break;
}
if (ASKFORPASSWORD && $userpassword && !$canlogin) {
print LoginPage($id, $userid, $emailcheck);
break;
}
$success = (require 'admin/subscribelib2.php');
if ($success != 3) {
print PreferencesPage($id, $userid);
}
break;
case 'forward':
print ForwardPage($id);
break;
case 'confirm':
print ConfirmPage($id);
break;
#0013076: Blacklisting posibility for unknown users
#0013076: Blacklisting posibility for unknown users
case 'donotsend':
case 'blacklist':
case 'unsubscribe':
print UnsubscribePage($id);
break;
default:
FileNotFound();
}
} else {
FileNotFound();
}
} else {
function selectPage($id)
{
if (!$id) {
return '<!-- no subscribe page defined -->';
}
$html = '';
# if (preg_match("/(\w+)/",$_GET["p"],$regs)) {
switch ($_GET["p"]) {
case "preferences":
if (!$_GET["id"]) {
$_GET["id"] = $id;
}
require $this->coderoot() . "/subscribelib2.php";
$html = PreferencesPage($id, $userid);
break;
case "confirm":
$html = ConfirmPage($id);
break;
case "unsubscribe":
$html = UnsubscribePage($id);
break;
default:
case "subscribe":
require $this->coderoot() . "/subscribelib2.php";
$html = SubscribePage($id);
break;
}
return $html;
}
/**
* The screen to delete a weblog..
*/
function main_blog_delete()
{
global $Weblogs, $Pivot_Vars;
// Did the user confirm that he wants to delete?
if ($Pivot_Vars['confirmed'] != 1) {
// Not confirmed, show the confirmation option..
// Keep the (internal) name urlencoded since it is stored in the weblogs
// array with an urlencoded key.
$internal_name = urlencode($Pivot_Vars['name']);
$vars = array('name', $internal_name, 'blog_delete', 1);
$msg = lang('weblog_config', 'confirm_delete');
$msg = str_replace("%1", $Weblogs[$internal_name]['name'], $msg);
ConfirmPage(lang('ufield_main', 'del_title'), $vars, $msg);
} else {
// Confirmed, so delete the weblog.
// check against unauthorised direct access.
check_csrf();
$name = $Pivot_Vars['name'];
unset($Weblogs[$name]);
save_serialize('pv_cfg_weblogs.php', $Weblogs);
$msg = lang('weblog_config', 'deleted');
main_blogs($msg);
}
}
/**
* Display the screen with entries.
*
* @param string $message
*/
function entries_screen($message = "")
{
global $config_array, $Pivot_Vars, $Cfg, $absmax;
PageHeader(lang('userbar', 'entries'), 1);
PageAnkeiler(lang('userbar', 'entries') . ' » ' . lang('userbar', 'entries_title'));
// display a message, if there is one..
if ($message != "") {
echo "<p><b>{$message}</b></p>";
}
// if there is an 'action' to do
if (isset($Pivot_Vars['doaction']) && $Pivot_Vars['action'] != "") {
if ($Pivot_Vars['action'] == "delete" && $Pivot_Vars['confirmed'] != 1) {
$vars = array("action", $Pivot_Vars['action'], "check", serialize($Pivot_Vars['check']), "doaction", "1");
if (count($Pivot_Vars['check']) == 1) {
ConfirmPage("hmm ho hum", $vars, lang('entries', 'delete_one_confirm'));
} else {
ConfirmPage("hmm ho hum", $vars, lang('entries', 'delete_multiple_confirm'));
}
}
entries_action($Pivot_Vars['action'], $Pivot_Vars['check']);
}
$db = new db();
if (!isset($Cfg['overview_entriesperpage'])) {
$Cfg['overview_entriesperpage'] = 20;
}
$absmax = $db->get_entries_count();
$show = isset($Pivot_Vars['show']) ? $Pivot_Vars['show'] : $Cfg['overview_entriesperpage'];
$offset = isset($Pivot_Vars['offset']) ? $Pivot_Vars['offset'] : 0;
if (isset($Pivot_Vars['first'])) {
$offset = $absmax - $show;
}
$myurl = sprintf("index.php?session=%s&menu=entries", $Pivot_Vars['session']);
//Sort entries change
//set initial values for sort values
$entry_sort = "";
//goes in query string
$sort = "date";
//goes in the getlist method call
if (isset($Pivot_Vars['sort'])) {
$entry_sort = "&sort=" . $Pivot_Vars['sort'];
$sort = $Pivot_Vars['sort'];
if (isset($Pivot_Vars['reverse'])) {
$sort_order = TRUE;
$entry_sort .= "&reverse";
} else {
$sort_order = FALSE;
$myurl .= "&reverse";
}
}
if (isset($Pivot_Vars['filtercat'])) {
$overview_arr = $db->getlist(-$show, $offset, "", array($Pivot_Vars['filtercat']), $sort_order, $sort);
$filter = "&filtercat=" . $Pivot_Vars['filtercat'];
$filtertitle = str_replace('%name%', $Pivot_Vars['filtercat'], lang('entries', 'filteron'));
} else {
if (isset($Pivot_Vars['filteruser'])) {
$overview_arr = $db->getlist(-$show, $offset, $Pivot_Vars['filteruser'], "", $sort_order, $sort);
$filter = "&filteruser="******"modules/module_search.php";
$overview_arr = search_entries($Pivot_Vars['search']);
$filtertitle = str_replace('%name%', '…', lang('entries', 'filteron'));
$offset = 0;
$absmax = $show = 1;
} else {
$overview_arr = $db->getlist(-$show, $offset, "", "", $sort_order, $sort);
$filter = "";
$filtertitle = str_replace('%name%', '…', lang('entries', 'filteron'));
}
}
}
if ($offset < $absmax - $show) {
$prev = $offset + $show;
$prevlink = sprintf('<a href="%s&offset=%s&show=%s%s%s">« ' . lang('entries', 'first') . '</a> ', $myurl, $absmax - $show, $show, $filter, $entry_sort);
$prevlink .= sprintf('<a href="%s&offset=%s&show=%s%s%s">‹ ' . lang('entries', 'previous') . ' %s</a>', $myurl, $prev, $show, $filter, $entry_sort, $show);
} else {
$prevlink = " ";
}
if ($offset > 0) {
$next = max(0, $offset - $show);
$nextlink = sprintf('<a href="%s&offset=%s&show=%s%s%s">› ' . lang('entries', 'next') . ' %s</a> ', $myurl, $next, $show, $filter, $entry_sort, $show);
$nextlink .= sprintf('<a href="%s&show=%s%s%s">» ' . lang('entries', 'last') . '</a>', $myurl, $show, $filter, $entry_sort);
} else {
$nextlink = " ";
}
// make the html for the paginator..
$numofpages = (int) ceil($absmax / abs($show));
if ($numofpages > 1) {
for ($i = 0; $i < $numofpages; $i++) {
$init = $i * abs($show);
$pages_arr[] = sprintf("<option value=\"%s%s&show=%s%s&offset=%s\">%s</option>", $myurl, $entry_sort, abs($show), $filter, $init, $i + 1);
}
$title = str_replace('%num%', ceil($offset / abs($show)) + 1, lang('entries', 'jumptopage'));
$pages = "<select name='selectedPage' onchange='changePage(this.form.selectedPage)' \tclass='input'>";
$pages .= sprintf("<option value='' selected='selected'>%s</option>", $title);
$pages .= implode("\n", $pages_arr);
$pages .= "</select>";
}
// make the HTML for the filter box
if (isset($Pivot_Vars['filtercat']) || isset($Pivot_Vars['filteruser'])) {
$pages_arr = array(sprintf("<option value=\"%s%s&show=%s\">%s</option>", $myurl, $entry_sort, abs($show), lang('entries', 'filteroff')));
} else {
$pages_arr = array();
}
$cats = cfg_cats();
$pages_arr[] = "<option value=''>" . lang('entries', 'category') . "</option>";
foreach ($cats as $cat) {
$pages_arr[] = sprintf("<option value=\"%s%s&show=%s&filtercat=%s\"> - %s</option>", $myurl, $entry_sort, abs($show), $cat['name'], $cat['name']);
}
$users = explode("|", $Cfg['users']);
$pages_arr[] = "<option value=''>" . lang('entries', 'author') . "</option>";
foreach ($users as $user) {
$pages_arr[] = sprintf("<option value=\"%s%s&show=%s&filteruser=%s\"> - %s</option>", $myurl, $entry_sort, abs($show), $user, $user);
}
$pages .= "<select name='selectedFilter' onchange='changePage(this.form.selectedFilter)' class='input'>";
$pages .= sprintf("<option value='' selected='selected'>%s</option>", $filtertitle);
$pages .= implode("\n", $pages_arr);
$pages .= "</select>";
$searchval = isset($Pivot_Vars['search']) ? $Pivot_Vars['search'] : 'search';
$pages .= "<input type='text' name='search' value='" . $searchval . "' class='input' style='padding: 2px; height: 19px; width: 90px;' onfocus='this.select();' />";
// Some JS for the paginator and filter menus
echo "<scr" . "ipt language='JavaScript' type='text/JavaScript'>\nfun" . "ction changePage(newLoc)\n{\nnextPage = newLoc.options[newLoc.selectedIndex].value;\nif (nextPage != '') { document.location.href = nextPage; } }</scr" . "ipt>";
printf("<form name='form1' method='post' action='%s&doaction=1'>\n<table cellspacing='0' class='tabular_border' border='0'>\n", $myurl);
echo "<tr class='tabular_nav'><td colspan='8'>\n";
echo '<table cellspacing="0" cellpadding="0" class="tabular_border" style="border:0px;" border="0" width="100%"><tr>';
printf('<td>%s </td>', $prevlink);
printf('<td align="center">%s</td>', $pages);
printf('<td align="right" class="tabular_nav"> %s</td></tr></table>', $nextlink);
echo "\n</td></tr><tr class='tabular_header'><td> </td>";
echo '<td><a href="' . $myurl . '&sort=status">' . lang('entries', 'status') . '</a></td>';
echo '<td><a href="' . $myurl . '&sort=title">' . lang('entries', 'title') . '</a></td>';
echo '<td><a href="' . $myurl . '&sort=category">' . lang('entries', 'category') . '</a></td>';
echo '<td><a href="' . $myurl . '&sort=user">' . lang('entries', 'author') . '</a></td>';
echo '<td><a href="' . $myurl . '&sort=date">' . lang('entries', 'date') . '</a></td>';
echo '<td><a href="' . $myurl . '&sort=commcount">' . lang('entries', 'comm') . '</a></td>';
echo '<td><a href="' . $myurl . '&sort=trackcount">' . lang('entries', 'track') . '</a></td>';
echo '</tr>';
//End Sort Entry Changes
foreach ($overview_arr as $overview_line) {
print_row($overview_line);
}
echo '<tr class="tabular_header"><td colspan="8"><img src="pics/arrow_ltr.gif" width="29" height="14" border="0" alt="" />';
echo '<a href="#" onclick=\'setCheckboxes("form1", true); return false;\'>' . lang('forms', 'c_all') . '</a> / ';
echo '<a href="#" onclick=\'setCheckboxes("form1", false); return false;\'>' . lang('forms', 'c_none') . '</a>';
echo ' - ' . lang('forms', 'with_checked_entries');
echo '<select name="action" class="input">
<option value="" selected="selected">' . lang('forms', 'choose') . '</option>
<option value="publish">' . lang('forms', 'publish') . '</option>
<option value="hold" >' . lang('forms', 'hold') . '</option>
<option value="delete">' . lang('forms', 'delete') . '</option>
<option value="generate">' . lang('forms', 'generate') . '</option>
</select>';
echo ' <input type="submit" value="' . lang('go') . '" class="button" /></td></tr>';
echo '</table></form>';
PageFooter();
}
/**
* Saves the user settings.
*
* @param int $admin
*/
function libsave_change_user($admin = 0)
{
global $Pivot_Vars, $Users, $Cfg, $Paths;
// Sanitize passed variables to prevent people from inserting characters that
// could be interpreted as dividers.
foreach ($Pivot_Vars as $key => $val) {
$Pivot_Vars[$key] = preg_replace("/[!|\n]/i", "", $Pivot_Vars[$key]);
}
$userfields = get_userfields($admin);
$ufields = GetUserFields();
if ($admin == 1) {
$theuser = $Pivot_Vars['username'];
} else {
$theuser = $Pivot_Vars['user'];
}
if ($Pivot_Vars['delete_user'] == 1 && $Users[$Pivot_Vars['user']]['userlevel'] >= 3) {
if ($Pivot_Vars['confirmed'] == 1) {
//delete him from the config file, nothing else.
$tmp_arr = explode("|", $Cfg['users']);
foreach ($tmp_arr as $candidate) {
if ($candidate != $Pivot_Vars['username']) {
$tmp_arr2[] = $candidate;
}
}
$Cfg['users'] = implode("|", $tmp_arr2);
unset($Users[$Pivot_Vars['username']]);
unset($Cfg['user-' . $Pivot_Vars['username']]);
see_users();
} else {
$vars = array('username', $Pivot_Vars['username'], 'delete_user', 1);
ConfirmPage(lang('ufield_main', 'del_title'), $vars, sprintf(lang('config', 'delete_user_confirm'), $Pivot_Vars['username']));
}
} else {
foreach ($ufields as $keyname => $intarr) {
// Skipping fields that we aren't allowed to change
if ($admin != 1 && $Users[$theuser]['userlevel'] < $ufields[$keyname]['minlevel']) {
continue;
}
array_push($userfields, array($keyname, $ufields[$keyname]['disp'], '', $ufields[$keyname]['type'], $Users[$theuser][$keyname], $ufields[$keyname]['size'], $maxl));
if ($ufields[$keyname]['filter'] != '' && strlen($Pivot_Vars[$keyname]) > 0) {
$tfunk = 'is' . $ufields[$keyname]['filter'];
if (!$tfunk($Pivot_Vars[$keyname])) {
$userfields[count($userfields) - 1][2] = 'hey, that input doesn\'t go along with the filter in place';
$Piverr++;
}
}
}
$arraycount = Count($userfields);
if (strlen($Pivot_Vars['pass1']) + strlen($Pivot_Vars['pass2']) >= 1) {
if (trim($Pivot_Vars['pass1']) != trim($Pivot_Vars['pass2'])) {
$userfields[2][2] = lang('userinfo', 'pass_dont_match');
$Piverr++;
}
if (strlen($Pivot_Vars['pass1']) < 4) {
$userfields[1][2] = lang('userinfo', 'pass_too_short');
$Piverr++;
}
if ($Pivot_Vars['pass1'] == $Pivot_Vars['username']) {
$userfields[1][2] = lang('userinfo', 'pass_equal_name');
$Piverr++;
}
}
if ($Piverr == 0) {
// make sure the superadmin doesn't demote himsef/herself..
if ($Users[$theuser]['userlevel'] == 4) {
$Pivot_Vars['userlevel'] = 4;
}
// get confirmation if user gets admin rights
if ($Pivot_Vars['userlevel'] == 3 && $Users[$theuser]['userlevel'] < 3 && $Pivot_Vars['confirmed'] != 1) {
$vars = array();
$arraycount = Count($userfields);
for ($i = 0; $i < $arraycount; $i++) {
array_push($vars, $userfields[$i][0], $Pivot_Vars[$userfields[$i][0]]);
}
ConfirmPage(lang('userinfo', 'c_admin_title'), $vars, sprintf(lang('userinfo', 'c_admin_message'), $theuser));
} else {
//it's all good.
if (strlen($Pivot_Vars['pass1']) >= 6) {
$Users[$theuser]['pass'] = md5($Pivot_Vars['pass1']);
if ($_COOKIE['mode'] == 'stayloggedin' && $Pivot_Vars['user'] == $theuser) {
setcookie('pass', md5($Pivot_Vars['pass1']), time() + $Cfg['cookie_length'], $Paths['cookie_url']);
}
//change the session key too..
$Cfg['tempsessions'][$Pivot_Vars['session']][1] = md5($Pivot_Vars['pass1']);
}
for ($i = 0; $i < $arraycount; $i++) {
if ($userfields[$i][0] != 'heading' && $userfields[$i][0] != 'pass1' && $userfields[$i][0] != 'pass2') {
$Users[$theuser][$userfields[$i][0]] = $Pivot_Vars[$userfields[$i][0]];
}
}
// set the categories..
if ($Users[$Pivot_Vars['user']]['userlevel'] > 2) {
foreach (explode("|", $Cfg['cats']) as $category) {
$allowed_users = explode("|", $Cfg['cat-' . $category]);
if (isset($Pivot_Vars['allowed'][urlencode($category)])) {
// add the user..
if (!in_array($theuser, $allowed_users)) {
$allowed_users[] = $theuser;
}
} else {
// remove the user..
if (in_array($theuser, $allowed_users)) {
foreach ($allowed_users as $key => $user) {
if ($user == $theuser) {
unset($allowed_users[$key]);
}
}
}
}
$Cfg['cat-' . $category] = implode("|", $allowed_users);
}
}
/**
* Rather crude check to prevent corrupting the file:
* if $Users[$theuser]['username'] is empty, we refuse to save.
*/
if ($Users[$theuser]['username'] != "") {
debug("changes saved for " . $theuser);
SaveSettings();
} else {
// not right..
debug("Changes not saved..");
}
//so we can reload the languages and such
if ($admin == 1) {
redirect('index.php?session=' . $Pivot_Vars['session'] . '&menu=admin&func=admin&do=seeusers');
die;
} else {
redirect('index.php?session=' . $Pivot_Vars['session'] . '&menu=userinfo&func=u_settings');
die;
}
}
} else {
//reshow the spage
$Pivot_Vars['edituser'] = $Pivot_Vars['username'];
//regroup the old settings.
for ($i = 0; $i < $arraycount; $i++) {
if ($userfields[$i][3] == 0) {
$userfields[$i][4] = $Pivot_Vars[$userfields[$i][0]];
} elseif ($userfields[$i][3] == 3) {
$userfields[$i][6] = $Pivot_Vars[$userfields[$i][0]];
}
}
}
if ($Users[$theuser]['userlevel'] > 3) {
//ARGHH!!!!!!
$unf[0] = $userfields[4][6];
$unf[1] = 'disabled';
unset($userfields[4][6]);
$userfields[4][6] = $unf;
}
if ($admin == 1) {
change_user(1, $userfields);
} else {
u_settings_screen(1, $userfields);
}
}
PutUserInfo();
}
