function generate_leech_error() { @header("Content-Disposition: inline; filename=\"no_leech.gif\""); @header("Content-Type: image/gif"); $sfilesize = filesize('images/others/no_leech.gif'); echo readfromfile('images/others/no_leech.gif'); exit; }
function GoogleAdSense_setCode($arr) { global $GoogleAdSense_plugin_config; $ad_js = readfromfile($GoogleAdSense_plugin_config["JSFile"]); $display_layout = <<<SETTING_HTML <table border="0" cellpadding="2" cellspacing="1"> <tr> <td align="left" width="300">Ad-sense Script</td> </tr> <tr> <td width="300"><textarea name="ad_script" rows="10" cols="40">{$ad_js}</textarea></td> </tr> </table> SETTING_HTML; return $display_layout; }
function vote($sidename, $sidetitle, $htmlcode, $isInstall) { global $DMC; $settingValue = readfromfile("./plugins/vote/vote.txt"); $arrSet = explode(',', $settingValue); $WS = $arrSet[0]; $HS = $arrSet[1]; $TP = $arrSet[2]; if (isset($_COOKIE["content_{$sidename}"])) { $display = $_COOKIE["content_{$sidename}"]; } else { $display = $isInstall > 0 ? "none" : ""; } ?> <div class="sidepanel" id="Side_Site_vote"> <h4 class="Ptitle" style="cursor: pointer;" onclick="sidebarTools('<?php echo "content_{$sidename}"; ?> ')"><?php echo $sidetitle; ?> </h4> <div class="Pcontent" id="<?php echo "content_{$sidename}"; ?> " style="display:<?php echo $display; ?> "> <?php if ($TP == 0) { $vote_code = "<embed id='vote' src='./plugins/vote/flashvote.swf' width='{$WS}' height='{$HS}' type='application/x-shockwave-flash' scale='exactfit' wmode='transparent' menu='false'></embed>"; } else { $vote_code = "<embed id='vote' src='./plugins/vote/flashvote.swf' width='{$WS}' height='{$HS}' type='application/x-shockwave-flash' scale='exactfit' menu='false'></embed>"; } echo $vote_code; ?> </div> <div class="Pfoot"></div> </div> <?php }
function GoogleAdSense($sidename, $sidetitle, $htmlcode, $isInstall) { global $GoogleAdSense_plugin_config; $ad_js = readfromfile($GoogleAdSense_plugin_config["JSFile"]); ?> <!-- Google Ad-Sense --> <div class="sidepanel" id="Side_GoogleAd"> <h4 class="Ptitle" style="cursor: pointer;"><?php echo $sidetitle; ?> </h4> <div class="Pcontent" id="content_statistics" style="display:"> <?php echo $ad_js; ?> </div> </div> <?php }
function check_upload_file($filename) { //Check if the file contains dangerous characters $danger = array('fopen', 'fsockopen', 'writetofile', 'unlink', 'exec', 'eval'); if (!file_exists($filename)) { return true; } $content = @readfromfile($filename); foreach ($danger as $checker) { if (stristr($content, $checker)) { return false; } } return $content; }
include "data/cache_currentmonthentries.php"; } acceptrequest('cm,cy'); $cm = floor($cm); $cy = floor($cy); $cm = $cm <= 0 || $cm > 12 ? $nowtime['month'] : $cm; $cy = $cy <= 1970 || $cy > 2100 ? $nowtime['year'] : $cy; $month_calendar = array(); if ($cy == $nowtime['year'] && $cm == $nowtime['month']) { $cal_body = @readfromfile("data/cache_currentmonth.php"); if (!strstr($cal_body, "<span class=\"calendar-month\">{$cm}</span>")) { //Cache auto refresh once a month define('REPLYSPECIAL', 1); include_once "admin/cache_func.php"; recache_currentmonthentries(); $cal_body = @readfromfile("data/cache_currentmonth.php"); } $currentdate = gmdate('j', $nowtime['timestamp'] + 3600 * $config['timezone']); $cal_search = array("<td id=\"cal{$currentdate}\" class=\"calendar-sunday\">", "<td id=\"cal{$currentdate}\" class=\"calendar-saturday\">", "<td id=\"cal{$currentdate}\" class=\"calendar-day\">"); $cal_replace = array("<td id=\"cal{$currentdate}\" class=\"calendar-today\">", "<td id=\"cal{$currentdate}\" class=\"calendar-today\">", "<td id=\"cal{$currentdate}\" class=\"calendar-today\">"); $cal_body = str_replace($cal_search, $cal_replace, $cal_body); } else { $cm_s = $cm < 10 ? '0' . $cm : $cm; $month_calendars = $blog->getarraybyquery("SELECT cday FROM `{$db_prefix}calendar` WHERE `cyearmonth`='{$cy}{$cm_s}'"); $month_calendar = is_array($month_calendars['cday']) ? array_unique($month_calendars['cday']) : array(); if ($mbcon['lunarcalendar'] != 0) { $lunarstream = lunarcalendar($cm, $cy); $lunarym = "<br/>{$lunarstream['year']}"; } else { $lunarstream = ''; }
function createSideFunc($value, $key) { global $settingInfo, $strModifyInfo, $strLogout, $strLoginSubmit, $strUserRegister; global $strSearchErr, $strKeyword, $strSearchTitle, $strSearchContent, $strSearchTitleContent, $strFind; $contents = ""; ob_start(); if (is_array($value)) { $sidename = is_int($key) && !empty($value['name']) ? $value['name'] : $key; $sidetitle = $value['modTitle']; $htmlcode = empty($value['htmlCode']) ? "" : $value['htmlCode']; $installDate = empty($value['installDate']) ? "" : $value['installDate']; $pluginPath = empty($value['pluginPath']) ? "" : $value['pluginPath']; $isInstall = $value['isInstall']; if (in_array($sidename, array("statistics", "category", "guestbook", "hotTags", "recentlogs", "recentComments", "archives", "links"))) { echo readfromfile(F2BLOG_ROOT . "cache/cache_{$sidename}.php"); } else { if ($installDate > 0) { //表示为插件 echo '<?php do_filter("' . $sidename . '","' . $sidename . '","', $sidetitle . '","', $htmlcode . '","' . $isInstall . '");' . "?>\n"; } else { switch ($sidename) { case "calendar": echo create_sidebar_header("Calendar", $sidetitle, $isInstall); echo "<?php \n"; echo "if (!empty(\$job) && \$job==\"calendar\" && \$seekname!=gmdate('Ym', time()+3600*\$settingInfo['timezone'])){\n"; echo "\tif (\$settingInfo['showcalendar']==1){\n"; echo "\t\tinclude(\"include/ncalendar.inc.php\");\n"; echo "\t}else{\n"; echo "\t\tinclude(\"include/calendar.inc.php\");\n"; echo "\t}\n"; echo "}else{\n"; echo "\techo readfromfile(F2BLOG_ROOT.\"./cache/cache_calendar.php\");\n"; echo "}?>\n"; break; case "skinSwitch": echo create_sidebar_header("SkinSwitchForPJBlog", $sidetitle, $isInstall); echo "<form name=\"skinForm\" action=\"\" method=\"post\" style=\"margin:0px;\">\n"; echo " <select name=\"skinSelect\" onchange=\"if (this.value!='0') {document.forms['skinForm'].submit();}\">\n"; echo "\t<?php \n"; echo "\tforeach(\$skinlistcache as \$key=>\$value){\n"; echo "\t\t\$selected=(\$key==\$blogSkins)?\"selected\":\"\";\n"; echo "\t\techo \"<option value='\$key' \$selected>\$key</option>\n\";\n"; echo "\t}\n"; echo "\t?>\n"; echo " </select>\n"; echo "</form>\n"; break; case "aboutBlog": echo create_sidebar_header("AboutMe", $sidetitle, $isInstall); echo "<p align=\"center\"> \n"; echo "<img src=\"./attachments/" . $settingInfo['logo'] . "\" align=\"middle\" alt=\"\" />\n"; echo "<br />" . $settingInfo['name'] . "<br />" . $settingInfo['blogTitle'] . "\n"; echo "</p> \n"; break; case "userPanel": echo create_sidebar_header("User", $sidetitle, $isInstall); echo "<?php if (!empty(\$_SESSION['username']) && \$_SESSION['username']!=\"\") { ?> \n"; echo "<a href=\"register.php\" class=\"sideA\">{$strModifyInfo}</a> \n"; echo "<a href=\"login.php?action=logout\" class=\"sideA\">{$strLogout}</a> \n"; echo "<?php } else { ?> \n"; echo "<?php if (\$settingInfo['loginStatus']==0) { ?> \n"; echo "<a href=\"login.php\" class=\"sideA\">{$strLoginSubmit}</a> \n"; echo "<?php } ?> \n"; echo "<?php if (\$settingInfo['isRegister']==0) { ?> \n"; echo "<a href=\"register.php\" class=\"sideA\">{$strUserRegister}</a> \n"; echo "<?php } ?> \n"; echo "<?php } ?> \n"; break; case "search": echo create_sidebar_header("Search", $sidetitle, $isInstall); echo "<form style=\"MARGIN: 0px\" onsubmit=\"if (this.seekname.value.length<1) {alert('" . $strSearchErr . "');this.seekname.focus();return false}\" action=\"index.php\"> \n"; echo " {$strKeyword} "; if ($settingInfo['disSearch'] == 0) { //不显示类别与按键 echo " <input class=\"userpass\" name=\"seekname\" onmouseup=\"document.getElementById('searchbar').style.display=''\"/> \n"; echo "\t<div style=\"overflow: hidden; height: 3px\"> </div> \n"; echo " <div id=\"searchbar\" style=\"display:none\"> \n"; echo "\t<select name=\"job\"> \n"; echo "\t<option value=\"searchTitle\" selected=\"selected\">{$strSearchTitle}</option> \n"; echo "\t<option value=\"searchContent\">{$strSearchContent}</option> \n"; echo "\t<option value=\"searchAll\">{$strSearchTitleContent}</option> \n"; echo "\t</select> \n"; echo " <input name=\"submit\" type=\"submit\" class=\"userbutton\" value=\"{$strFind}\" /> \n"; echo " </div> \n"; } else { echo " <input class=\"userpass\" name=\"seekname\"> \n"; echo "\t<div style=\"overflow: hidden; height: 3px\"> </div> \n"; echo "\t<select name=\"job\"> \n"; echo "\t<option value=\"searchTitle\" selected=\"selected\">{$strSearchTitle}</option> \n"; echo "\t<option value=\"searchContent\">{$strSearchContent}</option> \n"; echo "\t<option value=\"searchAll\">{$strSearchTitleContent}</option> \n"; echo "\t</select> \n"; echo " <input name=\"submit\" type=\"submit\" class=\"userbutton\" value=\"{$strFind}\" /> \n"; } echo "</form> \n"; break; default: //自定HTML代码 echo create_sidebar_header($sidename, $sidetitle, $isInstall); echo htmldecode($htmlcode); break; } echo create_sidebar_footer(); } } $contents = str_replace("\r\n", "", ob_get_contents()); ob_end_clean(); } return $contents; }
function finishbackup($batchid) { global $lna; $ir = trim(readfromfile("bak/bak{$batchid}_filelist.txt")); if (!$ir) { return $lna[870]; } $is = @explode('//', $ir); $display = "<b>{$lna[871]}</b>{$lna[872]}<br>"; foreach ($is as $item) { $display .= "<a href=\"bak/{$item}\">bak/{$item}</a><br>"; if (strstr($item, 'textfile_')) { $txtfilebacked = 1; } } $display .= "<a href=\"bak/bak{$batchid}_filelist.txt\">bak/bak{$batchid}_filelist.txt</a><br>"; if ($txtfilebacked != 1) { $display .= "<br>{$lna[900]}<br>"; } return $display; }
$mtitle = $strRssImport; //输出头部信息 dohead($strRssImport, ""); require 'admin_menu.php'; if ($_GET['action'] == "save") { $autocate = $_POST['autocate']; $curtime = $_POST['curtime']; $rss_file = $_FILES["rssfile"]["tmp_name"]; $fileName = $_FILES["rssfile"]["name"]; $filetype = getFileType($fileName); $path = "../backup"; $rssname = upload_rssfile($rss_file, $path, $filetype); if (strstr($rssname, ".gz")) { $rsscontent = gzreadfromfile("../backup/{$rssname}"); } else { $rsscontent = readfromfile("../backup/{$rssname}"); } $rssCate = $autocate == 0 ? $_POST['rssCate'] : ""; $array_insert = rssAnalyse($rsscontent, $rssCate, $curtime); if (is_array($array_insert)) { foreach ($array_insert as $arr) { $posttime = $curtime == 1 ? time() : $arr['posttime']; $arr['content'] = str_replace("'", "'", $arr['content']); $sql = "INSERT INTO {$DBPrefix}logs(cateId,logTitle,logContent,author,postTime,isComment,isTrackback,isTop,weather,saveType,logsediter) VALUES ('{$arr['category']}','{$arr['title']}','{$arr['content']}','{$_SESSION['username']}','{$posttime}','1','1','0','sunny','1','tiny')"; $DMC->query($sql); } } //更新Cache settings_recount(); settings_recache(); categories_recount();
function add_module($filename) { global $activate, $newplugindir, $blog, $db_prefix; if (is_file("plugin/{$newplugindir}/{$filename}")) { $filecontent = readfromfile("plugin/{$newplugindir}/{$filename}"); eval($filecontent); $maxmodid = $blog->countbyquery("SELECT MAX(`modorder`) FROM `{$db_prefix}mods`"); $maxmodid += 1; $blog->query("INSERT INTO `{$db_prefix}mods` VALUES ('{$info['newitemposition']}', '{$info['name']}', '{$info['intro']}', '{$info['newitemactive']}', '{$maxmodid}', 'custom')"); if ($activate == 1) { recache_mods(); } mod_append($info['content']); } }
function recache_adminlist() { global $blog, $db_prefix, $lna; include "data/cache_usergroup.php"; if (is_array($usergp)) { foreach ($usergp as $key => $value) { if (file_exists("data/usergroup{$key}.php")) { $tmp = readfromfile("data/usergroup{$key}.php"); if (strstr($tmp, "['AddEntry']='1'")) { $admin_s[] = $key; } } } if (is_array($admin_s)) { $query_string = @implode(',', $admin_s); $all_admins = $blog->getarraybyquery("SELECT * FROM `{$db_prefix}user` WHERE usergroup in ({$query_string})"); for ($i = 0; $i < count($all_admins['userid']); $i++) { $out[] = "'{$all_admins['userid'][$i]}'=>'{$all_admins['username'][$i]}'"; } $outout = @implode(',', $out); $writeout = "<?PHP\n\$adminlist=array({$outout});\n"; if (!writetofile("data/cache_adminlist.php", $writeout)) { catcherror($lna[66] . "data/cache_adminlist.php"); } } } }
function get_plugin_data($plugin_file) { global $strVisitPluginHomepage; $plugin_data = readfromfile($plugin_file); preg_match("|Plugin Name:(.*)|i", $plugin_data, $plugin_name); preg_match("|Plugin URI:(.*)|i", $plugin_data, $plugin_uri); preg_match("|Description:(.*)|i", $plugin_data, $description); preg_match("|Author:(.*)|i", $plugin_data, $author_name); preg_match("|Author URI:(.*)|i", $plugin_data, $author_uri); if (preg_match("|Version:(.*)|i", $plugin_data, $version)) { $version = $version[1]; } else { $version = ''; } $description = $description[1]; $name = $plugin_name[1]; $name = trim($name); $plugin = $name; if (!empty($plugin_uri[1]) && !empty($name)) { $plugin = '<a href="' . $plugin_uri[1] . '" title="' . $strVisitPluginHomepage . '">' . $plugin . '</a>'; } if (empty($author_uri[1])) { $author = $author_name[1]; } else { $author = '<a href="' . $author_uri[1] . '" title="' . $strVisitPluginHomepage . '">' . $author_name[1] . '</a>'; } $arr = explode("/", $plugin_file); $plugin_root = $arr[0] . "/" . $arr[1] . "/" . $arr[2]; $pfile = $arr[3]; if (file_exists($plugin_root . '/setting.php')) { $setting = "setting.php"; } else { $setting = ""; } if (file_exists($plugin_root . '/advanced.php')) { $advanced = "advanced.php"; } else { $advanced = ""; } return array('Name' => $name, 'Title' => $plugin, 'Description' => $description, 'Author' => $author, 'Version' => $version, 'Setting' => $setting, 'Advanced' => $advanced, 'Pfile' => $pfile); }
} } //$thesauruses=array("gcmd"); foreach ($thesauruses as $thesaurus) { $thesaurusuri = ""; $thesaurusname = ""; if (strlen($thesaurus) == 0) { continue; } $def = readfromfile($thesaurus, "_labels.csv"); foreach (readfromfile($thesaurus, "_index.csv") as $uri => $name) { $thesaurusuri = $uri; $thesaurusname = array_shift($name); } $rel = readfromfile($thesaurus, "_relations.csv"); $key = readfromfile($thesaurus, "_keywords.csv"); $elements = getRoots($rel); //var_dump($elements);return; $ret['success'] = 'true'; foreach (walktree($rel, $def, $key, $thesaurusuri, $thesaurusname, $elements) as $child) { $ret['children'][] = $child; } } echo json_encode($ret); function walktree($relations, $definitions, $keys, $thesaurusuri, $thesaurusname, $items, $searchkey = "") { $ret = array(); foreach ($items as $element) { $obj = array(); $obj['id'] = $element; $obj["name"] = $definitions[$element][0];
{$lna[1085]}<br> <input type=radio value='1' name="servertype" {$Apachecheck}> Apache<br> <input type=radio value='2' name="servertype" {$IIScheck}> IIS<br><br> {$lna[1086]}<br> <input type=text value='{$possibleroot}' name="serverroot"><br><br> <div align=center><input type=submit value="{$lna[64]}" class='formbutton'></div><br><br> </form> </td></tr></table> eot; } else { if ($servertype == 1) { $ruletemplate = nl2br(readfromfile("images/others/rule_apache.txt")); $ruletemplate = str_replace('<ROOTHERE>', $serverroot, $ruletemplate); $rulefilename = ".htaccess"; } else { $ruletemplate = nl2br(readfromfile("images/others/rule_iis.txt")); $ruletemplate = str_replace('<ROOTHERE>', str_replace('/', "\\/", $serverroot), $ruletemplate); $rulefilename = "httpd.ini"; } $showword = sprintf($lna[1087], $rulefilename); @(include_once "data/cache_latest.php"); $testid = $cache_latest_all[0]['blogid']; $display_overall .= highlightadminitems('urlrewrite', 'misc'); $display_overall .= <<<eot <table class='tablewidth' align=center cellpadding=4 cellspacing=0> <tr> <td width=160 class="sectstart"> {$lna[529]} </td> <td class="sectend">{$lna[530]}</td> <tr><td colspan=2 class='sect'>
$modify_sql = "UPDATE " . $DBPrefix . "attachments set downloads=downloads+1 WHERE id='{$id}'"; $DMC->query($modify_sql); //更新附件Cache download_recache(); attachments_recache(); //网址直接输出地址 if (strpos($file_path, "://") > 0) { ob_end_clean(); header("location:{$file_path}"); exit; } else { $file_path = "attachments/" . $file_path; //读取文件内容 if (file_exists($file_path)) { //读取内容 $temp_buffer = readfromfile($file_path); ob_end_clean(); header('Cache-control: max-age=31536000'); header('Expires: ' . gmdate('D, d M Y H:i:s', $filetime + 31536000) . ' GMT'); header('Content-Encoding: none'); if (preg_match("/^image\\/.+/", $fileType)) { header('Content-Disposition: inline; filename=' . $filename); } else { header('Content-Disposition: attachment; filename=' . $filename); } header("Content-type: {$fileType}"); echo $temp_buffer; exit; } } }
$act = $_POST['act']; $newpsw = $_REQUEST['newpsw']; $oldadmin = $_REQUEST['oldadmin']; $newadmin = $_REQUEST['newadmin']; if (!is_array($act)) { header("Location: emergency.php"); exit; } if (in_array('psw', $act)) { $newpsw = md5($newpsw); $blog->query("UPDATE `{$db_prefix}user` SET `userpsw`='{$newpsw}' WHERE `username`='{$oldadmin}'"); } if (in_array('changeuser', $act)) { $blog->query("UPDATE `{$db_prefix}user` SET `usergroup`='2' WHERE `username`='{$newadmin}'"); } $content = readfromfile("data/config.php"); if (in_array('nologinval', $act)) { $content .= "\$config['loginvalidation']='0';\n"; } if (in_array('open', $act)) { $content .= "\$config['blogopen']='1';\n"; } writetofile("data/config.php", $content); @header("Content-Type: text/html; charset=utf-8"); die("Bo-Blog 2.0.1 应急恢复程序完成了请求的动作。<br><B><font color='red'>警告:请立即删除本文件!!"); } if ($v == 3) { $usorigin0 = <<<eot <?PHP \$permission['gpname']='游客'; \$permission['visit']='1';
function ondownloadfile() { $filename = str_replace('*', '.', $this->get[2]); header('content-disposition: attachment; filename=' . $filename); echo readfromfile('data/db_backup/' . $filename); }
} } if ($job == 'urlrewrite') { if ($config['urlrewritemethod'] == 0) { $checksta1 = 'checked'; } elseif ($config['urlrewritemethod'] == 1) { $checksta2 = 'checked'; } elseif ($config['urlrewritemethod'] == 2) { $checksta4 = 'checked'; } @(include_once 'data/cache_latest.php'); $getId = $cache_latest_all[0]['blogid']; $config['blogurl'] = str_replace('{host}', $_SERVER['HTTP_HOST'], $config['blogurl']); $possibleroot = parse_url($config['blogurl']); $serverroot = $possibleroot['path'] . '/'; $ruletemplate = nl2br(htmlspecialchars(readfromfile("images/others/rule_apache.txt"))); $ruletemplate = str_replace('<ROOTHERE>', $serverroot, $ruletemplate); $display_overall .= highlightadminitems('urlrewrite', 'misc'); $display_overall_plus = <<<eot <form action="admin.php?go=misc_urlrewritesave" method="post" id="ajaxForm1"> <table class='tablewidth' align=center cellpadding=4 cellspacing=0> <tr> <td width=160 class="sectstart"> {$lna[527]} </td> <td class="sectend">{$lna[528]}</td> <tr><td colspan=2 class='sect'> <br> <input type=radio value='0' name="urlrewritesta" {$checksta1} onclick="document.getElementById('urloptmessagearea').innerHTML=document.getElementById('urloptmessage0').value; document.getElementById('apachearea').style.display='none'"> {$lna[511]}<br> <input type=radio value='1' name="urlrewritesta" {$checksta2} onclick="document.getElementById('urloptmessagearea').innerHTML=document.getElementById('urloptmessage1').value; document.getElementById('apachearea').style.display='none'"> {$lna[938]} ({$lna[1139]})<br> <input type=radio value='2' name="urlrewritesta" {$checksta4} onclick="document.getElementById('urloptmessagearea').innerHTML=document.getElementById('urloptmessage3').value; document.getElementById('apachearea').style.display='block'"> {$lna[1138]}<br>
{$warn} <input type='hidden' name='newmodfile' value='{$upload_filename}'> </td> <tr class='admintitle'><td align='center'><input type=submit value='{$lna[64]}' class='formbutton'> <input type=button onclick='window.location="admin.php";' value='{$lna[138]}' class='formbutton'></td></tr> </form> </td></tr></table> eot; } if ($job == 'autoaddmodule') { acceptrequest('newmodfile'); $newmodfile = basename($newmodfile); $ext = strtolower(strrchr($newmodfile, '.')); if ($ext != '.blog' && $ext != '.txt') { catcherror($lna[129]); } $filecontent = readfromfile("{$db_tmpdir}/" . $newmodfile); eval($filecontent); $maxmodid = $blog->countbyquery("SELECT MAX(`modorder`) FROM `{$db_prefix}mods`"); $maxmodid += 1; $blog->query("INSERT INTO `{$db_prefix}mods` VALUES ('{$info['newitemposition']}', '{$info['name']}', '{$info['intro']}', '{$info['newitemactive']}', '{$maxmodid}', 'custom')"); if ($info['newitemactive'] == 1) { recache_mods(); } mod_append($info['content']); @unlink("{$db_tmpdir}/{$newmodfile}"); catchsuccess($finishok2, $backtomodule); } if ($job == 'ordermodule') { acceptrequest('section'); if (!$section) { catcherror($lna[126]);
//Define some senteces $finishok = $lna[265]; $partbacktoart = $lna[266]; $backtoaddnew = "{$lna[267]}|admin.php?go=edit_add"; $backtodraft = "{$lna[325]}|admin.php?go=entry_draft"; if (!$job) { $job = 'add'; } $id = $itemid; include_once "data/cache_emot.php"; if ($flset['weather'] != 1) { include_once "data/weather.php"; } //All Tags if ($flset['tags'] != 1) { $existtagall = trim(readfromfile("data/cache_tags.php")); $exist_tags_all = @explode(' ', $existtagall); } if ($job == 'add' || $job == 'store') { //Permission check checkpermission('AddEntry'); confirmpsw(); //Re-check password } elseif ($job == 'edit' || $job == 'restore') { checkpermission('EditEntry'); confirmpsw(); //Re-check password } if ($job != 'add' && $job != 'store' && $job != 'sendtb') { if ($id == "") { $cancel = $lna[268];
function get_http_raw_post_data() { //Get http_raw_post_data global $HTTP_RAW_POST_DATA; if (isset($HTTP_RAW_POST_DATA)) { //Good, the server supports $HTTP_RAW_POST_DATA, then return it directly return trim($HTTP_RAW_POST_DATA); } elseif (PHP_OS >= "4.3.0") { //PHP 4.3.0 and higher version supports another way to get it return readfromfile('php://input'); } else { return false; } //Sorry, no way out, or $raw data is not set at all }
$sitename = safe_convert(trimplus($sitename)); $siteurl = safe_convert(trimplus($siteurl)); $sitelogo = safe_convert(trimplus($sitelogo)); $siteintro = safe_convert(trimplus($siteintro)); if (!$sitename || !$siteurl) { catcherror($lnc[179]); } $siteurl = urlconvert($siteurl); $sitelogo = urlconvert($sitelogo); $siteid = time() . rand(0, 10); if (preg_search($sitename, $forbidden['banword']) || preg_search($siteintro, $forbidden['banword']) || preg_search($siteurl, $forbidden['banword']) || preg_search($sitename, $forbidden['suspect']) || preg_search($siteintro, $forbidden['suspect']) || preg_search($siteurl, $forbidden['suspect'])) { catcherror($lnc[214]); } $addline = "<?PHP exit();?><|>{$siteid}<|>{$sitename}<|>{$siteurl}<|>{$sitelogo}<|>{$siteintro}<|>\n"; $filename = "data/cache_applylinks.php"; $oldcontent = @readfromfile($filename); $content = $addline . $oldcontent; if (!writetofile($filename, $content)) { catcherror($lnc[7] . $filename); } else { catchsuccess($lnc[180], "{$lnc[163]}|index.php"); } } if ($job == 'ajaxverify') { acceptrequest('savecookie,securitycode'); $savecookie = floor($savecookie); if ($config['loginvalidation'] == 1) { if ($db_defaultsessdir != 1) { session_save_path("./{$db_tmpdir}"); } session_cache_limiter("private, must-revalidate");
writetofile('../data/cache_categories.php', "<?PHP exit;?><|>0<|>{$lang[32]}<|>{$lang[33]}<|>0<|>0<|>0<|><|><|>1<|>-1<|>\n"); writetofile('../data/online.php', ""); writetofile('../data/cache_tags.php', ""); writetofile('../data/language.php', "<?PHP\n\$langfront=\"{$language}\";\n\$langback=\"{$language}\";\n@include_once (\"lang/{$language}/common.php\");"); writetofile('../data/cache_currentmonth.php', ""); writetofile('../data/cache_latest.php', "<?PHP\n\$cache_latest_limit[]=array(\"blogid\"=>0, \"title\"=>\"{$lang[30]}\", \"category\"=>0, \"fulltitle\"=>\"{$lang[30]}\");\n\$cache_latest_all[]=array(\"blogid\"=>0, \"title\"=>\"{$lang[30]}\", \"category\"=>0, \"fulltitle\"=>\"{$lang[30]}\");?>"); writetofile('../data/cache_replies.php', ""); writetofile('../data/plugin_enabled.php', "<?PHP\n"); $copylangorigin = array('{langcopy0}', '{langcopy1}', '{langcopy2}', '{langcopy3}', '{langcopy4}', '{langcopy5}', '{langcopy6}', '{langcopy7}', '{langcopy8}', '{langcopy9}', '{langcopy10}', '{langcopy11}', '{langcopy12}', '{langcopy13}', '{langcopy14}', '{langcopy15}', '{langcopy16}'); $linkfrom = @parse_url($blogurlpath); $langcopy[16] = $linkfrom['host']; $file_list = @file('filelist.txt'); for ($i = 0; $i < count($file_list); $i++) { $file_s = trim($file_list[$i]); if (file_exists("copy/{$file_s}") && !is_dir("copy/{$file_s}")) { $orgin = readfromfile("copy/{$file_s}"); $orgin = str_replace($copylangorigin, $langcopy, $orgin); writetofile("../data/{$file_s}", $orgin); unset($orgin); } } //Try to rename install.php @rename("install.php", "install.bak"); template("<div class='log'>{$lang[61]}</div><div class='mes'><form action='' method='post' id='frm1'>{$lang[62]}<br>{$lang[63]}<br><br><div align=center><input type='button' value='{$lang[64]}' onclick='window.location=\"../index.php\";' class='inbut'></div>"); } function template($body) { global $newinstall, $lang; $bbb = <<<eot <html xmlns="http://www.w3.org/1999/xhtml" lang="UTF-8"> <head>