/**
* (Static) Method to add a message to the action log
*/
function add($level, $message)
{
global $member, $CONF;
if ($CONF['LogLevel'] < $level) {
return;
}
if ($member && $member->isLoggedIn()) {
$message = "[" . $member->getDisplayName() . "] " . $message;
}
$message = sql_real_escape_string($message);
// add slashes
$timestamp = date("Y-m-d H:i:s", time());
// format timestamp
$query = "INSERT INTO " . sql_table('actionlog') . " (timestamp, message) VALUES ('{$timestamp}', '{$message}')";
sql_query($query);
ACTIONLOG::trimLog();
}
function addTeamMember($memberid, $admin)
{
global $manager;
$memberid = intval($memberid);
$admin = intval($admin);
// check if member is already a member
$tmem = MEMBER::createFromID($memberid);
if ($tmem->isTeamMember($this->getID())) {
return 0;
}
$manager->notify('PreAddTeamMember', array('blog' => &$this, 'member' => &$tmem, 'admin' => &$admin));
// add to team
$query = 'INSERT INTO ' . sql_table('team') . ' (TMEMBER, TBLOG, TADMIN) ' . 'VALUES (' . $memberid . ', ' . $this->getID() . ', "' . $admin . '")';
sql_query($query);
$manager->notify('PostAddTeamMember', array('blog' => &$this, 'member' => &$tmem, 'admin' => $admin));
$logMsg = sprintf(_TEAM_ADD_NEWTEAMMEMBER, $tmem->getDisplayName(), $memberid, $this->getName());
ACTIONLOG::add(INFO, $logMsg);
return 1;
}
/**
* Adds a new member
*
* @static
*/
function create($name, $realname, $password, $email, $url, $admin, $canlogin, $notes)
{
if (!isValidMailAddress($email)) {
return _ERROR_BADMAILADDRESS;
}
if (!isValidDisplayName($name)) {
return _ERROR_BADNAME;
}
if (MEMBER::exists($name)) {
return _ERROR_NICKNAMEINUSE;
}
if (!$realname) {
return _ERROR_REALNAMEMISSING;
}
if (!$password) {
return _ERROR_PASSWORDMISSING;
}
# replaced eregi() below with preg_match(). ereg* functions are deprecated in PHP 5.3.0
# original eregi: !eregi("^https?://", $url)
// begin if: sometimes user didn't prefix the URL with http:// or https://, this cause a malformed URL. Let's fix it.
if (!preg_match('#^https?://#', $url)) {
$url = 'http://' . $url;
}
// end if
$name = sql_real_escape_string($name);
$realname = sql_real_escape_string($realname);
$password = sql_real_escape_string(md5($password));
$email = sql_real_escape_string($email);
$url = sql_real_escape_string($url);
$admin = intval($admin);
$canlogin = intval($canlogin);
$notes = sql_real_escape_string($notes);
if ($admin && !$canlogin) {
return _ERROR;
}
$query = 'INSERT INTO ' . sql_table('member') . " (MNAME,MREALNAME,MPASSWORD,MEMAIL,MURL, MADMIN, MCANLOGIN, MNOTES) " . "VALUES ('{$name}','{$realname}','{$password}','{$email}','{$url}',{$admin}, {$canlogin}, '{$notes}')";
sql_query($query);
ACTIONLOG::add(INFO, _ACTIONLOG_NEWMEMBER . ' ' . $name);
return 1;
}
public function event_CustomLogin(&$data)
{
if ($this->enable_security == 'yes' && $this->max_failed_login > 0) {
global $_SERVER;
$login = $data['login'];
$ip = $_SERVER['REMOTE_ADDR'];
sql_query("DELETE FROM " . sql_table('plug_securityenforcer') . " WHERE lastfail < " . (time() - $this->login_lockout * 60));
$query = "SELECT fails as result FROM " . sql_table('plug_securityenforcer') . " ";
$query .= "WHERE login='******'";
$flogin = quickQuery($query);
$query = "SELECT fails as result FROM " . sql_table('plug_securityenforcer') . " ";
$query .= "WHERE login='******'";
$fip = quickQuery($query);
if ($flogin >= $this->max_failed_login || $fip >= $this->max_failed_login) {
$data['success'] = 0;
$data['allowlocal'] = 0;
$info = sprintf(_SECURITYENFORCER_LOGIN_DISALLOWED, htmlspecialchars($login), htmlspecialchars($ip));
ACTIONLOG::add(INFO, $info);
}
}
return;
}
/**
* @todo document this
*/
function action_clearactionlog()
{
global $member;
$member->isAdmin() or $this->disallow();
ACTIONLOG::clear();
$this->action_manage(_MSG_ACTIONLOGCLEARED);
}
function disallow()
{
ACTIONLOG::add(WARNING, _ACTIONLOG_DISALLOWED . serverVar('REQUEST_URI'));
$msg = array(0, _CURL_ERROR_DISALLOWED, '***', _DISALLOWED_MSG);
$this->error($msg);
}
public function sendPings($data)
{
if (!class_exists('xmlrpcmsg')) {
include_libs('xmlrpc.inc.php');
}
$this->myBlogId = $data['blogid'];
$ping_result = '';
if ($this->getOption('pingpong_pingomatic') == 'yes') {
$ping_result .= _PINGING . "Ping-o-matic:\n";
$ping_result .= $this->pingPingomatic();
$ping_result .= " | ";
}
if ($this->getOption('pingpong_weblogs') == 'yes') {
$ping_result .= _PINGING . "Weblogs.com:\n";
$ping_result .= $this->pingWeblogs();
$ping_result .= " | ";
}
if ($this->getOption('pingpong_technorati') == 'yes') {
$ping_result .= _PINGING . "Technorati:\n";
$ping_result .= $this->pingTechnorati();
$ping_result .= " | ";
}
if ($this->getOption('pingpong_blogrolling') == 'yes') {
$ping_result .= _PINGING . "Blogrolling.com:\n";
$ping_result .= $this->pingBlogRollingDotCom();
$ping_result .= " | ";
}
if ($this->getOption('pingpong_blogs') == 'yes') {
$ping_result .= _PINGING . "Blog.gs:\n";
$ping_result .= $this->pingBloGs();
$ping_result .= " | ";
}
if ($this->getOption('pingpong_weblogues') == 'yes') {
$ping_result .= _PINGING . "Weblogues.com:\n";
$ping_result .= $this->pingWebloguesDotCom();
$ping_result .= " | ";
}
if ($this->getOption('pingpong_bloggde') == 'yes') {
$ping_result .= _PINGING . "Blog.de:\n";
$ping_result .= $this->pingBloggDe();
$ping_result .= " | ";
}
ACTIONLOG::add(INFO, $ping_result);
return;
}
<?php
require dirname(__FILE__) . '/../../../config.php';
include_libs('PLUGINADMIN.php');
// create a object of the plugin via Plugin Admin
$oPluginAdmin = new PluginAdmin('Ping');
ACTIONLOG::add(INFO, 'NP_Ping: Sending ping (from background)');
$blogid = intval($argv[1]);
if ($blogid > 0) {
$oPluginAdmin->plugin->sendPings($blogid);
} else {
ACTIONLOG::add(WARNING, 'NP_Ping: invalid blogid, background ping abort');
}
/**
* Remove the technoratitags rows for the specified post, as well as from del.icio.us
*/
function event_PostDeleteItem($data)
{
$itemid = $data['itemid'];
sql_query('DELETE FROM ' . $this->tablename . ' WHERE itemid = ' . $itemid);
if ($this->getOption('DelIcioUs') == "yes") {
// get user/password
$user = $this->getMemberOption($this->delaid, 'DeliciousUser');
$password = $this->getMemberOption($this->delaid, 'DeliciousPassword');
if ($user != '' && $password != '') {
$oPhpDelicious = new PhpDelicious($user, $password);
$oPhpDelicious->DeletePost($this->delurl);
ACTIONLOG::add(INFO, 'delurl: ' . $this->delurl);
}
}
}
function addToLog($level, $msg)
{
ACTIONLOG::add($level, $msg);
}
/**
* Parse skinvar commentform
*/
function parse_commentform($destinationurl = '')
{
global $blog, $itemid, $member, $CONF, $manager, $DIR_LIBS, $errormessage;
// warn when trying to provide a actionurl (used to be a parameter in Nucleus <2.0)
if (stristr($destinationurl, 'action.php')) {
$args = func_get_args();
$destinationurl = $args[1];
ACTIONLOG::add(WARNING, _ACTIONURL_NOTLONGER_PARAMATER);
}
$actionurl = $CONF['ActionURL'];
// if item is closed, show message and do nothing
$item =& $manager->getItem($itemid, 0, 0);
if ($item['closed'] || !$blog->commentsEnabled()) {
$this->doForm('commentform-closed');
return;
}
if (!$blog->isPublic() && !$member->isLoggedIn()) {
$this->doForm('commentform-closedtopublic');
return;
}
if (!$destinationurl) {
$destinationurl = createLink('item', array('itemid' => $itemid, 'title' => $item['title'], 'timestamp' => $item['timestamp'], 'extra' => $this->linkparams));
// note: createLink returns an HTML encoded URL
} else {
// HTML encode URL
$destinationurl = htmlspecialchars($destinationurl, ENT_QUOTES);
}
// values to prefill
$user = cookieVar($CONF['CookiePrefix'] . 'comment_user');
if (!$user) {
$user = postVar('user');
}
$userid = cookieVar($CONF['CookiePrefix'] . 'comment_userid');
if (!$userid) {
$userid = postVar('userid');
}
$email = cookieVar($CONF['CookiePrefix'] . 'comment_email');
if (!$email) {
$email = postVar('email');
}
$body = postVar('body');
$this->formdata = array('destinationurl' => $destinationurl, 'actionurl' => htmlspecialchars($actionurl, ENT_QUOTES), 'itemid' => $itemid, 'user' => htmlspecialchars($user, ENT_QUOTES), 'userid' => htmlspecialchars($userid, ENT_QUOTES), 'email' => htmlspecialchars($email, ENT_QUOTES), 'body' => htmlspecialchars($body, ENT_QUOTES), 'membername' => $member->getDisplayName(), 'rememberchecked' => cookieVar($CONF['CookiePrefix'] . 'comment_user') ? 'checked="checked"' : '');
if (!$member->isLoggedIn()) {
$this->doForm('commentform-notloggedin');
} else {
$this->doForm('commentform-loggedin');
}
}
/**
* A helper function to load a plugin
*
* private
*/
function _loadPlugin($name)
{
if (!class_exists($name)) {
global $DIR_PLUGINS;
$fileName = $DIR_PLUGINS . $name . '.php';
if (!file_exists($fileName)) {
if (!defined('_MANAGER_PLUGINFILE_NOTFOUND')) {
define('_MANAGER_PLUGINFILE_NOTFOUND', 'Plugin %s was not loaded (File not found)');
}
ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOTFOUND, $name));
return 0;
}
// load plugin
include $fileName;
// check if class exists (avoid errors in eval'd code)
if (!class_exists($name)) {
if (!defined('_MANAGER_PLUGINFILE_NOCLASS')) {
define('_MANAGER_PLUGINFILE_NOCLASS', "Plugin %s was not loaded (Class not found in file, possible parse error)");
}
ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOCLASS, $name));
return 0;
}
// add to plugin array
eval('$this->plugins[$name] =& new ' . $name . '();');
// get plugid
$this->plugins[$name]->plugid = $this->getPidFromName($name);
// unload plugin if a prefix is used and the plugin cannot handle this^
global $MYSQL_PREFIX;
if ($MYSQL_PREFIX != '' && !$this->plugins[$name]->supportsFeature('SqlTablePrefix')) {
unset($this->plugins[$name]);
ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINTABLEPREFIX_NOTSUPPORT, $name));
return 0;
}
// unload plugin if using non-mysql handler and plugin does not support it
global $MYSQL_HANDLER;
if (!in_array('mysql', $MYSQL_HANDLER) && !$this->plugins[$name]->supportsFeature('SqlApi')) {
unset($this->plugins[$name]);
ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINSQLAPI_NOTSUPPORT, $name));
return 0;
}
// call init method
$this->plugins[$name]->init();
}
}
