if (isset($_REQUEST['msg'])) {
$msg = COM_applyFilter($_REQUEST['msg']);
} else {
$msg = '';
}
if (isset($_REQUEST['mode'])) {
$mode = COM_applyFilter($_REQUEST['mode']);
} else {
$mode = COM_getArgument('mode');
}
if (isset($_REQUEST['id'])) {
$id = COM_sanitizeID($_REQUEST['id']);
} else {
$id = COM_applyFilter(COM_getArgument('id'));
}
$page = COM_getArgument('page');
// Assume that the 'mode' is also (or only) the desired page to display
//if (empty($mode)) $id='';
if (empty($page)) {
$page = $mode;
}
// Set up the basic menu for all users
$menu_opt = '';
USES_class_navbar();
$menu = new navbar();
$menu->add_menuitem($LANG_ADVT['mnu_home'], CLASSIFIEDS_makeURL('home'));
$menu->add_menuitem($LANG_ADVT['mnu_recent'], CLASSIFIEDS_makeURL('recent'));
// Show additional menu options to logged-in users
if (!$isAnon) {
$menu->add_menuitem($LANG_ADVT['mnu_account'], CLASSIFIEDS_makeURL('account'));
$menu->add_menuitem($LANG_ADVT['mnu_myads'], CLASSIFIEDS_makeURL('manage'));
exit;
}
if (COM_isAnonUser() && $_MG_CONF['loginrequired'] == 1) {
$display = MG_siteHeader();
$display .= SEC_loginRequiredForm();
$display .= COM_siteFooter();
echo $display;
exit;
}
require_once $_CONF['path'] . 'plugins/mediagallery/include/init.php';
MG_initAlbums();
/*
* Main Function
*/
COM_setArgNames(array('aid', 'f', 'sort'));
$album_id = COM_applyFilter(COM_getArgument('aid'), true);
$T = new Template(MG_getTemplatePath($album_id));
$T->set_file(array('page' => 'playall_xspf.thtml'));
if ($MG_albums[$album_id]->access == 0) {
$display .= COM_showMessageText($LANG_MG00['access_denied_msg'], $LANG_ACCESS['accessdenied'], true);
$display .= MG_siteFooter();
echo $display;
exit;
}
$album_title = $MG_albums[$album_id]->title;
$album_desc = $MG_albums[$album_id]->description;
MG_usage('playalbum', $album_title, '', '');
$birdseed = '<a href="' . $_CONF['site_url'] . '/index.php">' . $LANG_MG03['home'] . '</a> ' . ($_MG_CONF['gallery_only'] == 1 ? '' : $_MG_CONF['seperator'] . ' <a href="' . $_MG_CONF['site_url'] . '/index.php">' . $_MG_CONF['menulabel'] . '</a> ') . $MG_albums[$album_id]->getPath(1, 0, 1);
$T->set_var(array('site_url' => $_MG_CONF['site_url'], 'birdseed' => $birdseed, 'pagination' => '<a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $album_id . '&page=1&sort=' . '0' . '">' . $LANG_MG03['return_to_album'] . '</a>', 'album_title' => $album_title, 'album_desc' => $album_desc, 'aid' => $album_id, 'home' => $LANG_MG03['home'], 'return_to_album' => $LANG_MG03['return_to_album']));
/*
* Need to handle empty albums a little better
if (SEC_hasRights('filemgmt.user') or $mydownloads_publicpriv == 1) {
$p = new Template($_CONF['path'] . 'plugins/filemgmt/templates');
$p->set_file(array('page' => 'filelisting.thtml', 'records' => 'filelisting_record.thtml', 'category' => 'filelisting_category.thtml'));
$p->set_var('layout_url', $_CONF['layout_url']);
$p->set_var('site_url', $_CONF['site_url']);
$p->set_var('site_admin_url', $_CONF['site_admin_url']);
$p->set_var('xhtml', XHTML);
$p->set_var('target', $CONF_FM['ignore_target'] ? '' : 'target="_blank"');
$myts = new MyTextSanitizer();
$mytree = new XoopsTree($_DB_name, $_FM_TABLES['filemgmt_cat'], "cid", "pid");
$mytree->setGroupAccessFilter($_GROUPS);
$display = '';
//@@@@@20090602update urlrewrite ---->
//$lid = COM_applyFilter($_GET['id'],true);
COM_setArgNames(array('id'));
$lid = COM_applyFilter(COM_getArgument('id'), true);
//@@@@@20090602update urlrewrite<-----
if ($lid == 0) {
// Check if the script is being called from the commentbar
$lid = str_replace('fileid_', '', $_POST['id']);
}
$groupsql = filemgmt_buildAccessSql();
$sql = "SELECT COUNT(*) FROM {$_FM_TABLES['filemgmt_filedetail']} a ";
$sql .= "LEFT JOIN {$_FM_TABLES['filemgmt_cat']} b ON a.cid=b.cid ";
$sql .= "WHERE a.lid='{$lid}' {$groupsql} AND a.status > 0";
list($fileAccessCnt) = DB_fetchArray(DB_query($sql));
if ($fileAccessCnt > 0 and DB_count($_FM_TABLES['filemgmt_filedetail'], "lid", $lid) == 1) {
$p->set_var('block_header', COM_startBlock("<b>" . $LANG_FILEMGMT['plugin_name'] . "</b>"));
$p->set_var('block_footer', COM_endBlock());
require_once $_CONF['path_system'] . 'lib-comment.php';
$sql = "SELECT d.lid, d.cid, d.title, d.url, d.homepage, d.version, d.size, d.logourl, d.submitter, d.status, d.date, ";
/*if (empty($view)) {
$view = isset($_EV_CONF['default_view']) ? $_EV_CONF['default_view'] : '';
}*/
if (isset($_GET['range'])) {
$range = COM_applyFilter($_GET['range'], true);
} elseif (isset($_POST['range'])) {
$range = COM_applyFilter($_POST['range'], true);
} else {
$range = COM_applyFilter(COM_getArgument('range'), true);
}
if (isset($_GET['cat'])) {
$category = COM_applyFilter($_GET['cat'], true);
} elseif (isset($_POST['cat'])) {
$category = COM_applyFilter($_POST['cat'], true);
} else {
$category = COM_applyFilter(COM_getArgument('cat'), true);
}
if (isset($_GET['cal'])) {
$calendar = COM_applyFilter($_GET['cal'], true);
} elseif (isset($_POST['cal'])) {
$calendar = COM_applyFilter($_POST['cal'], true);
} else {
$calendar = '';
}
//$_REQUEST['event_type'] = $category; // Hack
if (!empty($category)) {
$catname = DB_getItem($_TABLES['evlist_categories'], 'name', "id = '{$category}'");
}
if (!empty($_REQUEST['msg'])) {
$msg = COM_applyFilter($_REQUEST['msg'], true);
} else {
if ($_EV_CONF['enable_rsvp'] && !COM_isAnonUser()) {
USES_evlist_class_ticket();
$eid = COM_sanitizeID($_GET['eid'], false);
$doc = evTicket::PrintTickets($eid, 0, $_USER['uid']);
echo $doc;
exit;
} else {
$content .= 'Function not available';
}
break;
case 'view':
default:
if (empty($eid)) {
// Default action, view the calendar or event
COM_setArgNames(array('eid', 'ts', 'range', 'cat'));
$eid = COM_sanitizeID(COM_getArgument('eid'), false);
}
if (!empty($eid)) {
USES_evlist_class_repeat();
$Rep = new evRepeat($eid);
$pagetitle = COM_stripslashes($Rep->Event->title);
if ($view == 'print') {
$template = 'event_print';
$query = '';
}
$query = isset($_GET['query']) ? $_GET['query'] : '';
$content .= $Rep->Detail('', $query, $template);
} else {
// Shouldn't be in this file without an event ID to display or edit
echo COM_refresh(EVLIST_URL . '/index.php');
exit;
*
* @package StaticPages
* @subpackage public_html
*/
/**
* Geeklog common function library
*/
require_once '../lib-common.php';
if (!in_array('staticpages', $_PLUGINS)) {
COM_handle404();
exit;
}
// MAIN
COM_setArgNames(array('page', 'disp_mode'));
$page = COM_applyFilter(COM_getArgument('page'));
$display_mode = COM_applyFilter(COM_getArgument('disp_mode'));
$query = '';
if (isset($_REQUEST['query'])) {
$query = COM_applyfilter($_GET['query']);
}
TOPIC_getTopic('staticpages', $page);
// from comments display refresh:
if (isset($_REQUEST['order'])) {
$comment_order = COM_applyFilter($_REQUEST['order']);
$comment_mode = COM_applyFilter($_REQUEST['mode']);
if (isset($_REQUEST['cpage'])) {
$comment_page = COM_applyFilter($_REQUEST['cpage']);
}
if (strcasecmp($comment_order, 'ASC') != 0 && strcasecmp($comment_order, 'DESC') != 0) {
$comment_order = '';
}
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +---------------------------------------------------------------------------+
require_once '../lib-common.php';
if (!in_array('banner', $_PLUGINS)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
// MAIN
$url = '';
COM_setArgNames(array('what', 'item'));
$what = COM_getArgument('what');
if ($what == 'banner') {
$item = COM_applyFilter(COM_getArgument('item'));
if (!empty($item)) {
// Hack: due to PLG_afterSaveSwitch settings, we may get
// an attached &msg - strip it off
$i = explode('&', $item);
$item = $i[0];
}
if (!empty($item)) {
$url = DB_getItem($_TABLES['banner'], 'url', "bid = '{$item}' AND (publishstart IS NULL OR publishstart < NOW()) and (publishend IS NULL OR publishend > NOW())");
if (!empty($url)) {
DB_change($_TABLES['banner'], 'hits', 'hits + 1', 'bid', $item, '', true);
}
}
}
if (empty($url)) {
$url = $_CONF['site_url'];
exit;
}
/* Ensure sufficient privs to read this page */
paypal_access_check();
// Import plugin-specific functions
USES_paypal_functions();
// Create a global shopping cart for our use. This allows the cart to be
// manipulated in an action and then displayed in a view, without necessarily
// having to revisit the database or create a new cart.
USES_paypal_class_cart();
$ppGCart = new ppCart();
COM_setArgNames(array('id'));
if (isset($_GET['id'])) {
$id = COM_sanitizeID($_GET['id']);
} else {
$id = COM_applyFilter(COM_getArgument('id'));
}
$display = PAYPAL_siteHeader();
$T = new Template(PAYPAL_PI_PATH . '/templates');
$T->set_file('title', 'paypal_title.thtml');
$T->set_var('title', $LANG_PP['main_title']);
$display .= $T->parse('', 'title');
if (!empty($msg)) {
//msg block
$display .= COM_startBlock('', '', 'blockheader-message.thtml');
$display .= $msg;
$display .= COM_endBlock('blockfooter-message.thtml');
}
$display .= PAYPAL_userMenu($LANG_PP['product_list']);
$content = '';
if (!empty($id)) {
if (isset($_POST['order'])) {
$order = COM_applyFilter($_POST['order']);
}
if (isset($_POST['query'])) {
$query = $_POST['query'];
}
if (isset($_POST['reply'])) {
$reply = COM_applyFilter($_POST['reply']);
}
if (isset($_POST['cpage'])) {
$page = COM_applyFilter($_POST['cpage'], true);
}
} else {
COM_setArgNames(array('story', 'mode'));
$sid = COM_applyFilter(COM_getArgument('story'));
$mode = COM_applyFilter(COM_getArgument('mode'));
if (isset($_GET['order'])) {
$order = COM_applyFilter($_GET['order']);
}
if (isset($_GET['query'])) {
$query = $_GET['query'];
}
if (isset($_GET['reply'])) {
$reply = COM_applyFilter($_GET['reply']);
}
if (isset($_GET['cpage'])) {
$page = COM_applyFilter($_GET['cpage'], true);
}
}
if (empty($sid)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
/**
* Handles comment processing
*
* @param string $mode Mode of comment processing
* @param string $type Type of item (article, polls, etc.)
* @param string $title Title of item
* @param string $sid ID for item to show comments for
* @param string $format 'threaded', 'nested', or 'flat'
* @return string HTML formated
*/
function CMT_handleComment($mode = '', $type = '', $title = '', $sid = '', $format = '')
{
global $_CONF, $_TABLES, $_USER, $LANG03, $LANG_ADMIN, $topic, $_PLUGINS;
$commentmode = '';
if (!empty($_REQUEST[CMT_MODE])) {
$commentmode = COM_applyFilter($_REQUEST[CMT_MODE]);
}
if (empty($mode)) {
$mode = COM_applyFilter(COM_getArgument(CMT_MODE));
}
if (empty($commentmode) && !empty($mode)) {
$commentmode = $mode;
}
if (empty($sid) && !empty($_REQUEST[CMT_SID])) {
$sid = COM_applyFilter($_REQUEST[CMT_SID]);
}
$pid = 0;
if (!empty($_REQUEST[CMT_PID])) {
$pid = COM_applyFilter($_REQUEST[CMT_PID], true);
}
if (empty($type) && !empty($_REQUEST[CMT_TYPE])) {
$type = COM_applyFilter($_REQUEST[CMT_TYPE]);
}
if (!empty($_REQUEST['title'])) {
$title = $_REQUEST['title'];
// apply filters later in CMT_commentForm or CMT_saveComment
}
if (!empty($_REQUEST[CMT_UID])) {
$uid = COM_applyFilter($_REQUEST[CMT_UID]);
} else {
$uid = 1;
if (!empty($_USER['uid'])) {
$uid = $_USER['uid'];
}
}
$postmode = $_CONF['postmode'];
if (isset($_REQUEST['postmode'])) {
$postmode = COM_applyFilter($_REQUEST['postmode']);
}
$formtype = '';
if (!empty($_REQUEST['formtype'])) {
$formtype = COM_applyFilter($_REQUEST['formtype']);
}
// Get comment id, may not be there...will handle in function
$cid = 0;
if (isset($_REQUEST[CMT_CID])) {
$cid = COM_applyFilter($_REQUEST[CMT_CID], true);
}
TOPIC_getTopic('comment', $cid);
if (empty($format) && isset($_REQUEST['format'])) {
$format = COM_applyFilter($_REQUEST['format']);
}
if (!in_array($format, array('threaded', 'nested', 'flat', 'nocomment'))) {
if (COM_isAnonUser()) {
$format = $_CONF['comment_mode'];
} else {
$format = DB_getItem($_TABLES['usercomment'], 'commentmode', "uid = {$_USER['uid']}");
}
}
$order = '';
if (isset($_REQUEST['order'])) {
$order = COM_applyFilter($_REQUEST['order']);
}
$cpage = 1;
if (!empty($_REQUEST['cpage'])) {
$cpage = COM_applyFilter($_REQUEST['cpage'], true);
if (empty($cpage)) {
$cpage = 1;
}
}
$is_comment_page = CMT_isCommentPage();
$retval = '';
if ($_CONF['show_comments_at_replying'] && $is_comment_page && !empty($sid) && !empty($type) && in_array($commentmode, array('', $LANG03[28], $LANG03[34], $LANG03[14], 'edit'))) {
if ($commentmode == 'edit') {
$cid = 0;
if (isset($_REQUEST[CMT_CID])) {
$cid = COM_applyFilter($_REQUEST[CMT_CID], true);
}
if ($cid <= 0) {
COM_errorLog("CMT_handleComment(): {$_USER['uid']} from {$_SERVER['REMOTE_ADDR']} tried " . 'to edit a comment with one or more missing/bad values.');
return COM_refresh($_CONF['site_url'] . '/index.php');
}
$pid = $cid;
}
if ($pid > 0 && empty($title)) {
$atype = DB_escapeString($type);
$title = DB_getItem($_TABLES['comments'], 'title', "(cid = {$pid}) AND (type = '{$atype}')");
}
if (empty($title)) {
$title = PLG_getItemInfo($type, $sid, 'title');
$title = str_replace('$', '$', $title);
// CMT_userComments expects non-htmlspecial chars for title...
$title = str_replace('&', '&', $title);
$title = str_replace('"', '"', $title);
$title = str_replace('<', '<', $title);
$title = str_replace('>', '>', $title);
}
$retval .= CMT_userComments($sid, $title, $type, $order, $format, $pid, $cpage, $pid > 0, false, 0);
}
switch ($commentmode) {
case $LANG03[28]:
// Preview Changes (for edit)
// Preview Changes (for edit)
case $LANG03[34]:
// Preview Submission changes (for edit)
// Preview Submission changes (for edit)
case $LANG03[14]:
// Preview
$retval .= CMT_commentForm($title, $_POST['comment'], $sid, $pid, $type, $commentmode, $postmode, $format, $order, $cpage);
if ($is_comment_page) {
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[14]));
}
break;
case $LANG03[35]:
// Submit Changes to Moderation table
// Submit Changes to Moderation table
case $LANG03[29]:
// Submit Changes
if (SEC_checkToken()) {
$retval .= CMT_handleEditSubmit($commentmode);
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
break;
case $LANG03[11]:
// Submit comment
$retval .= CMT_handleSubmit($title, $sid, $pid, $type, $postmode, $uid);
break;
case $LANG_ADMIN['delete']:
case 'delete':
// Delete comment
if (SEC_checkToken()) {
$retval .= CMT_handleDelete($sid, $type, $formtype);
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
break;
case 'view':
// View comment by $cid
$retval .= CMT_handleView($format, $order, $cpage, true);
break;
case 'display':
// View comment by $pid
$retval .= CMT_handleView($format, $order, $cpage, false);
break;
case 'report':
if ($is_comment_page) {
$cid = 0;
if (isset($_GET[CMT_CID])) {
$cid = COM_applyFilter($_GET[CMT_CID], true);
}
$type = '';
if (isset($_GET[CMT_TYPE])) {
$type = COM_applyFilter($_GET[CMT_TYPE]);
}
if ($cid <= 0 || empty($type)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
$retval .= CMT_reportAbusiveComment($cid, $type);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[27]));
}
break;
case 'sendreport':
if (SEC_checkToken()) {
$cid = 0;
if (isset($_POST[CMT_CID])) {
$cid = COM_applyFilter($_POST[CMT_CID], true);
}
$type = '';
if (isset($_POST[CMT_TYPE])) {
$type = COM_applyFilter($_POST[CMT_TYPE]);
}
if ($cid <= 0 || empty($type)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
$retval .= CMT_sendReport($cid, $type);
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
break;
case 'editsubmission':
if (!SEC_hasRights('comment.moderate')) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
// deliberate fall-through
// deliberate fall-through
case 'edit':
$retval .= CMT_handleEdit($commentmode, $postmode, $format, $order, $cpage);
if ($is_comment_page) {
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[1]));
}
break;
case 'unsubscribe':
$cid = 0;
$key = COM_applyFilter($_GET['key']);
if (!empty($key)) {
$key = DB_escapeString($key);
$cid = DB_getItem($_TABLES['commentnotifications'], 'cid', "deletehash = '{$key}'");
if (!empty($cid)) {
$redirecturl = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . '&format=nested&msg=16';
DB_delete($_TABLES['commentnotifications'], 'deletehash', $key, $redirecturl);
exit;
}
}
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
break;
case $LANG_ADMIN['cancel']:
if ($formtype == 'editsubmission') {
echo COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
exit;
} else {
$retval .= CMT_handleCancel();
// moved to function for readibility
}
break;
default:
// New Comment or Reply Comment
$abort = false;
// Check to make sure comment type exists
if ($type != 'article' && !in_array($type, $_PLUGINS)) {
$abort = true;
}
// Check article permissions
if (!$abort && $type == 'article' && !empty($sid)) {
$dbTitle = DB_getItem($_TABLES['stories'], 'title', "(sid = '{$sid}') AND (draft_flag = 0) AND (date <= NOW()) AND (commentcode = 0)" . COM_getPermSQL('AND'));
// if ($dbTitle === null || TOPIC_hasMultiTopicAccess('article', $sid) < 2) { // Make sure have at least read access to topics to post comment
if ($dbTitle === null || TOPIC_hasMultiTopicAccess('article', $sid, $topic) < 2) {
// Make sure have at least read access to current topic of article to post comment
// no permissions, or no story of that title
$abort = true;
}
}
if (!$abort && !empty($sid) && !empty($type)) {
if ($pid > 0 && empty($title)) {
$atype = DB_escapeString($type);
$title = DB_getItem($_TABLES['comments'], 'title', "(cid = {$pid}) AND (type = '{$atype}')");
}
if (empty($title)) {
$title = PLG_getItemInfo($type, $sid, 'title');
// Check title, if for some reason blank assume no access allowed to plugin item (therefore cannot add comment) so return to homepage
if (is_array($title) || empty($title) || $title == false) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
$title = str_replace('$', '$', $title);
// CMT_commentForm expects non-htmlspecial chars for title...
$title = str_replace('&', '&', $title);
$title = str_replace('"', '"', $title);
$title = str_replace('<', '<', $title);
$title = str_replace('>', '>', $title);
}
$retval .= CMT_commentForm($title, '', $sid, $pid, $type, $commentmode, $postmode, $format, $order, $cpage);
} else {
if (COMMENT_ON_SAME_PAGE) {
// Do nothing and do not show comment form (happens most likely when admin viewing draft article)
} else {
// For comments not displayed on same page (probably owner pushed the post comment button on a draft article)
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
}
if ($is_comment_page) {
$noindex = '<meta name="robots" content="noindex"' . XHTML . '>';
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[1], 'headercode' => $noindex));
}
break;
}
return $retval;
}
* For really strict webhosts, this file an be used to show images in pages that
* serve the images from outside of the webtree to a place that the webserver
* user can actually write too
*
* @author Tony Bibbs, tony AT tonybibbs DOT com
*
*/
require_once 'lib-common.php';
require_once $_CONF['path_system'] . 'classes/downloader.class.php';
$downloader = new downloader();
$downloader->setLogFile($_CONF['path_log'] . 'error.log');
$downloader->setLogging(true);
$downloader->setAllowedExtensions(array('gif' => 'image/gif', 'jpg' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'png' => 'image/png', 'png' => 'image/x-png'));
COM_setArgNames(array('mode', 'image'));
$mode = COM_applyFilter(COM_getArgument('mode'));
$image = COM_applyFilter(COM_getArgument('image'));
if (strstr($image, '..')) {
// Can you believe this, some jackass tried to relative pathing to access
// files they shouldn't have access to?
COM_accessLog('Someone tried to illegally access files using getimage.php');
exit;
}
// Set the path properly
switch ($mode) {
case 'show':
case 'articles':
$downloader->setPath($_CONF['path_images'] . 'articles/');
break;
case 'topics':
$downloader->setPath($_CONF['path_images'] . 'topics/');
break;
$url_rewrite = true;
} elseif (substr($url, $q - 4, 4) != '.php') {
$url_rewrite = true;
}
}
//
if ($url_rewrite) {
COM_setArgNames(array('idcode', 'm', 'template', $dummy1));
$m = COM_applyFilter(COM_getArgument('m'));
$template = COM_applyFilter(COM_getArgument('template'));
//code 使用の時
if ($m === "code") {
$id = 0;
$code = COM_applyFilter(COM_getArgument('idcode'));
} elseif ($m === "id") {
$id = COM_applyFilter(COM_getArgument('idcode'), true);
$code = "";
} else {
$id = 0;
$code = "";
}
} else {
$m = COM_applyFilter($_GET['m']);
$id = COM_applyFilter($_GET['id'], true);
$code = COM_applyFilter($_GET['code']);
$template = COM_applyFilter($_GET['template']);
}
//ログイン要否チェック
if (COM_isAnonUser()) {
if ($_CONF['loginrequired'] or $_DATABOX_CONF['loginrequired'] == 3 or $_DATABOX_CONF['loginrequired'] == 2 or $_DATABOX_CONF['loginrequired'] == 1 and $id > 0 or $_DATABOX_CONF['loginrequired'] == 1 and $code != "") {
$display .= DATABOX_siteHeader($pi_name, '', $page_title);
}
$retval = $urlpart . $extra_vars;
}
return $retval;
}
// MAIN
$ret_url = '';
if (isset($_SERVER['HTTP_REFERER'])) {
if (strpos($_SERVER['HTTP_REFERER'], $_CONF['site_url']) !== false) {
$ret_url = $_SERVER['HTTP_REFERER'];
}
}
// if not allowed, just ignore and return
if ($_CONF['allow_user_language'] == 1) {
COM_setArgNames(array('lang'));
$lang = strtolower(COM_applyFilter(COM_getArgument('lang')));
$lang = preg_replace('/[^a-z0-9\\-_]/', '', $lang);
$oldlang = COM_getLanguageId();
// do we really have a new language to switch to?
if (!empty($lang) && array_key_exists($lang, $_CONF['language_files'])) {
// does such a language file exist?
$langfile = $_CONF['language_files'][$lang];
if (is_file($_CONF['path_language'] . $langfile . '.php')) {
// Set the language cookie.
// Mainly used for anonymous users so the rest of their session
// will remain in the selected language
setcookie($_CONF['cookie_language'], $langfile, time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
// if user is not anonymous, store the preference in the database
if (!COM_isAnonUser()) {
DB_query("UPDATE {$_TABLES['users']} SET language = '{$langfile}' WHERE uid = {$_USER['uid']}");
}
/**
* Returns the site footer
*
* This loads the proper templates, does variable substitution and returns the
* HTML for the site footer.
*
* @param boolean $rightblock Whether or not to show blocks on right hand side default is no
* @param array $custom An array defining custom function to be used to format Rightblocks
* @see function COM_siteHeader
* @return string Formated HTML containing site footer and optionally right blocks
*
*/
function COM_siteFooter($rightblock = -1, $custom = '')
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG12, $LANG_BUTTONS, $LANG_DIRECTION, $_IMAGE_TYPE, $topic, $_COM_VERBOSE, $_PAGE_TIMER, $theme_what, $theme_pagetitle, $theme_headercode, $theme_layout, $_LOGO, $uiStyles;
COM_hit();
if (isset($blockInterface['right'])) {
$currentURL = COM_getCurrentURL();
if (strpos($currentURL, $_CONF['site_admin_url']) === 0) {
if ($blockInterface['right']['location'] == 'right' || $blockInterface['right']['location'] == 'left') {
$rightblocks = -1;
}
}
}
$function = $_USER['theme'] . '_siteFooter';
if (function_exists($function)) {
return $function($rightblock, $custom);
}
$dt = new Date('now', $_USER['tzid']);
$what = $theme_what;
$pagetitle = $theme_pagetitle;
$themecode = $theme_headercode;
// Grab any content that was cached by the system
$content = ob_get_contents();
ob_end_clean();
$theme = new Template($_CONF['path_layout']);
$theme->set_file(array('header' => 'header.thtml', 'footer' => 'footer.thtml', 'leftblocks' => 'leftblocks.thtml', 'rightblocks' => 'rightblocks.thtml'));
$theme->set_var('num_search_results', $_CONF['num_search_results']);
// get topic if not on home page
if (!isset($_GET['topic'])) {
if (isset($_GET['story'])) {
$sid = COM_applyFilter($_GET['story']);
} elseif (isset($_GET['sid'])) {
$sid = COM_applyFilter($_GET['sid']);
} elseif (isset($_POST['story'])) {
$sid = COM_applyFilter($_POST['story']);
}
if (empty($sid) && $_CONF['url_rewrite'] && strpos($_SERVER['PHP_SELF'], 'article.php') !== false) {
COM_setArgNames(array('story', 'mode'));
$sid = COM_applyFilter(COM_getArgument('story'));
}
if (!empty($sid)) {
$topic = DB_getItem($_TABLES['stories'], 'tid', "sid='" . DB_escapeString($sid) . "'");
}
} else {
$topic = COM_applyFilter($_GET['topic']);
}
$loggedInUser = !COM_isAnonUser();
$theme->set_var('site_name', $_CONF['site_name']);
$theme->set_var('background_image', $_CONF['layout_url'] . '/images/bg.' . $_IMAGE_TYPE);
$theme->set_var('site_mail', "mailto:{$_CONF['site_mail']}");
if ($_LOGO['display_site_slogan']) {
$theme->set_var('site_slogan', $_CONF['site_slogan']);
}
$msg = $LANG01[67] . ' ' . $_CONF['site_name'];
if (!empty($_USER['username']) && !COM_isAnonUser()) {
$msg .= ', ' . COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
}
$curtime = $dt->format($dt->getUserFormat(), true);
$theme->set_var('welcome_msg', $msg);
$theme->set_var('datetime', $curtime);
if ($_LOGO['use_graphic_logo'] == 1 && file_exists($_CONF['path_html'] . '/images/' . $_LOGO['logo_name'])) {
$L = new Template($_CONF['path_layout']);
$L->set_file(array('logo' => 'logo-graphic.thtml'));
$imgInfo = @getimagesize($_CONF['path_html'] . '/images/' . $_LOGO['logo_name']);
$dimension = $imgInfo[3];
$L->set_var('site_name', $_CONF['site_name']);
$site_logo = $_CONF['site_url'] . '/images/' . $_LOGO['logo_name'];
$L->set_var('site_logo', $site_logo);
$L->set_var('dimension', $dimension);
if ($imgInfo[1] != 100) {
$delta = 100 - $imgInfo[1];
$newMargin = $delta;
$L->set_var('delta', 'style="padding-top:' . $newMargin . 'px;"');
} else {
$L->set_var('delta', '');
}
if ($_LOGO['display_site_slogan']) {
$L->set_var('site_slogan', $_CONF['site_slogan']);
}
$L->parse('output', 'logo');
$theme->set_var('logo_block', $L->finish($L->get_var('output')));
} else {
if ($_LOGO['use_graphic_logo'] == 0) {
$L = new Template($_CONF['path_layout']);
$L->set_file(array('logo' => 'logo-text.thtml'));
$L->set_var('site_name', $_CONF['site_name']);
if ($_LOGO['display_site_slogan']) {
$L->set_var('site_slogan', $_CONF['site_slogan']);
}
$L->parse('output', 'logo');
$theme->set_var('logo_block', $L->finish($L->get_var('output')));
} else {
$theme->set_var('logo_block', '');
}
}
$theme->set_var('site_logo', $_CONF['layout_url'] . '/images/logo.' . $_IMAGE_TYPE);
$theme->set_var(array('lang_login' => $LANG01[58], 'lang_myaccount' => $LANG01[48], 'lang_logout' => $LANG01[35], 'lang_newuser' => $LANG12[3]));
$menu_navigation = displayMenu('navigation');
$menu_footer = displayMenu('footer');
$menu_header = displayMenu('header');
$theme->set_var(array('menu_navigation' => $menu_navigation, 'menu_footer' => $menu_footer, 'menu_header' => $menu_header, 'st_hmenu' => $menu_navigation, 'st_footer_menu' => $menu_footer, 'st_header_menu' => $menu_header));
$lblocks = '';
/* Check if an array has been passed that includes the name of a plugin
* function or custom function
* This can be used to take control over what blocks are then displayed
*/
if (is_array($what)) {
$function = $what[0];
if (function_exists($function)) {
$lblocks = $function($what[1], 'left');
} else {
$lblocks = COM_showBlocks('left', $topic);
}
} else {
if ($what != 'none') {
// Now show any blocks -- need to get the topic if not on home page
$lblocks = COM_showBlocks('left', $topic);
}
}
/* Now build footer */
if (empty($lblocks)) {
$theme->set_var('left_blocks', '');
$theme->set_var('glfusion_blocks', '');
} else {
$theme->set_var('glfusion_blocks', $lblocks);
}
// Do variable assignments
$theme->set_var('site_mail', "mailto:{$_CONF['site_mail']}");
$theme->set_var('site_slogan', $_CONF['site_slogan']);
$rdf = substr_replace($_CONF['rdf_file'], $_CONF['site_url'], 0, strlen($_CONF['path_html']) - 1) . LB;
$theme->set_var('rdf_file', $rdf);
$theme->set_var('rss_url', $rdf);
$year = date('Y');
$copyrightyear = $year;
if (!empty($_CONF['copyrightyear'])) {
if ($year == $_CONF['copyrightyear']) {
$copyrightyear = $_CONF['copyrightyear'];
} else {
$copyrightyear = $_CONF['copyrightyear'] . " - " . $year;
}
}
$theme->set_var('copyright_notice', $LANG01[93] . ' © ' . $copyrightyear . ' ' . $_CONF['site_name'] . ' • ' . $LANG01[94]);
$theme->set_var('copyright_msg', $LANG01[93] . ' © ' . $copyrightyear . ' ' . $_CONF['site_name']);
$theme->set_var('current_year', $year);
$theme->set_var('lang_copyright', $LANG01[93]);
$theme->set_var('trademark_msg', $LANG01[94]);
$theme->set_var('powered_by', $LANG01[95]);
$theme->set_var('glfusion_url', 'http://www.glfusion.org/');
$theme->set_var('glfusion_version', GVERSION);
$theme->set_var('direction', empty($LANG_DIRECTION) ? 'ltr' : $LANG_DIRECTION);
/* Check if an array has been passed that includes the name of a plugin
* function or custom function.
* This can be used to take control over what blocks are then displayed
*/
if (is_array($custom)) {
$function = $custom['0'];
if (function_exists($function)) {
$rblocks = $function($custom['1'], 'right');
}
} elseif ($rightblock == 1 || $_CONF['show_right_blocks'] == 1) {
$rblocks = '';
$rblocks = COM_showBlocks('right', $topic);
if (empty($rblocks)) {
$theme->set_var('glfusion_rblocks', '');
$theme->set_var('right_blocks', '');
if (empty($lblocks)) {
// using full_content
$theme->set_var('centercolumn', $uiStyles['full_content']['content_class']);
} else {
// using left_content
$theme->set_var('centercolumn', $uiStyles['left_content']['content_class']);
$theme->set_var('footercolumn-l', $uiStyles['left_content']['left_class']);
}
} else {
$theme->set_var('glfusion_rblocks', $rblocks);
if (empty($lblocks)) {
// using content_right
$theme->set_var('centercolumn', $uiStyles['content_right']['content_class']);
$theme->set_var('footercolumn-r', $uiStyles['content_right']['right_class']);
} else {
// using left_content_right
$theme->set_var('centercolumn', $uiStyles['left_content_right']['content_class']);
$theme->set_var('footercolumn-l', $uiStyles['left_content_right']['left_class']);
$theme->set_var('footercolumn-r', $uiStyles['left_content_right']['right_class']);
}
}
} else {
$theme->set_var('glfusion_rblocks', '');
$theme->set_var('right_blocks', '');
if (empty($lblocks)) {
// using full content
$theme->set_var('centercolumn', $uiStyles['full_content']['content_class']);
} else {
// using left_content
$theme->set_var('centercolumn', $uiStyles['left_content']['content_class']);
$theme->set_var('footercolumn-l', $uiStyles['left_content']['left_class']);
}
}
if (!empty($lblocks)) {
$theme->parse('left_blocks', 'leftblocks', true);
$theme->set_var('glfusion_blocks', '');
}
if (!empty($rblocks)) {
$theme->parse('right_blocks', 'rightblocks', true);
$theme->set_var('glfusion_rblocks', '');
}
$exectime = $_PAGE_TIMER->stopTimer();
$exectext = $LANG01[91] . ' ' . $exectime . ' ' . $LANG01[92];
$theme->set_var('execution_time', $exectime);
$theme->set_var('execution_textandtime', $exectext);
$theme->set_var('content', $content);
// grab header data from outputHandler
$outputHandle = outputHandler::getInstance();
$theme->set_var(array('meta-header' => $outputHandle->renderHeader('meta'), 'css-header' => $outputHandle->renderHeader('style'), 'js-header' => $outputHandle->renderHeader('script'), 'raw-header' => $outputHandle->renderHeader('raw')));
if (SESS_isSet('glfusion.infoblock')) {
$msgArray = @unserialize(SESS_getVar('glfusion.infoblock'));
$msgTxt = COM_showMessageText($msgArray['msg'], '', $persist = false, $msgArray['type']);
$theme->set_var('info_block', $msgTxt);
SESS_unSet('glfusion.infoblock');
}
// Call to plugins to set template variables in the footer
PLG_templateSetVars('header', $theme);
PLG_templateSetVars('footer', $theme);
// Actually parse the template and make variable substitutions
$theme->parse('index_footer', 'footer');
$tmp = $theme->finish($theme->parse('index_header', 'header'));
echo $tmp;
// send the header.thtml
$retval = $theme->finish($theme->get_var('index_footer'));
_js_out();
_css_out();
return $retval;
}
/**
* Returns the site header
*
* This loads the proper templates, does variable substitution and returns the
* HTML for the site header with or without blocks depending on the value of $what
*
* Programming Note:
*
* The two functions COM_siteHeader and COM_siteFooter provide the framework for
* page display in Geeklog. COM_siteHeader controls the display of the Header
* and left blocks and COM_siteFooter controls the dsiplay of the right blocks
* and the footer. You use them like a sandwich. Thus the following code will
* display a Geeklog page with both right and left blocks displayed.
*
* <code>
* <?php
* require_once 'lib-common.php';
* // Change to COM_siteHeader('none') to not display left blocks
* $display .= COM_siteHeader();
* $display .= "Here is your html for display";
* // Change to COM_siteFooter() to not display right blocks
* $display .= COM_siteFooter(true);
* echo $display;
* ? >
* </code>
*
* Note that the default for the header is to display the left blocks and the
* default of the footer is to not display the right blocks.
*
* This sandwich produces code like this (greatly simplified)
* <code>
* // COM_siteHeader
* <table><tr><td colspan="3">Header</td></tr>
* <tr><td>Left Blocks</td><td>
*
* // Your HTML goes here
* Here is your html for display
*
* // COM_siteFooter
* </td><td>Right Blocks</td></tr>
* <tr><td colspan="3">Footer</td></table>
* </code>
*
* @param string $what If 'none' then no left blocks are returned, if 'menu' (default) then right blocks are returned
* @param string $pagetitle optional content for the page's <title>
* @param string $headercode optional code to go into the page's <head>
* @return string Formatted HTML containing the site header
* @see function COM_siteFooter
*
*/
function COM_siteHeader($what = 'menu', $pagetitle = '', $headercode = '')
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG_BUTTONS, $LANG_DIRECTION, $_IMAGE_TYPE, $topic, $_COM_VERBOSE, $_SCRIPTS;
// If the theme implemented this for us then call their version instead.
$function = $_CONF['theme'] . '_siteHeader';
if (function_exists($function)) {
return $function($what, $pagetitle, $headercode);
}
// If we reach here then either we have the default theme OR
// the current theme only needs the default variable substitutions
switch ($_CONF['doctype']) {
case 'html401transitional':
$doctype = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">';
break;
case 'html401strict':
$doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">';
break;
case 'xhtml10transitional':
$doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';
break;
case 'xhtml10strict':
$doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">';
break;
default:
// fallback: HTML 4.01 Transitional w/o system identifier
$doctype = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">';
break;
}
// send out the charset header
header('Content-Type: text/html; charset=' . COM_getCharset());
if (!empty($_CONF['frame_options'])) {
header('X-FRAME-OPTIONS: ' . $_CONF['frame_options']);
}
$header = COM_newTemplate($_CONF['path_layout']);
$header->set_file(array('header' => 'header.thtml', 'menuitem' => 'menuitem.thtml', 'menuitem_last' => 'menuitem_last.thtml', 'menuitem_none' => 'menuitem_none.thtml', 'leftblocks' => 'leftblocks.thtml', 'rightblocks' => 'rightblocks.thtml'));
$header->postprocess_fn = 'PLG_replaceTags';
$header->set_var('doctype', $doctype);
if (XHTML == '') {
$header->set_var('xmlns', '');
} else {
$header->set_var('xmlns', ' xmlns="http://www.w3.org/1999/xhtml"');
}
// get topic if not on home page
if (!isset($_GET['topic'])) {
if (isset($_GET['story'])) {
$sid = COM_applyFilter($_GET['story']);
} elseif (isset($_GET['sid'])) {
$sid = COM_applyFilter($_GET['sid']);
} elseif (isset($_POST['story'])) {
$sid = COM_applyFilter($_POST['story']);
}
if (empty($sid) && $_CONF['url_rewrite'] && strpos($_SERVER['PHP_SELF'], 'article.php') !== false) {
COM_setArgNames(array('story', 'mode'));
$sid = COM_applyFilter(COM_getArgument('story'));
}
if (!empty($sid)) {
$topic = DB_getItem($_TABLES['stories'], 'tid', "sid='{$sid}'");
}
} else {
$topic = COM_applyFilter($_GET['topic']);
}
$feed_url = array();
if ($_CONF['backend'] == 1) {
$baseurl = SYND_getFeedUrl();
$sql = 'SELECT format, filename, title, language FROM ' . $_TABLES['syndication'] . " WHERE (header_tid = 'all')";
if (!empty($topic)) {
$sql .= " OR (header_tid = '" . addslashes($topic) . "')";
}
$result = DB_query($sql);
$numRows = DB_numRows($result);
for ($i = 0; $i < $numRows; $i++) {
$A = DB_fetchArray($result);
if (!empty($A['filename'])) {
$format_type = SYND_getMimeType($A['format']);
$format_name = SYND_getFeedType($A['format']);
$feed_title = $format_name . ' Feed: ' . $A['title'];
$feed_url[] = '<link rel="alternate" type="' . $format_type . '" hreflang="' . $A['language'] . '" href="' . $baseurl . $A['filename'] . '" title="' . htmlspecialchars($feed_title) . '"' . XHTML . '>';
}
}
}
$header->set_var('feed_url', implode(LB, $feed_url));
// for backward compatibility only - use {feed_url} instead
$feed = SYND_getDefaultFeedUrl();
$header->set_var('rdf_file', $feed);
$header->set_var('rss_url', $feed);
$relLinks = array();
if (COM_onFrontpage()) {
$relLinks['canonical'] = '<link rel="canonical" href="' . $_CONF['site_url'] . '/"' . XHTML . '>';
} else {
$relLinks['home'] = '<link rel="home" href="' . $_CONF['site_url'] . '/" title="' . $LANG01[90] . '"' . XHTML . '>';
}
$loggedInUser = !COM_isAnonUser();
if ($loggedInUser || $_CONF['loginrequired'] == 0 && $_CONF['searchloginrequired'] == 0) {
if (substr($_SERVER['PHP_SELF'], -strlen('/search.php')) != '/search.php' || isset($_GET['mode'])) {
$relLinks['search'] = '<link rel="search" href="' . $_CONF['site_url'] . '/search.php" title="' . $LANG01[75] . '"' . XHTML . '>';
}
}
if ($loggedInUser || $_CONF['loginrequired'] == 0 && $_CONF['directoryloginrequired'] == 0) {
if (strpos($_SERVER['PHP_SELF'], '/article.php') !== false) {
$relLinks['contents'] = '<link rel="contents" href="' . $_CONF['site_url'] . '/directory.php" title="' . $LANG01[117] . '"' . XHTML . '>';
}
}
if (!$_CONF['disable_webservices']) {
$relLinks['service'] = '<link rel="service" ' . 'type="application/atomsvc+xml" ' . 'href="' . $_CONF['site_url'] . '/webservices/atom/?introspection" ' . 'title="' . $LANG01[130] . '"' . XHTML . '>';
}
// TBD: add a plugin API and a lib-custom.php function
$header->set_var('rel_links', implode(LB, $relLinks));
$pagetitle_siteslogan = false;
if (empty($pagetitle)) {
if (empty($topic)) {
$pagetitle = $_CONF['site_slogan'];
$pagetitle_siteslogan = true;
} else {
$pagetitle = stripslashes(DB_getItem($_TABLES['topics'], 'topic', "tid = '{$topic}'"));
}
}
if (!empty($pagetitle)) {
$header->set_var('page_site_splitter', ' - ');
} else {
$header->set_var('page_site_splitter', '');
}
$header->set_var('page_title', $pagetitle);
$header->set_var('site_name', $_CONF['site_name']);
if (COM_onFrontpage() or $pagetitle_siteslogan) {
$title_and_name = $_CONF['site_name'];
if (!empty($pagetitle)) {
$title_and_name .= ' - ' . $pagetitle;
}
} else {
$title_and_name = '';
if (!empty($pagetitle)) {
$title_and_name = $pagetitle . ' - ';
}
$title_and_name .= $_CONF['site_name'];
}
$header->set_var('page_title_and_site_name', $title_and_name);
COM_setLangIdAndAttribute($header);
$header->set_var('background_image', $_CONF['layout_url'] . '/images/bg.' . $_IMAGE_TYPE);
$header->set_var('site_mail', "mailto:{$_CONF['site_mail']}");
$header->set_var('site_name', $_CONF['site_name']);
$header->set_var('site_slogan', $_CONF['site_slogan']);
$msg = rtrim($LANG01[67]) . ' ' . $_CONF['site_name'];
if (!empty($_USER['username'])) {
$msg .= ', ' . COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
}
$curtime = COM_getUserDateTimeFormat();
$header->set_var('welcome_msg', $msg);
$header->set_var('datetime', $curtime[0]);
$header->set_var('site_logo', $_CONF['layout_url'] . '/images/logo.' . $_IMAGE_TYPE);
$header->set_var('theme', $_CONF['theme']);
$header->set_var('charset', COM_getCharset());
$header->set_var('direction', $LANG_DIRECTION);
// Now add variables for buttons like e.g. those used by the Yahoo theme
$header->set_var('button_home', $LANG_BUTTONS[1]);
$header->set_var('button_contact', $LANG_BUTTONS[2]);
$header->set_var('button_contribute', $LANG_BUTTONS[3]);
$header->set_var('button_sitestats', $LANG_BUTTONS[7]);
$header->set_var('button_personalize', $LANG_BUTTONS[8]);
$header->set_var('button_search', $LANG_BUTTONS[9]);
$header->set_var('button_advsearch', $LANG_BUTTONS[10]);
$header->set_var('button_directory', $LANG_BUTTONS[11]);
// Get plugin menu options
$plugin_menu = PLG_getMenuItems();
if ($_COM_VERBOSE) {
COM_errorLog('num plugin menu items in header = ' . count($plugin_menu), 1);
}
// Now add nested template for menu items
COM_renderMenu($header, $plugin_menu);
if (count($plugin_menu) == 0) {
$header->parse('plg_menu_elements', 'menuitem_none', true);
} else {
$count_plugin_menu = count($plugin_menu);
for ($i = 1; $i <= $count_plugin_menu; $i++) {
$header->set_var('menuitem_url', current($plugin_menu));
$header->set_var('menuitem_text', key($plugin_menu));
if ($i == $count_plugin_menu) {
$header->parse('plg_menu_elements', 'menuitem_last', true);
} else {
$header->parse('plg_menu_elements', 'menuitem', true);
}
next($plugin_menu);
}
}
// Call to plugins to set template variables in the header
PLG_templateSetVars('header', $header);
if ($_CONF['left_blocks_in_footer'] == 1) {
$header->set_var('left_blocks', '');
$header->set_var('geeklog_blocks', '');
} else {
$lblocks = '';
/* Check if an array has been passed that includes the name of a plugin
* function or custom function
* This can be used to take control over what blocks are then displayed
*/
if (is_array($what)) {
$function = $what[0];
if (function_exists($function)) {
$lblocks = $function($what[1], 'left');
} else {
$lblocks = COM_showBlocks('left', $topic);
}
} else {
if ($what != 'none') {
// Now show any blocks -- need to get the topic if not on home page
$lblocks = COM_showBlocks('left', $topic);
}
}
if (empty($lblocks)) {
$header->set_var('left_blocks', '');
$header->set_var('geeklog_blocks', '');
} else {
$header->set_var('geeklog_blocks', $lblocks);
$header->parse('left_blocks', 'leftblocks', true);
$header->set_var('geeklog_blocks', '');
}
}
if ($_CONF['right_blocks_in_footer'] == 1) {
$header->set_var('right_blocks', '');
$header->set_var('geeklog_blocks', '');
} else {
$rblocks = '';
/* Check if an array has been passed that includes the name of a plugin
* function or custom function
* This can be used to take control over what blocks are then displayed
*/
if (is_array($what)) {
$function = $what[0];
if (function_exists($function)) {
$rblocks = $function($what[1], 'right');
} else {
$rblocks = COM_showBlocks('right', $topic);
}
} else {
if ($what != 'none') {
// Now show any blocks -- need to get the topic if not on home page
$rblocks = COM_showBlocks('right', $topic);
}
}
if (empty($rblocks)) {
$header->set_var('right_blocks', '');
$header->set_var('geeklog_blocks', '');
} else {
$header->set_var('geeklog_blocks', $rblocks, true);
$header->parse('right_blocks', 'rightblocks', true);
}
}
// Call any plugin that may want to include extra Meta tags
// or Javascript functions
$headercode .= PLG_getHeaderCode();
// Meta Tags
// 0 = Disabled, 1 = Enabled, 2 = Enabled but default just for homepage
if ($_CONF['meta_tags'] > 0) {
$meta_description = '';
$meta_keywords = '';
$no_meta_description = 1;
$no_meta_keywords = 1;
//Find out if the meta tag description or keywords already exist in the headercode
if ($headercode != '') {
$pattern = '/<meta ([^>]*)name="([^"\'>]*)"([^>]*)/im';
if (preg_match_all($pattern, $headercode, $matches, PREG_SET_ORDER)) {
// Loop through all meta tags looking for description and keywords
for ($i = 0; $i < count($matches) && ($no_meta_description == 1 || $no_meta_keywords == 1); $i++) {
$str_matches = strtolower($matches[$i][0]);
$pos = strpos($str_matches, 'name=');
if (!(is_bool($pos) && !$pos)) {
$name = trim(substr($str_matches, $pos + 5), '"');
$pos = strpos($name, '"');
$name = substr($name, 0, $pos);
if (strcasecmp("description", $name) == 0) {
$pos = strpos($str_matches, 'content=');
if (!(is_bool($pos) && !$pos)) {
$no_meta_description = 0;
}
}
if (strcasecmp("keywords", $name) == 0) {
$pos = strpos($str_matches, 'content=');
if (!(is_bool($pos) && !$pos)) {
$no_meta_keywords = 0;
}
}
}
}
}
}
if (COM_onFrontpage() && $_CONF['meta_tags'] == 2) {
// Display default meta tags only on home page
if ($no_meta_description) {
$meta_description = $_CONF['meta_description'];
}
if ($no_meta_keywords) {
$meta_keywords = $_CONF['meta_keywords'];
}
} else {
if ($_CONF['meta_tags'] == 1) {
// Display default meta tags anywhere there are no tags
if ($no_meta_description) {
$meta_description = $_CONF['meta_description'];
}
if ($no_meta_keywords) {
$meta_keywords = $_CONF['meta_keywords'];
}
}
}
if ($no_meta_description or $no_meta_keywords) {
$headercode .= COM_createMetaTags($meta_description, $meta_keywords);
}
}
$headercode = $_SCRIPTS->getHeader() . $headercode;
$header->set_var('plg_headercode', $headercode);
// The following lines allow users to embed PHP in their templates. This
// is almost a contradition to the reasons for using templates but this may
// prove useful at times ...
// Don't use PHP in templates if you can live without it!
$tmp = $header->finish($header->parse('index_header', 'header'));
$xml_declaration = '';
if (get_cfg_var('short_open_tag') == '1') {
if (preg_match('/(<\\?xml[^>]*>)(.*)/s', $tmp, $match)) {
$xml_declaration = $match[1] . LB;
$tmp = $match[2];
}
}
ob_start();
eval('?>' . $tmp);
$retval = $xml_declaration . ob_get_contents();
ob_end_clean();
return $retval;
}
//public_html/content.php?code=xxxx&template=yyyy
$url_rewrite = false;
$q = false;
$url = $_SERVER["REQUEST_URI"];
if ($_CONF['url_rewrite']) {
$q = strpos($url, '?');
if ($q === false) {
$url_rewrite = true;
} elseif (substr($url, $q - 4, 4) != '.php') {
$url_rewrite = true;
}
}
//
if ($url_rewrite) {
COM_setArgNames(array('code', 'template'));
$code = COM_applyFilter(COM_getArgument('code'));
$template = COM_applyFilter(COM_getArgument('template'));
} else {
$code = COM_applyFilter($_GET['code']);
$template = COM_applyFilter($_GET['template']);
}
//ログイン要否チェック
if (COM_isAnonUser()) {
if ($_CONF['loginrequired'] or $_USERBOX_CONF['loginrequired'] == 3 or $_USERBOX_CONF['loginrequired'] == 2 or $_USERBOX_CONF['loginrequired'] == 1) {
echo $LANG_USERBOX['loginrequired'];
exit;
}
}
$id = 0;
$retval = userbox_profile($id, $template, "yes", "", $code);
echo $retval['display'];
$tp = '';
}
$url = COM_buildURL($script . $tp . $parts);
return '<link rel="canonical" href="' . $url . '"' . XHTML . '>' . LB;
}
// MAIN
$display = '';
if (isset($_POST['topic']) && isset($_POST['year']) && isset($_POST['month'])) {
$dir_topic = $_POST['topic'];
$year = $_POST['year'];
$month = $_POST['month'];
} else {
COM_setArgNames(array('topic', 'year', 'month'));
$dir_topic = COM_getArgument('topic');
$year = COM_getArgument('year');
$month = COM_getArgument('month');
}
$dir_topic = COM_applyFilter($dir_topic);
if (empty($dir_topic)) {
$dir_topic = 'all';
}
// Topic stuff already set in lib-common but need to double check if URL_Write is_a enabled
//Set topic for rest of site
if ($dir_topic === 'all') {
$topic = '';
} else {
$topic = $dir_topic;
}
// See if user has access to view topic.
if ($topic != '') {
$test_topic = DB_getItem($_TABLES['topics'], 'tid', "tid = '{$topic}' " . COM_getPermSQL('AND'));
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +---------------------------------------------------------------------------+
require_once '../lib-common.php';
if (!in_array('tag', $_PLUGINS)) {
COM_output(COM_refresh($_CONF['site_url'] . '/index.php'));
exit;
}
// Retrieves request vars
COM_setArgNames(array('tag'));
$tag = COM_getArgument('tag');
/**
* Display
*/
$T = new Template($_CONF['path'] . 'plugins/tag/templates');
$T->set_file('page', 'index.thtml');
$T->set_var('xhtml', XHTML);
// Lang vars
$lang_vars = array('tag_list');
foreach ($lang_vars as $lang_var) {
$T->set_var('lang_' . $lang_var, TAG_str($lang_var));
}
// Tag cloud
$T->set_var('tag_cloud', TAG_getTagCloud($_TAG_CONF['max_tag_cloud'], false));
// Other tags
if ($tag !== '') {
// knowing which language the sender of the trackback ping may prefer.
$TRB_ERROR = array('not_enabled' => 'Trackback not enabled.', 'illegal_request' => 'Illegal request.', 'no_access' => 'You do not have access to this entry.');
if (!$_CONF['trackback_enabled']) {
TRB_sendTrackbackResponse(1, $TRB_ERROR['not_enabled']);
exit;
}
if (isset($_SERVER['REQUEST_METHOD'])) {
// Trackbacks are only allowed as POST requests
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
header('Allow: POST');
COM_displayMessageAndAbort(75, '', 405, 'Method Not Allowed');
}
}
COM_setArgNames(array('id', 'type'));
$id = COM_applyFilter(COM_getArgument('id'));
$type = COM_applyFilter(COM_getArgument('type'));
if (empty($id)) {
TRB_sendTrackbackResponse(1, $TRB_ERROR['illegal_request']);
exit;
}
if (empty($type)) {
$type = 'article';
}
if ($type == 'article') {
// check if they have access to this story
$sid = DB_escapeString($id);
$result = DB_query("SELECT trackbackcode FROM {$_TABLES['stories']} WHERE (sid = '{$sid}') AND (date <= NOW()) AND (draft_flag = 0)" . COM_getPermSql('AND') . COM_getTopicSql('AND'));
if (DB_numRows($result) == 1) {
$A = DB_fetchArray($result);
if ($A['trackbackcode'] == 0) {
TRB_handleTrackbackPing($id, $type);
if (COM_isAnonUser() && $_MG_CONF['loginrequired'] == 1) {
$display = MG_siteHeader();
$display .= SEC_loginRequiredForm();
$display .= COM_siteFooter();
echo $display;
exit;
}
require_once $_CONF['path'] . 'plugins/mediagallery/include/init.php';
MG_initAlbums();
/*
* Main Function
*/
COM_setArgNames(array('aid', 'f', 'sort'));
$album_id = COM_applyFilter(COM_getArgument('aid'), true);
$full = COM_applyFilter(COM_getArgument('f'), true);
$sortOrder = COM_applyFilter(COM_getArgument('sort'), true);
$T = new Template(MG_getTemplatePath($album_id));
$T->set_file('page', 'slideshow.thtml');
$T->set_var('header', $LANG_MG00['plugin']);
$T->set_var('site_url', $_MG_CONF['site_url']);
$T->set_block('page', 'slideItems', 'sItems');
$T->set_block('page', 'noItems', 'nItems');
$T->set_var('header', $LANG_MG00['plugin']);
$T->set_var('site_url', $_MG_CONF['site_url']);
if ($MG_albums[$album_id]->access == 0) {
$display = MG_siteHeader();
$display .= COM_showMessageText($LANG_MG00['access_denied_msg'], $LANG_ACCESS['accessdenied'], true);
$display .= MG_siteFooter();
echo $display;
exit;
}
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +---------------------------------------------------------------------------+
require_once '../../../lib-common.php';
require_once '../../auth.inc.php';
require_once $_CONF['path'] . 'plugins/downloads/include/functions.php';
if (!SEC_hasRights('downloads.edit')) {
$display = COM_showMessageText($MESSAGE[29], $MESSAGE[30]);
$display = DLM_createHTMLDocument($display, array('pagetitle' => $MESSAGE[30]));
COM_accessLog("User {$_USER['username']} tried to illegally access the downloads temporary file.");
COM_output($display);
exit;
}
COM_setArgNames(array('id'));
$lid = addslashes(COM_applyFilter(COM_getArgument('id')));
$result = DB_query("SELECT url, date FROM {$_TABLES['downloadsubmission']} WHERE lid='{$lid}'");
list($url, $date) = DB_fetchArray($result);
$filepath = $_DLM_CONF['path_filestore'] . 'tmp' . date('YmdHis', $date) . DLM_createSafeFileName($url);
if (file_exists($filepath)) {
header('Content-Disposition: attachment; filename="' . $url . '"');
header('Content-Type: application/octet-stream');
header('Content-Description: File Transfer');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($filepath));
ob_clean();
flush();
@readfile($filepath);
PAYPAL_access_check();
// Import plugin-specific functions
USES_paypal_functions();
// Create a global shopping cart for our use. This allows the cart to be
// manipulated in an action and then displayed in a view, without necessarily
// having to revisit the database or create a new cart.
USES_paypal_class_cart();
$ppGCart = new ppCart();
// First try to get the SEO-friendly arguments. A single "action" and "id"
// will probably be the most common anyway. If that fails, go through all
// the possibilies for actions that might come from submit buttons, etc.
COM_setArgNames(array('action', 'id'));
$action = COM_getArgument('action');
$actionval = '';
if (!empty($action)) {
$id = COM_sanitizeID(COM_getArgument('id'));
} else {
$expected = array('updatecart', 'checkout', 'searchcat', 'savebillto', 'saveshipto', 'updatecart', 'emptycart', 'addcartitem', 'addcartitem_x', 'checkoutcart', 'processorder', 'thanks', 'action', 'order', 'view', 'detail', 'printorder', 'orderhist');
$action = 'view';
foreach ($expected as $provided) {
if (isset($_POST[$provided])) {
$action = $provided;
$actionval = $_POST[$provided];
break;
} elseif (isset($_GET[$provided])) {
$action = $provided;
$actionval = $_GET[$provided];
break;
}
}
if (isset($_POST['id'])) {
