function format_messages($messages)
{
global $PHP_SELF;
$out .= "<table class='messages'>";
if (count($messages) == 0 or !is_array($messages)) {
$out .= '<tr><td>No posts on this page</td></tr>';
} else {
foreach ($messages as $row) {
extract($row);
$shaded = !$shaded;
$out .= '<tr class="' . ($shaded ? 'shaded' : 'unshaded') . '">';
$out .= "<td rowspan='2' valign='top' class='poster'>{$poster}<br />{$date}</td>";
$out .= "<td class='subject'>{$subject}</td>";
$out .= "</tr>";
$out .= '<tr class="' . ($shaded ? 'shaded' : 'unshaded') . '">';
$out .= "<td class='body'>" . wiki_render($body) . "</td>";
$out .= '</tr>';
}
}
$out .= '</table>';
if (authorized($USERNAME, 'postcomment')) {
$out .= hyperlink("{$PHP_SELF}/Comment", 'Post Comment');
}
return "<center>" . $out . "</center>";
}
function controller_exec()
{
global $conf;
if (!authorized()) {
$err_str = 'Access restricted.';
if ($conf['modes']['db']['enabled']) {
$group = $conf['access_limit_to_group'];
Toolbar::title('Databases', 'databases');
Toolbar::preferences('com_databases', '200');
$err_str = "<p class=\"error\">Not authorized, access is limited to \"<em>{$group}</em>\"</p>. <h3>Use the Databases component parameters to change this</h3>";
}
print $err_str;
return;
}
// Get the task
$task = Request::getVar('task', 'list');
$task_file = JPATH_COMPONENT . DS . 'tasks' . DS . $task . '.php';
if (require_once $task_file) {
$task_func = 'dv_' . $task;
if (function_exists($task_func)) {
if (file_exists(JPATH_COMPONENT . DS . 'tasks' . DS . 'html' . DS . $task . '.js')) {
$document = App::get('document');
$document->addScript(DB_PATH . DS . 'tasks' . DS . 'html' . DS . $task . '.js?v=2');
}
$task_func();
}
}
}
function row_to_td($row, $friend = NULL)
{
global $PHP_SELF;
global $SCRIPT_URI;
extract($row);
$data = handle_content($data, $contenttype);
if (!$time) {
list($date, $time) = explode(' ', $date);
}
list($hour, $minute, $second) = explode(':', $time);
list($year, $month, $day) = explode('-', $date);
$timestamp = timezone_mktime($timezone, $hour, $minute, $second, $month, $day, $year);
$time_f = format_time($timestamp, $timezone);
$date_f = format_date($timestamp, $timezone);
if ($date and $time) {
$n = get_message_sum("{$date} {$time}");
if ($n > 0) {
$messages = "<br /><a href='{$SCRIPT_URI}/{$date}/{$time}' id='postcomment'>" . ($n == 1 ? "1 Comment" : "{$n} Comments") . '</a>';
}
if (authorized($USERNAME, 'postcomment') and !$friend or JOURNAL_ANONYMOUSPOSTS) {
$messages .= "<br /><a href='{$SCRIPT_URI}/{$date}/{$time}/Comment' id='postcomment'>Post Comment</a>";
}
}
if ($friend) {
$friendl = "<a class='friend' href='{$friend_uri}'>{$friend}</a>";
}
if (JOURNAL_USECSS) {
return "<div class='journalentry'" . ($friend ? " id='{$friend}'" : "") . ">\n" . "\t<div class='metadata'><div class='time'>{$time_f}</div>{$friendl}{$messages}</div>\n" . "\t<div class='content'>\n" . (trim($subject) ? "\t\t<div class='subject'>{$subject}</div>\n" : '') . "\t\t<div class='body'>{$data}</div>\n" . "\t</div>\n" . "</div>\n";
} else {
return "<tr class='journalentry'>\n" . "\t<td valign='top' rowspan='2' align='right' width='10%'><h2>{$time_f}</h2>{$friend}{$messages}</td>\n" . "\t<td align='center' valign='top'><b>{$subject}</b></td>\n" . "</tr>\n" . "<tr><td valign='top'>{$data}</td></tr>\n";
}
}
function imglist_main()
{
global $print, $x7s, $x7c, $x7p;
$base_image_dir = "/images/";
$image_dir = "/images/";
if (isset($_GET['subdir']) && $_GET['subdir'] != "") {
$image_dir .= $_GET['subdir'] . "/";
}
if ($x7c->permissions['admin_panic'] || authorized($image_dir, $x7p->profile['usergroup'])) {
$basedir = dirname($_SERVER['DOCUMENT_ROOT'] . $_SERVER['PHP_SELF']);
$file_path = $basedir . $image_dir;
$image_root_dir = $basedir . $base_image_dir;
$error = "<p style=\"color: red; font-weight: bold;\">";
if (isset($_GET['file'])) {
$error .= file_upload($file_path);
} elseif (isset($_GET['delete'])) {
$error .= file_delete($file_path . $_GET['delete']);
} elseif (isset($_POST['multidel'])) {
if ($_POST['action'] == 'delete') {
foreach ($_POST['multidel'] as $file) {
$error .= file_delete($file_path . $file);
}
} elseif ($_POST['action'] == 'move') {
foreach ($_POST['multidel'] as $file) {
$error .= file_move($file_path . $file, $image_root_dir . $_POST['dest'] . $file);
}
}
}
$error .= "</p>";
$site_path = dirname($_SERVER['PHP_SELF']) . $image_dir;
$output = file_list($file_path, $site_path);
$body = $error . $output['body'];
$head = $output['head'];
$print->normal_window($head, $body);
} else {
return "Non sei autorizzato a vedere questa pagina <br>";
}
}
function CoalRetrieveHandler()
{
global $l;
$l = new llog();
$l->a("Started CoalRetrieveHandler<br>");
$status = 0;
global $generalAuthKey;
if (authorized($generalAuthKey)) {
$coal = retrieveCoal($_REQUEST['coalId'], true);
if (is_object($coal) || is_int($coal)) {
$status = 20;
} else {
if (is_null($coal)) {
$status = 7;
}
}
if (!is_array($coal)) {
$status = 45;
}
if (check($status, true)) {
$filename = $coal['filename'];
if (isset($_REQUEST['cs'])) {
$filename = $filename . '.coalarc';
}
start_file_download($filename, strlen($coal['data']));
if (isset($_REQUEST['cs'])) {
echo $coal['md5'] . '|' . $coal['sha'] . '|' . $coal['s512'] . '|';
}
echo $coal['data'];
}
}
}
<?php
if ($REQUEST_METHOD == 'POST' and (authorized($USERNAME, 'postcomment') or JOURNAL_ANONYMOUSPOSTS)) {
if ($un = is_logged_in() or JOURNAL_ANONYMOUSPOSTS) {
if (JOURNAL_ANONYMOUSPOSTS) {
$un = "Anonymous ({$poster})";
}
$id = insert_message($un, $subject, $body);
if ($id) {
$q = "insert into entrymessages (entrydate, entryuser, messageid) values\n\t\t\t\t('{$date} {$time}', '" . JOURNAL_USERNAME . "', '{$id}');";
if (mysql_query($q)) {
print 'Posted.';
} else {
print 'Error: ' . mysql_error();
}
} else {
print 'Error: ' . mysql_error();
}
} else {
print "You must be logged in. <a href='{$SCRIPT_URI}/Login'>Go here</a>.";
}
} else {
// Show Form
print "<form action='{$PHP_SELF}' method='POST'>" . ((JOURNAL_ANONYMOUSPOSTS and !is_logged_in()) ? "Your name: " . field('poster') : "") . ($journal ? hidden('journal', $journal) : "") . ($replyto ? hidden('replyto', $replyto) : "") . "<table>" . "<tr><td>Subject:</td><td><input type='text' name='subject' size='40' /></td></tr>" . "<tr><td>Message:</td><td><textarea name='body' cols='40' rows='10'></textarea></td></tr>" . "<tr><td><input type='submit' value='Post'></td></tr>" . "</table>" . "</form>";
}
}
}
$LOGIN_TOKENS = login_get_tokens();
if (LOGIN_STYLE == 'form') {
session_register('LOGIN_USERNAME');
session_register('LOGIN_PASSWORD');
session_cache_limiter('private_no_cache');
//session_cache_limiter('public');
function show_login($message = '')
{
global $_SERVER;
print body(form($_SERVER['PHP_SELF'], $message . table(row2("Username:"******"username")) . row2("Password:"******"password")) . row2('', submit('Log In')))));
}
if (isset($_POST['username'])) {
if (succeeds(authenticate($_POST['username'], $_POST['password'], AUTH_VERIFY))) {
if (authorized($_POST['username'], LOGIN_SERVICE, AUTH_VERIFY)) {
session_start();
$LOGIN_USERNAME = $_POST['username'];
$LOGIN_PASSWORD = $_POST['password'];
$_SESSION['LOGIN_USERNAME'] = $LOGIN_USERNAME;
$_SESSION['LOGIN_PASSWORD'] = $LOGIN_PASSWORD;
http_302($SCRIPT_NAME);
exit;
} else {
$message = "You are not authorized for this operation";
unset($_SESSION['LOGIN_USERNAME']);
unset($_SESSION['LOGIN_PASSWORD']);
unset($LOGIN_PASSWORD);
unset($LOGIN_USERNAME);
}
} else {
<?php
require_once "common.php";
if (!authorized()) {
exit;
}
$page_title = $lang['hardware'];
$page_script = "js/hardware.js";
$page_nav = "hardware";
include "head.php";
#-------------------------------------------
# We also allow shutting down the server so as to avoid
# damaging the SD/HD. This requires that www-data has
# sudo access to /sbin/shutdown, which should be set up
# automatically during rachelpiOS installation
# XXX should make this work for RACHEL-Plus too
#-------------------------------------------
if (isset($_GET['wifi'])) {
if ($_GET['wifi'] == "on") {
echo "Turning WIFI ON... ";
exec("/etc/WiFi_Setting.sh");
} else {
if ($_GET['wifi'] == "off") {
echo "Turning WIFI OFF... ";
exec("/sbin/ifconfig wlan0 down");
}
}
echo "Done.";
}
if (isset($_POST['shutdown'])) {
exec("sudo /sbin/shutdown now", $exec_out, $exec_err);
$toolbar = array();
if ($prevdate) {
$toolbar[] = "<a href='{$SCRIPT_URI}/{$prevdate}'>Back to " . str_replace('-', '/', $prevdate) . "</a>";
}
if (JOURNAL_DISPLAYMODE != 'oneentry') {
$toolbar[] = "<a href='{$SCRIPT_URI}/Current'>Journal</a>";
$toolbar[] = "<a href='{$SCRIPT_URI}/Current/Friends'>Friends</a>";
if (defined("JOURNAL_LIVEJOURNAL")) {
$toolbar[] = "<a href='{$SCRIPT_URI}/Current/LiveJournal'>My LiveJournal</a>";
}
}
if (!is_logged_in()) {
$toolbar[] = "<a href='{$SCRIPT_URI}/Login'>Log In</a>";
} else {
if (authorized(login_get_username(), 'updatejournal', AUTH_PROBE)) {
$toolbar[] = "<a href='{$SCRIPT_URI}/Update'>Update Journal</a>";
$toolbar[] = "<a href='{$SCRIPT_URI}/Manage'>Manage Journal</a>";
}
}
if (JOURNAL_DISPLAYMODE != 'oneentry') {
if ($nextdate) {
$toolbar[] = "<a href='{$SCRIPT_URI}/{$nextdate}'>Next is " . str_replace('-', '/', $nextdate) . "</a>";
}
}
// print("\nUN={".login_get_username()."}\n");
// print_r($_SESSION);
// print($LOGIN_USERNAME);
if (count($toolbar) > 0) {
$toolbar = join(' | ', $toolbar);
print "<div class='toolbar'><hr />{$toolbar}</div>";
require_once dirname(__FILE__) . "/livejournal.php";
if ($REQUEST_METHOD == 'POST' and is_logged_in() and authorized($LOGIN_USERNAME, 'updatejournal')) {
if (!$contenttype) {
$contenttype = 'text/wiki';
}
if ($timezone) {
setcookie('timezone', $timezone, 782000);
$date = timezone_date($timezone, 'Y-m-d H:i:s', $entrydate);
print $date;
} else {
$timezone = 'Universal';
}
$q = "INSERT INTO journal (" . "date, timezone, subject, data, contenttype, username" . ") VALUES (" . "'{$date}', '{$timezone}', " . ($subject ? "'{$subject}'" : "NULL") . ", '{$data}', '{$contenttype}', " . "'" . JOURNAL_USERNAME . "');";
if (mysql_query($q)) {
if ($livejournal_submit) {
insert_livejournal(stripslashes($subject), stripslashes($data), $date);
}
http_302($PHP_SELF);
} else {
print mysql_error() . "(Query = {$q})";
}
} else {
if (!authorized($LOGIN_USERNAME, 'updatejournal')) {
print 'Please log in';
} else {
if (!$timezone) {
$timezone = 'America/Los_Angeles';
}
print form($PHP_SELF, table(row2("Date:", hidden('entrydate', time()) . timezone_date($timezone, 'Y-m-d H:i:s T')) . row2("Subject:", field('subject')) . row2("Timezone:", select('timezone', timezones_list(), $timezone)) . row2('', "<textarea name='data' cols='50' rows='10'>" . ($template != 'default' ? join('', file($template)) : '') . "</textarea>") . row2("Content-type:", "<input type='radio' name='contenttype' " . "value='text/wiki' / checked='checked'>WikiWiki " . "<input type='radio' name='contenttype' " . "value='text/html' /> HTML") . ((defined('LIVEJOURNAL_USER') and defined('LIVEJOURNAL_PASSWD')) ? row2("Submit to LiveJournal?", checkbox('livejournal_submit', FALSE)) : '') . row2('', submit('Post'))));
}
}