function logit($r = '')
{
global $siteurl, $prefs, $pretext;
$mydomain = str_replace('www.', '', preg_quote($siteurl, "/"));
$out['uri'] = @$pretext['request_uri'];
$out['ref'] = clean_url(str_replace("http://", "", serverSet('HTTP_REFERER')));
$host = $ip = serverSet('REMOTE_ADDR');
if (!empty($prefs['use_dns'])) {
// A crude rDNS cache
if ($h = safe_field('host', 'txp_log', "ip='" . doSlash($ip) . "' limit 1")) {
$host = $h;
} else {
// Double-check the rDNS
$host = @gethostbyaddr(serverSet('REMOTE_ADDR'));
if ($host != $ip and @gethostbyname($host) != $ip) {
$host = $ip;
}
}
}
$out['ip'] = $ip;
$out['host'] = $host;
$out['status'] = 200;
// FIXME
$out['method'] = serverSet('REQUEST_METHOD');
if (preg_match("/^[^\\.]*\\.?{$mydomain}/i", $out['ref'])) {
$out['ref'] = "";
}
if ($r == 'refer') {
if (trim($out['ref']) != "") {
insert_logit($out);
}
} else {
insert_logit($out);
}
}
/**
* Outputs a diagnostics report.
*
* This is the main panel.
*/
function doDiagnostics()
{
global $prefs, $files, $txpcfg, $event, $step, $theme, $DB;
extract(get_prefs());
$urlparts = parse_url(hu);
$mydomain = $urlparts['host'];
$is_apache = stristr(serverSet('SERVER_SOFTWARE'), 'Apache') || is_callable('apache_get_version');
$real_doc_root = isset($_SERVER['DOCUMENT_ROOT']) ? realpath($_SERVER['DOCUMENT_ROOT']) : '';
// ini_get() returns string values passed via php_value as a string, not boolean.
$is_register_globals = (strcasecmp(ini_get('register_globals'), 'on') === 0 or ini_get('register_globals') === '1');
// Check for Textpattern updates, at most once every 24 hours.
$now = time();
$updateInfo = unserialize(get_pref('last_update_check', ''));
if (!$updateInfo || $now > $updateInfo['when'] + 60 * 60 * 24) {
$updates = checkUpdates();
$updateInfo['msg'] = $updates ? gTxt($updates['msg'], array('{version}' => $updates['version'])) : '';
$updateInfo['when'] = $now;
set_pref('last_update_check', serialize($updateInfo), 'publish', PREF_HIDDEN, 'text_input');
}
$fail = array();
if (!empty($updateInfo['msg'])) {
$fail['textpattern_version_update'] = diag_msg_wrap($updateInfo['msg'], 'information');
}
if (!is_callable('version_compare') || version_compare(PHP_VERSION, REQUIRED_PHP_VERSION, '<')) {
$fail['php_version_required'] = diag_msg_wrap(gTxt('php_version_required', array('{version}' => REQUIRED_PHP_VERSION)));
}
if (!isset($path_to_site)) {
$fail['path_to_site_missing'] = diag_msg_wrap(gTxt('path_to_site_missing'), 'warning');
}
if (@gethostbyname($mydomain) === $mydomain) {
$fail['dns_lookup_fails'] = diag_msg_wrap(gTxt('dns_lookup_fails') . cs . $mydomain, 'warning');
}
if (!@is_dir($path_to_site)) {
$fail['path_to_site_inacc'] = diag_msg_wrap(gTxt('path_to_site_inacc') . cs . $path_to_site);
}
if (rtrim($siteurl, '/') != $siteurl) {
$fail['site_trailing_slash'] = diag_msg_wrap(gTxt('site_trailing_slash') . cs . $path_to_site, 'warning');
}
if (!@is_file($path_to_site . "/index.php") || !@is_readable($path_to_site . "/index.php")) {
$fail['index_inaccessible'] = diag_msg_wrap("{$path_to_site}/index.php " . gTxt('is_inaccessible'));
}
$not_readable = array();
if (!@is_writable($path_to_site . '/' . $img_dir)) {
$not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('img_dir'), gTxt('dir_not_writable')) . ": {$path_to_site}/{$img_dir}", 'warning');
}
if (!@is_writable($file_base_path)) {
$not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('file_base_path'), gTxt('dir_not_writable')) . ": {$file_base_path}", 'warning');
}
if (!@is_writable($tempdir)) {
$not_readable[] = diag_msg_wrap(str_replace('{dirtype}', gTxt('tempdir'), gTxt('dir_not_writable')) . ": {$tempdir}", 'warning');
}
if ($not_readable) {
$fail['dir_not_writable'] = join(n, $not_readable);
}
if ($permlink_mode != 'messy' && !$is_apache) {
$fail['cleanurl_only_apache'] = diag_msg_wrap(gTxt('cleanurl_only_apache'), 'information');
}
if ($permlink_mode != 'messy' and !@is_readable($path_to_site . '/.htaccess')) {
$fail['htaccess_missing'] = diag_msg_wrap(gTxt('htaccess_missing'));
}
if ($permlink_mode != 'messy' and is_callable('apache_get_modules') and !apache_module('mod_rewrite')) {
$fail['mod_rewrite_missing'] = diag_msg_wrap(gTxt('mod_rewrite_missing'));
}
if (!ini_get('file_uploads')) {
$fail['file_uploads_disabled'] = diag_msg_wrap(gTxt('file_uploads_disabled'), 'information');
}
if (@is_dir(txpath . DS . 'setup')) {
$fail['setup_still_exists'] = diag_msg_wrap(txpath . DS . "setup" . DS . ' ' . gTxt('still_exists'), 'warning');
}
if (empty($tempdir)) {
$fail['no_temp_dir'] = diag_msg_wrap(gTxt('no_temp_dir'), 'warning');
}
if (is_disabled('mail')) {
$fail['warn_mail_unavailable'] = diag_msg_wrap(gTxt('warn_mail_unavailable'), 'warning');
}
if ($is_register_globals) {
$fail['warn_register_globals_or_update'] = diag_msg_wrap(gTxt('warn_register_globals_or_update'), 'warning');
}
if ($permlink_mode != 'messy') {
$rs = safe_column("name", "txp_section", "1");
foreach ($rs as $name) {
if ($name and @file_exists($path_to_site . '/' . $name)) {
$fail['old_placeholder_exists'] = diag_msg_wrap(gTxt('old_placeholder') . ": {$path_to_site}/{$name}");
}
}
}
$cs = check_file_integrity(INTEGRITY_REALPATH);
if (!$cs) {
$cs = array();
}
// Files that don't match their checksums.
if ($modified_files = array_keys($cs, INTEGRITY_MODIFIED)) {
$fail['modified_files'] = diag_msg_wrap(gTxt('modified_files') . cs . n . t . join(', ' . n . t, $modified_files), 'warning');
}
// Running development code in live mode is not recommended.
if (preg_match('/-dev$/', txp_version) and $production_status == 'live') {
$fail['dev_version_live'] = diag_msg_wrap(gTxt('dev_version_live'), 'warning');
}
// Missing files.
if ($missing = array_merge(array_keys($cs, INTEGRITY_MISSING), array_keys($cs, INTEGRITY_NOT_FILE), array_keys($cs, INTEGRITY_NOT_READABLE))) {
$fail['missing_files'] = diag_msg_wrap(gTxt('missing_files') . cs . n . t . join(', ' . n . t, $missing));
}
// Anything might break if arbitrary functions are disabled.
if (ini_get('disable_functions')) {
$disabled_funcs = array_map('trim', explode(',', ini_get('disable_functions')));
// Commonly disabled functions that we don't need.
$disabled_funcs = array_diff($disabled_funcs, array('imagefilltoborder', 'escapeshellarg', 'escapeshellcmd', 'exec', 'passthru', 'proc_close', 'proc_get_status', 'proc_nice', 'proc_open', 'proc_terminate', 'shell_exec', 'system', 'popen', 'dl', 'chown'));
if ($disabled_funcs) {
$fail['some_php_functions_disabled'] = diag_msg_wrap(gTxt('some_php_functions_disabled') . cs . join(', ', $disabled_funcs), 'warning');
}
}
// Not sure about this one.
// if (strncmp(php_sapi_name(), 'cgi', 3) == 0 and ini_get('cgi.rfc2616_headers'))
// $fail['cgi_header_config'] = gTxt('cgi_header_config');
$guess_site_url = $_SERVER['HTTP_HOST'] . preg_replace('#[/\\\\]$#', '', dirname(dirname($_SERVER['SCRIPT_NAME'])));
if ($siteurl and strip_prefix($siteurl, 'www.') != strip_prefix($guess_site_url, 'www.')) {
$fail['site_url_mismatch'] = diag_msg_wrap(gTxt('site_url_mismatch') . cs . $guess_site_url, 'warning');
}
// Test clean URL server vars.
if (hu) {
if (ini_get('allow_url_fopen') and $permlink_mode != 'messy') {
$s = md5(uniqid(rand(), true));
ini_set('default_socket_timeout', 10);
$pretext_data = @file(hu . $s . '/?txpcleantest=1');
if ($pretext_data) {
$pretext_req = trim(@$pretext_data[0]);
if ($pretext_req != md5('/' . $s . '/?txpcleantest=1')) {
$fail['clean_url_data_failed'] = diag_msg_wrap(gTxt('clean_url_data_failed') . cs . txpspecialchars($pretext_req), 'warning');
}
} else {
$fail['clean_url_test_failed'] = diag_msg_wrap(gTxt('clean_url_test_failed'), 'warning');
}
}
}
if ($tables = list_txp_tables()) {
$table_errors = check_tables($tables);
if ($table_errors) {
$fail['mysql_table_errors'] = diag_msg_wrap(gTxt('mysql_table_errors') . cs . n . t . join(', ' . n . t, $table_errors));
}
}
$active_plugins = array();
if ($rows = safe_rows('name, version, code_md5, md5(code) as md5', 'txp_plugin', 'status > 0')) {
foreach ($rows as $row) {
$n = $row['name'] . '-' . $row['version'];
if (strtolower($row['md5']) != strtolower($row['code_md5'])) {
$n .= 'm';
}
$active_plugins[] = $n;
}
}
$theme_manifest = $theme->manifest();
// Check GD info.
if (function_exists('gd_info')) {
$gd_info = gd_info();
$gd_support = array();
if ($gd_info['GIF Create Support']) {
$gd_support[] = 'GIF';
}
// Aside: In PHP 5.3, they chose to add a previously unemployed capital "E" to the array key.
if (!empty($gd_info['JPEG Support']) || !empty($gd_info['JPG Support'])) {
$gd_support[] = 'JPG';
}
if ($gd_info['PNG Support']) {
$gd_support[] = 'PNG';
}
if ($gd_support) {
$gd_support = join(', ', $gd_support);
} else {
$gd_support = gTxt('none');
}
$gd = gTxt('gd_info', array('{version}' => $gd_info['GD Version'], '{supported}' => $gd_support));
} else {
$gd = gTxt('gd_unavailable');
}
if (realpath($prefs['tempdir']) === realpath($prefs['plugin_cache_dir'])) {
$fail['tmp_plugin_paths_match'] = diag_msg_wrap(gTxt('tmp_plugin_paths_match'));
}
// Database server time.
extract(doSpecial(getRow('select @@global.time_zone as db_global_timezone, @@session.time_zone as db_session_timezone, now() as db_server_time, unix_timestamp(now()) as db_server_timestamp')));
$db_server_timeoffset = $db_server_timestamp - $now;
echo pagetop(gTxt('tab_diagnostics'), '');
echo hed(gTxt('tab_diagnostics'), 1, array('class' => 'txp-heading'));
echo n . '<div id="' . $event . '_container" class="txp-container">' . n . '<div id="pre_flight_check">' . hed(gTxt('preflight_check'), 2);
if ($fail) {
foreach ($fail as $help => $message) {
echo graf(nl2br($message) . popHelp($help));
}
} else {
echo graf(diag_msg_wrap(gTxt('all_checks_passed'), 'success'));
}
echo '</div>';
echo '<div id="diagnostics">', hed(gTxt('diagnostic_info'), 2);
$fmt_date = '%Y-%m-%d %H:%M:%S';
$out = array('<p><textarea class="code" id="diagnostics-detail" cols="' . INPUT_LARGE . '" rows="' . TEXTAREA_HEIGHT_LARGE . '" dir="ltr" readonly>', gTxt('txp_version') . cs . txp_version . ' (' . check_file_integrity(INTEGRITY_DIGEST) . ')' . n, gTxt('last_update') . cs . gmstrftime($fmt_date, $dbupdatetime) . '/' . gmstrftime($fmt_date, @filemtime(txpath . '/update/_update.php')) . n, gTxt('document_root') . cs . @$_SERVER['DOCUMENT_ROOT'] . ($real_doc_root != @$_SERVER['DOCUMENT_ROOT'] ? ' (' . $real_doc_root . ')' : '') . n, '$path_to_site' . cs . $path_to_site . n, gTxt('txp_path') . cs . txpath . n, gTxt('permlink_mode') . cs . $permlink_mode . n, ini_get('open_basedir') ? 'open_basedir: ' . ini_get('open_basedir') . n : '', ini_get('upload_tmp_dir') ? 'upload_tmp_dir: ' . ini_get('upload_tmp_dir') . n : '', gTxt('tempdir') . cs . $tempdir . n, gTxt('web_domain') . cs . $siteurl . n, gTxt('php_version') . cs . phpversion() . n, $is_register_globals ? gTxt('register_globals') . cs . $is_register_globals . n : '', gTxt('gd_library') . cs . $gd . n, gTxt('server') . ' TZ: ' . Txp::get('Textpattern_Date_Timezone')->getTimeZone() . n, gTxt('server_time') . cs . strftime('%Y-%m-%d %H:%M:%S') . n, strip_tags(gTxt('is_dst')) . cs . $is_dst . n, strip_tags(gTxt('auto_dst')) . cs . $auto_dst . n, strip_tags(gTxt('gmtoffset')) . cs . $timezone_key . sp . "({$gmtoffset})" . n, 'MySQL' . cs . mysql_get_server_info() . n, gTxt('db_server_time') . cs . $db_server_time . n, gTxt('db_server_timeoffset') . cs . $db_server_timeoffset . ' s' . n, gTxt('db_global_timezone') . cs . $db_global_timezone . n, gTxt('db_session_timezone') . cs . $db_session_timezone . n, gTxt('locale') . cs . $locale . n, isset($_SERVER['SERVER_SOFTWARE']) ? gTxt('server') . cs . $_SERVER['SERVER_SOFTWARE'] . n : '', is_callable('apache_get_version') ? gTxt('apache_version') . cs . @apache_get_version() . n : '', gTxt('php_sapi_mode') . cs . PHP_SAPI . n, gTxt('rfc2616_headers') . cs . ini_get('cgi.rfc2616_headers') . n, gTxt('os_version') . cs . php_uname('s') . ' ' . php_uname('r') . n, $active_plugins ? gTxt('active_plugins') . cs . join(', ', $active_plugins) . n : '', gTxt('theme_name') . cs . $theme_name . sp . $theme_manifest['version'] . n, $fail ? n . gTxt('preflight_check') . cs . n . ln . join("\n", doStripTags($fail)) . n . ln : '', is_readable($path_to_site . '/.htaccess') ? n . gTxt('htaccess_contents') . cs . n . ln . txpspecialchars(join('', file($path_to_site . '/.htaccess'))) . n . ln : '');
if ($step == 'high') {
$out[] = n . 'Charset (default/config)' . cs . $DB->default_charset . '/' . $DB->charset . n;
$result = safe_query("SHOW variables like 'character_se%'");
while ($row = mysql_fetch_row($result)) {
$out[] = $row[0] . cs . $row[1] . n;
if ($row[0] == 'character_set_connection') {
$conn_char = $row[1];
}
}
$table_names = array(PFX . 'textpattern');
$result = safe_query("SHOW TABLES LIKE '" . PFX . "txp\\_%'");
while ($row = mysql_fetch_row($result)) {
$table_names[] = $row[0];
}
$table_msg = array();
foreach ($table_names as $table) {
$ctr = safe_query("SHOW CREATE TABLE " . $table . "");
if (!$ctr) {
unset($table_names[$table]);
continue;
}
$ctcharset = preg_replace('#^CREATE TABLE.*SET=([^ ]+)[^)]*$#is', '\\1', mysql_result($ctr, 0, 'Create Table'));
if (isset($conn_char) && !stristr($ctcharset, 'CREATE') && $conn_char != $ctcharset) {
$table_msg[] = "{$table} is {$ctcharset}";
}
$ctr = safe_query("CHECK TABLE " . $table);
if (in_array(mysql_result($ctr, 0, 'Msg_type'), array('error', 'warning'))) {
$table_msg[] = $table . cs . mysql_result($ctr, 0, 'Msg_Text');
}
}
if ($table_msg == array()) {
$table_msg = count($table_names) < 17 ? array('-') : array('OK');
}
$out[] = count($table_names) . ' Tables' . cs . implode(', ', $table_msg) . n;
$cf = preg_grep('/^custom_\\d+/', getThings('describe `' . PFX . 'textpattern`'));
$out[] = n . get_pref('max_custom_fields', 10) . sp . gTxt('custom') . cs . implode(', ', $cf) . sp . '(' . count($cf) . ')' . n;
$extns = get_loaded_extensions();
$extv = array();
foreach ($extns as $e) {
$extv[] = $e . (phpversion($e) ? '/' . phpversion($e) : '');
}
$out[] = n . gTxt('php_extensions') . cs . join(', ', $extv) . n;
if (is_callable('apache_get_modules')) {
$out[] = n . gTxt('apache_modules') . cs . join(', ', apache_get_modules()) . n;
}
if (@is_array($pretext_data) and count($pretext_data) > 1) {
$out[] = n . gTxt('pretext_data') . cs . txpspecialchars(join('', array_slice($pretext_data, 1, 20))) . n;
}
$out[] = n;
if ($md5s = check_file_integrity(INTEGRITY_MD5)) {
foreach ($md5s as $f => $checksum) {
$out[] = $f . cs . n . t . (!$checksum ? gTxt('unknown') : $checksum) . n;
}
}
$out[] = n . ln;
}
$out[] = callback_event('diag_results', $step) . n;
$out[] = '</textarea></p>';
$dets = array('low' => gTxt('low'), 'high' => gTxt('high'));
$out[] = form(graf(eInput('diag') . n . '<label>' . gTxt('detail') . '</label>' . selectInput('step', $dets, $step, 0, 1)));
echo join('', $out), '</div>', '</div>';
}
function preText($s, $prefs)
{
extract($prefs);
if (gps('rss')) {
include txpath . '/publish/rss.php';
exit(rss());
}
if (gps('atom')) {
include txpath . '/publish/atom.php';
exit(atom());
}
// set messy variables
$out = makeOut('id', 's', 'c', 'q', 'pg', 'p', 'month');
// if messy vars exist, bypass url parsing
if (!$out['id'] && !$out['s']) {
// define the useable url, minus any subdirectories.
// this is pretty fugly, if anyone wants to have a go at it - dean
$subpath = preg_quote(preg_replace("/http:\\/\\/.*(\\/.*)/Ui", "\$1", hu), "/");
$req = preg_replace("/^{$subpath}/i", "/", serverSet('REQUEST_URI'));
extract(chopUrl($req));
//first we sniff out some of the preset url schemes
if (!empty($u1)) {
switch ($u1) {
case 'atom':
include txpath . '/publish/atom.php';
exit(atom());
case 'rss':
include txpath . '/publish/rss.php';
exit(rss());
case strtolower(gTxt('section')):
$out['s'] = ckEx('section', $u2) ? $u2 : 'default';
break;
case strtolower(gTxt('category')):
$out['c'] = ckEx('category', $u2) ? $u2 : '';
break;
case urlencode(strtolower(gTxt('author'))):
$author_name = !empty($u2) ? urldecode($u2) : '';
$out['author'] = safe_field('name', 'txp_users', "RealName like '{$author_name}'");
break;
case strtolower(gTxt('file_download')):
$out['s'] = 'file_download';
$out['id'] = !empty($u2) ? $u2 : '';
break;
case 'p':
$out['p'] = is_numeric($u2) ? $u2 : '';
break;
default:
// then see if the prefs-defined permlink scheme is usable
switch ($permlink_mode) {
case 'section_id_title':
$out['s'] = ckEx('section', $u1) ? $u1 : 'default';
$out['id'] = is_numeric($u2) && ckExID($u2) ? $u2 : '';
break;
case 'year_month_day_title':
if (empty($u4)) {
$out['month'] = "{$u1}-{$u2}";
if (!empty($u3)) {
$out['month'] .= "-{$u3}";
}
$out['s'] = 'default';
} else {
$when = date("Y-m-d", strtotime("{$u1}-{$u2}-{$u3}") + $timeoffset);
$rs = lookupByDateTitle($when, $u4);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = !empty($rs['Section']) ? $rs['Section'] : '';
}
break;
case 'section_title':
$rs = lookupByTitleSection($u2, $u1);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = ckEx('section', $u1) ? $u1 : 'default';
break;
case 'title_only':
$rs = lookupByTitle($u1);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = !empty($rs['Section']) ? $rs['Section'] : ckEx('section', $u1) ? $u1 : 'default';
break;
case 'id_title':
if (is_numeric($u1) && ckExID($u1)) {
$rs = lookupByID($u1);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = !empty($rs['Section']) ? $rs['Section'] : 'default';
} else {
# We don't want to miss the /section/ pages
$out['s'] = ckEx('section', $u1) ? $u1 : 'default';
}
break;
}
}
} else {
$out['s'] = 'default';
}
} else {
// Messy mode, but prevent to get the id for file_downloads
if ($out['id'] && !$out['s']) {
$out['s'] = safe_field('section', 'textpattern', "ID='" . doSlash($out['id']) . "'");
}
}
if ($out['s'] == 'file_download') {
// get id of potential filename
if (!is_numeric($out['id'])) {
$rs = safe_row("*", "txp_file", "filename='" . $out['id'] . "'");
} else {
$rs = safe_row("*", "txp_file", "id='" . $out['id'] . "'");
}
$out = $rs ? array_merge($out, $rs) : array('s' => 'file_download', 'file_error' => 404);
return $out;
}
$out['s'] = empty($out['s']) ? 'default' : $out['s'];
$s = $out['s'];
$id = $out['id'];
// hackish
if (empty($id)) {
$GLOBALS['is_article_list'] = true;
}
// by this point we should know the section, so grab its page and css
$rs = safe_row("*", "txp_section", "name = '{$s}' limit 1");
$out['page'] = @$rs['page'];
$out['css'] = @$rs['css'];
if (is_numeric($id)) {
$idrs = safe_row("Posted, AuthorID, Keywords", "textpattern", "ID={$id}");
extract($idrs);
if ($np = getNextPrev($id, $Posted, $s)) {
$out = array_merge($out, $np);
}
$out['id_keywords'] = $Keywords;
$out['id_author'] = get_author_name($AuthorID);
}
$out['path_from_root'] = $path_from_root;
// these are deprecated as of 1.0
$out['pfr'] = $path_from_root;
// leaving them here for plugin compat
$out['path_to_site'] = $path_to_site;
$out['permlink_mode'] = $permlink_mode;
$out['sitename'] = htmlspecialchars($sitename);
return $out;
}
function replace_relative_urls($html, $permalink = '')
{
global $siteurl;
# urls like "/foo/bar" - relative to the domain
if (serverSet('HTTP_HOST')) {
$html = preg_replace('@(<a[^>]+href=")/@', '$1' . PROTOCOL . serverSet('HTTP_HOST') . '/', $html);
$html = preg_replace('@(<img[^>]+src=")/@', '$1' . PROTOCOL . serverSet('HTTP_HOST') . '/', $html);
}
# "foo/bar" - relative to the textpattern root
$html = preg_replace('@(<a[^>]+href=")(?!http://)@', '$1' . PROTOCOL . $siteurl . '/$2', $html);
$html = preg_replace('@(<img[^>]+src=")(?!http://)@', '$1' . PROTOCOL . $siteurl . '/$2', $html);
if ($permalink) {
$html = preg_replace("/href=\\\"#(.*)\"/", "href=\"" . $permalink . "#\\1\"", $html);
}
return $html;
}
if ($DB->connected && $DB->table_exists(PFX . 'textpattern')) {
$dbversion = safe_field('val', 'txp_prefs', "name = 'version'");
// global site prefs
$prefs = get_prefs();
extract($prefs);
if (empty($siteurl)) {
$siteurl = $_SERVER['HTTP_HOST'] . rtrim(dirname(dirname($_SERVER['SCRIPT_NAME'])), '/');
}
if (empty($path_to_site)) {
updateSitePath(dirname(dirname(__FILE__)));
}
define("LANG", $language);
//i18n: define("LANG","en-gb");
define('txp_version', $thisversion);
if (!defined('PROTOCOL')) {
switch (serverSet('HTTPS')) {
case '':
case 'off':
// ISAPI with IIS
define('PROTOCOL', 'http://');
break;
default:
define('PROTOCOL', 'https://');
break;
}
}
define("hu", PROTOCOL . $siteurl . '/');
// v1.0 experimental relative url global
define("rhu", preg_replace("/https?:\\/\\/.+(\\/.*)\\/?\$/U", "\$1", hu));
if (!empty($locale)) {
setlocale(LC_ALL, $locale);
function preText($s, $prefs)
{
extract($prefs);
callback_event('pretext');
// Set messy variables.
$out = makeOut('id', 's', 'c', 'context', 'q', 'm', 'pg', 'p', 'month', 'author');
if (gps('rss')) {
$out['feed'] = 'rss';
}
if (gps('atom')) {
$out['feed'] = 'atom';
}
// Some useful vars for taghandlers, plugins.
$out['request_uri'] = preg_replace("|^https?://[^/]+|i", "", serverSet('REQUEST_URI'));
$out['qs'] = serverSet('QUERY_STRING');
// IIS fix.
if (!$out['request_uri'] and serverSet('SCRIPT_NAME')) {
$out['request_uri'] = serverSet('SCRIPT_NAME') . (serverSet('QUERY_STRING') ? '?' . serverSet('QUERY_STRING') : '');
}
// Another IIS fix.
if (!$out['request_uri'] and serverSet('argv')) {
$argv = serverSet('argv');
$out['request_uri'] = @substr($argv[0], strpos($argv[0], ';') + 1);
}
// Define the useable url, minus any subdirectories.
// This is pretty ugly, if anyone wants to have a go at it.
$out['subpath'] = $subpath = preg_quote(preg_replace("/https?:\\/\\/.*(\\/.*)/Ui", "\$1", hu), "/");
$out['req'] = $req = preg_replace("/^{$subpath}/i", "/", $out['request_uri']);
$is_404 = $out['status'] == '404';
// If messy vars exist, bypass URL parsing.
if (!$out['id'] && !$out['s'] && !(txpinterface == 'css') && !(txpinterface == 'admin')) {
// Return clean URL test results for diagnostics.
if (gps('txpcleantest')) {
exit(show_clean_test($out));
}
extract(chopUrl($req));
// First we sniff out some of the preset URL schemes.
if (strlen($u1)) {
switch ($u1) {
case 'atom':
$out['feed'] = 'atom';
break;
case 'rss':
$out['feed'] = 'rss';
break;
// urldecode(strtolower(urlencode())) looks ugly but is the
// only way to make it multibyte-safe without breaking
// backwards-compatibility.
// urldecode(strtolower(urlencode())) looks ugly but is the
// only way to make it multibyte-safe without breaking
// backwards-compatibility.
case urldecode(strtolower(urlencode(gTxt('section')))):
$out['s'] = ckEx('section', $u2) ? $u2 : '';
$is_404 = empty($out['s']);
break;
case urldecode(strtolower(urlencode(gTxt('category')))):
if ($u3) {
$out['context'] = validContext($u2);
$out['c'] = $u3;
} else {
$out['context'] = 'article';
$out['c'] = $u2;
}
$out['c'] = ckCat($out['context'], $out['c']) ? $out['c'] : '';
$is_404 = empty($out['c']);
break;
case urldecode(strtolower(urlencode(gTxt('author')))):
if ($u3) {
$out['context'] = validContext($u2);
$out['author'] = $u3;
} else {
$out['context'] = 'article';
$out['author'] = $u2;
}
$out['author'] = !empty($out['author']) ? $out['author'] : '';
break;
// AuthorID gets resolved from Name further down.
// AuthorID gets resolved from Name further down.
case urldecode(strtolower(urlencode(gTxt('file_download')))):
$out['s'] = 'file_download';
$out['id'] = !empty($u2) ? $u2 : '';
$out['filename'] = !empty($u3) ? $u3 : '';
break;
default:
// Then see if the prefs-defined permlink scheme is usable.
switch ($permlink_mode) {
case 'section_id_title':
if (empty($u2)) {
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
} else {
$rs = lookupByIDSection($u2, $u1);
$out['s'] = @$rs['Section'];
$out['id'] = @$rs['ID'];
$is_404 = (empty($out['s']) or empty($out['id']));
}
break;
case 'year_month_day_title':
if (empty($u2)) {
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
} elseif (empty($u4)) {
$month = "{$u1}-{$u2}";
if (!empty($u3)) {
$month .= "-{$u3}";
}
if (preg_match('/\\d+-\\d+(?:-\\d+)?/', $month)) {
$out['month'] = $month;
$out['s'] = 'default';
} else {
$is_404 = 1;
}
} else {
$when = "{$u1}-{$u2}-{$u3}";
$rs = lookupByDateTitle($when, $u4);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = !empty($rs['Section']) ? $rs['Section'] : '';
$is_404 = (empty($out['s']) or empty($out['id']));
}
break;
case 'section_title':
if (empty($u2)) {
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
} else {
$rs = lookupByTitleSection($u2, $u1);
$out['id'] = isset($rs['ID']) ? $rs['ID'] : '';
$out['s'] = isset($rs['Section']) ? $rs['Section'] : '';
$is_404 = (empty($out['s']) or empty($out['id']));
}
break;
case 'title_only':
$rs = lookupByTitle($u1);
$out['id'] = @$rs['ID'];
$out['s'] = empty($rs['Section']) ? ckEx('section', $u1) : $rs['Section'];
$is_404 = empty($out['s']);
break;
case 'id_title':
if (is_numeric($u1) && ckExID($u1)) {
$rs = lookupByID($u1);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = !empty($rs['Section']) ? $rs['Section'] : '';
$is_404 = (empty($out['s']) or empty($out['id']));
} else {
// We don't want to miss the /section/ pages.
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
}
break;
}
if (!$is_404) {
$out['context'] = validContext($out['context']);
}
break;
// Prefs-defined permlink scheme case.
}
} else {
$out['s'] = 'default';
$out['context'] = validContext($out['context']);
}
} else {
// Messy mode, but prevent to get the id for file_downloads.
$out['context'] = validContext($out['context']);
if ($out['context'] == 'article' && $out['id'] && $out['s'] != 'file_download') {
$rs = lookupByID($out['id']);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = !empty($rs['Section']) ? $rs['Section'] : '';
$is_404 = (empty($out['s']) or empty($out['id']));
}
}
// Existing category in messy or clean URL?
if (!empty($out['c'])) {
if (!ckCat($out['context'], $out['c'])) {
$is_404 = true;
$out['c'] = '';
}
}
// Resolve AuthorID from Authorname.
if ($out['author']) {
$name = urldecode(strtolower(urlencode($out['author'])));
$name = safe_field('name', 'txp_users', "RealName LIKE '" . doSlash($out['author']) . "'");
if ($name) {
$out['author'] = $name;
} else {
$out['author'] = '';
$is_404 = true;
}
}
// Allow article preview.
if (gps('txpreview')) {
doAuth();
if (!has_privs('article.preview')) {
txp_status_header('401 Unauthorized');
exit(hed('401 Unauthorized', 1) . graf(gTxt('restricted_area')));
}
global $nolog;
$nolog = true;
$rs = safe_row("ID AS id, Section AS s", 'textpattern', "ID = " . intval(gps('txpreview')) . " LIMIT 1");
if ($rs) {
$is_404 = false;
$out = array_merge($out, $rs);
}
}
// Stats: found or not.
$out['status'] = $is_404 ? '404' : '200';
$out['pg'] = is_numeric($out['pg']) ? intval($out['pg']) : '';
$out['id'] = is_numeric($out['id']) ? intval($out['id']) : '';
if ($out['s'] == 'file_download') {
if (is_numeric($out['id'])) {
// Undo the double-encoding workaround for .gz files;
// @see filedownloadurl().
if (!empty($out['filename'])) {
$out['filename'] = preg_replace('/gz&$/i', 'gz', $out['filename']);
}
$fn = empty($out['filename']) ? '' : " AND filename = '" . doSlash($out['filename']) . "'";
$rs = safe_row('*', 'txp_file', "id = " . intval($out['id']) . " AND status = " . STATUS_LIVE . " AND created <= " . now('created') . $fn);
}
return !empty($rs) ? array_merge($out, $rs) : array('s' => 'file_download', 'file_error' => 404);
}
if (!$is_404) {
$out['s'] = empty($out['s']) ? 'default' : $out['s'];
}
$s = $out['s'];
$id = $out['id'];
// Hackish.
global $is_article_list;
if (empty($id)) {
$is_article_list = true;
}
// By this point we should know the section, so grab its page and CSS.
if (txpinterface != 'css') {
$rs = safe_row("page, css", "txp_section", "name = '" . doSlash($s) . "' LIMIT 1");
$out['page'] = isset($rs['page']) ? $rs['page'] : '';
$out['css'] = isset($rs['css']) ? $rs['css'] : '';
}
if (is_numeric($id) and !$is_404) {
$a = safe_row("*, UNIX_TIMESTAMP(Posted) AS uPosted, UNIX_TIMESTAMP(Expires) AS uExpires, UNIX_TIMESTAMP(LastMod) AS uLastMod", 'textpattern', "ID = " . intval($id) . (gps('txpreview') ? '' : " AND Status IN (" . STATUS_LIVE . "," . STATUS_STICKY . ")"));
if ($a) {
$out['id_keywords'] = $a['Keywords'];
$out['id_author'] = $a['AuthorID'];
populateArticleData($a);
$uExpires = $a['uExpires'];
if ($uExpires and time() > $uExpires and !$publish_expired_articles) {
$out['status'] = '410';
}
}
}
// These are deprecated as of Textpattern v1.0 - leaving them here for
// plugin compatibility.
$out['path_from_root'] = rhu;
$out['pfr'] = rhu;
$out['path_to_site'] = $path_to_site;
$out['permlink_mode'] = $permlink_mode;
$out['sitename'] = $sitename;
return $out;
}
function mem_form_serverinfo($atts)
{
global $mem_form_submit;
extract(mem_form_lAtts(array('label' => '', 'name' => ''), $atts));
if (empty($name)) {
$name = mem_form_label2name($label);
}
if (strlen($name) and $mem_form_submit) {
if (!$label) {
$label = $name;
}
mem_form_store($name, $label, serverSet($name));
}
}
function preText($s, $prefs)
{
extract($prefs);
callback_event('pretext');
if (gps('rss')) {
include txpath . '/publish/rss.php';
exit(rss());
}
if (gps('atom')) {
include txpath . '/publish/atom.php';
exit(atom());
}
// set messy variables
$out = makeOut('id', 's', 'c', 'q', 'pg', 'p', 'month', 'author');
// some useful vars for taghandlers, plugins
$out['request_uri'] = preg_replace("|^https?://[^/]+|i", "", serverSet('REQUEST_URI'));
$out['qs'] = serverSet('QUERY_STRING');
// IIS fix
if (!$out['request_uri'] and serverSet('SCRIPT_NAME')) {
$out['request_uri'] = serverSet('SCRIPT_NAME') . (serverSet('QUERY_STRING') ? '?' . serverSet('QUERY_STRING') : '');
}
// another IIS fix
if (!$out['request_uri'] and serverSet('argv')) {
$argv = serverSet('argv');
$out['request_uri'] = @substr($argv[0], strpos($argv[0], ';') + 1);
}
// define the useable url, minus any subdirectories.
// this is pretty fugly, if anyone wants to have a go at it - dean
$out['subpath'] = $subpath = preg_quote(preg_replace("/https?:\\/\\/.*(\\/.*)/Ui", "\$1", hu), "/");
$out['req'] = $req = preg_replace("/^{$subpath}/i", "/", $out['request_uri']);
$is_404 = 0;
// if messy vars exist, bypass url parsing
if (!$out['id'] && !$out['s'] && !(txpinterface == 'css') && !(txpinterface == 'admin')) {
// return clean URL test results for diagnostics
if (gps('txpcleantest')) {
exit(show_clean_test($out));
}
extract(chopUrl($req));
//first we sniff out some of the preset url schemes
if (strlen($u1)) {
switch ($u1) {
case 'atom':
include txpath . '/publish/atom.php';
exit(atom());
case 'rss':
include txpath . '/publish/rss.php';
exit(rss());
// urldecode(strtolower(urlencode())) looks ugly but is the only way to
// make it multibyte-safe without breaking backwards-compatibility
// urldecode(strtolower(urlencode())) looks ugly but is the only way to
// make it multibyte-safe without breaking backwards-compatibility
case urldecode(strtolower(urlencode(gTxt('section')))):
$out['s'] = ckEx('section', $u2) ? $u2 : '';
$is_404 = empty($out['s']);
break;
case urldecode(strtolower(urlencode(gTxt('category')))):
$out['c'] = ckEx('category', $u2) ? $u2 : '';
$is_404 = empty($out['c']);
break;
case urldecode(strtolower(urlencode(gTxt('author')))):
$out['author'] = !empty($u2) ? $u2 : '';
break;
// AuthorID gets resolved from Name further down
// AuthorID gets resolved from Name further down
case urldecode(strtolower(urlencode(gTxt('file_download')))):
$out['s'] = 'file_download';
$out['id'] = !empty($u2) ? $u2 : '';
break;
default:
// then see if the prefs-defined permlink scheme is usable
switch ($permlink_mode) {
case 'section_id_title':
if (empty($u2)) {
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
} else {
$rs = lookupByIDSection($u2, $u1);
$out['s'] = @$rs['Section'];
$out['id'] = @$rs['ID'];
$is_404 = (empty($out['s']) or empty($out['id']));
}
break;
case 'year_month_day_title':
if (empty($u2)) {
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
} elseif (empty($u4)) {
$month = "{$u1}-{$u2}";
if (!empty($u3)) {
$month .= "-{$u3}";
}
if (preg_match('/\\d+-\\d+(?:-\\d+)?/', $month)) {
$out['month'] = $month;
$out['s'] = 'default';
} else {
$is_404 = 1;
}
} else {
$when = "{$u1}-{$u2}-{$u3}";
$rs = lookupByDateTitle($when, $u4);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = !empty($rs['Section']) ? $rs['Section'] : '';
$is_404 = (empty($out['s']) or empty($out['id']));
}
break;
case 'section_title':
if (empty($u2)) {
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
} else {
$rs = lookupByTitleSection($u2, $u1);
$out['id'] = @$rs['ID'];
$out['s'] = @$rs['Section'];
$is_404 = (empty($out['s']) or empty($out['id']));
}
break;
case 'title_only':
$rs = lookupByTitle($u1);
$out['id'] = @$rs['ID'];
$out['s'] = empty($rs['Section']) ? ckEx('section', $u1) : $rs['Section'];
$is_404 = empty($out['s']);
break;
case 'id_title':
if (is_numeric($u1) && ckExID($u1)) {
$rs = lookupByID($u1);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = !empty($rs['Section']) ? $rs['Section'] : '';
$is_404 = (empty($out['s']) or empty($out['id']));
} else {
# We don't want to miss the /section/ pages
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
}
break;
}
}
} else {
$out['s'] = 'default';
}
} else {
// Messy mode, but prevent to get the id for file_downloads
if ($out['id'] && !$out['s']) {
$rs = lookupByID($out['id']);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = !empty($rs['Section']) ? $rs['Section'] : '';
$is_404 = (empty($out['s']) or empty($out['id']));
}
}
// Resolve AuthorID from Authorname
if ($out['author']) {
$name = urldecode(strtolower(urlencode($out['author'])));
$name = safe_field('name', 'txp_users', "RealName like '" . doSlash($out['author']) . "'");
if ($name) {
$out['author'] = $name;
} else {
$out['author'] = '';
$is_404 = true;
}
}
// allow article preview
if (gps('txpreview') and is_logged_in()) {
global $nolog;
$nolog = true;
$rs = safe_row("ID as id,Section as s", 'textpattern', 'ID = ' . intval(gps('txpreview')) . ' limit 1');
if ($rs and $is_404) {
$is_404 = false;
$out = array_merge($out, $rs);
}
}
// Stats: found or not
$out['status'] = $is_404 ? '404' : '200';
$out['pg'] = is_numeric($out['pg']) ? intval($out['pg']) : '';
$out['id'] = is_numeric($out['id']) ? intval($out['id']) : '';
if ($out['s'] == 'file_download') {
// get id of potential filename
if (!is_numeric($out['id'])) {
$rs = safe_row("*", "txp_file", "filename='" . doSlash($out['id']) . "' and status = 4");
} else {
$rs = safe_row("*", "txp_file", 'id=' . intval($out['id']) . ' and status = 4');
}
$out = $rs ? array_merge($out, $rs) : array('s' => 'file_download', 'file_error' => 404);
return $out;
}
if (!$is_404) {
$out['s'] = empty($out['s']) ? 'default' : $out['s'];
}
$s = $out['s'];
$id = $out['id'];
// hackish
global $is_article_list;
if (empty($id)) {
$is_article_list = true;
}
// by this point we should know the section, so grab its page and css
$rs = safe_row("page, css", "txp_section", "name = '" . doSlash($s) . "' limit 1");
$out['page'] = @$rs['page'];
$out['css'] = @$rs['css'];
if (is_numeric($id) and !$is_404) {
$a = safe_row('*, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires, unix_timestamp(LastMod) as uLastMod', 'textpattern', 'ID=' . intval($id) . (gps('txpreview') ? '' : ' and Status in (4,5)'));
if ($a) {
$Posted = $a['Posted'];
$out['id_keywords'] = $a['Keywords'];
$out['id_author'] = $a['AuthorID'];
populateArticleData($a);
$uExpires = $a['uExpires'];
if ($uExpires and time() > $uExpires and !$publish_expired_articles) {
$out['status'] = '410';
}
if ($np = getNextPrev($id, $Posted, $s)) {
$out = array_merge($out, $np);
}
}
}
$out['path_from_root'] = rhu;
// these are deprecated as of 1.0
$out['pfr'] = rhu;
// leaving them here for plugin compat
$out['path_to_site'] = $path_to_site;
$out['permlink_mode'] = $permlink_mode;
$out['sitename'] = $sitename;
return $out;
}
function frompath()
{
$pinfo = serverSet('PATH_INFO');
if ($pinfo) {
$frompath = explode('/', $pinfo);
return !empty($frompath[1]) ? $frompath[1] : '';
}
return '';
}
/**
* Writes a record to the visitor log using the current visitor's information.
*
* This function is used by log_hit(). See it before trying to use this one.
*
* The hit is ignore if $r is set to 'refer' and the HTTP REFERER header is empty.
*
* @param string $r Type of record to write, e.g. refer
* @param int $status HTTP status code
* @access private
* @see log_hit()
*/
function logit($r = '', $status = 200)
{
global $prefs, $pretext;
if (!isset($pretext['request_uri'])) {
return;
}
$host = $ip = (string) remote_addr();
$protocol = false;
$referer = serverSet('HTTP_REFERER');
if ($referer) {
foreach (do_list(LOG_REFERER_PROTOCOLS) as $option) {
if (strpos($referer, $option . '://') === 0) {
$protocol = $option;
$referer = substr($referer, strlen($protocol) + 3);
break;
}
}
if (!$protocol || $protocol === 'https' && PROTOCOL !== 'https://') {
$referer = '';
} elseif (preg_match('/^[^\\.]*\\.?' . preg_quote(preg_replace('/^www\\./', '', SITE_HOST), '/') . '/i', $referer)) {
$referer = '';
} else {
$referer = $protocol . '://' . clean_url($referer);
}
}
if ($r == 'refer' && !$referer) {
return;
}
if (!empty($prefs['use_dns'])) {
// A crude rDNS cache.
if (($h = safe_field('host', 'txp_log', "ip='" . doSlash($ip) . "' limit 1")) !== false) {
$host = $h;
} else {
// Double-check the rDNS.
$host = @gethostbyaddr($ip);
if ($host !== $ip && @gethostbyname($host) !== $ip) {
$host = $ip;
}
}
}
insert_logit(array('uri' => $pretext['request_uri'], 'ip' => $ip, 'host' => $host, 'status' => $status, 'method' => serverSet('REQUEST_METHOD'), 'ref' => $referer));
}
$microstart = getmicrotime();
if ($connected && safe_query("describe `" . PFX . "textpattern`")) {
$dbversion = safe_field('val', 'txp_prefs', "name = 'version'");
$prefs = get_prefs();
extract($prefs);
if (empty($siteurl)) {
$siteurl = $_SERVER['HTTP_HOST'] . rtrim(dirname(dirname($_SERVER['SCRIPT_NAME'])), '/');
}
if (empty($path_to_site)) {
updateSitePath(dirname(dirname(__FILE__)));
}
define("LANG", $language);
//i18n: define("LANG","en-gb");
define('txp_version', $thisversion);
if (!defined('PROTOCOL')) {
define('PROTOCOL', strtolower(serverSet('HTTPS')) == 'on' ? 'https://' : 'http://');
}
define("hu", PROTOCOL . $siteurl . '/');
// v1.0 experimental relative url global
define("rhu", preg_replace("/https?:\\/\\/.+(\\/.*)\\/?\$/U", "\$1", hu));
if (!empty($locale)) {
setlocale(LC_ALL, $locale);
}
$textarray = load_lang(LANG);
include txpath . '/include/txp_auth.php';
doAuth();
$event = gps('event') ? gps('event') : 'article';
$step = gps('step');
if (!$dbversion or $dbversion != $thisversion or $txp_using_svn) {
define('TXP_UPDATE', 1);
include txpath . '/update/_update.php';
function password_protect($atts, $thing = null)
{
ob_start();
extract(lAtts(array('login' => null, 'pass' => null, 'privs' => null), $atts));
if ($pass === null) {
$access = ($user = is_logged_in($login)) !== false && ($privs === null || in_list($user['privs'], $privs));
} else {
$au = serverSet('PHP_AUTH_USER');
$ap = serverSet('PHP_AUTH_PW');
// For PHP as (f)cgi, two rules in htaccess often allow this workaround.
$ru = serverSet('REDIRECT_REMOTE_USER');
if (!$au && !$ap && strpos($ru, 'Basic') === 0) {
list($au, $ap) = explode(':', base64_decode(substr($ru, 6)));
}
$access = $au === $login && $ap === $pass;
}
if ($access === false && $pass !== null) {
header('WWW-Authenticate: Basic realm="Private"');
}
if ($thing === null) {
if ($access === false) {
txp_die(gTxt('auth_required'), '401');
}
return '';
}
return parse(EvalElse($thing, $access));
}
function cnk_pretext()
{
global $prefs;
// only takeover url algorithm when in section_title mode
if (CNK_FRIENDLY_URLS && $prefs['permlink_mode'] == 'section_title') {
extract($prefs);
$out = array();
// some useful vars for taghandlers, plugins
$out['request_uri'] = preg_replace("|^https?://[^/]+|i", "", serverSet('REQUEST_URI'));
$out['qs'] = serverSet('QUERY_STRING');
// IIS fix
if (!$out['request_uri'] and serverSet('SCRIPT_NAME')) {
$out['request_uri'] = serverSet('SCRIPT_NAME') . (serverSet('QUERY_STRING') ? '?' . serverSet('QUERY_STRING') : '');
}
// another IIS fix
if (!$out['request_uri'] and serverSet('argv')) {
$argv = serverSet('argv');
$out['request_uri'] = @substr($argv[0], strpos($argv[0], ';') + 1);
}
$subpath = preg_quote(preg_replace("/https?:\\/\\/.*(\\/.*)/Ui", "\$1", hu), "/");
$req = preg_replace("/^{$subpath}/i", "/", $out['request_uri']);
$url_chunks = explode('/', trim($req, '/'));
$req = '/' . implode('/', array_slice($url_chunks, -2));
//echo $req;
extract(chopUrl($req));
//first we sniff out some of the preset url schemes
if (strlen($u1)) {
switch ($u1) {
case 'atom':
include txpath . '/publish/atom.php';
exit(atom());
case 'rss':
include txpath . '/publish/rss.php';
exit(rss());
// urldecode(strtolower(urlencode())) looks ugly but is the only way to
// make it multibyte-safe without breaking backwards-compatibility
// urldecode(strtolower(urlencode())) looks ugly but is the only way to
// make it multibyte-safe without breaking backwards-compatibility
case urldecode(strtolower(urlencode(gTxt('section')))):
$out['s'] = ckEx('section', $u2) ? $u2 : '';
break;
case urldecode(strtolower(urlencode(gTxt('category')))):
$out['c'] = ckEx('category', $u2) ? $u2 : '';
break;
case urldecode(strtolower(urlencode(gTxt('author')))):
$out['author'] = !empty($u2) ? $u2 : '';
break;
// AuthorID gets resolved from Name further down
// AuthorID gets resolved from Name further down
case urldecode(strtolower(urlencode(gTxt('file_download')))):
$out['s'] = 'file_download';
$out['id'] = !empty($u2) ? $u2 : '';
break;
default:
// then see if the prefs-defined permlink scheme is usable
switch ($permlink_mode) {
/*
case 'section_id_title':
if (empty($u2))
{
$out['s'] = (ckEx('section',$u1)) ? $u1 : '';
}
else
{
$rs = lookupByIDSection($u2, $u1);
$out['s'] = @$rs['Section'];
$out['id'] = @$rs['ID'];
}
break;
case 'year_month_day_title':
if (empty($u2))
{
$out['s'] = (ckEx('section',$u1)) ? $u1 : '';
}
elseif (empty($u4))
{
$month = "$u1-$u2";
if (!empty($u3)) $month.= "-$u3";
if (preg_match('/\d+-\d+(?:-\d+)?/', $month)) {
$out['month'] = $month;
$out['s'] = 'default';
}
}
else
{
$when = "$u1-$u2-$u3";
$rs = lookupByDateTitle($when,$u4);
$out['id'] = (!empty($rs['ID'])) ? $rs['ID'] : '';
$out['s'] = (!empty($rs['Section'])) ? $rs['Section'] : '';
}
break;
*/
case 'section_title':
if (empty($u2)) {
$out['s'] = ckEx('section', $u1) ? $u1 : '';
} else {
// match section/title
$rs = lookupByTitleSection($u2, $u1);
if (count($rs)) {
$out['id'] = @$rs['ID'];
$out['s'] = @$rs['Section'];
} else {
// match parentsection/section
$rs = safe_row("name, lft", 'txp_section', "lower(name) like '" . doSlash($u2) . "' AND lower(parent)='" . doSlash($u1) . "' limit 1");
if (count($rs)) {
// check path TODO: move to function
$rs_path = safe_rows("name", "txp_section", "lft <= " . $rs['lft'] . " and ((rgt-lft) > 1 OR lft = " . $rs['lft'] . ") and name != 'default' order by lft");
$path = '/';
for ($i = 0; $i < count($rs_path); $i++) {
$path .= $rs_path[$i]['name'] . '/';
}
if ($path == '/' . implode('/', $url_chunks) . '/') {
$out['s'] = @$rs['name'];
}
}
}
}
break;
/*
case 'title_only':
$rs = lookupByTitle($u1);
$out['id'] = @$rs['ID'];
$out['s'] = (empty($rs['Section']) ? ckEx('section', $u1) : $rs['Section']);
break;
case 'id_title':
if (is_numeric($u1) && ckExID($u1))
{
$rs = lookupByID($u1);
$out['id'] = (!empty($rs['ID'])) ? $rs['ID'] : '';
$out['s'] = (!empty($rs['Section'])) ? $rs['Section'] : '';
}
else
{
# We don't want to miss the /section/ pages
$out['s']= ckEx('section',$u1)? $u1 : '';
}
break; */
}
}
} else {
$out['s'] = 'default';
}
//print_r($out);
if (isset($out['id'])) {
$_GET['id'] = $out['id'];
}
if (isset($out['s'])) {
$_GET['s'] = $out['s'];
}
}
}
function preText($s, $prefs)
{
extract($prefs);
callback_event('pretext');
if (gps('rss')) {
include txpath . '/publish/rss.php';
exit(rss());
}
if (gps('atom')) {
include txpath . '/publish/atom.php';
exit(atom());
}
// set messy variables
$out = makeOut('id', 's', 'c', 'q', 'pg', 'p', 'month', 'author');
// some useful vars for taghandlers, plugins
$out['request_uri'] = serverSet('REQUEST_URI');
$out['qs'] = serverSet('QUERY_STRING');
// IIS - can someone confirm whether or not this works?
if (!$out['request_uri'] and $argv = serverSet('argv')) {
$out['request_uri'] = @substr($argv[0], strpos($argv[0], ';' + 1));
}
// define the useable url, minus any subdirectories.
// this is pretty fugly, if anyone wants to have a go at it - dean
$out['subpath'] = $subpath = preg_quote(preg_replace("/http:\\/\\/.*(\\/.*)/Ui", "\$1", hu), "/");
$out['req'] = $req = preg_replace("/^{$subpath}/i", "/", serverSet('REQUEST_URI'));
$is_404 = 0;
// if messy vars exist, bypass url parsing
if (!$out['id'] && !$out['s']) {
extract(chopUrl($req));
//first we sniff out some of the preset url schemes
if (!empty($u1)) {
switch ($u1) {
case 'atom':
include txpath . '/publish/atom.php';
exit(atom());
case 'rss':
include txpath . '/publish/rss.php';
exit(rss());
// urldecode(strtolower(urlencode())) looks ugly but is the only way to
// make it multibyte-safe without breaking backwards-compatibility
// urldecode(strtolower(urlencode())) looks ugly but is the only way to
// make it multibyte-safe without breaking backwards-compatibility
case urldecode(strtolower(urlencode(gTxt('section')))):
$out['s'] = ckEx('section', $u2) ? $u2 : '';
break;
case urldecode(strtolower(urlencode(gTxt('category')))):
$out['c'] = ckEx('category', $u2) ? $u2 : '';
break;
case urldecode(strtolower(urlencode(gTxt('author')))):
$out['author'] = !empty($u2) ? $u2 : '';
break;
// AuthorID gets resolved from Name further down
// AuthorID gets resolved from Name further down
case urldecode(strtolower(urlencode(gTxt('file_download')))):
$out['s'] = 'file_download';
$out['id'] = !empty($u2) ? $u2 : '';
break;
case 'p':
$out['p'] = is_numeric($u2) ? $u2 : '';
break;
default:
// then see if the prefs-defined permlink scheme is usable
switch ($permlink_mode) {
case 'section_id_title':
if (empty($u2)) {
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
} else {
$rs = ckExID($u2);
$out['s'] = @$rs['Section'];
$out['id'] = @$rs['ID'];
$is_404 = (empty($out['s']) or empty($out['id']));
}
break;
case 'year_month_day_title':
if (empty($u2)) {
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
} elseif (empty($u4)) {
$month = "{$u1}-{$u2}";
if (!empty($u3)) {
$month .= "-{$u3}";
}
if (preg_match('/\\d+-\\d+(?:-\\d+)?/', $month)) {
$out['month'] = $month;
$out['s'] = 'default';
} else {
$is_404 = 1;
}
} else {
$when = "{$u1}-{$u2}-{$u3}";
$rs = lookupByDateTitle($when, $u4);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = !empty($rs['Section']) ? $rs['Section'] : '';
$is_404 = (empty($out['s']) or empty($out['id']));
}
break;
case 'section_title':
if (empty($u2)) {
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
} else {
$rs = lookupByTitleSection($u2, $u1);
$out['id'] = @$rs['ID'];
$out['s'] = @$rs['Section'];
$is_404 = (empty($out['s']) or empty($out['id']));
}
break;
case 'title_only':
$rs = lookupByTitle($u1);
$out['id'] = @$rs['ID'];
$out['s'] = empty($rs['Section']) ? ckEx('section', $u1) : $rs['Section'];
$is_404 = empty($out['s']);
break;
case 'id_title':
if (is_numeric($u1) && ckExID($u1)) {
$rs = lookupByID($u1);
$out['id'] = !empty($rs['ID']) ? $rs['ID'] : '';
$out['s'] = !empty($rs['Section']) ? $rs['Section'] : '';
$is_404 = (empty($out['s']) or empty($out['id']));
} else {
# We don't want to miss the /section/ pages
$out['s'] = ckEx('section', $u1) ? $u1 : '';
$is_404 = empty($out['s']);
}
break;
}
}
} else {
$out['s'] = 'default';
}
} else {
// Messy mode, but prevent to get the id for file_downloads
if ($out['id'] && !$out['s']) {
$out['s'] = safe_field('section', 'textpattern', "ID='" . doSlash($out['id']) . "'");
}
}
// Resolve AuthorID from Authorname
if ($out['author']) {
$out['author'] = safe_field('name', 'txp_users', "RealName like '" . doSlash($out['author']) . "'");
}
// Stats: found or not
$out['status'] = $is_404 ? '404' : '200';
if ($out['s'] == 'file_download') {
// get id of potential filename
if (!is_numeric($out['id'])) {
$rs = safe_row("*", "txp_file", "filename='" . doSlash($out['id']) . "'");
} else {
$rs = safe_row("*", "txp_file", "id='" . intval($out['id']) . "'");
}
$out = $rs ? array_merge($out, $rs) : array('s' => 'file_download', 'file_error' => 404);
return $out;
}
if (!$is_404) {
$out['s'] = empty($out['s']) ? 'default' : $out['s'];
}
$s = $out['s'];
$id = $out['id'];
// hackish
if (empty($id)) {
$GLOBALS['is_article_list'] = true;
}
// by this point we should know the section, so grab its page and css
$rs = safe_row("*", "txp_section", "name = '" . doSlash($s) . "' limit 1");
$out['page'] = @$rs['page'];
// Remove the below line if nothing breaks
// $out['css'] = @$rs['css'];
if (is_numeric($id)) {
$idrs = safe_row("Posted, AuthorID, Keywords", "textpattern", "ID=" . doSlash($id));
extract($idrs);
if ($np = getNextPrev($id, $Posted, $s)) {
$out = array_merge($out, $np);
}
$out['id_keywords'] = $Keywords;
$out['id_author'] = get_author_name($AuthorID);
}
$out['path_from_root'] = $path_from_root;
// these are deprecated as of 1.0
$out['pfr'] = $path_from_root;
// leaving them here for plugin compat
$out['path_to_site'] = $path_to_site;
$out['permlink_mode'] = $permlink_mode;
$out['sitename'] = htmlspecialchars($sitename);
return $out;
}
$microstart = getmicrotime();
if ($connected && safe_query("describe `" . PFX . "textpattern`")) {
$dbversion = safe_field('val', 'txp_prefs', "name = 'version'");
$prefs = get_prefs();
extract($prefs);
if (empty($siteurl)) {
$siteurl = $_SERVER['HTTP_HOST'] . rtrim(dirname(dirname($_SERVER['SCRIPT_NAME'])), '/');
}
if (empty($path_to_site)) {
updateSitePath(dirname(dirname(__FILE__)));
}
define("LANG", $language);
//i18n: define("LANG","en-gb");
define('txp_version', $thisversion);
if (!defined('PROTOCOL')) {
define('PROTOCOL', serverSet('HTTPS') != '' ? 'https://' : 'http://');
}
define("hu", PROTOCOL . $siteurl . '/');
// v1.0 experimental relative url global
define("rhu", preg_replace("/https?:\\/\\/.+(\\/.*)\\/?\$/U", "\$1", hu));
if (!empty($locale)) {
setlocale(LC_ALL, $locale);
}
$textarray = load_lang(LANG);
include txpath . '/include/txp_auth.php';
doAuth();
$event = gps('event') ? gps('event') : 'article';
$step = gps('step');
if (!$dbversion or $dbversion != $thisversion or $txp_using_svn) {
define('TXP_UPDATE', 1);
include txpath . '/update/_update.php';
function _method()
{
// return the request method
return strtoupper(serverSet('REQUEST_METHOD'));
}
function password_protect($atts)
{
ob_start();
extract(lAtts(array('login' => '', 'pass' => ''), $atts));
$au = serverSet('PHP_AUTH_USER');
$ap = serverSet('PHP_AUTH_PW');
//For php as (f)cgi, two rules in htaccess often allow this workaround
$ru = serverSet('REDIRECT_REMOTE_USER');
if ($ru && !$au && !$ap && substr($ru, 0, 5) == 'Basic') {
list($au, $ap) = explode(':', base64_decode(substr($ru, 6)));
}
if ($login && $pass) {
if (!$au || !$ap || $au != $login || $ap != $pass) {
header('WWW-Authenticate: Basic realm="Private"');
txp_die(gTxt('auth_required'), '401');
}
}
}
function password_protect($atts)
{
ob_start();
extract(lAtts(array('login' => '', 'pass' => ''), $atts));
$au = serverSet('PHP_AUTH_USER');
$ap = serverSet('PHP_AUTH_PW');
if ($login && $pass) {
if (!$au || !$ap || $au != $login || $ap != $pass) {
header('WWW-Authenticate: Basic realm="Private"');
header('HTTP/1.0 401 Unauthorized');
exit(gTxt('auth_required'));
}
}
}
/**
* Test whether the client accepts a certain response format.
*
* Discards formats with a quality factor below 0.1
*
* @param string $format One of 'html', 'txt', 'js', 'css', 'json', 'xml', 'rdf', 'atom', 'rss'
* @return boolean $format TRUE if accepted
* @since 4.5.0
* @package Network
*/
function http_accept_format($format)
{
static $formats = array('html' => array('text/html', 'application/xhtml+xml', '*/*'), 'txt' => array('text/plain', '*/*'), 'js' => array('application/javascript', 'application/x-javascript', 'text/javascript', 'application/ecmascript', 'application/x-ecmascript', '*/*'), 'css' => array('text/css', '*/*'), 'json' => array('application/json', 'application/x-json', '*/*'), 'xml' => array('text/xml', 'application/xml', 'application/x-xml', '*/*'), 'rdf' => array('application/rdf+xml', '*/*'), 'atom' => array('application/atom+xml', '*/*'), 'rss' => array('application/rss+xml', '*/*'));
static $accepts = array();
static $q = array();
if (empty($accepts)) {
// Build cache of accepted formats.
$accepts = preg_split('/\\s*,\\s*/', serverSet('HTTP_ACCEPT'), null, PREG_SPLIT_NO_EMPTY);
foreach ($accepts as $i => &$a) {
// Sniff out quality factors if present.
if (preg_match('/(.*)\\s*;\\s*q=([.0-9]*)/', $a, $m)) {
$a = $m[1];
$q[$a] = floatval($m[2]);
} else {
$q[$a] = 1.0;
}
// Discard formats with quality factors below an arbitrary threshold
// as jQuery adds a wildcard '*/*; q=0.01' to the 'Accepts' header
// for XHR requests.
if ($q[$a] < 0.1) {
unset($q[$a]);
unset($accepts[$i]);
}
}
}
return isset($formats[$format]) && count(array_intersect($formats[$format], $accepts)) > 0;
}
/**
* Test whether the client accepts a certain response format
* @param string $format One of 'html', 'txt', 'js', 'css', 'json', 'xml', 'rdf', 'atom', or 'rss'
* @return boolean $format is accepted
* @since 4.5.0
*/
function http_accept_format($format)
{
static $formats = array('html' => array('text/html', 'application/xhtml+xml', '*/*'), 'txt' => array('text/plain', '*/*'), 'js' => array('application/javascript', 'application/x-javascript', 'text/javascript', 'application/ecmascript', 'application/x-ecmascript', '*/*'), 'css' => array('text/css', '*/*'), 'json' => array('application/json', 'application/x-json', '*/*'), 'xml' => array('text/xml', 'application/xml', 'application/x-xml', '*/*'), 'rdf' => array('application/rdf+xml', '*/*'), 'atom' => array('application/atom+xml', '*/*'), 'rss' => array('application/rss+xml', '*/*'));
static $accepts = array();
// static $q = array(); // nice to have
if (empty($accepts)) {
// build cache of accepted formats
$accepts = preg_split('/\\s*,\\s*/', serverSet('HTTP_ACCEPT'), null, PREG_SPLIT_NO_EMPTY);
foreach ($accepts as &$a) {
// sniff out quality factors if present
if (preg_match('/(.*)\\s*;\\s*q=([.0-9]*)/', $a, $m)) {
$a = $m[1];
// $q[$a] = floatval($m[2]);
// } else {
// $q[$a] = 1.0;
}
}
}
return isset($formats[$format]) ? count(array_intersect($formats[$format], $accepts)) > 0 : false;
}
/**
* Renders a checkbox to set/unset a browser cookie.
*
* @param string $classname Label text. The cookie's name will be derived from this value
* @param bool $form Create as a stand-along <form> element
* @return string HTML
*/
function cookie_box($classname, $form = true)
{
$name = 'cb_' . $classname;
$id = escape_js($name);
$class = escape_js($classname);
if (cs('toggle_' . $classname)) {
$value = 1;
} else {
$value = 0;
}
$newvalue = 1 - $value;
$out = checkbox($name, 1, (bool) $value, 0, $name) . n . tag(gTxt($classname), 'label', array('for' => $name));
$js = <<<EOF
\$(function ()
{
\$('input')
.filter(function () {
if (\$(this).attr('id') === '{$id}') {
return true;
}
})
.change(function () {
setClassRemember('{$class}', {$newvalue});
\$(this).parents('form').submit();
});
});
EOF;
$out .= script_js($js);
if ($form) {
if (serverSet('QUERY_STRING')) {
$action = 'index.php?' . serverSet('QUERY_STRING');
} else {
$action = 'index.php';
}
$out .= eInput(gps('event')) . tInput();
return tag($out, 'form', array('class' => $name, 'method' => 'post', 'action' => $action));
}
return $out;
}
/**
* ign_doTxpValidate strictly validates cookie or passed in credentials, does NOT check privilege levels,
* make certain to call ign_checkPrivs after validating the user for protected elements
* returns value depending type of failure or 0 on success
* 0 - successful validation
* 1 - logout process (display login?)
* 2 - invalid user / password
* 3 - bad cookie
*
**/
function ign_doTxpValidate()
{
global $logout, $txpcfg, $ign_user_db;
if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
$p_userid = serverSet('PHP_AUTH_USER');
$p_password = serverSet('PHP_AUTH_PW');
} else {
$p_userid = ps('p_userid');
$p_password = ps('p_password');
}
$logout = gps('logout');
$stay = ps('stay');
$now = time() + 3600 * 24 * 365;
// $d = explode('.', $_SERVER['HTTP_HOST']);
// $d = '.' . join('.', array_slice($d, 1-count($d), count($d)-1));
$domain = ign_getDomain();
if ($logout) {
setcookie('ign_login', ' ', time() - 3600, '/', $domain);
$GLOBALS['ign_user'] = '';
// logout from Vanilla
if (load_plugin("ddh_vanilla_integration")) {
ddh_vanilla_logout();
}
return 1;
}
if (isset($_COOKIE['ign_login']) and !$logout) {
//parse cookie
list($c_userid, $c_privs, $c_realname, $cookie_hash) = ign_getCookie();
//get account info
$acct = safe_row('name, privs, realname, nonce, last_access, email', $ign_user_db, "name='{$c_userid}'");
$nonce = $acct['nonce'];
if (md5($c_userid . $c_privs . $nonce) == $cookie_hash) {
// check nonce
$GLOBALS['ign_user'] = $c_userid;
// cookie is good, create $txp_user
if ($c_privs != $acct['privs']) {
if ($_COOKIE['ign_stay']) {
if (!ign_setCookie($acct, $now)) {
return 3;
}
} else {
if (!ign_setCookie($acct)) {
return 3;
}
}
}
ign_update_access($acct);
return 0;
} else {
// something's gone wrong
$GLOBALS['ign_user'] = '';
setcookie('ign_login', '', -1, '/');
return 3;
}
} elseif ($p_userid) {
// no cookie, but incoming login vars
sleep(3);
// should grind dictionary attacks to a halt
$valid_usr = ign_validate($p_userid, $p_password);
if ($valid_usr) {
$nonce = $valid_usr['nonce'];
//get nonce
if ($stay) {
// persistent cookie required
if (!ign_setCookie($valid_usr, $now)) {
return 3;
}
setcookie('ign_stay', '1', $now, '/', $domain);
} else {
// session-only cookie required`
if (!ign_setCookie($valid_usr)) {
return 3;
}
setcookie('ign_stay', '0', -1, '/', $domain);
}
$GLOBALS['ign_user'] = $p_userid;
// login is good, create $txp_user
return 0;
} else {
$GLOBALS['ign_user'] = '';
return 2;
}
} else {
$GLOBALS['ign_user'] = '';
return -1;
}
}
function yab_shop_add()
{
global $thisarticle, $is_article_list;
$id = $thisarticle['thisid'];
$property_1_name = yab_shop_config('custom_field_property_1_name');
$property_2_name = yab_shop_config('custom_field_property_2_name');
$property_3_name = yab_shop_config('custom_field_property_3_name');
$hinput = '';
$purl = permlinkurl_id($id);
$script = '';
if ($is_article_list == true) {
$hinput = hInput('yab-shop-id', $id);
if (serverSet('REQUEST_URI') and serverSet('HTTP_HOST')) {
$purl = PROTOCOL . serverSet('HTTP_HOST') . serverSet('REQUEST_URI');
}
}
if (yab_shop_config('use_property_prices') == '1') {
$script .= yab_shop_property_prices($id) . n;
}
$add_form = tag($hinput . yab_shop_build_custom_select_tag($property_1_name, yab_shop_lang('custom_field_property_1')) . yab_shop_build_custom_select_tag($property_2_name, yab_shop_lang('custom_field_property_2')) . yab_shop_build_custom_select_tag($property_3_name, yab_shop_lang('custom_field_property_3')) . graf(fInput('text', 'qty', '1', '', '', '', '1') . fInput('submit', 'add', yab_shop_lang('add_to_cart'), 'submit'), ' class="yab-add"'), 'form', ' method="post" action="' . $purl . '#yab-shop-form-' . $id . '" id="yab-shop-form-' . $id . '"');
return $script . $add_form;
}
function show_clean_test($pretext)
{
echo md5(@$pretext['req']) . n;
if (serverSet('SERVER_ADDR') == serverSet('REMOTE_ADDR')) {
var_export($pretext);
}
}
function l10n_lang_list($atts)
{
global $thisarticle, $l10n_language, $is_article_list, $pretext, $prefs;
extract(lAtts(array('title' => '', 'on404' => '', 'current_class' => 'l10n_current', 'language_class' => 'long', 'list_class' => 'l10n_lang_list', 'show_empty' => '', 'link_current' => '', 'display' => 'native', 'article_list' => $is_article_list, 'surpress_current' => '', 'empty_title' => '', 'appendslash' => '', 'wraptag' => 'ul', 'break' => 'li', 'hide_langs' => ''), $atts));
$on404 = !empty($on404);
# User marked this list as a 404 special lookup list.
$show_empty = !empty($show_empty);
$link_current = !empty($link_current);
$surpress_current = !empty($surpress_current);
$break = $wraptag == 'select' ? 'option' : $break;
// Ensure 'option' break tag if select used
$appendslash = !empty($appendslash);
$processing404 = $pretext['status'] === '404';
$messy_urls = $pretext['permlink_mode'] === 'messy';
$category_list = !empty($pretext['c']);
$get_style_cat = gps('c');
$processingcats = $category_list && !$messy_urls && !$get_style_cat;
# Don't process (localise) category list urls in messy mode.
$author_list = !empty($pretext['author']);
$get_style_auth = gps('author');
$processingauths = $author_list && !$messy_urls && !$get_style_auth;
# Don't process (localise) author list urls in messy mode.
$list = array();
static $alangs;
$slangs = MLPLanguageHandler::get_site_langs();
$hide_langs = do_list(trim($hide_langs));
$slangs = array_diff($slangs, $hide_langs);
$section = empty($pretext['s']) ? '' : $pretext['s'];
$id = $pretext['id'];
$subpath = preg_quote(preg_replace("/https?:\\/\\/.*(\\/.*)/Ui", "\$1", hu), "/");
$uri = preg_replace("/^{$subpath}/i", "/", serverSet('REQUEST_URI'));
#$uri = preg_replace("/^$subpath/i" , "/" , rtrim(serverSet('REQUEST_URI'),'/'));
$parts = chopUrl($uri);
//echo br , "l10n_lang_list(" , var_dump($atts) , ") Section($section) ID($id)" ;
//echo br , 'uri = ' , $uri;
//echo br , "parts = " , var_dump( $parts );
$name_mappings = array();
if ($processingcats || $processingauths) {
# echo br , 'Processing by category or author : ';
$info = safe_rows_start('name,lang,data', 'txp_lang', "`name` IN ('category','author')");
if ($info and mysql_num_rows($info) > 0) {
while ($r = nextRow($info)) {
$name_mappings[$r['name']][$r['lang']] = urlencode($r['data']);
}
}
# echo var_dump( $name_mappings ) . br ;
}
if ($on404 or $processing404) {
#
# Find the section and id of the faulting article (if possible)...
#
if (empty($id)) {
$id = gps('id');
}
# Try out a messy match first
if (empty($id)) {
extract($parts);
//echo br , 'permlink_mode = ' , $prefs['permlink_mode'];
switch ($prefs['permlink_mode']) {
case 'section_id_title':
$id = $u1;
break;
case 'year_month_day_title':
$when = "{$u0}-{$u1}-{$u2}";
$rs = safe_row("ID,Section", L10N_MASTER_TEXTPATTERN, "posted like '" . doSlash($when) . "%' and url_title like '" . doSlash($u3) . "' and Status >= 4 limit 1");
$id = !empty($rs['ID']) ? $rs['ID'] : '';
break;
case 'section_title':
$rs = safe_row("ID,Section", L10N_MASTER_TEXTPATTERN, "url_title like '" . doSlash($u1) . "' AND Section='" . doSlash($u0) . "' and Status >= 4 limit 1");
$id = @$rs['ID'];
break;
case 'title_only':
$rs = safe_row('ID', L10N_MASTER_TEXTPATTERN, "url_title like '" . doSlash($u0) . "' and Status >= 4 limit 1");
$id = @$rs['ID'];
break;
case 'id_title':
$id = $u0;
break;
}
}
if (!empty($id) and is_numeric($id)) {
$article_list = false;
} else {
return '';
}
#
# Make sure we show all alternatives, even if they are in the current language...
#
$link_current = true;
}
$show_title = !empty($title);
if (!$article_list) {
if (!isset($alangs) or !is_array($alangs)) {
$alangs = _l10n_get_alternate_mappings($id, 'nothing', true);
}
//echo br , 'alangs = ' , var_dump( $alangs );
if ($show_title) {
$show_title = !empty($alangs);
}
}
if ($show_title) {
$title = tag($title, 'p') . n;
} else {
$title = '';
}
foreach ($slangs as $lang) {
$codes = MLPLanguageHandler::compact_code($lang);
$short = $codes['short'];
$long = $codes['long'];
$dir = MLPLanguageHandler::get_lang_direction_markup($lang);
#
# Surpress the current item when needed...
#
$current = $l10n_language['long'] === $lang;
if ($current && $surpress_current) {
continue;
}
switch ($display) {
case 'short':
$lname = $short;
break;
case 'long':
$lname = $long;
break;
case 'native+':
$lname = MLPLanguageHandler::get_native_name_of_lang($lang) . " [{$short}]";
break;
case 'native++':
$lname = MLPLanguageHandler::get_native_name_of_lang($lang) . " [{$long}]";
break;
default:
$lname = MLPLanguageHandler::get_native_name_of_lang($lang);
break;
}
if ($article_list) {
#
# No individual ID but we should be able to serve all the languages
# so use the current url and inject the language component into each one...
#
$text = tag($lname, 'span', $dir);
#
# Prep the line class...
#
$class = 'short' === $language_class ? $short : $lang;
if ($current) {
$class .= ' ' . $current_class;
}
$class = ' class="' . $class . '"';
if (!$current or $link_current) {
#$subpath = preg_quote(preg_replace("/https?:\/\/.*(\/.*)/Ui","$1",hu),"/");
#$uri = preg_replace("/^$subpath/i" , "/" , serverSet('REQUEST_URI'));
if ($processing404) {
$uri = '';
}
if ($processingcats || $processingauths) {
#
# Category lists are a special case. For this to work, we need to
# replace the local 'category'/'author' string with it's name in the target language.
#
# Not doing the replace results in 404 errors.
#
$type = $processingcats ? 'category' : 'author';
$target_name = $name_mappings[$type][$lang];
#echo br . $uri . ' => ' . $lang . ' = ' . $target_name . '(' . urldecode($target_name) . ')';
$chunks = explode('/', ltrim($uri, '/'));
$chunks[0] = $target_name;
$uri = '/' . join('/', $chunks);
}
if (!$processing404 && $appendslash && $uri == '') {
$uri = '/';
}
if ($break == 'option') {
$line = $text;
$class .= ' value="' . hu . $short . $uri . '"';
} else {
$line = '<a href="' . hu . $short . $uri . '">' . $text . '</a>';
}
} else {
if ($break == 'option') {
$class .= ' selected="selected"';
}
$line = $text;
}
$list[] = tag($line, $break, $class);
} else {
#
# If a translation exists for that language then we
# build a valid url to it and make it active in the list, otherwise include it in the
# list but wihtout the hyper-link.
#
# The active page is marked up with a css class.
#
if (array_key_exists($lang, $alangs)) {
$record = $alangs[$lang];
$lang_rendition_title = $record['Title'];
$lang_rendition_id = $record['ID'];
$text = $lname;
if ($processing404) {
$text = strong($text) . sp . ':' . sp . $lang_rendition_title;
}
$text = tag($text, 'span', $dir);
#
# Prep the line class...
#
$class = 'short' === $language_class ? $short : $lang;
if ($current) {
$class .= ' ' . $current_class;
}
$class = ' class="' . $class . '"';
if (!$current or $link_current) {
$url = permlinkurl($record);
$f = hu;
$url = str_replace($f, $f . $short . '/', $url);
if ($break == 'option') {
$line = $text;
$class .= ' value="' . $url . '"';
} else {
$line = '<a href="' . $url . '">' . $text . '</a>';
}
} else {
if ($break == 'option') {
$class .= ' selected="selected"';
}
$line = $text;
}
$list[] = tag($line, $break, $class);
} else {
if ($show_empty) {
$list[] = tag($lname, $break);
}
}
}
}
$selopts = '';
if (!empty($list)) {
if ($wraptag == 'select') {
$selopts .= ' onchange="location.href=this.options[selectedIndex].value"';
}
$list = $title . tag(join("\n\t", $list), $wraptag, " class=\"{$list_class}\"" . $selopts);
} else {
$list = tag($empty_title, 'p') . n;
}
return $list;
}
