function Lenses_pntables()
{
// Initialize return variable.
$pntable = array();
// Prefix for tables. Or in the case of the main
// lens table, the entire table name.
$lenses_table = pnConfigGetVar('prefix') . '_lenses';
// Define lenses table and columns.
$pntable['lenses'] = $lenses_table;
$pntable['lenses_column'] = array('tid' => 'pn_tid', 'name' => 'pn_name', 'aliases' => 'pn_aliases', 'comp_id' => 'pn_comp_id', 'poly_id' => 'pn_poly_id', 'visitint' => 'pn_visitint', 'ew' => 'pn_ew', 'ct' => 'pn_ct', 'dk' => 'pn_dk', 'oz' => 'pn_oz', 'process_text' => 'pn_process_text', 'process_simple' => 'pn_process_simple', 'qty' => 'pn_qty', 'replace_simple' => 'pn_replace_simple', 'replace_text' => 'pn_replace_text', 'wear' => 'pn_wear', 'price' => 'pn_price', 'markings' => 'pn_markings', 'fitting_guide' => 'pn_fitting_guide', 'website' => 'pn_website', 'image' => 'pn_image', 'other_info' => 'pn_other_info', 'discontinued' => 'pn_discontinued', 'display' => 'pn_display', 'redirect' => 'pn_redirect', 'bc_simple' => 'pn_bc_simple', 'bc_all' => 'pn_bc_all', 'max_plus' => 'pn_max_plus', 'max_minus' => 'pn_max_minus', 'max_diam' => 'pn_max_diam', 'min_diam' => 'pn_min_diam', 'diam_1' => 'pn_diam_1', 'base_curves_1' => 'pn_base_curves_1', 'powers_1' => 'pn_powers_1', 'diam_2' => 'pn_diam_2', 'base_curves_2' => 'pn_base_curves_2', 'powers_2' => 'pn_powers_2', 'diam_3' => 'pn_diam_3', 'base_curves_3' => 'pn_base_curves_3', 'powers_3' => 'pn_powers_3', 'sph_notes' => 'pn_sph_notes', 'toric' => 'pn_toric', 'toric_type' => 'pn_toric_type', 'toric_type_simple' => 'pn_toric_type_simple', 'cyl_power' => 'pn_cyl_power', 'max_cyl_power' => 'pn_max_cyl_power', 'cyl_axis' => 'pn_cyl_axis', 'cyl_axis_steps' => 'pn_cyl_axis_steps', 'oblique' => 'pn_oblique', 'cyl_notes' => 'pn_cyl_notes', 'bifocal' => 'pn_bifocal', 'bifocal_type' => 'pn_bifocal_type', 'add_text' => 'pn_add_text', 'max_add' => 'pn_max_add', 'cosmetic' => 'pn_cosmetic', 'enh_names' => 'pn_enh_names', 'enh_names_simple' => 'pn_enh_names_simple', 'opaque_names' => 'pn_opaque_names', 'opaque_names_simple' => 'pn_opaque_names_simple', 'updated' => 'pn_updated');
// Define companies table and columns.
$pntable['lenses_companies'] = $lenses_table . '_companies';
$pntable['lenses_companies_column'] = array('comp_tid' => 'pn_comp_tid', 'comp_name' => 'pn_comp_name', 'logo' => 'pn_logo', 'phone' => 'pn_phone', 'address' => 'pn_address', 'city' => 'pn_city', 'state' => 'pn_state', 'zip' => 'pn_zip', 'url' => 'pn_url', 'email' => 'pn_email', 'comp_desc' => 'pn_comp_desc');
// Define polymers table and columns.
$pntable['lenses_polymers'] = $lenses_table . '_polymers';
$pntable['lenses_polymers_column'] = array('poly_tid' => 'pn_poly_tid', 'fda_grp' => 'pn_fda_grp', 'h2o' => 'pn_h2o', 'poly_name' => 'pn_poly_name', 'poly_desc' => 'pn_poly_desc');
// Define stats table and columns
$pntable['lenses_stats'] = $lenses_table . '_stats';
$pntable['lenses_stats_column'] = array('id' => 'pn_id', 'total' => 'pn_total', 'last_month' => 'pn_last_month', 'this_month' => 'pn_this_month', 'month' => 'pn_month');
// Define zero results table and columns
$pntable['lenses_zero'] = $lenses_table . '_zero';
$pntable['lenses_zero_column'] = array('id' => 'pn_id', 'phrase' => 'pn_phrase', 'total' => 'pn_total', 'last_month' => 'pn_last_month', 'this_month' => 'pn_this_month', 'month' => 'pn_month');
// Return entire tables array.
return $pntable;
}
function foot()
{
global $index, $pnconfig, $pndebug, $dbg, $debug_sqlcalls, $dbg_starttime;
// modification .71 multisites mouzaia
/* it should not be necessary here, since config.php is in a table.
if (!isset($index)) {
include(WHERE_IS_PERSO."config.php");
}
*/
themefooter();
/**
* DebugXHTML will place a link at the bottom of all pages which directs
* the page to w3.org's validator server. This will allow all
* module developers and theme writers to check their code for XHTML
* compliance. Transitional XHTML is hard-coded till the next major
* release.
*/
$debugxhtml = -1;
if (pnConfigGetVar('supportxhtml')) {
if ($debugxhtml) {
xhtml_display_test();
}
}
// show time to render
$mtime = explode(" ", microtime());
$dbg_endtime = $mtime[1] + $mtime[0];
$dbg_totaltime = $dbg_endtime - $dbg_starttime;
//printf("<center><font class=\"pn-sub\">Page created in %f seconds.</font></center>", $dbg_totaltime);
if ($pndebug['debug']) {
$dbg->v($dbg_totaltime, "Page created in (seconds)");
$dbg->v($debug_sqlcalls, "Number of SQL Calls");
}
echo "</body>\n</html>";
}
function blocks_ephem_block($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$currentlang = pnUserGetLang();
if (!pnSecAuthAction(0, 'Ephemeridsblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
if (pnConfigGetVar('multilingual') == 1) {
$column =& $pntable['ephem_column'];
$querylang = "AND ({$column['elanguage']}='" . pnVarPrepForStore($currentlang) . "' OR {$column['elanguage']}='')";
} else {
$querylang = "";
}
$today = getdate();
$eday = $today['mday'];
$emonth = $today['mon'];
$column =& $pntable['ephem_column'];
$result = $dbconn->Execute("SELECT {$column['yid']}, {$column['content']}\n FROM {$pntable['ephem']}\n WHERE {$column['did']}='" . pnVarPrepForStore($eday) . "' AND {$column['mid']}='" . pnVarPrepForStore($emonth) . "' {$querylang}");
$boxstuff = '<span class="pn-normal"><b>' . _ONEDAY . '</b></span><br />';
while (list($yid, $content) = $result->fields) {
$result->MoveNext();
$boxstuff .= '<br /><br />';
$boxstuff .= '<b>' . pnVarPrepForDisplay($yid) . '</b><br />' . pnVarPrepHTMLDisplay(nl2br($content)) . '';
}
if (empty($row['title'])) {
$row['title'] = _EPHEMERIDS;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
/**
* Function to display banners in all pages
*/
function pnBannerDisplay($type = 0)
{
// test on config settings
if (pnConfigGetVar('banners') != 1) {
return ' ';
}
// added check for numeric type - markwest
if (!is_numeric($type)) {
return ' ';
}
$dbconn =& pnDBGetConn(true);
$pntable =& pnDBGetTables();
$column =& $pntable['banner_column'];
$bresult =& $dbconn->Execute("SELECT count(*) AS count FROM {$pntable['banner']}\n\t\t\t\t\t\t\t\tWHERE {$column['type']} = '" . (int) pnVarPrepForStore($type) . "'");
list($numrows) = $bresult->fields;
// we no longer need this, free the resources
$bresult->Close();
/* Get a random banner if exist any. */
/* More efficient random stuff, thanks to Cristian Arroyo from http://www.planetalinux.com.ar */
if ($numrows > 1) {
$numrows = $numrows - 1;
mt_srand((double) microtime() * 1000000);
$bannum = mt_rand(0, $numrows);
} else {
$bannum = 0;
}
$column =& $pntable['banner_column'];
//$query = buildSimpleQuery ('banner', array ('bid', 'imageurl','clickurl'), "$column[type] = $type", '', 1, $bannum);
$query = "SELECT {$column['bid']}, {$column['imageurl']}, {$column['clickurl']}\n\t\t\t\tFROM {$pntable['banner']}\n\t\t\t\tWHERE {$column['type']} = '" . (int) pnVarPrepForStore($type) . "'";
$bresult2 =& $dbconn->SelectLimit($query, 1, $bannum);
list($bid, $imageurl, $clickurl) = $bresult2->fields;
// we no longer need this, free the resources
$bresult2->Close();
$myIP = pnConfigGetVar('myIP');
$myhost = pnServerGetVar("REMOTE_ADDR");
if (!empty($myIP) && substr($myhost, 0, strlen($myIP)) == $myIP) {
// itevo, MNA: added temporary variable to check when inserting a finished banner (insert only when variable is not set)
$ignore_bannerfinish = 1;
} else {
$dbconn->Execute("UPDATE {$pntable['banner']}\n SET {$column['impmade']}={$column['impmade']}+1\n WHERE {$column['bid']}=" . (int) pnVarPrepForStore($bid) . "");
}
if ($numrows > 0) {
$aborrar =& $dbconn->Execute("SELECT {$column['cid']},{$column['imptotal']},\n {$column['impmade']}, {$column['clicks']},\n {$column['date']}\n FROM {$pntable['banner']}\n WHERE {$column['bid']}=" . (int) pnVarPrepForStore($bid) . "");
list($cid, $imptotal, $impmade, $clicks, $date) = $aborrar->fields;
$aborrar->Close();
/* Check if this impression is the last one and print the banner */
if ($imptotal == $impmade && !isset($ignore_bannerfinish)) {
$column =& $pntable['bannerfinish_column'];
$dbconn->Execute("INSERT INTO {$pntable['bannerfinish']}\n ( {$column['bid']}, {$column['cid']}, {$column['impressions']}, {$column['clicks']}, {$column['datestart']}, {$column['dateend']} )\n VALUES (NULL, '" . pnVarPrepForStore($cid) . "', '" . pnVarPrepForStore($impmade) . "', '" . pnVarPrepForStore($clicks) . "', '" . pnVarPrepForStore($date) . "', now())");
$dbconn->Execute("DELETE FROM {$pntable['banner']} WHERE {$column['bid']}=" . (int) pnVarPrepForStore($bid) . "");
}
list($bid, $clickurl, $imageurl) = pnVarPrepForDisplay($bid, $clickurl, $imageurl);
if ($type == 1 or $type == 2 or $type == 0) {
echo "<a href=\"banners.php?op=click&bid={$bid}\" title=\"{$clickurl}\"><img src=\"{$imageurl}\" alt=\"{$clickurl}\" /></a>";
} else {
$content = "<a href=\"banners.php?op=click&bid={$bid}\" title=\"{$clickurl}\"><img src=\"{$imageurl}\" alt=\"{$clickurl}\" /></a>";
return $content;
}
}
}
function mediashare_vfs_db_dump()
{
$fileref = $_GET['ref'];
// Retrieve image information
if (!($media = pnModAPIFunc('mediashare', 'vfs_db', 'getMedia', array('fileref' => $fileref)))) {
return false;
}
// Check access
if (!mediashareAccessAlbum($media['albumId'], mediashareAccessRequirementView, null)) {
return LogUtil::registerPermissionError();
}
// Some Mediashare users have reported this to make their setup work. The buffer may contain something
// due to a buggy template or block
while (@ob_end_clean()) {
}
if (pnConfigGetVar('UseCompression') == 1) {
// With the "while (@ob_end_clean());" stuff above we are guranteed that no z-buffering is done
// But(!) the "ob_start("ob_gzhandler");" made by pnAPI.php means a "Content-Encoding: gzip" is set.
// So we need to reset this header since no compression is done
header("Content-Encoding: identity");
}
// Check cached versus modified date
$lastModifiedDate = date('D, d M Y H:i:s T', $media['modifiedDate']);
$currentETag = $media['modifiedDate'];
global $HTTP_SERVER_VARS;
$cachedDate = isset($HTTP_SERVER_VARS['HTTP_IF_MODIFIED_SINCE']) ? $HTTP_SERVER_VARS['HTTP_IF_MODIFIED_SINCE'] : null;
$cachedETag = isset($HTTP_SERVER_VARS['HTTP_IF_NONE_MATCH']) ? $HTTP_SERVER_VARS['HTTP_IF_NONE_MATCH'] : null;
// If magic quotes are on then all query/post variables are escaped - so strip slashes to make a compare possible
// - only cachedETag is expected to contain quotes
if (get_magic_quotes_gpc()) {
$cachedETag = stripslashes($cachedETag);
}
if ((empty($cachedDate) || $lastModifiedDate == $cachedDate) && '"' . $currentETag . '"' == $cachedETag) {
header("HTTP/1.1 304 Not Modified");
header("Status: 304 Not Modified");
header("Expires: " . date('D, d M Y H:i:s T', time() + 180 * 24 * 3600));
// My PHP insists on Expires in 1981 as default!
header('Pragma: cache');
// My PHP insists on putting a pragma "no-cache", so this is an attempt to avoid that
header('Cache-Control: public');
header("ETag: \"{$media['modifiedDate']}\"");
return true;
}
header("Expires: " . date('D, d M Y H:i:s T', time() + 180 * 24 * 3600));
// My PHP insists on Expires in 1981 as default!
header('Pragma: cache');
// My PHP insists on putting a pragma "no-cache", so this is an attempt to avoid that
header('Cache-Control: public');
header("ETag: \"{$media['modifiedDate']}\"");
// Ensure correct content-type and a filename for eventual download
header("Content-Type: {$media['mimeType']}");
header("Content-Disposition: inline; filename=\"{$media['title']}\"");
header("Last-Modified: {$lastModifiedDate}");
header("Content-Length: " . strlen($media['data']));
echo $media['data'];
return true;
}
/**
* Function to display banners in all pages
*/
function pnBannerDisplay($type = 0)
{
// test on config settings
if (pnConfigGetVar('banners') != 1) {
return ' ';
}
// added check for numeric type - markwest
if (!is_numeric($type)) {
return ' ';
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$column =& $pntable['banner_column'];
$bresult = $dbconn->Execute("SELECT count(*) AS count FROM {$pntable['banner']}\n\t\t\t\t\t\t\t\tWHERE {$column['type']} = {$type}");
list($numrows) = $bresult->fields;
// we no longer need this, free the resources
$bresult->Close();
/* Get a random banner if exist any. */
/* More efficient random stuff, thanks to Cristian Arroyo from http://www.planetalinux.com.ar */
if ($numrows > 1) {
$numrows = $numrows - 1;
mt_srand((double) microtime() * 1000000);
$bannum = mt_rand(0, $numrows);
} else {
$bannum = 0;
}
$column =& $pntable['banner_column'];
$query = buildSimpleQuery('banner', array('bid', 'imageurl', 'clickurl'), "{$column['type']} = {$type}", '', 1, $bannum);
$bresult2 = $dbconn->Execute($query);
list($bid, $imageurl, $clickurl) = $bresult2->fields;
// we no longer need this, free the resources
$bresult2->Close();
$myIP = pnConfigGetVar('myIP');
$myhost = getenv("REMOTE_ADDR");
if ($myIP == $myhost) {
// do nothing
} else {
$dbconn->Execute("UPDATE {$pntable['banner']}\n SET {$column['impmade']}={$column['impmade']}+1\n WHERE {$column['bid']}=" . pnVarPrepForStore($bid) . "");
}
if ($numrows > 0) {
$aborrar = $dbconn->Execute("SELECT {$column['cid']},{$column['imptotal']},\n {$column['impmade']}, {$column['clicks']},\n {$column['date']}\n FROM {$pntable['banner']}\n WHERE {$column['bid']}=" . pnVarPrepForStore($bid) . "");
list($cid, $imptotal, $impmade, $clicks, $date) = $aborrar->fields;
$aborrar->Close();
/* Check if this impression is the last one and print the banner */
if ($imptotal == $impmade) {
$column =& $pntable['bannerfinish_column'];
$dbconn->Execute("INSERT INTO {$pntable['bannerfinish']}\n ( {$column['bid']}, {$column['cid']}, {$column['impressions']}, {$column['clicks']}, {$column['datestart']}, {$column['dateend']} )\n VALUES (NULL, '" . pnVarPrepForStore($cid) . "', '" . pnVarPrepForStore($impmade) . "', '" . pnVarPrepForStore($clicks) . "', '" . pnVarPrepForStore($date) . "', now())");
$dbconn->Execute("DELETE FROM {$pntable['banner']} WHERE {$column['bid']}=" . pnVarPrepForStore($bid) . "");
}
if ($type == 1 or $type == 2 or $type == 0) {
echo "<a href=\"banners.php?op=click&bid={$bid}\" target=\"_blank\" title=\"{$clickurl}\"><img src=\"{$imageurl}\" border=\"0\" alt=\"" . _CLICK . "\"></a>";
} else {
$content = "<a href=\"banners.php?op=click&bid={$bid}\" target=\"_blank\" title=\"{$clickurl}\"><img src=\"{$imageurl}\" border=\"0\" alt=\"" . _CLICK . "\"></a>";
return $content;
}
}
}
function blocks_thelang_block($row)
{
$currentlang = pnUserGetLang();
if (!pnSecAuthAction(0, 'Languageblock::', "{$row['title']}::", ACCESS_OVERVIEW)) {
return;
}
if (!pnConfigGetVar('multilingual')) {
return;
}
$currentURL = $_SERVER['REQUEST_URI'];
if ($currentURL === "") {
$currentURL = "index.php";
}
$pattern = '/\\?newlang=.../';
$currentURL = preg_replace($pattern, '', $currentURL);
$pattern = '/\\&newlang=.../';
$currentURL = pnVarPrepForDisplay(preg_replace($pattern, '', $currentURL));
$append = "&";
if (strpos($currentURL, '?') === false) {
$append = "?";
}
$lang = languagelist();
$handle = opendir('language');
while ($f = readdir($handle)) {
if (is_dir("language/{$f}") && !empty($lang[$f])) {
$langlist[$f] = $lang[$f];
$sel_lang[$f] = '';
}
}
asort($langlist);
$content = '<center><font class="pn-normal">' . _SELECTGUILANG . '</font><br><br>';
if (pnConfigGetVar('useflags')) {
$i = 1;
foreach ($langlist as $k => $v) {
if ($i > 3) {
$content .= "<br>\n";
$i = 1;
}
$imgsize = @getimagesize("images/flags/flag-{$k}.png");
$content .= "<a href=\"{$currentURL}" . $append . "newlang={$k}\"><img src=\"images/flags/flag-{$k}.png\" border=\"0\" alt=\"{$lang[$k]}\" hspace=\"3\" vspace=\"3\" {$imgsize['3']}></a>";
$i++;
}
$content .= '</center>';
} else {
$content .= '<form method="post" action="index.php"><select class="pn-text" name="newlanguage" onChange="top.location.href=this.options[this.selectedIndex].value">';
$sel_lang[$currentlang] = ' selected';
foreach ($langlist as $k => $v) {
$content .= "<option value=\"{$currentURL}" . $append . "newlang={$k}\"{$sel_lang[$k]}>{$v}</option>\n";
}
$content .= '</select></form></center>';
}
if (empty($row['title'])) {
$row['title'] = _SELECTLANGUAGE;
}
$row['content'] = $content;
return themesideblock($row);
}
function blocks_login_block($row)
{
global $HTTP_SERVER_VARS;
if (empty($row['title'])) {
$row['title'] = 'Login';
}
if (!pnSecAuthAction(0, 'Loginblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
// code taken pnGetBaseURI to fix issue with IIS not passing request_uri
// markwest
// Start of with REQUEST_URI
if (isset($HTTP_SERVER_VARS['REQUEST_URI'])) {
$path = $HTTP_SERVER_VARS['REQUEST_URI'];
} else {
$path = getenv('REQUEST_URI');
}
if (empty($path) || substr($path, -1, 1) == '/') {
// REQUEST_URI was empty or pointed to a path
// Try looking at PATH_INFO
$path = getenv('PATH_INFO');
if (empty($path)) {
// No luck there either
// Try SCRIPT_NAME
if (isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) {
$path = $HTTP_SERVER_VARS['SCRIPT_NAME'];
} else {
$path = getenv('SCRIPT_NAME');
}
}
}
if (!pnUserLoggedIn()) {
// prettified a little with a table for inputs and button to avoid bugs like #493456 (Andy Varganov)
$boxstuff = '<form action="user.php" method="post">';
$boxstuff .= '<table border="0" width="100%" cellspacing="0" cellpadding="1"><tr><td>';
$boxstuff .= '<span class="pn-normal"> ' . _BLOCKNICKNAME . '</span></td></tr><tr><td>';
$boxstuff .= '<input type="text" name="uname" size="14" maxlength="25"></td></tr><tr><td>';
$boxstuff .= '<span class="pn-normal"> ' . _BLOCKPASSWORD . '</span></td></tr><tr><td>';
$boxstuff .= '<input type="password" name="pass" size="14" maxlength="20"></td></tr><tr><td>';
if (pnConfigGetVar('seclevel') != 'High') {
$boxstuff .= '<input type="checkbox" value="1" name="rememberme" />';
$boxstuff .= '<span class="pn-normal"> ' . _REMEMBERME . '</span></td></tr><tr><td>';
}
$boxstuff .= '<br>';
$boxstuff .= '<input type="hidden" name="module" value="NS-User" />';
$boxstuff .= '<input type="hidden" name="op" value="login" />';
$boxstuff .= '<input type="hidden" name="url" value="' . pnVarPrepForDisplay($path) . '" />';
$boxstuff .= '<input type="submit" value="' . _LOGIN . '" /></td></tr><tr><td>';
$boxstuff .= '<br /><span class="pn-normal">' . _ASREGISTERED . '</span></td></tr><tr><td></table></form>';
if (empty($row['title'])) {
$row['title'] = _LOGIN;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
}
function blocks_topic_block($row)
{
//global $topic, $catid;
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$currentlang = pnUserGetLang();
if (!pnSecAuthAction(0, 'Topicblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
$language = pnConfigGetVar('language');
$topic = "";
$catid = "";
if (pnConfigGetVar('multilingual') == 1) {
$column =& $pntable['stories_column'];
$querylang = "AND ({$column['alanguage']}='{$currentlang}' OR {$column['alanguage']}='')";
/* the OR is needed to display stories who are posted to ALL languages */
} else {
$querylang = '';
}
$column =& $pntable['topics_column'];
$result = $dbconn->Execute("SELECT {$column['topicid']} AS topicid, {$column['topicname']} as topicname FROM {$pntable['topics']} ORDER BY topicname");
if ($result->EOF) {
return;
} else {
$boxstuff = '<span class="pn-normal">';
if ($topic == "") {
$boxstuff .= "<strong><big>·</big></strong> <b><a href=\"modules.php?op=modload&name=Topics&file=index\">" . _ALL_TOPICS . "</a></b><br>";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name=News&file=index&catid={$catid}\">" . _ALL_TOPICS . "</a><br>";
}
while (!$result->EOF) {
$srow = $result->GetRowAssoc(false);
$result->MoveNext();
if (pnSecAuthAction(0, 'Topics::Topic', "{$srow['topicname']}::{$srow['topicid']}", ACCESS_READ)) {
$column =& $pntable['stories_column'];
$result2 = $dbconn->Execute("SELECT {$column['time']} AS unixtime FROM {$pntable['stories']} WHERE {$column['topic']}={$srow['topicid']} {$querylang} ORDER BY {$column['time']} DESC");
if (!$result2->EOF) {
$story = $result2->GetRowAssoc(false);
$story['unixtime'] = $result2->UnixTimeStamp($story['unixtime']);
$sdate = ml_ftime(_DATEBRIEF, $story['unixtime']);
if ($topic == $srow['topicid']) {
$boxstuff .= "<strong><big>·</big></strong> <span class=\"pn-title\"><b>{$srow['topicname']}</b></span> <span class=\"pn-sub\">({$sdate})</span><br>";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=index&catid={$catid}&topic={$srow['topicid']}\">{$srow['topicname']}</a> <span class=\"pn-sub\">({$sdate})</span><br>";
}
}
}
}
}
$boxstuff .= '</span>';
if (empty($row['title'])) {
$row['title'] = _TOPICS;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
function admin_menu($help_file = '')
{
$pntable = pnDBGetTables();
list($newsubs) = db_select_one_row("SELECT count(*) FROM {$pntable['queue']}");
if (!pnSecAuthAction(0, "::", '::', ACCESS_EDIT)) {
// suppress admin display - return to index.
pnRedirect('index.php');
} else {
menu_title('admin.php', _ADMINMENU);
menu_graphic(pnConfigGetVar('admingraphic'));
if ($help_file != '') {
menu_help($help_file, _ONLINEMANUAL);
}
$mods = pnModGetAdminMods();
if ($mods == false) {
// there aren't admin modules
return;
}
foreach ($mods as $mod) {
// Hack until the new news module comes into being
// TODO - remove this at appropriate time
if ($mod['name'] == 'AddStory') {
$mod['name'] = 'Stories';
}
if (pnSecAuthAction(0, "{$mod['name']}::", '::', ACCESS_EDIT)) {
if (file_exists("modules/" . pnVarPrepForOS($mod['directory']) . "/pnadmin.php")) {
$file = "modules/" . pnVarPrepForOS($mod['directory']) . "/pnimages/admin.";
if (file_exists($file . 'gif')) {
$imgfile = $file . 'gif';
} elseif (file_exists($file . 'jpg')) {
$imgfile = $file . 'jpg';
} elseif (file_exists($file . 'png')) {
$imgfile = $file . 'png';
} else {
$imgfile = 'modules/NS-Admin/images/default.gif';
}
menu_add_option(pnVarPrepForDisplay(pnModURL($mod['name'], 'admin')), $mod['displayname'], $imgfile);
} else {
$file = "modules/" . pnVarPrepForOS($mod['directory']) . "/images/admin.";
if (file_exists($file . 'gif')) {
$imgfile = $file . 'gif';
} elseif (file_exists($file . 'jpg')) {
$imgfile = $file . 'jpg';
} elseif (file_exists($file . 'png')) {
$imgfile = $file . 'png';
} else {
$imgfile = 'modules/NS-Admin/images/default.gif';
}
menu_add_option("admin.php?module={$mod['directory']}&op=main", $mod['displayname'], $imgfile);
}
}
}
}
}
function blocks_category_block($row)
{
global $topic, $catid;
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!pnSecAuthAction(0, 'Categoryblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
if (pnConfigGetVar('multilingual') == 1) {
$column =& $pntable['stories_column'];
$querylang = "AND ({$column['alanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$column['alanguage']}='')";
/* the OR is needed to display stories who are posted to ALL languages */
} else {
$querylang = '';
}
$column =& $pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT {$column['catid']} as catid, {$column['title']} as title FROM {$pntable['stories_cat']} ORDER BY {$column['title']}");
if ($result->EOF) {
return;
} else {
$boxstuff = '<span class="pn-normal">';
if ($catid == "") {
// $boxstuff .= '<strong><big>·</big></strong> <b>'._ALL_CATEGORIES.'</b><br />';
$boxstuff .= "";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name=News&file=index&topic={$topic}\">" . _ALL_CATEGORIES . "</a><br />";
}
for (; !$result->EOF; $result->MoveNext()) {
$srow = $result->GetRowAssoc(false);
if (pnSecAuthAction(0, 'Stories::Category', "{$srow['title']}::{$srow['catid']}", ACCESS_READ)) {
$column =& $pntable['stories_column'];
$result2 = $dbconn->Execute("SELECT {$column['time']} AS unixtime\n FROM {$pntable['stories']}\n WHERE {$column['catid']}=" . pnVarPrepForStore($srow['catid']) . " {$querylang}\n ORDER BY {$column['time']} DESC");
if (!$result2->EOF) {
$story = $result2->GetRowAssoc(false);
$story['unixtime'] = $result2->UnixTimeStamp($story['unixtime']);
$sdate = ml_ftime(_DATEBRIEF, $story['unixtime']);
if ($catid == $srow['catid']) {
$boxstuff .= "<strong><big>·</big></strong> <span class=\"pn-title\"><b>" . pnVarPrepForDisplay($srow['title']) . "</b></span> <span class=\"pn-sub\">(" . pnVarPrepForDisplay($sdate) . ")</span><br />";
} else {
$boxstuff .= "<strong><big>·</big></strong> <a class=\"pn-normal\" href=\"modules.php?op=modload&name=News&file=index&catid={$srow['catid']}&topic={$topic}\">" . pnVarPrepForDisplay($srow['title']) . "</a> <span class=\"pn-sub\">(" . pnVarPrepForDisplay($sdate) . ")</span><br />";
}
}
}
}
}
$boxstuff .= '</span>';
if (empty($row['title'])) {
$row['title'] = _CATEGORIES;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
/**
* This function is called internally by the core whenever the module is
* loaded. It adds in the information
*/
function template_pntables()
{
// Initialise table array
$pntable = array();
// Get the name for the template item table. This is not necessary
// but helps in the following statements and keeps them readable
$template = pnConfigGetVar('prefix') . '_template';
// Set the table name
$pntable['template'] = $template;
// Set the column names. Note that the array has been formatted
// on-screen to be very easy to read by a user.
$pntable['template_column'] = array('tid' => $template . '.pn_tid', 'name' => $template . '.pn_name', 'number' => $template . '.pn_number');
// Return the table information
return $pntable;
}
function themeheader()
{
$sitename = pnConfigGetVar('sitename');
$banners = pnConfigGetVar('banners');
echo "</head>";
echo "<body>" . "<br>";
if (pnModAvailable('Banners')) {
pnBannerDisplay();
}
echo "<br>" . "<table border=\"0\" cellpadding=\"4\" cellspacing=\"0\" width=\"100%\" align=\"center\"><tr><td bgcolor=\"{$GLOBALS['bgcolor1']}\">" . "<table border=\"0\" cellspacing=\"0\" cellpadding=\"3\" width=\"100%\" bgcolor=\"{$GLOBALS['bgcolor1']}\"><tr><td>" . "<a href=\"index.php\"><img src=\"" . WHERE_IS_PERSO . "images/logo.gif\" Alt=\"" . _WELCOMETO . " {$sitename}\" border=\"0\"></a>" . "</td><td align=\"right\">" . '<form action="modules.php" method="post">' . '<input type="hidden" name="name" value="Search">' . '<input type="hidden" name="file" value="index">' . '<input type="hidden" name="op" value="modload">' . '<input type="hidden" name="action" value="search">' . '<input type="hidden" name="overview" value="1">' . '<input type="hidden" name="active_stories" value="1">' . '<input type="hidden" name="bool" value="AND">' . '<input type="hidden" name="stories_cat" value="">' . '<input type="hidden" name="stories_topics" value="">' . '<div align="right"><font class="pn-normal">' . _SEARCH . ' </font>' . "<input class=\"pn-text\" NAME=\"q\" TYPE=\"text\" VALUE=\"\"> \n" . '</div>' . '</form>' . "</td></tr></table></td></tr><tr><td valign=\"top\" width=\"100%\" bgcolor=\"{$GLOBALS['bgcolor1']}\">" . "<table border=\"0\" cellspacing=\"0\" cellpadding=\"2\" width=\"100%\">\n <tr><td valign=\"top\" width=\"150\" bgcolor=\"{$GLOBALS['bgcolor1']}\">";
blocks('left');
echo "<img src=\"images/global/pix.gif\" border=\"0\" width=\"100%\" height=\"1\" alt=\"\">\n </td>\n <td> </td>\n <td valign=\"top\">";
if ($GLOBALS['index'] == 1) {
blocks('centre');
}
}
/**
* This function is called internally by the core whenever the module is
* loaded. It adds in the information
*/
function postcalendar_pntables()
{
// Initialise table array
$pntable = array();
$prefix = pnConfigGetVar('prefix');
//$prefix = 'Rogue';
$pc_events = $prefix . '_postcalendar_events';
$pntable['postcalendar_events'] = $pc_events;
$pntable['postcalendar_events_column'] = array('eid' => 'pc_eid', 'catid' => 'pc_catid', 'lid' => 'pc_lid', 'aid' => 'pc_aid', 'title' => 'pc_title', 'time' => 'pc_time', 'hometext' => 'pc_hometext', 'comments' => 'pc_comments', 'counter' => 'pc_counter', 'topic' => 'pc_topic', 'informant' => 'pc_informant', 'eventDate' => 'pc_eventDate', 'duration' => 'pc_duration', 'endDate' => 'pc_endDate', 'recurrtype' => 'pc_recurrtype', 'recurrspec' => 'pc_recurrspec', 'recurrfreq' => 'pc_recurrfreq', 'startTime' => 'pc_startTime', 'endTime' => 'pc_endTime', 'alldayevent' => 'pc_alldayevent', 'location' => 'pc_location', 'conttel' => 'pc_conttel', 'contname' => 'pc_contname', 'contemail' => 'pc_contemail', 'website' => 'pc_website', 'fee' => 'pc_fee', 'eventstatus' => 'pc_eventstatus', 'sharing' => 'pc_sharing', 'language' => 'pc_language');
// @since version 3.1
// new category table
$pc_categories = $prefix . '_postcalendar_categories';
$pntable['postcalendar_categories'] = $pc_categories;
$pntable['postcalendar_categories_column'] = array('catid' => 'pc_catid', 'catname' => 'pc_catname', 'catcolor' => 'pc_catcolor', 'catdesc' => 'pc_catdesc', 'recurrtype' => 'pc_recurrtype', 'recurrspec' => 'pc_recurrspec', 'recurrfreq' => 'pc_recurrfreq', 'duration' => 'pc_duration', 'limit' => 'pc_dailylimit');
$pc_limit = $prefix . '_postcalendar_limits';
$pntable['postcalendar_limits'] = $pc_limit;
$pntable['postcalendar_limits_column'] = array('limitid' => 'pc_limitid', 'catid' => 'pc_catid', 'starttime' => 'pc_starttime', 'endtime' => 'pc_endtime', 'limit' => 'pc_limit');
return $pntable;
}
function send_email()
{
$adminmail = pnConfigGetVar('adminmail');
$subject = "" . _ERROR404_MAILSUBJECT . "";
$sitename = pnConfigGetVar('sitename');
$remote_addr = pnServerGetVar('REMOTE_ADDR');
$http_referer = pnServerGetVar('HTTP_REFERER');
$redirect_url = pnServerGetVar('REDIRECT_URL');
$server = pnServerGetVar('HTTP_HOST');
$errordoc = "http://{$server}{$redirect_url}";
$errortime = ml_ftime(_DATETIMEBRIEF, date(time()));
$message = "{$subject}\n\n";
$message .= "TIME: {$errortime}\n";
$message .= "REMOTE_ADDR: {$remote_addr}\n";
$message .= "ERRORDOC: " . pnVarPrepForDisplay($errordoc) . "\n";
$message .= "HTTP_REFERER: {$http_referer}\n";
pnMail($adminmail, $subject, $message, "From: \"{$sitename}\" <{$adminmail}>\nX-Mailer: PHP/" . phpversion());
echo "<br /><br /><strong>" . _ERROR404_MAILED . "</strong>\n";
}
/**
* Module table references.
*/
function Meds_pntables()
{
// Initialize the return variable.
$pntable = array();
// Get database table prefix.
$prefix = pnConfigGetVar('prefix');
// Define main module-table name.
$meds = $prefix . '_rx';
$pntable['rx_preserve'] = $meds . '_preserve';
$pntable['rx_preserve_column'] = array('pres_id' => 'pn_pres_id', 'name' => 'pn_name', 'comments' => 'pn_comments');
// Assign another table name.
$pntable['rx_company'] = $meds . '_company';
$pntable['rx_company_column'] = array('comp_id' => 'pn_comp_id', 'name' => 'pn_name', 'phone' => 'pn_phone', 'street' => 'pn_street', 'city' => 'pn_city', 'state' => 'pn_state', 'zip' => 'pn_zip', 'email' => 'pn_email', 'url' => 'pn_url', 'comments' => 'pn_comments');
// Assign another table name.
$pntable['rx_chem'] = $meds . '_chem';
$pntable['rx_chem_column'] = array('chem_id' => 'pn_chem_id', 'name' => 'pn_name', 'moa_id' => 'pn_moa_id');
// Assign another table name.
$pntable['rx_moa'] = $meds . '_moa';
$pntable['rx_moa_column'] = array('moa_id' => 'pn_moa_id', 'name' => 'pn_name', 'comments' => 'pn_comments');
$pntable['rx_meds'] = $meds . '_meds';
$pntable['rx_meds_column'] = array('med_id' => 'pn_med_id', 'trade' => 'pn_trade', 'comp_id' => 'pn_comp_id', 'medType1' => 'pn_medType1', 'medType2' => 'pn_medType2', 'preg' => 'pn_preg', 'schedule' => 'pn_schedule', 'generic' => 'pn_generic', 'image1' => 'pn_image1', 'image2' => 'pn_image2', 'dose' => 'pn_dose', 'peds' => 'pn_peds', 'ped_text' => 'pn_ped_text', 'nurse' => 'pn_nurse', 'pres_id1' => 'pn_pres_id1', 'pres_id2' => 'pn_pres_id2', 'comments' => 'pn_comments', 'rxInfo' => 'pn_rxInfo', 'med_url' => 'pn_med_url', 'updated' => 'pn_updated', 'display' => 'pn_display', 'conc1' => 'pn_conc1', 'chem_id1' => 'pn_chem_id1', 'moa_id1' => 'pn_moa_id1', 'conc2' => 'pn_conc2', 'chem_id2' => 'pn_chem_id2', 'moa_id2' => 'pn_moa_id2', 'conc3' => 'pn_conc3', 'chem_id3' => 'pn_chem_id3', 'moa_id3' => 'pn_moa_id3', 'conc4' => 'pn_conc4', 'chem_id4' => 'pn_chem_id4', 'moa_id4' => 'pn_moa_id4', 'form1' => 'pn_form1', 'size1' => 'pn_size1', 'cost1' => 'pn_cost1', 'form2' => 'pn_form2', 'size2' => 'pn_size2', 'cost2' => 'pn_cost2', 'form3' => 'pn_form3', 'size3' => 'pn_size3', 'cost3' => 'pn_cost3', 'form4' => 'pn_form4', 'size4' => 'pn_size4', 'cost4' => 'pn_cost4');
// Return tables array.
return $pntable;
}
function pnMailHackAttempt($detecting_file = "(no filename available)", $detecting_line = "(no line number available)", $hack_type = "(no type given)", $message = "(no message given)")
{
# Backwards compatibility fix with php 4.0.x and 4.1.x or greater Neo
if (phpversion() >= "4.2.0") {
$_pv = $_POST;
$_gv = $_GET;
$_rv = $_REQUEST;
$_sv = $_SERVER;
$_ev = $_ENV;
$_cv = $_COOKIE;
$_fv = $_FILES;
$_snv = $_SESSION;
} else {
global $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $HTTP_COOKIE_VARS, $HTTP_POST_FILES, $HTTP_SESSION_VARS;
$_pv = $HTTP_POST_VARS;
$_gv = $HTTP_GET_VARS;
$_rv = array();
$_sv = $HTTP_SERVER_VARS;
$_ev = $HTTP_ENV_VARS;
$_cv = $HTTP_COOKIE_VARS;
$_fv = $HTTP_POST_FILES;
$_snv = $HTTP_SESSION_VARS;
}
$output = "Attention site admin of " . pnConfigGetVar('sitename') . ",\n";
$output .= "On " . ml_ftime(_DATEBRIEF, GetUserTime(time()));
$output .= " at " . ml_ftime(_TIMEBRIEF, GetUserTime(time()));
$output .= " the Postnuke code has detected that somebody tried to" . " send information to your site that may have been intended" . " as a hack. Do not panic, it may be harmless: maybe this" . " detection was triggered by something you did! Anyway, it" . " was detected and blocked. \n";
$output .= "The suspicious activity was recognized in {$detecting_file} " . "on line {$detecting_line}, and is of the type {$hack_type}. \n";
$output .= "Additional information given by the code which detected this: " . $message;
$output .= "\n\nBelow you will find a lot of information obtained about " . "this attempt, that may help you to find what happened and " . "maybe who did it.\n\n";
$output .= "\n=====================================\n";
$output .= "Information about this user:\n";
$output .= "=====================================\n";
if (!pnUserLoggedIn()) {
$output .= "This person is not logged in.\n";
} else {
$output .= "Postnuke username: "******"\n" . "Registered email of this Postnuke user: "******"\n" . "Registered real name of this Postnuke user: "******"\n";
}
$output .= "IP numbers: [note: when you are dealing with a real cracker " . "these IP numbers might not be from the actual computer he is " . "working on]" . "\n\t IP according to HTTP_CLIENT_IP: " . getenv('HTTP_CLIENT_IP') . "\n\t IP according to REMOTE_ADDR: " . getenv('REMOTE_ADDR') . "\n\t IP according to GetHostByName(\$REMOTE_ADDR): " . GetHostByName($REMOTE_ADDR) . "\n\n";
$output .= "\n=====================================\n";
$output .= "Information in the \$_REQUEST array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_rv)) {
$output .= "REQUEST * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_GET array\n";
$output .= "This is about variables that may have been ";
$output .= "in the URL string or in a 'GET' type form.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_gv)) {
$output .= "GET * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_POST array\n";
$output .= "This is about visible and invisible form elements.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_pv)) {
$output .= "POST * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Browser information\n";
$output .= "=====================================\n";
global $HTTP_USER_AGENT;
$output .= "HTTP_USER_AGENT: " . $HTTP_USER_AGENT . "\n";
$browser = (array) get_browser();
while (list($key, $value) = each($browser)) {
$output .= "BROWSER * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_SERVER array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_sv)) {
$output .= "SERVER * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_ENV array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_ev)) {
$output .= "ENV * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_COOKIE array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_cv)) {
$output .= "COOKIE * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_FILES array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_fv)) {
$output .= "FILES * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_SESSION array\n";
$output .= "This is session info. The variables\n";
$output .= " starting with PNSV are PostNukeSessionVariables.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_snv)) {
$output .= "SESSION * {$key} : {$value}\n";
}
$sitename = pnConfigGetVar('sitename');
$adminmail = pnConfigGetVar('adminmail');
$headers = "From: {$sitename} <{$adminmail}>\n" . "X-Priority: 1 (Highest)\n";
pnMail($adminmail, 'Attempted hack on your site? (type: ' . $hack_type . ')', $output, $headers);
return;
}
print_r($_GET);
print_r($_SESSION);
die;
*/
//print_r($_SESSION);
// start PN
pnInit();
// Get variables
list($module, $func, $op, $name, $file, $type, ) = pnVarCleanFromInput('module', 'func', 'op', 'name', 'file', 'type');
// Defaults for variables
if (isset($catid)) {
pnVarCleanFromInput('catid');
}
// check requested module and set to start module if not present
if (empty($name)) {
$name = pnConfigGetVar('startpage');
// fixed for the new style of loading modules and set start page for them [class007]
if (empty($module)) {
$module = $name;
}
}
// get module information
$modinfo = pnModGetInfo(pnModGetIDFromName($module));
if ($modinfo['type'] == 2) {
// New-new style of loading modules
if (empty($type)) {
$type = 'user';
}
if (empty($func)) {
$func = "main";
}
/**
* display block
*/
function admin_messages_messagesblock_display($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!isset($row['title'])) {
$row['title'] = '';
}
if (!pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::", ACCESS_READ)) {
return;
}
$messagestable = $pntable['message'];
$messagescolumn =& $pntable['message_column'];
if (pnConfigGetVar('multilingual') == 1) {
$currentlang = pnUserGetLang();
$querylang = "AND ({$messagescolumn['mlanguage']}='{$currentlang}' OR {$messagescolumn['mlanguage']}='')";
} else {
$querylang = '';
}
$sql = "SELECT {$messagescolumn['mid']},\n {$messagescolumn['title']},\n {$messagescolumn['content']},\n {$messagescolumn['date']},\n {$messagescolumn['view']}\n FROM {$messagestable}\n WHERE {$messagescolumn['active']} = 1 \n AND ( {$messagescolumn['expire']} > unix_timestamp(now())\n OR {$messagescolumn['expire']} = 0)\n {$querylang}\n ORDER by {$messagescolumn['mid']} DESC";
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
return;
}
$output = new pnHTML();
while (list($mid, $title, $content, $date, $view) = $result->fields) {
$result->MoveNext();
$show = 0;
if (pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::{$mid}", ACCESS_READ)) {
switch ($view) {
case 1:
// Message for everyone
$show = 1;
break;
case 2:
// Message for users
if (pnUserLoggedIn()) {
$show = 1;
}
break;
case 3:
// Messages for non-users
if (!pnUserLoggedIn()) {
$show = 1;
}
break;
case 4:
// Messages for administrators of any description
if (pnSecAuthAction(0, '::', '::', ACCESS_ADMIN)) {
$show = 1;
}
break;
}
}
if ($show) {
list($title, $content) = pnModCallHooks('item', 'transform', '', array($title, $content));
$output->TableStart('', '', 0);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$ttitle = $output->Linebreak();
$ttitle .= $output->Text($title);
$ttitle .= $output->Linebreak(2);
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->TableAddRow(array("<font class=\"pn-title\">" . pnVarPrepHTMLDisplay($ttitle) . "</font>"), 'center');
$output->TableAddRow(array("<font class=\"pn-normal\">" . pnVarPrepHTMLDisplay($content) . "</font>"), 'left');
$output->SetInputMode(_PNH_PARSEINPUT);
$output->TableEnd();
}
}
if ($output->output != "") {
// Don't want a title
$row['title'] = '';
$row['content'] = $output->GetOutput();
return themesideblock($row);
}
}
function check_words($Message)
{
global $EditedMessage;
$CensorMode = pnConfigGetVar('CensorMode');
$CensorList = pnConfigGetVar('CensorList');
$CensorReplace = pnConfigGetVar('CensorReplace');
$EditedMessage = $Message;
if ($CensorMode != 0) {
if (is_array($CensorList)) {
$Replace = $CensorReplace;
if ($CensorMode == 1) {
for ($i = 0; $i < count($CensorList); $i++) {
$EditedMessage = eregi_replace("{$CensorList[$i]}([^a-zA-Z0-9])", "{$Replace}\\1", $EditedMessage);
}
} elseif ($CensorMode == 2) {
for ($i = 0; $i < count($CensorList); $i++) {
$EditedMessage = eregi_replace("(^|[^[:alnum:]]){$CensorList[$i]}", "\\1{$Replace}", $EditedMessage);
}
} elseif ($CensorMode == 3) {
for ($i = 0; $i < count($CensorList); $i++) {
$EditedMessage = eregi_replace("{$CensorList[$i]}", "{$Replace}", $EditedMessage);
}
}
}
}
return $EditedMessage;
}
function &postcalendar_today($format = '%Y%m%d')
{
$time = time();
if (pnUserLoggedIn()) {
$time += (pnUserGetVar('timezone_offset') - pnConfigGetVar('timezone_offset')) * 3600;
}
return strftime($format, $time);
}
/**
* load a module
* @param name - name of module to load
* @param type - type of functions to load
* @returns string
* @return name of module loaded, or false on failure
*/
function pnModLoad($modname, $type = 'user')
{
static $loaded = array();
if (empty($modname)) {
return false;
}
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$modulestable = $pntable['modules'];
$modulescolumn =& $pntable['modules_column'];
if (!empty($loaded["{$modname}{$type}"])) {
// Already loaded from somewhere else
return $modname;
}
$query = "SELECT {$modulescolumn['directory']},\n {$modulescolumn['state']}\n FROM {$modulestable}\n WHERE {$modulescolumn['name']} = '" . pnVarPrepForStore($modname) . "'";
$result = $dbconn->Execute($query);
if ($dbconn->ErrorNo() != 0) {
return;
}
if ($result->EOF) {
return false;
}
list($directory, $state) = $result->fields;
$result->Close();
// Load the module and module language files
list($osdirectory, $ostype) = pnVarPrepForOS($directory, $type);
$osfile = "modules/{$osdirectory}/pn{$ostype}.php";
if (!file_exists($osfile)) {
// File does not exist
return false;
}
// Load file
include $osfile;
$loaded["{$modname}{$type}"] = 1;
$defaultlang = pnConfigGetVar('language');
if (empty($defaultlang)) {
$defaultlang = 'eng';
}
$currentlang = pnUserGetLang();
if (file_exists("modules/{$osdirectory}/pnlang/{$currentlang}/{$ostype}.php")) {
include "modules/{$osdirectory}/pnlang/" . pnVarPrepForOS($currentlang) . "/{$ostype}.php";
} elseif (file_exists("modules/{$directory}/pnlang/{$defaultlang}/{$ostype}.php")) {
include "modules/{$osdirectory}/pnlang/" . pnVarPrepForOS($defaultlang) . "/{$ostype}.php";
}
// Load datbase info
pnModDBInfoLoad($modname, $directory);
// Return the module name
return $modname;
}
/**
* get the user's language
*
* @public <br>
* jgm - the language parameter should be a user variable, not a
* session variable
* @return string the name of the user's language
*/
function pnUserGetLang()
{
$lang = pnSessionGetVar('lang');
if (!empty($lang)) {
return $lang;
} else {
return pnConfigGetVar('language');
}
}
// Modules capitalized for early 0.711 naming convention
include 'includes/pnAPI.php';
pnInit();
// currently un-used - maybe in the future ?
//pnThemeLoad();
header("Content-Type: text/xml");
$title = pnVarPrepForDisplay(pnConfigGetVar('sitename'));
$link = pnVarPrepForDisplay(pnGetBaseURL());
$description = pnVarPrepForDisplay(pnConfigGetVar('backend_title'));
$backend_language = pnVarPrepForDisplay(pnConfigGetVar('backend_language'));
$headline_limit = 10;
// Allow administrator to change how many headlines are selected
$webmaster = pnVarPrepForDisplay(pnConfigGetVar('adminmail'));
$managingeditor = "";
// RSS Parsers sometimes use this, format: emailaddress (Full Name)
$image_url = $link . 'images/' . pnVarPrepForDisplay(pnConfigGetVar('site_logo'));
$image_title = $title;
// RSS parsers usually use this for the ALT tag on the image
$image_link = $link;
// RSS parsers usually use this as the link when users click on the image
// show_content controls whether hometext is included in the RSS feed. This can only be done
// for text-only. RSS chokes on HTML....
$show_content = 0;
// Decide if you want to include the hometext in the RSS feed (1=yes, 0=no)
// fixed bug 482633 (frontpage only) & also get hometext for display
// $sql = "SELECT pn_sid, pn_title FROM $pntable[stories] ORDER BY pn_sid DESC";
$sql = "SELECT pn_sid, pn_title, pn_ihome, pn_hometext FROM {$pntable['stories']} WHERE pn_ihome = 0 ORDER BY pn_sid DESC";
$result = $dbconn->SelectLimit($sql, $headline_limit);
/* fifers - no need for a count var. just use a while loop */
// fifers - should we spit out an error XML doc?
if ($result === false) {
/**
* Timezone Function
*
* @author Fred B (fredb86)
*/
function ml_ftime($datefmt, $timestamp = -1)
{
if (!isset($datefmt)) {
return null;
}
if ($timestamp < 0) {
$timestamp = time();
}
$day_of_week_short = explode(' ', _DAY_OF_WEEK_SHORT);
$month_short = explode(' ', _MONTH_SHORT);
$day_of_week_long = explode(' ', _DAY_OF_WEEK_LONG);
$month_long = explode(' ', _MONTH_LONG);
$ml_date = ereg_replace('%a', $day_of_week_short[(int) strftime('%w', $timestamp)], $datefmt);
$ml_date = ereg_replace('%A', $day_of_week_long[(int) strftime('%w', $timestamp)], $ml_date);
$ml_date = ereg_replace('%b', $month_short[(int) strftime('%m', $timestamp) - 1], $ml_date);
$ml_date = ereg_replace('%B', $month_long[(int) strftime('%m', $timestamp) - 1], $ml_date);
if (pnUserLoggedIn()) {
$thezone = pnUserGetVar('timezone_offset');
} else {
$thezone = pnConfigGetVar('timezone_offset');
}
$timezone_all = explode(' ', _TIMEZONES);
$offset_all = explode(' ', _TZOFFSETS);
$indexofzone = 0;
for ($i = 0; $i < sizeof($offset_all); $i++) {
if ($offset_all[$i] == $thezone) {
$indexofzone = $i;
}
}
$ml_date = ereg_replace('%Z', $timezone_all[$indexofzone], $ml_date);
return strftime($ml_date, $timestamp);
}
function postcalendar_admin_testSystem()
{
global $bgcolor1, $bgcolor2;
if (!PC_ACCESS_ADMIN) {
return _POSTCALENDAR_NOAUTH;
}
$modinfo = pnModGetInfo(pnModGetIDFromName(__POSTCALENDAR__));
$pcDir = pnVarPrepForOS($modinfo['directory']);
$version = $modinfo['version'];
unset($modinfo);
$tpl = new pcSmarty();
$infos = array();
if (phpversion() >= '4.1.0') {
$__SERVER =& $_SERVER;
$__ENV =& $_ENV;
} else {
$__SERVER =& $HTTP_SERVER_VARS;
$__ENV =& $HTTP_ENV_VARS;
}
if (defined('_PN_VERSION_NUM')) {
$pnVersion = _PN_VERSION_NUM;
} else {
$pnVersion = pnConfigGetVar('Version_Num');
}
array_push($infos, array('CMS Version', $pnVersion));
array_push($infos, array('Sitename', pnConfigGetVar('sitename')));
array_push($infos, array('url', pnGetBaseURL()));
array_push($infos, array('PHP Version', phpversion()));
if ((bool) ini_get('safe_mode')) {
$safe_mode = "On";
} else {
$safe_mode = "Off";
}
array_push($infos, array('PHP safe_mode', $safe_mode));
if ((bool) ini_get('safe_mode_gid')) {
$safe_mode_gid = "On";
} else {
$safe_mode_gid = "Off";
}
array_push($infos, array('PHP safe_mode_gid', $safe_mode_gid));
$base_dir = ini_get('open_basedir');
if (!empty($base_dir)) {
$open_basedir = "{$base_dir}";
} else {
$open_basedir = "NULL";
}
array_push($infos, array('PHP open_basedir', $open_basedir));
array_push($infos, array('SAPI', php_sapi_name()));
array_push($infos, array('OS', php_uname()));
array_push($infos, array('WebServer', $__SERVER['SERVER_SOFTWARE']));
array_push($infos, array('Module dir', "modules/{$pcDir}"));
$modversion = array();
include "modules/{$pcDir}/pnversion.php";
$error = '';
if ($modversion['version'] != $version) {
$error = '<br /><div style=\\"color: red;\\">';
$error .= "new version {$modversion['version']} installed but not updated!";
$error .= '</div>';
}
array_push($infos, array('Module version', $version . " {$error}"));
array_push($infos, array('smarty version', $tpl->_version));
array_push($infos, array('smarty location', SMARTY_DIR));
array_push($infos, array('smarty template dir', $tpl->template_dir));
$info = $tpl->compile_dir;
$error = '';
if (!file_exists($tpl->compile_dir)) {
$error .= " compile dir doesn't exist! [{$tpl->compile_dir}]<br />";
} else {
// dir exists -> check if it's writeable
if (!is_writeable($tpl->compile_dir)) {
$error .= " compile dir not writeable! [{$tpl->compile_dir}]<br />";
}
}
if (strlen($error) > 0) {
$info .= "<br /><div style=\"color: red;\">{$error}</div>";
}
array_push($infos, array('smarty compile dir', $info));
$info = $tpl->cache_dir;
$error = "";
if (!file_exists($tpl->cache_dir)) {
$error .= " cache dir doesn't exist! [{$tpl->cache_dir}]<br />";
} else {
// dir exists -> check if it's writeable
if (!is_writeable($tpl->cache_dir)) {
$error .= " cache dir not writeable! [{$tpl->cache_dir}]<br />";
}
}
if (strlen($error) > 0) {
$info .= "<br /><div style=\"color: red;\">{$error}</div>";
}
array_push($infos, array('smarty cache dir', $info));
$header = <<<EOF
\t<html>
\t<head></head>
\t<body bgcolor=
EOF;
$header .= '"' . $GLOBALS['style']['BGCOLOR2'] . '">';
$output .= $header;
$output = postcalendar_adminmenu();
$output .= '<table border="1" cellpadding="3" cellspacing="1">';
$output .= ' <tr><th align="left">Name</th><th align="left">Value</th>';
$output .= '</tr>';
foreach ($infos as $info) {
$output .= '<tr><td ><b>' . pnVarPrepHTMLDisplay($info[0]) . '</b></td>';
$output .= '<td>' . pnVarPrepHTMLDisplay($info[1]) . '</td></tr>';
}
$output .= '</table>';
$output .= '<br /><br />';
$output .= postcalendar_admin_modifyconfig('', false);
$output .= "</body></html>";
return $output;
}
/**
* PHP function to garbage collect session information
* @private
*/
function pnSessionGC($maxlifetime)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$sessioninfocolumn =& $pntable['session_info_column'];
$sessioninfotable = $pntable['session_info'];
switch (pnConfigGetVar('seclevel')) {
case 'Low':
// Low security - delete session info if user decided not to
// remember themself
$where = "WHERE {$sessioninfocolumn['vars']} NOT LIKE '%PNSVrememberme|%'\n AND {$sessioninfocolumn['lastused']} < " . (time() - pnConfigGetVar('secinactivemins') * 60);
break;
case 'Medium':
// Medium security - delete session info if session cookie has
// expired or user decided not to remember
// themself
$where = "WHERE ({$sessioninfocolumn['vars']} NOT LIKE '%PNSVrememberme|%'\n AND {$sessioninfocolumn['lastused']} < " . (time() - pnConfigGetVar('secinactivemins') * 60) . ")\n OR {$sessioninfocolumn['firstused']} < " . (time() - pnConfigGetVar('secmeddays') * 86400);
break;
case 'High':
default:
// High security - delete session info if user is inactive
$where = "WHERE {$sessioninfocolumn['lastused']} < " . (time() - pnConfigGetVar('secinactivemins') * 60);
break;
}
$query = "DELETE FROM {$sessioninfotable} {$where}";
$dbconn->Execute($query);
if ($dbconn->ErrorNo() != 0) {
return false;
}
return true;
}
$eid = pnVarCleanFromInput('eid');
$Date = pnVarCleanFromInput('Date');
$print = pnVarCleanFromInput('print');
$uid = pnUserGetVar('uid');
$pc_username = pnVarCleanFromInput('pc_username');
$output =& new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
if (!pnModAPILoad('postcalendar', 'user')) {
die('Could not load PostCalendar user API');
}
$theme = pnUserGetTheme();
if (!pnThemeLoad($theme)) {
die('Could not load theme');
}
$output->Text('<html><head>');
$output->Text("<title>" . pnConfigGetVar('sitename') . ' :: ' . pnConfigGetVar('slogan') . "</title>\n");
$output->Text('<link rel="StyleSheet" href="themes/' . $theme . '/style/styleNN.css" type="text/css" />');
$output->Text('<style type="text/css">@import url("themes/' . $theme . '/style/style.css"); </style>');
$output->Text('</head>');
$output->Text('<body bgcolor="#ffffff">');
// setup our cache id
$cacheid = md5($Date . $viewtype . $tplview . _SETTING_TEMPLATE . $eid . $print . $uid . $pc_username . $theme);
// display the correct view
switch ($viewtype) {
case 'details':
$output->Text(pnModAPIFunc('PostCalendar', 'user', 'eventDetail', array('eid' => $eid, 'Date' => $Date, 'print' => $print, 'cacheid' => $cacheid)));
break;
default:
$output->Text(pnModAPIFunc('postcalendar', 'user', 'buildView', array('Date' => $Date, 'viewtype' => $viewtype, 'cacheid' => $cacheid)));
break;
}
function blocks_online_block($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!pnSecAuthAction(0, 'Onlineblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
$sessioninfocolumn =& $pntable['session_info_column'];
$sessioninfotable = $pntable['session_info'];
$sessioninfocolumn =& $pntable['session_info_column'];
$sessioninfotable = $pntable['session_info'];
$activetime = time() - pnConfigGetVar('secinactivemins') * 60;
$query = "SELECT count( 1 )\n FROM {$sessioninfotable}\n WHERE {$sessioninfocolumn['lastused']} > {$activetime} AND {$sessioninfocolumn['uid']} >0\n\t\t GROUP BY {$sessioninfocolumn['uid']}\n\t\t ";
$result = $dbconn->Execute($query);
$numusers = $result->RecordCount();
$result->Close();
$query2 = "SELECT count( 1 )\n FROM {$sessioninfotable}\n WHERE {$sessioninfocolumn['lastused']} > {$activetime} AND {$sessioninfocolumn['uid']} = '0'\n\t\t\t GROUP BY {$sessioninfocolumn['ipaddr']}\n\t\t\t ";
$result2 = $dbconn->Execute($query2);
$numguests = $result2->RecordCount();
$result2->Close();
// Pluralise
if ($numguests == 1) {
$guests = _GUEST;
} else {
$guests = _GUESTS;
}
if ($numusers == 1) {
$users = _MEMBER;
} else {
$users = _MEMBERS;
}
$content = "<span class=\"pn-normal\">" . _CURRENTLY . " " . pnVarPrepForDisplay($numguests) . " " . pnVarPrepForDisplay($guests) . " " . _AND . " " . pnVarPrepForDisplay($numusers) . " " . pnVarPrepForDisplay($users) . " " . _ONLINE . "<br />\n";
if (pnUserLoggedIn()) {
$content .= '<br />' . _YOUARELOGGED . ' <b>' . pnUserGetVar('uname') . '</b>.<br />';
if (pnModAvailable('Messages')) {
// display private messages only when module is active
$column =& $pntable['priv_msgs_column'];
$result2 = $dbconn->Execute("SELECT count(*) FROM {$pntable['priv_msgs']} WHERE {$column['to_userid']}=" . pnUserGetVar('uid'));
list($numrow) = $result2->fields;
// get unread messages
$result3 = $dbconn->Execute("SELECT count(*) FROM {$pntable['priv_msgs']} WHERE {$column['to_userid']}=" . pnUserGetVar('uid') . " AND {$column['read_msg']}='0'");
list($unreadrow) = $result3->fields;
if ($numrow == 0) {
$content .= '<br /></span>';
} else {
$content .= "<br />" . _YOUHAVE . " (<a class=\"pn-normal\" href=\"modules.php?op=modload&name=Messages&file=index\" title=\"" . _PRIVATEMSGS . "\">" . pnVarPrepForDisplay($numrow) . "</a>|<a class=\"pn-normal\" href=\"modules.php?op=modload&name=Messages&file=index\" title=\"" . _PRIVATEMSGNEW . "\">" . pnVarPrepForDisplay($unreadrow) . "</a>) ";
if ($numrow == 1) {
$content .= _PRIVATEMSG;
} elseif ($numrow > 1) {
$content .= _PRIVATEMSGS;
}
$content .= "</span><br />";
}
}
} else {
$content .= '<br />' . _YOUAREANON . '</span><br />';
}
if (empty($row['title'])) {
$row['title'] = _WHOSONLINE;
}
$row['content'] = $content;
return themesideblock($row);
}
/**
* View items in slideshow
*/
function mediashare_user_slideshow($args)
{
$albumId = mediashareGetIntUrl('aid', $args, 1);
$mediaId = mediashareGetIntUrl('mid', $args, 0);
$delay = mediashareGetIntUrl('delay', $args, 5);
$mode = mediashareGetStringUrl('mode', $args, 'stopped');
$viewkey = FormUtil::getPassedValue('viewkey');
$center = isset($args['center']) ? '_center' : '';
$back = mediashareGetIntUrl('back', $args, 0);
// Check access to album (media ID won't do a difference if not from this album)
if (!mediashareAccessAlbum($albumId, mediashareAccessRequirementViewSomething)) {
return LogUtil::registerPermissionError();
}
// Fetch current album
if (!($album = pnModAPIFunc('mediashare', 'user', 'getAlbum', array('albumId' => $albumId)))) {
return false;
}
if ($album === true) {
return LogUtil::registerError(__('Unknown album.', $dom));
}
// Fetch media items
if (($items = pnModAPIFunc('mediashare', 'user', 'getMediaItems', array('albumId' => $albumId))) === false) {
return false;
}
// Find current, previous and next items
if ($mediaId == 0 && count($items) > 0) {
$mediaId = $items[0]['id'];
}
$mediaItem = null;
if (count($items) > 0) {
$prevMediaId = $items[count($items) - 1]['id'];
$nextMediaId = $items[0]['id'];
foreach ($items as $item) {
if ($mediaItem != null) {
// Media-Current item found, so this must be next
$nextMediaId = $item['id'];
break;
}
if ($item['id'] == $mediaId) {
$mediaItem = $item;
} else {
// Media-item not found, so this must become prev
$prevMediaId = $item['id'];
}
}
} else {
$prevMediaId = -1;
$nextMediaId = -1;
}
// Add media display HTML
$mediadir = pnModAPIFunc('mediashare', 'user', 'getRelativeMediadir');
for ($i = 0, $cou = count($items); $i < $cou; ++$i) {
if (!($handler = pnModAPIFunc('mediashare', 'mediahandler', 'loadHandler', array('handlerName' => $items[$i]['mediaHandler'])))) {
return false;
}
$result = $handler->getMediaDisplayHtml($mediadir . $items[$i]['originalRef'], null, null, 'mediaItem', array());
$items[$i]['html'] = str_replace(array("\r", "\n"), array(' ', ' '), $result);
}
$viewUrl = pnModUrl('mediashare', 'user', 'slideshow', array('mid' => $mediaItem['id']));
if ($back) {
SessionUtil::setVar('mediashareQuitUrl', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null);
}
$quitUrl = SessionUtil::getVar('mediashareQuitUrl');
if ($quitUrl == null) {
$quitUrl = pnModUrl('mediashare', 'user', 'view', array('aid' => $album['id']));
}
// Build the output
$render =& pnRender::getInstance('mediashare', false);
$render->assign('viewUrl', $viewUrl);
$render->assign('mediaId', $mediaId);
$render->assign('mediaItem', $mediaItem);
$render->assign('prevMediaId', $prevMediaId);
$render->assign('nextMediaId', $nextMediaId);
$render->assign('mediaItems', $items);
$render->assign('album', $album);
$render->assign('albumId', $albumId);
$render->assign('delay', $delay);
$render->assign('mode', $mode);
$render->assign('thumbnailSize', pnModGetVar('mediashare', 'thumbnailSize'));
$render->assign('theme', pnUserGetTheme());
$render->assign('templateName', "slideshow{$center}.html");
$render->assign('quitUrl', $quitUrl);
// Add the access array
if (!mediashareAddAccess($render, $album)) {
return false;
}
$render->load_filter('output', 'pagevars_notcombined');
if (pnConfigGetVar('shorturls')) {
$render->load_filter('output', 'shorturls');
}
$render->display('mediashare_user_slideshow.html');
return true;
}
