function format_messages($messages) { global $PHP_SELF; $out .= "<table class='messages'>"; if (count($messages) == 0 or !is_array($messages)) { $out .= '<tr><td>No posts on this page</td></tr>'; } else { foreach ($messages as $row) { extract($row); $shaded = !$shaded; $out .= '<tr class="' . ($shaded ? 'shaded' : 'unshaded') . '">'; $out .= "<td rowspan='2' valign='top' class='poster'>{$poster}<br />{$date}</td>"; $out .= "<td class='subject'>{$subject}</td>"; $out .= "</tr>"; $out .= '<tr class="' . ($shaded ? 'shaded' : 'unshaded') . '">'; $out .= "<td class='body'>" . wiki_render($body) . "</td>"; $out .= '</tr>'; } } $out .= '</table>'; if (authorized($USERNAME, 'postcomment')) { $out .= hyperlink("{$PHP_SELF}/Comment", 'Post Comment'); } return "<center>" . $out . "</center>"; }
function controller_exec() { global $conf; if (!authorized()) { $err_str = 'Access restricted.'; if ($conf['modes']['db']['enabled']) { $group = $conf['access_limit_to_group']; Toolbar::title('Databases', 'databases'); Toolbar::preferences('com_databases', '200'); $err_str = "<p class=\"error\">Not authorized, access is limited to \"<em>{$group}</em>\"</p>. <h3>Use the Databases component parameters to change this</h3>"; } print $err_str; return; } // Get the task $task = Request::getVar('task', 'list'); $task_file = JPATH_COMPONENT . DS . 'tasks' . DS . $task . '.php'; if (require_once $task_file) { $task_func = 'dv_' . $task; if (function_exists($task_func)) { if (file_exists(JPATH_COMPONENT . DS . 'tasks' . DS . 'html' . DS . $task . '.js')) { $document = App::get('document'); $document->addScript(DB_PATH . DS . 'tasks' . DS . 'html' . DS . $task . '.js?v=2'); } $task_func(); } } }
function row_to_td($row, $friend = NULL) { global $PHP_SELF; global $SCRIPT_URI; extract($row); $data = handle_content($data, $contenttype); if (!$time) { list($date, $time) = explode(' ', $date); } list($hour, $minute, $second) = explode(':', $time); list($year, $month, $day) = explode('-', $date); $timestamp = timezone_mktime($timezone, $hour, $minute, $second, $month, $day, $year); $time_f = format_time($timestamp, $timezone); $date_f = format_date($timestamp, $timezone); if ($date and $time) { $n = get_message_sum("{$date} {$time}"); if ($n > 0) { $messages = "<br /><a href='{$SCRIPT_URI}/{$date}/{$time}' id='postcomment'>" . ($n == 1 ? "1 Comment" : "{$n} Comments") . '</a>'; } if (authorized($USERNAME, 'postcomment') and !$friend or JOURNAL_ANONYMOUSPOSTS) { $messages .= "<br /><a href='{$SCRIPT_URI}/{$date}/{$time}/Comment' id='postcomment'>Post Comment</a>"; } } if ($friend) { $friendl = "<a class='friend' href='{$friend_uri}'>{$friend}</a>"; } if (JOURNAL_USECSS) { return "<div class='journalentry'" . ($friend ? " id='{$friend}'" : "") . ">\n" . "\t<div class='metadata'><div class='time'>{$time_f}</div>{$friendl}{$messages}</div>\n" . "\t<div class='content'>\n" . (trim($subject) ? "\t\t<div class='subject'>{$subject}</div>\n" : '') . "\t\t<div class='body'>{$data}</div>\n" . "\t</div>\n" . "</div>\n"; } else { return "<tr class='journalentry'>\n" . "\t<td valign='top' rowspan='2' align='right' width='10%'><h2>{$time_f}</h2>{$friend}{$messages}</td>\n" . "\t<td align='center' valign='top'><b>{$subject}</b></td>\n" . "</tr>\n" . "<tr><td valign='top'>{$data}</td></tr>\n"; } }
function imglist_main() { global $print, $x7s, $x7c, $x7p; $base_image_dir = "/images/"; $image_dir = "/images/"; if (isset($_GET['subdir']) && $_GET['subdir'] != "") { $image_dir .= $_GET['subdir'] . "/"; } if ($x7c->permissions['admin_panic'] || authorized($image_dir, $x7p->profile['usergroup'])) { $basedir = dirname($_SERVER['DOCUMENT_ROOT'] . $_SERVER['PHP_SELF']); $file_path = $basedir . $image_dir; $image_root_dir = $basedir . $base_image_dir; $error = "<p style=\"color: red; font-weight: bold;\">"; if (isset($_GET['file'])) { $error .= file_upload($file_path); } elseif (isset($_GET['delete'])) { $error .= file_delete($file_path . $_GET['delete']); } elseif (isset($_POST['multidel'])) { if ($_POST['action'] == 'delete') { foreach ($_POST['multidel'] as $file) { $error .= file_delete($file_path . $file); } } elseif ($_POST['action'] == 'move') { foreach ($_POST['multidel'] as $file) { $error .= file_move($file_path . $file, $image_root_dir . $_POST['dest'] . $file); } } } $error .= "</p>"; $site_path = dirname($_SERVER['PHP_SELF']) . $image_dir; $output = file_list($file_path, $site_path); $body = $error . $output['body']; $head = $output['head']; $print->normal_window($head, $body); } else { return "Non sei autorizzato a vedere questa pagina <br>"; } }
function CoalRetrieveHandler() { global $l; $l = new llog(); $l->a("Started CoalRetrieveHandler<br>"); $status = 0; global $generalAuthKey; if (authorized($generalAuthKey)) { $coal = retrieveCoal($_REQUEST['coalId'], true); if (is_object($coal) || is_int($coal)) { $status = 20; } else { if (is_null($coal)) { $status = 7; } } if (!is_array($coal)) { $status = 45; } if (check($status, true)) { $filename = $coal['filename']; if (isset($_REQUEST['cs'])) { $filename = $filename . '.coalarc'; } start_file_download($filename, strlen($coal['data'])); if (isset($_REQUEST['cs'])) { echo $coal['md5'] . '|' . $coal['sha'] . '|' . $coal['s512'] . '|'; } echo $coal['data']; } } }
<?php if ($REQUEST_METHOD == 'POST' and (authorized($USERNAME, 'postcomment') or JOURNAL_ANONYMOUSPOSTS)) { if ($un = is_logged_in() or JOURNAL_ANONYMOUSPOSTS) { if (JOURNAL_ANONYMOUSPOSTS) { $un = "Anonymous ({$poster})"; } $id = insert_message($un, $subject, $body); if ($id) { $q = "insert into entrymessages (entrydate, entryuser, messageid) values\n\t\t\t\t('{$date} {$time}', '" . JOURNAL_USERNAME . "', '{$id}');"; if (mysql_query($q)) { print 'Posted.'; } else { print 'Error: ' . mysql_error(); } } else { print 'Error: ' . mysql_error(); } } else { print "You must be logged in. <a href='{$SCRIPT_URI}/Login'>Go here</a>."; } } else { // Show Form print "<form action='{$PHP_SELF}' method='POST'>" . ((JOURNAL_ANONYMOUSPOSTS and !is_logged_in()) ? "Your name: " . field('poster') : "") . ($journal ? hidden('journal', $journal) : "") . ($replyto ? hidden('replyto', $replyto) : "") . "<table>" . "<tr><td>Subject:</td><td><input type='text' name='subject' size='40' /></td></tr>" . "<tr><td>Message:</td><td><textarea name='body' cols='40' rows='10'></textarea></td></tr>" . "<tr><td><input type='submit' value='Post'></td></tr>" . "</table>" . "</form>"; }
} } $LOGIN_TOKENS = login_get_tokens(); if (LOGIN_STYLE == 'form') { session_register('LOGIN_USERNAME'); session_register('LOGIN_PASSWORD'); session_cache_limiter('private_no_cache'); //session_cache_limiter('public'); function show_login($message = '') { global $_SERVER; print body(form($_SERVER['PHP_SELF'], $message . table(row2("Username:"******"username")) . row2("Password:"******"password")) . row2('', submit('Log In'))))); } if (isset($_POST['username'])) { if (succeeds(authenticate($_POST['username'], $_POST['password'], AUTH_VERIFY))) { if (authorized($_POST['username'], LOGIN_SERVICE, AUTH_VERIFY)) { session_start(); $LOGIN_USERNAME = $_POST['username']; $LOGIN_PASSWORD = $_POST['password']; $_SESSION['LOGIN_USERNAME'] = $LOGIN_USERNAME; $_SESSION['LOGIN_PASSWORD'] = $LOGIN_PASSWORD; http_302($SCRIPT_NAME); exit; } else { $message = "You are not authorized for this operation"; unset($_SESSION['LOGIN_USERNAME']); unset($_SESSION['LOGIN_PASSWORD']); unset($LOGIN_PASSWORD); unset($LOGIN_USERNAME); } } else {
<?php require_once "common.php"; if (!authorized()) { exit; } $page_title = $lang['hardware']; $page_script = "js/hardware.js"; $page_nav = "hardware"; include "head.php"; #------------------------------------------- # We also allow shutting down the server so as to avoid # damaging the SD/HD. This requires that www-data has # sudo access to /sbin/shutdown, which should be set up # automatically during rachelpiOS installation # XXX should make this work for RACHEL-Plus too #------------------------------------------- if (isset($_GET['wifi'])) { if ($_GET['wifi'] == "on") { echo "Turning WIFI ON... "; exec("/etc/WiFi_Setting.sh"); } else { if ($_GET['wifi'] == "off") { echo "Turning WIFI OFF... "; exec("/sbin/ifconfig wlan0 down"); } } echo "Done."; } if (isset($_POST['shutdown'])) { exec("sudo /sbin/shutdown now", $exec_out, $exec_err);
$toolbar = array(); if ($prevdate) { $toolbar[] = "<a href='{$SCRIPT_URI}/{$prevdate}'>Back to " . str_replace('-', '/', $prevdate) . "</a>"; } if (JOURNAL_DISPLAYMODE != 'oneentry') { $toolbar[] = "<a href='{$SCRIPT_URI}/Current'>Journal</a>"; $toolbar[] = "<a href='{$SCRIPT_URI}/Current/Friends'>Friends</a>"; if (defined("JOURNAL_LIVEJOURNAL")) { $toolbar[] = "<a href='{$SCRIPT_URI}/Current/LiveJournal'>My LiveJournal</a>"; } } if (!is_logged_in()) { $toolbar[] = "<a href='{$SCRIPT_URI}/Login'>Log In</a>"; } else { if (authorized(login_get_username(), 'updatejournal', AUTH_PROBE)) { $toolbar[] = "<a href='{$SCRIPT_URI}/Update'>Update Journal</a>"; $toolbar[] = "<a href='{$SCRIPT_URI}/Manage'>Manage Journal</a>"; } } if (JOURNAL_DISPLAYMODE != 'oneentry') { if ($nextdate) { $toolbar[] = "<a href='{$SCRIPT_URI}/{$nextdate}'>Next is " . str_replace('-', '/', $nextdate) . "</a>"; } } // print("\nUN={".login_get_username()."}\n"); // print_r($_SESSION); // print($LOGIN_USERNAME); if (count($toolbar) > 0) { $toolbar = join(' | ', $toolbar); print "<div class='toolbar'><hr />{$toolbar}</div>";
require_once dirname(__FILE__) . "/livejournal.php"; if ($REQUEST_METHOD == 'POST' and is_logged_in() and authorized($LOGIN_USERNAME, 'updatejournal')) { if (!$contenttype) { $contenttype = 'text/wiki'; } if ($timezone) { setcookie('timezone', $timezone, 782000); $date = timezone_date($timezone, 'Y-m-d H:i:s', $entrydate); print $date; } else { $timezone = 'Universal'; } $q = "INSERT INTO journal (" . "date, timezone, subject, data, contenttype, username" . ") VALUES (" . "'{$date}', '{$timezone}', " . ($subject ? "'{$subject}'" : "NULL") . ", '{$data}', '{$contenttype}', " . "'" . JOURNAL_USERNAME . "');"; if (mysql_query($q)) { if ($livejournal_submit) { insert_livejournal(stripslashes($subject), stripslashes($data), $date); } http_302($PHP_SELF); } else { print mysql_error() . "(Query = {$q})"; } } else { if (!authorized($LOGIN_USERNAME, 'updatejournal')) { print 'Please log in'; } else { if (!$timezone) { $timezone = 'America/Los_Angeles'; } print form($PHP_SELF, table(row2("Date:", hidden('entrydate', time()) . timezone_date($timezone, 'Y-m-d H:i:s T')) . row2("Subject:", field('subject')) . row2("Timezone:", select('timezone', timezones_list(), $timezone)) . row2('', "<textarea name='data' cols='50' rows='10'>" . ($template != 'default' ? join('', file($template)) : '') . "</textarea>") . row2("Content-type:", "<input type='radio' name='contenttype' " . "value='text/wiki' / checked='checked'>WikiWiki " . "<input type='radio' name='contenttype' " . "value='text/html' /> HTML") . ((defined('LIVEJOURNAL_USER') and defined('LIVEJOURNAL_PASSWD')) ? row2("Submit to LiveJournal?", checkbox('livejournal_submit', FALSE)) : '') . row2('', submit('Post')))); } }