else { $header->set_var('xmlns', ' xmlns="http://www.w3.org/1999/xhtml"'); } // get topic if not on home page if (!isset($_GET['topic'])) { if (isset($_GET['story'])) { $sid = COM_applyFilter($_GET['story']); } elseif (isset($_GET['sid'])) { $sid = COM_applyFilter($_GET['sid']); } elseif (isset($_POST['story'])) { $sid = COM_applyFilter($_POST['story']); } if (empty($sid) && $_CONF['url_rewrite'] && strpos($_SERVER['PHP_SELF'], 'article.php') !== false) { COM_setArgNames(array('story', 'mode')); $sid = COM_applyFilter(COM_getArgument('story')); } if (!empty($sid)) { $topic = DB_getItem($_TABLES['stories'], 'tid', "sid='{$sid}'"); } } else { $topic = COM_applyFilter($_GET['topic']); } $feed_url = array(); if ($_CONF['backend'] == 1) { $baseurl = SYND_getFeedUrl(); $sql = 'SELECT format, filename, title, language FROM ' . $_TABLES['syndication'] . " WHERE (header_tid = 'all')"; if (!empty($topic)) { $sql .= " OR (header_tid = '" . addslashes($topic) . "')"; } $result = DB_query($sql); $numRows = DB_numRows($result); for ($i = 0; $i < $numRows; $i++) { $A = DB_fetchArray($result); if (!empty($A['filename'])) { $format_type = SYND_getMimeType($A['format']); $format_name = SYND_getFeedType($A['format']); $feed_title = $format_name . ' Feed: ' . $A['title']; $feed_url[] = '<link rel="alternate" type="' . $format_type . '" hreflang="' . $A['language'] . '" href="' . $baseurl . $A['filename'] . '" title="' . htmlspecialchars($feed_title) . '"' . XHTML . '>'; } } } $header->set_var('feed_url', implode(LB, $feed_url)); // for backward compatibility only - use {feed_url} instead $feed = SYND_getDefaultFeedUrl(); $header->set_var('rdf_file', $feed); $header->set_var('rss_url', $feed); $relLinks = array(); if (COM_onFrontpage()) { $relLinks['canonical'] = '<link rel="canonical" href="' . $_CONF['site_url'] . '/"' . XHTML . '>'; } else { $relLinks['home'] = '<link rel="home" href="' . $_CONF['site_url'] . '/" title="' . $LANG01[90] . '"' . XHTML . '>'; } $loggedInUser = !COM_isAnonUser(); if ($loggedInUser || $_CONF['loginrequired'] == 0 && $_CONF['searchloginrequired'] == 0) { if (substr($_SERVER['PHP_SELF'], -strlen('/search.php')) != '/search.php' || isset($_GET['mode'])) { $relLinks['search'] = '<link rel="search" href="' . $_CONF['site_url'] . '/search.php" title="' . $LANG01[75] . '"' . XHTML . '>'; } } if ($loggedInUser || $_CONF['loginrequired'] == 0 && $_CONF['directoryloginrequired'] == 0) { if (strpos($_SERVER['PHP_SELF'], '/article.php') !== false) { $relLinks['contents'] = '<link rel="contents" href="' . $_CONF['site_url'] . '/directory.php" title="' . $LANG01[117] . '"' . XHTML . '>'; } } if (!$_CONF['disable_webservices']) { $relLinks['service'] = '<link rel="service" ' . 'type="application/atomsvc+xml" ' . 'href="' . $_CONF['site_url'] . '/webservices/atom/?introspection" ' . 'title="' . $LANG01[130] . '"' . XHTML . '>'; } // TBD: add a plugin API and a lib-custom.php function $header->set_var('rel_links', implode(LB, $relLinks)); $pagetitle_siteslogan = false; if (empty($pagetitle)) { if (empty($topic)) { $pagetitle = $_CONF['site_slogan']; $pagetitle_siteslogan = true; } else { $pagetitle = stripslashes(DB_getItem($_TABLES['topics'], 'topic', "tid = '{$topic}'")); } } if (!empty($pagetitle)) { $header->set_var('page_site_splitter', ' - '); } else { $header->set_var('page_site_splitter', ''); } $header->set_var('page_title', $pagetitle); $header->set_var('site_name', $_CONF['site_name']); if (COM_onFrontpage() or $pagetitle_siteslogan) { $title_and_name = $_CONF['site_name']; if (!empty($pagetitle)) { $title_and_name .= ' - ' . $pagetitle; } } else { $title_and_name = ''; if (!empty($pagetitle)) { $title_and_name = $pagetitle . ' - '; } $title_and_name .= $_CONF['site_name']; } $header->set_var('page_title_and_site_name', $title_and_name); COM_setLangIdAndAttribute($header); $header->set_var('background_image', $_CONF['layout_url'] . '/images/bg.' . $_IMAGE_TYPE); $header->set_var('site_mail', "mailto:{$_CONF['site_mail']}"); $header->set_var('site_name', $_CONF['site_name']); $header->set_var('site_slogan', $_CONF['site_slogan']); $msg = rtrim($LANG01[67]) . ' ' . $_CONF['site_name']; if (!empty($_USER['username'])) { $msg .= ', ' . COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']); } $curtime = COM_getUserDateTimeFormat(); $header->set_var('welcome_msg', $msg); $header->set_var('datetime', $curtime[0]); $header->set_var('site_logo', $_CONF['layout_url'] . '/images/logo.' . $_IMAGE_TYPE); $header->set_var('theme', $_CONF['theme']); $header->set_var('charset', COM_getCharset()); $header->set_var('direction', $LANG_DIRECTION); // Now add variables for buttons like e.g. those used by the Yahoo theme $header->set_var('button_home', $LANG_BUTTONS[1]); $header->set_var('button_contact', $LANG_BUTTONS[2]); $header->set_var('button_contribute', $LANG_BUTTONS[3]); $header->set_var('button_sitestats', $LANG_BUTTONS[7]); $header->set_var('button_personalize', $LANG_BUTTONS[8]); $header->set_var('button_search', $LANG_BUTTONS[9]); $header->set_var('button_advsearch', $LANG_BUTTONS[10]); $header->set_var('button_directory', $LANG_BUTTONS[11]); // Get plugin menu options $plugin_menu = PLG_getMenuItems(); if ($_COM_VERBOSE) { COM_errorLog('num plugin menu items in header = ' . count($plugin_menu), 1); } // Now add nested template for menu items COM_renderMenu($header, $plugin_menu); if (count($plugin_menu) == 0) { $header->parse('plg_menu_elements', 'menuitem_none', true); } else { $count_plugin_menu = count($plugin_menu); for ($i = 1; $i <= $count_plugin_menu; $i++) { $header->set_var('menuitem_url', current($plugin_menu)); $header->set_var('menuitem_text', key($plugin_menu)); if ($i == $count_plugin_menu) { $header->parse('plg_menu_elements', 'menuitem_last', true); } else { $header->parse('plg_menu_elements', 'menuitem', true); } next($plugin_menu); } } // Call to plugins to set template variables in the header PLG_templateSetVars('header', $header); if ($_CONF['left_blocks_in_footer'] == 1) { $header->set_var('left_blocks', ''); $header->set_var('geeklog_blocks', ''); } else { $lblocks = ''; /* Check if an array has been passed that includes the name of a plugin * function or custom function * This can be used to take control over what blocks are then displayed */ if (is_array($what)) { $function = $what[0]; if (function_exists($function)) { $lblocks = $function($what[1], 'left'); } else { $lblocks = COM_showBlocks('left', $topic); } } else { if ($what != 'none') { // Now show any blocks -- need to get the topic if not on home page $lblocks = COM_showBlocks('left', $topic); } } if (empty($lblocks)) { $header->set_var('left_blocks', ''); $header->set_var('geeklog_blocks', ''); } else { $header->set_var('geeklog_blocks', $lblocks); $header->parse('left_blocks', 'leftblocks', true); $header->set_var('geeklog_blocks', ''); } } if ($_CONF['right_blocks_in_footer'] == 1) { $header->set_var('right_blocks', ''); $header->set_var('geeklog_blocks', ''); } else { $rblocks = ''; /* Check if an array has been passed that includes the name of a plugin * function or custom function * This can be used to take control over what blocks are then displayed */ if (is_array($what)) { $function = $what[0]; if (function_exists($function)) { $rblocks = $function($what[1], 'right'); } else { $rblocks = COM_showBlocks('right', $topic); } } else { if ($what != 'none') { // Now show any blocks -- need to get the topic if not on home page $rblocks = COM_showBlocks('right', $topic); } } if (empty($rblocks)) { $header->set_var('right_blocks', ''); $header->set_var('geeklog_blocks', ''); } else { $header->set_var('geeklog_blocks', $rblocks, true); $header->parse('right_blocks', 'rightblocks', true); } } // Call any plugin that may want to include extra Meta tags // or Javascript functions $headercode .= PLG_getHeaderCode(); // Meta Tags // 0 = Disabled, 1 = Enabled, 2 = Enabled but default just for homepage if ($_CONF['meta_tags'] > 0) { $meta_description = ''; $meta_keywords = ''; $no_meta_description = 1; $no_meta_keywords = 1; //Find out if the meta tag description or keywords already exist in the headercode if ($headercode != '') { $pattern = '/<meta ([^>]*)name="([^"\'>]*)"([^>]*)/im'; if (preg_match_all($pattern, $headercode, $matches, PREG_SET_ORDER)) { // Loop through all meta tags looking for description and keywords for ($i = 0; $i < count($matches) && ($no_meta_description == 1 || $no_meta_keywords == 1); $i++) { $str_matches = strtolower($matches[$i][0]); $pos = strpos($str_matches, 'name='); if (!(is_bool($pos) && !$pos)) { $name = trim(substr($str_matches, $pos + 5), '"'); $pos = strpos($name, '"'); $name = substr($name, 0, $pos); if (strcasecmp("description", $name) == 0) { $pos = strpos($str_matches, 'content='); if (!(is_bool($pos) && !$pos)) { $no_meta_description = 0; } } if (strcasecmp("keywords", $name) == 0) { $pos = strpos($str_matches, 'content='); if (!(is_bool($pos) && !$pos)) { $no_meta_keywords = 0; } } } } } } if (COM_onFrontpage() && $_CONF['meta_tags'] == 2) { // Display default meta tags only on home page if ($no_meta_description) { $meta_description = $_CONF['meta_description']; } if ($no_meta_keywords) { $meta_keywords = $_CONF['meta_keywords']; } } else { if ($_CONF['meta_tags'] == 1) { // Display default meta tags anywhere there are no tags if ($no_meta_description) { $meta_description = $_CONF['meta_description']; } if ($no_meta_keywords) { $meta_keywords = $_CONF['meta_keywords']; } } } if ($no_meta_description or $no_meta_keywords) { $headercode .= COM_createMetaTags($meta_description, $meta_keywords); } } $headercode = $_SCRIPTS->getHeader() . $headercode; $header->set_var('plg_headercode', $headercode); // The following lines allow users to embed PHP in their templates. This // is almost a contradition to the reasons for using templates but this may // prove useful at times ... // Don't use PHP in templates if you can live without it! $tmp = $header->finish($header->parse('index_header', 'header')); $xml_declaration = ''; if (get_cfg_var('short_open_tag') == '1') { if (preg_match('/(<\\?xml[^>]*>)(.*)/s', $tmp, $match)) { $xml_declaration = $match[1] . LB; $tmp = $match[2]; } } ob_start(); eval('?>' . $tmp); $retval = $xml_declaration . ob_get_contents(); ob_end_clean(); return $retval; }
//public_html/content.php?code=xxxx&template=yyyy $url_rewrite = false; $q = false; $url = $_SERVER["REQUEST_URI"]; if ($_CONF['url_rewrite']) { $q = strpos($url, '?'); if ($q === false) { $url_rewrite = true; } elseif (substr($url, $q - 4, 4) != '.php') { $url_rewrite = true; } } // if ($url_rewrite) { COM_setArgNames(array('code', 'template')); $code = COM_applyFilter(COM_getArgument('code')); $template = COM_applyFilter(COM_getArgument('template')); } else { $code = COM_applyFilter($_GET['code']); $template = COM_applyFilter($_GET['template']); } //ログイン要否チェック if (COM_isAnonUser()) { if ($_CONF['loginrequired'] or $_USERBOX_CONF['loginrequired'] == 3 or $_USERBOX_CONF['loginrequired'] == 2 or $_USERBOX_CONF['loginrequired'] == 1) { echo $LANG_USERBOX['loginrequired']; exit; } } $id = 0; $retval = userbox_profile($id, $template, "yes", "", $code); echo $retval['display'];
$tp = ''; } $url = COM_buildURL($script . $tp . $parts); return '<link rel="canonical" href="' . $url . '"' . XHTML . '>' . LB; } // MAIN $display = ''; if (isset($_POST['topic']) && isset($_POST['year']) && isset($_POST['month'])) { $dir_topic = $_POST['topic']; $year = $_POST['year']; $month = $_POST['month']; } else { COM_setArgNames(array('topic', 'year', 'month')); $dir_topic = COM_getArgument('topic'); $year = COM_getArgument('year'); $month = COM_getArgument('month'); } $dir_topic = COM_applyFilter($dir_topic); if (empty($dir_topic)) { $dir_topic = 'all'; } // Topic stuff already set in lib-common but need to double check if URL_Write is_a enabled //Set topic for rest of site if ($dir_topic === 'all') { $topic = ''; } else { $topic = $dir_topic; } // See if user has access to view topic. if ($topic != '') { $test_topic = DB_getItem($_TABLES['topics'], 'tid', "tid = '{$topic}' " . COM_getPermSQL('AND'));
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | // | GNU General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +---------------------------------------------------------------------------+ require_once '../lib-common.php'; if (!in_array('tag', $_PLUGINS)) { COM_output(COM_refresh($_CONF['site_url'] . '/index.php')); exit; } // Retrieves request vars COM_setArgNames(array('tag')); $tag = COM_getArgument('tag'); /** * Display */ $T = new Template($_CONF['path'] . 'plugins/tag/templates'); $T->set_file('page', 'index.thtml'); $T->set_var('xhtml', XHTML); // Lang vars $lang_vars = array('tag_list'); foreach ($lang_vars as $lang_var) { $T->set_var('lang_' . $lang_var, TAG_str($lang_var)); } // Tag cloud $T->set_var('tag_cloud', TAG_getTagCloud($_TAG_CONF['max_tag_cloud'], false)); // Other tags if ($tag !== '') {
// knowing which language the sender of the trackback ping may prefer. $TRB_ERROR = array('not_enabled' => 'Trackback not enabled.', 'illegal_request' => 'Illegal request.', 'no_access' => 'You do not have access to this entry.'); if (!$_CONF['trackback_enabled']) { TRB_sendTrackbackResponse(1, $TRB_ERROR['not_enabled']); exit; } if (isset($_SERVER['REQUEST_METHOD'])) { // Trackbacks are only allowed as POST requests if ($_SERVER['REQUEST_METHOD'] != 'POST') { header('Allow: POST'); COM_displayMessageAndAbort(75, '', 405, 'Method Not Allowed'); } } COM_setArgNames(array('id', 'type')); $id = COM_applyFilter(COM_getArgument('id')); $type = COM_applyFilter(COM_getArgument('type')); if (empty($id)) { TRB_sendTrackbackResponse(1, $TRB_ERROR['illegal_request']); exit; } if (empty($type)) { $type = 'article'; } if ($type == 'article') { // check if they have access to this story $sid = DB_escapeString($id); $result = DB_query("SELECT trackbackcode FROM {$_TABLES['stories']} WHERE (sid = '{$sid}') AND (date <= NOW()) AND (draft_flag = 0)" . COM_getPermSql('AND') . COM_getTopicSql('AND')); if (DB_numRows($result) == 1) { $A = DB_fetchArray($result); if ($A['trackbackcode'] == 0) { TRB_handleTrackbackPing($id, $type);
if (COM_isAnonUser() && $_MG_CONF['loginrequired'] == 1) { $display = MG_siteHeader(); $display .= SEC_loginRequiredForm(); $display .= COM_siteFooter(); echo $display; exit; } require_once $_CONF['path'] . 'plugins/mediagallery/include/init.php'; MG_initAlbums(); /* * Main Function */ COM_setArgNames(array('aid', 'f', 'sort')); $album_id = COM_applyFilter(COM_getArgument('aid'), true); $full = COM_applyFilter(COM_getArgument('f'), true); $sortOrder = COM_applyFilter(COM_getArgument('sort'), true); $T = new Template(MG_getTemplatePath($album_id)); $T->set_file('page', 'slideshow.thtml'); $T->set_var('header', $LANG_MG00['plugin']); $T->set_var('site_url', $_MG_CONF['site_url']); $T->set_block('page', 'slideItems', 'sItems'); $T->set_block('page', 'noItems', 'nItems'); $T->set_var('header', $LANG_MG00['plugin']); $T->set_var('site_url', $_MG_CONF['site_url']); if ($MG_albums[$album_id]->access == 0) { $display = MG_siteHeader(); $display .= COM_showMessageText($LANG_MG00['access_denied_msg'], $LANG_ACCESS['accessdenied'], true); $display .= MG_siteFooter(); echo $display; exit; }
// | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +---------------------------------------------------------------------------+ require_once '../../../lib-common.php'; require_once '../../auth.inc.php'; require_once $_CONF['path'] . 'plugins/downloads/include/functions.php'; if (!SEC_hasRights('downloads.edit')) { $display = COM_showMessageText($MESSAGE[29], $MESSAGE[30]); $display = DLM_createHTMLDocument($display, array('pagetitle' => $MESSAGE[30])); COM_accessLog("User {$_USER['username']} tried to illegally access the downloads temporary file."); COM_output($display); exit; } COM_setArgNames(array('id')); $lid = addslashes(COM_applyFilter(COM_getArgument('id'))); $result = DB_query("SELECT url, date FROM {$_TABLES['downloadsubmission']} WHERE lid='{$lid}'"); list($url, $date) = DB_fetchArray($result); $filepath = $_DLM_CONF['path_filestore'] . 'tmp' . date('YmdHis', $date) . DLM_createSafeFileName($url); if (file_exists($filepath)) { header('Content-Disposition: attachment; filename="' . $url . '"'); header('Content-Type: application/octet-stream'); header('Content-Description: File Transfer'); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($filepath)); ob_clean(); flush(); @readfile($filepath);
PAYPAL_access_check(); // Import plugin-specific functions USES_paypal_functions(); // Create a global shopping cart for our use. This allows the cart to be // manipulated in an action and then displayed in a view, without necessarily // having to revisit the database or create a new cart. USES_paypal_class_cart(); $ppGCart = new ppCart(); // First try to get the SEO-friendly arguments. A single "action" and "id" // will probably be the most common anyway. If that fails, go through all // the possibilies for actions that might come from submit buttons, etc. COM_setArgNames(array('action', 'id')); $action = COM_getArgument('action'); $actionval = ''; if (!empty($action)) { $id = COM_sanitizeID(COM_getArgument('id')); } else { $expected = array('updatecart', 'checkout', 'searchcat', 'savebillto', 'saveshipto', 'updatecart', 'emptycart', 'addcartitem', 'addcartitem_x', 'checkoutcart', 'processorder', 'thanks', 'action', 'order', 'view', 'detail', 'printorder', 'orderhist'); $action = 'view'; foreach ($expected as $provided) { if (isset($_POST[$provided])) { $action = $provided; $actionval = $_POST[$provided]; break; } elseif (isset($_GET[$provided])) { $action = $provided; $actionval = $_GET[$provided]; break; } } if (isset($_POST['id'])) {