/***
 *
 * Symphony web publishing system
 *
 * Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
 *
 * @version 1.7
 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
 *
 ***/
if (!defined("__IN_SYMPHONY__")) {
    die("<h2>Symphony Fatal Error</h2><p>You cannot directly access this file</p>");
}
$done_path = TMP . '/' . md5($settings['auth']['id'] . 'done');
$cDate = new SymDate($settings["region"]["time_zone"], $settings["region"]["date_format"]);
if ($_REQUEST['done'] == 'true') {
    $xml->setValue('Status widget set to viewed');
    @file_put_contents($done_path, $cDate->get(false, false));
} else {
    define('kFULL_MODE', isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'full' ? true : false);
    $done = @file_exists($done_path);
    $last = $db->fetchRow(0, "SELECT UNIX_TIMESTAMP(`last_refresh`) as `last_refresh_timestamp`, UNIX_TIMESTAMP(`last_session`) as `last_session_timestamp` FROM `tbl_authors` WHERE `id` = '" . $settings['auth']['id'] . "' LIMIT 1");
    $lastlogin = $last['last_session_timestamp'];
    $lastrefresh = $last['last_refresh_timestamp'];
    $can_access = $Author->get('allow_sections');
    require_once TOOLKIT . "/class.ajaxaccount.php";
    $entries = $db->fetchCol('id', "SELECT tbl_entries.id\n\t\t\t\t\t\t\t   FROM `tbl_entries`, `tbl_sections`, `tbl_entries2sections` as t2\n\t\t\t\t\t\t\t   WHERE 1 " . ($Author->get('superuser') != 1 ? " AND t2.section_id IN ({$can_access})" : '') . "\n\t\t\t\t\t\t\t   AND `tbl_sections`.id = t2.section_id\n\t\t\t\t\t\t\t   AND `tbl_entries`.id = t2.entry_id\n\t\t\t\t\t\t\t   ORDER BY publish_date_gmt DESC LIMIT 0,6");
    $comments = $db->fetch("SELECT c.*, m.creation_date_gmt, m.referrer\n\t\t\t\t\t\t\t\tFROM `tbl_comments` AS `c`\n\t\t\t\t\t\t\t\tLEFT JOIN `tbl_metadata` AS m ON c.id = m.relation_id AND m.class = 'comment'\n\t\t\t\t\t\t\t\tORDER BY c.id DESC\n\t\t\t\t\t\t\t\tLIMIT 0, 3");
    $account = new ajaxAccount($settings);
    if ($Author->get('owner') == 1 && $Author->get('superuser') == 1) {
<?php

/***
 *
 * Symphony web publishing system
 *
 * Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
 *
 * @version 1.7
 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
 *
 ***/
if (!defined("__IN_SYMPHONY__")) {
    die("<h2>Symphony Fatal Error</h2><p>You cannot directly access this file</p>");
}
$cDate = new SymDate($settings["region"]["time_zone"], $settings["region"]["date_format"]);
##LIVE SEARCH PROCESSING
$searchstring = mysql_escape_string($_REQUEST['query']);
$fields = $db->fetchCol('id', "SELECT id FROM `tbl_customfields`");
$can_access = $Author->get('allow_sections');
$mode = $_GET['mode'] ? $_GET['mode'] : "normal";
switch ($mode) {
    case "simple":
        $sql = "SELECT DISTINCT t1.entry_id\n                FROM tbl_entries2customfields AS t1\n\t\t\t    LEFT JOIN `tbl_entries` AS t2 ON t1.entry_id = t2.id\n\t\t\t    LEFT JOIN `tbl_entries2sections` AS t3 on t2.id = t3.entry_id\n                WHERE t1.value LIKE '%{$searchstring}%'\n\t\t\t\t" . ($Author->get('superuser') != 1 ? " AND t3.section_id IN ({$can_access})" : '') . "\n                ORDER BY t2.publish_date_gmt DESC LIMIT 5";
        break;
    case "normal":
        $sql = "SELECT DISTINCT t1.entry_id,\n\t\t\t\t  MATCH(t1.value) AGAINST ('{$searchstring}') AS score\n\t\t\t\t  FROM tbl_entries2customfields AS t1\n\t              LEFT JOIN `tbl_entries` AS t2 ON t1.entry_id = t2.id\n\t\t\t      LEFT JOIN `tbl_entries2sections` AS t3 on t2.id = t3.entry_id\n\t              WHERE 1 AND MATCH(t1.value) AGAINST ('{$searchstring}')\n\t\t\t\t  " . ($Author->get('superuser') != 1 ? " AND t3.section_id IN ({$can_access})" : '') . "\n\t\t\t\t  ORDER BY score DESC LIMIT 5";
        break;
    case "boolean":
        $sql = "SELECT DISTINCT t1.entry_id,\n\t\t\t\t  MATCH(t1.value) AGAINST ('{$searchstring}' IN BOOLEAN MODE) AS score\n\t\t\t\t  FROM tbl_entries2customfields AS t1\n\t              LEFT JOIN `tbl_entries` AS t2 ON t1.entry_id = t2.id\n\t\t\t      LEFT JOIN `tbl_entries2sections` AS t3 on t2.id = t3.entry_id\n\t              WHERE 1 AND MATCH(t1.value) AGAINST ('{$searchstring}' IN BOOLEAN MODE)\n\t\t\t\t  " . ($Author->get('superuser') != 1 ? " AND t3.section_id IN ({$can_access})" : '') . "\n\t\t\t\t  ORDER BY score DESC LIMIT 5";
        break;
<?php

/***
 *
 * Symphony web publishing system
 *
 * Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
 *
 * @version 1.7
 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
 *
 ***/
if (!defined("__IN_SYMPHONY__")) {
    die("<h2>Symphony Fatal Error</h2><p>You cannot directly access this file</p>");
}
$cDate = new SymDate($settings["region"]["time_zone"], "d");
$month = isset($_REQUEST['month']) || $_REQUEST['month'] != "" ? $_REQUEST['month'] : date("F", time());
$year = isset($_REQUEST['year']) || $_REQUEST['year'] != "" ? $_REQUEST['year'] : date("Y", time());
$startdate = strtotime("1 " . $month . " " . $year);
$enddate = mktime(0, 0, 0, date("m", $startdate) + 1, 1, $year);
$sql = "SELECT t1.*, t2.section_id, t3.value_raw as `title`,\n\t\t\tUNIX_TIMESTAMP(t1.publish_date_gmt) as `timestamp_gmt`\n\t\t\tFROM `tbl_entries` as t1, `tbl_sections` as t4, `tbl_entries2sections` as t2, `tbl_entries2customfields` as t3\n\t\t\tWHERE UNIX_TIMESTAMP(t1.publish_date) >= '{$startdate}'\n\t\t\tAND UNIX_TIMESTAMP(t1.publish_date) <= '{$enddate}'\n\t\t\tAND t1.`id` = t2.entry_id\n\t\t\tAND t1.`id` = t3.entry_id AND t4.primary_field = t3.field_id\n\t\t\tAND t2.section_id = t4.id\n\t\t\tORDER BY t1.publish_date DESC ";
$result = $db->fetch($sql);
$xml->addChild(new XMLElement("month", $month . " " . $year));
if (@count($result) >= 1) {
    $final = array();
    foreach ($result as $row) {
        if ($Author->canAccessSection($row['section_id'])) {
            $final[$cDate->get(true, true, $row['timestamp_gmt'])][] = $row;
        }
    }
    foreach ($final as $date => $entries) {
 function __initialisePageParam()
 {
     $doctor = new XMLRepair();
     $cDate = new SymDate($this->getConfigVar("time_zone", "region"), "Y-m-d");
     $this->_param = array();
     $this->_param['root'] = URL;
     $this->_param['workspace'] = URL . "/workspace";
     $this->_param['current-page'] = $this->_page;
     $this->_param['page-title'] = $doctor->entities2hexadecimal($this->_pageTitle);
     $this->_param['parent-page'] = $this->_parentPath;
     $this->_param['today'] = $cDate->get(true, true, time() - date("Z"));
     $this->_param['website-name'] = $this->getConfigVar("sitename", "general");
     $this->_param['symphony-build'] = $this->getConfigVar("build", "symphony");
     if (is_array($_GET) && !empty($_GET)) {
         foreach ($_GET as $key => $val) {
             if ($key != 'page') {
                 $this->_param['url-' . $key] = $val;
             }
         }
     }
 }
<?php

/***
 *
 * Symphony web publishing system
 *
 * Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
 *
 * @version 1.7
 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
 *
 ***/
if (array_key_exists("save", $_POST['action']) || array_key_exists("done", $_POST['action'])) {
    $fields = $_POST['fields'];
    $date = new SymDate($Admin->getConfigVar("time_zone", "region"), $Admin->getConfigVar("date_format", "region"));
    ##Make sure all required fields are filled
    $required = array('name', 'source');
    for ($i = 0; $i < count($required); $i++) {
        if (trim($fields[$required[$i]]) == "") {
            $errors[$required[$i]] = true;
        }
    }
    if (is_array($errors)) {
        define("__SYM_ENTRY_MISSINGFIELDS__", true);
    } else {
        $defines = array();
        $fields['name'] = str_replace(array('\'', '"'), "", $fields['name']);
        $handle = General::createFileName($fields['name'], $Admin->getConfigVar('handle_length', 'admin'), '_');
        $rootelement = General::createFileName($fields['name'], $Admin->getConfigVar('handle_length', 'admin'), '-');
        $classname = ucfirst($handle);
        $source = $fields['source'];
<?php

/***
 *
 * Symphony web publishing system
 *
 * Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
 *
 * @version 1.7
 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
 *
 ***/
print '<?xml version="1.0" encoding="utf-8"?>';
$date = new SymDate($Admin->getConfigVar("time_zone", "region"), $Admin->getConfigVar("date_format", "region"));
$GLOBALS['pageTitle'] = "Activity Logs";
$date = new SymDate($Admin->getConfigVar("time_zone", "region"), $Admin->getConfigVar("date_format", "region"));
$log = array();
if (@is_file(LOGS . "/" . $_REQUEST["_l"] . ".log")) {
    $log = General::str2array(@file_get_contents(LOGS . "/" . $_REQUEST["_l"] . ".log"), false);
} else {
    General::redirect("?page=/settings/logs/");
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<head>
	<title>Symphony &ndash; <?php 
print $GLOBALS['pageTitle'];
?>
 * @version 1.7
 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
 *
 ***/
$GLOBALS['pageTitle'] = "Authors";
if (isset($_GET['_f'])) {
    switch ($_GET['_f']) {
        case "complete":
            $Admin->pageAlert("selected-success", array("Author(s)", "deleted"));
            break;
    }
}
include_once TOOLKIT . "/class.authormanager.php";
$authorManager = new AuthorManager($Admin);
$authors = $authorManager->fetch();
$date = new SymDate($Admin->getConfigVar("time_zone", "region"), $Admin->getConfigVar("date_format", "region"));
$new_button = $Admin->authorIsSuper() ? '<a class="create button" href="' . $Admin->getCurrentPageURL() . 'new/" title="Add an author">Create New</a>' : "";
?>
	<form action="<?php 
print $Admin->getCurrentPageURL();
?>
" method="post">
		<h2><!-- PAGE TITLE --> <?php 
print $new_button;
?>
</h2>
		<table>
			<thead>
				<tr>
					<th scope="col">Name</th>
					<th scope="col">Entries</th>