Exemple #1
0
 case 'PageDel':
     if (!$zbp->ValidToken(GetVars('token', 'GET'))) {
         $zbp->ShowError(5, __FILE__, __LINE__);
         die;
     }
     DelPage();
     $zbp->BuildModule();
     $zbp->SaveCache();
     $zbp->SetHint('good');
     Redirect('cmd.php?act=PageMng');
     break;
 case 'PageMng':
     Redirect('admin/?' . GetVars('QUERY_STRING', 'SERVER'));
     break;
 case 'PagePst':
     PostPage();
     $zbp->BuildModule();
     $zbp->SaveCache();
     $zbp->SetHint('good');
     Redirect('cmd.php?act=PageMng');
     break;
 case 'CategoryMng':
     Redirect('admin/?' . GetVars('QUERY_STRING', 'SERVER'));
     break;
 case 'CategoryEdt':
     Redirect('admin/category_edit.php?' . GetVars('QUERY_STRING', 'SERVER'));
     break;
 case 'CategoryPst':
     PostCategory();
     $zbp->BuildModule();
     $zbp->SaveCache();
Exemple #2
0
function HandleApprove($pagename, $auth = 'edit')
{
    global $ApproveUrlPattern, $WhiteUrlPatterns, $ApprovedUrlPagesFmt, $action;
    Lock(2);
    $page = ReadPage($pagename);
    $text = preg_replace('/[()]/', '', $page['text']);
    preg_match_all("/{$ApproveUrlPattern}/", $text, $match);
    ReadApprovedUrls($pagename);
    $addpat = array();
    foreach ($match[0] as $a) {
        if ($action == 'approvesites') {
            $a = preg_replace("!^([^:]+://[^/]+).*\$!", '$1', $a);
        }
        $addpat[] = $a;
    }
    if (count($addpat) > 0) {
        $aname = FmtPageName($ApprovedUrlPagesFmt[0], $pagename);
        $apage = RetrieveAuthPage($aname, $auth);
        if (!$apage) {
            Abort("?cannot edit {$aname}");
        }
        $new = $apage;
        if (substr($new['text'], -1, 1) != "\n") {
            $new['text'] .= "\n";
        }
        foreach ($addpat as $a) {
            foreach ((array) $WhiteUrlPatterns as $pat) {
                if (preg_match("!^{$pat}(/|\$)!i", $a)) {
                    continue 2;
                }
            }
            $urlp = preg_quote($a, '!');
            $WhiteUrlPatterns[] = $urlp;
            $new['text'] .= "  {$a}\n";
        }
        $_POST['post'] = 'y';
        PostPage($aname, $apage, $new);
    }
    Redirect($pagename);
}
Exemple #3
0
function zbp_editPage($id, $xmlstring, $publish)
{
    global $zbp;
    $xml = simplexml_load_string($xmlstring);
    if ($xml) {
        $post = array();
        foreach ($xml->children() as $x) {
            $a = (string) $x->name;
            if ($a == 'categories') {
                $b = $x->value->children()->asXML();
            } else {
                $b = $x->value->children();
            }
            $b = str_replace(array('<array>', '</array>', '<data>', '</data>', '<string>', '</string>'), array(''), $b);
            $post[$a] = $b;
        }
        if ($zbp->CheckItemToNavbar('page', $id)) {
            $_POST['AddNavbar'] = 1;
        }
        $_POST['ID'] = $id;
        $_POST['Title'] = $post['title'];
        $_POST['Content'] = $post['description'];
        $_POST['AuthorID'] = $zbp->user->ID;
        if ($publish) {
            $_POST['Status'] = 0;
        } else {
            $_POST['Status'] = 1;
        }
        if (isset($post['mt_basename'])) {
            $_POST['Alias'] = $post['mt_basename'];
        }
        if (isset($post['wp_author_id'])) {
            $_POST['AuthorID'] = $post['wp_author_id'];
        }
        if (isset($post['mt_allow_comments'])) {
            if ($post['mt_allow_comments'] > 0) {
                $_POST['IsLock'] = $post['mt_allow_comments'] - 1;
            } else {
                $_POST['IsLock'] = $post['mt_allow_comments'];
            }
        }
        $strXML = '<methodResponse><params><param><value><boolean>$%#1#%$</boolean></value></param></params></methodResponse>';
        if (PostPage() == true) {
            $strXML = str_replace("\$%#1#%\$", 1, $strXML);
            echo $strXML;
        } else {
            $zbp->ShowError(0, __FILE__, __LINE_);
        }
    }
}
function bi_HandleBlockIP($src, $auth = 'comment-approve')
{
    #action=bi_bip
    global $bi_Pages;
    $result = array('msg' => XL('Unable to block IP address.'), 'result' => 'error');
    if (PageTextVar($src, 'entrytype') == 'comment' && bi_Auth($auth . ' ' . $src)) {
        if ($_GET['bi_ip'] > '') {
            Lock(2);
            $old = RetrieveAuthPage($bi_Pages['blocklist'], 'edit', false);
            if ($old) {
                if (!preg_match('/\\nblock:' . preg_replace(array('/\\./', '/\\*/'), array('\\.', '\\*'), $_GET['bi_ip']) . '\\n/', $old['text'])) {
                    $new = $old;
                    if (substr($new['text'], -1, 1) != "\n") {
                        $new['text'] .= "\n";
                    }
                    $new['text'] .= 'block:' . $_GET['bi_ip'] . "\n";
                    PostPage($bi_Pages['blocklist'], $old, $new);
                    $result = array('msg' => XL('Blocked IP address: ') . $_GET['bi_ip'], 'result' => 'success', 'ip' => $_GET['bi_ip']);
                } else {
                    $result = array('result' => 'error', 'msg' => XL('IP address is already being blocked: ' . $_GET['bi_ip']));
                }
            } else {
                $result = array('result' => 'error', 'msg' => 'Cannot edit ' . $bi_Pages['blocklist']);
            }
        } else {
            #No IP passed in, so determine who created page
            $page = RetrieveAuthPage($src, 'read', false);
            if ($page) {
                foreach ($page as $k => $v) {
                    #find the last diff in the list, which is the create point
                    if (preg_match("/^diff:(\\d+):(\\d+):?([^:]*)/", $k, $match)) {
                        $ip = @$page['host:' . $match[1]];
                    }
                }
            }
            $result = array('result' => $ip > '' ? 'success' : 'error', 'ip' => $ip, 'msg' => $ip > '' ? '' : XL('Unable to determine IP address.'));
        }
    }
    bi_Redirect(bi_Clean('mode', $_GET['bi_Mode']), $result);
}
Exemple #5
0
function bi_HandleBlockIP($src, $auth = 'comment-approve')
{
    //action=bi_bip
    global $bi_Pages;
    $result = array('msg' => XL('Unable to block IP address.'), 'result' => 'error');
    if (PageTextVar($src, 'entrytype') == 'comment' && bi_Auth($auth . ' ' . $src)) {
        if ($_GET['bi_ip'] > '') {
            //either we have an IP, or need to find one
            Lock(2);
            $old = RetrieveAuthPage($bi_Pages['blocklist'], 'edit', false, READPAGE_CURRENT);
            if ($old) {
                $ip = explode(',', $_GET['bi_ip']);
                $blocked = array();
                $already = array();
                foreach ($ip as $key) {
                    //check to see if ip is already blocked
                    if (!preg_match('/\\nblock:' . preg_replace(array('/\\./', '/\\*/'), array('\\.', '\\*'), $key) . '\\n/', $old['text'])) {
                        $new = $old;
                        $blocked[] = $key;
                        $new['text'] .= (substr($new['text'], -1, 1) != "\n" ? "\n" : '') . 'block:' . $key . "\n";
                        //add newline to end of file, and then blocked ip
                    } else {
                        $already[] = $key;
                    }
                }
                if (!empty($blocked)) {
                    PostPage($bi_Pages['blocklist'], $old, $new);
                }
                $result = array('msg' => (!empty($blocked) ? XL('Blocked IP address: ') . implode(',', $blocked) : '') . (!empty($blocked) && !empty($already) ? '<br />' : '') . (!empty($already) ? XL('IP address is already being blocked: ') . implode(',', $already) : ''), 'result' => 'success');
                //removed , 'ip'=>$_GET['bi_ip'], not used
            } else {
                $result = array('result' => 'error', 'msg' => XL('Cannot edit ') . $bi_Pages['blocklist']);
            }
        } else {
            //No IP passed in, so determine who created page
            $ip = array();
            $pages = bi_GetPages($src);
            foreach ($pages as $p) {
                $page = RetrieveAuthPage($p, 'read', false);
                //read history
                if ($page) {
                    $x = preg_grep_keys('/^host:.*$/', $page, -1);
                    //find the last occurence of host: which stores creator IP
                    $ip[$x] = $x;
                    //store as key/value to ensure we don't store same IP multiple times
                }
                $result = array('result' => !$ip ? 'error' : 'success', 'ip' => implode($ip, "\n"), 'msg' => !$ip ? XL('Unable to determine IP address.') : '');
            }
        }
    }
    bi_Redirect(bi_Clean('mode', $_GET['bi_Mode']), $result);
}
Exemple #6
0
function bi_Convert($src, $auth = 'admin', $dataset, $pagelist, $mode)
{
    global $bi_ConvertRules, $bi_TagSeparator, $_GET, $SearchPatterns;
    $datarules = $bi_ConvertRules[$dataset];
    $pagelist = MatchPageNames($pagelist, $SearchPatterns['default']);
    foreach ($pagelist as $i => $pn) {
        list($group, $name) = explode('.', $pn);
        #$name used to derive title.
        $pagetext = '';
        $org = RetrieveAuthPage($pn, $auth, 0, READPAGE_CURRENT);
        echo "<b>{$pn}</b><br/>";
        if (!$org) {
            echo 'No admin privs on page.<br/>';
            continue;
        }
        $entryType = PageTextVar($pn, 'entrytype');
        if ($mode == 'convert' && empty($entryType) || $mode == 'upgrade' && $entryType == 'blog') {
            #populate $new_field_val array for each $new_field_name based on $new_field_rules
            foreach ($datarules['new'] as $new_field_name => $new_field_rules) {
                $new_field_val[$new_field_name] = '';
                #is the new field based on an old_field or was the field defined in the prior version, with the same name?
                if (isset($datarules['old'][$new_field_name])) {
                    $new_field_val[$new_field_name] = PageTextVar($pn, $new_field_name);
                    # Get basic separated list with no formatting
                    if ($datarules['old'][$old_field]['format']) {
                        $new_field_val[$new_field_name] = implode($bi_TagSeparator, preg_match_all('/' . $datarules['old'][$old_field]['format'] . '/', $new_field_val[$new_field_name], $m) ? $m[1] : array());
                    }
                }
                # Set default value if none calculated so far
                if (empty($new_field_val[$new_field_name]) && isset($datarules['new'][$new_field_name]['default'])) {
                    $new_field_val[$new_field_name] = eval('return (' . $datarules['new'][$new_field_name]['default'] . ');');
                }
                # Format the field
                if (isset($datarules['new'][$new_field_name]['format'])) {
                    $new_field_val[$new_field_name] = str_replace('$1', $new_field_val[$new_field_name], $datarules['new'][$new_field_name]['format']);
                } else {
                    $new_field_val[$new_field_name] = '(:' . $new_field_name . ':' . $new_field_val[$new_field_name] . ':)';
                }
                $pagetext .= $new_field_val[$new_field_name] . "\n";
            }
        } elseif ($mode == 'revert' && $entryType == 'blog') {
            $pagetext = PageTextVar($pn, 'entrybody') . "\n\n" . PageTextVar($pn, 'pmmarkup');
        } else {
            echo 'Nothing to ' . $mode . '<br/>';
        }
        if ($_GET['writetofile'] == 'true') {
            if (!empty($pagetext)) {
                $new = $org;
                $new['csum'] = $new['csum:' . $GLOBALS['Now']] = $GLOBALS['ChangeSummary'] = 'BlogIt Format: ' . $mode;
                $new['diffclass'] = 'minor';
                $new['text'] = $pagetext;
                PostPage($pn, $org, $new);
                #Don't need UpdatePage, as we don't require edit functions to run
                echo 'BlogIt page attributes written.<br/>';
            } else {
                echo 'Nothing to write.<br/>';
            }
        }
        echo str_replace("\n", '<br/>', $pagetext . '<br/>');
    }
}