Esempio n. 1
0
function format_messages($messages)
{
    global $PHP_SELF;
    $out .= "<table class='messages'>";
    if (count($messages) == 0 or !is_array($messages)) {
        $out .= '<tr><td>No posts on this page</td></tr>';
    } else {
        foreach ($messages as $row) {
            extract($row);
            $shaded = !$shaded;
            $out .= '<tr class="' . ($shaded ? 'shaded' : 'unshaded') . '">';
            $out .= "<td rowspan='2' valign='top' class='poster'>{$poster}<br />{$date}</td>";
            $out .= "<td class='subject'>{$subject}</td>";
            $out .= "</tr>";
            $out .= '<tr class="' . ($shaded ? 'shaded' : 'unshaded') . '">';
            $out .= "<td class='body'>" . wiki_render($body) . "</td>";
            $out .= '</tr>';
        }
    }
    $out .= '</table>';
    if (authorized($USERNAME, 'postcomment')) {
        $out .= hyperlink("{$PHP_SELF}/Comment", 'Post Comment');
    }
    return "<center>" . $out . "</center>";
}
Esempio n. 2
0
function controller_exec()
{
    global $conf;
    if (!authorized()) {
        $err_str = 'Access restricted.';
        if ($conf['modes']['db']['enabled']) {
            $group = $conf['access_limit_to_group'];
            Toolbar::title('Databases', 'databases');
            Toolbar::preferences('com_databases', '200');
            $err_str = "<p class=\"error\">Not authorized, access is limited to \"<em>{$group}</em>\"</p>. <h3>Use the Databases component parameters to change this</h3>";
        }
        print $err_str;
        return;
    }
    // Get the task
    $task = Request::getVar('task', 'list');
    $task_file = JPATH_COMPONENT . DS . 'tasks' . DS . $task . '.php';
    if (require_once $task_file) {
        $task_func = 'dv_' . $task;
        if (function_exists($task_func)) {
            if (file_exists(JPATH_COMPONENT . DS . 'tasks' . DS . 'html' . DS . $task . '.js')) {
                $document = App::get('document');
                $document->addScript(DB_PATH . DS . 'tasks' . DS . 'html' . DS . $task . '.js?v=2');
            }
            $task_func();
        }
    }
}
Esempio n. 3
0
function row_to_td($row, $friend = NULL)
{
    global $PHP_SELF;
    global $SCRIPT_URI;
    extract($row);
    $data = handle_content($data, $contenttype);
    if (!$time) {
        list($date, $time) = explode(' ', $date);
    }
    list($hour, $minute, $second) = explode(':', $time);
    list($year, $month, $day) = explode('-', $date);
    $timestamp = timezone_mktime($timezone, $hour, $minute, $second, $month, $day, $year);
    $time_f = format_time($timestamp, $timezone);
    $date_f = format_date($timestamp, $timezone);
    if ($date and $time) {
        $n = get_message_sum("{$date} {$time}");
        if ($n > 0) {
            $messages = "<br /><a href='{$SCRIPT_URI}/{$date}/{$time}' id='postcomment'>" . ($n == 1 ? "1 Comment" : "{$n} Comments") . '</a>';
        }
        if (authorized($USERNAME, 'postcomment') and !$friend or JOURNAL_ANONYMOUSPOSTS) {
            $messages .= "<br /><a href='{$SCRIPT_URI}/{$date}/{$time}/Comment' id='postcomment'>Post Comment</a>";
        }
    }
    if ($friend) {
        $friendl = "<a class='friend' href='{$friend_uri}'>{$friend}</a>";
    }
    if (JOURNAL_USECSS) {
        return "<div class='journalentry'" . ($friend ? " id='{$friend}'" : "") . ">\n" . "\t<div class='metadata'><div class='time'>{$time_f}</div>{$friendl}{$messages}</div>\n" . "\t<div class='content'>\n" . (trim($subject) ? "\t\t<div class='subject'>{$subject}</div>\n" : '') . "\t\t<div class='body'>{$data}</div>\n" . "\t</div>\n" . "</div>\n";
    } else {
        return "<tr class='journalentry'>\n" . "\t<td valign='top' rowspan='2' align='right' width='10%'><h2>{$time_f}</h2>{$friend}{$messages}</td>\n" . "\t<td align='center' valign='top'><b>{$subject}</b></td>\n" . "</tr>\n" . "<tr><td valign='top'>{$data}</td></tr>\n";
    }
}
Esempio n. 4
0
function imglist_main()
{
    global $print, $x7s, $x7c, $x7p;
    $base_image_dir = "/images/";
    $image_dir = "/images/";
    if (isset($_GET['subdir']) && $_GET['subdir'] != "") {
        $image_dir .= $_GET['subdir'] . "/";
    }
    if ($x7c->permissions['admin_panic'] || authorized($image_dir, $x7p->profile['usergroup'])) {
        $basedir = dirname($_SERVER['DOCUMENT_ROOT'] . $_SERVER['PHP_SELF']);
        $file_path = $basedir . $image_dir;
        $image_root_dir = $basedir . $base_image_dir;
        $error = "<p style=\"color: red; font-weight: bold;\">";
        if (isset($_GET['file'])) {
            $error .= file_upload($file_path);
        } elseif (isset($_GET['delete'])) {
            $error .= file_delete($file_path . $_GET['delete']);
        } elseif (isset($_POST['multidel'])) {
            if ($_POST['action'] == 'delete') {
                foreach ($_POST['multidel'] as $file) {
                    $error .= file_delete($file_path . $file);
                }
            } elseif ($_POST['action'] == 'move') {
                foreach ($_POST['multidel'] as $file) {
                    $error .= file_move($file_path . $file, $image_root_dir . $_POST['dest'] . $file);
                }
            }
        }
        $error .= "</p>";
        $site_path = dirname($_SERVER['PHP_SELF']) . $image_dir;
        $output = file_list($file_path, $site_path);
        $body = $error . $output['body'];
        $head = $output['head'];
        $print->normal_window($head, $body);
    } else {
        return "Non sei autorizzato a vedere questa pagina <br>";
    }
}
function CoalRetrieveHandler()
{
    global $l;
    $l = new llog();
    $l->a("Started CoalRetrieveHandler<br>");
    $status = 0;
    global $generalAuthKey;
    if (authorized($generalAuthKey)) {
        $coal = retrieveCoal($_REQUEST['coalId'], true);
        if (is_object($coal) || is_int($coal)) {
            $status = 20;
        } else {
            if (is_null($coal)) {
                $status = 7;
            }
        }
        if (!is_array($coal)) {
            $status = 45;
        }
        if (check($status, true)) {
            $filename = $coal['filename'];
            if (isset($_REQUEST['cs'])) {
                $filename = $filename . '.coalarc';
            }
            start_file_download($filename, strlen($coal['data']));
            if (isset($_REQUEST['cs'])) {
                echo $coal['md5'] . '|' . $coal['sha'] . '|' . $coal['s512'] . '|';
            }
            echo $coal['data'];
        }
    }
}
Esempio n. 6
0
<?php

if ($REQUEST_METHOD == 'POST' and (authorized($USERNAME, 'postcomment') or JOURNAL_ANONYMOUSPOSTS)) {
    if ($un = is_logged_in() or JOURNAL_ANONYMOUSPOSTS) {
        if (JOURNAL_ANONYMOUSPOSTS) {
            $un = "Anonymous ({$poster})";
        }
        $id = insert_message($un, $subject, $body);
        if ($id) {
            $q = "insert into entrymessages (entrydate, entryuser, messageid) values\n\t\t\t\t('{$date} {$time}', '" . JOURNAL_USERNAME . "', '{$id}');";
            if (mysql_query($q)) {
                print 'Posted.';
            } else {
                print 'Error: ' . mysql_error();
            }
        } else {
            print 'Error: ' . mysql_error();
        }
    } else {
        print "You must be logged in.  <a href='{$SCRIPT_URI}/Login'>Go here</a>.";
    }
} else {
    // Show Form
    print "<form action='{$PHP_SELF}' method='POST'>" . ((JOURNAL_ANONYMOUSPOSTS and !is_logged_in()) ? "Your name: " . field('poster') : "") . ($journal ? hidden('journal', $journal) : "") . ($replyto ? hidden('replyto', $replyto) : "") . "<table>" . "<tr><td>Subject:</td><td><input type='text' name='subject' size='40' /></td></tr>" . "<tr><td>Message:</td><td><textarea name='body' cols='40' rows='10'></textarea></td></tr>" . "<tr><td><input type='submit' value='Post'></td></tr>" . "</table>" . "</form>";
}
Esempio n. 7
0
    }
}
$LOGIN_TOKENS = login_get_tokens();
if (LOGIN_STYLE == 'form') {
    session_register('LOGIN_USERNAME');
    session_register('LOGIN_PASSWORD');
    session_cache_limiter('private_no_cache');
    //session_cache_limiter('public');
    function show_login($message = '')
    {
        global $_SERVER;
        print body(form($_SERVER['PHP_SELF'], $message . table(row2("Username:"******"username")) . row2("Password:"******"password")) . row2('', submit('Log In')))));
    }
    if (isset($_POST['username'])) {
        if (succeeds(authenticate($_POST['username'], $_POST['password'], AUTH_VERIFY))) {
            if (authorized($_POST['username'], LOGIN_SERVICE, AUTH_VERIFY)) {
                session_start();
                $LOGIN_USERNAME = $_POST['username'];
                $LOGIN_PASSWORD = $_POST['password'];
                $_SESSION['LOGIN_USERNAME'] = $LOGIN_USERNAME;
                $_SESSION['LOGIN_PASSWORD'] = $LOGIN_PASSWORD;
                http_302($SCRIPT_NAME);
                exit;
            } else {
                $message = "You are not authorized for this operation";
                unset($_SESSION['LOGIN_USERNAME']);
                unset($_SESSION['LOGIN_PASSWORD']);
                unset($LOGIN_PASSWORD);
                unset($LOGIN_USERNAME);
            }
        } else {
Esempio n. 8
0
<?php

require_once "common.php";
if (!authorized()) {
    exit;
}
$page_title = $lang['hardware'];
$page_script = "js/hardware.js";
$page_nav = "hardware";
include "head.php";
#-------------------------------------------
# We also allow shutting down the server so as to avoid
# damaging the SD/HD. This requires that www-data has
# sudo access to /sbin/shutdown, which should be set up
# automatically during rachelpiOS installation
# XXX should make this work for RACHEL-Plus too
#-------------------------------------------
if (isset($_GET['wifi'])) {
    if ($_GET['wifi'] == "on") {
        echo "Turning WIFI ON... ";
        exec("/etc/WiFi_Setting.sh");
    } else {
        if ($_GET['wifi'] == "off") {
            echo "Turning WIFI OFF... ";
            exec("/sbin/ifconfig wlan0 down");
        }
    }
    echo "Done.";
}
if (isset($_POST['shutdown'])) {
    exec("sudo /sbin/shutdown now", $exec_out, $exec_err);
Esempio n. 9
0
$toolbar = array();
if ($prevdate) {
    $toolbar[] = "<a href='{$SCRIPT_URI}/{$prevdate}'>Back to " . str_replace('-', '/', $prevdate) . "</a>";
}
if (JOURNAL_DISPLAYMODE != 'oneentry') {
    $toolbar[] = "<a href='{$SCRIPT_URI}/Current'>Journal</a>";
    $toolbar[] = "<a href='{$SCRIPT_URI}/Current/Friends'>Friends</a>";
    if (defined("JOURNAL_LIVEJOURNAL")) {
        $toolbar[] = "<a href='{$SCRIPT_URI}/Current/LiveJournal'>My LiveJournal</a>";
    }
}
if (!is_logged_in()) {
    $toolbar[] = "<a href='{$SCRIPT_URI}/Login'>Log In</a>";
} else {
    if (authorized(login_get_username(), 'updatejournal', AUTH_PROBE)) {
        $toolbar[] = "<a href='{$SCRIPT_URI}/Update'>Update Journal</a>";
        $toolbar[] = "<a href='{$SCRIPT_URI}/Manage'>Manage Journal</a>";
    }
}
if (JOURNAL_DISPLAYMODE != 'oneentry') {
    if ($nextdate) {
        $toolbar[] = "<a href='{$SCRIPT_URI}/{$nextdate}'>Next is " . str_replace('-', '/', $nextdate) . "</a>";
    }
}
//	print("\nUN={".login_get_username()."}\n");
//  print_r($_SESSION);
//	print($LOGIN_USERNAME);
if (count($toolbar) > 0) {
    $toolbar = join(' | ', $toolbar);
    print "<div class='toolbar'><hr />{$toolbar}</div>";
Esempio n. 10
0
require_once dirname(__FILE__) . "/livejournal.php";
if ($REQUEST_METHOD == 'POST' and is_logged_in() and authorized($LOGIN_USERNAME, 'updatejournal')) {
    if (!$contenttype) {
        $contenttype = 'text/wiki';
    }
    if ($timezone) {
        setcookie('timezone', $timezone, 782000);
        $date = timezone_date($timezone, 'Y-m-d H:i:s', $entrydate);
        print $date;
    } else {
        $timezone = 'Universal';
    }
    $q = "INSERT INTO journal (" . "date, timezone, subject, data, contenttype, username" . ") VALUES (" . "'{$date}', '{$timezone}', " . ($subject ? "'{$subject}'" : "NULL") . ", '{$data}', '{$contenttype}', " . "'" . JOURNAL_USERNAME . "');";
    if (mysql_query($q)) {
        if ($livejournal_submit) {
            insert_livejournal(stripslashes($subject), stripslashes($data), $date);
        }
        http_302($PHP_SELF);
    } else {
        print mysql_error() . "(Query = {$q})";
    }
} else {
    if (!authorized($LOGIN_USERNAME, 'updatejournal')) {
        print 'Please log in';
    } else {
        if (!$timezone) {
            $timezone = 'America/Los_Angeles';
        }
        print form($PHP_SELF, table(row2("Date:", hidden('entrydate', time()) . timezone_date($timezone, 'Y-m-d H:i:s T')) . row2("Subject:", field('subject')) . row2("Timezone:", select('timezone', timezones_list(), $timezone)) . row2('', "<textarea name='data' cols='50' rows='10'>" . ($template != 'default' ? join('', file($template)) : '') . "</textarea>") . row2("Content-type:", "<input type='radio' name='contenttype' " . "value='text/wiki' / checked='checked'>WikiWiki " . "<input type='radio' name='contenttype' " . "value='text/html' /> HTML") . ((defined('LIVEJOURNAL_USER') and defined('LIVEJOURNAL_PASSWD')) ? row2("Submit to LiveJournal?", checkbox('livejournal_submit', FALSE)) : '') . row2('', submit('Post'))));
    }
}