case 'PageDel':
if (!$zbp->ValidToken(GetVars('token', 'GET'))) {
$zbp->ShowError(5, __FILE__, __LINE__);
die;
}
DelPage();
$zbp->BuildModule();
$zbp->SaveCache();
$zbp->SetHint('good');
Redirect('cmd.php?act=PageMng');
break;
case 'PageMng':
Redirect('admin/?' . GetVars('QUERY_STRING', 'SERVER'));
break;
case 'PagePst':
PostPage();
$zbp->BuildModule();
$zbp->SaveCache();
$zbp->SetHint('good');
Redirect('cmd.php?act=PageMng');
break;
case 'CategoryMng':
Redirect('admin/?' . GetVars('QUERY_STRING', 'SERVER'));
break;
case 'CategoryEdt':
Redirect('admin/category_edit.php?' . GetVars('QUERY_STRING', 'SERVER'));
break;
case 'CategoryPst':
PostCategory();
$zbp->BuildModule();
$zbp->SaveCache();
function HandleApprove($pagename, $auth = 'edit')
{
global $ApproveUrlPattern, $WhiteUrlPatterns, $ApprovedUrlPagesFmt, $action;
Lock(2);
$page = ReadPage($pagename);
$text = preg_replace('/[()]/', '', $page['text']);
preg_match_all("/{$ApproveUrlPattern}/", $text, $match);
ReadApprovedUrls($pagename);
$addpat = array();
foreach ($match[0] as $a) {
if ($action == 'approvesites') {
$a = preg_replace("!^([^:]+://[^/]+).*\$!", '$1', $a);
}
$addpat[] = $a;
}
if (count($addpat) > 0) {
$aname = FmtPageName($ApprovedUrlPagesFmt[0], $pagename);
$apage = RetrieveAuthPage($aname, $auth);
if (!$apage) {
Abort("?cannot edit {$aname}");
}
$new = $apage;
if (substr($new['text'], -1, 1) != "\n") {
$new['text'] .= "\n";
}
foreach ($addpat as $a) {
foreach ((array) $WhiteUrlPatterns as $pat) {
if (preg_match("!^{$pat}(/|\$)!i", $a)) {
continue 2;
}
}
$urlp = preg_quote($a, '!');
$WhiteUrlPatterns[] = $urlp;
$new['text'] .= " {$a}\n";
}
$_POST['post'] = 'y';
PostPage($aname, $apage, $new);
}
Redirect($pagename);
}
function zbp_editPage($id, $xmlstring, $publish)
{
global $zbp;
$xml = simplexml_load_string($xmlstring);
if ($xml) {
$post = array();
foreach ($xml->children() as $x) {
$a = (string) $x->name;
if ($a == 'categories') {
$b = $x->value->children()->asXML();
} else {
$b = $x->value->children();
}
$b = str_replace(array('<array>', '</array>', '<data>', '</data>', '<string>', '</string>'), array(''), $b);
$post[$a] = $b;
}
if ($zbp->CheckItemToNavbar('page', $id)) {
$_POST['AddNavbar'] = 1;
}
$_POST['ID'] = $id;
$_POST['Title'] = $post['title'];
$_POST['Content'] = $post['description'];
$_POST['AuthorID'] = $zbp->user->ID;
if ($publish) {
$_POST['Status'] = 0;
} else {
$_POST['Status'] = 1;
}
if (isset($post['mt_basename'])) {
$_POST['Alias'] = $post['mt_basename'];
}
if (isset($post['wp_author_id'])) {
$_POST['AuthorID'] = $post['wp_author_id'];
}
if (isset($post['mt_allow_comments'])) {
if ($post['mt_allow_comments'] > 0) {
$_POST['IsLock'] = $post['mt_allow_comments'] - 1;
} else {
$_POST['IsLock'] = $post['mt_allow_comments'];
}
}
$strXML = '<methodResponse><params><param><value><boolean>$%#1#%$</boolean></value></param></params></methodResponse>';
if (PostPage() == true) {
$strXML = str_replace("\$%#1#%\$", 1, $strXML);
echo $strXML;
} else {
$zbp->ShowError(0, __FILE__, __LINE_);
}
}
}
function bi_HandleBlockIP($src, $auth = 'comment-approve')
{
#action=bi_bip
global $bi_Pages;
$result = array('msg' => XL('Unable to block IP address.'), 'result' => 'error');
if (PageTextVar($src, 'entrytype') == 'comment' && bi_Auth($auth . ' ' . $src)) {
if ($_GET['bi_ip'] > '') {
Lock(2);
$old = RetrieveAuthPage($bi_Pages['blocklist'], 'edit', false);
if ($old) {
if (!preg_match('/\\nblock:' . preg_replace(array('/\\./', '/\\*/'), array('\\.', '\\*'), $_GET['bi_ip']) . '\\n/', $old['text'])) {
$new = $old;
if (substr($new['text'], -1, 1) != "\n") {
$new['text'] .= "\n";
}
$new['text'] .= 'block:' . $_GET['bi_ip'] . "\n";
PostPage($bi_Pages['blocklist'], $old, $new);
$result = array('msg' => XL('Blocked IP address: ') . $_GET['bi_ip'], 'result' => 'success', 'ip' => $_GET['bi_ip']);
} else {
$result = array('result' => 'error', 'msg' => XL('IP address is already being blocked: ' . $_GET['bi_ip']));
}
} else {
$result = array('result' => 'error', 'msg' => 'Cannot edit ' . $bi_Pages['blocklist']);
}
} else {
#No IP passed in, so determine who created page
$page = RetrieveAuthPage($src, 'read', false);
if ($page) {
foreach ($page as $k => $v) {
#find the last diff in the list, which is the create point
if (preg_match("/^diff:(\\d+):(\\d+):?([^:]*)/", $k, $match)) {
$ip = @$page['host:' . $match[1]];
}
}
}
$result = array('result' => $ip > '' ? 'success' : 'error', 'ip' => $ip, 'msg' => $ip > '' ? '' : XL('Unable to determine IP address.'));
}
}
bi_Redirect(bi_Clean('mode', $_GET['bi_Mode']), $result);
}
function bi_HandleBlockIP($src, $auth = 'comment-approve')
{
//action=bi_bip
global $bi_Pages;
$result = array('msg' => XL('Unable to block IP address.'), 'result' => 'error');
if (PageTextVar($src, 'entrytype') == 'comment' && bi_Auth($auth . ' ' . $src)) {
if ($_GET['bi_ip'] > '') {
//either we have an IP, or need to find one
Lock(2);
$old = RetrieveAuthPage($bi_Pages['blocklist'], 'edit', false, READPAGE_CURRENT);
if ($old) {
$ip = explode(',', $_GET['bi_ip']);
$blocked = array();
$already = array();
foreach ($ip as $key) {
//check to see if ip is already blocked
if (!preg_match('/\\nblock:' . preg_replace(array('/\\./', '/\\*/'), array('\\.', '\\*'), $key) . '\\n/', $old['text'])) {
$new = $old;
$blocked[] = $key;
$new['text'] .= (substr($new['text'], -1, 1) != "\n" ? "\n" : '') . 'block:' . $key . "\n";
//add newline to end of file, and then blocked ip
} else {
$already[] = $key;
}
}
if (!empty($blocked)) {
PostPage($bi_Pages['blocklist'], $old, $new);
}
$result = array('msg' => (!empty($blocked) ? XL('Blocked IP address: ') . implode(',', $blocked) : '') . (!empty($blocked) && !empty($already) ? '<br />' : '') . (!empty($already) ? XL('IP address is already being blocked: ') . implode(',', $already) : ''), 'result' => 'success');
//removed , 'ip'=>$_GET['bi_ip'], not used
} else {
$result = array('result' => 'error', 'msg' => XL('Cannot edit ') . $bi_Pages['blocklist']);
}
} else {
//No IP passed in, so determine who created page
$ip = array();
$pages = bi_GetPages($src);
foreach ($pages as $p) {
$page = RetrieveAuthPage($p, 'read', false);
//read history
if ($page) {
$x = preg_grep_keys('/^host:.*$/', $page, -1);
//find the last occurence of host: which stores creator IP
$ip[$x] = $x;
//store as key/value to ensure we don't store same IP multiple times
}
$result = array('result' => !$ip ? 'error' : 'success', 'ip' => implode($ip, "\n"), 'msg' => !$ip ? XL('Unable to determine IP address.') : '');
}
}
}
bi_Redirect(bi_Clean('mode', $_GET['bi_Mode']), $result);
}
function bi_Convert($src, $auth = 'admin', $dataset, $pagelist, $mode)
{
global $bi_ConvertRules, $bi_TagSeparator, $_GET, $SearchPatterns;
$datarules = $bi_ConvertRules[$dataset];
$pagelist = MatchPageNames($pagelist, $SearchPatterns['default']);
foreach ($pagelist as $i => $pn) {
list($group, $name) = explode('.', $pn);
#$name used to derive title.
$pagetext = '';
$org = RetrieveAuthPage($pn, $auth, 0, READPAGE_CURRENT);
echo "<b>{$pn}</b><br/>";
if (!$org) {
echo 'No admin privs on page.<br/>';
continue;
}
$entryType = PageTextVar($pn, 'entrytype');
if ($mode == 'convert' && empty($entryType) || $mode == 'upgrade' && $entryType == 'blog') {
#populate $new_field_val array for each $new_field_name based on $new_field_rules
foreach ($datarules['new'] as $new_field_name => $new_field_rules) {
$new_field_val[$new_field_name] = '';
#is the new field based on an old_field or was the field defined in the prior version, with the same name?
if (isset($datarules['old'][$new_field_name])) {
$new_field_val[$new_field_name] = PageTextVar($pn, $new_field_name);
# Get basic separated list with no formatting
if ($datarules['old'][$old_field]['format']) {
$new_field_val[$new_field_name] = implode($bi_TagSeparator, preg_match_all('/' . $datarules['old'][$old_field]['format'] . '/', $new_field_val[$new_field_name], $m) ? $m[1] : array());
}
}
# Set default value if none calculated so far
if (empty($new_field_val[$new_field_name]) && isset($datarules['new'][$new_field_name]['default'])) {
$new_field_val[$new_field_name] = eval('return (' . $datarules['new'][$new_field_name]['default'] . ');');
}
# Format the field
if (isset($datarules['new'][$new_field_name]['format'])) {
$new_field_val[$new_field_name] = str_replace('$1', $new_field_val[$new_field_name], $datarules['new'][$new_field_name]['format']);
} else {
$new_field_val[$new_field_name] = '(:' . $new_field_name . ':' . $new_field_val[$new_field_name] . ':)';
}
$pagetext .= $new_field_val[$new_field_name] . "\n";
}
} elseif ($mode == 'revert' && $entryType == 'blog') {
$pagetext = PageTextVar($pn, 'entrybody') . "\n\n" . PageTextVar($pn, 'pmmarkup');
} else {
echo 'Nothing to ' . $mode . '<br/>';
}
if ($_GET['writetofile'] == 'true') {
if (!empty($pagetext)) {
$new = $org;
$new['csum'] = $new['csum:' . $GLOBALS['Now']] = $GLOBALS['ChangeSummary'] = 'BlogIt Format: ' . $mode;
$new['diffclass'] = 'minor';
$new['text'] = $pagetext;
PostPage($pn, $org, $new);
#Don't need UpdatePage, as we don't require edit functions to run
echo 'BlogIt page attributes written.<br/>';
} else {
echo 'Nothing to write.<br/>';
}
}
echo str_replace("\n", '<br/>', $pagetext . '<br/>');
}
}